This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Check your learning with these questions.
A security team disables Shared Key authorization on a storage account. Which type of shared access signature continues to work after this change?
Service SAS signed with the storage account key
Account SAS signed with the storage account key
User delegation SAS signed with Microsoft Entra credentials
Connection string containing the account access key
An AI agent running in Azure Functions needs read-only access to a blob container. Which authorization approach does Microsoft recommend for Azure-hosted AI workloads?
Store a SAS token in Azure Functions application settings and pass it with each request
Embed the storage account access key in the Function App environment variables
Assign the Function App a managed identity with the Storage Blob Data Reader role
Enable anonymous read access on the blob container
A service SAS token associated with a stored access policy is compromised. What is the fastest way to revoke access for all clients using this SAS?
Wait for the SAS token expiry time to pass
Delete or modify the stored access policy associated with the SAS
Rotate the storage account access keys
Disable the storage account in the Azure portal
You must answer all questions before checking your work.
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?