Microsoft 365 Administrator — Question 7

You have a Microsoft 365 subscription.
You configure a new Azure AD enterprise application named App1. App1 requires that a user be assigned the Reports Reader role.
Which type of group should you use to assign the Reports Reader role and to access App1?

Answer options

• A. a Microsoft 365 group that has assigned membership
• B. a Microsoft 365 group that has dynamic user membership
• C. a security group that has assigned membership
• D. a security group that has dynamic user membership

Correct answer: C

Explanation

The correct answer is C, as security groups are specifically designed for managing access to resources and can have assigned memberships. Microsoft 365 groups (options A and B) are more suited for collaboration purposes and may not provide the necessary access control for enterprise applications like App1. Dynamic membership (options B and D) does not allow for the specific role assignment required in this scenario.