You have an Azure IoT hub that uses a Device Provision Service instance. You plan to deploy 100 IoT devices. You need to confirm the identity of the devices by using the Device Provision Service. Which three device attestation mechanisms can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. X.509 certificates B. Trusted Platform Module (TPM) 2.0 C. Trusted Platform Module (TPM) 1.2 D. Symmetric key E. Device Identity Composition Engine (DICE)  Suggested Answer: ABD The Device Provisioning Service supports the following forms of attestation: ✑ X.509 certificates based on the standard X.509 certificate authentication flow. ✑ Trusted Platform Module (TPM) based on a nonce challenge, using the TPM 2.0 standard for keys to present a signed Shared Access Signature (SAS) token. This does not require a physical TPM on the device, but the service expects to attest using the endorsement key per the TPM spec. ✑ Symmetric Key based on shared access signature (SAS) Security tokens, which include a hashed signature and an embedded expiration. Reference: https://docs.microsoft.com/en-us/azure/iot-dps/concepts-service#attestation-mechanism This question is in AZ-220 Microsoft Azure IoT Developer Exam For getting Microsoft Certified: Azure IoT Developer Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer
