BenchMark Quizzes by MDFT Pro

Secure Compromised Azure Cognitive Search Query Key

MDFT Pro, a well-known training agency, operates a web application that provides students with search capabilities across their extensive digital library of course materials, study guides, and certification resources.

Mark, the Security Operations Manager, has discovered unusually high billing charges for their Azure Cognitive Search service and suspects that unauthorized users have gained access to the search endpoint using a compromised query key. The situation requires immediate action to prevent further unauthorized access while ensuring that legitimate students can continue searching for educational content without service interruption.

Which three actions should Mark perform in sequence to secure the search service and maintain read-only access?

Choose all correct answers from the options below.

Explanations for each answer:

Add a query key is correct. Adding a new query key provides a secure replacement key with read-only access to the documents collection, ensuring continued service availability.
Change the app to use the new key is correct. Updating the application to use the new secure query key restores search functionality while maintaining read-only access permissions.
Delete the compromised key is correct. Removing the compromised key prevents further unauthorized access while maintaining service availability through the new key.
Regenerate the secondary admin key is incorrect. Admin keys provide full read-write access, which exceeds the read-only requirement and increases security risk if compromised again.
Change the app to use the secondary admin key is incorrect. Using admin keys violates the principle of least privilege by providing unnecessary write permissions when only read access is required.
Regenerate the primary admin key is incorrect. Regenerating admin keys doesn't address the requirement for read-only access and could disrupt other services using admin privileges.

Learn more about Cognitive Search security:

Cognitive Search Security

Exam Preparation Quiz

Secure Compromised Azure Cognitive Search Query Key