In the SANS examples of policy, the database access policy states
Database user names and passwords may be stored in a file separate from the executing body of the program's code. This file must not be world readable or writeable.
A solution that satisfies this requirement is to store the database user name and password in a file where the file is encrypted and the password (or key) that to decrypt that file is stored as plain text in the source code. Explain how this approach will or will not protect access to the database
i. The attacker is a software developer intern that is adding some functionality to the software
ii. The attacker is an outside hacker that has gained access to the application server