AZ-204 · Question #195
AZ-204 Question #195: Real Exam Question with Answer & Explanation
Sign in or unlock AZ-204 to reveal the answer and full explanation for question #195. The question stem and answer options stay visible for context.
Question
You have an application that includes an Azure Web app and several Azure Function apps. Application secrets including connection strings and certificates are stored in Azure Key Vault. Secrets must not be stored in the application or application runtime environment. Changes to Azure Active Directory (Azure AD) must be minimized. You need to design the approach to loading application secrets. What should you do?
Options
- ACreate a single user-assigned Managed Identity with permission to access Key Vault and
- BCreate a single Azure AD Service Principal with permission to access Key Vault and use a client
- CCreate a system assigned Managed Identity in each App Service with permission to access Key
- DCreate an Azure AD Service Principal with Permissions to access Key Vault for each App Service
Unlock AZ-204 to see the answer
You've previewed enough free AZ-204 questions. Unlock AZ-204 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.