ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-204 All Questions

View all questions & answers for the AZ-204 exam
Go to Exam

Exam AZ-204 topic 13 question 3 discussion

Actual exam question from Microsoft's AZ-204
Question #: 3
Topic #: 13
[All AZ-204 Questions]

HOTSPOT -
You need to configure API Management for authentication.
Which policy values should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
by ZiadAZ at March 11, 2021, 8:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ZiadAZ
Highly Voted 3 years, 3 months ago
The second box should be Inbound instead of Outbound. https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies Quoting: This policy can be used in the following policy sections and scopes. Policy sections: inbound Policy scopes: all scopes
upvoted 118 times
surprise0011
1 year, 2 months ago
received 2023-04-17 went with above answer, score 926
upvoted 7 times
...
warchoon
1 year, 2 months ago
https://learn.microsoft.com/en-us/azure/api-management/validate-jwt-policy#:~:text=Policy%20sections%3A%20inbound
upvoted 2 times
...
sam365
3 years, 3 months ago
you are correct. it should be INBOUND for Validate JWT https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies#ValidateJWT
upvoted 12 times
...
Dani_ac7
1 year, 11 months ago
Correct, you can't pass request to controllers if certificate doesn't exists...
upvoted 1 times
...
...
mlantonis
Highly Voted 3 years ago
Box 1: Validate JWT The validate-jwt policy enforces existence and validity of a JWT extracted from either a specified HTTP Header or a specified query parameter. Box 2: Inbound Authentication should be done on Incoming Request and that should be done in Inbound section of the policy of course. This policy can be used in the following policy sections and scopes. Policy sections: inbound Policy scopes: all scopes Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies#ValidateJWT https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies
upvoted 30 times
...
Ciupaz
Most Recent 8 months ago
JWT=Json Web Token (for who does not know).
upvoted 3 times
...
OlivierPaudex
1 year, 10 months ago
Agreed with inbound. Only inbound direction can be choose when using a JWT token.
upvoted 3 times
...
Eltooth
1 year, 11 months ago
JWT Inbound
upvoted 2 times
...
SivajiTheBoss
2 years, 3 months ago
Correct answer: 1. JWT 2. Inbound
upvoted 5 times
...
leonidn
2 years, 4 months ago
Validate JWT Inbound
upvoted 5 times
...
fr369
2 years, 5 months ago
Scenario, section 'Authentication': 5. The web application calls an API and includes the access token in the authentication header. The application ID is sent as the audience (`˜aud') claim in the access token. 6. The back-end API validates the access token. So, shouldn't the first box be "Check HTTP header"?
upvoted 4 times
lugospod
2 years, 5 months ago
Yeap, it could be done that way also... there is a small performance hit when using JWT validation. There is no need to have the validation on both places except in the case one has a "great" number of invalid JWT tokens and you want to remove the burden from the backend server. So I think that deciding between checking the existence of the header vs validation JWT in this exams boils down to "lucky guess".
upvoted 2 times
...
...
MrXBasit
2 years, 10 months ago
Policy Section should be Inbound
upvoted 3 times
MrXBasit
2 years, 10 months ago
Use the Validate JWT policy to pre-authorize requests in API Management, by validating the access tokens of each incoming request. If a request does not have a valid token, API Management blocks it. Validate JWT policy is part of <inbound> policy section of the the API. It checks the audience claim in an access token, and returns an error message if the token is not valid. https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies#ValidateJWT
upvoted 4 times
...
...
anandhprakash
3 years, 1 month ago
The correct answer is: Validate JWT Inbound
upvoted 3 times
...
pavan555manjunath
3 years, 1 month ago
wht is the correct answer restrict caller ip & inbound
upvoted 1 times
...
faizalzain
3 years, 1 month ago
the answer should be restrict caller ip & inbound
upvoted 1 times
SnakePlissken
3 years, 1 month ago
IP restriction is only asked for file access, not API calls.
upvoted 2 times
...
...
kwaazaar
3 years, 2 months ago
Shouldn't it also restrict by up? Or was that not intended, since the question is about authentication instead of authorization?
upvoted 2 times
gmishra88
1 year, 8 months ago
A very good point, but I hope Microsoft guys do not understand the difference between Authentication and Authorization and go with the most-voted answer. Majority wins (does it?). All of these questions are substandard
upvoted 1 times
...
...
SubhoG
3 years, 2 months ago
It should be Inbound. Authentication should be done on Incoming Request and that should be done in Inbound section of the policy ofcourse.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel