Which of the following is NOT a valid use case for Azure Managed Identities?

B. Authenticating users in a web app

C. Accessing Azure SQL Database

Which of the following is required to use a system-assigned managed identity?

B. Enable the identity on the Azure resource

A. Register the app in Microsoft Entra ID

C. Create a service principal manually

D. Store credentials in Azure Key Vault

Which of the following is a benefit of using Azure Key Vault?

C. It allows secure storage of secrets, keys, and certificates

A. It provides real-time analytics

B. It provides automatic scaling of web apps

Which of the following is the correct way to grant an Azure Function access to Azure Key Vault using a system-assigned managed identity?

A. Add the identity to the Key Vault access policy

B. Store the Key Vault credentials in app settings

D. Add the identity to the Azure AD group

What is the primary benefit of using application permissions in Microsoft Graph?

B. They allow background services to access data without a signed-in user

C. They are limited to read-only access

D. They are used only for mobile apps

Which of the following is required to access Azure Key Vault from an Azure App Service using a managed identity?

C. Grant the identity access to the Key Vault

B. Assign the identity to a resource group

D. Use a connection string in app settings

Which Microsoft Identity platform flow is best suited for single-page applications (SPAs)?

B. Authorization code flow with PKCE

C. Resource owner password credentials flow

What is the purpose of the DefaultAzureCredential class in the Azure SDK?

C. To simplify authentication by chaining multiple credential types

A. To create new Azure resources

B. To manage Azure subscriptions

Which of the following is a valid reason to use a user-assigned managed identity over a system-assigned one?

B. It can be shared across multiple resources

A. It is automatically deleted with the resource

C. It requires fewer permissions

Which of the following is true about Azure Key Vault access policies and RBAC?

C. You can use either access policies or RBAC, but not both simultaneously

A. You must use both at the same time

B. RBAC is required for all secrets

D. Access policies are only for certificates

You are developing an Azure-hosted application that needs to access Azure Storage securely without managing credentials. Which approach should you use?

C. Use a managed identity and assign it the appropriate role

A. Use a connection string stored in app settings

B. Use a Shared Access Signature (SAS) with no expiration

D. Use a hardcoded storage account key in the application code

What is the purpose of correlation IDs in Application Insights?

B. To track the same request across multiple services

A. To identify the user’s IP address

Which of the following is required to enable Application Insights in an Azure Function app?

B. A connection string or instrumentation key

A. A dedicated App Service Plan

Which of the following can trigger an alert in Application Insights?

B. A drop in server response time

What is the primary benefit of using distributed tracing in Application Insights?

C. Correlates telemetry across services

AZ204(Implement Security + Monitor and troubleshoot AZsolutions)

Authored by Beni Talwanga

Professional Development

Used 1+ times

AZ204(Implement Security + Monitor and troubleshoot AZsolutions)

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

65 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are developing a web application hosted on Azure App Service. It must scale out automatically based on CPU usage.
Solution: Configure autoscale settings in Azure App Service.
Does the solution meet the goal?

Yes

Answer explanation

Azure App Service supports autoscaling based on metrics like CPU usage. This is the correct approach.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is the correct way to securely store and retrieve secrets in an Azure Function app?

A. Store secrets in application settings

B. Use Azure Key Vault with Managed Identity

C. Store secrets in a local JSON file

D. Use environment variables

Answer explanation

Azure Key Vault combined with Managed Identity is the most secure and recommended way to store and access secrets.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are building a backend service that needs to access Azure Blob Storage. You decide to use a connection string stored in code.
Solution: Store the connection string in the source code and deploy it with the application.
Does the solution meet the goal?

Yes

Answer explanation

Storing secrets in code is insecure. Use Azure Key Vault or App Configuration instead.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which Azure service allows you to manage feature flags and app settings centrally?

A. Azure Monitor

B. Azure App Configuration

C. Azure Key Vault

D. Azure Policy

Answer explanation

Azure App Configuration is designed for managing app settings and feature flags.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are developing an Azure Function that needs to access a secret stored in Azure Key Vault. You configure a system-assigned managed identity for the function and grant it access to the Key Vault.
Solution: Use the Azure SDK to authenticate with the managed identity and retrieve the secret.
Does the solution meet the goal?

Yes

Answer explanation

This is the correct and secure way to access secrets from Azure Key Vault using managed identity.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the purpose of a Shared Access Signature (SAS) in Azure Storage?

A. To encrypt data at rest

B. To provide time-limited access to storage resources

C. To monitor storage usage

D. To manage storage account keys

Answer explanation

SAS tokens allow fine-grained, time-limited access to storage resources without exposing account keys.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are developing a web app that needs to access Azure Blob Storage. You decide to use a user-assigned managed identity and assign it to the app. However, you forget to grant the identity access to the storage account.
Solution: The app will still be able to access the storage account using the managed identity.
Does the solution meet the goal?

Yes

Answer explanation

The managed identity must be granted the appropriate role (e.g., Storage Blob Data Reader) to access the storage account.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

67 questions

SOAL REFRESH MOTOR GRADER 825A-2

Quiz

•

Professional Development

67 questions

FFH Final Quiz

Quiz

•

Professional Development

60 questions

Nokia-Subcontractor 21

Quiz

•

Professional Development

70 questions

eHub PTE online quiz

Quiz

•

12th Grade - Professi...

