Designing and Implementing an Azure AI Solution (legacy) — Question 31

You are developing an AI application that will use keys stored in an Azure Key Vault.
You want to configure the Azure Key Vault to ensure that a key that is deleted is retained in the key vault for 90 days.
What should you do?
Recently, a key used by the application was deleted accidentally and was unrecoverable.
You need to ensure that if a key is deleted, it is retained in the key vault for 90 days.
What should you do?

Answer options

• A. In to Azure Management Console, set the expiration date on the keys.
• B. In the Azure Portal, configure Soft delete and Purge protection.
• C. In the Azure Portal, configure back up of the Azure Key Vault.
• D. In the Azure Portal, configure Azure Monitor for Key Vault.

Correct answer: B

Explanation

The correct answer is B because configuring Soft delete and Purge protection allows deleted keys to be retained in the Azure Key Vault for 90 days, providing a recovery option. Option A is incorrect because setting an expiration date does not help with recovery after deletion. Option C is not applicable as backing up the Key Vault does not address the retention of deleted keys. Option D does not relate to the retention of deleted keys but rather focuses on monitoring.