Course Hero Logo

What should you configure a an application permission

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 77 - 81 out of 87 pages.

What should you configure?A. an application permission without admin consentB. a delegated permission without admin consentC. a delegated permission that requires admin consentD. an application permission that requires admin consentCorrect Answer:BSection: [none]ExplanationExplanation/Reference:Explanation:
Delegated permissions - Your client application needs to access the web API as the signed-in user, but with access limited by the selected permission. This type ofpermission can be granted by a user unless the permission requires administrator consent.Incorrect Answers:A, D: Application permissions - Your client application needs to access the web API directly as itself (no user context). This type of permission requiresadministrator consent and is also not available for public (desktop and mobile) client applications.References:-webapisQUESTION 3Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory Azure (Azure AD) tenant named contoso.com.The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.You need to register App1 in Azure AD.What information should you obtain from the developer to register the application?A. a redirect URIB. a reply URLC. a keyD. an application IDCorrect Answer:ASection: [none]ExplanationExplanation/Reference:Explanation:For Native Applications you need to provide a Redirect URI, which Azure AD will use to return token responses.References:QUESTION 4From the Azure portal, you are configuring an Azure policy.You plan to assign policies that use theDeployIfNotExist,AuditIfNotExist,Append, andDenyeffects.Which effect requires a managed identity for the assignment?
A.AuditIfNotExistB. AppendC.DeployIfNotExistD. DenyCorrect Answer:CSection: [none]ExplanationExplanation/Reference:Explanation:When Azure Policy runs the template in the deployIfNotExists policy definition, it does so using a managed identity.References:QUESTION 5You have an Azure subscription that contains an Azure key vault named Vault1.In Vault1, you create a secret named Secret1.An application developer registers an application in Azure Active Directory (Azure AD).You need to ensure that the application can use Secret1.What should you do?A. In Azure AD, create a role.B. In Azure Key Vault, create a key.C. In Azure Key Vault, create an access policy.D. In Azure AD, enable Azure AD Application Proxy.Correct Answer:ASection: [none]ExplanationExplanation/Reference:Explanation:Azure Key Vault provides a way to securely store credentials and other keys and secrets, but your code needs to authenticate to Key Vault to retrieve them.
Managed identities for Azure resources overview makes solving this problem simpler, by giving Azure services an automatically managed identity in Azure Active

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 87 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
KAPENGA
Tags
Azure, Azure Security Center, Azure Virtual Networks

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture