ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 2 question 60 discussion

Actual exam question from Microsoft's SC-300
Question #: 60
Topic #: 2
[All SC-300 Questions]

HOTSPOT -

You have an Azure subscription named Sub1 that contains three users named User1, User2, and User3. Sub1 has a storage account named storage1 that contains the resources shown in the following table.



Sub1 contains the users shown in the following table.



Which users can read File1, and which users can read File2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by Sunth65 at Jan. 31, 2025, 9:34 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ManuelBoghossian0891
1 week, 4 days ago
The management plane RBAC (reader, storage contributer) wont allow access to files within. Thus, the only one who has access to the blob file is the Storage Blob file reader.
upvoted 1 times
...
59e8fdb
4 months, 3 weeks ago
Given answer is correct, Storage Blob Container reader can read containers data but cannot read azure file shares since this role is specifically designed for blob containers. File 1-Blob storage User 2 and 3, Contributor is highly privileged role can read anything pretty much and the second File is only user 3 since user 2 cannot read Azure File Shares with Blob containers reader role nor the user 1 which is reader only.
upvoted 3 times
...
armid
5 months, 1 week ago
uh oh this one is tough couldnt find clear differentiators on learn, but will go with user2 and 3 in both cases. Both storage contributor and data reader seem to have the rights needed to view content of the files. But for the Reader roles, it seems they are abel to read the CONTROL plane, not the data plane.
upvoted 1 times
armid
5 months, 1 week ago
Reader View all resources, but does not allow you to make any changes. This role includes the */read action for the control plane. Users that are assigned this role can read control plane information for all Azure resources.
upvoted 1 times
...
armid
5 months, 1 week ago
i changed my mind, i think the answer provided in the solution is actually correct to read file share file, you need the: Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read none of the roles have it except for Storage Account Contributor ( i wasnt able to find Storage Contributor role so i assume they meant Storage Accont Contributor and not Storage Account Blob Data Contributor) . So that would mean File2 can only be accessed by User3
upvoted 1 times
...
...
anonymousarpanch
5 months, 1 week ago
if i understood this correctly, it says reading contents 'file 1 & file 2' within the resources. This means that 'reader' role won't suit. leaves to storage blob data reader which makes sense for reading both type of file1 & file 2. Storag contributor (Storage account contributor as per Azure RBAC) is not meant to read contents..so only answer could be 'User2' in both the boxes
upvoted 2 times
...
Oskarma
5 months, 2 weeks ago
I think it's all of them in both questions: - Reader: View all resources, but does not allow you to make any changes. - Storage Account Contributor: Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.
upvoted 1 times
Oskarma
5 months ago
I change my mind. - File1: User2 (Storage Blob Data Reader) & User3 (Storage Contributor) - File2: User3 (Storage Contributor)
upvoted 1 times
...
...
Sunth65
5 months, 2 weeks ago
File1 - user2 and user3, File2 - user1 and user2
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel