Microsoft Azure Administrator Associate AZ-104 Practice Question
A company needs to provide a third-party vendor with temporary access to upload data to a specific container in their Azure Blob Storage account without exposing their storage account keys. Which of the following should they use to accomplish this?
They should create a Shared Access Signature (SAS) to grant the vendor temporary and restricted access to the storage resources. A SAS token allows specifying permissions, expiration time, and access to specific resources without sharing the storage account keys. Assigning an Azure Entra ID role would require the vendor to be part of the organization's Azure Entra ID tenant. Providing the storage account key would give full access to the storage account, compromising security. Configuring a virtual network service endpoint controls network access but does not grant the necessary permissions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Shared Access Signature (SAS)?
Open an interactive chat with Bash
How do I create a Shared Access Signature?
Open an interactive chat with Bash
What are the security implications of using a SAS token?
Open an interactive chat with Bash
Microsoft Azure Administrator Associate AZ-104
Implement and manage storage
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access