You have a cognitive search solution in Azure.
You are asked to define inbound security rules for admin and query operations.
Review the statements given below and select three statements that are true regarding the inbound security of your cognitive search service.
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answers: B, C and D.
Option A is incorrect.
You can provide inbound security authentication through API keys.
AD cannot be used for authentication.
Option B is correct.
An admin API key provides full access to create, manage, delete indexers, indexes and data sources.
Option C is correct.
Here are the steps to regenerate the primary key.
Step 1: Copy the secondary key.
Step 2: Update API key settings to use the secondary key.
Step 3: Regenerate the primary key.
Step 4: Update all applications to use the primary key.
Option D is correct.
The maximum limit of admin keys per service is two.
Option E is incorrect.
Query key only provides read access to indexes and documents.
Reference:
To learn more about inbound security of cognitive search requests, use the link given below:
Sure, I'd be happy to explain each statement and its relevance to inbound security in Azure Cognitive Search.
A. Authentication for inbound requests can be provided through AD or an API key.
This statement is true. Azure Cognitive Search supports both Active Directory (AD) authentication and API key authentication for inbound requests. AD authentication allows you to use Azure Active Directory (Azure AD) to manage access to your search service, while API key authentication allows you to generate and manage API keys that are required for making requests to your search service.
B. Admin API key grants full access to manage indexers and data sources.
This statement is true. An Admin API key provides full access to manage all aspects of your search service, including indexers and data sources. It is important to carefully manage and secure Admin API keys, as they can be used to perform any administrative action on your search service.
C. Primary and Secondary admin keys can be rolled over one at a time.
This statement is true. Azure Cognitive Search allows you to generate Primary and Secondary Admin API keys for your search service. These keys can be used interchangeably, but only one key can be active at a time. When you need to rotate keys for security reasons, you can roll over one key at a time to ensure that your search service remains available during the key rotation process.
D. The maximum limit of admin keys per service is two.
This statement is true. Azure Cognitive Search allows you to generate up to two Admin API keys for your search service. This limit helps you to better manage and secure access to your search service.
E. Query key provides read-write access to indexes and documents.
This statement is false. A Query API key provides read-only access to your search indexes and documents. It allows clients to search and retrieve documents from your search service, but it does not provide write access to the data. If you need to allow write access to your search service, you can use an Admin API key instead.
In summary, statements A, B, and C are true regarding the inbound security of your cognitive search service. Statement D is also true, while statement E is false.