🔥 3-day streak
Microsoft Cybersecurity Architect Expert150 / 158
Question 150 of 158

A financial services company runs 4,000 Windows Server and client machines, split between Entra-joined devices and on-premises Active Directory-joined servers connected via Azure Arc. A recent penetration test revealed that the same built-in local administrator password was reused across hundreds of machines, enabling lateral movement after a single credential was compromised. The security architect must design a solution that automatically rotates and centrally backs up each machine's local administrator password, stores those secrets securely, and works across both the cloud-joined and on-premises domain-joined estate. Which approach should the architect specify?

Reviewed for accuracy · Report an issueNext question