Exam AZ-104 topic 2 question 57 discussion

Since the discussion added a lot of confusion cause a lot of people in here just drop random facts without any proof,misleading people, i tested it at an Azure lab. In the scope field at the "Basics" tab i was able to select "Tenant Root Group" or "Management Group1" with the optional entries of Subscription and Resource group So ""you can assign policy to Tenant Root Group,ManagementGroup1,Subscription1 and RG1"" As for the second answer about the exclusions, i was able to select all the items in the scope EXCEPT the Tenant Root Group Therefore the correct answer would be ""ManagementGroup1,Subscription1,RG11 and VM1"" I hope that helps

Wrong! You can assign a policy to the Root, Management Group, Subscription and Ressource Group BUT NOT A RESSOUCE ITSELF! Test it in Portal! 2nd part of answer seems to be correct. You can not Exclude the highest scope that you can assign to. I tried it in portal as well and it wont save the exclusion Tenant Root Group

!! Please be careful not to share incorrect information! According to Microsoft documentation: "policies can be assigned to any scope of resources that Azure supports, such as management groups, subscriptions, resource groups, or individual resources." !! -

WRONG You can assign Policy1 to: Tenant Root Group, ManagementGroup1, Subscription1, and RG1 only You can exclude Policy1 from: ManagementGroup1, Subscription1, RG1, and VM1 only

Wrong You can assign Policy1 to: Tenant Root Group, ManagementGroup1, and Subscription1 only You can exclude Policy1 from: ManagementGroup1, Subscription1, RG1, and VM1 only

tested on lab, you can assign policy on vm

Policies can be applied to the resource like VM https://learn.microsoft.com/en-us/azure/governance/policy/concepts/recommended-policies

You can assign Policy1 to Tenant Root Group, ManagementGroup1, Subscription1, and RG1 only You can exclude Policy1 from ManagementGroup1, Subscription1, RG1, and VM1 only

given answer is correct.

Feeling tired of reading discussions. examtopics please quality seems ?

In the name of discussion most confusion is created and makes me think is it worth paying $65 to examtopics. I thought examtopics would be a good material so far out of 90 questions most of them have not been given exact answer

the key in question is only

You can Assign policy to: Tenant Root Group, ManagementGroup1, Subscription1 and RG1 ONLY" You can Exclude policy from: ""ManagementGroup1,Subscription1,RG1, and VM1 ONLY""

1/ You can assing Policy1 to: Tenant Root Group, Mangement Group 1, Subscription 1, RG1,VM1 2/ You can exclude Policy1 to: Mangement Group 1, Subscription 1,RG1,VM1 "Once your business rules have been formed, the policy definition or initiative is assigned to any scope of resources that Azure supports, such as management groups, subscriptions, resource groups, or individual resources." https://learn.microsoft.com/en-us/azure/governance/policy/overview "Subscopes can be excluded, if necessary. "https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/overview#understand-scope

The given answers are correct. Policy can be applied to all, Remember the kind of policy you can apply to prevent a particular set of types of instance while creating your VM. , then the Only you can exclude all except the Tenant root Group from a policy.

Answer should be: 1) Tenant Root Group, MG1, Sub1 and RG1 Only 2) MG1, Sub1, RG1 and VM1 only

Assign policy1: 4te Antwort Eclude policy1: 4te Antwort