Learn how user and group permissions in Azure Key Vault affect access to secrets and cryptographic operations, ensuring your sensitive information remains secure.
Question
You have an Azure subscription that contains the resources shown in the following table.
| Name | Type |
|---|---|
| User1 | Azure Active Directory (Azure AD) user |
| User2 | Azure Active Directory (Azure AD) user |
| Group1 | Azure Active Directory (Azure AD) group |
| Vault1 | Azure key vault |
User1 is a member of Group1. Group1 and User2 are assigned the Key Vault Contributor role for Vault1.
On January 1, 2019, you create a secret in Vault1. The secret is configured as shown in the exhibit. (Click the Exhibit tab.)
User2 is assigned an access policy to Vault1. The policy has the following configurations:
- Key Management Operations: Get, List, and Restore
- Cryptographic Operations: Decrypt and Unwrap Key
- Secret Management Operations: Get, List, and Restore
Group1 is assigned an access to Vault1. The policy has the following configurations:
- Key Management Operations: Get and Recover
- Secret Management Operations: List, Backup, and Recover
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Statements:
- On January 1, 2019, User1 can view the value of Password1.
- On June 1, 2019, User2 can view the value of Password1.
- On June 1, 2019, User1 can view the value of Password1.
Answer
- On January 1, 2019, User1 can view the value of Password1: No
- On June 1, 2019, User2 can view the value of Password1: Yes
- On June 1, 2019, User1 can view the value of Password1: No
The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.
