Exam AZ-303 topic 2 question 45 discussion

I think correct answers should be A and B the question is what should you do (not the application), moreover, it doesn't say that CA is not partnered with KeyVault. First you need to obtain the CA account credentials and then create a certificate issuer resource as one time setup for applications/users to generate external certificates.

Shouldn't be A and B?

Appeared in exam on 28-03-2022

In today's exam. Score 900+ Correct answer. AB

from app developer prospective, internal CA (corporate CA, non integrated CA), external CA =public CA. the request is 'application automatically create certificate', D, E is not (manually). C, your corporate security team will never give your the ROOT CA with private key /password allow you to sign a cert, if they give you the Root CA(that is the public key, you will not able to sign a cert). Therefore, A, B Creating a certificate with a CA partnered with Key Vault https://docs.microsoft.com/en-us/azure/key-vault/certificates/certificate-scenarios application polls, in a loop and wait process,

Create a certificate issuer resource and obtain CA account credentials

On exam today 19-2-2022.. Passed with 871.

on Exam today 21st Jan, 2022

I think A&B are correct

Maybe the keyword in the question is “external”. The examiner’s and/or MS viewpoint is a CA that is not “Partner” is considered as “external”. l read and scanned through MS Docs KeyVault scenarios to see if a non-partner (third-party) is classified as “external”.

On exam 23 Dec 2021, I chose A&B but not sure if it is correct or not.

Question appeared On AZ-303 exam on 08/12/2021 - 49 questions, 4Q - Fabrikan case study

The answer should B, A, D in this order. You do not create a private key for the certificate (the key vault does that for you and never displays it) and there is no need for a root CA certificate (that will come back from the CA when the certificate is issued) You can see this really good tutorial of an "application" (azure cli commands) going through all the stages to generate a certificate https://samcogan.com/create-azure-key-vault-certificates-using-3rd-party-certificate-authorities/

On exam today 22/11/21 Score 839

On exam today 19/11/21. I´m not sure what is the correct answer but I slect B and D. Score 860.

AB. I think the question is asking how to setup which AB is the first 2 step. It did not ask about how it will work after the setup is completed.

I think the given answer is correct. External CA would mean a non-partnered CA. which would mean that the answer aand explanation is correct.