Shared Access Signature — Microsoft Azure Administrator (AZ-104) Practice Questions
A Shared Access Signature (SAS) is a URI-based token that grants limited, time-bound, and permission-scoped access to Azure Storage resources such as blobs, queues, tables, or file shares without exposing account keys. The AZ-104 exam covers the three types of SAS tokens: account SAS, service SAS, and user delegation SAS, with the last being the most secure because it relies on Azure AD credentials rather than storage account keys. You must understand how to configure expiry times, allowed IP ranges, permitted protocols, and stored access policies to properly scope and revoke SAS tokens.
Free questions on shared access signature
You need to grant a user access to a specific blob container. What is the most secure approach to provide temporary access?
Free question · medium · full answer + explanation
More shared access signature questions in the full bank
- You need to share data between Azure storage accounts in different subscriptions. Which method is most secure? Unlock answer & explanation →
- What is a shared access signature (SAS) in Azure Storage? Unlock answer & explanation →
- How can you ensure only certain applications can write to a Blob Storage container? Unlock answer & explanation →