Free Microsoft Azure AZ-500 Actual Exam Questions - Question 15 Discussion
HOTSPOT You have an Azure subscription that contains a storage account named contoso2023. You need to perform the following tasks:
• Verify that identity-based authentication over SMB is enabled.
• Only grant users access to contoso2023 in the year 2023.
Which two settings should you use? To answer, select the appropriate settings in the answer area. 
B for identity-based auth, D fits for limiting user access by date.
B for identity-based auth since it involves Azure AD, and D to restrict access timing.
For enabling identity-based authentication over SMB, the key setting is definitely enabling Azure AD Domain Services authentication, which points to option B. As for restricting access only during 2023, that’s more about setting an expiration on the access permissions. The time-limited access part suggests choosing the Shared Access Signature (SAS) expiry setting, which aligns with option D. So I’d go with B for authentication and D for the time limit instead of just RBAC. This way, you enforce identity verification plus a definite time window for access.
I think option A is definitely needed since it deals with Azure AD Domain Services for SMB, which fits the identity-based auth part. For limiting access to just 2023, option D seems like the only one related to expiration or time constraints.
A and C look right here.