ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam DP-420 All Questions

View all questions & answers for the DP-420 exam
Go to Exam

Exam DP-420 topic 5 question 22 discussion

Actual exam question from Microsoft's DP-420
Question #: 22
Topic #: 5
[All DP-420 Questions]

You have an Azure Cosmos DB account named account1.

You have several apps that connect to account1 by using the account's secondary key.

You then configure the apps to authenticate by using service principals.

You need to ensure that account1 will only allow apps to connect by using an Azure AD identity.

Which account property should you modify?

  • A. disableKeyBasedMetadataWriteAccess
  • B. disableLocalAuth
  • C. userAssignedIdentities
  • D. allowedOrigins
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by azuredemo2022three at July 1, 2023, 7:57 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
WimTS
3 days, 8 hours ago
Selected Answer: B
https://learn.microsoft.com/en-us/azure/cosmos-db/nosql/security/how-to-disable-key-based-authentication?tabs=csharp&pivots=azure-interface-cli
upvoted 1 times
...
[Removed]
7 months, 3 weeks ago
Selected Answer: B
https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-rbac#disable-local-auth
upvoted 4 times
...
azuredemo2022three
9 months, 3 weeks ago
Selected Answer: B
he most correct answer in this case would be B. disableLocalAuth.
upvoted 4 times
...
azuredemo2022three
9 months, 3 weeks ago
Selected Answer: C
The correct answer is C. userAssignedIdentities. To ensure that account1 only allows apps to connect by using an Azure AD identity, you need to modify the userAssignedIdentities property of the Azure Cosmos DB account. This property is used to specify the Azure AD identities (service principals) that are allowed to access the account. By assigning a user-assigned identity to the userAssignedIdentities property, you can configure the apps to authenticate using that identity, which will enable them to connect to the Azure Cosmos DB account. This ensures that only the specified Azure AD identities are allowed to access the account, providing a more secure authentication mechanism compared to using the secondary key. Therefore, the correct answer is C. userAssignedIdentities.
upvoted 1 times
azuredemo2022three
9 months, 3 weeks ago
Ignore my previous answer Setting the disableLocalAuth property to true ensures that local authentication, such as using the secondary key, is disabled for the Azure Cosmos DB account. This means that only Azure AD identities (service principals) will be able to authenticate and access the account. On the other hand, the userAssignedIdentities property is used to specify the Azure AD identities that are allowed to access the account. While it can also be used to enforce authentication through Azure AD, it requires you to assign and manage user-assigned identities explicitly. In the context of the given scenario, if you want to ensure that only Azure AD identities can connect to the account, the most direct and effective option would be to disable local authentication by setting disableLocalAuth to true. Therefore, the most correct answer in this case would be B. disableLocalAuth.
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago