Configuring and Operating Microsoft Azure Virtual Desktop — Question 12

You have an Azure Active Directory Domain Services (Azure AD DS) managed domain named contoso.com.
You create an Azure Virtual Desktop host pool named Pool1. You assign the Virtual Machine Contributor role for the Azure subscription to a user named Admin1.
You need to ensure that Admin1 can add session hosts to Pool1. The solution must use the principle of least privilege.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

Answer options

• A. Assign Admin1 the Desktop Virtualization Host Pool Contributor role for Pool1
• B. Assign Admin1 the Desktop Virtualization Session Host Operator role for Pool1
• C. Add Admin1 to the AAD DC Administrators group
• D. Assign a Microsoft 365 Enterprise E3 license to Admin1
• E. Generate a registration token

Correct answer: B, E

Explanation

The correct answers are B and E. Assigning Admin1 the Desktop Virtualization Session Host Operator role (B) allows them to manage session hosts in Pool1 with the least privilege necessary. Generating a registration token (E) is essential for adding the session hosts. The other options either provide excessive permissions or are not relevant to the task.