Answer-first summary for fast verification
Answer: Allowing individual team members to store and manage secrets, keys, and certificates in personal repositories or unsecured locations without any organizational oversight or controls.
Allowing individual team members to manage secrets, keys, and certificates without oversight or controls (Option D) is a practice that should be strictly avoided as it significantly increases the risk of security breaches and loss of sensitive information. A centralized solution like Azure Key Vault (Option A) provides the necessary security features, including access controls and auditing, to safely manage sensitive information. While a decentralized approach (Option B) might offer flexibility, it lacks the security and compliance benefits of a centralized system. Automated rotation and expiration policies (Option C) are recommended to maintain security but must be part of a comprehensive management solution.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization is planning to enhance its cybersecurity posture by implementing a robust solution for managing secrets, keys, and certificates across its Azure environment. The solution must comply with industry standards, ensure high availability, and support automated rotation and expiration policies. Additionally, the organization aims to minimize operational overhead and avoid practices that could introduce security vulnerabilities. Considering these requirements, which of the following practices should be strictly avoided when designing this solution? (Choose one option)
A
Utilizing Azure Key Vault for centralized management of secrets, keys, and certificates, leveraging its access controls, auditing capabilities, and integration with Azure services.
B
Adopting a decentralized approach where each development team manages their own secrets, keys, and certificates using local storage solutions without centralized access controls or auditing.
C
Implementing automated rotation and expiration policies for all secrets, keys, and certificates to ensure they are regularly updated and invalidated when no longer needed.
D
Allowing individual team members to store and manage secrets, keys, and certificates in personal repositories or unsecured locations without any organizational oversight or controls.