Microsoft Azure Security Technologies — Question 56

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.
You plan to enable passwordless authentication for the tenant.
You need to ensure that User1 can enable the combined registration experience. The solution must use the principle of least privilege.
Which role should you assign to User1?

Answer options

• A. Security administrator
• B. Privileged role administrator
• C. Authentication administrator
• D. Global administrator

Correct answer: D

Explanation

The Global administrator role is necessary for User1 to enable the combined registration experience since it grants full access to all administrative features in Azure AD. The other roles, such as Security administrator, Privileged role administrator, and Authentication administrator, do not possess the required permissions to manage registration settings or enable passwordless authentication features.