Configuring Windows Server Hybrid Advanced Services | Azure VM Crash Dump Access | AZ-801

Azure VM Crash Dump Access

Question

You have an Azure virtual machine named VM1. Crash dumps for a process named Process1 are enabled for VM1.

When process1.exe on VM1 crashes, a technician must access the memory dump files on the virtual machine. The technician must be prevented from accessing the virtual machine.

To what should you provide the technician access?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C

https://docs.microsoft.com/en-us/azure/azure-monitor/agents/diagnostics-extension-overview

The scenario describes a situation where a technician needs to access memory dump files for a process named Process1 on an Azure virtual machine (VM1) when the process crashes. However, the technician must not be allowed to access the virtual machine itself. Therefore, we need to provide the technician with access to the memory dump files without giving them access to the virtual machine.

In this scenario, the best option is to provide the technician with access to an Azure Blob Storage container. Blob Storage is a fully managed object storage service that allows you to store and retrieve large amounts of unstructured data, such as text or binary data. The memory dump files generated by Process1 can be stored as blobs in an Azure Blob Storage container.

Blob Storage provides a number of benefits in this scenario. First, it is a highly scalable and durable storage service, so you can be sure that your data is always available and safe. Second, Blob Storage allows you to grant access to specific blobs or containers to users or applications, while still maintaining control over who has access to the data. This means that you can give the technician access to the memory dump files without giving them access to the virtual machine or other resources in your Azure environment.

The other options - Azure file share, Azure Log Analytics workspace, and a managed disk - are not as suitable for this scenario. Azure file shares are used for storing files that need to be accessed from multiple virtual machines, and do not provide the fine-grained access control needed in this scenario. Azure Log Analytics is a service for collecting and analyzing log data from multiple sources, and is not designed for storing large binary data files like memory dumps. A managed disk is a virtual hard disk that is attached to a virtual machine, and does not provide a way to give the technician access to the memory dump files without also giving them access to the virtual machine.