Exam-Answer

Home / Microsoft / AZ-303 / Question 22

Prev Question
Next Question

Question 22

You are designing a new storage solution using Azure Storage Accounts for your company.

The company security team requires that the solution uses Azure Active Directory (Azure AD) as the authentication platform with the storage account.

You need to indicate which storage account services are compatible with Azure AD.

Choose all that apply:

Answers



A B C

Advertisement

Explanation

You can use Azure AD role-based access control (RBAC) to access Azure Blobs and Azure Queues. You can use Azure AD to authorize requests to Azure Blobs and Azure Queues, assign RBAC roles to the security principal, like the Storage Blob Data Contributor or Storage Queue Data Reader built-in roles, for example.

You can use the Azure Files access over Server Message Block (SMB) protocol with Azure AD by enabling the Azure AD Domain Services. After you enable Azure AD Domain Services, you can mount Azure Files in a domain-joined machine and enforce authorization on user access using the same credentials in Azure AD. The SMB protocol is a network file sharing protocol providing access to files, printers, and serial ports over a network.

You cannot use Azure AD managed identities to access Azure Tables. Only storage account keys and shared access signature (SAS) are supported as authorization for Azure Tables.

References

Comments

Load more
Prev Question
Next Question