0
0
Azurecloud~20 mins

Storing secrets in Azure - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Azure Secrets Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Why use Azure Key Vault for storing secrets?

Which of the following is the main reason to use Azure Key Vault for storing secrets instead of storing them directly in application code?

AIt allows anyone in the organization to read secrets without restrictions.
BIt automatically writes secrets into application code for faster access.
CIt stores secrets in plain text for easy debugging.
DIt encrypts secrets and controls access centrally, reducing risk of exposure.
Attempts:
2 left
💡 Hint

Think about security and access control for sensitive information.

Configuration
intermediate
2:00remaining
Accessing a secret from Azure Key Vault using Managed Identity

You want an Azure Virtual Machine to access a secret from Azure Key Vault without storing credentials in code. Which configuration allows this?

AAssign a Managed Identity to the VM and grant it 'Get' permission on the Key Vault access policy.
BStore the Key Vault access key in the VM's environment variables.
CEnable public access on the Key Vault so the VM can read secrets anonymously.
DCreate a user account and hardcode its password in the VM application.
Attempts:
2 left
💡 Hint

Think about how Azure services can authenticate securely without passwords.

Architecture
advanced
2:30remaining
Designing secret rotation with Azure Key Vault

You need to design a system where application secrets rotate automatically every 30 days without downtime. Which architecture best supports this?

AUse Azure Key Vault with versioned secrets and configure the application to fetch the latest version at startup and periodically.
BManually update secrets in the application code every 30 days and redeploy the app.
CStore secrets in a database and update them without notifying the application.
DDisable secret rotation to avoid application failures.
Attempts:
2 left
💡 Hint

Consider how to update secrets without stopping the application.

security
advanced
2:30remaining
Preventing unauthorized access to Azure Key Vault secrets

Which of the following configurations best prevents unauthorized users from accessing secrets in Azure Key Vault?

ADisable logging to hide access attempts and avoid alerts.
BAllow all IP addresses to access the Key Vault and assign all users the 'Reader' role.
CEnable firewall rules to restrict network access and use Azure RBAC to assign minimum required permissions.
DShare Key Vault access keys via email to trusted users.
Attempts:
2 left
💡 Hint

Think about limiting who and where can access the Key Vault.

service_behavior
expert
3:00remaining
Behavior of Azure Key Vault when a secret is deleted

What happens to a secret in Azure Key Vault immediately after it is deleted, assuming soft-delete is enabled?

AThe secret is copied to a backup vault automatically.
BThe secret is marked as deleted but remains recoverable for a retention period before permanent removal.
CThe secret is archived and accessible only by administrators indefinitely.
DThe secret is permanently removed instantly and cannot be recovered.
Attempts:
2 left
💡 Hint

Consider Azure Key Vault's soft-delete feature behavior.