🔥 3-day streak
Microsoft Azure Solutions Architect Expert187 / 187
Question 187 of 187

A financial services company has hundreds of Azure AD (Microsoft Entra ID) service principals and managed identities used by applications and automation pipelines. Auditors report that many of these workload identities have accumulated excessive permissions over time, and no one reviews whether they are still needed. The security team wants a governance capability that lets them periodically review the access assigned to these non-human workload identities and automatically remove access that reviewers do not approve. What should you recommend?

Reviewed for accuracy · Report an issue