Microsoft Azure Security Engineer Associate AZ-500 Practice Question
Your organization uses Microsoft Entra Privileged Identity Management (PIM) for Azure resource roles. The Production subscription has been onboarded to PIM. Compliance mandates that eligible users who activate the Owner role must obtain manager approval and that the role remains active for no longer than 1 hour. Which PIM setting should you change to meet the requirements?
Create a Conditional Access policy that requires multi-factor authentication for the Owner role.
Edit the Owner role's settings in PIM for the Production subscription to require approval and set a 1-hour activation duration.
Enable Just-In-Time (JIT) VM access in Microsoft Defender for Cloud for the Production subscription.
Create an access review for the Owner role in the Production subscription and set reviewers to managers.
In PIM you can configure per-role settings for Azure resource roles. Editing the Owner role's settings lets you:
Require approval to activate and choose one or more approvers.
Set the maximum activation duration (in hours) for the role; the minimum permitted value is 1 hour. Access reviews evaluate existing assignments but do not control activation parameters in real time. Just-In-Time VM access is unrelated to Azure role activation, and Conditional Access cannot impose approval workflows or activation duration on PIM roles. Therefore, modifying the Owner role's settings in PIM is the only configuration that meets both requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Microsoft Entra Privileged Identity Management (PIM)?
Open an interactive chat with Bash
What does 'approval to activate a role' in PIM mean?
Open an interactive chat with Bash
How is the activation duration for roles set in PIM?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure identity and access
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .