Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-204 All Questions

View all questions & answers for the AZ-204 exam
Go to Exam

Exam AZ-204 topic 4 question 13 discussion

Actual exam question from Microsoft's AZ-204
Question #: 13
Topic #: 4
[All AZ-204 Questions]

HOTSPOT -
You plan to deploy a new application to a Linux virtual machine (VM) that is hosted in Azure.
The entire VM must be secured at rest by using industry-standard encryption technology to address organizational security and compliance requirements.
You need to configure Azure Disk Encryption for the VM.
How should you complete the Azure CLI commands? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: keyvault -
Create an Azure Key Vault with az keyvault create and enable the Key Vault for use with disk encryption. Specify a unique Key Vault name for keyvault_name as follows: keyvault_name=myvaultname$RANDOM az keyvault create \
--name $keyvault_name \
--resource-group $resourcegroup \
--location eastus \
--enabled-for-disk-encryption True

Box 2: keyvault key -
The Azure platform needs to be granted access to request the cryptographic keys when the VM boots to decrypt the virtual disks. Create a cryptographic key in your Key Vault with az keyvault key create. The following example creates a key named myKey: az keyvault key create \
--vault-name $keyvault_name \
--name myKey \
--protection software

Box 3: vm -
Create a VM with az vm create. Only certain marketplace images support disk encryption. The following example creates a VM named myVM using an Ubuntu
16.04 LTS image:
az vm create \
--resource-group $resourcegroup \
--name myVM \
--image Canonical:UbuntuServer:16.04-LTS:latest \
--admin-username azureuser \
--generate-ssh-keys \

Box 4: vm encryption -
Encrypt your VM with az vm encryption enable:
az vm encryption enable \
--resource-group $resourcegroup \
--name myVM \
--disk-encryption-keyvault $keyvault_name \
--key-encryption-key myKey \
--volume-type all
Note: seems to an error in the question. Should have enable instead of create.

Box 5: all -
Encrypt both data and operating system.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/disk-encryption-cli-quickstart
by Tom87 at April 10, 2021, 5:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Tom87
Highly Voted 3 years, 5 months ago
The answer is correct. Other possiblities doesn't make sense. Although it seems strange to me to create the VM when the question says that we already have one.
upvoted 59 times
Tom87
3 years, 5 months ago
Ok, now I see that the question doesn't say that the VM is already created. Sorry for that :)
upvoted 8 times
...
...
glam
Highly Voted 3 years, 4 months ago
correct
upvoted 7 times
...
Juhi_Az204
Most Recent 1 year, 6 months ago
Got this on 26March,2023
upvoted 5 times
...
sarmaria
1 year, 6 months ago
Got this on 16/03/23. Went with proposed solution. Make sure to prepare for case study. I got city and lights case study. No Kubernetes, Search, Logic Apps questions for me.
upvoted 3 times
...
Esward
1 year, 8 months ago
VM Keyvault Keyvault key VM Enryption ALL Refer: https://learn.microsoft.com/en-us/azure/virtual-machines/linux/disk-encryption-cli-quickstart
upvoted 4 times
manopeydakon
1 year, 7 months ago
Look at the whole picture son! Answer is correct
upvoted 2 times
...
...
rolling_potato_
1 year, 9 months ago
Was on my exam today (03-01-2023)
upvoted 6 times
...
Lucifer14
1 year, 9 months ago
In 28-12-2022 exam
upvoted 2 times
...
OPT_001122
1 year, 10 months ago
Key vault Key vault key VM VM encryption All
upvoted 3 times
...
at_sayali
1 year, 10 months ago
The answer is correct. Got this in 10/2022
upvoted 2 times
...
gmishra88
1 year, 12 months ago
The documentation here does not mention the step to create the keyvault key. https://learn.microsoft.com/en-us/azure/virtual-machines/linux/disk-encryption-cli-quickstart. But it is okay
upvoted 1 times
...
serpevi
2 years ago
Got this in 09/22 , went with the most voted answers, score 927.
upvoted 2 times
...
Eltooth
2 years, 3 months ago
Answer is correct. Keyvault Keyvault key VM VM encryption All
upvoted 4 times
...
Baskman
2 years, 7 months ago
Got this in the exam 03/22
upvoted 5 times
...
oescm
2 years, 7 months ago
Got this one 02/2022. Went with the given answer
upvoted 5 times
...
lugospod
2 years, 8 months ago
Got this one 01/2022. Went with most voted (to avoid writing answers again)
upvoted 5 times
...
tramlong888
2 years, 9 months ago
The answer is correct.
upvoted 1 times
...
debanjan10
2 years, 12 months ago
Order: keyvault > keyvault key > vm > vm encryption
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel