nerdexam
Microsoft

AZ-400 · Question #113

SIMULATION You need to ensure that an Azure web app named az400-9940427-main can retrieve secrets from an Azure key vault named az400-9940427-kv1 by using a system managed identity. The solution must

Enabling a system-assigned managed identity for the web app allows it to authenticate to Azure Key Vault securely to retrieve secrets using least privilege principles.

Submitted by akirajp· Mar 6, 2026Develop a security and compliance plan

Question

SIMULATION You need to ensure that an Azure web app named az400-9940427-main can retrieve secrets from an Azure key vault named az400-9940427-kv1 by using a system managed identity. The solution must use the principle of least privilege. To complete this task, sign in to the Microsoft Azure portal. Answer: 1. In Azure portal navigate to the az400-9940427-main app. 2. Scroll down to the Settings group in the left navigation. 3. Select Managed identity. 4. Within the System assigned tab, switch Status to On. Click Save. References: https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity

Exhibit

AZ-400 question #113 exhibit

Explanation

Enabling a system-assigned managed identity for the web app allows it to authenticate to Azure Key Vault securely to retrieve secrets using least privilege principles.

Concept tested. Azure Managed Identities for App Service and Key Vault

Reference. https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice