Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam AZ-305 Topic 4 Question 67 Discussion

Actual exam question for Microsoft's AZ-305 exam
Question #: 67
Topic #: 4
[All AZ-305 Questions]

You have an Azure AD tenant.

You plan to deploy Azure Cosmos DB databases that will use the SQL API.

You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.

What should you include in the recommendation?

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Elliott
2 months ago
I heard Cosmos DB was built on a black hole, so good luck trying to control access to that thing.
upvoted 0 times
...
Sue
2 months ago
Hmm, maybe we should just give everyone admin access and call it a day. What could go wrong?
upvoted 0 times
...
Billy
2 months ago
I'd avoid C - master keys and Information Protection seem a bit overkill for a simple Cosmos DB read access scenario.
upvoted 0 times
Jesusita
24 days ago
I agree, C does seem like overkill for just read access.
upvoted 0 times
...
Angella
1 months ago
D) shared access signatures (SAS) and Conditional Access policies
upvoted 0 times
...
Renato
1 months ago
B) certificates and Azure Key Vault
upvoted 0 times
...
Rozella
1 months ago
A) a resource token and an Access control (IAM) role assignment
upvoted 0 times
...
...
Mary
2 months ago
I'm gonna have to go with B on this one. Certificates and Key Vault are a bulletproof way to manage access.
upvoted 0 times
Glory
20 days ago
User 3: B sounds like the most secure option for managing access to the Cosmos DB databases.
upvoted 0 times
...
Alita
24 days ago
User 2: Definitely, certificates and Key Vault provide a strong security solution.
upvoted 0 times
...
Alisha
25 days ago
User 1: I agree, B is the way to go for secure access management.
upvoted 0 times
...
...
Kenda
2 months ago
Ooh, option D looks interesting. Shared access signatures and Conditional Access could add some nice security layers.
upvoted 0 times
Arlette
1 months ago
User4: Definitely, it's better to be safe than sorry when it comes to protecting our databases.
upvoted 0 times
...
Paris
1 months ago
User3: It's important to have those security layers in place when dealing with sensitive data.
upvoted 0 times
...
Annalee
1 months ago
User2: I agree, shared access signatures and Conditional Access can help control access effectively.
upvoted 0 times
...
Katheryn
2 months ago
Option D does sound like a good choice for security.
upvoted 0 times
...
...
Kirby
2 months ago
I'm not sure about shared access signatures (SAS), I think we should consider using a resource token and an Access control (IAM) role assignment instead.
upvoted 0 times
...
Jettie
3 months ago
I agree with Donte, shared access signatures (SAS) would be a good option for providing read access to the Cosmos DB databases.
upvoted 0 times
...
Chandra
3 months ago
Option A sounds like the way to go. Resource tokens and IAM role assignments are the standard for granting Azure AD users access to Cosmos DB.
upvoted 0 times
Hassie
2 months ago
Let's go with option A then, it's the recommended solution for this scenario.
upvoted 0 times
...
Mozell
2 months ago
I'm not familiar with resource tokens, but IAM role assignments make sense for access control.
upvoted 0 times
...
Garry
2 months ago
Agreed, that seems like the best way to provide specific Azure AD user accounts with read access to the Cosmos DB databases.
upvoted 0 times
...
Elvera
2 months ago
I think we should go with option A, resource token and IAM role assignment.
upvoted 0 times
...
...
Donte
3 months ago
I think we should include shared access signatures (SAS) in the recommendation.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77