You are configuring Azure Active Directory (AD) Privileged Identity Management.
You need to provide a user named Admm1 with read access to a resource group named RG1 for only one month.
The user role must be assigned immediately.
What should you do?
A . Assign an active role.
B . Assign an eligible role.
C . Assign a permanently active role.
D . Create a custom role and a conditional access policy.
Answer: B
Explanation:
Azure AD Privileged Identity Management introduces the concept of an eligible admin. Eligible admins should be users that need privileged access now and then, but not all-day, every day. The role is inactive until the user needs access, then they complete an activation process and become an active admin for a predetermined amount of time.
References: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-
configure
Leave a Reply