You have an Azure subscription that contains a storage account named storage1 and a web app named WebApp1. WebApp1 uses a system-assigned managed identity. You need to ensure that WebApp1 can read and write files to storage1 by using the system-assigned managed identity. What should you configure for storage1 in the Azure portal?

A. the File share settings

B. the Access control (1AM) settings

C. a shared access signature (SAS)

D. data protection

E. access keys

You have two Microsoft Entra tenants named contoso.com and fabhkam.com. Contoso.com contains the users shown in the following table.

You have an Azure subscription that contains a user-assigned managed identity named Managed1 in the East US Azure region. The subscription contains the resources shown in the following table.

Which resources can use Managed 1 as their identity?

A. WebApp1 only

B. storage1 and WebApp1 only

C. VM1 and WebApp1 only

D. VM1, storage1, and WebApp1

You have an Azure Active Directory (Azure AD) tenant that contains the following objects:

• A device named Device1
• Users named User1, User2, User3, User4, and User5
• Groups named Group1, Group2, Group3, Group4, and Group5

The groups are configured as shown in the following table.

A. Group1 and Group4 only

B. Group1, Group2, Group3, Group4, and Group5

C. Group1 and Group2 only

D. Group1 only

E. Group1, Group2, Group4, and Group5 only

Your company requires that users request access before they can access corporate applications. You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1. Which settings should you configure next for MyApp1?

A. Self-service

B. Provisioning

C. Roles and administrators

D. Application proxy

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure conditional access policies.
Does this meet the goal?

A. Yes

B. No

You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You plan to increase app security for the subscription.
You need to identify which apps do NOT require user authentication.
What should you do in the Microsoft 365 Defender portal?

A. Create a discovered app query.

B. Create a snapshot Cloud Discovery report

C. Create an OAuth policy and review alerts

D. Review the cloud app catalog.

You have an Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table.

A. Group1 only

B. Group1 and Group4 only

C. Group1 and Group2 only

D. Group1, Group2, Group4, and Group5 only

E. Group1, Group2, Group3, Group4 and Group5

You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You need to ensure that Azure AD External Identities pricing is based on monthly active users (MAU).
What should you configure?

A. an access review

B. the terms or use

C. a linked subscription

D. a user flow

Your company purchases 2 new Microsoft 365 ES subscription and an app named App.
You need to create a Microsoft Defender for Cloud Apps access policy for App1.
What should you do you first? (Choose Correct Answer based on Microsoft Identity and Access Administrator at microsoft.com)

A. Configure a Token configuration for App1.

B. Add an API permission for App1.

C. Configure a Conditional Access policy to use app-enforced restrictions.

D. Configure a Conditional Access policy to use Conditional Access App Control.