Home » Microsoft » AZ-220 » What should you use as the device identity during attestation?
From the Device Provisioning Service, you create an enrollment as shown in the exhibit. (Click the Exhibit tab.)
You need to deploy a new IoT device.
What should you use as the device identity during attestation?
A. a self-signed X.509 certificate
B. the random string of alphanumeric characters
C. the HMACSHA256 hash of the device’s registration ID
D. the endorsement key of the device’s Trusted Platform Module (TPM)
Correct Answer: C
Explanation/Reference:
Explanation:
Each device uses its derived device key with your unique registration ID to perform symmetric key attestation with the enrollment during provisioning. To generate the device key, use the key you copied from your DPS enrollment to compute an HMAC-SHA256 of the unique registration ID for the device and convert the result into Base64 format.
Reference: https://docs.microsoft.com/en-us/azure/iot-edge/how-to-auto-provision-symmetric-keys
Answer is C