Microsoft Azure Administrator Associate AZ-104 Practice Question

Using Shared Access Signatures (SAS) allows the administrator to grant temporary, limited access to resources in the storage account without sharing the account keys or requiring standard authentication. SAS tokens can specify permissions, such as read access, and set an expiration time, providing secure and granular access control. Stored access policies are used with SAS to manage constraints for one or more shared access signatures but don't grant access on their own. Distributing account keys is insecure and provides full access to the storage account. Role-Based Access Control (RBAC) requires clients to authenticate, which these clients cannot do.