Microsoft Cybersecurity Architect Expert SC-100

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Utilizing Azure Key Vault with managed identities for Azure resources, enabling automatic rotation of secrets and certificates, and integrating with Azure Monitor for comprehensive audit logs.

Azure Key Vault is designed to securely manage and protect secrets, keys, and certificates. It supports automatic rotation of secrets and certificates, reducing operational overhead. Managed identities for Azure resources eliminate the need to manage credentials, enhancing security. Integration with Azure Monitor provides detailed audit logs for compliance reporting. This solution scales with the organization's needs and complies with industry security standards. The other options either lack the necessary security features, automation, or scalability to meet the organization's requirements effectively.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

As a Cybersecurity Architect for a large organization, you are tasked with designing a solution to securely manage and protect secrets, keys, and certificates across multiple Azure services. The solution must comply with industry standards for security, provide detailed audit logs for compliance reporting, and scale to accommodate the organization's growth. Additionally, it should minimize operational overhead by automating the rotation of secrets and certificates. Which of the following approaches BEST meets these requirements? (Choose one)

Simulated

Implementing a custom script to manually rotate secrets and certificates stored in an Azure Storage account, with access logs enabled for auditing.

0.0%

Utilizing Azure Key Vault with managed identities for Azure resources, enabling automatic rotation of secrets and certificates, and integrating with Azure Monitor for comprehensive audit logs.

100.0%

Storing secrets, keys, and certificates in a shared network drive with restricted access, using scheduled tasks to rotate them periodically.

Encrypting all secrets, keys, and certificates using Azure Disk Encryption and storing them in individual team members' Azure VMs for decentralized management.