CompTIA Security+ (SY0-601) — Question 348

An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include:

• Check-in/checkout of credentials
• The ability to use but not know the password
• Automated password changes
• Logging of access to credentials

Which of the following solutions would meet the requirements?

Answer options

• A. OAuth 2.0
• B. Secure Enclave
• C. A privileged access management system
• D. An OpenID Connect authentication system

Correct answer: C

Explanation

A privileged access management system is designed specifically to handle sensitive credentials, providing features such as check-in/check-out, automated password changes, and access logging, making it the most suitable choice. OAuth 2.0 and OpenID Connect are primarily used for authorization and authentication, not for managing credentials, while Secure Enclave focuses on secure data storage rather than credential management.