AZ-304 – Question #52


Question #52

You have 200 resource groups across 20 Azure subscriptions.
Your company’s security policy states that the security administrator must verify all assignments of the Owner role for the subscriptions and resource groups once a month. All assignments that are not approved by the security administrator must be removed automatically. The security administrator must be prompted every month to perform the verification.
What should you use to implement the security policy?

A. Identity Secure Score in Azure Security Center
B. Access reviews in Identity Governance
C. the user risk policy in Azure Active Directory (Azure AD) Identity Protection
D. role assignments in Azure Active Directory (Azure AD) Privileged Identity Management (PIM)