Free Microsoft Azure AZ-500 Actual Exam Questions - Question 2 Discussion
Question No. 2
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure subscription named Sub1.
You have an Azure Storage account named sa1 in a resource group named RG1.
Users and applications access the blob service and the file service in sa1 by using several shared
access signatures (SASs) and stored access policies.
You discover that unauthorized users accessed both the file service and the blob service.
You need to revoke all access to sa1.
Solution: You regenerate the Azure storage account access keys.
Does this meet the goal?
the series contains a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure subscription named Sub1.
You have an Azure Storage account named sa1 in a resource group named RG1.
Users and applications access the blob service and the file service in sa1 by using several shared
access signatures (SASs) and stored access policies.
You discover that unauthorized users accessed both the file service and the blob service.
You need to revoke all access to sa1.
Solution: You regenerate the Azure storage account access keys.
Does this meet the goal?
Select one option, then reveal solution.
US
LR
Luke R.
2026-02-20
B. Regenerating the keys won’t cut off access granted by stored access policies since those policies are managed separately from the keys. So this won’t fully block unauthorized access that’s using those policies.
0
HR
Hassan R.
2026-02-11
Maybe B because stored access policies can still grant permissions even if keys are regenerated, so it might not fully revoke all access. Regenerating keys doesn’t affect policies directly.
0
PO
Peter O.
2026-01-19
It’s A because regenerating the storage account keys invalidates all SAS tokens generated with the old keys, cutting off unauthorized access immediately.
0
PO
Peter O.
2026-01-16
A imo
0