Exam SC-900 topic 1 question 28 discussion

PIM is the correct answer A

Provided answer is wrong. Should be A. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management: Provide just-in-time privileged access to Azure AD and Azure resources Assign time-bound access to resources using start and end dates Require approval to activate privileged roles Enforce multi-factor authentication to activate any role Use justification to understand why users activate Get notifications when privileged roles are activated Conduct access reviews to ensure users still need roles Download audit history for internal or external audit Prevents removal of the last active Global Administrator role assignment

Azure PIM is correct

D (Azure AD) Privileged Identity Management (PIM)

The correct answer is D because to use PIM you must have Premium P2.

Should be A. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about.

PIM is the correct answer A

PIM is correct for short time access

Answer A, PIM relates to the Azure tasks C seemsINcorrect becasue it saids POLICY, not control https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-conditional-access-session Conditional Access App Control enables user app access and sessions to be monitored and controlled in real time based on access and session policies. Access and session policies are used within the Defender for Cloud Apps portal to refine filters and set actions to take.

Most people vote for A and the answer provided by this site is D. So which one is the correct?

A right

Correct answer is A: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management: Provide just-in-time privileged access to Azure AD and Azure resources Assign time-bound access to resources using start and end dates Require approval to activate privileged roles Enforce multi-factor authentication to activate any role Use justification to understand why users activate Get notifications when privileged roles are activated Conduct access reviews to ensure users still need roles Download audit history for internal or external audit Prevents removal of the last active Global Administrator role assignment

PIM is the correct answer A

A - PIM because you give timed access

Got this question on my exam 05/09/2023

A: Azure Active Directory (Azure AD) Privileged Identity Management (PIM) allows you to grant temporary administrative roles to users for a specified duration, which can be set for two hours or any desired time frame. This ensures that users have elevated privileges only when needed and for a limited period.

A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)