🔥 3-day streak
CompTIA SecurityX (CAS-005)116 / 120
Question 116 of 120

A financial services company is migrating a monolithic on-premises application to a hybrid architecture. The application authenticates to a downstream payment API using a static API key stored in a configuration file that has not been rotated in three years. Security architects want to eliminate long-lived static credentials while minimizing changes to the legacy application code, which cannot easily support modern SDKs. Which approach BEST addresses the requirement?

Reviewed for accuracy · Report an issueNext question