Recall & Review
beginner
What is Infrastructure as Code (IaC)?
IaC is a way to manage and provision computer infrastructure using code instead of manual setup. It helps automate and standardize infrastructure.
Click to reveal answer
beginner
Why is security important in IaC?
Because IaC controls infrastructure setup, any mistake or weakness in code can cause security risks like data leaks or unauthorized access.
Click to reveal answer
intermediate
What can happen if secrets like passwords are hardcoded in IaC files?
Hardcoding secrets can expose them to anyone who sees the code, risking theft or misuse of sensitive information.
Click to reveal answer
intermediate
How does using version control with IaC help security?
Version control tracks changes, so you can see who changed what and when. This helps find and fix security issues quickly.
Click to reveal answer
beginner
Name one best practice to keep IaC secure.
One best practice is to avoid storing secrets in code and use secure secret management tools instead.
Click to reveal answer
What is a main risk of insecure IaC code?
✗ Incorrect
Insecure IaC code can expose sensitive data like passwords or keys, leading to security breaches.
Which practice helps keep secrets safe in IaC?
✗ Incorrect
Using secret management tools keeps passwords and keys out of code, improving security.
How does version control improve IaC security?
✗ Incorrect
Version control tracks changes and authors, helping detect and fix security issues.
What does IaC automate?
✗ Incorrect
IaC automates infrastructure provisioning and management using code.
Why should you review IaC code for security?
✗ Incorrect
Reviewing IaC code helps find security risks before they cause problems.
Explain why security is critical when using Infrastructure as Code.
Think about what happens if someone sees your infrastructure code.
You got /5 concepts.
List best practices to keep IaC secure.
Consider how to protect sensitive information and track changes.
You got /5 concepts.