Cover the storage-account, data-protection, private-access, and redundancy decisions that AZ-104 expects Azure administrators to make.
Storage questions on AZ-104 are rarely just about naming the right SKU. They are usually about choosing the right redundancy, the right access pattern, and the right data-protection settings for a specific operational goal.
You need enough storage judgment to balance resilience, cost, private connectivity, operational convenience, and recovery behavior. Microsoft expects administrators to understand both the control plane around storage accounts and the data-plane implications of choices such as SAS, firewalls, lifecycle rules, soft delete, snapshots, and file-share administration.
Microsoft currently weights this domain at 15–20% of AZ-104. It is not the single largest domain, but it produces a high number of subtle decision questions because access, redundancy, and protection settings overlap so often.
Start with 2.1 Design, Redundancy & Encryption, then move to 2.2 Access, SAS & Private Connectivity, and finish with 2.3 Azure Files, Blob Lifecycle & Recovery.
| If the scenario is really about… | Go first to… |
|---|---|
| storage account creation, redundancy, object replication, encryption, Storage Explorer, AzCopy | 2.1 Design, Redundancy & Encryption |
| SAS, stored access policies, access keys, firewalls, service endpoints, private endpoints, Azure Files identity-based access | 2.2 Access, SAS & Private Connectivity |
| blob containers, file shares, tiers, versioning, soft delete, snapshots, lifecycle management | 2.3 Azure Files, Blob Lifecycle & Recovery |
If you miss storage questions, slow down and ask which layer the question is about: account design, network path, delegated access, or data protection. That framing usually narrows the answer quickly.