ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-900 All Questions

View all questions & answers for the AZ-900 exam
Go to Exam

Exam AZ-900 topic 1 question 255 discussion

Actual exam question from Microsoft's AZ-900
Question #: 255
Topic #: 1
[All AZ-900 Questions]

Your company plans to automate the deployment of servers to Azure.
Your manager is concerned that you may expose administrative credentials during the deployment.
You need to recommend an Azure solution that encrypts the administrative credentials during the deployment.
What should you include in the recommendation?

  • A. Azure Key Vault
  • B. Azure Information Protection
  • C. Azure Security Center
  • D. Azure Multi-Factor Authentication (MFA)
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Azure Key Vault is a secure store for storage various types of sensitive information. In this question, we would store the administrative credentials in the Key Vault.
With this solution, there is no need to store the administrative credentials as plain text in the deployment scripts.
All information stored in the Key Vault is encrypted.
Azure Key Vault can be used to Securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets.
Secrets and keys are safeguarded by Azure, using industry-standard algorithms, key lengths, and hardware security modules (HSMs). The HSMs used are
Federal Information Processing Standards (FIPS) 140-2 Level 2 validated.
Access to a key vault requires proper authentication and authorization before a caller (user or application) can get access. Authentication establishes the identity of the caller, while authorization determines the operations that they are allowed to perform.
References:
https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview
by tanmayaccenture at Dec. 16, 2019, 6:46 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
RSMCT2011
Highly Voted 5 years, 7 months ago
A Use Azure Key Vault to encrypt keys and small secrets like passwords that use keys stored in hardware security modules (HSMs). https://azure.microsoft.com/en-us/services/key-vault/
upvoted 35 times
...
foreverlearner
Highly Voted 5 years, 3 months ago
Question is about protecting credential during an automated deployment (e.g. not typing password in clear text in a JSON template or PS script), not protecting information inside documents (or logins). Azure Key Vault is the only correct answer for this scenario
upvoted 22 times
...
Kholio86
Most Recent 1 year, 1 month ago
that's the 3rd time i read the same question, but it is okay
upvoted 2 times
...
SAFM
1 year, 10 months ago
Selected Answer: A
Key Vault, same questions as before.
upvoted 1 times
...
azirila
2 years, 6 months ago
also the same question as before pls remove this one, answer is corrcet.
upvoted 1 times
...
zellck
2 years, 6 months ago
Same as question 244. https://www.examtopics.com/discussions/microsoft/view/85481-exam-az-900-topic-1-question-244-discussion
upvoted 1 times
...
zellck
2 years, 6 months ago
Selected Answer: A
A is the answer. https://learn.microsoft.com/en-us/azure/key-vault/general/overview Azure Key Vault is one of several key management solutions in Azure, and helps solve the following problems: - Secrets Management - Azure Key Vault can be used to Securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets.
upvoted 1 times
zellck
2 years, 6 months ago
Azure Key Vault is a service that allows you to store and manage cryptographic keys and secrets, such as certificates, connection strings, and passwords. It provides secure storage and management of sensitive information, and it allows you to control access to the secrets through role-based access control. You can use Azure Key Vault to encrypt the administrative credentials during the deployment process by storing the credentials in Azure Key Vault and then using the Azure Key Vault client to retrieve the credentials when you deploy the servers.
upvoted 1 times
...
...
TonyghostR05
2 years, 10 months ago
Key words: encrypt
upvoted 1 times
...
wfrf92
3 years, 2 months ago
The answer is A. Azure Key Vault can encrypt the passwords.
upvoted 2 times
...
diogoweb
3 years, 11 months ago
Got it on 06-09-2021
upvoted 2 times
...
iwarakorn
4 years, 1 month ago
Got in exam July02,2021
upvoted 1 times
...
Lipseal
4 years, 2 months ago
I got this in my exam (May 2021)
upvoted 3 times
...
Gerardo1971
4 years, 3 months ago
Correct answer
upvoted 1 times
...
mikl
4 years, 6 months ago
A is correct. https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/key-vault-parameter?tabs=azure-cli
upvoted 2 times
...
MimeTalk
4 years, 7 months ago
"Azure Resource Manager can securely deploy certificates stored in Azure Key Vault to Azure VMs when the VMs are deployed." https://docs.microsoft.com/en-us/azure/security/fundamentals/data-encryption-best-practices So answer is Azure Key Vault
upvoted 3 times
...
sunwukong
4 years, 8 months ago
Azure Key Valut
upvoted 1 times
...
Ebenezer
4 years, 9 months ago
Azure Key Vault is a cloud service that provides a secure store for secrets. You can securely store keys, passwords, certificates, and other secrets. The answer is definitely Azure Key Vault.
upvoted 3 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel