When studying for your exam it’s important to understand how your Azure key vault helps manage secrets, certificates, and encryption keys securely.
You’ll need to understand what it’s designed for which is for storing sensitive information.
Like you’ll need to know API keys, passwords, and cryptographic keys. And the key vault keeps those things secure.
You’ll want to know how access is controlled using policies or RBAC. Those are the two different options allowing only specific apps or users to retrieve secrets. So keep that in mind. Understand how those work together and how you can use each one individually. This is a huge advantage overall when it comes to security.
And don’t overlook customer managed keys which give you control over encryption used by Azure services.
You’ll want to consider when to use multiple key vaults versus single key vaults. Now remember this is going to be a scenario based exam so you’ll see some scenarios possibly based on this here.
So keep in mind RBAC, understand your policies, understand your key vaults. These are the type of things that you’ll probably see on your exam.
Links:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter
https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Cdotnet