ExpertMedium1 markMultiple Choice
AZ-305 · Question 11 · Domain 1.2: Authentication and Authorization
You need to secure administrative access to Azure subscriptions. Admins should only have Owner rights when actively performing tasks, and they must provide a justification. What should you implement?
You need to secure administrative access to Azure subscriptions. Admins should only have Owner rights when actively performing tasks, and they must provide a justification. What should you implement?
Answer options:
A.
PIM eligible assignments
B.
Conditional Access policies
C.
PIM active assignments
D.
Azure AD Identity Protection
How to approach this question
Look for the Just-In-Time access feature for Azure roles.
Full Answer
A.PIM eligible assignments✓ Correct
Privileged Identity Management (PIM) eligible assignments
PIM eligible assignments require users to activate roles only when needed, requiring justification. Pillar: Security.
Common mistakes
Choosing active assignments, which grants permanent access.
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 7
55 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...HardQ02CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...MediumQ03CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...HardQ04CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...MediumQ05CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Hard