Exam SC-300 topic 4 question 61 discussion

Global Administrator and Security Administrator are Microsoft Entra roles, so you can manage them by using PIM. I cannot find Security Contributor role in links below, so I think it’s deprecated. If I remember correctly, there was this role in Microsoft Sentinel, but it’s now renamed Microsoft Sentinel Contributor. You cannot manage the following classic subscription administrator roles in Privileged Identity Management: Account Administrator Service Administrator Co-Administrator https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/permissions-reference https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

these are the 4 types of security labelled roles in PIM as of 9 Jun 2024. Cloud App Security Administrator Security Administrator Security Operator Security Reader there is no such thing as "Security Contributor"

ou can manage just-in-time assignments to all Microsoft Entra roles and all Azure roles using Privileged Identity Management (PIM) in Microsoft Entra ID. Azure roles include built-in and custom roles attached to your management groups, subscriptions, resource groups, and resources. However, there are a few roles that you can't manage. This article describes the roles you can't manage in Privileged Identity Management. You can't manage the following classic subscription administrator roles in Privileged Identity Management: - Account Administrator - Service Administrator - Co-Administrator For more information about the classic subscription administrator roles, see Azure roles, Microsoft Entra roles, and classic subscription administrator roles. https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-roles

C. Global Administrator, Security Administrator, and Security Contributor only.

Contributor roles along with GA and Sec Administration roles are managed by PIM

https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-roles#classic-subscription-administrator-roles You cannot manage the following classic subscription administrator roles in Privileged Identity Management: Account Administrator Service Administrator Co-Administrator For more information about the classic subscription administrator roles, see Azure roles, Microsoft Entra roles, and classic subscription administrator roles.

Security Contributor is not an option.

You cannot manage the following classic subscription administrator roles in Privileged Identity Management: Account Administrator Service Administrator Co-Administrator You cannot manage the following classic subscription administrator roles in Privileged Identity Management: Account Administrator Service Administrator Co-Administrator https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-roles look at question #58 on this topic....the answer there is different for what people support here

Answer is C With Microsoft Entra Privileged Identity Management (PIM), you can manage the built-in Azure resource roles, and custom roles, including (but not limited to): Owner User Access Administrator Contributor Security Admin Security Manager Account Administrator is a Azure Classic role which can't be managed by PIM https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-resource-roles-assign-roles

Am I seen this wrong_ I couldn-t find Security Contributor Role. Vote on B.

Azure AD Privileged Identity Management (PIM) enables you to manage, control, and monitor access within your Azure AD organization. With PIM, you can manage the following roles: D. Account Administrator, Global Administrator, Security Administrator, and Security Contributor These roles are eligible for management through PIM, allowing you to elevate access for a limited amount of time when needed, enforce multi-factor authentication, and require justification for activation, helping to enhance security and meet compliance requirements.

Answer is C You cannot manage the following classic subscription administrator roles in Privileged Identity Management: Account Administrator, Service Administrator, Co-Administrator. https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-roles.

The correct answer is: D D. Account Administrator, Global Administrator, Security Administrator, and Security Contributor only Azure AD Privileged Identity Management (PIM) allows you to manage and control access to privileged roles in Azure Active Directory. The roles that you can manage using PIM include: Global Administrator Security Administrator Security Reader Security Operator Security Contributor Exchange Administrator SharePoint Administrator Conditional Access Administrator Privileged Role Administrator Compliance Administrator User Administrator Intune Administrator

I would go for B, unless Security Contributor role is a custom role.. certainly it is not built -int Entra or Azure role "You can manage just-in-time assignments to all Microsoft Entra roles and all Azure roles using Privileged Identity Management (PIM) in Microsoft Entra ID" https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

Global Administrator and Security Administrator only Account Administrator - legacy role. What the hell is Security contributor ?

You cannot manage the following classic subscription administrator roles in Privileged Identity Management: Account Administrator Service Administrator Co-Administrator https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-roles

You cannot manage the following classic subscription administrator roles in Privileged Identity Management: Account Administrator Service Administrator Co-Administrator