Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
Your organization is planning to enhance its cybersecurity posture by implementing a robust solution for managing secrets, keys, and certificates. The solution must comply with industry standards, ensure high availability, and support automated processes for rotation and expiration. Additionally, it should provide detailed audit logs for compliance purposes. Considering these requirements, which of the following practices should be included in your solution design to ensure the effective and secure management of these sensitive items? (Choose one correct answer)
A
Centralizing all secrets, keys, and certificates in a single repository without implementing access controls or auditing capabilities to simplify management.
B
Adopting a decentralized approach for storing secrets, keys, and certificates, with strict access controls, regular auditing, and support for automated rotation and expiration policies tailored to each item's requirements.
C
Allowing each department to manage their own secrets, keys, and certificates independently, without any centralized oversight or standardized policies.
D
Implementing a fully automated system for managing secrets, keys, and certificates that does not allow for any manual oversight or adjustments to meet unique security requirements.