Discover the key vaults available for storing encryption keys for your Azure virtual machines. Ensure the security of your VMs by choosing the right key vaults. Learn the options with our expert guide.
Table of Contents
Question
You have an Azure subscription named Sub1 that contains the Azure key vaults shown in the following table.
| Name | Region | Resource group |
|---|---|---|
| Vault1 | West Europe | RG1 |
| Vault2 | East US | RG1 |
| Vault3 | West Europe | RG2 |
| Vault4 | East US | RG2 |
In Sub1, you create a virtual machine that has the following configurations:
- Name: VM1
- Size: DS2v2
- Resource group: RG1
- Region: West Europe
- Operating system: Windows Server 2016
You plan to enable Azure Disk Encryption on VM1.
In which key vaults can you store the encryption key for VM1?
A. Vault1 or Vault3 only
B. Vault1, Vault2, Vault3, or Vault4
C. Vault1 only
D. Vault1 or Vault2 only
Answer
A. Vault1 or Vault3 only
Explanation
Your key vault and VMs must be in the same subscription. Also, to ensure that encryption secrets don’t cross regional boundaries, Azure Disk Encryption requires the Key Vault and the VMs to be co-located in the same region.
Reference
- Azure > Virtual Machines > Windows > Create and configure a key vault for Azure Disk Encryption on a Windows VM
The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.
