To evaluate and remediate the risks associated with highly privileged accounts across multiple Azure subscriptions linked to a single Microsoft Entra tenant, you should use Privileged Identity Management (PIM) (Option B).
Microsoft Entra PIM provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. It helps you manage, control, and monitor access within your organization, which includes access to Azure resources and other Microsoft services.
Please note that while Microsoft Entra Permissions Management can provide visibility into permissions across multicloud infrastructures, it doesn’t specifically target the management of highly privileged accounts. Global Secure Access and Microsoft Entra Verified ID do not provide the specific capabilities required for this scenario.
To evaluate and remediate the risks associated with highly privileged accounts while minimizing administrative effort, you should use Microsoft Entra Permissions Management. This tool provides a comprehensive solution for managing permissions and roles across multiple cloud environments, including Azure
You can basically evaluate and remediate the risk by using both PIM and Permission Management, but I think they were aiming to Permission Management "minimizing administrative effort" was mentioned
I think it's got to be C. in the description: "Discover
Customers can assess permission risks by evaluating the gap between permissions granted and permissions used." "
Remediate
Customers can right-size permissions based on usage, grant new permissions on-demand, and automate just-in-time access for cloud resources." https://learn.microsoft.com/en-us/entra/permissions-management/overview. I don't see how PIM does anything to "evaluate" risk.
it doesn't matter if its multi-cloud or not, Entra Permissions Management can be used for Azure only without onboarding AWS or GCP.
The answer is C as it provides this centralized location where we can easily check and fix the issues with permissions that have higher privileges..
Could make a case for PIM, but I think Microsoft wants to hear Permission Management.
The only thing that may not make it Permission Management is that it doesn't say multi-cloud.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.SC-300 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Steingalen
Highly Voted 1 year, 2 months agoSneekygeek
Highly Voted 1 year, 3 months agoYesPlease
Most Recent 1 month, 2 weeks agoFrank9020
3 months, 1 week agorvln7
2 months agoNail
6 months agoaocferreira
6 months, 1 week agoSc300ExamDemo
10 months, 4 weeks agomedi1520
1 year, 1 month agoOdy
1 year, 2 months ago