You deploy a web app that is used as a management portal for indexing in Azure Cognitive Search. The app is configured to use the primary admin key.
During a security review, you discover unauthorized changes to the search index. You suspect that the primary access key is compromised.
You need to prevent unauthorized access to the index management endpoint. The solution must minimize downtime.
What should you do next?
To minimize downtime and ensure the security of the index management endpoint, first regenerate the secondary admin key. This action ensures that the secondary key is secure and not compromised. Then, change the app to use this newly regenerated secondary admin key, allowing continuous access without downtime. Finally, regenerate the primary admin key to eliminate the compromised key and secure future access. This sequence ensures that the app remains functional throughout the key rotation process.
logicly it should be C. A can not be the answer as you regenerated the secondry key after your already add to your app. the right order to minize downtime is to regenerate the secondary, add to your app and then regenerate the primary
wondering why should we regenerate the secondary key when primary key is compromised.
In order to keep zero downtime on your application, you need to make sure it has A key so it can use. You must assume both keys are compromised and get new keys.
totally agree with you
If you change the application to use the secondary key and then you regenerate the key the application in not going to work. So C is the right one.
C for sure
Try to separate out the admin keys vs the query keys. The question is NOT ABOUT QUERY KEYS SO THAT rules out 2 answers
C is the answer. https://learn.microsoft.com/en-us/azure/search/search-security-api-keys?tabs=portal-use%2Cportal-find%2Cportal-query#regenerate-admin-keys Two admin keys are created for each service so that you can rotate a primary key while using the secondary key for business continuity. - Under Settings, select Keys, then copy the secondary key. - For all applications, update the API key settings to use the secondary key. - Regenerate the primary key. - Update all applications to use the new primary key.
"The app is configured to use the *primary admin key*." ... "You suspect that the primary access key is compromised. You need to prevent unauthorized access to the index management endpoint." I think it's B: "Change the app to use a query key, and then regenerate the primary admin key and the secondary admin key." So basically there are two admin keys. One of those is compromised. Both are reset for security. This way, the app is just using a query key with not enough privileges to make changes to the Cognitive Search service, so even if that key was leaked again unauthorized access to the management endpoint can be made. https://learn.microsoft.com/en-us/azure/search/search-security-api-keys?tabs=portal-use%2Cportal-find%2Cportal-query
for minimum to no downtime: The Answer is C, Azure Cognitive Search provides two admin keys (primary and secondary) to facilitate key rotation without downtime. The existence of two keys is specifically designed to handle scenarios where one key may need to be changed (e.g., if it is compromised) without interrupting the service. Immediate switch to the secondary admin key: By immediately switching the application to use the secondary admin key (which is assumed to be secure), you ensure that the application retains uninterrupted access to the management capabilities of Azure Cognitive Search. Regenerate the primary admin key: Once the application is using the secondary admin key, regenerating the primary admin key does not cause downtime because the application is not currently using this key. The new primary key can be stored securely for future use or key rotation purposes.
C is right.
C is correct
C. Regenerate the secondary admin key, change the app to use the secondary admin key, and then regenerate the primary key --- By regenerating the secondary admin key first, you can address the potential compromise of the primary key. Then, changing the app to use the regenerated secondary admin key ensures continued access to the index management endpoint. Finally, regenerating the primary key provides a new security key for future use
To avoid any downtime, regenerate the second key and use it ( as a precaution, and only if it is not currently being used by anything else). Then regenerate the first key
The moment you see "Regenerate the primary admin key" as the first action you already know it violates the minimum downtime requirement. Answer A makes it even worse - the web app will stop working all together in the end as the web app will be using an invalid secondary admin key. For answer C, regenerating the secondary admin key seems redundant as you suspect only the primary access key is compromised but it's safer and meet the minimum downtime requirement anyway. As for answer B, it won't provide the required permissions to manage the indexes hence the app won't be functioning and this violates the requirement. This question requires you to really think it through or you might be tricked easily.
To me the correct answer is C. https://learn.microsoft.com/en-us/azure/search/search-security-api-keys?tabs=portal-use%2Cportal-find%2Cportal-query
C is answer.
I say this answer is C.
Has to be C. First you regenerate the secondary Key, which previously might have been compromised too - no downtime. Then you switch your app to use that new uncompromised secondary Key - no downtime Then you regenerate the compromised primary Key
Selected Answer: C