ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-204 All Questions

View all questions & answers for the AZ-204 exam
Go to Exam

Exam AZ-204 topic 4 question 2 discussion

Actual exam question from Microsoft's AZ-204
Question #: 2
Topic #: 4
[All AZ-204 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level.
You need to configure authorization.
Solution: Configure the Azure Web App for the website to allow only authenticated requests and require Azure AD log on.
Does the solution meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by fadikh at March 3, 2021, 10:05 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
fadikh
Highly Voted 4 years, 2 months ago
Answer is correct. The proposed solution lacks the authorization part.
upvoted 33 times
ferut
3 years, 11 months ago
Aggree. Setting up the access on AD is one thing. The application should be set up to differentiate different roles and access.
upvoted 5 times
...
edengoforit
3 years, 3 months ago
Answer is NO
upvoted 3 times
...
...
kondapaturi
Highly Voted 3 years, 10 months ago
Answer – No, Here you need to create an application in Azure AD. Then set the groupMembershipClaims claims. Then inspect the token in the application to see if the user is part of that group. Hence - B is correct
upvoted 14 times
...
Vichu_1607
Most Recent 6 months, 4 weeks ago
Selected Answer: B
No, the solution does not meet the goal. While configuring the Azure Web App to allow only authenticated requests and require Azure AD log on is a necessary step for securing the application, it does not address the requirement of assigning users one of the specific permission levels (admin, normal, reader) based on their Azure AD group membership. To meet this requirement, you would need to implement role-based access control (RBAC) in your application. This would involve mapping Azure AD groups to roles within your application, and then assigning permissions to those roles.
upvoted 2 times
...
Dixavado
1 year, 7 months ago
It was on my exam today (2023-09-26) I went with the examtopics answer - score 850
upvoted 3 times
...
Tarajee
1 year, 7 months ago
On my exam 2023sept
upvoted 1 times
...
MysticalSam
1 year, 10 months ago
This question was in today's exam on 10-June-2023
upvoted 4 times
...
sarmaria
2 years, 1 month ago
Got this on 16/03/23. Chosen No. Make sure to prepare for case study. I got city and lights case study. No Kubernetes, Search, Logic Apps questions for me.
upvoted 3 times
...
Esward
2 years, 3 months ago
Given answer is correct https://docs.microsoft.com/en-us/archive/blogs/waws/azure-app-service-authentication-aad-groups
upvoted 1 times
...
capable
2 years, 5 months ago
Got this case study in my exam 27/11/2022
upvoted 2 times
...
gmishra88
2 years, 7 months ago
If you think about it having the groups claim is also not enough. You need to check for it. So, even if the group claims was there it could be no. Because of that reason it could have been yes, because you need to do that step as well as groups claim and also check if the claim is authorized. These kind of questions are just Microsoft way of confusion
upvoted 2 times
...
bhakk
2 years, 10 months ago
Answer is B
upvoted 1 times
...
Eltooth
2 years, 10 months ago
Selected Answer: B
B is correct answer
upvoted 1 times
...
pradipbobhate
3 years, 1 month ago
Selected Answer: A
correct Answer
upvoted 1 times
...
Freidrich
3 years, 2 months ago
Selected Answer: B
The correct answer is B: No.
upvoted 1 times
...
edengoforit
3 years, 3 months ago
This is the correct answer: Solution: ✑ Create a new Azure AD application. In the application's manifest, set value of the groupMembershipClaims option to All. ✑ In the website, use the value of the groups claim from the JWT for the user to determine permissions.
upvoted 5 times
...
edengoforit
3 years, 3 months ago
Provided answer and explanation is correct.
upvoted 1 times
...
ehurfheiz
3 years, 3 months ago
Selected Answer: B
B seems to be the correct answer
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago