exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam

Exam AZ-305 topic 4 question 60 discussion

Actual exam question from Microsoft's AZ-305
Question #: 60
Topic #: 4
[All AZ-305 Questions]

You have an Azure Active Directory (Azure AD) tenant.
You plan to deploy Azure Cosmos DB databases that will use the SQL API.
You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.
What should you include in the recommendation?

  • A. shared access signatures (SAS) and Conditional Access policies
  • B. certificates and Azure Key Vault
  • C. master keys and Azure Information Protection policies
  • D. a resource token and an Access control (IAM) role assignment
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
kay000001
Highly Voted 2 years, 2 months ago
Selected Answer: D
D. a resource token and an Access control (IAM) role assignment - correct.
upvoted 11 times
...
NotMeAnyWay
Highly Voted 1 year, 5 months ago
Selected Answer: D
D. a resource token and an Access control (IAM) role assignment. Azure Cosmos DB's SQL API provides two types of authorization: master key token and resource token. Master key tokens provide access to the all data and all permissions. Resource tokens provide access to specific containers and permissions, and you can create these tokens with an Azure AD user's identity. To provide Azure AD users with access to the Azure Cosmos DB, you would assign them a specific IAM role. Azure Cosmos DB uses Azure role-based access control (Azure RBAC) for providing specific access. Azure RBAC is an authorization system built on Azure Resource Manager that provides fine-grained access management of resources in Azure. The combination of a resource token and an IAM role assignment would provide the necessary access control for the Azure AD user accounts to have read access to the Cosmos DB databases.
upvoted 10 times
...
SeMo0o0o0o
Most Recent 3 weeks ago
Selected Answer: D
D is correct
upvoted 1 times
...
Lazylinux
7 months, 2 weeks ago
Selected Answer: D
Given Answer D is correct
upvoted 1 times
...
JimmyYop
10 months, 2 weeks ago
appeared in Exam 01/2024
upvoted 5 times
...
zellck
1 year, 9 months ago
Selected Answer: D
D is the answer. https://learn.microsoft.com/en-us/azure/cosmos-db/secure-access-to-data?tabs=using-primary-key#resource-tokens You can use a resource token (by creating Azure Cosmos DB users and permissions) when you want to provide access to resources in your Azure Cosmos DB account to a client that cannot be trusted with the primary key. Azure Cosmos DB resource tokens provide a safe alternative that enables clients to read, write, and delete resources in your Azure Cosmos DB account according to the permissions you've granted, and without need for either a primary or read only key.
upvoted 4 times
...
ITboy8
1 year, 9 months ago
Selected Answer: D
Yes D is the one
upvoted 1 times
...
OPT_001122
1 year, 10 months ago
Selected Answer: D
D. a resource token and an Access control (IAM) role assignment
upvoted 1 times
OPT_001122
1 year, 9 months ago
The Access control (IAM) pane in the Azure portal is used to configure role-based access control on Azure Cosmos resources.
upvoted 1 times
...
...
Born_Again
2 years ago
Selected Answer: D
D IAM and Resource Token
upvoted 1 times
...
Darkx
2 years, 1 month ago
appeared on 11th Oct 2022
upvoted 10 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...