SC-900 Question #201: Real Exam Question with Answer & Explanation

The correct answer is B: Microsoft Entra Privileged Identity Management (PIM). Microsoft Entra Privileged Identity Management (PIM) provides just-in-time (JIT) privileged access management. It enables time-bound role activation (roles are active only for a specified duration) and approval-based workflows (an approver must grant the activation request before

Submitted by chen.hong· Apr 18, 2026Describe the capabilities of Microsoft Entra

Question

You have an Azure subscription. You need to implement approval-based, time-bound role activation. What should you use?

Options

AMicrosoft Entra Access Reviews
BMicrosoft Entra Privileged Identity Management (PIM)
CMicrosoft Entra Identity Protection
DMicrosoft Entra Conditional access

Explanation

Microsoft Entra Privileged Identity Management (PIM) provides just-in-time (JIT) privileged access management. It enables time-bound role activation (roles are active only for a specified duration) and approval-based workflows (an approver must grant the activation request before the user gains elevated access). This limits the attack surface of persistent privileged accounts. Access Reviews (A) are used to periodically audit who has access to resources, not to control activation. Identity Protection (C) focuses on detecting risky sign-ins and compromised identities. Conditional Access (D) enforces access policies at sign-in time but does not manage role activation workflows.

Topics

#Privileged Identity Management#Just-in-time access#Role activation

Community Discussion

No community discussion yet for this question.

Full SC-900 Practice Browse All SC-900 Questions