Note: This question-is part of a series of questions that present the same scenario. Each question-in the series contains a unique solution that might meet the stated goals. Some question-sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question-in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Subscription named Sub1.
You have an Azure Storage account named Sa1 in a resource group named RG1.
Users and applications access the blob service and the file service in Sa1 by using several shared access signatures (SASs) and stored access policies.
You discover that unauthorized users accessed both the file service and the blob service.
You need to revoke all access to Sa1.
Solution: You create a new stored access policy.
Does this meet the goal?
A. Yes
B. No
as all the other answers in the set are even more “unfitting” I would say “create a new SAP” is meant in the sense of “remove the old/current one and then create a new one”. going strictly by the book Charles is correct, as you can create up to 5 SAPs (I think)
With all certainty, the correct answer is “No”. You can actually have more than 1 access policies on an object. You can only break associations between SAS and SAP by “deleting” or “renaming” an existing SAS policy.
Creating a new one doesn’t revoke the old one. To revoke a stored access policy (SAP) -> Delete OR Rename it by changing the signed identifier, also change the expiry time to a value in the past. Creating a new Stored Access Policy does nothing to the existing SAS, and Stored Access Policy.