ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-900 All Questions

View all questions & answers for the AZ-900 exam
Go to Exam

Exam AZ-900 topic 1 question 254 discussion

Actual exam question from Microsoft's AZ-900
Question #: 254
Topic #: 1
[All AZ-900 Questions]

This question requires that you evaluate the underlined text to determine if it is correct.
Azure Key Vault is used to store secrets for Azure Active Directory (Azure AD) user accounts.
Instructions: Review the underlined text. If it makes the statement correct, select `No change is needed`. If the statement is incorrect, select the answer choice that makes the statement correct.

  • A. No change is needed
  • B. Azure Active Directory (Azure AD) administrative accounts
  • C. Personally Identifiable Information (PII)
  • D. server applications
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Moon at Nov. 24, 2019, 5:27 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Moon
Highly Voted 5 years, 7 months ago
I would go with "D". Server Applications.
upvoted 132 times
shashu07
4 years, 7 months ago
Answer A, as per attached Microsoft Article function that connects to an Azure Key Vault using Azure Active Directory authentication, and then uses a secret stored in the vault to query a remote service. // Create a Key Vault client with an Active Directory authentication callback var keyVault = new KeyVaultClient(async (string authority, string resource, string scope) => { var authContext = new AuthenticationContext(authority); var credential = new ClientCredential(adClientId, adKey); var token = await authContext.AcquireTokenAsync(resource, credential); return token.AccessToken; https://devblogs.microsoft.com/dotnet/storing-and-using-secrets-in-azure/
upvoted 12 times
CaracasCCS
4 years, 4 months ago
No! > The Secret you will always create it to give it to an Application that needs to use Azure Authentication.. so the app will show the tocket to Azure and Azure will let it in.
upvoted 4 times
...
...
Tolulee
5 years, 2 months ago
Azure Key Vault enables Microsoft Azure applications and users to store and use several types of secret/key data: Both application and users. A is correct
upvoted 18 times
M_Abuzaid
4 years, 1 month ago
i'm totally agree with you, it's for any types of secret/key data
upvoted 1 times
...
ConaxLearn
4 years, 10 months ago
Users <> User Accounts.
upvoted 4 times
...
DJHASH786
1 year, 10 months ago
Correct. https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-portal
upvoted 1 times
...
...
SimonR2
4 years, 2 months ago
Agreed, you can store connection strings within azure vault rather than within the app itself. This greatly improved security!
upvoted 3 times
...
MCLC2021
4 years ago
I think that underlined text in the phrase is: "...Azure Active Directory (Azure AD) user accounts." so if you read the "Important" section in the link https://docs.microsoft.com/en-us/learn/modules/manage-secrets-with-azure-key-vault/2-what-is-key-vault You can read: "Key Vault is designed to store configuration secrets for server apps."
upvoted 30 times
...
...
cetag37681
Highly Voted 5 years, 5 months ago
D - Should be the answer. Why would Vault be used to store (Azure AD) user accounts but not (Azure AD) admin accounts? makes no sense.
upvoted 17 times
dv1
5 years, 4 months ago
Cause there is no AAD "administrator account". Only AAD user (aka member) account with administrative roles (e.g. global administrator)
upvoted 5 times
...
...
Dmarcetic
Most Recent 4 months, 2 weeks ago
Selected Answer: D
User have passwords, you create SECRETS for applications
upvoted 1 times
...
30ff54d
6 months ago
Selected Answer: D
I would go with D - Key Vault can store secret / key information (API key for example). Imagine you have sever azure resources that require sensitive information to be locked away, you'd use Key Vault for this. Strictly speaking, you can store Admin secret/key under key vault, but this answer would be too limiting in this question
upvoted 1 times
...
Super63
8 months, 1 week ago
I would go with A - This is the exact definition of a Key Vault. See here from a Microsoft Site: What is used to store secrets for Azure Active Directory user accounts? Azure Key Vault enables Microsoft Azure applications and users to store and use several types of secret/key data: keys, secrets, and certificates Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. Key Vault service supports two types of containers: vaults and managed hardware security module(HSM) pools
upvoted 3 times
...
NoursBear
9 months, 2 weeks ago
Azure Keyvault is used to store different type of secrets incudi g certificates, apps credential and admin users etc.. so it depends what they are looking for A would be correct but incomplete D is wrong with just „server applications“
upvoted 1 times
...
Genichiro
10 months, 3 weeks ago
D is the answer per https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview
upvoted 1 times
...
Genichiro
11 months ago
The correct answer is D. The statement as provided is not entirely accurate. Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. While Azure Key Vault can store secrets for a variety of purposes, it's not specifically for storing secrets for Azure Active Directory (Azure AD) user accounts. Instead, it is commonly used for managing secrets needed by server applications, services, and administrative accounts, ensuring that these secrets are stored securely and accessed by authenticated services or individuals only. Thus, the correct choice would be option 4) server applications, as it describes one of the primary use cases of the Azure Key Vault service. Personal data like Personally Identifiable Information (PII) can also be safeguarded by Azure Key Vault, but it's more about protecting access to information rather than storing user account details specifically.
upvoted 1 times
...
NoursBear
11 months, 2 weeks ago
I think the answer D is simply incomplete and should say “configuration secrets’ at the end of it
upvoted 1 times
...
chaabouchihakim
11 months, 2 weeks ago
L'affirmation "Azure Key Vault est utilisé pour stocker les secrets des comptes d'utilisateur Azure Active Directory (Azure AD)" est incorrecte. Azure Key Vault est utilisé principalement pour stocker et gérer les secrets, clés cryptographiques et certificats utilisés par les applications et services, et non spécifiquement pour les secrets des comptes d'utilisateur Azure AD. La meilleure correction serait : D. applications serveur
upvoted 1 times
...
ACMaverick
1 year ago
What is really needed here is to know what is underlined in this question. It seems what should be underlined is "Azure Active Directory (Azure AD) user accounts" which would lead to the answer of D. server applications. • Azure AD: Focuses on user identities and access control. It provides features for password hashing, multi-factor authentication, and role-based access control (RBAC) to secure your Azure environment. • Azure Key Vault: Designed for securing secrets used by applications and services. This includes API keys, certificates, and cryptographic keys. Key Vault offers strong access control mechanisms to manage who can access these secrets.
upvoted 3 times
...
PPV20
1 year, 3 months ago
Selected Answer: D
Key Vault. Safeguard cryptographic keys and other secrets used by cloud apps and services.
upvoted 1 times
...
xavierkwan
1 year, 4 months ago
in the first paragraph provided in the link below, it says that "Azure Key Vault enables Microsoft Azure applications and users to store and use several types of secret/key data: keys, secrets, and certificates." https://learn.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates
upvoted 1 times
...
xavierkwan
1 year, 5 months ago
https://learn.microsoft.com/en-us/azure/key-vault/general/authentication
upvoted 1 times
...
gfalconx
1 year, 7 months ago
answer is A
upvoted 1 times
...
JatinJ
1 year, 8 months ago
Correct answer is D - "Key Vault is designed to store configuration secrets for server apps"
upvoted 1 times
...
SAFM
1 year, 9 months ago
Selected Answer: D
Agree on the given answer and the provided link.
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel