Git history contains AWS keys for a retired project. What reduces future sensitive exposure?
Multiple choice — select one answer
Answer choices
Architectural breakdown & explanation
Secrets in VCS remain reachable until rotated and removed; scanning prevents recurrence.
Correct answer(s): b. Rotate keys, purge secrets from history, and enable secret scanning on all repos
Exam domain: Sensitive data exposure (20% weight on the official guide).
Official documentation & study links
Practice this certification
This page is one question from the KeyTrain's Key Training — Data Protection bank. Run a full timed practice exam with domain-weighted random questions in your browser.