Microsoft Azure Architect Design (AZ-301) Practice Exam

What is the appropriate service to provide temporary administrative access for Quality Assurance in Azure?

• A. Azure AD Privileged Identity
• B. Azure AD Managed Services
• C. Azure Monitor
• D. Azure Automation

The correct answer is: Azure AD Privileged Identity

The most appropriate service to provide temporary administrative access in Azure for Quality Assurance is Azure AD Privileged Identity. This service enables you to implement just-in-time access to Azure resources, allowing administrators to request temporary permissions for specific tasks. It enhances security by minimizing the time that high-privilege roles are active, reducing the risk of security breaches. Azure AD Privileged Identity Management (PIM) provides a way to manage, control, and monitor access within Azure AD, making it an ideal choice for scenarios where temporary or limited access is needed for specific roles or tasks. By using PIM, organizations can enforce policy compliance and ensure that access is granted only when necessary, which is a critical consideration in environments like Quality Assurance. The other services mentioned do not specifically cater to the need for managing administrative access in this way. Azure AD Managed Services focuses more on providing support for managing Azure Active Directory itself, while Azure Monitor deals with the performance and health monitoring of applications and services in Azure. Azure Automation primarily focuses on automating processes and tasks in Azure, rather than directly providing temporary access solutions. Therefore, Azure AD Privileged Identity is the best fit for providing temporary administrative access.