Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-104 Exam - Topic 19 Question 46 Discussion

Actual exam question for Microsoft's AZ-104 exam
Question #: 46
Topic #: 19
[All AZ-104 Questions]

You are configuring Azure Active Directory (Azure AD) authentication for an Azure Storage account named storage1.

You need to ensure that the members of a group named Group1 can upload files by using the Azure portal. The solution must use the principle of least privilege.

Which two roles should you configure for storage!? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point

Show Suggested Answer Hide Answer
Suggested Answer: A, B

by Chauncey at May 09, 2022, 07:25 AM

Limited Time Offer

25%

Off

Get Premium AZ-104 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Lashawna
5 months ago
Agree, Storage Blob Data Contributor is a must!
upvoted 0 times
...
Effie
5 months ago
Surprised that Reader is even an option here!
upvoted 0 times
...
Paola
5 months ago
Storage Account Contributor seems excessive, though.
upvoted 0 times
...
Ena
5 months ago
I think Reader is too limited for this task.
upvoted 0 times
...
Barrett
5 months ago
Definitely need Storage Blob Data Contributor for uploads.
upvoted 0 times
...
Kasandra
5 months ago
I’m torn between Storage Blob Data Contributor and Storage Blob Data Reader. I know one allows uploads, but I can't recall if we need both for this scenario.
upvoted 0 times
...
Tawna
5 months ago
I feel like the Storage Account Contributor might be too much access for what we need. We should stick to the least privilege principle.
upvoted 0 times
...
Lynelle
5 months ago
I remember practicing a similar question, and I think the Reader role is too limited for uploads. We definitely need something that allows write access.
upvoted 0 times
...
Loreta
6 months ago
I think we need to give Group1 permissions to upload files, so maybe the Storage Blob Data Contributor role? But I'm not sure about the second role.
upvoted 0 times
...
Selene
6 months ago
I think I understand the key steps here. We need to update the EFS file system policy to allow Account B to access the file system, create a VPC peering connection between the two accounts, and update the Lambda execution roles to have the necessary permissions.
upvoted 0 times
...
Delbert
6 months ago
The key here is understanding the modern criminological perspective on white-collar crime. I think option A captures that best, but I'll double-check my notes to be sure.
upvoted 0 times
...
Nadine
6 months ago
Hmm, I'm a bit unsure about this one. There are a lot of options to consider, and I'm not sure which two are the most important. Maybe I'll start by thinking about the potential challenges the company might face.
upvoted 0 times
...
Ty
6 months ago
Resource dependency analysis seems like it might be relevant, but I'm not sure how it would directly justify the investment. I'd probably go with cost-benefit analysis.
upvoted 0 times
...
Jose
6 months ago
This one seems pretty straightforward. I think the key is to focus on which system from the list doesn't natively support syslog events.
upvoted 0 times
...

Save Cancel