ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-104 All Questions

View all questions & answers for the AZ-104 exam
Go to Exam

Exam AZ-104 topic 3 question 39 discussion

Actual exam question from Microsoft's AZ-104
Question #: 39
Topic #: 3
[All AZ-104 Questions]

HOTSPOT -
You have an Azure subscription that contains an Azure Storage account named storageaccount1.
You export storageaccount1 as an Azure Resource Manager template. The template contains the following sections.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?tabs=json
by yoelalan14 at Dec. 11, 2021, 5:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
MrMacro
Highly Voted 3 years, 2 months ago
Box 1- Yes. VirtualNetworkRules & IpRules are blank, with the default action Allow. Box 2- Yes. Individual blobs can be set to the archive tier - ref.https://docs.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview Bob 3. No. To access blob data in the Azure portal with Azure AD credentials, a user must have the following role assignments: A data access role, such as Storage Blob Data Contributor The Azure Resource Manager Reader role Ref.https://docs.microsoft.com/en-us/azure/storage/blobs/assign-azure-role-data-access?tabs=portal
upvoted 127 times
Mozbius_
3 years, 1 month ago
Box 2 is VERY TRICKY- Answer appears to be NO The ARM Template storage is of type StorageV2. It is true that BLOB LifeCycles exist for "StorageV2 (which supports blobs), Premium Page Blob, Premium Block Blob". That being said the link you provided is only subtly inferring that the "ARCHIVE" tiers can be enabled only at hardcore Blobs storages NOT "StorageV2". "While the Hot and Cool tiers can be enabled at the storage account level or at the blob level, the Archive tier can only be enabled at the blob level. All three storage access tiers can exist in the same storage account and the default tier for a blob is inherited from the account level setting." Reference: https://cloud.netapp.com/blog/storage-tiers-in-azure-blob-storage-find-the-best-for-your-data#:~:text=%20How%20to%20Switch%20Between%20Storage%20Tiers%20in,account%2C%20browse%20to%20the%20Storage%20account-%3EBlob...%20More%20
upvoted 8 times
Mozbius_
3 years, 1 month ago
I take it back!!! In Azure I have created a Standard V2 based storage account and when I go to upload a Blob in a container "Hot", "Cool" and "Archive" are access tiers can be selected. So based on that test it appears that it is not possible to change the a Standard V2 based "storage account" tier to "Archive" (because life cycles apply only to Blobs and not to Files, Tables or Queues) but it is possible to indeed set the access tier to individual blobs within a StandardV2 storage account (which I must say makes a lot of sense).
upvoted 44 times
Mozbius_
3 years, 1 month ago
Box 2 is YES (moderator please delete my initial response to prevent further confusion. Thanks).
upvoted 69 times
...
...
KingHalik
1 year, 3 months ago
I agree: "Only storage accounts that are configured for LRS, GRS, or RA-GRS support moving blobs to the archive tier. The archive tier isn't supported for ZRS, GZRS, or RA-GZRS accounts. For more information about redundancy configurations for Azure Storage, see Azure Storage redundancy." https://learn.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview
upvoted 3 times
...
...
...
beem84
Highly Voted 3 years, 2 months ago
1: Yes. Defaultaction is allow. IP is allowed. 2: Yes. Storagev2 allows tiering. 3: No. File share access requires SAS.
upvoted 76 times
...
lahirudk
Most Recent 5 months ago
Active question as of today
upvoted 4 times
...
[Removed]
6 months ago
CORRECT Yes (defaultAction is allowed) Yes (Storagev2 supports tiering) No (File share access requires SAS ehich is not mentioned)
upvoted 3 times
...
ajay01avhad
7 months, 1 week ago
Analysis: The IP 193.77.134.1 is not within the allowed IP address range specified (which is from 193.77.134.10 to 193.77.134.50). Therefore, any attempt to connect from this IP will be denied. Answer: Will have no access Analysis: The IP 193.77.134.50 falls within the allowed IP range. Permissions granted include Read, Write, Delete, and List. Given that the scenario occurs within the allowed date range and uses a permitted IP, the access will be granted according to the specified permissions. Answer: Will have read, write, and list access
upvoted 1 times
...
varinder82
9 months, 2 weeks ago
1: Yes. Defaultaction is allow. IP is allowed. 2: Yes. Storagev2 allows tiering. 3: No. File share access requires SAS.
upvoted 2 times
...
tashakori
11 months, 2 weeks ago
Given answer is right
upvoted 1 times
...
1828b9d
1 year ago
This question was in exam 01/03/2024
upvoted 4 times
...
sjsaran
1 year, 5 months ago
Only Azure Services option is enabled, it can be enabled only in the selected network option (option 2 in the network blade), and if there is no IP added that mean no access from any public network, so the answer to the question 1 might be NO
upvoted 1 times
...
redD
1 year, 6 months ago
Box 1 - No, because the optional parameter "publicNetworkAccess" NOT specified! Ref Allow or disallow public network access to STORAGE ACCOUNT. Value is optional but if passed in, must be 'Enabled' or 'Disabled' https://learn.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts?pivots=deployment-language-arm-template#property-values-1
upvoted 1 times
...
eduardokm
1 year, 7 months ago
Box 2 - Yes - https://learn.microsoft.com/en-us/rest/api/storageservices/set-blob-tier?tabs=azure-ad
upvoted 1 times
...
danrodcard
1 year, 7 months ago
Box1- Yes -DefailtAction = "Allow" Box2-No - if the storage account's access tier is set to "Hot," you cannot directly set individual blobs within that storage account to the "Archive" access tier. box3- ?? Keytype ="Account"
upvoted 2 times
GPerez73
1 year, 6 months ago
Agree with Box1 and Box2 (archive is greyed out). I'm not sure about box3, but file share let you to set up AAD access. So I would say yes YNY for me
upvoted 3 times
...
...
Richard1205
1 year, 8 months ago
Box1: Y NetworkACLs are blank. Default Action Allow Box2: Y Individual blobs can be set to the archive tier https://learn.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview?tabs=azure-portal Watch : The following table summarizes how tier changes are billed. Box3: N In the List no allowSharedKeyAccess type ,the allowSharedKeyAccess default is True Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
upvoted 4 times
...
AzZnLuVaBoI
1 year, 11 months ago
On the Exam 3/29/23.
upvoted 10 times
...
nidhogg
2 years ago
yyY learn.microsoft.com/en-us/azure/storage/blobs/authorize-data-operations-portal "The classic subscription administrator roles Service Administrator and Co-Administrator include the equivalent of the Azure Resource Manager owner role. The Owner role includes all actions, including the Microsoft.Storage/storageAccounts/listkeys/action, so a user with one of these administrative roles can also access blob data with the account key.
upvoted 1 times
...
nidhogg
2 years ago
Global admin AzAD role is given the service admin role at subcription level, thus it could access anything on a Storage Account. I guess that it'd be Y - Y - Y https://learn.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles
upvoted 2 times
fits08pistils
1 year, 8 months ago
This is not true, also it's not mentioned anywhere in the URL you provided, so the answer is still YYN
upvoted 2 times
...
...
samzurcher
2 years, 4 months ago
Box 1 - probably No. You can not access content of the storage account unless you set Public Access on the Blob-Level i think.
upvoted 1 times
OliwerCiecwierz
2 years, 3 months ago
Don't think
upvoted 4 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago