Microsoft Identity and Access Administrator — Question 13
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure password writeback.
Does this meet the goal?
Answer options
- A. Yes
- B. No
Correct answer: B
Explanation
The proposed solution of configuring password writeback does not address the issue of immediate disabling of account access in Azure AD after being disabled in Active Directory. Password writeback is primarily used for synchronizing password changes from Azure AD back to on-premises Active Directory, not for managing account states. Therefore, the correct answer is No.