🔥 3-day streak
Microsoft Cybersecurity Architect Expert71 / 158
Question 71 of 158
A financial services company runs dozens of automated batch jobs and CI/CD pipelines in Azure that authenticate to APIs using Entra ID service principals with client secrets. A security review finds that many secrets have never been rotated, some are stored in code repositories, and there is no visibility into which service principals are risky or unused. The architect must design an identity governance approach for these non-human (workload) identities that reduces credential exposure and provides continuous risk detection. Which combination best meets these goals?
Reviewed for accuracy · Report an issueNext question