Practice free →
HomeAzure AZ-500cloudcomputingaz500compstoragedb › Which Azure storage authentication option should…

Which Azure storage authentication option should a security engineer prefer over shared-key access for an application reading a blob — to enable IAM-controlled, auditable access without shared secrets?

AAzure DNS
BHardcoded storage account access keys in source code
CMicrosoft Entra ID authentication (or Managed Identity) on the storage account
DPublic anonymous read
Answer & Solution
Correct answer: C. Microsoft Entra ID authentication (or Managed Identity) on the storage account
Entra-auth on storage replaces shared keys (per AZ-500 §3 storage access). The other options leak credentials or expose data.
Solve this in the app — Azure AZ-500 practice & 24k+ MCQs →
Related questions