Azure Blob Storage Legal Hold | Data Archiving Solution - AZ-301 Exam Question | Microsoft Azure

Azure Blob Storage Legal Hold

Question

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Storage v2 account named storage1.

You plan to archive data to storage1.

You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data.

Solution: You create an Azure Blob storage container, and you configure a legal hold access policy.

Does this meet the goal?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B.

A

Immutable storage for Azure Blob storage enables users to store business-critical data objects in a WORM (Write Once, Read Many) state. This state makes the data non-erasable and non-modifiable for a user-specified interval. For the duration of the retention interval, blobs can be created and read, but cannot be modified or deleted. Immutable storage is available for general-purpose v2 and Blob storage accounts in all Azure regions.

Note: Set retention policies and legal holds

1. Create a new container or select an existing container to store the blobs that need to be kept in the immutable state. The container must be in a general- purpose v2 or Blob storage account.

2. Select Access policy in the container settings. Then select Add policy under Immutable blob storage.

Either -

3a. To enable legal holds, select Add Policy. Select Legal hold from the drop-down menu.

Or -

3b. To enable time-based retention, select Time-based retention from the drop-down menu.

4. Enter the retention interval in days (acceptable values are 1 to 146000 days).

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutability-policies-manage

Yes, the solution meets the stated goal.

By creating an Azure Blob storage container and configuring a legal hold access policy, you can prevent the archived data from being deleted for five years and prevent administrators from deleting the data. A legal hold access policy is a type of retention policy that prevents data from being deleted or modified for a specified period of time.

To create a legal hold access policy, you can follow these steps:

  1. In the Azure portal, navigate to your storage account.
  2. In the left-hand menu, select "Blob service".
  3. Select the container that you want to apply the legal hold to.
  4. Click "Access policy" and then "Add policy".
  5. Select "Legal hold" as the policy type.
  6. Enter a name for the policy and set the duration to five years.
  7. Save the policy.

Once the policy is in effect, any data stored in the container will be subject to the legal hold and cannot be deleted or modified by administrators. This provides a reliable way to ensure that your archived data is secure and protected from accidental or intentional deletion.