Question 191
HOTSPOT
-
You are developing a content management application for technical manuals. The application is deployed as an Azure Static Web app.
Authenticated users can view pages under/manuals but only contributors can access the page /manuals/new.html.
You need to configure the routing for the web app.
How should you complete the configuration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 192
You are developing a web application that uses the Microsoft identity platform for user and resource authentication. The web application calls several REST APIs.
A REST API call must read the user’s calendar. The web application requires permission to send an email as the user.
You need to authorize the web application and the API.
Which parameter should you use?
A. tenant
B. code_challenge
C. state
D. client_id
E. scope
Question 193
HOTSPOT
-
You develop and deploy a web app to Azure App service. The web app allows users to authenticate by using social identity providers through the Azure B2C service. All user profile information is stored in Azure B2C.
You must update the web app to display common user properties from Azure B2C to include the following information:
• Email address
• Job title
• First name
• Last name
• Office location
You need to implement the user properties in the web app.
Which code library and API should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 194
HOTSPOT
-
You develop and deploy the following staticwebapp.config.json file to the app_location value specified in the workflow file of an Azure Static Web app:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Question 195
You develop and deploy an Azure App Service web app named App1. You create a new Azure Key Vault named Vault1. You import several API keys, passwords, certificates, and cryptographic keys into Vault1.
You need to grant App1 access to Vault1 and automatically rotate credentials. Credentials must not be stored in code.
What should you do?
A. Enable App Service authentication for Appl. Assign a custom RBAC role to Vault1.
B. Add a TLS/SSL binding to App1.
C. Upload a self-signed client certificate to Vault1. Update App1 to use the client certificate.
D. Assign a managed identity to App1.
Question 196
You are developing a Java application to be deployed in Azure. The application stores sensitive data in Azure Cosmos DB.
You need to configure Always Encrypted to encrypt the sensitive data inside the application.
What should you do first?
A. Create a new container to include an encryption policy with the JSON properties to be encrypted.
B. Create a customer-managed key (CMK) and store the key in a new Azure Key Vault instance.
C. Create a data encryption key (DEK) by using the Azure Cosmos DB SDK and store the key in Azure Cosmos DB.
D. Create an Azure AD managed identity and assign the identity to a new Azure Key Vault instance.
Question 197
HOTSPOT
-
You develop a web app that interacts with Azure Active Directory (Azure AD) groups by using Microsoft Graph.
You build a web page that shows all Azure AD groups that are not of the type 'Unified'.
You need to build the Microsoft Graph query for the page.
How should you complete the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 198
DRAG DROP
-
You are developing an Azure solution.
You need to develop code to access a secret stored in Azure Key Vault.
How should you complete the code segment? To answer, drag the appropriate code segments to the correct location. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Question 199
HOTSPOT
-
You are a developer building a web site using a web app. The web site stores configuration data in Azure App Configuration.
Access to Azure App Configuration has been configured to use the identity of the web app for authentication. Security requirements specify that no other authentication systems must be used.
You need to load configuration data from Azure App Configuration.
How should you complete the code? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 200
You are developing several microservices to deploy to a new Azure Kubernetes Service cluster. The microservices manage data stored in Azure Cosmos DB and Azure Blob storage. The data is secured by using customer-managed keys stored in Azure Key Vault.
You must automate key rotation for all Azure Key Vault keys and allow for manual key rotation. Keys must rotate every three months. Notifications of expiring keys must be sent before key expiry.
You need to configure key rotation and enable key expiry notifications.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Create and configure a new Azure Event Grid instance.
B. Configure Azure Key Vault alerts.
C. Create and assign an Azure Key Vault access policy.
D. Create and configure a key rotation policy during key creation.
