Microsoft Azure Integration and Security (legacy) — Question 17
You are configuring Azure Active Directory (AD) Privileged Identity Management.
You need to provide a user named Admin1 with read access to a resource group named RG1 for only one month. The user role must be assigned immediately.
What should you do?
Answer options
- A. Assign an active role.
- B. Assign an eligible role.
- C. Assign a permanently active role.
- D. Create a custom role and a conditional access policy.
Correct answer: B
Explanation
The correct answer is B, as assigning an eligible role allows Admin1 to have temporary access to RG1, which can be configured to last for one month. An active role (A) provides permanent access, a permanently active role (C) also gives ongoing permissions, and creating a custom role with a conditional access policy (D) is unnecessary for this specific short-term access requirement.