Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

🎆NEW YEAR SALE EXTENSION - Practice exams as low as $9.74 USD & eBooks as low as $2.99 USD

Find answers, ask questions, and connect with our
community around the world.

Home Forums Azure AZ-500 – Securing storage account

  • AZ-500 – Securing storage account

     Irene-TutorialsDojo updated 1 month, 1 week ago 2 Members · 4 Posts
  • aocferreira

    Member
    December 2, 2024 at 11:46 pm

    Hi,

    Can you explain why the correct answer for the below question is “YES” ?

    <i style=”font-family: inherit; font-size: inherit;”>You have discovered that one of your Azure Storage account access keys has been compromised. You need to ensure that the compromised access key cannot be used anymore while minimizing disruption to your services.

    Solution: Rotate both primary and secondary access keys for the Azure Storage account and update all applications and services to use the new keys.

    Does the solution meet the goal?

    If just one of the access keys was compromised, why do we need to rotate both keys?

    Can’t we just rotate the key that was compromised?

    I.e., in this scenario, we could update the applications/code to use the 2nd key (non-compromised) and then rotate the compromised key in the portal.

    Thanks,

    André

  • Irene-TutorialsDojo

    Administrator
    December 3, 2024 at 8:53 am

    Hi André,

    In this case, rotating both the primary and secondary keys is recommended for security reasons. Even though only one key was compromised, rotating both keys ensures that no unauthorized access remains possible. This approach invalidates both keys and makes the account fully secure.

    While rotating both keys does require updating all applications, it simplifies the process by ensuring that both keys are refreshed at once. This can help minimize the time the compromised key is still in use and reduce any potential gaps in security. Hence, rotating both keys meets the goal of securing the account while addressing the compromise immediately.

    Best regards,
    Irene @ Tutorials Dojo

  • aocferreira

    Member
    December 4, 2024 at 12:26 am

    Hi Irene,

    Got it, thanks for the confirmation.

    Cheers,

    André

    • This reply was modified 1 month, 1 week ago by  aocferreira.
    • Irene-TutorialsDojo

      Administrator
      December 4, 2024 at 8:07 am

      You’re very welcome! Feel free to reach out if you need anything else or have any further questions.

      Cheers,

      Irene @ Tutorials Dojo

Viewing 1 - 3 of 3 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now
Skip to content