ExamTopics Logo
Mail Us[email protected]
Menu
Hashicorp Discussions
exam questions

Exam Terraform Associate 003 All Questions

View all questions & answers for the Terraform Associate 003 exam
Go to Exam

Exam Terraform Associate 003 topic 1 question 2 discussion

Actual exam question from HashiCorp's Terraform Associate 003
Question #: 2
Topic #: 1
[All Terraform Associate 003 Questions]

Your security team scanned some Terraform workspaces and found secrets stored in plaintext in state files. How can you protect that data?

  • A. Delete the state file every time you run Terraform.
  • B. Store the state in an encrypted backend.
  • C. Always store your secrets in a secrets.tfvars file.
  • D. Edit your state file to scrub out the sensitive data.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by hbouachir at Oct. 24, 2025, 9:21 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
hbouachir
1 month ago
Selected Answer: B
B: Store the state in an encrypted backend because Terraform’s state file contains all the information about your infrastructure, including sensitive values like passwords, API keys, and database credentials. By default, if the state file is stored locally, it’s just a plaintext file—anyone with access can read those secrets.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel