ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-400 All Questions

View all questions & answers for the AZ-400 exam
Go to Exam

Exam AZ-400 topic 4 question 13 discussion

Actual exam question from Microsoft's AZ-400
Question #: 13
Topic #: 4
[All AZ-400 Questions]

You have an Azure Resource Manager template that deploys a multi-tier application.
You need to prevent the user who performs the deployment from viewing the account credentials and connection strings used by the application.
What should you use?

  • A. Azure Key Vault
  • B. a Web.config file
  • C. an Appsettings.json file
  • D. an Azure Storage table
  • E. an Azure Resource Manager parameter file
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by msalvatori at July 6, 2020, 9:25 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
msalvatori
Highly Voted 4 years, 11 months ago
Verified - Correct
upvoted 30 times
...
nikolayivanov
Most Recent 5 months, 1 week ago
Selected Answer: A
The correct answer is: A. Azure Key Vault Explanation: Azure Key Vault is designed to securely store and manage sensitive information such as secrets, keys, and certificates. By integrating Azure Key Vault with an Azure Resource Manager (ARM) template: Credentials and connection strings can be stored securely in Key Vault. The ARM template can reference the secrets stored in Key Vault without exposing them to the user performing the deployment. This approach adheres to security best practices by keeping sensitive data out of templates or parameter files.
upvoted 1 times
...
507101b
10 months, 3 weeks ago
Had this question in my exam today. Option E was not longer an option.
upvoted 1 times
...
WH16
1 year, 9 months ago
Selected Answer: A
On exam 2023-09-06, selected A. Azure Key Vault
upvoted 3 times
...
yana_b
1 year, 10 months ago
Selected Answer: A
Correct answer
upvoted 1 times
...
catfood
1 year, 11 months ago
Its A with E..... For a static secret, the secret is referenced in a parameter file.
upvoted 2 times
...
zellck
2 years ago
Selected Answer: A
A is the answer. https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/key-vault-parameter?tabs=azure-cli Instead of putting a secure value (like a password) directly in your template or parameter file, you can retrieve the value from an Azure Key Vault during a deployment. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID.
upvoted 4 times
...
surensaluka
2 years, 4 months ago
Selected Answer: A
This question came today (2023-02-14)
upvoted 4 times
...
syu31svc
2 years, 11 months ago
Selected Answer: A
A for answer The other options don't make sense at all
upvoted 2 times
...
Govcomm
2 years, 11 months ago
Azure Key Vault
upvoted 1 times
...
Mcelona
3 years ago
Selected Answer: A
Key Vault
upvoted 1 times
...
UnknowMan
3 years, 1 month ago
Correct
upvoted 1 times
...
rdemontis
3 years, 3 months ago
Selected Answer: A
correct answer
upvoted 1 times
...
frutos46
3 years, 7 months ago
Correctly correct
upvoted 3 times
...
droy89
3 years, 11 months ago
Correct, instead of hard coded creds, AZ key vault instance can be called
upvoted 4 times
...
RKS
4 years, 4 months ago
Verified - Correct!
upvoted 3 times
...
samgoomer
4 years, 5 months ago
Is this verified more recently?
upvoted 3 times
d0bermannn
3 years, 9 months ago
absolutely, if have any disbelief in that , take az104 or az900(not 100% sure about az900)
upvoted 2 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel