Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-500 Exam - Topic 4 Question 96 Discussion

Actual exam question for Microsoft's AZ-500 exam
Question #: 96
Topic #: 4
[All AZ-500 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You have an Azure Subscription named Sub1.

You have an Azure Storage account named Sa1 in a resource group named RG1.

Users and applications access the blob service and the file service in Sa1 by using several shared access

signatures (SASs) and stored access policies.

You discover that unauthorized users accessed both the file service and the blob service.

You need to revoke all access to Sa1.

Solution: You generate new SASs.

Does this meet the goal?

Show Suggested Answer Hide Answer
Suggested Answer: B

Instead you should create a new stored access policy.

To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier.

Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately affects all of the shared access signatures associated with it.


https://docs.microsoft.com/en-us/rest/api/storageservices/Establishing-a-Stored-Access-Policy

by Rueben at Nov 20, 2025, 03:14 PM

Limited Time Offer

25%

Off

Get Premium AZ-500 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Long
2 days ago
Nope, that's not the right solution.
upvoted 0 times
...
Blondell
7 days ago
Wait, so old SASs still work? That's surprising!
upvoted 0 times
...
Beth
25 days ago
Totally agree, that doesn't fix the issue.
upvoted 0 times
...
Portia
1 month ago
Generating new SASs is the way to go, but I hope they have a good backup plan in case they forget the new ones.
upvoted 0 times
...
Jose
1 month ago
Haha, good thing they didn't try to access the storage account using their grandma's birthday as the password.
upvoted 0 times
...
Luis
1 month ago
Generating new SASs is the way to go. Gotta keep that storage account secure!
upvoted 0 times
...
Kanisha
2 months ago
Generating new SASs is a good solution, but it might be a hassle for users who need to update their applications.
upvoted 0 times
...
Jenelle
2 months ago
Yes, generating new SASs will revoke all previous access to the storage account.
upvoted 0 times
...
Tori
2 months ago
This seems tricky; I recall something about stored access policies being important for revoking access, but I can't remember the details.
upvoted 0 times
...
Dorothy
2 months ago
I'm not entirely sure, but I feel like just creating new SASs wouldn't stop unauthorized access immediately.
upvoted 0 times
...
Markus
2 months ago
I remember a practice question where we had to revoke access, and I think we had to delete the existing SASs instead.
upvoted 0 times
...
Aleisha
2 months ago
I'm confident this solution will work. Revoking the SASs should effectively cut off all unauthorized access to the storage account.
upvoted 0 times
...
Wilda
3 months ago
Generating new SASs sounds like a good first step, but I'm not sure it's enough on its own. I'll need to double-check the details to make sure this fully meets the goal.
upvoted 0 times
...
Ernestine
3 months ago
Okay, I think I get it now. Generating new SASs will invalidate the old ones, but we'll also need to review and update any stored access policies to fully revoke access.
upvoted 0 times
...
Geoffrey
3 months ago
This is tricky. I think it's B.
upvoted 0 times
...
Glen
3 months ago
I think generating new SASs might not actually revoke the old ones, so I'm leaning towards "No."
upvoted 0 times
...
Tegan
3 months ago
Generating new SASs won't revoke old ones.
upvoted 0 times
...
Carey
4 months ago
But generating new SASs could limit access.
upvoted 0 times
...
Claribel
4 months ago
I'm a bit confused - does this solution actually revoke all access, or just the SASs? What about any stored access policies?
upvoted 0 times
...
Bernadine
4 months ago
Hmm, this seems straightforward. Generating new SASs should revoke the old ones and prevent further unauthorized access.
upvoted 0 times
Anglea
4 months ago
I think generating new SASs is a good idea.
upvoted 0 times
...
...

Save Cancel