ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 5 question 17 discussion

Actual exam question from Microsoft's AZ-500
Question #: 17
Topic #: 5
[All AZ-500 Questions]

HOTSPOT -
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to implement an application that will consist of the resources shown in the following table.

Users will authenticate by using their Azure AD user account and access the Cosmos DB account by using resource tokens.
You need to identify which tasks will be implemented in CosmosDB1 and WebApp1.
Which task should you identify for each resource? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
CosmosDB1: Create database users and generate resource tokens.
Azure Cosmos DB resource tokens provide a safe mechanism for allowing clients to read, write, and delete specific resources in an Azure Cosmos DB account according to the granted permissions.
WebApp1: Authenticate Azure AD users and relay resource tokens
A typical approach to requesting, generating, and delivering resource tokens to a mobile application is to use a resource token broker. The following diagram shows a high-level overview of how the sample application uses a resource token broker to manage access to the document database data:

Reference:
https://docs.microsoft.com/en-us/xamarin/xamarin-forms/data-cloud/cosmosdb/authentication
by AS007 at April 21, 2020, 3:30 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AS007
Highly Voted 4 years, 9 months ago
Correct Answers
upvoted 24 times
...
PM2
Highly Voted 3 years, 10 months ago
in the exam
upvoted 11 times
...
brooklyn510
Most Recent 1 year ago
On exam 1/2/24
upvoted 8 times
...
majstor86
1 year, 11 months ago
CosmosDB1: Create database users and generate resource tokens. WebApp1: Authenticate Azure AD users and relay resource tokens
upvoted 6 times
...
jayek
2 years, 5 months ago
https://docs.microsoft.com/en-us/azure/cosmos-db/secure-access-to-data?tabs=using-primary-key
upvoted 1 times
...
jbuenoo
4 years, 5 months ago
Answers seem to be correct: https://docs.microsoft.com/en-us/azure/cosmos-db/media/secure-access-to-data/resourcekeyworkflow.png
upvoted 5 times
...
Exam_Master_Me
4 years, 6 months ago
Correct: The mid-tier service is also responsible for authenticating the client (for example, by using Azure Active Directory). Once the client successfully authenticates, the mid-tier service requests a resource token associated with the authenticated user from the Cosmos DB account and relays the token back to the client. At that point, the client can use the token to access Cosmos DB resources directly. https://mobilemonitoringsolutions.com/introduction-to-azure-cosmos-db-security/
upvoted 8 times
...
gfhbox0083
4 years, 7 months ago
The provided is correct.
upvoted 7 times
...
maj79
4 years, 7 months ago
no mention of 'mobile application' in question
upvoted 1 times
...
P0d
4 years, 7 months ago
I am not sure that CosmosDB generates token. As it's acting as backend db for webapp I guess it's also relays on token.
upvoted 2 times
...
kristiann21
4 years, 8 months ago
same question in exam
upvoted 7 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel