Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-204 Exam - Topic 4 Question 108 Discussion

You develop and deploy an Azure App Service web app named App1. You create a new Azure Key Vault named Vault 1. You import several API keys, passwords, certificates, and cryptographic keys into Vault1.You need to grant App1 access to Vault1 and automatically rotate credentials Credentials must not be stored in code.What should you do?
B) Add a TLS/SSL binding to App1.
A) Enable App Service authentication for Appt. Assign a custom RBAC role to Vault1.
C) Assign a managed identity to App1.
D) Upload a self-signed client certificate to Vault1. Update App1 to use the client certificate.

Microsoft AZ-204 Exam - Topic 4 Question 108 Discussion

Actual exam question for Microsoft's AZ-204 exam
Question #: 108
Topic #: 4
[All AZ-204 Questions]

You develop and deploy an Azure App Service web app named App1. You create a new Azure Key Vault named Vault 1. You import several API keys, passwords, certificates, and cryptographic keys into Vault1.

You need to grant App1 access to Vault1 and automatically rotate credentials Credentials must not be stored in code.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Rosina at Oct 24, 2024, 12:55 AM

Limited Time Offer

25%

Off

Get Premium AZ-204 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Erasmo
6 months ago
C definitely simplifies credential management!
upvoted 0 times
...
Samira
6 months ago
B doesn't really fit the requirement, right?
upvoted 0 times
...
Mary
7 months ago
Surprised that D is even an option, seems overly complicated!
upvoted 0 times
...
Samira
7 months ago
I disagree, A seems more secure with RBAC.
upvoted 0 times
...
Theodora
7 months ago
C is the way to go! Managed identity is perfect for this.
upvoted 0 times
...
Alverta
7 months ago
I feel like uploading a client certificate could be overcomplicating things for this scenario. Isn’t there a simpler way?
upvoted 0 times
...
Rikki
8 months ago
I practiced a similar question where assigning a managed identity was the correct answer for accessing resources securely.
upvoted 0 times
...
Cassie
8 months ago
I’m not entirely sure, but I think enabling App Service authentication might not be the right approach for accessing Key Vault directly.
upvoted 0 times
...
Carin
8 months ago
I remember something about managed identities being a secure way to access Azure resources without storing credentials in code.
upvoted 0 times
...
Sheridan
8 months ago
I'm confident that the managed identity approach is the correct answer. It's the most secure way to grant the app access to the Key Vault while also automatically rotating the credentials.
upvoted 0 times
...
Malcom
8 months ago
Ah, I see. Assigning a managed identity to the web app is the right solution here. That will allow the app to securely access the Key Vault without exposing any sensitive information.
upvoted 0 times
...
Sean
8 months ago
Okay, I've got a strategy for this. I think the managed identity option is the way to go. That way, the app can access the Key Vault without needing to store any credentials.
upvoted 0 times
...
Annette
8 months ago
Hmm, I'm a bit unsure about this one. I know we need to secure the connection between the app and the Key Vault, but I'm not sure which option is the best approach.
upvoted 0 times
...
Cordelia
8 months ago
This looks like a straightforward Azure security question. I think the key is to grant the web app access to the Key Vault without storing credentials in the code.
upvoted 0 times
...
Gilma
1 year ago
Wow, this is a real 'vault' of a question, isn't it? I'm 'locking' in my answer as Option C. Managed identities are the 'key' to securing your app without all the 'vault' of dealing with credentials. Sorry, I'll stop with the puns now.
upvoted 0 times
...
Cristal
1 year ago
I bet the person who wrote this question is a real 'key' master! Get it? Key Vault? Ah, I kill myself. But seriously, Option C is the way to go. Managed identities are the future, and the future is now!
upvoted 0 times
Franklyn
12 months ago
Absolutely, no need to store credentials in code when you can use managed identities for seamless access to Vault1.
upvoted 0 times
...
Merilyn
1 year ago
I agree, using a managed identity for App1 is the most secure and efficient way to grant access to Vault1.
upvoted 0 times
...
Misty
1 year ago
Option C is definitely the best choice. Managed identities are the way to go.
upvoted 0 times
...
...
Valentine
1 year ago
Hold up, is this a trick question? Everyone knows the answer is C, right? Managed identities are the way to go these days. Who wants to mess with RBAC roles and SSL bindings when you can just let Azure handle it all?
upvoted 0 times
Gail
1 year ago
Yeah, it's much easier and more secure than messing with RBAC roles and SSL bindings.
upvoted 0 times
...
An
1 year ago
I think you're right, managed identities are definitely the way to go.
upvoted 0 times
...
...
Glory
1 year ago
Hmm, I'm not sure about Option D. Uploading a self-signed certificate seems like it could be a bit of a hassle, and I'm not sure how well that would integrate with the rest of the app. I'd go with the managed identity approach.
upvoted 0 times
...
Francoise
1 year ago
Option C sounds like the way to go. Managed identities make it easy to secure access to resources without having to deal with credentials in the code. Rotating them automatically is a nice bonus too!
upvoted 0 times
...
Jesusita
1 year ago
I'm not sure about that. I think enabling App Service authentication for App1 and assigning a custom RBAC role to Vault1 could also be a valid option.
upvoted 0 times
...
Tiffiny
1 year ago
I agree with Irma. Assigning a managed identity to App1 would allow it to access Vault1 securely without storing credentials in code.
upvoted 0 times
...
Irma
1 year ago
I think the answer is C) Assign a managed identity to App1.
upvoted 0 times
...

Save Cancel