64 questions

Matrikulasi SPPS MUI

Quiz

•

Professional Development

69 questions

Pribadi Analisis Sistem Informasi

Quiz

•

Professional Development

67 questions

Wordpress Pre-Class Assessment

Quiz

•

Professional Development

65 questions

Lange Ch 25 Cardiac

Quiz

•

Professional Development

Popular Resources on Wayground

10 questions

Fire Safety Quiz

Quiz

•

12th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

36 questions

6th Grade Math STAAR Review

Quiz

•

6th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade

Discover more resources for Professional Development

17 questions

Filling out Forms

Quiz

•

Professional Development

AZ204(Implement Security + Monitor and troubleshoot AZsolutions)

You are developing a web application hosted on Azure App Service. It must scale out automatically based on CPU usage.
Solution: Configure autoscale settings in Azure App Service.
Does the solution meet the goal?

Azure App Service supports autoscaling based on metrics like CPU usage. This is the correct approach.

Which of the following is the correct way to securely store and retrieve secrets in an Azure Function app?

Azure Key Vault combined with Managed Identity is the most secure and recommended way to store and access secrets.

You are building a backend service that needs to access Azure Blob Storage. You decide to use a connection string stored in code.
Solution: Store the connection string in the source code and deploy it with the application.
Does the solution meet the goal?

Storing secrets in code is insecure. Use Azure Key Vault or App Configuration instead.

Which Azure service allows you to manage feature flags and app settings centrally?

Azure App Configuration is designed for managing app settings and feature flags.

This is the correct and secure way to access secrets from Azure Key Vault using managed identity.

What is the purpose of a Shared Access Signature (SAS) in Azure Storage?

SAS tokens allow fine-grained, time-limited access to storage resources without exposing account keys.

The managed identity must be granted the appropriate role (e.g., Storage Blob Data Reader) to access the storage account.

Which Microsoft service allows you to programmatically access user data in Microsoft 365, such as emails and calendars?

Microsoft Graph is the unified API endpoint for accessing Microsoft 365 services.

You are developing a service that needs to authenticate users using Microsoft Entra ID. You register the app in Entra ID and configure OAuth 2.0 authentication.
Solution: Use the Microsoft Authentication Library (MSAL) to acquire tokens.
Does the solution meet the goal?

Microsoft Authentication Library (MSAL) is the recommended library for acquiring tokens from Microsoft Entra ID.

Which of the following is NOT a valid use case for Azure Managed Identities?

Managed identities are for app-to-Azure-resource authentication, not for user authentication.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Professional Development

AZ204(Implement Security + Monitor and troubleshoot AZsolutions)

You are developing a web application hosted on Azure App Service. It must scale out automatically based on CPU usage.Solution: Configure autoscale settings in Azure App Service.Does the solution meet the goal?

Azure App Service supports autoscaling based on metrics like CPU usage. This is the correct approach.

Which of the following is the correct way to securely store and retrieve secrets in an Azure Function app?

Azure Key Vault combined with Managed Identity is the most secure and recommended way to store and access secrets.

You are building a backend service that needs to access Azure Blob Storage. You decide to use a connection string stored in code.Solution: Store the connection string in the source code and deploy it with the application.Does the solution meet the goal?

Storing secrets in code is insecure. Use Azure Key Vault or App Configuration instead.

Which Azure service allows you to manage feature flags and app settings centrally?

Azure App Configuration is designed for managing app settings and feature flags.

This is the correct and secure way to access secrets from Azure Key Vault using managed identity.

What is the purpose of a Shared Access Signature (SAS) in Azure Storage?

SAS tokens allow fine-grained, time-limited access to storage resources without exposing account keys.

The managed identity must be granted the appropriate role (e.g., Storage Blob Data Reader) to access the storage account.

Which Microsoft service allows you to programmatically access user data in Microsoft 365, such as emails and calendars?

Microsoft Graph is the unified API endpoint for accessing Microsoft 365 services.

You are developing a service that needs to authenticate users using Microsoft Entra ID. You register the app in Entra ID and configure OAuth 2.0 authentication.Solution: Use the Microsoft Authentication Library (MSAL) to acquire tokens.Does the solution meet the goal?

Microsoft Authentication Library (MSAL) is the recommended library for acquiring tokens from Microsoft Entra ID.

Which of the following is NOT a valid use case for Azure Managed Identities?

Managed identities are for app-to-Azure-resource authentication, not for user authentication.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Professional Development

You are developing a web application hosted on Azure App Service. It must scale out automatically based on CPU usage.
Solution: Configure autoscale settings in Azure App Service.
Does the solution meet the goal?

You are building a backend service that needs to access Azure Blob Storage. You decide to use a connection string stored in code.
Solution: Store the connection string in the source code and deploy it with the application.
Does the solution meet the goal?

You are developing a service that needs to authenticate users using Microsoft Entra ID. You register the app in Entra ID and configure OAuth 2.0 authentication.
Solution: Use the Microsoft Authentication Library (MSAL) to acquire tokens.
Does the solution meet the goal?