Home » Microsoft » MS-500 v.2 » Which of these measures would lower the risk of having too many user accounts with the security administrator role in Azure AD?
Which of these measures would lower the risk of having too many user accounts with the security administrator role in Azure AD?
A. Configure single sign on
B. Configure Intune
C. Configure conditional access
D. Configure privileged identity management
E. Configure identity protection
Correct Answer: D
Explanation/Reference:
SSO will not reduce risk – this is a productivity enhancer
Intune, conditional access and identity protection will reduce risk, but it is not specific to privileged administrator accounts A PIM access review would also reduce the risk, especially if configured to remove access if no longer needed thereby effectively reducing the number of privileged accounts.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure