Exam-Answer

Home / Microsoft / AZ-303 / Question 78

Prev Question
Next Question

Question 78

You have a solution that runs in an Azure Virtual Machine (VM).

The solution encrypts sensitive files and saves file metadata information in an Azure SQL database.

You need to use Azure Key Vault to securely store the database connection string for this solution.

Which Key Vault object should you use?

Answers



A B C D

Advertisement

Explanation

You should use a secret to store the database connection string. You can use secrets to securely store tokens, passwords, API keys, database connection strings, and other secrets. You can control access to these secrets by using access policies.

You should not use a certificate to store the database connection string. You can generate or import x509 certificates used to encrypt Transport Layer Security (TLS) network communication. Azure Key Vault can generate a self-signed or Certificate Authority (CA) certificate. It also handles renewals.

You should not use a key or an HSM-protected key to store the database connection string. You can use these to store or generate software-protected and HSM-protected cryptographic keys. You can use HSM-protected keys in the Azure Key Vault Premium tier.

References

Comments

Load more
Prev Question
Next Question