ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam DP-201 All Questions

View all questions & answers for the DP-201 exam
Go to Exam

Exam DP-201 topic 3 question 8 discussion

Actual exam question from Microsoft's DP-201
Question #: 8
Topic #: 3
[All DP-201 Questions]

You are designing a storage solution to store CSV files.
You need to grant a data scientist access to read all the files in a single container of an Azure Storage account. The solution must use the principle of least privilege and provide the highest level of security.
What are two possible ways to achieve the goal? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Provide an access key.
  • B. Assign the Storage Blob Data Reader role at the container level.
  • C. Assign the Reader role to the storage account.
  • D. Provide an account shared access signature (SAS).
  • E. Provide a user delegation shared access signature (SAS).
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
B: When an Azure role is assigned to an Azure AD security principal, Azure grants access to those resources for that security principal. Access can be scoped to the level of the subscription, the resource group, the storage account, or an individual container or queue.
The built-in Data Reader roles provide read permissions for the data in a container or queue.
Note: Permissions are scoped to the specified resource.
For example, if you assign the Storage Blob Data Reader role to user Mary at the level of a container named sample-container, then Mary is granted read access to all of the blobs in that container.
E: A user delegation SAS is secured with Azure Active Directory (Azure AD) credentials and also by the permissions specified for the SAS. A user delegation SAS applies to Blob storage only.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-rbac-portal https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
by Wendy_DK at May 27, 2021, 8:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Wendy_DK
Highly Voted 4 years ago
Answer is right
upvoted 6 times
ZodiaC
3 years, 11 months ago
TRUE it is
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel