ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 1 question 87 discussion

Actual exam question from Microsoft's SC-300
Question #: 87
Topic #: 1
[All SC-300 Questions]

You have an Azure subscription that contains a storage account named storage1.

You plan to deploy an app named App1 that will be hosted on multiple virtual machines. The virtual machines will authenticate to a third-party API by using secrets.

You need to recommend an authentication solution for the virtual machines. The solution must meet the following requirements:

• Securely store secrets.
• Ensure that credentials do NOT need to be stored in the App1 code.
• Ensure that the virtual machines can access Azure resources by using Microsoft Entra authentication
• Minimize administrative effort.

What should you include in the recommendation?

  • A. user accounts and Storage Service Encryption
  • B. user-assigned managed identities and Azure Key Vault
  • C. user accounts and Azure Key Vault
  • D. system assigned managed identities and Storage Service Encryption
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by 5f2afa7 at Dec. 29, 2024, 11:51 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
test123123
5 months, 2 weeks ago
Selected Answer: B
The best recommendation for your scenario is B. user-assigned managed identities and Azure Key Vault. Here's why: Securely Store Secrets: Azure Key Vault is designed to securely store and manage secrets, keys, and certificates. Credentials Not in Code: By using managed identities, you avoid hardcoding credentials in your application code. Managed identities allow your virtual machines to authenticate to Azure Key Vault without storing credentials in the code. Microsoft Entra Authentication: Managed identities use Microsoft Entra ID (formerly Azure AD) for authentication, ensuring secure access to Azure resources. Minimize Administrative Effort: User-assigned managed identities provide flexibility and can be reused across multiple resources, reducing administrative overhead12. This combination ensures secure, efficient, and manageable authentication for your virtual machines and their interactions with the third-party API.
upvoted 3 times
...
5f2afa7
5 months, 3 weeks ago
Selected Answer: B
Azure Key Vault for the 3rd party API creds, and a user assigned managed identity for the MULTIPLE VMs to access "Azure resources by using Entra authentication".
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel