ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-104 All Questions

View all questions & answers for the AZ-104 exam
Go to Exam

Exam AZ-104 topic 1 question 20 discussion

Actual exam question from Microsoft's AZ-104
Question #: 20
Topic #: 1
[All AZ-104 Questions]

DRAG DROP -
You have downloaded an Azure Resource Manager (ARM) template to deploy numerous virtual machines (VMs). The ARM template is based on a current VM, but must be adapted to reference an administrative password.
You need to make sure that the password cannot be stored in plain text.
You are preparing to create the necessary components to achieve your goal.
Which of the following should you create to achieve your goal? Answer by dragging the correct option from the list to the answer area.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
You can use a template that allows you to deploy a simple Windows VM by retrieving the password that is stored in a Key Vault. Therefore, the password is never put in plain text in the template parameter file.
by ech at Sept. 27, 2021, 8:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
pakman
Highly Voted 3 years, 5 months ago
Key vault + access policy
upvoted 83 times
jackill
1 year, 7 months ago
I agree : key vault + access policy But please note that now the access policy is considered a legacy way to provide access to the key vault. Now you can use RBAC.
upvoted 39 times
...
jackdryan
2 years ago
This is correct.
upvoted 5 times
...
...
Mazinger
Highly Voted 5 months, 2 weeks ago
The two components you should create to achieve your goal are: 1. An Azure Key Vault: you can store the administrative password in an Azure Key Vault, which provides secure storage and management of cryptographic keys, certificates, and secrets. Storing the password in a Key Vault ensures that it is not stored in plain text and provides an additional layer of security to protect the password. 2. An access policy: You should create an access policy to control access to the Key Vault secrets. An access policy specifies who can perform operations on the secrets stored in the Key Vault. You can grant permissions to users, applications, and services to access the Key Vault and its secrets, and you can specify the level of access that they have. By creating an access policy, you can control who has access to the administrative password and ensure that it is used only by authorized entities. Therefore, to achieve your goal, you should create an Azure Key Vault to store the administrative password, and an access policy to control access to the Key Vault secrets.
upvoted 26 times
...
[Removed]
Most Recent 5 months, 3 weeks ago
CORRECT
upvoted 1 times
...
CheMetto
7 months, 1 week ago
Be carefull, Accesspolicy is legacy, now we have RBAC. If they replace it with RBAC, you know this is the correct answer
upvoted 5 times
...
tashakori
11 months, 2 weeks ago
Given answer is right
upvoted 1 times
...
_gio_
1 year ago
Key vault + access policy
upvoted 1 times
...
Aldair66
1 year, 1 month ago
I think is B
upvoted 1 times
...
D1nk8887
1 year, 2 months ago
The question says "You need to make sure that the password cannot be stored in plain text," not how do you set it up so it's not stored in plain text.
upvoted 3 times
...
Yuraq
1 year, 4 months ago
Key Vault and Access Policy Securely Deploy Azure VM With Local Admin Password from Azure Key Vault and not in ARM Template.
upvoted 5 times
...
fiahbone
1 year, 5 months ago
Azure key vault to store the password and Access policy to make it accessible. https://learn.microsoft.com/en-us/azure/key-vault/general/basic-concepts
upvoted 6 times
havoc2k7
1 year, 5 months ago
i love it when i find simplest exact answers
upvoted 3 times
...
...
SeregonAzDev
1 year, 7 months ago
The question states "option", not "options". Based on the text I assume there is only one correct answer. In this case I would go with the Key Vault
upvoted 4 times
...
kamalpur
1 year, 7 months ago
This question is explained in below youtube video.
upvoted 7 times
...
xRiot007
1 year, 9 months ago
If you need to store stuff securely, you should use an Azure Key Vault and store it as key-value, where the key is a string and the value can be anything. To access the keyvault data you need an Access Policy taht defines who has access to the vault.
upvoted 7 times
...
LCR
1 year, 9 months ago
This whole answers/grid situation is confusing.
upvoted 3 times
...
Madbo
1 year, 10 months ago
The two components that should be created to achieve the goal of storing an administrative password securely are: An Azure Key Vault, which can securely store and manage cryptographic keys, certificates, and passwords. The password can be stored as a secret in the Key Vault and then accessed by the ARM template using a reference to the Key Vault. An access policy, which is used to define who has permissions to access and manage the Key Vault. This is important to ensure that only authorized users can access the password stored in the Key Vault.
upvoted 13 times
...
GohanF2
1 year, 11 months ago
answer is correct, plus this question appears in the MS free Assessment exam in MS page for this course.
upvoted 3 times
...
Chandra415
2 years, 1 month ago
Key Vault & Access Policy
upvoted 3 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago