0
0
Azurecloud~20 mins

Managed identity integration in Azure - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Managed Identity Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
service_behavior
intermediate
2:00remaining
What happens when an Azure VM uses a system-assigned managed identity to access Azure Key Vault?

An Azure Virtual Machine (VM) is configured with a system-assigned managed identity. The VM tries to retrieve a secret from an Azure Key Vault. What is the expected behavior if the VM's managed identity has been granted the correct access policy in the Key Vault?

AThe VM can access the Key Vault only if a user-assigned managed identity is attached instead.
BThe VM must provide a client secret or certificate to authenticate before accessing the Key Vault.
CThe VM can successfully authenticate using its managed identity and retrieve the secret from the Key Vault.
DThe VM cannot access the Key Vault because system-assigned managed identities are not supported for Key Vault access.
Attempts:
2 left
💡 Hint

Think about how system-assigned managed identities simplify authentication without credentials.

Architecture
intermediate
2:00remaining
Which managed identity type should you use to share the same identity across multiple Azure resources?

You want multiple Azure resources (like VMs and App Services) to authenticate to Azure SQL Database using the same managed identity. Which managed identity type supports this scenario?

AUser-assigned managed identity, because it can be assigned to multiple resources.
BNo managed identity can be shared; each resource must have its own system-assigned identity.
CSystem-assigned managed identity, because it is automatically created for each resource.
DUse a service principal instead of managed identities for sharing identities.
Attempts:
2 left
💡 Hint

Consider which identity type is reusable across resources.

security
advanced
2:00remaining
What is the security benefit of using managed identities over storing credentials in application code?

Why is using managed identities considered more secure than embedding credentials like passwords or keys directly in application code or configuration files?

AManaged identities require developers to encrypt credentials manually before storing them in code.
BManaged identities eliminate the need to store or rotate credentials manually, reducing the risk of credential leakage.
CManaged identities allow credentials to be stored in environment variables, which are more secure than code files.
DManaged identities automatically generate long, complex passwords that must be updated monthly.
Attempts:
2 left
💡 Hint

Think about how credentials are handled and risks of exposure.

Configuration
advanced
2:00remaining
Which Azure CLI command assigns a user-assigned managed identity to an Azure VM?

You have created a user-assigned managed identity named myIdentity in resource group myRG. Which Azure CLI command correctly assigns this identity to an existing VM named myVM in the same resource group?

Aaz vm identity assign --resource-group myRG --name myVM --identities /subscriptions/{subId}/resourceGroups/myRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity
Baz vm identity assign --resource-group myRG --name myVM --identities myIdentity
Caz vm identity assign --resource-group myRG --name myVM --identity myIdentity
Daz vm assign-identity --resource-group myRG --name myVM --user-identity myIdentity
Attempts:
2 left
💡 Hint

Check the required format for the --identities parameter.

🧠 Conceptual
expert
2:00remaining
What is the main difference in token lifecycle between system-assigned and user-assigned managed identities?

Consider how tokens are issued and managed for system-assigned versus user-assigned managed identities. What is the key difference in their lifecycle and management?

AUser-assigned managed identities automatically renew tokens every 5 minutes; system-assigned identities require manual token renewal.
BUser-assigned managed identities are only valid for 24 hours; system-assigned identities last indefinitely.
CSystem-assigned managed identities require manual rotation of credentials; user-assigned identities do not issue tokens.
DSystem-assigned managed identities are tied to the lifecycle of the resource and are deleted when the resource is deleted; user-assigned identities exist independently and can be shared.
Attempts:
2 left
💡 Hint

Think about how the identity's existence relates to the resource it is assigned to.