Your team needs to host an application on an Azure virtual machine. The application needs access to encryption keys defined in an Azure Key Vault resource. You need to ensure that the application can securely access the encryption keys without the need of embedding any secrets in the application code. Identities related to resources in Microsoft Entra ID should be automatically deleted when the subsequent resources are deleted. Which of the following would you implement for this requirement? Choose 2 answers from the options given below.