nerdexam
ExamsAZ-500Questions#43
MicrosoftMicrosoft

AZ-500 · Question #43

AZ-500 Question #43: Real Exam Question with Answer & Explanation

To enable Azure AD PIM for Azure AD roles, you must first Consent to PIM (accepting the service terms and granting PIM access to your directory), then Verify your identity using MFA (to confirm you are who you claim to be before making privileged changes), and finally Sign up PIM

Submitted by neha2k· Mar 6, 2026Implement and manage identity and access in Azure Active Directory - specifically configuring and enabling Privileged Identity Management (PIM) to secure privileged role access (AZ-500 / SC-300 domain: Manage Identity and Access)

Question

Drag and Drop Question You create an Azure subscription. You need to ensure that you can use Azure Active Directory (Azure AD) Privileged Identity Management (PIM) to secure Azure AD roles. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:

Explanation

To enable Azure AD PIM for Azure AD roles, you must first Consent to PIM (accepting the service terms and granting PIM access to your directory), then Verify your identity using MFA (to confirm you are who you claim to be before making privileged changes), and finally Sign up PIM for Azure AD roles (formally activating PIM management for Azure AD roles). This sequence ensures proper authorization and identity verification before the service is activated, following Microsoft's required onboarding workflow for PIM.

Topics

#Azure AD Privileged Identity Management#PIM Onboarding#Identity Governance#Multi-Factor Authentication

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full AZ-500 PracticeBrowse All AZ-500 Questions