AZ-303 Exam QuestionsBrowse all questions from this exam
Go to Exam

AZ-303 Exam - Question 292

HOTSPOT -

You are creating an app that uses Event Grid to connect with other services. Your app's event data will be sent to a serverless function that checks compliance.

This function is maintained by your company.

You write a new event subscription at the scope of your resource. The event must be invalidated after a specific period of time.

You need to configure Event Grid to ensure security.

What should you implement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Exam AZ-303 Question 292
Show Answer
Correct Answer:
Exam AZ-303 Question 292

References:

https://docs.microsoft.com/en-us/azure/event-grid/security-authentication

Discussion

5 comments
Sign in to comment
Tripp_F
Jul 7, 2021

Answer boxes should be flipped, but answers are correct. Webhook Event Delivery - ValidationCode HandShake Topic Publishing - SAS Tokens Box 1: ValidationCode handshake Event Grid supports two ways of validating the subscription: ValidationCode handshake (programmatic) and ValidationURL handshake (manual). If you control the source code for your endpoint, this method is recommended. Box 2: SAS tokens Custom topics use either Shared Access Signature (SAS) or key authentication. Microsoft recommends SAS, but key authentication provides simple programming, and is compatible with many existing webhook publishers. In this case we need the expiration time provided by SAS tokens.

Yiannisthe7th
Jul 3, 2021

Dropdowns placement in Answer area is incorrect WebHook Event Delivery ---ValidationCode handsShake https://docs.microsoft.com/en-us/azure/event-grid/webhook-event-delivery Publishers need to use SAS Tokens or key authentication when they want to publish an event to a topic. SAS tokens allow you to scope the access you grant to a certain resource in Event Grid for a certain amount of time. This is similar to the approach Azure Storage & Azure Service Bus use. Topic publishing --- SAS Tokens

syu31svc
Aug 30, 2021

Like what Tripp_F and Yiannisthe7th have mentioned, right answers in the wrong order

edmacoar123
Nov 19, 2021

On exam today 19/11/21. Correct answer. Score 860.

jmay
Jan 1, 2022

1. "ValidationCode handshake" Event Grid supports two ways of validating the subscription: Sync ans Async. Since you are writing the function app, you would have the oportunity to implement the Sync pattern. This pattern sends a subscription validation event to your endpoint. The data portion of this event includes a validationCode property. You app is suposed to echo this validationCode with HTTP 200 code. ref: https://docs.microsoft.com/en-us/azure/event-grid/webhook-event-delivery#endpoint-validation-with-event-grid-events 2. "SAS tokens" You can authenticate clients that publish events to Azure Event Grid topics, domains, partner namespaces using access key or Shared Access Signature (SAS) token. Authenticating using AAD is in preview and not supported on AKS yet. Access Key is the simplest way to quthenticate. It can be passed in as HTTP header or query param. SAS tokens for an Event Grid resource include the resource, expiration time, and a signature. The format of the SAS token is: r={resource}&e={expiration}&s={signature}. Ref: https://docs.microsoft.com/en-us/azure/event-grid/authenticate-with-access-keys-shared-access-signatures