Exam AZ-204 topic 1 question 12 discussion

The EnablePurgeProtection parameter prevents the deletion of key vault objects by enabling purge protection. This parameter ensures that objects deleted from the key vault cannot be permanently deleted until the purge protection period has expired. The EnableSoftDelete parameter allows the key vault to retain deleted objects for a specified duration. This parameter enables soft delete, which allows the key vault to retain deleted objects for a specified period of time (90 days in this case) before they are permanently deleted.

Soft Delete is necessary to create a recoverable state for deleted objects. Without it, objects are immediately and permanently deleted, and Purge Protection has nothing to protect. Purge Protection enhances the security provided by Soft Delete by ensuring that once an object is soft-deleted, it cannot be purged until after the retention period.

BD is correct.

BD is correct.

BD is correct. You'll need to enable soft delete, and then purge protection to make sure that soft-deleted objects are not purged early.

BD EnabledForDeployment is a property of Azure Key Vault that allows you to control whether the Key Vault can be deployed as part of an Azure Resource Manager (ARM) template deployment. When EnabledForDeployment is set to true, it means that the Key Vault can be included in ARM templates and deployed using Azure Resource Manager. EnablePurgeProtection is a property of Azure Key Vault's soft delete feature. When EnablePurgeProtection is set to true, it ensures that deleted Key Vault entities (such as secrets, keys, or certificates) cannot be permanently deleted immediately. EnabledForTemplateDeployment is a property of Azure Key Vault that determines whether the Key Vault can be deployed as part of an Azure Resource Manager (ARM) template deployment. EnableSoftDelete is a property of Azure Key Vault that enables the soft delete feature for the Key Vault. Soft delete allows you to recover deleted entities (secrets, keys, or certificates) within a specified retention period, even after they have been deleted.

You need soft delete (D) to retain deleted objects for up to 90 days, and you need purge protection (B) to prevent deleted objects from being purged until 90 days have passed, as it says 90 "set" days.

B, and C. Purge defines how long a blob is 'alive' before it can be deleted. Soft delete allows you to recover mistakenly deleted blobs

B. EnablePurgeProtection D. EnableSoftDelete To meet the requirement of keeping objects deleted from the key vault for 90 days, you need to use the EnablePurgeProtection and EnableSoftDelete parameters when creating the key vault using PowerShell. EnablePurgeProtection prevents the key vault from being permanently deleted before the soft-delete retention period has elapsed. EnableSoftDelete allows deleted vault and its contents to be retained and recoverable for the specified number of days.

Correct options are B. EnablePurgeProtection D. EnableSoftDelete

B & D.

Correct.

correct - B and D

Correct.

correct b, d