ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-301 All Questions

View all questions & answers for the AZ-301 exam
Go to Exam

Exam AZ-301 topic 17 question 9 discussion

Actual exam question from Microsoft's AZ-301
Question #: 9
Topic #: 17
[All AZ-301 Questions]

HOTSPOT -
You are designing an access policy for the sales department at your company.
Occasionally, the developers at the company must stop, start, and restart Azure virtual machines. The development team changes often.
You need to recommend a solution to provide the developers with the required access to the virtual machines. The solution must meet the following requirements:
✑ Provide permissions only when needed.
✑ Use the principle of least privilege.
Minimize costs.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
by alibob at Jan. 11, 2020, 4:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ekramy_Elnaggar
Highly Voted 5 years, 6 months ago
This is a repeated question: https://www.examtopics.com/exams/microsoft/az-301/view/22
upvoted 7 times
JohnAvlakiotis
5 years, 5 months ago
Repetition is the mother of all learning :)
upvoted 58 times
...
joehoesofat
3 years, 5 months ago
repeated where? - edit find - only when- and what comes up here? https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure P2 JIT
upvoted 1 times
...
...
pandeya442
Highly Voted 5 years, 2 months ago
Repeated question- P2 PIM
upvoted 6 times
...
Jinder
Most Recent 4 years, 6 months ago
Premium P2 Privileged Identity Management for the Azure resources Just in time VM, access is completely different from Just in time Privileged access, but here they specifically gave the option "Just in time VM access" which can not be correct answer.
upvoted 1 times
...
sanketshah
4 years, 7 months ago
Premium P2 JIT is correct answer.
upvoted 1 times
...
Test_Taker_1
4 years, 11 months ago
Should be PIM as "The development team changes often." that means we need to frequently review what users have access to start/stop.
upvoted 4 times
...
Wildsheep
5 years ago
I think it's JIT because just enabling PIM without configuring JIT access will not meet the results
upvoted 2 times
Wildsheep
4 years, 11 months ago
Actually, it's a different JIT... we need just-in- time JIT Privileged access NOT JIT VM Access, these are 2 different things.
upvoted 1 times
...
...
Nitink
5 years, 1 month ago
JIT is for security group blocking and allowing for specific time. The question asked about stop/start of vm. So I will go with PIM
upvoted 1 times
...
DeveshSolanki
5 years, 1 month ago
May be PIM OR JIT as JIT is feature within PIM
upvoted 1 times
...
alibob
5 years, 6 months ago
Second should be Just in time.
upvoted 2 times
bbbb
5 years, 5 months ago
Disagree, JIT would provide unnecessary access to the vms. PIM would allow stopping/starting of vms from the portal without exposing the vms further. Doing these tasks does not require someone to log onto the server. Also JIT requires the Security Center standard tier which probably works out more costlier depending on the number of vms.
upvoted 4 times
mpknz
5 years, 5 months ago
PIM is a service not a feature. PIM includes several features including JIT access for administrative tasks. I believe you could use JIT as part of PIM to just allow access to restart by allowing elevation to a custom role. JIT is also available as a feature of Security Center but as far as I know you can use JIT as part of PIM with a p2 license without the additional security center standard tier licensing although this is hard to confirm from the documentation.
upvoted 1 times
mpknz
5 years, 5 months ago
one other thought. JIT VM access in the answers doesn't have to mean logon access to the VMs. The question also uses the phrase required access. In both cases saying permissions or privileges would be less confusing.
upvoted 1 times
tartar
4 years, 10 months ago
Premium P2 Privileged Identity Management for the Azure resources
upvoted 5 times
...
...
...
Wildsheep
5 years ago
You are thinking of Just In Time network access from Security Center... PIM Just in Time access is a different thing
upvoted 1 times
a_Ri
4 years, 10 months ago
exactly..... just in time VM access is not in PIM and doesn’t support privilege assignments.
upvoted 1 times
...
...
joehoesofat
3 years, 5 months ago
jit am pm are both ps features- - "edit find"- only when- and what comes up here? https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure P2 JIT
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel