You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: learn-pr/wwl-azure/implement-azure-app-configuration/6-knowledge-check.yml
+10-10Lines changed: 10 additions & 10 deletions
Original file line number
Diff line number
Diff line change
@@ -23,10 +23,10 @@ quiz:
23
23
explanation: "Correct. Labels in Azure App Configuration are used to create variants of a key and differentiate key-values with the same key."
24
24
- content: "Labels are used to encrypt key-values in App Configuration."
25
25
isCorrect: false
26
-
explanation: "Incorrect. Labels do not provide encryption. They are used to differentiate key-values with the same key."
26
+
explanation: "Incorrect. Labels don't provide encryption. They're used to differentiate key-values with the same key."
27
27
- content: "Labels are used to limit the size of key-values in App Configuration."
28
28
isCorrect: false
29
-
explanation: "Incorrect. Labels do not limit the size of key-values. They are used to differentiate key-values with the same key."
29
+
explanation: "Incorrect. Labels don't limit the size of key-values. They're used to differentiate key-values with the same key."
30
30
- content: "What is the role of a feature manager in managing application features?"
31
31
choices:
32
32
- content: "A feature manager is a rule for evaluating the state of a feature flag."
@@ -38,14 +38,14 @@ quiz:
38
38
- content: "A feature manager is an application package that handles the lifecycle of all the feature flags in an application."
39
39
isCorrect: true
40
40
explanation: "Correct. A feature manager provides extra functionality, such as caching feature flags and updating their states."
41
-
- content: "What is the purpose of using customer-managed keys in Azure App Configuration?"
41
+
- content: "In a Key Vault access policy, which key permissions must you grant to the Azure App Configuration managed identity to enable customer-managed keys?"
42
42
choices:
43
-
- content: "To enable authentication with Microsoft Entra ID"
43
+
- content: "GET, WRAP, and UNWRAP permissions on the Key Vault key"
44
+
isCorrect: true
45
+
explanation: "Correct. App Configuration uses its managed identity to access the Key Vault key and wrap/unwrap the store’s encryption key."
46
+
- content: "GET and LIST permissions on Key Vault secrets"
44
47
isCorrect: false
45
-
explanation: "Incorrect. While a managed identity is used for authentication, it's not the primary purpose of customer-managed keys."
46
-
- content: "To permanently store the unwrapped encryption key"
48
+
explanation: "Incorrect. Customer-managed keys use a Key Vault key (not secrets) and require wrap/unwrap operations."
49
+
- content: "CREATE and DELETE permissions on the Key Vault key"
47
50
isCorrect: false
48
-
explanation: "Incorrect. The unwrapped encryption key is cached within App Configuration for one hour, not stored permanently."
49
-
- content: "To encrypt sensitive information at rest"
50
-
isCorrect: true
51
-
explanation: "Correct. Customer-managed keys are used to encrypt sensitive information in key-value pairs at rest."
51
+
explanation: "Incorrect. App Configuration doesn’t need to create or delete the key; it needs to wrap and unwrap with an existing key."
Copy file name to clipboardExpand all lines: learn-pr/wwl-azure/implement-managed-identities/6-knowledge-check.yml
+7-7Lines changed: 7 additions & 7 deletions
Original file line number
Diff line number
Diff line change
@@ -26,14 +26,14 @@ quiz:
26
26
- content: "Can only be associated with a single Azure resource"
27
27
isCorrect: false
28
28
explanation: "Incorrect. The same user-assigned managed identity can be associated with more than one Azure resource."
29
-
- content: "A client app requests managed identities for an access token for a given resource. Which of the following options is the basis for the token?"
29
+
- content: "When an Azure resource uses a managed identity to request an access token for a resource, which Microsoft Entra ID identity does the token represent?"
30
30
choices:
31
-
- content: "Oauth 2.0"
31
+
- content: "OAuth 2.0"
32
32
isCorrect: false
33
-
explanation: "Incorrect. Oauth 2.0 is a protocol that can be used to acquire a token, but isn't the basis for the token."
34
-
- content: "Service principal"
33
+
explanation: "Incorrect. OAuth 2.0 is the protocol used to request tokens, not the identity represented in the token."
34
+
- content: "The managed identity’s service principal"
35
35
isCorrect: true
36
-
explanation: "Correct. The token is based on the managed identities for Azure resources service principal."
37
-
- content: "Virtual machine"
36
+
explanation: "Correct. The access token represents the managed identity’s service principal in Microsoft Entra ID."
37
+
- content: "The virtual machine (or hosting resource) itself"
38
38
isCorrect: false
39
-
explanation: "Incorrect. The virtual machine may be assigned a managed identity, but isn't the basis for the token."
39
+
explanation: "Incorrect. The resource can have a managed identity, but the token represents the identity (service principal), not the VM object."
0 commit comments