ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam
Go to Exam

Exam AZ-305 topic 2 question 11 discussion

Actual exam question from Microsoft's AZ-305
Question #: 11
Topic #: 2
[All AZ-305 Questions]

HOTSPOT -
You have an Azure subscription that contains the SQL servers on Azure shown in the following table.

The subscription contains the storage accounts shown in the following table.

You create the Azure SQL databases shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: Yes -
Auditing works fine for a Standard account.

Box 2: No -
Auditing limitations: Premium storage is currently not supported.

Box 3: No -
Auditing limitations: Premium storage is currently not supported.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview#auditing-limitations
by default_wizard at Dec. 13, 2021, 6:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jkklim
Highly Voted 3 years ago
YNN CONCEPT TO REMEMBER 1. TO WRITE INTO STORAGE, MUST BE IN SAME REGION 2. TO WIRTE IN LOG ANALYTICS SPACE - CAN BE IN DIFFERENT REGION SINCE WE ARE USING CONCEPT 1, CAN ONLY WRITE INTO SAME REGION IT HAS NOTHING TO DO WITH PRICING TIER
upvoted 184 times
ValB
4 months, 1 week ago
The databases can be in any region because resource groups can contain resources from different regions. There is nothing here specifying in which regions are the databases. Therefore I believe that invoking the region as argument is wrong.
upvoted 1 times
alexbraila
5 days, 4 hours ago
Yes, there is. The first table specifies the regions of the SQL servers
upvoted 1 times
...
...
Rayane
2 years, 1 month ago
Why are you writing in capital, LOL ?
upvoted 25 times
nigw
2 years, 1 month ago
because it's SQL :)
upvoted 90 times
annabelbm
2 years, 1 month ago
According to MS documentation: If you are deploying from the Azure portal, be sure that the storage account is in the same region as your database and server. If you are deploying through other methods, the storage account can be in any region.
upvoted 7 times
sugarbubbles
10 months, 2 weeks ago
So are you implying that it should be YYY?
upvoted 1 times
...
Load full discussion...
...
...
...
olympe
1 year, 6 months ago
it's wrong,this has nothing to do with regions.!!!!!!!!
upvoted 3 times
SDiwan
1 year ago
you are wrong. For auditing, storage account needs to be in same region as db. I have tested just now in lab. It won't show any storage acocunts in other regions while configuring auditing.
upvoted 4 times
Paputzback
4 months ago
I did the same thing. I created 2 LRS storage accounts. One in the EastUS, the other in Central US. I created a SQL database in WestUS. Then from Security > Auditing I enabled auditing and neither storage account appeared. So the region of the storage is definitely key.
upvoted 1 times
...
ValB
4 months, 1 week ago
But we don't know in which regions the databases are, because resource groups can contain resources from different regions.
upvoted 1 times
davidpetersiani
3 months, 1 week ago
We know exactly where are the databases... Databases are created on a SQLsrv and we know the location of the SQL servers
upvoted 2 times
...
...
...
...
...
default_wizard
Highly Voted 3 years, 2 months ago
answer sould be Yes, No, No Auditing limitations Premium storage is currently not supported. https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview
upvoted 67 times
Shadow983
3 years, 2 months ago
I saw this in document, but I am not sure that is mean sql database or storage account.
upvoted 4 times
Shadow983
3 years, 2 months ago
BTW, the region is not the same. Y, N, N should be correct.
upvoted 15 times
makkros
2 years, 11 months ago
Who said that? Storage have indicated the Resource group only not the region
upvoted 1 times
epomatti
2 years, 8 months ago
Makkros yes it DOES indicate the location.
upvoted 2 times
...
Load full discussion...
...
...
...
Eltooth
3 years, 2 months ago
https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview#auditing-limitations
upvoted 5 times
...
sonoksmy
2 years, 5 months ago
Storage 2 can be standard BlobStorage, therefore this explanation is not correct
upvoted 3 times
...
...
[Removed]
Most Recent 3 months, 3 weeks ago
CORRECT (they must be in the same region)
upvoted 1 times
...
enigma65
4 months ago
Box 1: Yes Be sure that the destination is in the same region as your database and server. Box 2: No Since the regions are not the same. Box 3: Yes Blob Storage is always standard but SQL database premium supports audit logs.
upvoted 4 times
rfg_94
1 month, 3 weeks ago
Agree. YNY Box 1: Yes The storage account and SQL server are in the same region, ensuring compliance with the requirement that audit logs be stored in a storage account in the same region as the server. Box 2: No Since the regions are different, the audit logs cannot be stored in storage2 for SQLdb2. Box 3: Yes The region requirement is met, and SQL Database in the Premium pricing tier supports audit logging to Blob Storage.
upvoted 2 times
...
...
ValB
4 months, 1 week ago
Sql server auditing when the storage account is is behind a virtual network or firewall can only use storage accounts only of type general purpose v2 or premium storage with BlockBlobStorage, but not general purpose v1 and neither Blob Storage account. The databases can be actually in any regions because resource groups can contain resources from different regions.
upvoted 1 times
...
Thanveer
4 months, 2 weeks ago
Yes No No
upvoted 1 times
