Home › BCA Cloud Computing › cloudcomputing › cloudsecurity › Why is rotating credentials (passwords, access k…
Why is rotating credentials (passwords, access keys, certificates) on a schedule a best practice in cloud environments?
ALimits the window during which a leaked credential is useful to an attacker
BEliminates the need for IAM entirely
CMakes the credentials longer and therefore unhackable forever
DReduces the storage cost of identity databases
Answer & Solution
Correct answer: A. Limits the window during which a leaked credential is useful to an attacker
Rotation shortens the blast-radius of any leaked secret — even if exfiltrated, it stops working after the next rotation. Length isn't rotation; storage cost is irrelevant; IAM still exists.
Related questions
The defense-in-depth model recommends:A workload makes outbound HTTP requests to update some on-prem inventory. The on-prem systAn auditor needs to know who deleted a critical database resource last week. Which type ofWhich security model assumes that no network location is inherently trusted and verifies eAn organisation wants a single sign-on across AWS, Microsoft 365, and Salesforce so users A virtual firewall that controls allowed inbound and outbound traffic on a single VM in a A cloud provider's shared responsibility model on IaaS typically states that:What does the principle of least privilege recommend when assigning permissions in any clo