CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-204

Free AZ-204 Exam Braindumps (page: 28)

Page 28 of 79
PDF with 400 Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a medical records document management website. The website is used to store scanned copies of patient intake forms.

If the stored intake forms are downloaded from storage by a third party, the contents of the forms must not be compromised.
You need to store the intake forms according to the requirements.

Solution:
1. Create an Azure Cosmos DB database with Storage Service Encryption enabled.
2. Store the intake forms in the Azure Cosmos DB database.

Does the solution meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead use an Azure Key vault and public key encryption. Store the encrypted from in Azure Storage Blob storage.



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a medical records document management website. The website is used to store scanned copies of patient intake forms.

If the stored intake forms are downloaded from storage by a third party, the contents of the forms must not be compromised.

You need to store the intake forms according to the requirements.
Solution: Store the intake forms as Azure Key Vault secrets.
Does the solution meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead use an Azure Key vault and public key encryption. Store the encrypted from in Azure Storage Blob storage.



HOTSPOT (Drag & Drop is not supported)
You plan to deploy a new application to a Linux virtual machine (VM) that is hosted in Azure.

The entire VM must be secured at rest by using industry-standard encryption technology to address organizational security and compliance requirements.

You need to configure Azure Disk Encryption for the VM.

How should you complete the Azure CLI commands? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: keyvault
Create an Azure Key Vault with az keyvault create and enable the Key Vault for use with disk encryption. Specify a unique Key Vault name for keyvault_name as follows:

keyvault_name=myvaultname$RANDOM
az keyvault create \
--name $keyvault_name \
--resource-group $resourcegroup \
--location eastus \
--enabled-for-disk-encryption True

Box 2: keyvault key
The Azure platform needs to be granted access to request the cryptographic keys when the VM boots to decrypt the virtual disks. Create a cryptographic key in your Key Vault with az keyvault key create. The following example creates a key named myKey:

az keyvault key create \
--vault-name $keyvault_name \
--name myKey \
--protection software

Box 3: vm
Create a VM with az vm create. Only certain marketplace images support disk encryption. The following example creates a VM named myVM using an Ubuntu 16.04 LTS image:

az vm create \
--resource-group $resourcegroup \
--name myVM \
--image Canonical:UbuntuServer:16.04-LTS:latest \
--admin-username azureuser \
--generate-ssh-keys \

Box 4: vm encryption
Encrypt your VM with az vm encryption enable:

az vm encryption enable \
--resource-group $resourcegroup \
--name myVM \
--disk-encryption-keyvault $keyvault_name \
--key-encryption-key myKey \
--volume-type all

Note: seems to an error in the question. Should have enable instead of create.

Box 5: all
Encrypt both data and operating system.


Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/linux/disk-encryption-cli-quickstart



Your company is developing an Azure API hosted in Azure.

You need to implement authentication for the Azure API to access other Azure resources. You have the following requirements:

-All API calls must be authenticated.
-Callers to the API must not send credentials to the API.

Which authentication mechanism should you use?

  1. Basic
  2. Anonymous
  3. Managed identity
  4. Client certificate

Answer(s): C

Explanation:

Azure Active Directory Managed Service Identity (MSI) gives your code an automatically managed identity for authenticating to Azure services, so that you can keep credentials out of your code.

Note: Use the authentication-managed-identity policy to authenticate with a backend service using the managed identity. This policy essentially uses the managed identity to obtain an access token from Azure Active Directory for accessing the specified resource. After successfully obtaining the token, the policy will set the value of the token in the Authorization header using the Bearer scheme.

Incorrect Answers:
A: Use the authentication-basic policy to authenticate with a backend service using Basic authentication. This policy effectively sets the HTTP Authorization header to the value corresponding to the credentials provided in the policy.
B: Anonymous is no authentication at all.
D: Your code needs credentials to authenticate to cloud services, but you want to limit the visibility of those credentials as much as possible. Ideally, they never appear on a developer’s workstation or get checked-in to source control. Azure Key Vault can store credentials securely so they aren’t in your code, but to retrieve them you need to authenticate to Azure Key Vault. To authenticate to Key Vault, you need a credential! A classic bootstrap problem.


