nerdexam
Microsoft

AZ-220 · Question #46

AZ-220 Question #46: Real Exam Question with Answer & Explanation

The correct answer is C. the HMACSHA256 hash of the device's registration ID. Each device uses its derived device key with your unique registration ID to perform symmetric key attestation with the enrollment during provisioning. To generate the device key, use the key you copied from your DPS enrollment to compute an HMAC-SHA256 of the unique registration

Question

From the Device Provisioning Service, you create an enrollment as shown in the exhibit. (Click the Exhibit tab.) You need to deploy a new IoT device. What should you use as the device identity during attestation?

Options

  • Aa self-signed X.509 certificate
  • Bthe random string of alphanumeric characters
  • Cthe HMACSHA256 hash of the device's registration ID
  • Dthe endorsement key of the device's Trusted Platform Module (TPM)

Explanation

Each device uses its derived device key with your unique registration ID to perform symmetric key attestation with the enrollment during provisioning. To generate the device key, use the key you copied from your DPS enrollment to compute an HMAC-SHA256 of the unique registration ID for the device and convert the result into Base64 format. https://docs.microsoft.com/en-us/azure/iot-edge/how-to-auto-provision-symmetric-keys

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full AZ-220 Practice