BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam AZ-104 Topic 20 Question 81 Discussion

Actual exam question for Microsoft's AZ-104 exam
Question #: 81
Topic #: 20
[All AZ-104 Questions]

You have an Azure virtual machine named VM1 and an Azure key vault named Vault1.

On VM1, you plan to configure Azure Disk Encryption to use a key encryption key (KEK)

You need to prepare Vault! for Azure Disk Encryption.

Which two actions should you perform on Vault1? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer: B, E

To prepare a key vault for Azure Disk Encryption, you need to select Azure Virtual machines for deployment and select Azure Disk Encryption for volume encryption in the key vault access policy settings. These options enable the VMs to access the keys and secrets stored in the key vault for disk encryption. Creating a new key or secret is not required, as Azure Disk Encryption can generate them automatically. Configuring a key rotation policy is optional and not related to preparing the key vault for disk encryption. Reference:

https://learn.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-key-vault

https://learn.microsoft.com/en-us/azure/virtual-machines/disk-encryption-overview

https://learn.microsoft.com/en-us/azure/virtual-machines/windows/encrypt-disks


Contribute your Thoughts:

Ayomide Oluwaga
1 years ago
Answer is correct https://learn.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-key-vault?tabs=azure-portal#azure-portal-1
upvoted 1 times
Noushu
12 months ago
we also need to create a new key for KEK right ?
upvoted 1 times
Noushu
12 months ago
i see "If you want to use a key encryption key (KEK) for an additional layer of security for encryption keys, add a KEK to your key vault. When a key encryption key is specified, Azure Disk Encryption uses that key to wrap the encryption secrets before writing to Key Vault."
upvoted 1 times
...
...
...

Save Cancel