This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Choose the best response for each of the questions.
What is the recommended way to manage and rotate your Azure storage account access keys?
Use Azure Key Vault to manage and rotate your keys
Save access keys in plain text accessible to others
Hard code access keys in your application code
What is the purpose of using Azure Key Vault to manage storage account access keys?
To limit access to the data stored in the storage account
To generate new access keys for each storage account
To manage and rotate existing access keys securely
What is the recommended way to authorize access to data in Azure Storage?
Using either Microsoft Entra ID or a shared access signature SAS
Using Shared Key authorization
Using access keys and connection strings for all apps accessing production or sensitive data
What is the purpose of authorizing access to resources in Azure Storage?
To restrict access to resources only to users with Microsoft Entra Domain Services authorization
To make resources public and accessible to any user
To ensure that resources are accessible only when authorized and only to those users or applications to whom access is granted
What is the purpose of Bring Your Own Key (BYOK) in Azure Key Vault?
To transfer a key from Azure Key Vault to an on-premises Hardware Security Module (HSM)
To securely transfer a key from an on-premises Hardware Security Module (HSM) outside Azure, into the HSM backing Azure Key Vault
To generate a new key in Azure Key Vault for use in an on-premises HSM
You must answer all questions before checking your work.
Was this page helpful?