Microsoft Security, Compliance, and Identity Fundamentals — Question 17

Which Azure Active Directory (Azure AD) feature can you use to evaluate group membership and automatically remove users that no longer require membership in a group?

Answer options

• A. access reviews
• B. managed identities
• C. conditional access policies
• D. Azure AD Identity Protection

Correct answer: A

Explanation

The correct answer is A, access reviews, as this feature is specifically designed to evaluate and manage group memberships by removing users who no longer need access. The other options, such as managed identities and conditional access policies, serve different purposes related to identity management and access control rather than directly managing group memberships.