Home › Azure AZ-305 › cloudcomputing › az305identitygov › Which Azure service should an architect recommen…
Which Azure service should an architect recommend to centrally store and rotate secrets, certificates, and cryptographic keys with IAM-controlled access?
AAzure Key Vault
BAzure Bastion
CAzure DNS
DAzure Storage Account public read
Answer & Solution
Correct answer: A. Azure Key Vault
Key Vault is Azure's central secret/key/cert store (per AZ-305 §1 secrets). The other options are anti-patterns or unrelated.
Related questions
Which Azure governance service should an architect recommend to track and report regulatorWhich Microsoft Entra feature should an architect recommend so external partners (e.g. conWhich Azure feature should an architect recommend so that the same Microsoft Entra workforWhich Microsoft Entra ID feature should an architect recommend for adaptive risk-based autWhich Azure feature should an architect recommend to give an Azure VM or App Service an idWhich Azure governance hierarchy should an architect recommend so that a single Azure PoliWhich Azure governance feature should an architect recommend to enforce constraints acrossWhich Microsoft Entra ID feature should an architect recommend to give engineers JIT, appr