Reference:

https://azure.microsoft.com/en-us/blog/keep-credentials-out-of-code-introducing-azure-ad-managed-service-identity/
https://docs.microsoft.com/en-us/azure/api-management/api-management-authentication-policies



Page 28 of 79



Post your Comments and Discuss Microsoft AZ-204 exam with other Community members:

Vinod commented on December 28, 2024
very good questions
INDIA
upvote

n commented on December 25, 2024
Question are
Anonymous
upvote

Ni commented on December 25, 2024
useful questions
Anonymous
upvote

Robin commented on December 24, 2024
nice course
Anonymous
upvote

blaze commented on December 12, 2024
is the PDF worth it? Are these questions the same on the exam?
Anonymous
upvote

Gobenathan commented on October 16, 2024
This is a good exam done but the free version is not complete the PDF version has all the question. that is what I used to pass my exam.
INDIA
upvote

Girish commented on October 16, 2024
Question are nice
Anonymous
upvote

doctor kekana commented on September 18, 2024
hope to pass
Anonymous
upvote

Nuru commented on September 13, 2024
The document is help full .thanks
Anonymous
upvote

Skamza commented on September 05, 2024
challenging
Anonymous
upvote

Sugballs commented on August 06, 2024
The questions are still valid in this exam dumps. Got a 899 mark.
UNITED STATES
upvote

TigerLord commented on July 21, 2024
Great questions
Anonymous
upvote

Raj commented on July 14, 2024
Question are nice
Anonymous
upvote

Vesna commented on June 23, 2024
Nice questions
MACEDONIA THE FORMER YUGOSLAV REPUBLIC OF
upvote

Dr. Nug commented on June 23, 2024
Got 91% in my exam. This site ROCKS. I wish all questions were free... but still worth the $32 for the PDF full version.
UNITED KINGDOM
upvote

falmant commented on June 17, 2024
awesome content
Anonymous
upvote

YNR commented on June 10, 2024
Excellent material for Exam AZ-204
UNITED STATES
upvote

anunymous commented on April 11, 2024
useful .thanks
INDIA
upvote

Shashank commented on February 22, 2024
I passed exams using this dump
UNITED STATES
upvote

Abhishek Narayan commented on January 28, 2024
I am planning to give AZ 204 and need some questions to prepare
Anonymous
upvote

s_123 commented on August 12, 2023
do we need c# coding to be az204 certified
Anonymous
upvote

sachin commented on June 27, 2023
can you share the pdf
Anonymous
upvote

johnson commented on October 24, 2023
i studied for the microsoft azure az-204 exam through it has 100% real questions available for practice along with various mock tests. i scored 900/1000.
GERMANY
upvote

bot commented on July 26, 2023
more comments here
UNITED STATES
upvote

User123 commented on October 08, 2023
good question
UNITED STATES
upvote

VINNY commented on June 02, 2023
very good use full
Anonymous
upvote

Jose commented on August 30, 2023
nice questions
PORTUGAL
upvote

keylly commented on November 28, 2023
im study azure
Anonymous
upvote

Raj commented on May 25, 2023
nice questions
UNITED STATES
upvote

Meghali commented on January 17, 2024
Useful questions listed here, thanks
UNITED STATES
upvote

King J commented on January 09, 2024
These resources proved to be good
UNITED ARAB EMIRATES
upvote

Carlos commented on January 04, 2024
Good questions
Anonymous
upvote

keylly commented on November 28, 2023
i'm study azure
Anonymous
upvote

johnson commented on October 24, 2023
I studied for the Microsoft Azure AZ-204 exam through it has 100% real questions available for practice along with various mock tests. I scored 900/1000.
GERMANY
upvote