Interview › Security & DevSecOps
What is a break-glass procedure, and why have one? [Advanced]
Answer
A break-glass procedure is a controlled emergency path for bypassing normal access or deployment restrictions during urgent incidents. It exists so teams can restore service quickly while preserving accountability through approvals, time limits, logging, and post-use review.
Technical explanation
Break-glass should not be a shared permanent admin account with no audit trail.
Access should be time-bound, MFA-protected, approved, logged, and reviewed after use.
The procedure should be tested before a real emergency so responders know how to use it.
Hands-on example
Example: production cluster-admin is normally denied. During a P1 outage, an on-call engineer requests break-glass access for one hour through an access system. The grant requires manager/security approval, logs all kubectl commands, and automatically expires.
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More Security & DevSecOps interview questions
- What is DevSecOps, and how does it differ from traditional security gating at the end? [Basic]
- What does shift-left security mean, and why does it matter? [Basic]
- What is the difference between SAST, DAST, IAST, and SCA? [Basic]
- When in the pipeline does each of SAST, DAST, and SCA run? [Basic]
- What is the difference between SAST and DAST, and what does each catch and miss? [Basic]
- What is software composition analysis (SCA), and why does it matter for dependencies? [Basic]
- What is SonarQube, and what does it analyse? [Basic]
- Is SonarQube primarily SAST, code quality, or both? [Basic]