Answer: Security principal : You can assign a security principal to an Azure AD role. A security principal can be a user, group, service principal, or managed identity. source: https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
-Difference between security principal and service principal: A security principal is a broader term that refers to any entity that can be authenticated by Azure AD, including users, groups, service principals, and managed identities.
A service principal is a specific type of security principal that represents an application or service, allowing it to access specific Azure resources. It is essentially an identity created for use with applications, hosted services, and automated tools to access Azure resources
In summary, while all service principals are security principals, not all security principals are service principals.
Resource Group is the answer:
When you assign roles, you must specify a scope. Scope is the set of resources the access applies to. In Azure, you can specify a scope at four levels from broad to narrow: management group, subscription, resource group, and resource. For more information, see Understand scope.
https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
Basically either they want to catch you with "security principal" which is incorrect or there is a type. If it's a trick then the answer would be Resource Group
A security principal is any entity that can be authenticated by the operating system, such as a user account, a computer account, or a thread or process that runs in the security context of a user or computer account, or the security groups for these accounts
So security principle (identities) makes more sense IMO too
A security principal in Azure AD can refer to users, groups, service principals, or applications, all of which can be authenticated and authorized to access resources based on assigned permissions and roles within the directory.
Service principal.
On the Members tab, select User, group, or service principal to assign the selected role to one or more Microsoft Entra users, groups, or service principals (applications).
Click Select members. Find and select the users, groups, or service principals.
https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal#:~:text=On%20the%20Members%20tab%2C%20select,%2C%20groups%2C%20or%20service%20principals.
Security principal should be the answer.
You can assigns security principal to an Azure AD Role.
You cannot directly assign a resource group to Azure AD Role.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.SC-900 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
DanPicardi
Highly Voted 1 year, 10 months agoRour
Most Recent 2 months, 1 week agoLegendaryZA
8 months agoBladiebla31
6 months, 2 weeks agoNoursBear
1 year agoNoursBear
12 months agoHov13
5 months agoMSMN91
1 year, 1 month agotc_praveen
1 year, 5 months agoRoy2022
1 year, 2 months agoTomix
1 year, 7 months agojai0000
1 year, 7 months agodsharp
1 year, 11 months ago