Designing and Implementing Microsoft DevOps Solutions — Question 8

You have an Azure DevOps organization named Contoso, an Azure DevOps project named Project1, an Azure subscription named Sub1, and an Azure key vault named vault1.
You need to ensure that you can reference the values of the secrets stored in vault1 in all the pipelines of Project1. The solution must prevent the values from being stored in the pipelines.
What should you do?

Answer options

• A. Create a variable group in Project1.
• B. Add a secure file to Project1.
• C. Modify the security settings of the pipelines.
• D. Configure the security policy of Contoso.

Correct answer: A

Explanation

Creating a variable group in Project1 allows you to reference the secrets stored in vault1 while ensuring they are not directly stored in the pipeline definitions. The other options do not provide a mechanism for referencing the secrets without exposing their values in the pipeline configuration.