Home » Microsoft » AZ-304 v.2 » What should you do?
You migrate App1 to Azure.
You need to ensure that the data storage for App1 meets the security and compliance requirements.
What should you do?
A. Create Azure RBAC assignments.
B. Create an access policy for the blob service.
C. Modify the access level of the blob service.
D. Implement Azure resource locks.
Correct Answer: A
Explanation/Reference:
Explanation:
Azure Active Directory (Azure AD) authorizes access rights to secured resources through Azure role-based access control (Azure RBAC). Azure Storage defines a set of Azure built-in roles that encompass common sets of permissions used to access blob data.
When an Azure role is assigned to an Azure AD security principal, Azure grants access to those resources for that security principal. An Azure AD security principal may be a user, a group, an application service principal, or a managed identity for Azure resources.
Scenario:
To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app.
The Litware.com tenant contains a custom Azure role-based access control (Azure RBAC) role named Role1 that grants the DataActions read permission to the blobs and files in Azure Storage.
Litware identifies the following security and compliance requirements:
On-premises users and services must be able to access the Azure Storage account that will host the data in App1.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/assign-azure-role-data-access
How To Pass AZ-305 Exam?
Microsoft AZ-305 PDF dumps.
High quality AZ-305 pdf and software. VALID exam to help you pass.
|
|
Litware Case Study.
Shloud be B.