Home » Microsoft » MS-500 v.2 » Which of the following roles do you require in order to implement privileged identity management?
Your organization strictly follows the principle of least privilege.
Which of the following roles do you require in order to implement privileged identity management?
A. Global Administrator
B. Azure Subscription Owner
C. Azure Subscription Contributor
D. Security Administrator
E. Privileged Role Administrator
Correct Answer: A
Explanation/Reference:
You must be a Global Administrator to implement (opt-in to) PIM for the first time Once you implemented PIM, you can change role eligibility assignments using Privileged Role Administrator Security Administrator cannot manage Azure AD role assignments or settings
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#security-administrator https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure#who-cando-what https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-started#enable-pim