Topic 3, Misc Questions
You have an Azure subscription that contains a custom application named Application was developed by an external company named fabric, Ltd. Developers at Fabrikam were assigned role-based access control (RBAV) permissions to the Application components. All users are licensed for the Microsoft 365 E5 plan.
You need to recommends a solution to verify whether the Faricak developers still require permissions to Application1.
The solution must the following requirements.
* To the manager of the developers, send a monthly email message that lists the access permissions to Application1.
* If the manager does not verify access permission, automatically revoke that permission.
* Minimize development effort.
What should you recommend?
A . In Azure Active Directory (AD) Privileged Identity Management, create a custom role assignment for the Application1 resources
B . Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet
C . Create an Azure Automation runbook that runs the Get-AzureRmRoleAssignment cmdlet
D . In Azure Active Directory (Azure AD), create an access review of Application1
Answer: D
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-user-access-with-access-reviews