Directory azure ad you can use this identity to

This preview shows page 80 - 82 out of 87 pages.

Directory (Azure AD). You can use this identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without having anycredentials in your code.Example: How a system-assigned managed identity works with an Azure VMAfter the VM has an identity, use the service principal information to grant the VM access to Azure resources. To call Azure Resource Manager, use role-basedaccess control (RBAC) in Azure AD to assign the appropriate role to the VM service principal. To call Key Vault, grant your code access to the specific secret orkey in Key Vault.References:QUESTION 6You have an Azure SQL database.You implement Always Encrypted.You need to ensure that application developers can retrieve and decrypt data in the database.Which two pieces of information should you provide to the developers? Each correct answer presents part of the solution.NOTE:Each correct selection is worth one point.A. a stored access policyB. a shared access signature (SAS)C. the column encryption keyD. user credentialsE. the column master keyCorrect Answer:CESection: [none]ExplanationExplanation/Reference:Explanation:Always Encrypted uses two types of keys: column encryption keys and column master keys. A column encryption key is used to encrypt data in an encryptedcolumn. A column master key is a key-protecting key that encrypts one or more column encryption keys.
References:-encrypteddatabase-engineQUESTION 7You have a hybrid configuration of Azure Active Directory (Azure AD).All users have computers that run Windows 10 and are hybrid Azure AD joined.You have an Azure SQL database that is configured to support Azure AD authentication.Database developers must connect to the SQL database by using Microsoft SQL Server Management Studio (SSMS) and authenticate by using their on-premisesActive Directory account.You need to tell the developers which authentication method to use to connect to the SQL database from SSMS. The solution must minimize authenticationprompts.Which authentication method should you instruct the developers to use?A. SQL LoginB. Active DirectoryUniversal with MFA supportC. Active DirectoryIntegratedD. Active DirectoryPasswordCorrect Answer:CSection: [none]ExplanationExplanation/Reference:Explanation:Azure AD can be the initial Azure AD managed domain. Azure AD can also be an on-premises Active Directory Domain Services that is federated with the AzureAD.Using an Azure AD identity to connect using SSMS or SSDTThe following procedures show you how to connect to a SQL database with an Azure AD identity using SQL Server Management Studio or SQL Server DatabaseTools.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 87 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
KAPENGA
Tags
Azure, Azure Security Center, Azure Virtual Networks

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture