You need to secure the Azure Functions to meet the security requirements.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A . Store the RSA-HSM key in Azure Cosmos DB. Apery the built-in policies for customer-managed keys and allowed locations.
B . Create a free tier Azure App Configuration instance with a new Azure AD service principal.
C . Store the RSA-HSM key in Azure Key Vault with soft-delete and purge-protection features enabled.
D . Store the RSA-HSM key in Azure Blob storage with an Immutability policy applied to the container.
E . Create a standard tier Azure App Configuration instance with an assigned Azure AD managed identity.
Answer: CE
Explanation:
Scenario: All Azure Functions must centralize management and distribution of configuration data for different environments and geographies, encrypted by using a company-provided RSA-HSM key.
Microsoft Azure Key Vault is a cloud-hosted management service that allows users to encrypt keys and small secrets by using keys that are protected by hardware security modules (HSMs).
You need to create a managed identity for your application.
Reference: https://docs.microsoft.com/en-us/azure/app-service/app-service-key-vault-references
Latest AZ-204 Dumps Valid Version with 254 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund