🔥 3-day streak
Microsoft Cybersecurity Architect Expert4 / 158
Question 4 of 158

A development team runs a web application on Azure App Service that must retrieve a database connection string and an external API key at runtime. Currently these secrets are stored as plaintext app settings, and security review flagged the risk. The architect must design a solution that eliminates stored credentials in application configuration and code, allows secrets to be centrally managed and rotated, and requires no code changes to how the application reads its configuration. Which approach best satisfies these requirements?

Reviewed for accuracy · Report an issueNext question