Microsoft Azure Security Engineer Associate AZ-500 Practice Question
You are exposing a custom multi-tenant web API through an Azure app registration. While defining the Finance.Read permission, you must ensure that:
Only tenant administrators can grant consent for the permission.
The permission can be granted to signed-in users, not to background daemon apps. Which combination of settings meets these requirements when you create the Finance.Read scope?
Permission type: Application; Who can consent: Administrators only
Permission type: Delegated; Who can consent: Administrators only
Permission type: Delegated; Who can consent: Administrators and users
Permission type: Application; Who can consent: Administrators and users
Finance.Read must be a delegated permission so it is presented only when a user is involved in the authorization flow; application permissions are intended for daemon or service scenarios without user context. Setting Who can consent to Administrators only ensures that only tenant admins can approve the permission for users or service principals, preventing end users from self-consenting. Choosing Application would make the permission available to daemon apps, contradicting the requirement, and allowing Users consent would let non-admin users approve the permission, which is also disallowed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between delegated and application permissions in Azure app registration?
Open an interactive chat with Bash
Why would you restrict consent to Administrators only in Azure app registrations?
Open an interactive chat with Bash
What are daemon apps and why are they incompatible with delegated permissions?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure identity and access
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .