Accessing Azure Virtual Machines Remotely
Question
Your company plans to automate the deployment of servers to Azure.
Your manager is concerned that you may expose administrative credentials during the deployment.
You need to recommend an Azure solution that encrypts the administrative credentials during the deployment.
What should you include in the recommendation?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.A
Azure Key Vault is a secure store for storage various types of sensitive information. In this question, we would store the administrative credentials in the Key Vault.
With this solution, there is no need to store the administrative credentials as plain text in the deployment scripts.
All information stored in the Key Vault is encrypted.
Azure Key Vault can be used to Securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets.
Secrets and keys are safeguarded by Azure, using industry-standard algorithms, key lengths, and hardware security modules (HSMs). The HSMs used are
Federal Information Processing Standards (FIPS) 140-2 Level 2 validated.
Access to a key vault requires proper authentication and authorization before a caller (user or application) can get access. Authentication establishes the identity of the caller, while authorization determines the operations that they are allowed to perform.
https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overviewThe correct answer to this question is A. Azure Key Vault.
Azure Key Vault is a service that allows you to safeguard and manage cryptographic keys, certificates, and secrets used by cloud applications and services. Key Vault provides a secure and centralized place to store sensitive information, such as authentication keys, passwords, and connection strings.
To address the concern raised by the manager, the recommended solution should be one that encrypts the administrative credentials during deployment. Azure Key Vault can be used to securely store and manage administrative credentials, such as passwords and certificates, by providing a centralized location for storage and management.
By using Azure Key Vault to store and manage administrative credentials, the credentials can be protected from exposure during the deployment process. The deployment process can retrieve the required credentials from the Key Vault securely and use them to authenticate with other Azure services.
Azure Information Protection is a service that helps to classify and label sensitive information, such as personal data or confidential business information. While it provides an additional layer of security for sensitive information, it is not specifically designed for the encryption of administrative credentials during deployment.
Azure Security Center is a service that provides advanced threat protection for Azure resources. While it can help to identify and remediate security issues, it is not specifically designed for the encryption of administrative credentials during deployment.
Azure Multi-Factor Authentication (MFA) is a service that provides an additional layer of security for user sign-ins and transactions. While it can help to protect against unauthorized access to Azure resources, it is not specifically designed for the encryption of administrative credentials during deployment.
In summary, the recommended solution to encrypt administrative credentials during deployment is Azure Key Vault.
