Crucial Exams

Microsoft Azure Developer Associate AZ-204 Practice Question

During debugging of an Azure Function written in C#, you notice that the following code loads jwtSigningCert without its private key:

var client = new CertificateClient(new Uri(vaultUrl), new DefaultAzureCredential());
var cert  = await client.GetCertificateAsync("jwtSigningCert");
var x509  = new X509Certificate2(cert.Value.Cer);

The certificate was imported into Azure Key Vault together with its private key. Which change will ensure that the private key is included when the certificate is loaded?

  • Call GetCertificateVersionAsync with the latest version instead of GetCertificateAsync; the private key will be included automatically.

  • Use a SecretClient, call GetSecretAsync("jwtSigningCert"), convert the returned base-64 string to bytes, and create the X509Certificate2 from those bytes.

  • Give the function app the Key Vault Crypto Officer role instead of Key Vault Secrets User; the existing code will then retrieve the private key.

  • Call GetCertificatePolicyAsync and set the policy's content type to Pkcs12 before calling GetCertificateAsync so that the SDK returns the private key.

Microsoft Azure Developer Associate AZ-204
Implement Azure security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot