nerdexam
ExamsAI-102Questions#194
MicrosoftMicrosoft

AI-102 · Question #194

AI-102 Question #194: Real Exam Question with Answer & Explanation

The correct approach assigns the minimum necessary role (such as 'API Management Service Contributor' or a custom role scoped to subscription key regeneration) to [email protected] on the specific API Management instance AAA12345678, adhering to the principle of least privilege. This

Submitted by amina.ke· Mar 30, 2026Manage identities and governance in Azure - specifically implementing role-based access control (RBAC) to enforce least-privilege access on Azure API Management resources

Question

SIMULATION Use the following login credentials as needed: - To enter your username, place your cursor in the Sign in box and click on the username below. - To enter your password, place your cursor in the Enter password box and click on the password below. Azure Username: [email protected] Azure Password: XXXXXXXXXXXX The following information is for technical support purposes only: - Lab Instance: 12345678 Task You need to ensure that a user named [email protected] can regenerate the subscription keys of AAA12345678. The solution must use the principle of least privilege. To complete this task, sign in to the Azure portal. Answer: Manually rotate subscription keys 1. (Update your application code to reference the secondary key for the Azure account and deploy.) 2. In the Azure portal, navigate to your Azure account. 3. Under Settings, select Authentication. 4. To regenerate the primary key for your Azure account, select the Regenerate button next to the primary key. 5. (Update your application code to reference the new primary key and deploy.) 6. Regenerate the secondary key in the same manner. Reference: https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/azure-maps/how-to-manage-auth entication.md

Options

  • taskEnsure that a user named [email protected] can regenerate the subscription keys of AAA12345678 in the Azure portal, using the principle of least privilege.
  • prerequisitesAzure portal access with username [email protected] and password XXXXXXXXXXXX

Explanation

The correct approach assigns the minimum necessary role (such as 'API Management Service Contributor' or a custom role scoped to subscription key regeneration) to [email protected] on the specific API Management instance AAA12345678, adhering to the principle of least privilege. This ensures the user has only the permissions needed to regenerate subscription keys without granting broader administrative rights. Navigating to the Azure portal, locating the API Management resource, and configuring Role-Based Access Control (RBAC) with the narrowest applicable role accomplishes the task securely.

Topics

#Azure RBAC#API Management#Principle of Least Privilege#Subscription Key Management

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full AI-102 PracticeBrowse All AI-102 Questions