Microsoft Azure Administrator Associate AZ-104 Practice Question
Your organization wants to secure access to blobs in an Azure Storage account by leveraging users' existing credentials without distributing shared keys or tokens. They want to use role-based access control to manage permissions. What is the BEST way to configure the storage account to meet these requirements?
Enable identity-based authentication on the storage account and assign appropriate roles to users
Enable anonymous access to the storage account and use network security groups to restrict access
Distribute the storage account access keys to users
Generate shared access tokens for each user and distribute them securely
Enabling identity-based authentication on the storage account and assigning appropriate roles to users allows users to access the storage account using their existing credentials, managed via Azure Entra ID. This approach implements role-based access control (RBAC) for managing permissions and eliminates the need to distribute shared keys or Shared Access Signatures (SAS). Generating shared access tokens or distributing access keys still involves handling shared secrets, which the organization wants to avoid. Enabling anonymous access is insecure and does not restrict access to specific users.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is identity-based authentication in Azure?
Open an interactive chat with Bash
What is role-based access control (RBAC) and how does it work in Azure?
Open an interactive chat with Bash
Why is it important to avoid distributing shared keys or tokens?
Open an interactive chat with Bash
Microsoft Azure Administrator Associate AZ-104
Implement and manage storage
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access