ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam DP-420 All Questions

View all questions & answers for the DP-420 exam
Go to Exam

Exam DP-420 topic 5 question 7 discussion

Actual exam question from Microsoft's DP-420
Question #: 7
Topic #: 5
[All DP-420 Questions]

You plan to create an Azure Cosmos DB Core (SQL) API account that will use customer-managed keys stored in Azure Key Vault.
You need to configure an access policy in Key Vault to allow Azure Cosmos DB access to the keys.
Which three permissions should you enable in the access policy? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Wrap Key
  • B. Get
  • C. List
  • D. Update
  • E. Sign
  • F. Verify
  • G. Unwrap Key
Show Suggested Answer Hide Answer
Suggested Answer: ABG 🗳️
To Configure customer-managed keys for your Azure Cosmos account with Azure Key Vault:
Add an access policy to your Azure Key Vault instance:
1. From the Azure portal, go to the Azure Key Vault instance that you plan to use to host your encryption keys. Select Access Policies from the left menu:

2. Select + Add Access Policy.
3. Under the Key permissions drop-down menu, select Get, Unwrap Key, and Wrap Key permissions:

Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/how-to-setup-cmk
by Juba1711 at Nov. 30, 2022, 12:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Juba1711
Highly Voted 1 year, 6 months ago
Correct answer https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview
upvoted 6 times
...
azuredemo2022three
Highly Voted 11 months, 3 weeks ago
A. Wrap Key B. Get G. Unwrap Key
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel