ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-103 All Questions

View all questions & answers for the AZ-103 exam
Go to Exam

Exam AZ-103 topic 2 question 19 discussion

Actual exam question from Microsoft's AZ-103
Question #: 19
Topic #: 2
[All AZ-103 Questions]

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g, copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Use the following login credentials as needed:

Azure Username: XXXXXXX -

Azure Password: XXXXXXX -
The following information is for technical support purposes only:

Lab Instance: 9172796 -

You plan to store media files in the rg1lod9172796 storage account.
You need to configure the storage account to store the media files. The solution must ensure that only users who have access keys can download the media files and that the files are accessible only over HTTPS.
What should you do from the Azure portal?

Show Suggested Answer Hide Answer
Suggested Answer: See solution below.
We should create an Azure file share.
Step 1: In the Azure portal, select All services. In the list of resources, type Storage Accounts. As you begin typing, the list filters based on your input. Select
Storage Accounts.
On the Storage Accounts window that appears.
Step 2: Locate the rg1lod9172796 storage account.
Step 3: On the storage account page, in the Services section, select Files.

Step 4: On the menu at the top of the File service page, click + File share. The New file share page drops down.
Step 5: In Name type myshare. Click OK to create the Azure file share.
References:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-portal
by deepu1207 at March 11, 2020, 3:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
awsnoob
Highly Voted 5 years, 1 month ago
So, to clarify... 1. Create a Blob container with private access 2. Generate a SAS, with Blob only access and allow only HTTPS
upvoted 23 times
...
Wathini
Highly Voted 5 years, 1 month ago
Media files use Blob Storage, You can generate Keys and allow protocols http/https by using SAS. My answer would be blob storage.
upvoted 15 times
...
JBinuya
Most Recent 4 years, 2 months ago
Blobs is not shown as an option there are only: Containers, File shares, Tables, and Queues
upvoted 1 times
...
cmom
4 years, 6 months ago
Blobs no longer shows as an option on the Azure portal, so I am guess that answers it.
upvoted 1 times
...
DA0410
4 years, 7 months ago
Create file share , make sure SMB port 445 and Https port 443 are allowed to share access
upvoted 1 times
...
Saman2020
4 years, 8 months ago
Storage Account -> Configuration > Secure Transfer > enable
upvoted 4 times
...
TinyTrexArmz
4 years, 8 months ago
It seems to me there are two workable solutions. 1) File Share - Not recommended for media files but will handle them. You can go into the storage account's Configuration blade and select "secure transfer required." This will allow SMB with encryption ONLY. When mapping the drive letter, you are required to use the Account Key as the password. 2) Blob Container with SAS - This one is recommended for media files. You can use a SAS token to require HTTPS and limit what users can do. You can argue that the question says explicitly, users have to have the Access Key to access the data and that SAS is not sharing the Access Key. But I think you could install Storage Explorer and input the user and Access Key data into it and access the data via APIs and the storage account (untested). With the addition of going into the Storage Account's Configuration blade and selecting secure transfer required, this too would seem to satisfy the requirements. Correct?
upvoted 3 times
...
SorinOmen
4 years, 8 months ago
The question says "only users who have access keys" ( SAS is a token, not a key ), so I assume we can just enable the "Secure transfer required" feature on the Storage Account level and create a blob to store the media files.
upvoted 5 times
...
jonnybugaloo
4 years, 10 months ago
https://www.examtopics.com/assets/media/exam-media/03048/0005500001.jpg This is an image showing this kind of configuration requested on this question. File share with access key accessed through HTTPS only. That's the way
upvoted 9 times
Julien92600
4 years, 10 months ago
The answer is good. If you want to set "HTTPS Only" go to our Storage Account > select Shared Access Signature and Check HTTPS Only as the image above
upvoted 1 times
...
...
nfett
4 years, 10 months ago
answer should be blob. not file share.
upvoted 1 times
...
Jmontenegro
4 years, 11 months ago
It has to be Blob and not file share, if HTTPs is requiered, a SMB file share is pointless, SAS access is not lined to Blob o file share though, but to the storage account
upvoted 1 times
...
jonnybugaloo
4 years, 11 months ago
It is correct, guys. Fine shares can store media files, no problem on this. My doubt was on https part, and I found this: Encryption in transit By default, all Azure storage accounts have encryption in transit enabled. This means that when you mount a file share over SMB or access it via the FileREST protocol (such as through the Azure portal, PowerShell/CLI, or Azure SDKs), Azure Files will only allow the connection if it is made with SMB 3.0+ with encryption or HTTPS. Clients that do not support SMB 3.0 or clients that support SMB 3.0 but not SMB encryption will not be able to mount the Azure file share if encryption in transit is enabled. For more information about which operating systems support SMB 3.0 with encryption, see our detailed documentation for Windows, macOS, and Linux. All current versions of the PowerShell, CLI, and SDKs support HTTPS. https://docs.microsoft.com/en-us/azure/storage/files/storage-files-networking-overview So, the answer given is correct.
upvoted 3 times
jonnybugaloo
4 years, 11 months ago
Second thoughts: Question says "only HTTPS" I don't know if it possible to disable SMB on file share, and even it has no sense. Container for blobs is best option to guarantee this.
upvoted 1 times
...
...
[Removed]
4 years, 11 months ago
The correct answer is to have Blob storage set to private access to cover the question requirement for only accessible with Access keys. and you have to enable secure setting in the storage account configuration menu (to cover only available in HTTPS). Some users are talking about setting SAS over https, but that's not what the question is asking for, SAS is different than Access Key and it's been explicitly said storage keys. important to differentiate SAS and AK.
upvoted 9 times
praveen97
4 years, 9 months ago
Agree with AshkanVafa. To access media files only in HTTPS, enable Secure Transfer in Storage Account -> Configuration. The secure transfer option enhances the security of your storage account by only allowing requests to the storage account by secure connection. For example, when calling REST APIs to access your storage accounts, you must connect using HTTPs. Any requests using HTTP will be rejected when 'secure transfer required' is enabled. Also, as per the below link, Microsoft recommends to use Azure Blob Storage for media files (Video/Audio). https://docs.microsoft.com/en-us/azure/storage/common/storage-introduction#blob-storage So, the answer should be create a Blob Storage (Containers -> New Container (Private - no anonymous access) -> Upload -> select mediate files -> Advanced, select Block type as Block blob) Azure Blob files can be downloaded using c# https://microsoft.github.io/AzureTipsAndTricks/blog/tip76.html#download-a-file
upvoted 3 times
...
BesQpin
3 years, 9 months ago
This is the answer
upvoted 1 times
...
...
r_s880
4 years, 11 months ago
for media file we can use FileShare as well, it provides you https URL access however we can deploy the scenario via blob storage but I am ok with FileShare
upvoted 1 times
...
Intikhab
5 years ago
answer is right because, Azure Files offers two additional ways to manage access control: You can use shared access signatures (SAS) to generate tokens that have specific permissions, and which are valid for a specified time interval. For example, you can generate a token with read-only access to a specific file that has a 10-minute expiry. Anyone who possesses the token while the token is valid has read-only access to that file for those 10 minutes. Shared access signature keys are supported only via the REST API or in client libraries. You must mount the Azure file share over SMB by using the storage account keys. https://docs.microsoft.com/en-us/azure/storage/files/storage-files-faq
upvoted 1 times
lolo13698
5 years ago
For https access, you need to use blobs.
upvoted 4 times
...
[Removed]
5 years ago
You are missing the HTTPS part, you need a blob for that.
upvoted 2 times
...
...
Bruce
5 years, 1 month ago
I would also create a blob store with SAS tokens, no?
upvoted 3 times
...
dayakollapu
5 years, 1 month ago
We cannot store the media files on File Share.
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago