Microsoft Certified: Azure Fundamentals (AZ-900) Practice Exam

The correct answer is that a service or application in Azure typically uses Service Principals for identity.

Service Principals are essential for enabling applications or services to interact with Azure resources securely. They can be thought of as "identities" for applications, allowing them to authenticate and authorize access to Azure resources without needing user-interactive sign-ins. This is particularly useful for automated processes, such as those running in Azure DevOps, Azure Functions, or other applications that need to perform actions on Azure resources programmatically.

In contrast, Multi-Factor Authentication (MFA) is a security measure that adds another layer of protection by requiring users to provide additional verification before accessing Azure services. Single Sign-On (SSO) is a user authentication process that allows users to access multiple applications using one set of login credentials. While both MFA and SSO enhance security and user experience respectively, they do not serve as identities for applications or services in the same way that Service Principals do. Thus, Service Principals are the appropriate choice for this context.