Exam AZ-500 topic 2 question 107 discussion

AD. https://learn.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-configure-tenant Ensure that you have the global administrator or the authentication policy administrator permission for the directory you want to configure. If you're not the global administrator, you need the application administrator permission to complete the app registration including granting admin consent.

The answer is Cloud App Administrator and Application Administrator. This exact same question is available in the practice assessment on the leran.Microsoft website and they also show you the answer alongside the reason for the answer. Please check and confirm. Thank you!

Prerequisites You need an Azure tenant with an active subscription. If you don't have an Azure subscription, create one for free. Ensure that you have the Global Administrator or the authentication policy administrator permission for the directory you want to configure. If you're not the Global Administrator, you need the application administrator permission to complete the app registration including granting admin consent. Ensure that you have the contributor role for the Azure subscription or the resource group where you are deploying Azure Key Vault. Ensure that you provide access permissions for Key Vault. For more information, see Provide access to Key Vault keys, certificates, and secrets with an Azure role-based access control. https://learn.microsoft.com/en-us/entra/verified-id/verifiable-credentials-configure-tenant AD

Answers: AD Link: https://learn.microsoft.com/en-us/entra/verified-id/verifiable-credentials-configure-tenant

AD. https://learn.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-configure-tenant Ensure that you have the global administrator or the authentication policy administrator permission for the directory you want to configure. If you're not the global administrator, you need the application administrator permission to complete the app registration including granting admin consent.

To enable User1 to perform the tasks, you should assign the following roles: - Authentication Policy Administrator: This role is required to configure the tenant for Microsoft Entra Verified ID. The user needs to have the global administrator or the authentication policy administrator permission for the directory they want to configure. - Application Administrator: This role is required to register an application in Microsoft Entra ID. If User1 is not the global administrator, they need the application administrator permission to complete the app registration including granting admin consent. Reference Configure your tenant for Microsoft Entra Verified ID https://learn.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-configure-tenant

Correct Answer: A, D

A - Authentication Policy Administrator - Can create and manage the authentication methods policy, tenant-wide MFA settings, password protection policy, and verifiable credentials. D - Application Administrator - Can create and manage all aspects of app registrations and enterprise apps. NOT B - Authentication Administrator - Can access to view, set and reset authentication method information for any non-admin user. You are setting policy for the Org, not managing users. https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference

Prerequisites You need an Azure tenant with an active subscription. If you don't have an Azure subscription, create one for free. Ensure that you have the global administrator or the authentication policy administrator permission for the directory you want to configure. If you're not the global administrator, you need the application administrator permission to complete the app registration including granting admin consent. • Configure contoso.com to use Microsoft Entra Verified ID. >>authentication policy administrator • Register App1 in contoso.com >>application administrator

AD is correct. https://learn.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-configure-tenant

Given answer is correct

The correct answer is B and D. Authentication Administrator and Application Administrator.