ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 2 question 98 discussion

Actual exam question from Microsoft's SC-300
Question #: 98
Topic #: 2
[All SC-300 Questions]

You have an Azure subscription that contains a virtual machine named VM1 and an Azure key vault named Vault1. VM1 has a system-assigned managed identity.

You need to ensure that VM1 can retrieve the values of secrets stored in Vault1. The solution must minimize administrative effort.

What should you do first?

  • A. Configure the Resource access settings for Vault1.
  • B. Configure the permissions model for Vault1.
  • C. Add a user-assigned managed identity to VM1.
  • D. Assign an Azure role to VM1.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Matt19 at Dec. 22, 2024, 7:44 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rvln7
2 months ago
Selected Answer: D
stupid question, we can use RBAC or access policy, but to do that we also have to configure the resource (key vault) access settings. so it is either A or D https://learn.microsoft.com/en-us/azure/frontdoor/managed-identity "Configure Key Vault access You can configure Azure Key Vault access using either of the following methods: Role-based access control (RBAC) - Provides fine-grained access control using Azure Resource Manager. Access policy - Uses native Azure Key Vault access control. For more information, see Azure role-based access control (Azure RBAC) vs. access policy."
upvoted 2 times
...
ethhacker
2 months, 2 weeks ago
Selected Answer: B
Secrets User, can also be configured directly on vault, would be a more fine grained solution.
upvoted 1 times
...
Shingie
2 months, 2 weeks ago
Selected Answer: D
Correct Answer: D. Assign an Azure role to VM1 Explanation: VM1 has a system-assigned managed identity, which allows it to authenticate to Azure resources without storing credentials. However, by default, it does not have permissions to access Vault1. To allow VM1 to retrieve secrets from Vault1, you must assign it an Azure role with appropriate permissions to Key Vault.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago