AZ-204 · Question #246
AZ-204 Question #246: Real Exam Question with Answer & Explanation
The correct answer is A: Revoke the delegation key.. If you believe that a SAS has been compromised, then you should revoke the SAS. You can revoke a user delegation SAS either by revoking the user delegation key, or by changing or removing RBAC role assignments for the security principal used to create the SAS. https://docs.micros
Question
You develop a REST API. You implement a user delegation SAS token to communicate with Azure Blob storage. The token is compromised. You need to revoke the token. What are two possible ways to achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
Options
- ARevoke the delegation key.
- BDelete the stored access policy.
- CRegenerate the account key.
- DRemove the role assignment for the security principle.
Explanation
If you believe that a SAS has been compromised, then you should revoke the SAS. You can revoke a user delegation SAS either by revoking the user delegation key, or by changing or removing RBAC role assignments for the security principal used to create the SAS. https://docs.microsoft.com/en-us/rest/api/storageservices/create-user-delegation-sas#revoke-a- user-delegation-sas
Community Discussion
No community discussion yet for this question.