Valid CAS-004 Dumps shared by ExamDiscuss.com for Helping Passing CAS-004 Exam! ExamDiscuss.com now offer the newest CAS-004 exam dumps, the ExamDiscuss.com CAS-004 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-004 dumps with Test Engine here:
A company hired a third party to develop software as part of its strategy to be quicker to market. The company's policy outlines the following requirements: https://i.postimg.cc/8P9sB3zx/image.png The credentials used to publish production software to the container registry should be stored in a secure location. Access should be restricted to the pipeline service account, without the ability for the third-party developer to read the credentials directly. Which of the following would be the BEST recommendation for storing and monitoring access to these shared credentials?
Correct Answer: D
Reference: https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/tpm-fundamentals A key vault is a service that provides secure storage and management of keys, secrets, and certificates. It can be used to store credentials used to publish production software to the container registry in a secure location, and restrict access to the pipeline service account without allowing the third-party developer to read the credentials directly. A TPM (trusted platform module) is a hardware device that provides cryptographic functions and key storage, but it is not suitable for storing shared credentials. A local secure password file is a file that stores passwords in an encrypted format, but it is not as secure or scalable as a key vault. MFA (multi-factor authentication) is a method of verifying the identity of a user or device by requiring two or more factors, but it does not store credentials. Verified References: https://www.comptia.org/blog/what-is-a-key-vaulthttps://partners.comptia.org/docs/default-source/resources/casp