exam questions

Exam DP-300 All Questions

View all questions & answers for the DP-300 exam

Exam DP-300 topic 5 question 22 discussion

Actual exam question from Microsoft's DP-300
Question #: 22
Topic #: 5
[All DP-300 Questions]

You have an Azure AD tenant and a logical Microsoft SQL server named SQL1 that hosts several Azure SQL databases.

You plan to assign Azure AD users permissions to the databases automatically by using Azure Automation.

You need to create the required Automation accounts.

Which two accounts should you create? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

  • A. From the Azure Active Directory admin center create a service principal.
  • B. From the Azure Active Directory admin center, create a user-assigned managed identity for SQL1.
  • C. On SQL1, create a SQL user in the databases.
  • D. On SQL1, create a SQL login.
  • E. From the Azure Active Directory admin center, create an external identity.
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
ymiya1130
1 week, 1 day ago
Selected Answer: AB
Copilot answer, To automatically assign permissions to Azure AD users using Azure Automation, the following approach should be taken: A. Create a service principal: A service principal is an identity that automated scripts or applications use to access Azure. By creating this, Azure Automation can be granted the necessary permissions to access the database. B. Create a user-assigned managed identity: Using a managed identity allows for secure connections to the SQL server without the need to manage additional credentials. This identity must be integrated with the SQL1 resource to achieve this functionality.
upvoted 1 times
goriteraGaonbadapyaara
5 days, 8 hours ago
dont trust copilot .. sometimes it mixes up with different RDBMS with SQL when it gives the answers
upvoted 1 times
...
...
voodoo_sh
1 month, 3 weeks ago
Selected Answer: AC
Note that you cannot create managed identity from the Azure Active Directory admin center (now known as Entra). So B doesn't seem like an option. For this reason, I vote for A: create a service principal (Entra -> App Registrations -> Create), then add service principal as a credential to Automation account, and then C: create a contained database users for the service principal, that have permission to assign permissions to other users (db_securityadmin)
upvoted 1 times
...
2f5c7cd
5 months ago
Selected Answer: BC
‘ You can now configure Automation accounts to use a managed identity, which is the default option when you create an Automation account. With this feature, an Automation account can authenticate to Azure resources without the need to exchange any credentials. A managed identity removes the overhead of renewing the certificate or managing the service principal.’ https://learn.microsoft.com/en-us/azure/automation/migrate-run-as-accounts-managed-identity?tabs=sa-managed-identity
upvoted 1 times
voodoo_sh
1 month, 3 weeks ago
managed identity can not be created in AAD (Entra) admin center. It can be created in Azure portal -> Managed Identities. So I don't think B is the right answer.
upvoted 1 times
...
...
pjfunner
9 months, 3 weeks ago
Selected Answer: BC
See guide here that talks about a user-assigned managed entity. There is no mention about service principal. So B and C should be correct. https://learn.microsoft.com/en-us/azure/automation/quickstarts/create-azure-automation-account-portal
upvoted 2 times
ae8a90c
9 months, 2 weeks ago
Thank you
upvoted 1 times
...
...
OBIJUAN88
1 year, 10 months ago
Selected Answer: AC
Seems correct https://learn.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-service-principal-tutorial?view=azuresql
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago