Practice AZ-204 Develop for Azure storage questions with full explanations on every answer.
Start practicing
Develop for Azure storage — choose a session length
Free · No account required
Click any question to see the full explanation and answer options, or start a focused practice session above.
A company stores archival data in Azure Blob Storage. The data is accessed only a few times per year, and retrieval can take up to 15 hours. Which blob access tier minimizes storage costs while meeting these requirements?
2You are building a serverless application that needs to react to insertions and updates in an Azure Cosmos DB container. You want to process these changes using an Azure Function. Which trigger should you configure for the function?
3You are developing an application that writes logs to Azure Blob Storage. Each log entry is small (less than 1 KB) and you need to store millions of entries per day. You want to minimize storage costs and maximize write throughput. Which blob type should you use?
4You need to upload large files (up to 100 GB) to Azure Blob Storage from a web application. The upload must be resilient to network failures and support pausing/resuming. Which approach should you use?
5You need to store millions of small log entries (each <1 KB) per day from an IoT device. The logs are rarely read. Which storage solution is most cost-effective?
6You are developing an application that writes log entries to Azure Blob Storage. Each log entry is approximately 500 bytes, and you expect to generate millions of entries per day. The logs are rarely read, and when they are read, you need to retrieve ranges of logs sequentially. Which blob type should you use to minimize storage costs and maximize write throughput?
7An application stores large media files (up to 5 GB) that are frequently appended to but rarely read sequentially. Which Azure Blob Storage type should be used to optimize writes and cost?
8You are developing a .NET Core application that stores session state data. The data is infrequently updated but must be read quickly for every user request. You need a serverless, globally distributed storage solution with low latency reads. Which Azure storage solution should you use?
9You need to store large binary files (up to 2 GB) that are frequently overwritten in place (entire file replaced). You want to minimize storage cost and write latency. Which Azure Blob Storage type should you use?
10An application writes millions of small log entries (500 bytes each) daily. The logs are rarely read, and when read, they are accessed sequentially. You need to minimize storage costs and maximize write throughput. Which Azure Blob Storage type should you use?
11You are building an IoT solution that generates millions of small log entries (each less than 1 KB) per day. The logs are rarely read, and when they are read, they are always accessed in chronological order. You need to minimize storage costs and maximize write throughput. Which Azure Blob Storage type should you use?
12You need to store a large (terabytes) append-only dataset for compliance purposes. The data must be immutable to prevent tampering after writes. You also want to minimize storage cost and achieve high write throughput. Which Azure Storage solution should you use?
13You are building a compliance solution that stores terabytes of data in Azure Blob Storage. Data is appended frequently and never modified. Regulatory requirements mandate that no data can be overwritten or deleted for 7 years. Which storage configuration should you enable?
14You are building a data pipeline that writes billions of small log records (each ~200 bytes) to Azure Blob Storage. The logs are always written in chronological order and are read sequentially in order. You must minimize storage cost and achieve maximum write throughput. Which blob type should you use?
15You have an Azure Storage account that contains a blob container with thousands of small files. You need to generate a URL that allows users to download a single file for a limited time without changing the storage account's firewall rules or requiring authentication. Which approach should you use?
16You design an application that writes millions of small sensor readings (each ~100 bytes) to Azure Blob Storage. The data is appended to files every minute and after 7 days it is archived for compliance. You need to minimize write costs and storage costs. Which blob type and tier strategy should you use?
17You need to store terabytes of archival data that must be retained for 10 years. The data is accessed once or twice per year. You need to minimize storage costs. Which Azure Storage tier should you use?
18You are designing a solution that writes millions of small log records (each 200 bytes) to Azure Blob Storage. The logs are written every second, always appended to a single file. The file must be read periodically by a batch process that reads the entire file. You need to maximize write throughput and minimize storage costs. Which blob type and access strategy should you choose?
19You need to store large files that are written once and then frequently read for the first 30 days. After 30 days, the files are rarely accessed (once or twice per year) but must remain available for 5 years. You want to minimize storage costs. Which storage tier and lifecycle management rule should you apply?
20You need to store billions of small log entries (each ~200 bytes) written in chronological order from multiple producers. The logs are read sequentially in bulk once per day. You need to maximize write throughput and minimize storage costs. Which Azure Storage solution should you choose?
21You need to store millions of small JSON documents (each ~1 KB) that are frequently updated by multiple concurrent users. You require low-latency access to individual documents. Which Azure Storage solution should you use?
22You are designing a backup solution for a virtual machine. Monthly backups are large VHD files (up to 1 TB) that must be retained for 7 years. After creation, backups are accessed only rarely (once or twice per year). You need to minimize storage cost. Which storage tier should you use for the VHD files?
23You are building a serverless application that needs to store user profile data. The data includes simple fields like name, email, and preferences. The data is frequently accessed by user ID. You need a schema-less, low-latency storage solution that is cost-effective for millions of small records. Which Azure Storage solution should you use?
24You are designing a solution to ingest billions of small IoT sensor messages (each ~500 bytes). Messages arrive at high velocity and must be retained for 90 days. You need to query the data efficiently by device ID and timestamp. You want to minimize storage cost and write latency. Which Azure Storage solution should you use?
25You need to store large amounts of unstructured data (images and videos) that are accessed rarely (a few times per year) but must be available within minutes when requested. The data must be geo-redundant for disaster recovery. You want to minimize storage costs. Which storage tier and redundancy option should you choose?
26You need to store billions of small log entries (each ~200 bytes) generated from multiple IoT devices. The logs are written in chronological order and are rarely updated. You need to run queries that scan large ranges of data by timestamp each day. You want to maximize write throughput and minimize storage costs. Which Azure Storage solution should you choose?
27Your company stores backup files in an Azure Blob Storage account. These files are written once and then need to be retained for 7 years. During the first year, the files are accessed weekly. After the first year, they are accessed rarely (once per month). You want to minimize storage costs. Which combination of access tiers and lifecycle management should you apply?
28You need to store billions of small telemetry data entries (each ~100 bytes) from IoT devices. The data is written once and rarely updated. You need to run analytical queries on the last 30 days of data daily. The queries scan large ranges of data by timestamp and require sub-second response times. You need the lowest storage cost while meeting query latency requirements. Which Azure Storage solution should you use?
29You are building a web application that allows users to upload profile pictures. The images are up to 5 MB in size and must be stored durably. The images are accessed infrequently after upload (a few times per month). You want to minimize storage costs while ensuring the data is available within seconds when requested. Which Azure Blob Storage access tier should you use for the blob container?
30You are developing a C# application that stores sensitive documents in Azure Blob Storage. The application needs to generate a time-limited shared access signature (SAS) that allows a client to only read and list blobs in a specific container. The SAS must be valid for exactly 1 hour from the current time. Which code snippet correctly creates the SAS? (Assume the BlobServiceClient and BlobContainerClient are properly initialized.)
31You are developing an IoT solution that stores device metadata (device ID, location, firmware version, last seen timestamp) in Azure Table Storage. Each device has a unique DeviceId and a Timestamp. You need to design the PartitionKey and RowKey to optimize query performance for the following query: Retrieve all firmware versions for devices in a specific city that were last seen within the last 24 hours. The query must be efficient (partition scan minimized). Which key design is most appropriate?
32You are designing a solution to store user-uploaded images. The images are accessed infrequently (a few times per month) and must be available for download within seconds when requested. You need to minimize storage costs while meeting the access requirements. Which Azure Blob Storage access tier should you choose for the container?
33You are designing an Azure Table Storage table to store temperature readings from IoT devices. Each reading includes a device ID (string), timestamp (datetime), temperature value, and location. You need to optimize the table design for this query: "Retrieve all temperature readings for a specific device ID within a given one-hour time range." The query must be efficient and minimize partition scans. Which PartitionKey and RowKey combination should you use?
34You are designing a solution that needs to react to changes in an Azure Cosmos DB container in real-time. Whenever a new document is inserted or updated, a downstream service must be triggered to process the change. You want to build a serverless solution that reliably captures each change exactly once. Which Azure Cosmos DB feature should you use?
35Your IoT solution generates billions of small telemetry entries (each ~100 bytes). Data is written once and rarely updated. You need to run analytical queries on the last 30 days of data daily, scanning large ranges by timestamp, requiring sub-second response times. You want the lowest storage cost. Which Azure Storage solution should you use?
36You need to store temperature readings from IoT devices in Azure Table Storage. Each reading includes a device ID (string), timestamp (datetime), temperature value, and location. You must optimize for the query: "Retrieve all temperature readings for a specific device ID within a given one-hour time range." Which PartitionKey and RowKey combination should you use?
37You develop a C# application that stores sensitive documents in Azure Blob Storage. You need to generate a time-limited shared access signature (SAS) that allows a client to only read and list blobs in a specific container. The SAS must be valid for exactly 1 hour from the current time. Which code snippet correctly creates the SAS? (Assume BlobServiceClient and BlobContainerClient are properly initialized.)
38You are developing a solution that requires multiple Azure virtual machines to access the same set of files concurrently. The files are updated frequently and must be accessible with low latency. You need to choose a shared storage solution that integrates with Microsoft Entra ID (Microsoft Entra ID) for authentication. Which Azure storage solution should you use?
39You are developing a solution that stores user-uploaded profile pictures. Users upload pictures that are then displayed on their profile page. After 30 days, if the user hasn't logged in, the system moves the picture to cold storage. You need to choose the initial access tier for the container to optimize cost and performance for frequently accessed pictures. Which tier should you use?
40You are processing messages from an Azure Storage queue in a worker role. To handle messages that repeatedly fail, you want to move them to a separate 'poison' queue after 5 delivery attempts. Which property of the received message should you check to determine the number of attempts?
41You store application logs in Azure Blob Storage. The logs are accessed frequently for the first 7 days, then rarely. After 30 days, they must be deleted to minimize cost. Which approach should you use?
42You need to allow a client application to read a specific blob from Azure Blob Storage for one hour, without exposing your storage account key. Which approach should you use?
43You are developing a solution that stores large media files in Azure Blob Storage. Users access these files frequently for the first 30 days, then rarely afterwards. To optimize costs, you need to automatically move blobs to a cooler tier after 30 days of creation. Which Azure feature should you use?
44You need to store small binary blobs (average 50 KB) that are accessed very frequently for a short period, then never accessed again. The total volume is high. Which storage tier is most cost-effective for the initial upload?
45You are developing an application that stores user-uploaded profile pictures in Azure Blob Storage. Users frequently access these pictures for the first 7 days after upload, then rarely. To minimize costs, you need to automatically delete pictures that are older than 30 days. Which Azure Storage feature should you use to achieve this?
46An application stores customer invoices in Azure Blob Storage. Deleted blobs must be recoverable for 14 days. What should be enabled?
47A storage account for thumbnail metadata must allow an application to read only blobs under one container for two hours. The application should not receive the account key. What should be issued?
48A Cosmos DB container for session records receives hot-partition throttling because the partition key has only five possible values. What should the developer change?
49A serverless app must react whenever audit documents are inserted or updated in Cosmos DB. Which trigger should the Azure Function use?
50A Blob Storage workflow for product images must prevent accidental overwrite and support recovery of prior versions. Which two features should be enabled?
51A queue-processing application stores work items in Azure Queue Storage. A worker crashes after receiving a message. What determines when the message becomes available for another worker?
52A .NET app performs point reads from Cosmos DB by id and partition key. The team wants the lowest latency and best throughput efficiency. Which API call pattern should be used?
53An application needs to upload large thumbnail metadata to Blob Storage reliably over unstable networks. Which upload approach should be used?
54A table stores session records in Azure Table Storage. Queries frequently retrieve all records for one customer in a time range. What key design is best?
55A Blob-triggered function processing audit documents fires multiple times for the same blob after retries. What should the function design include?
56An app must store relational state and perform transactions across multiple tables with T-SQL support. Which Azure data service should the developer choose?
57A Cosmos DB workload for telemetry events has predictable traffic during business hours and almost no traffic overnight. The team wants to reduce cost while keeping performance during peak hours. What should be configured?
58An application stores customer invoices in Azure Blob Storage. Deleted blobs must be recoverable for 14 days. What should be enabled? The design must avoid adding custom operational scripts.
59A storage account for thumbnail metadata must allow an application to read only blobs under one container for two hours. The application should not receive the account key. What should be issued? The design must avoid adding custom operational scripts.
60A Cosmos DB container for session records receives hot-partition throttling because the partition key has only five possible values. What should the developer change? The design must avoid adding custom operational scripts.
61A serverless app must react whenever audit documents are inserted or updated in Cosmos DB. Which trigger should the Azure Function use? The design must avoid adding custom operational scripts.
62An application stores sensor readings in Azure Table Storage. Each sensor produces thousands of readings per hour. Queries always filter by sensor ID and time range. A developer needs to choose the partition key and row key. Which design best balances query performance and write throughput?
63A background worker retrieves a message from Azure Queue Storage and begins processing. The processing logic takes longer than the configured visibility timeout. Before the worker finishes, the timeout expires. What happens to the message?
64Audit logs are written daily as block blobs to an Azure Storage account. Logs older than 90 days must move to Cool tier automatically; logs older than 365 days must be deleted. The developer wants to implement this with no custom code and no recurring jobs. What is the correct solution?
65A Windows desktop application uses standard .NET file system calls such as File.ReadAllText and Directory.GetFiles. The team wants to move the file storage to Azure. The application code must not be rewritten. Which Azure storage service supports this requirement?
66An e-commerce platform writes orders to a Cosmos DB container. A downstream inventory service must process every new or updated order exactly once, even if the inventory service restarts mid-batch. The solution must scale horizontally when order volume increases. What is the recommended design?
67Arrange the steps to implement Azure AD authentication in an ASP.NET Core web app in the correct order.
68Arrange the steps to secure an Azure API Management API using OAuth 2.0 with Azure AD in the correct order.
69Match each Azure Storage access tier to its description.
70Match each Azure messaging pattern to its description.
71You are building a solution that uploads large files (up to 100 GB) to Azure Blob Storage. Users frequently experience timeout errors when uploading files over slow network connections. Which approach should you use to maximize reliability?
72You are developing an application that stores sensitive user data in Azure Table Storage. You need to ensure that data is encrypted at rest and that only authorized users can access it. What should you implement?
73Your application stores user profile images in Azure Blob Storage. You need to serve these images to users with low latency from a domain name that you own. What should you use?
74You are designing a solution that requires atomic operations on a counter stored in Azure Blob Storage. The counter must be updated by multiple instances without conflicts. Which approach should you use?
75You are using Azure File Sync to sync on-premises file shares to Azure. You need to ensure that files are cached locally on the on-premises server for fast access, but only the most frequently accessed files should be cached. What should you configure?
76You need to grant a user from another Microsoft Entra ID tenant access to a specific blob container in your Azure Storage account. The solution must use Azure RBAC and minimize administrative overhead. What should you do?
77Your application writes millions of small records (each under 1 KB) to Azure Table Storage every day. You notice that query performance degrades over time. Which design change would most improve performance?
78You are developing a solution that must encrypt data before it is sent to Azure Blob Storage. You need to manage encryption keys yourself using Azure Key Vault. Which approach should you use?
79You need to provide temporary access to a file in Azure Blob Storage for a duration of one hour. The solution must not require authentication. What should you generate?
80Which TWO of the following are valid use cases for Azure Queue Storage? (Choose TWO.)
81Which THREE of the following are true about Azure Blob Storage access tiers? (Choose THREE.)
82Which TWO of the following are valid authentication options for accessing Azure Storage from an application? (Choose TWO.)
83You have an Azure Storage account configured as shown in the exhibit. You need to ensure that all traffic to the storage account uses HTTPS. Which Azure CLI command should you run next?
84You deploy the ARM template shown in the exhibit. After deployment, you need to change the replication to geo-redundant storage (GRS) with read access (RA-GRS). What should you do?
85You have a blob as shown in the exhibit. You need to read the content of this blob. What must you do first?
86You are developing a .NET Core application that uploads large files (up to 50 GB) to Azure Blob Storage. The application must support resuming uploads that are interrupted due to network failures. Which approach should you use?
87You have an Azure Storage account with hierarchical namespace enabled (Azure Data Lake Storage Gen2). You need to provide an application with delegated access to a specific directory and its contents, with the ability to list, read, and write files. The access must be scoped to the directory and not allow access to other parts of the storage account. Which approach should you use?
88You are designing a solution that stores customer order data in Azure Table Storage. The data includes OrderID (string), CustomerID (string), OrderDate (datetime), and TotalAmount (decimal). You need to query orders for a specific customer within a date range efficiently. Which partition key and row key design should you use?
89You are deploying an Azure Functions app that processes messages from an Azure Storage queue. The function must ensure that each message is processed at least once, and if processing fails, the message should be retried up to 5 times before being moved to a poison queue. Which configuration should you set?
90You have an Azure Storage account with cool tier blobs. You need to implement lifecycle management to move blobs to the archive tier after 30 days if they have not been accessed, and delete them after 365 days. Which lifecycle management rule action should you configure?
91You are developing a web application that allows users to upload profile pictures to Azure Blob Storage. The application generates thumbnails using an Azure Function that is triggered by blob creation. You need to ensure that the function only processes image files and ignores other file types. What should you do?
92You need to implement a shared access signature (SAS) for an Azure blob container that allows a client to list blobs and read blob contents. The SAS must be valid for one hour and should not allow write or delete operations. Which permissions should you include in the SAS token?
93You are designing a solution that uses Azure File Shares. The application requires low-latency access to files from multiple Azure virtual machines in the same region. The files are accessed frequently and must support SMB protocol. Which storage account type and tier should you recommend?
94You are developing an application that reads data from Azure Table Storage. The application must retrieve all entities for a specific partition key. Which query approach is the most efficient?
95Which TWO of the following are valid ways to authenticate to Azure Blob Storage from an application? (Choose two.)
96Which THREE of the following are true about Azure Storage queues? (Choose three.)
97Which TWO of the following are features of Azure Blob Storage lifecycle management? (Choose two.)
98You are building a web application that stores user-uploaded images in Azure Blob Storage. The application requires that images be accessible only via a time-limited URL. Which security mechanism should you use?
99You are designing a solution to store large amounts of structured data that is accessed frequently and requires low-latency reads. The data must be globally distributed and support automatic failover. Which Azure storage solution should you recommend?
100You are developing an application that writes telemetry data to Azure Table Storage. Each telemetry event is about 5 KB in size, and the application writes up to 10,000 events per second. The data is queried by device ID and timestamp range. What is the most efficient partitioning strategy to maximize write throughput and query performance?
101Your application runs on Azure App Service and needs to access Azure Queue Storage. You want to avoid storing connection strings in configuration files. Which approach should you use?
102You are designing a cost-effective solution to store log files that are accessed infrequently after 30 days. The logs must be retained for 7 years for compliance. Data must be available within 1 hour of a request. Which Azure Blob Storage access tier and lifecycle management rule should you use?
103You are implementing a serverless function in Azure Functions that processes messages from an Azure Storage Queue. The function must ensure that each message is processed at least once and that processing failures are retried up to 5 times. After 5 failed attempts, the message should be moved to a poison queue. What should you configure?
104You need to store and retrieve large binary files (up to 100 GB each) with low latency. The files will be accessed by multiple geographic regions. Which Azure storage solution should you recommend?
105Your application stores sensitive data in Azure Table Storage. You need to encrypt the data at rest. What should you do?
106You are creating an Azure function that uses an output binding to write messages to an Azure Storage Queue. The function must ensure that messages are not lost if the function fails after writing to the queue. Which approach should you use?
107Which TWO of the following are valid methods for authenticating to Azure Blob Storage?
108Which THREE of the following are true about Azure Blob Storage lifecycle management?
109Which TWO of the following are correct about Azure Cosmos DB consistency levels?
110You are developing a .NET application that needs to store and retrieve large binary objects (up to 4.7 TB) in Azure Blob Storage. The application requires the lowest possible latency for reads and must support object-level tiering. Which blob type should you use?
111You have a web application that writes user-uploaded images to Azure Blob Storage. The application uses a shared access signature (SAS) token with read and write permissions. Users report that sometimes they receive 'AuthorizationFailure' errors when uploading images, but the issue is intermittent. What is the most likely cause?
112You need to ensure that data stored in Azure Blob Storage is encrypted at rest using a customer-managed key stored in Azure Key Vault. Which feature should you configure?
113You are developing a solution that uses Azure Table Storage to store time-series data. You need to query data for a specific device within a time range efficiently. Which two properties should you use as the PartitionKey and RowKey?
114A company stores sensitive customer data in Azure Blob Storage. They require that all access to the storage account be logged and that any access from outside the corporate network be denied. They also need to allow read access from a specific Azure web app without exposing the storage account publicly. Which three actions should be taken? (Choose three.)
115A company stores customer images in Azure Blob Storage. They need to reduce costs by automatically moving blobs that have not been accessed for 30 days to Cool tier, and after 90 days to Archive tier. They also need to delete blobs after one year. Which two Azure features should they implement? (Choose two.)
116You need to grant a user access to read and write blobs in a specific container for exactly 24 hours. The user is external to your organization. Which two methods can you use? (Choose two.)
117You are designing a solution to store large amounts of log data that will be queried infrequently but must be retained for regulatory purposes for 7 years. The logs are append-only and do not need to be modified. You need to choose a cost-effective storage option. Which three Azure capabilities should you consider? (Choose three.)
118You need to upload a large file (500 MB) to Azure Blob Storage from a .NET application with high throughput and resilience to network interruptions. Which approach should you use?
119You are using Azure File Storage to share configuration files across multiple virtual machines running a legacy application. The application requires SMB 3.0 protocol with encryption. You need to ensure the file share is accessible from all VMs without exposing it to the internet. Which configuration should you use?
120You are designing a solution that requires storing millions of small (1-5 KB) messages from IoT devices. Each message has a unique device ID and timestamp. You need to support efficient point queries by device ID and time range, and also support aggregation queries (e.g., count of messages per device per hour). Which Azure storage solution should you use?
121You need to store a large number of small files (each < 100 KB) that will be accessed frequently from a web application. The files are static assets (CSS, JavaScript, images). Which Azure storage option provides the best performance for serving these files directly to users?
122Refer to the exhibit. You are configuring access to an Azure Storage container using Azure RBAC via a custom role definition. You want to allow a user to list blobs in a container only if the request originates from the IP range 203.0.113.0/24. However, the user reports that they can list blobs from any IP. What is the issue?
123Refer to the exhibit. You run the Azure CLI command to list blobs in a container that are larger than 1 MB. The command returns no results even though you know there are blobs larger than 1 MB. What is the most likely cause?
124Refer to the exhibit. You run the Azure CLI command to check if blob encryption is enabled for a storage account. The command returns 'false'. However, you know that Azure Storage encrypts all data at rest by default. What is the explanation?
125You are designing a solution to store and serve large media files (500 MB to 2 GB) to a global audience. The files must be accessible via HTTPS with low latency. Which Azure Storage option should you use?
126Your application writes millions of small log entries per hour to an Azure Storage account. You notice throttling errors (HTTP 503) during peak traffic. You need to minimize throttling without changing the application code. What should you do?
127You need to securely connect an on-premises application to Azure Blob Storage without exposing data to the public internet. Which feature should you use?
128Which TWO authentication methods can be used to authorize access to Azure Blob Storage without requiring shared keys?
129Which THREE Azure Storage features can be used to enforce immutability for compliance requirements?
130Which TWO Azure Blob Storage access tiers are optimized for infrequently accessed data with a minimum storage duration of 30 days?
131You are developing a solution that needs to store and retrieve JSON documents with a flexible schema. The data is accessed via REST API and requires low-latency reads. Which Azure Storage service should you use?
132Your application uses Azure Blob Storage to store images. You need to automatically move blobs older than 30 days to the Cool tier and delete blobs older than 365 days. What should you implement?
133You need to grant a user the ability to read and write blobs in a specific container for 24 hours. The solution must use delegated access without exposing the storage account key. What should you use?
134You want to ensure that data in an Azure Storage account is replicated across multiple Azure regions to protect against regional outages. Which replication option should you choose?
135Your application uses Azure Queue Storage to process orders. Occasionally, messages are not processed and remain in the queue. You need to ensure that messages are automatically retried after a specified time if they are not deleted. What should you configure?
136You need to upload a large file (10 GB) to Azure Blob Storage with the ability to pause and resume the upload. Which approach should you use?
137You are developing a .NET 8 application that stores customer data in Azure Blob Storage. The application uses the Azure.Storage.Blobs SDK. You need to ensure that the blob containers are created only if they do not already exist. Which method should you call?
138You need to grant access to a blob stored in Azure Blob Storage for 30 minutes to a user who does not have an Azure account. Which security mechanism should you use?
139Your company uses Azure File Sync to sync on-premises file shares to Azure Files. You notice that some files are not syncing to Azure. You need to diagnose the issue with minimal administrative effort. Which Azure service should you use?
140You are designing a solution to store large amounts of unstructured data that is accessed infrequently (once a quarter). You need to minimize storage costs. Which Azure storage tier should you use?
141You are developing an application that writes blobs to Azure Blob Storage. The application requires high throughput and must handle transient failures. You need to implement a retry policy. Which approach should you use?
142You need to enable client-side encryption for data stored in Azure Blob Storage. The encryption keys must be managed by your organization using Azure Key Vault. What should you use?
143You are migrating an on-premises application to Azure. The application uses a network file share (NFS) to store files. You need to minimize code changes. Which Azure storage service should you use?
144You need to store millions of small JSON documents (each less than 1 KB) that are accessed by key. The data is read-heavy and requires low-latency access. Which Azure storage solution should you use?
145You are developing an application that uses Azure Queue Storage. The application processes messages and must ensure that a message is not lost if the processing fails. Which visibility timeout setting should you use?
146Which TWO of the following are valid approaches to secure access to Azure Blob Storage?
147Which THREE of the following are features of Azure Storage replication that provide high availability?
148Which TWO of the following are valid reasons to use Azure Table Storage instead of Azure Cosmos DB?
149Refer to the exhibit. You have an Azure Storage account with a blob container named container1. The container's public access level is set to Blob (anonymous read access for blobs only). You attempt to assign the custom role defined in the JSON using Azure PowerShell. The role assignment fails. What is the most likely reason?
150Refer to the exhibit. You run the Get-AzStorageAccount cmdlet and see the output above. You need to enable the hierarchical namespace feature for this storage account. What should you do first?
151Your company, Contoso Ltd., operates a global e-commerce platform. The platform stores product images in Azure Blob Storage. Currently, the images are stored in a single storage account in the West US region. The application uses HTTP to download images. Users in Europe report slow load times. You need to reduce latency for European users. The solution must minimize costs and administrative overhead. You also need to ensure that images are served over HTTPS. You have the following requirements: 1) Users in Europe must have low-latency access. 2) The solution must be cost-effective. 3) The solution must not require changes to the application code. 4) Images must be served over HTTPS. Which course of action should you recommend?
152You are developing a solution that uploads large files to Azure Blob Storage. Users report that uploads fail after 4 minutes. You need to ensure uploads can complete successfully. What should you do?
153Your application stores user-generated content in Azure Blob Storage. You need to implement a shared access signature (SAS) that allows users to upload files to a specific container but not read or delete. The SAS must be valid for one hour. Which type of SAS should you use?
154You are designing a disaster recovery plan for a storage account containing critical data. The storage account is in the West US region. You need to ensure that if West US becomes unavailable, read access to the data is still possible with minimal latency. The data must be replicated asynchronously. Which replication strategy should you choose?
155Your application writes temperature data to Azure Table Storage every second. You have noticed that queries for the latest readings are slower than expected. What is the most likely cause?
156You are developing a web application that uses Azure Files shares for storing user documents. Users complain that they sometimes see stale file listings. The application uses the SMB protocol. What should you do to ensure the file listing is always current?
157Your company has a storage account with a hierarchical namespace enabled (Azure Data Lake Storage Gen2). You need to authorize an application to write data to a specific container using a managed identity. The application runs on an Azure VM with a system-assigned managed identity. Which role assignment should you use?
158You are building a solution that needs to process large CSV files uploaded to Azure Blob Storage. Each file can be up to 1 GB. You want to minimize processing time and cost. Which approach should you recommend?
159You need to securely transfer an on-premises database backup to Azure Blob Storage. The backup file is 500 GB. You have limited bandwidth (10 Mbps) and need the transfer to complete within 24 hours. What is the best solution?
160Which TWO actions should you take to ensure data durability for a storage account using LRS? (Choose two.)
161Which THREE are valid ways to authenticate to Azure Blob Storage from an application? (Choose three.)
162Which TWO Azure services can be used to trigger an Azure Function when a new blob is created in a storage account? (Choose two.)
163Refer to the exhibit. You are reviewing a role assignment for a managed identity. The JSON shows the role and scope. What access does this assignment grant?
164You are a developer for a healthcare company that stores patient diagnostic images in Azure Blob Storage. The images are uploaded by medical devices and must be retained for 7 years due to regulatory requirements. After 7 years, the data must be permanently deleted. The images are accessed infrequently after the first month. You need to design a storage lifecycle management policy to minimize costs while meeting compliance. The storage account uses general-purpose v2 with LRS. The container is named 'diagnostics'. Which of the following policies should you implement?
165You are developing a real-time analytics application that ingests IoT sensor data every second. The data is written to Azure Blob Storage as small JSON files (each ~1 KB). The application also needs to query the data based on device ID and timestamp. You need to design a storage solution that allows efficient querying without writing custom code for indexing. You have decided to use Azure Data Lake Storage Gen2. What should you do to optimize query performance?
166You have an application that stores user profile pictures in Azure Blob Storage. Users upload images via a web app. You need to ensure that the images are served securely over HTTPS and that only authenticated users can access them. The web app uses Azure App Service with built-in authentication. You want to avoid storing any access keys in the web app's configuration. What should you do to grant the web app access to the blobs?
167You develop an application that stores large binary files (up to 1 GB) in Azure Blob Storage. The application must minimize latency when reading these files from different geographic regions. The files are updated infrequently (once per month) and must be read-only for the application. You need to configure the storage account for optimal read performance and cost. What should you use?
168You are designing a solution that stores sensitive customer data in Azure Blob Storage. The data must be encrypted at rest using a customer-managed key (CMK) stored in Azure Key Vault. Additionally, the solution must support automatic key rotation every 90 days. You need to configure the encryption settings. Which combination of Azure services and features should you use?
169You need to implement a solution for storing and retrieving large amounts of unstructured data (e.g., images, videos, backups) in Azure, with high durability and availability. The solution must allow access from anywhere via HTTP/HTTPS and support both public and private access. Which TWO Azure storage services should you consider?
170You are designing a data archiving solution for compliance. Data must be stored for 7 years, with immediate deletion prohibited until the retention period expires. The solution must minimize storage costs while ensuring data is not modifiable. Which THREE Azure features should you combine?
171Refer to the exhibit. You are analyzing the Azure Blob Storage service properties configured for a storage account. A web application hosted at https://www.contoso.com attempts to make a PUT request to a blob. The request fails with a CORS error. What is the most likely cause?
172Your company develops a REST API for a global e-commerce platform that stores product images in Azure Blob Storage. The API uses shared access signatures (SAS) to grant temporary read access to the images. The security team requires that SAS tokens be generated using a user delegation key derived from the application's Microsoft Entra ID credentials, not from the storage account key. Additionally, the SAS must be scoped to a specific container and have a maximum validity of 1 hour. You need to implement the SAS generation in the API using the Azure Storage SDK for .NET. The application authenticates with Microsoft Entra ID using a managed identity assigned to the Azure App Service hosting the API. Which approach should you use?
173You are building a serverless application that processes images uploaded to an Azure Blob Storage container. When a new blob is added, an Azure Function (PowerShell) is triggered to generate a thumbnail and store it in a different container. The function must run with the least privilege necessary. The function uses a managed identity assigned to the function app. You need to grant the function access to read blobs from the source container and write blobs to the destination container. The storage account already has a private endpoint configured. What is the correct way to assign permissions?
174You are developing a .NET Core application that stores user profile images in Azure Blob Storage. The images are accessed frequently in the first week after upload, then rarely afterwards. You need to minimize storage costs while maintaining immediate access for the first week. What should you do?
175Your company stores sensitive financial documents in Azure Blob Storage. You need to ensure that only authorized users can access the blobs, and you must avoid exposing storage account keys. You want to generate time-limited URLs that grant access to specific blobs. What should you use?
176You are designing a solution that stores large media files (up to 5 GB each) in Azure Blob Storage. The application must support concurrent uploads with the ability to pause and resume. You need to ensure efficient use of network bandwidth and provide progress reporting. Which approach should you use?
177A healthcare application stores patient diagnostic images in Azure Blob Storage. The images are accessed by radiologists worldwide. You need to reduce latency for image retrieval while maintaining security and compliance. Which TWO actions should you take?
178You are reviewing a lifecycle management rule configured on an Azure Storage account. The rule is defined as shown in the exhibit. You notice that blobs tagged with project=temp are not being moved to the Archive tier as expected. What is the most likely cause?
179You are a developer at a global e-commerce company. The company uses Azure Blob Storage to store product images and customer uploads. The application is deployed in the East US region. You need to design a solution that meets the following requirements: - Customers upload images (up to 10 MB) that must be immediately accessible worldwide after upload. - You must minimize egress costs for data transfer from Azure to customers. - The solution must be resilient to regional outages. - You must not use any custom caching logic. Which approach should you implement?
The Develop for Azure storage domain covers the key concepts tested in this area of the AZ-204 exam blueprint published by Microsoft. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all AZ-204 domains — no account required.
The Courseiva AZ-204 question bank contains 179 questions in the Develop for Azure storage domain. Click any question to see the full explanation and answer breakdown.
Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.
Yes — the session launcher on this page draws questions exclusively from the Develop for Azure storage domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.
Save your results, see per-domain analytics, and get readiness scores — free, for every certification.
Sign Up FreeFree forever · Every certification included