Exam AZ-104 topic 3 question 57 discussion

what kinda $hit question IS THIS

Provided answer E is correct. "Azure storage encryption supports RSA and RSA-HSM keys of sizes 2048, 3072 and 4096" https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview#enable-customer-managed-keys-for-a-storage-account

E is correct

I *can* use an RSA key type with a key size of 2048, 3072 or 4096. I *should* use only 4096. The question doesn't provide compelling reasons to use a weaker key size. As a non-native speaker, the wording in this question is confusing to me.

Easy question. Search customer-managed key encryption in MS Learn. Reference: https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview#:~:text=Azure%20storage%20encryption%20supports%20RSA%20and%20RSA%2DHSM%20keys%20of%20sizes%202048%2C%203072%20and%204096

E is correct

It would be better if the question asked about the suppoted types instead of what should you use or the answer. One could think that he should use RSA with the stronger key, so picks the wrong answer

hmm... chatGPT (if you want to believe AI) says... "E" To use customer-managed key encryption for a blob container in Azure, you can use either an RSA key or an Elliptic Curve (EC) key. The minimum key size for an RSA key is 2048 bits, and the key size can be 2048, 3072, or 4096 bits. The recommended key size for an EC key is at least 256 bits. Therefore, the correct answer is E. an RSA key type with a key size of 2048, 3072, or 4096 only.

Azure storage encryption supports RSA and RSA-HSM keys of sizes 2048, 3072 and 4096. For more information about keys, see About keys.

E is the answer. https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview#enable-customer-managed-keys-for-a-storage-account Azure storage encryption supports RSA and RSA-HSM keys of sizes 2048, 3072 and 4096.

Answer E is correct. Azure Container Registry supports only RSA or RSA-HSM keys. Elliptic-curve keys aren't currently supported.

E is correct, I agree with Muffay

sorry i have to change my opinion i'll go with E too

Answer is correct, RSA keys must be minimum 2048 bits in length. see URL https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support

i will go with option c To use customer-managed key encryption for container1 in Azure Storage, you can follow these steps: Create a key vault in Azure. This will be used to store the encryption key that you will use for customer-managed key encryption. Create an encryption key in the key vault. You can use an EC key that uses the P-384 curve or P-521 curve, or an RSA key with a key size of 2048, 3072, or 4096. Grant the Azure Storage account access to the key vault. You will need to do this in order for Azure Storage to be able to access the encryption key and use it for customer-managed key encryption. Set the encryption key on the container1 container. You can do this using Azure PowerShell, Azure CLI, or the Azure Storage REST API. Enable customer-managed key encryption on the container1 container. You can do this using Azure PowerShell, Azure CLI, or the Azure Storage REST API. Once you have completed these steps, container1 will be encrypted with customer-managed key encryption using the encryption key in the key vault