ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam
Go to Exam

Exam AZ-305 topic 2 question 17 discussion

Actual exam question from Microsoft's AZ-305
Question #: 17
Topic #: 2
[All AZ-305 Questions]

HOTSPOT -
You are planning an Azure Storage solution for sensitive data. The data will be accessed daily. The dataset is less than 10 GB.
You need to recommend a storage solution that meets the following requirements:
✑ All the data written to storage must be retained for five years.
✑ Once the data is written, the data can only be read. Modifications and deletion must be prevented.
✑ After five years, the data can be deleted, but never modified.
✑ Data access charges must be minimized.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: General purpose v2 with Hot access tier for blobs
Note:
* All the data written to storage must be retained for five years.
* Data access charges must be minimized
Hot tier has higher storage costs, but lower access and transaction costs.
Incorrect:
Not Archive: Lowest storage costs, but highest access, and transaction costs.
Not Cool: Lower storage costs, but higher access and transaction costs.
Box 2: Storage account resource lock
As an administrator, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. The lock overrides any permissions the user might have.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources
by mse89 at Sept. 1, 2022, 8:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mse89
Highly Voted 2 years, 6 months ago
gpv2 hot tier, container access policy to configure a time-based retention policy for immutable storage. Storage account resource lock does not prevent data editing or deletion, but only the storage account deletion.
upvoted 145 times
ike001
2 years, 6 months ago
agree 100%
upvoted 8 times
kJigneshk
2 years, 4 months ago
yes you set the resources lock as read-only and delete prevention but can to for data, that is only for resources change not for in the data.
upvoted 1 times
...
...
webbies
2 years, 4 months ago
You can set the storage resource lock to CannotDelete and ReadOnly isnt? https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources?tabs=json
upvoted 4 times
kJigneshk
2 years, 4 months ago
yes you set the resources lock as read-only and delete prevention but can to for data, that is only for resources change not for in the data.
upvoted 11 times
...
...
...
Gowind
Highly Voted 2 years, 6 months ago
Answer is GPv2 HOT to have frequent access : https://docs.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview Answer is container access (immutable) policy at least at the container scope. https://docs.microsoft.com/en-us/azure/storage/blobs/immutable-storage-overview
upvoted 50 times
...
[Removed]
Most Recent 3 months, 3 weeks ago
WRONG 1. General purpose v2 with Hot access tier 2. Container access policy
upvoted 2 times
...
Lazylinux
10 months, 1 week ago
i would go for gpv2 hot tier and container access policy
upvoted 4 times
...
Azure2020
11 months ago
1 Hot tier 2 should be access policy. PS Locking a storage account does not protect containers or blobs within that account from being deleted or overwritten!!!
upvoted 2 times
...
Zein135
11 months ago
I think the right choice for second question is "Container Access Level" we can adjust access level to read only
upvoted 1 times
Robtin
1 month, 3 weeks ago
A Container Access Policy defines how data within a container can be accessed by managing roles and permissions. What it does: It controls read and write permissions for data in a container. Limitations: It does not prevent data from being modified or deleted. It only regulates who can access the data and what they can do with it. Conclusion: This does not guarantee data immutability or enforce a retention period.
upvoted 1 times
...
...
Daychill
1 year, 1 month ago
Immutability policies can be scoped to a blob version or to a container. How an object behaves under an immutability policy depends on the scope of the policy. For more information about policy scope for each type of immutability policy, see the following sections: Time-based retention policy scope Legal hold scope Depending on the scope, you can configure both a time-based retention policy and a legal hold for a resource (container or blob version).
upvoted 1 times
...
nav109
1 year, 3 months ago
Got this on Nov. 17, 2023
upvoted 5 times
...
mark_af
1 year, 4 months ago
1. "Hot tier". Lower access transaction costs, meats requirement "Data access charges must be minimized" 2. "Container access policy" seems to be the best one. I still struggle to find it in the documentation (only found immutable storage references)
upvoted 3 times
xRiot007
1 year ago
1. Wrong, the cheapest tier is Archive, then Cool, then Hot. The reason why we need Hot access is because this data has to be accessed a lot on a daily basis.
upvoted 3 times
...
...
jcxxxxx2020
1 year, 4 months ago
This question appeared on my Exam today 10/22/2023 Total of 48 questions
upvoted 9 times
babakeyfgir
1 year, 3 months ago
answer?
upvoted 1 times
...
...
GeorgiAngelov
1 year, 4 months ago
General purpose v2 with Hot access tier and Storage resource lock.
upvoted 1 times
...
aksrav
1 year, 6 months ago
its general puprose v2 with hot tier container access policy
upvoted 3 times
...
NotMeAnyWay
1 year, 7 months ago
1. Storage Account type: c. GP v2 Hot. Considering the data will be accessed daily, the Hot access tier is the most cost-effective for storing frequently accessed data. 2. Configuration to prevent the modification and deletions: Container access policy. The Container access policy is indeed the place to configure Azure's Immutable Blob Storage to ensure data is retained without modifications or deletions for a specified amount of time, which suits your needs. The Azure Blob Storage's Immutable Blob Storage feature provides a WORM (Write Once, Read Many) capability which aligns with your requirements perfectly.
upvoted 15 times
...
sw1000
1 year, 9 months ago
Moderator/Admins: could you please update the answer. We have a lot of consense here that the answers are General Purpose v2 Blobs + hot tier AND Container Access Policy are needed to get the desired outcome.
upvoted 9 times
...
ZUMY
1 year, 10 months ago
General Purpose V2 Hot tier Container access policy I would recommend using Azure hot Blob Storage with a WORM (Write Once Read Many) policy. WORM policies prevent data from being modified or deleted after it has been written, and they can be applied to individual blobs or entire containers.
upvoted 6 times
ZUMY
1 year, 10 months ago
To implement this solution, you can follow these steps: Create an Azure Blob Storage account and enable the WORM feature. This can be done through the Azure Portal or via Azure CLI or PowerShell. Create a new blob container for your sensitive data. Set the WORM policy for the container to enforce write-once-read-many access for all blobs in the container. Upload your sensitive data to the blob container. Configure a retention period of five years for the data in the container.
upvoted 2 times
...
...
malcubierre
1 year, 11 months ago
General Purpose V2 Hot tier Container access policy
upvoted 8 times
...
Stone82
2 years ago
Second is Container Access Policy
upvoted 5 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago