ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam DP-300 All Questions

View all questions & answers for the DP-300 exam
Go to Exam

Exam DP-300 topic 2 question 32 discussion

Actual exam question from Microsoft's DP-300
Question #: 32
Topic #: 2
[All DP-300 Questions]

HOTSPOT
-

You have an Azure subscription that contains a logical SQL server. The server hosts two databases named db1 and db2 and an Azure AD service principal named app1.

You need to ensure that app1 can access db1. The solution must use the principle of least privilege.

How should you complete the Transact-SQL statement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by BrenFa101 at Feb. 3, 2023, 4:08 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BrenFa101
Highly Voted 1 year, 10 months ago
Actually, rereading the question it says that the logical SQL server hosts the user app1, this means tha app1 has a login on the server. This in turn means that the best way to give app1 permissions to db1 is to create user app1 from login app1
upvoted 15 times
voodoo_sh
5 months, 3 weeks ago
CREATE USER FOR LOGIN and CREATE USER FROM LOGIN are both correct syntax, but in the answer you would need to pick just one. So I would go with FROM EXTERNAL PROVIDER, since question asks about principle of least privilege.
upvoted 1 times
...
...
Cococo
Highly Voted 1 year, 7 months ago
"Create the service principal user in Azure SQL Database - Create the user AppSP in the SQL Database using the following T-SQL command: CREATE USER [AppSP] FROM EXTERNAL PROVIDER GO " Logical server is a default container for Azure SQL Database. https://learn.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-service-principal-tutorial?view=azuresql
upvoted 8 times
...
Dalamain
Most Recent 8 months, 1 week ago
As BrenFa101 pointed out... the server login already exists so we just need to create the database user linked to the server login... thus CREATE USER [app1] FROM LOGIN app1 https://learn.microsoft.com/en-us/azure/azure-sql/database/authentication-azure-ad-logins?view=azuresql#create-user-from-login
upvoted 2 times
...
BrenFa101
1 year, 10 months ago
Answer correct.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel