ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-486 All Questions

View all questions & answers for the 70-486 exam
Go to Exam

Exam 70-486 topic 1 question 172 discussion

Actual exam question from Microsoft's 70-486
Question #: 172
Topic #: 1
[All 70-486 Questions]

You are developing an ASP.NET Core web application. The web application requires sensitive configuration data.
The web application will be tested in an Acceptance Test environment. The Acceptance Test environment must be identical to the production environment.
You need to protect the configuration data.
What should you use?

  • A. Secret Manager tool
  • B. Configuration API
  • C. Microsoft Azure Key Vault configuration provider
  • D. environment variables
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
References:
https://docs.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-2.2&tabs=windows
by Aghie at Sept. 1, 2019, 5:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Aghie
Highly Voted 5 years, 8 months ago
Never store passwords or other sensitive data in source code. Production secrets shouldn't be used for development or test. You can store and protect Azure test and production secrets with the Azure Key Vault configuration provider
upvoted 16 times
founderDev
5 years, 3 months ago
i agree
upvoted 1 times
...
...
MaverickCalibre
Highly Voted 5 years, 6 months ago
Answer should be C. https://docs.microsoft.com/en-us/aspnet/core/security/key-vault-configuration?view=aspnetcore-2.2
upvoted 10 times
fbelhocine
4 years, 3 months ago
The question doesn't mention that the app is deployed to azure for test or prod
upvoted 1 times
...
...
Leodolz
Most Recent 4 years, 4 months ago
I think D is still a valid answer because it says that the environment should be really similar to the production one, and it is suggested to use environment variables for production
upvoted 1 times
...
kar12
4 years, 7 months ago
I have checked the given reference.. its clearly written : Secrets shouldn't be deployed with the app. Instead, secrets should be made available in the production environment through a controlled means like environment variables, Azure Key Vault, etc. You can store and protect Azure test and production secrets with the Azure Key Vault configuration provider. That means, for test and Production one must use Azure key Vault. Question is about test environment.
upvoted 1 times
...
Caloy
4 years, 11 months ago
The Answer should be C
upvoted 3 times
...
CRUSZ
5 years, 2 months ago
Why isn't it D? "Instead, secrets should be made available in the production environment through a controlled means like environment variables, Azure Key Vault, etc. You can store and protect Azure test and production secrets with the Azure Key Vault configuration provider." https://docs.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-2.2&tabs=windows If the question mentioned Azure at all I might go for C but it doesn't. According to the above website D would be the answer.
upvoted 6 times
tanujgyan
4 years, 12 months ago
Thats correct
upvoted 1 times
mr_
4 years, 11 months ago
It is not. Both env vars & Azure Key Vault may be used on production environment for storing secrets but Azure Key Vault is much more secure. Taking that into consideration that is 'the best' answer I would say because (from the same site you provided): 'Warning Environment variables are generally stored in plain, unencrypted text. If the machine or process is compromised, environment variables can be accessed by untrusted parties. Additional measures to prevent disclosure of user secrets may be required.' The fact that Azure is not mentioned in the question does not mean that it cannot be used in any way, especially when there is such answer available. I would definitely go for C - Azure Key Vault.
upvoted 3 times
...
...
...
Dhaval
5 years, 3 months ago
C is correct
upvoted 2 times
...
this_is_sparta
5 years, 3 months ago
Answere C is correct.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago