Microsoft Security, Compliance, and Identity Fundamentals — Question 143

You have an Azure subscription.

You need to implement approval-based, time-bound role activation.

What should you use?

Answer options

• A. access reviews in Azure AD
• B. Azure AD Privileged Identity Management (PIM)
• C. Azure AD Identity Protection
• D. Conditional access in Azure AD

Correct answer: B

Explanation

The correct answer is B, Azure AD Privileged Identity Management (PIM), as it specifically supports time-limited role activation with an approval workflow. Options A and C do not provide the required time-bound approval capability, and D, while related to access controls, does not focus on role activation and approval processes.