ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 4 question 64 discussion

Actual exam question from Microsoft's AZ-700
Question #: 64
Topic #: 4
[All AZ-700 Questions]

HOTSPOT
-

You have an Azure subscription.

You plan to implement an Azure application gateway named AGW1.

You need to implement an external TLS certificate store for AGW1. The solution must meet the following requirements:

• Keys must be stored by using the highest possible security.
• Administrative effort must be minimized.

Which type of certificate store should you use, and which type of identity should you use to access the store? To answer, select the appropriate options in the answer area

NOTE: Each correct answer is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by manhattan at Jan. 5, 2025, 4:23 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
xRiot007
2 weeks, 6 days ago
store: Azure KV (not HSM because that is not supported in this scenario) identity: User MI (System MI would be more secure and with less attack surface, but the application gateway supports only User MI)
upvoted 1 times
...
ITrob523
3 weeks, 2 days ago
HSM is not supported for Azure Key Vault. So the answer should be Azure Key Vault and User -assigned managed identity.
upvoted 1 times
...
Sergovladi
3 months ago
1) Azure Key Vault 2) User-assigned managed identity https://learn.microsoft.com/en-us/azure/application-gateway/key-vault-certs
upvoted 4 times
Sergovladi
3 months ago
Azure Managed or Dedicated HSM cannot be integrated with AG https://learn.microsoft.com/en-us/azure/security/fundamentals/key-management-choose
upvoted 1 times
...
...
manhattan
3 months, 4 weeks ago
Selected Answer: A
it should be good but I'm not 100% sure, any idea? https://learn.microsoft.com/en-us/azure/key-vault/managed-hsm/best-practices#control-access-to-your-managed-hsm
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago