AZ-500 · Question #370
AZ-500 Question #370: Real Exam Question with Answer & Explanation
The correct answer is A: Privileged role administrator. To enable User1 to create and manage administrative units while adhering to the principle of least privilege, the Privileged role administrator role should be assigned.
Question
You have an Azure Active Directory (Azure AD) tenant that contains a user named User1. You need to ensure that User1 can create and manage administrative units. The solution must use the principle of least privilege. Which role should you assign to User1?
Options
- APrivileged role administrator
- BHelpdesk administrator
- CGlobal administrator
- DSecurity administrator
Explanation
To enable User1 to create and manage administrative units while adhering to the principle of least privilege, the Privileged role administrator role should be assigned.
Common mistakes.
- B. The Helpdesk administrator role is primarily for resetting passwords and managing service requests, not for creating and managing administrative units.
- C. The Global administrator role grants unrestricted access to all administrative features in Azure AD, violating the principle of least privilege for managing only administrative units.
- D. The Security administrator role provides permissions to manage security-related features, such as security information and reports, but does not include the ability to manage administrative units.
Concept tested. Azure AD role-based access for administrative units
Community Discussion
No community discussion yet for this question.