Microsoft Azure Security Technologies — Question 86

You have an Azure subscription linked to an Azure AD tenant named contoso.com. Contoso.com contains a user named User1 and an Azure web app named App1.

You plan to enable User1 to perform the following tasks:

• Configure contoso.com to use Microsoft Entra Verified ID.
• Register App1 in contoso.com.

You need to identify which roles to assign to User1. The solution must use the principle of least privilege.

Which two roles should you identify? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Answer options

• A. Authentication Policy Administrator
• B. Authentication Administrator
• C. Cloud App Security Administrator
• D. Application Administrator
• E. User Administrator

Correct answer: A, D

Explanation

The 'Authentication Policy Administrator' role is required for configuring Microsoft Entra Verified ID, which is essential for User1's tasks. The 'Application Administrator' role is necessary for registering applications like App1. The other roles do not provide the required permissions to perform these specific actions.