Microsoft Azure Architect Design (AZ-304) Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Microsoft Azure Architect Design (AZ-304) Exam with comprehensive quiz questions designed to enhance your understanding and confidence. Master essential Azure concepts and strategies to excel on your test day!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

For a virtual machine to grant users access to an Azure Storage file share with NTFS permissions, which type of VM should be deployed?

  1. A virtual machine running Windows Server 2016 and joined to the contoso.com domain

  2. A virtual machine running Windows 10 and joined to the contoso-add.com domain

  3. A virtual machine running Windows 10 and hybrid Azure AD joined to the contoso.com domain

  4. An Azure virtual machine running Windows Server 2016 and joined to the contoso-add.com domain

The correct answer is: An Azure virtual machine running Windows Server 2016 and joined to the contoso-add.com domain

Deploying a virtual machine that runs Windows Server 2016 and is joined to the contoso-add.com domain is the correct choice for granting users access to an Azure Storage file share with NTFS permissions. In this scenario, Windows Server is the ideal operating system for managing file shares and permissions through NTFS. When the virtual machine is joined to a domain, specifically one that can authenticate users and manage sophisticated access control lists (ACLs), it provides the necessary capability for users to be granted appropriate permissions based on their domain accounts. Azure Storage file shares can leverage SMB (Server Message Block) protocols which align well with Windows Server environments. By using NTFS permissions on a Windows Server, you can set distinct security settings for shared files and folders, ensuring only authorized users have access. The requirement of being joined to a domain also underlines the need for centralized identity management, making it easier to control access rights as the user accounts are managed through Active Directory. Furthermore, the "contoso-add.com" domain can still function with Azure resources, offering flexibility while ensuring user authentication is securely handled. Using a Windows 10 virtual machine, as outlined in the other options, does not provide the same levels of control over shared resources and NTFS permissions typically

More Questions Like This