ExpertMedium1 markMultiple Choice
AZ-305 · Question 18 · Domain 1.4: Application Identities
An application running on an Azure VM needs to retrieve secrets from Azure Key Vault. You want to avoid storing credentials in the application code. The identity should be tied to the lifecycle of the VM. What should you use?
An application running on an Azure VM needs to retrieve secrets from Azure Key Vault. You want to avoid storing credentials in the application code. The identity should be tied to the lifecycle of the VM. What should you use?
Answer options:
A.
System-assigned managed identity
B.
User-assigned managed identity
C.
Service Principal with a certificate
D.
Shared Access Signature (SAS)
How to approach this question
Identify the identity type tied to a single resource's lifecycle.
Full Answer
A.System-assigned managed identity✓ Correct
System-assigned managed identity
System-assigned managed identities are tied to the resource. User-assigned are standalone. Pillar: Security.
Common mistakes
Choosing User-assigned, which has an independent lifecycle.
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 7
55 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...HardQ02CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...MediumQ03CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...HardQ04CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...MediumQ05CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Hard