Microsoft Azure Security Engineer Associate AZ-500 Practice Question
Your company stores application data in an Azure Storage account. All applications are already authenticated to the blobs by using Azure AD credentials. To eliminate the risk posed by leaked storage account keys, you must immediately make both the primary and secondary keys unusable without affecting existing Azure AD-based access. Which configuration change should you make?
Enable Secure transfer required on the storage account.
Regenerate the primary and secondary access keys.
Enable double encryption at the Azure Storage infrastructure level.
Disable shared key access for the storage account.
Disabling shared key access prevents any requests that rely on either the primary or secondary storage account key, including traditional SAS tokens signed with those keys. Applications that authenticate by using Azure AD, or that use a user-delegation SAS, continue to work because they do not rely on the account keys. Regenerating the keys only replaces the key values but does not prevent future use, while secure transfer and double encryption are unrelated to key authorization and do not disable the keys.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is shared key access in Azure Storage?
Open an interactive chat with Bash
How does Azure AD improve security for accessing Azure Storage?
Open an interactive chat with Bash
What is the difference between regenerating keys and disabling shared key access?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure compute, storage, and databases
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .