The correct answer is A: Azure Key Vault with an access policy. Azure Key Vault is designed to safeguard sensitive data such as passwords, encryption keys, and certificates. By storing the administrative password in Key Vault and referencing it in the Azure Resource Manager template, you ensure that the password is not exposed in plain text. The access policy in Azure Key Vault defines the operations that can be performed on the stored secrets and who has permission to perform these operations, ensuring secure access.