You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1. You need to recommend a solution to meet the following requirements for the virtual machines that will run App1: ✑ Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to an Azure key vault, Azure Logic Apps instances, and an Azure SQL database. ✑ Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines. ✑ Avoid storing secrets and certificates on the virtual machines. ✑ Minimize administrative effort for managing identities. Which type of identity should you include in the recommendation? A. a service principal that is configured to use a certificate B. a system-assigned managed identity C. a service principal that is configured to use a client secret D. a user-assigned managed identity Suggested Answer: D Managed identities for Azure resources is a feature of Azure Active Directory. User-assigned managed identity can be shared. The same user-assigned managed identity can be associated with more than one Azure resource. Incorrect Answers: B: System-assigned managed identity cannot be shared. It can only be associated with a single Azure resource. Reference: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview This question is in AZ-304 Microsoft Azure Architect Design Exam For getting Microsoft Certified: Azure Solutions Architect Expert Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer