AZ-304 Exam QuestionsBrowse all questions from this exam
Go to Exam

AZ-304 Exam - Question 128

HOTSPOT -

You have an Azure web app named App1 and an Azure key vault named KV1.

App1 stores database connection strings in KV1.

App1 performs the following types of requests to KV1:

✑ Get

✑ List

✑ Wrap

✑ Delete

✑ Unwrap

✑ Backup

✑ Decrypt

✑ Encrypt

You are evaluating the continuity of service for App1.

You need to identify the following if the Azure region that hosts KV1 becomes unavailable:

✑ To where will KV1 fail over?

✑ During the failover, which request type will be unavailable?

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Exam AZ-304 Question 128
Show Answer
Correct Answer:
Exam AZ-304 Question 128

Box 1: A server in the same paired region

The contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets.

Box 2: Delete -

During failover, your key vault is in read-only mode. Requests that are supported in this mode are:

✑ List certificates

✑ Get certificates

✑ List secrets

✑ Get secrets

✑ List keys

✑ Get (properties of) keys

✑ Encrypt

✑ Decrypt

✑ Wrap

✑ Unwrap

✑ Verify

✑ Sign

✑ Backup

Reference:

https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidance

Discussion

12 comments
Sign in to comment
TKCZ
May 2, 2021

Correct.

Amit3
Jun 14, 2021

Answers are correct. Based on this explanation from https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidance The contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets.

SumiExcel
May 8, 2021

Correct

sujeetkb2021
Jun 8, 2021

Correct

Ykh
Aug 11, 2021

Key for the first answer is in the question itself-" Azure region that hosts KV1 becomes unavailable". Fault domain and availability set will be in the same region, so KV1 cannot fail over there.

Belgi
Jul 17, 2021

During failover key vault is in read only mode, hence can't delete

syu31svc
Oct 4, 2021

Provided link supports answer given

Syldana
May 6, 2021

Correct

StarkStrange
Aug 26, 2021

just wondering if KV becomes read only how will backups work during failover?

Ajay9271
Oct 23, 2021

Correct

Dpejic
Dec 23, 2021

Appere on exam 23-dec-2021

JatinAZ
Feb 18, 2022

correct