Crucial Exams

Microsoft Azure Developer Associate AZ-204 Practice Question

An Azure Function app runs under a system-assigned managed identity. The app must upload blobs to the "reports" container for the next four hours. You need to generate a shared access signature (SAS) in code without using either of the storage account keys. What should you do?

  • Use the Azure Function host master key to sign a service SAS for the container at runtime.

  • Create a stored access policy on the container and generate a service SAS signed with the policy identifier so the policy can be revoked later.

  • Generate an account SAS with permissions cw and resource types co, then sign it by using the primary storage account key.

  • Call BlobServiceClient.GetUserDelegationKey, then build a BlobSasBuilder signed with the returned key before attaching the SAS to the blob URI.

Microsoft Azure Developer Associate AZ-204
Implement Azure security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot