Manage Azure identities and governance Questions
Practice questions for Manage Azure identities and governance topic in Microsoft Certified: Azure Administrator Associate. 48 questions covering this domain.
A user has the Contributor role at the subscription scope and the Reader role on one resource group in that subscription. What are the user's effectiv...
A team lead should manage virtual machines only in the Prod resource group and nowhere else. At which scope should you assign the role?
A subscription owner wants to receive warnings before spending exceeds a monthly target and also wants cost-saving recommendations. Which combination ...
An administrator applies a ReadOnly lock to a storage account. Later, an application that uses data plane blob operations with Microsoft Entra authori...
A management group assignment denies unapproved resource types. One child subscription now needs to allow an additional resource type. What should the...
A company is introducing a new Azure Policy and wants to understand its effect before blocking deployments. Which effect should administrators start w...
An Azure resource must authenticate to another Azure service without storing credentials in code or configuration. What should the administrator use?
An organization requires every new resource to have a CostCenter tag. Administrators discover that tags applied to a resource group are not inherited ...
A storage account inside a resource group has a CanNotDelete lock. What happens if an administrator tries to delete the entire resource group?
A company has dozens of subscriptions and wants to organize them so policies and access can be managed above the subscription level. What should the a...
Which Azure service evaluates resource properties against business rules and can deny noncompliant deployments?
Users need to reset their own passwords without calling the help desk. Which Microsoft Entra feature should an administrator configure?
An administrator wants ongoing recurring reviews to verify that members of a privileged group still need access. Which Microsoft Entra feature should ...
An administrator must let on-call engineers temporarily activate the Azure RBAC Owner role with approval and time limits. Which feature should be used...
A management group hierarchy enforces an allowed-locations policy. A team needs one specific resource group to permit an additional region without wea...
An administrator wants subscription owners to receive an email when forecasted spend will exceed the monthly budget. Which combination should be confi...
Multiple subscriptions belong to one billing account. Tags applied to a resource group are not appearing on its resources because tags do not inherit....
A company wants to deploy a baseline of related policies (tag enforcement, allowed locations, allowed SKUs) as a single managed unit across many subsc...
Which Azure RBAC role allows the holder to manage access for others without granting them rights to deploy or manage resources?
Which Microsoft Entra feature enforces multi-factor authentication based on signals like sign-in risk, location, and device state?
Sign in to see all 48 questions
Create a free account to browse all questions — completely free during our launch phase.