SC-300 · Question #81
SC-300 Question #81: Real Exam Question with Answer & Explanation
The correct answer is B: User1 and Guest1 only. You cannot assign service principals as eligible to Azure AD roles, Azure roles, and Privileged Access groups but you can grant a time limited active assignment to all three. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-
Question
You have an Azure Active Directory (Azure AD) tenant that contains the objects shown in the following table. Which objects can you add as eligible in Azure AD Privileged Identity Management (PIM) for an Azure AD role?
Options
- AUser1, Guest1, and Identity1
- BUser1 and Guest1 only
- CUser1 only
- DUser1 and Identity1 only
Explanation
You cannot assign service principals as eligible to Azure AD roles, Azure roles, and Privileged Access groups but you can grant a time limited active assignment to all three. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-
Community Discussion
No community discussion yet for this question.