exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam

Exam AZ-305 topic 4 question 74 discussion

Actual exam question from Microsoft's AZ-305
Question #: 74
Topic #: 4
[All AZ-305 Questions]

You are designing a point of sale (POS) solution that will be deployed across multiple locations and will use an Azure Databricks workspace in the Standard tier. The solution will include multiple apps deployed to the on-premises network of each location.

You need to configure the authentication method that will be used by the app to access the workspace. The solution must minimize the administrative effort associated with staff turnover and credential management.

What should you configure?

  • A. a managed identity
  • B. a service principal
  • C. a personal access token
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
uettidam
Highly Voted 1 year, 10 months ago
Selected Answer: B
response is B reason: MID can be used only between Azure resources, here we have on-prem application communicating to Azure resources, then you need a service principal
upvoted 36 times
[Removed]
1 year, 10 months ago
A managed identity is a type of service principal.
upvoted 1 times
[Removed]
1 year, 10 months ago
Correction. A service principal is one of two types of managed identities fam
upvoted 5 times
...
...
...
VBK8579
Highly Voted 1 year, 10 months ago
Selected Answer: B
A managed identity can provide authentication for Azure resources, but it cannot provide authentication for on-premises resources. In the case of an on-premises network, you would typically use a service principal or a personal access token for authentication.
upvoted 18 times
...
SeMo0o0o0o
Most Recent 3 weeks ago
Selected Answer: B
B is correct
upvoted 1 times
...
Len83
3 months, 4 weeks ago
This question appeared in the exam, August 2024. I gave this same answer listed here. I scored 870
upvoted 3 times
...
Lazylinux
7 months, 2 weeks ago
Selected Answer: B
I would go for B here is why, the key word in the questions is the following You need to configure the authentication method that will be used by the app to access the workspace. Service App is used by the App and for the App but managed identity in this case is created for the workspace (AZ resource) and used by the App hence not what is required. *a service principal is “…An application whose tokens can be used to authenticate and grant access to specific Azure resources from a user-app, service or automation tool, when an organization is using Azure Active Directory…”
upvoted 3 times
Lazylinux
7 months, 2 weeks ago
Following on => *Managed Identities are in essence 100% identical in functionality and use case than Service Principals. In fact, they are actually Service Principals. What makes them different though, is: – They are always linked to an Azure Resource, not to an application or 3rd party connector – They are automatically created for you, including the credentials; big benefit here is that no one knows the credentials
upvoted 2 times
868Wolf
7 months, 1 week ago
thank you for explaining.
upvoted 1 times
...
...
...
quaternion
1 year, 4 months ago
Selected Answer: B
Service Principal must be used for accessing on-prem apps to Azure resources. (MI is for within Azure resources).
upvoted 5 times
...
NotMeAnyWay
1 year, 4 months ago
Selected Answer: B
If the POS system is on-premises and not on Azure, then you cannot use Azure Managed Identity because Managed Identity is only applicable for resources that reside within Azure. B. a service principal A service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources. This access is restricted by the roles assigned to the service principal, giving you control over which resources can be accessed and at what level. For security reasons, it's always recommended to use service principals with automated tools rather than allowing them to log in with a user identity. You can create a service principal for the application and grant it just enough permissions to perform the operations it needs. This way, you can manage application credentials and permissions in a centralized way, which helps reduce administrative effort associated with staff turnover and credential management.
upvoted 4 times
...
sjb666
1 year, 7 months ago
Selected Answer: B
Service principle, since we're connecting a third party app with AAD. See https://devblogs.microsoft.com/devops/demystifying-service-principals-managed-identities/
upvoted 2 times
...
lombri
1 year, 7 months ago
Selected Answer: A
A managed identity Is a service principal that is automatically managed by Azure and provides an easier and more secure way to authenticate applications and services to access Azure resources. It reduces the administrative effort associated with credential management and provides seamless access to the Azure resources. With managed identity, you do not have to store any secrets or credentials in the application code or configuration.
upvoted 1 times
lombri
1 year, 7 months ago
my mistake service principal is the rightone authentication method for accessing an Azure Databricks workspace from an application deployed on-premises. A service principal provides an identity for the application and enables the application to authenticate with Azure Databricks without requiring user credentials. This approach reduces the administrative effort associated with managing user credentials and simplifies the process of granting and revoking access to the workspace.
upvoted 3 times
...
...
EXzw
1 year, 8 months ago
Selected Answer: A
From GPT Managed identities are a feature of Azure Active Directory (Azure AD) and are primarily designed for use with Azure services. However, you can leverage managed identities for on-premises applications by using Azure AD Application Proxy or Hybrid Connections. This way, the on-premises application can authenticate with Azure services using the managed identity. Here's a high-level overview of how you can achieve this: Configure Azure AD Application Proxy or Hybrid Connections to securely expose the on-premises application to the internet. Register the on-premises application in Azure AD and enable a managed identity for the app. Assign the appropriate roles and permissions to the managed identity for accessing the required Azure resources, such as the Azure Databricks workspace. Update the on-premises application to use the managed identity to authenticate with Azure services.
upvoted 1 times
BShelat
11 months, 4 weeks ago
"he solution must minimize the administrative effort associated with staff turnover and credential management." is also need to be considered. Less administrative effort
upvoted 1 times
...
EXzw
1 year, 8 months ago
Continued.... Please note that this approach adds some complexity and requires additional configuration. However, it allows you to take advantage of managed identities for your on-premises applications, thus minimizing administrative effort associated with staff turnover and credential management.
upvoted 1 times
...
...
Jamesat
1 year, 9 months ago
Service Principal as Managed Idenitity can't be used for On-Premises workloads.
upvoted 1 times
...
cp2323
1 year, 9 months ago
Selected Answer: B
its onsite app authentication hence it should be Service Principal
upvoted 1 times
...
zellck
1 year, 9 months ago
Selected Answer: B
B is the answer. https://learn.microsoft.com/en-us/azure/databricks/administration-guide/users-groups/service-principals#what-is-a-service-principal A service principal is an identity that you create in Azure Databricks for use with automated tools, jobs, and applications. Service principals give automated tools and scripts API-only access to Azure Databricks resources, providing greater security than using users or groups. It also prevents jobs and automations from failing if a user leaves your organization or a group is modified.
upvoted 9 times
...
Eusouzati
1 year, 9 months ago
Selected Answer: B
B - A Service Principal
upvoted 2 times
...
OPT_001122
1 year, 9 months ago
Selected Answer: B
on-premises = Service Principle
upvoted 3 times
...
OPT_001122
1 year, 10 months ago
Selected Answer: B
B. a service principal
upvoted 2 times
...
VBK8579
1 year, 10 months ago
A. a managed identity per ChatGPT
upvoted 3 times
alphajt
1 year, 10 months ago
ChatGPT is not always right. You should always check for correctness
upvoted 1 times
...
VBK8579
1 year, 10 months ago
Wrong Answer. Answer is B. a service principal Because A managed identity can provide authentication for Azure resources, but it cannot provide authentication for on-premises resources. In the case of an on-premises network, you would typically use a service principal or a personal access token for authentication.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago