YouTube
shieldCISSP Practice Domain 8 — Software Development Security Q120 of 120

Which secure deployment practice rotates credentials and certificates without service interruption?

A CISSP practice question covering Domain 8: Software Development Security. Try answering before reading the explanation below.

Show options & answer
A
Hardcoded long-lived secrets
B
Automated short-lived credential rotation via a secrets manager (Vault, AWS Secrets Manager, etc.)
✓ Correct answer
C
Sharing creds across services
D
Disabling rotation entirely
Why "Automated short-lived credential rotation via a secrets manager (Vault, AWS Secrets Manager, etc.)" is the right answer

Modern secret managers issue short-lived, rotatable credentials with automated handoff. Hardcoded secrets are the source of countless breaches (GitHub leaks). Shared and never-rotated creds are anti-patterns.

Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.
Start full test →

Other practice tests

All practice tests CISSP videos Glossary