![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 13%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,316 questions
anonymous user
Looking at the question you posted, the main difference is one says "Configure the master key to be used from the Windows Certificate Store" while the other says Key Vault. I was able to look at the public documentation and will post my findings below.
Findings:
When it comes to the actual process of using the "Always Encrypted Wizard in SQL Server Management Studio".
- This documentation states "Currently, you can store a CMK in the Windows certificate store, Azure Key Vault, or a hardware security module (HSM). However, within our docs only the Certificate Store walk-through documents the full process; while the Key Vault doc only goes to creating a Key Vault to store your keys.
For your test questions, it looks like both answers should be Yes/True.
When taking the actual exam, if you do run into these questions and would like to challenge the item(s). Please do so by following the steps outlined here - Exam policies and FAQ.
----------
If this answer helped resolve your question. Please remember to "mark as answer" so that others in the community facing similar issues can easily find a solution.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 42%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)