What should you include in me recommendation?

You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group’. Group i is configured Tor assigned membership. Group I has 50 members. including 20 guest users.

You need To recommend a solution for evaluating the member ship of Group1.

The solution must meet the following requirements:

• The evaluation must be repeated automatically every three months

• Every member must be able to report whether they need to be in Group1

• Users who report that they do not need to be in Group 1 must be removed from Group1 automatically

• Users who do not report whether they need to be m Group1 must be removed from Group1 automatically.

What should you include in me recommendation?
A . implement Azure AU Identity Protection.
B . Change the Membership type of Group1 to Dynamic User.
C . Implement Azure AD Privileged Identity Management.
D . Create an access review.

Answer: D

Explanation:

https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#learn-about-access-reviews

Have reviews recur periodically: You can set up recurring access reviews of users at set frequencies such as weekly, monthly, quarterly or annually, and the reviewers will be notified at the start of each review. Reviewers can approve or deny access with a friendly interface and with the help of smart recommendations.

An administrator creates an access review of Group C with 50 member users and 25 guest users. Makes it a self-review. 50 licenses for each user as self-reviewers.* https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#example-license-scenarios

There are 4 requirements and every single one is only met by access reviews.

https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#when-should-you-use-access-reviews

Dynamic User is needed if a user must be automatically granted access on base of its attributes (department, jobtitle, location, etc.)

https://techcommunity.microsoft.com/t5/itops-talk-blog/dynamic-groups-in-azure-ad-and-microsoft-365/ba-p/2267494

Implementing Azure AD PIM is no solution and absolutely not necessary for access reviews.

https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#where-do-you-create-reviews

Latest AZ-305 Dumps Valid Version with 78 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments