Question: 1
You need to meet the security requirements for the E-Commerce Web App. Which two steps should you take? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Create an Azure AD service principal.
B. Enable Managed Service Identity (MSI) on the E-Commerce Web App.
C. Add a policy to the Azure Key Vault to grant access to the E-Commerce Wet) App.
D. Update the E-Commerce Web App with the service principal’s client secret.
Answer: BC
Explanation:
Scenario: E-commerce application sign-ins must be secured by using Azure App Service
authentication and Azure Active Directory (AAD).
A managed identity from Azure Active Directory allows your app to easily access other AADprotected
resources such as Azure Key Vault. T
References:
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity
Question: 2
You need to troubleshoot the order workflow.
What should you do? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Review the run history.
B. Review the trigger history.
C. Review the API connections.
D. Review the activity log.
Answer: BD
Explanation:
Scenario: The order workflow fails to run upon initial deployment to Azure.
Deployment errors arise from conditions that occur during the deployment process. They appear in
the activity log.
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit
Question: 3
You need to access user claims in the e-commerce web app* What should you do first?
A. Update the e-commerce web app to read the HTTP request header values.
B. Assign the Contributor RBAC role to the e-commerce web app by using the Resource Manager create role assignment API.
C. Write custom code to make a Microsoft Graph API call from the e-commerce web app.
D. Using the Azure CU enable Cross-origin resource sharing (CORS) from the e-commerce checkout API to the e-commerce web app
Answer: C
Explanation:
If you want more information about the user, you'll need to use the Azure AD Graph API.
References: https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/claims
Question: 4
You need to meet the LabelMaker security requirement.
What should you do?
A. Create a conditional access policy and assign it to the Azure Kubernetes Service cluster
B. Place the Azure Active Directory account into an Azure AD group. Create a ClusterRoleBinding and assign it to the group.
C. Create a Microsoft Azure Active Directory service principal and assign it to the Azure Kubernetes Service (AKS) duster.
D. Create a RoleBinding and assign it to the Azure AD account.
Answer: B
Explanation:
Scenario: The LabelMaker applications must be secured by using an AAD account that has full access
to all namespaces of the Azure Kubernetes Service (AKS) cluster.
Permissions can be granted within a namespace with a RoleBinding, or cluster-wide with a
ClusterRoleBinding.
References:
https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Related Links: https://www.dumps4download.com/az-203-dumps.html
You need to meet the security requirements for the E-Commerce Web App. Which two steps should you take? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Create an Azure AD service principal.
B. Enable Managed Service Identity (MSI) on the E-Commerce Web App.
C. Add a policy to the Azure Key Vault to grant access to the E-Commerce Wet) App.
D. Update the E-Commerce Web App with the service principal’s client secret.
Answer: BC
Explanation:
Scenario: E-commerce application sign-ins must be secured by using Azure App Service
authentication and Azure Active Directory (AAD).
A managed identity from Azure Active Directory allows your app to easily access other AADprotected
resources such as Azure Key Vault. T
References:
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity
Question: 2
You need to troubleshoot the order workflow.
What should you do? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Review the run history.
B. Review the trigger history.
C. Review the API connections.
D. Review the activity log.
Answer: BD
Explanation:
Scenario: The order workflow fails to run upon initial deployment to Azure.
Deployment errors arise from conditions that occur during the deployment process. They appear in
the activity log.
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit
Question: 3
You need to access user claims in the e-commerce web app* What should you do first?
A. Update the e-commerce web app to read the HTTP request header values.
B. Assign the Contributor RBAC role to the e-commerce web app by using the Resource Manager create role assignment API.
C. Write custom code to make a Microsoft Graph API call from the e-commerce web app.
D. Using the Azure CU enable Cross-origin resource sharing (CORS) from the e-commerce checkout API to the e-commerce web app
Answer: C
Explanation:
If you want more information about the user, you'll need to use the Azure AD Graph API.
References: https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/claims
Question: 4
You need to meet the LabelMaker security requirement.
What should you do?
A. Create a conditional access policy and assign it to the Azure Kubernetes Service cluster
B. Place the Azure Active Directory account into an Azure AD group. Create a ClusterRoleBinding and assign it to the group.
C. Create a Microsoft Azure Active Directory service principal and assign it to the Azure Kubernetes Service (AKS) duster.
D. Create a RoleBinding and assign it to the Azure AD account.
Answer: B
Explanation:
Scenario: The LabelMaker applications must be secured by using an AAD account that has full access
to all namespaces of the Azure Kubernetes Service (AKS) cluster.
Permissions can be granted within a namespace with a RoleBinding, or cluster-wide with a
ClusterRoleBinding.
References:
https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Related Links: https://www.dumps4download.com/az-203-dumps.html
