Question 4 of 50
You develop an application. The application will be accessed by a supplier.
The supplier requires a shared access signature (SAS) to access Azure services in your company’s subscription.
You need to secure the SAS.
Which three actions should you take? Each correct answer presents a complete solution.
Always use HTTPS.
Use Azure Monitor and Azure Storage logs to monitor the application.
Define a stored access policy for a service SAS.
This item tests the candidate’s knowledge of creating and implementing shared access signatures (SAS).
The recommendation of always using HTTPS is valid and should be followed.
Azure Monitor and storage analytics logging should be used to observe any spike in these types of authorization failures.
Stored access policies will give the option to revoke permissions for a service SAS without having to regenerate the storage account keys. A security best practice is to provide a user with the minimum required privileges. It is best to use near-term expiration times on an ad-hoc SAS service or account SAS so that even if a SAS is compromised it is valid only for a short time.
Control access to Azure Storage with shared access signatures - Training | Microsoft Learn
Grant limited access to data with shared access signatures (SAS) - Azure Storage | Microsoft Learn
Question 5 of 50
You develop a multitenant web application named App1. You plan to register App1 with multiple Microsoft Entra ID tenants.
You need to identify the relationship between the application objects and security principals associated with App1.
Which relationship should you identify?
App1 will have a single application object and multiple service principals.
This item tests the candidate’s knowledge of configuring authentication of multitenant applications, which is a common scenario when implementing authentication.
App1 will have a single application object and multiple service principals. App1 will not have multiple application objects. multiple application objects and a single service principal., or a single service principal.
Explore service principals - Training | Microsoft Learn
Apps & service principals in Azure AD - Microsoft Entra | Microsoft Learn