...
KarimaMaf
6 months, 1 week ago
If you are deploying from the Azure portal, make sure that the storage account is in the same region as your database and server. If you are deploying through other methods, the storage account can be in any region. https://learn.microsoft.com/en-us/azure/azure-sql/database/auditing-setup?view=azuresql
upvoted 1 times
...
23169fd
8 months, 2 weeks ago
it should be Y Y Y Key Points from Azure Documentation: Region: Audit logs can be stored in any region within the same subscription. Pricing Tier: Pricing tiers (Standard, Premium) do not restrict auditing capabilities. Account Kind: Audit logs can be stored in both general-purpose v2 (StorageV2) and BlobStorage accounts.
upvoted 2 times
cosmicT73
5 months, 4 weeks ago
as per microsoft ,: Premium storage with BlockBlobStorage is supported. Standard storage is supported. However, for audit to write to a storage account behind a VNet or firewall, you must have a general-purpose v2 storage account. If you have a general-purpose v1 or Blob Storage account, upgrade to a general-purpose v2 storage account.
upvoted 2 times
_punky_
4 months, 1 week ago
https://learn.microsoft.com/en-us/azure/azure-sql/database/auditing-overview?view=azuresql#remarks Reference: Premium storage with BlockBlobStorage is supported. Standard storage is supported. However, for audit to write to a storage account behind a virtual network or firewall, you must have a general-purpose v2 storage account. If you have a general-purpose v1 or Blob Storage account, upgrade to a general-purpose v2 storage account. For specific instructions see, Write audit to a storage account behind VNet and firewall. For more information, see Types of storage accounts. Conclusion: As you know to deploy storage account you need to create a Vnet in RG the same rule applies for the SQLDBs. So YNY: Storage1 is in RG1 where SQL1 is in RG1 both are in the same Vnet(implicitly). Storage2 is in different RG2 than SQLDB2 Storage3 would work with SQLDB3 but there is problem that storage account is in different region than RG and DB3 so that means(implicitly) you have to have 2 Vnets, the problem is that Central US is not paired with West US region and therefore they cannot be - N
upvoted 2 times
_punky_
4 months, 1 week ago
YNN - Correction The key factors for determining if audit logs can be stored in a particular storage account are the region and resource group, not the pricing tier of the database.
upvoted 1 times
...
...
...
...
RickySmith
10 months ago
YYY https://learn.microsoft.com/en-us/azure/azure-sql/database/auditing-setup?view=azuresql#audit-to-storage-destination It has nothing to do with the pricing tier of the SQL server or the stoprage. It does depend on what is being used to configure the auditing. If you try to configure via Azure Portal, then it needs to be same region. If you are trying to configure via CLI, then it can be any region.
upvoted 1 times
Lazylinux
10 months ago
U Must have been talking to Bill Gates!! Ans YNN
upvoted 2 times
...
...
Markoduk
11 months, 2 weeks ago
Yes No No 1. is a given 2. https://learn.microsoft.com/en-us/azure/azure-sql/database/audit-write-storage-account-behind-vnet-firewall?view=azuresql#prerequisites The storage account must be on the same tenant and at the same location as the logical SQL server (it's OK to be on different subscriptions). 3. BlockBlobStorage in not mentioned!? (Blob Storage) https://learn.microsoft.com/en-us/azure/azure-sql/database/audit-write-storage-account-behind-vnet-firewall?view=azuresql#prerequisites The premium storage with BlockBlobStorage is supported
upvoted 1 times
...
SDiwan
1 year ago
Test in Lab. Answer is indeed Y,N,N. Reason: While configuring auditing for azure sql db, azure portal only will show storage accounts which are in same region. Both standard and premium storage accounts can be used but they need to be in same region as db.
upvoted 3 times
...
JimmyYop
1 year, 1 month ago
appeared in Exam 01/2024
upvoted 6 times
...
cesco1286
1 year, 2 months ago
Y, N, N should be the correct response now. as of december 2023, Premium storage is supported for SQL Auditing - but you can't write to a different region (just try it in the portal, see if storages in different regions pop up ;)
upvoted 3 times
...
nav109
1 year, 3 months ago
Got this on Nov. 17, 2023
upvoted 5 times
...
ncseffai
1 year, 4 months ago
I tried. MY SQL server is in West Europe. I created a Standard V2 storage account in North Europe. When I try to configure the auditing the storage account does not show up in the dropdown. A standard v2 storage account in west Europe is in the list however.
upvoted 2 times
...
Learningcurve101
1 year, 5 months ago
yes no no. blobstorage is unsupported. blockblobstorage is supported..
upvoted 2 times
...
xurxosan
1 year, 5 months ago
YYY https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview#auditing-limitations Premium storage with BlockBlobStorage is supported. Standard storage is supported. However, for audit to write to a storage account behind a VNet or firewall, you must have a general-purpose v2 storage account. If you have a general-purpose v1 or Blob Storage account, upgrade to a general-purpose v2 storage account. For specific instructions see, Write audit to a storage account behind VNet and firewall. For more information, see Types of storage accounts.
upvoted 3 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago