AZ-204 Review Set Part 2 ACTUAL UPDATED QUESTIONS AND CORRECT
ANSWERS
Which OAuth flow is used by web apps that need to sign Authorization Code Flow
in users and obtain tokens securely?
Which OAuth flow adds an extra security layer for public Authorization Code with PKCE
clients like SPAs or mobile apps?
Which OAuth flow is used for device login scenarios such Device Code Flow
as smart TVs or CLI apps?
Which OAuth flow is used when no user is signed in and Client Credentials Flow
the application authenticates itself?
Which OAuth flow allows a web API to call another API On-Behalf-Of (OBO) Flow
on behalf of the signed-in user?
Which authentication library simplifies token acquisition MSAL (Microsoft Authentication Library)
for Microsoft identity platform?
What type of permission requires a signed-in user? Delegated permissions
What type of permission allows an app to act without a Application permissions
user present?
Which protocol is used by Microsoft identity platform for OAuth 2.0 / OpenID Connect
modern authentication?
What is PKCE primarily used for? Securing public clients by preventing authorization code interception
Which Azure service securely stores secrets, certificates, Azure Key Vault
and keys?
Which Key Vault feature protects encryption keys using Managed HSM
HSMs?
Which identity feature removes the need to store Managed Identity
credentials in code?
What are the two types of managed identities? System-assigned and user-assigned
, Which SAS type uses Microsoft Entra ID for User Delegation SAS
authorization?
Which SAS type uses the storage account key and Service SAS
provides limited resource access?
Which SAS type grants access to multiple storage Account SAS
services at once?
What Azure feature restricts access to resources within a Private Endpoint
virtual network?
What encryption method allows customers to manage Customer-managed keys (CMK)
their own encryption keys?
Which Azure service manages centralized configuration Azure App Configuration
settings?
Which Azure service is used for event-driven Azure Event Grid
architecture?
What messaging pattern does Event Grid use? Publish-subscribe
What component sends events to Event Grid? Publisher
What component processes the event? Event Handler
What component stores events temporarily until Topic
delivered?
Which Event Grid topic type is automatically created by System Topic
Azure services?
Which topic type is created by users for custom events? Custom Topic
Which topic type integrates with SaaS providers? Partner Topic
What object defines which events should be delivered to Event Subscription
a subscriber?
Which event format standard does Event Grid support for CloudEvents
interoperability?
ANSWERS
Which OAuth flow is used by web apps that need to sign Authorization Code Flow
in users and obtain tokens securely?
Which OAuth flow adds an extra security layer for public Authorization Code with PKCE
clients like SPAs or mobile apps?
Which OAuth flow is used for device login scenarios such Device Code Flow
as smart TVs or CLI apps?
Which OAuth flow is used when no user is signed in and Client Credentials Flow
the application authenticates itself?
Which OAuth flow allows a web API to call another API On-Behalf-Of (OBO) Flow
on behalf of the signed-in user?
Which authentication library simplifies token acquisition MSAL (Microsoft Authentication Library)
for Microsoft identity platform?
What type of permission requires a signed-in user? Delegated permissions
What type of permission allows an app to act without a Application permissions
user present?
Which protocol is used by Microsoft identity platform for OAuth 2.0 / OpenID Connect
modern authentication?
What is PKCE primarily used for? Securing public clients by preventing authorization code interception
Which Azure service securely stores secrets, certificates, Azure Key Vault
and keys?
Which Key Vault feature protects encryption keys using Managed HSM
HSMs?
Which identity feature removes the need to store Managed Identity
credentials in code?
What are the two types of managed identities? System-assigned and user-assigned
, Which SAS type uses Microsoft Entra ID for User Delegation SAS
authorization?
Which SAS type uses the storage account key and Service SAS
provides limited resource access?
Which SAS type grants access to multiple storage Account SAS
services at once?
What Azure feature restricts access to resources within a Private Endpoint
virtual network?
What encryption method allows customers to manage Customer-managed keys (CMK)
their own encryption keys?
Which Azure service manages centralized configuration Azure App Configuration
settings?
Which Azure service is used for event-driven Azure Event Grid
architecture?
What messaging pattern does Event Grid use? Publish-subscribe
What component sends events to Event Grid? Publisher
What component processes the event? Event Handler
What component stores events temporarily until Topic
delivered?
Which Event Grid topic type is automatically created by System Topic
Azure services?
Which topic type is created by users for custom events? Custom Topic
Which topic type integrates with SaaS providers? Partner Topic
What object defines which events should be delivered to Event Subscription
a subscriber?
Which event format standard does Event Grid support for CloudEvents
interoperability?
