ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam PL-600 All Questions

View all questions & answers for the PL-600 exam
Go to Exam

Exam PL-600 topic 2 question 22 discussion

Actual exam question from Microsoft's PL-600
Question #: 22
Topic #: 2
[All PL-600 Questions]

You are designing a Microsoft Power Platform solution for a company that has multiple Microsoft Dataverse environments.
You need to prevent specific users from accessing specific environments.
What should you do?

  • A. Remove all security roles from the users of the specific environments.
  • B. Remove the user from the business unit.
  • C. Remove the user from all security groups.
  • D. Remove the user from all teams.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Daniel1992 at April 24, 2022, 8:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
petertwilliams
Highly Voted 2 years, 6 months ago
Selected Answer: A
The problem with option A though, is that you need to ensure the user is in no teams that have security roles applied. If the user is in an AAD synchronised team, then option A only works if it also includes removing users from AAD synchronized groups. Option D doesn't work due to the exact opposite scenario, a user can be assigned a role directly. Option B is nonsense. Option C only makes sense if by "Remove the user from all security groups" means "remove the user from all security groups on the specified environments". Option A is the best answer of the bunch, but I don't like the way this question is structured.
upvoted 9 times
Dude
1 year, 10 months ago
You are right, I was convinced that removing the users from the security group was the right answer until I read your response which calls out, remove users from all security groups. If you did this then the user would not have access to any environments. So I agree with A and the closest best case answer.
upvoted 2 times
...
elka88
1 year, 3 months ago
B is nonsense in the sense of playing with words, because you cannot actually remove the BU. However, if you change the user's BU, they will automatically lose all security roles.
upvoted 1 times
...
...
loftuscheek
Most Recent 1 month, 2 weeks ago
Selected Answer: A
correct
upvoted 1 times
...
Lenny001
5 months, 3 weeks ago
Selected Answer: C
According to https://learn.microsoft.com/en-us/power-platform/admin/control-user-access the solution is security group
upvoted 2 times
...
MEG_Florida
1 year, 9 months ago
Selected Answer: A
This is the best way
upvoted 2 times
...
kantishwar
1 year, 11 months ago
It was in exam today. Given ans is correct.
upvoted 1 times
...
RalphE
2 years, 5 months ago
ok, A will work definatly, but also removing the user from the business unit would remove all his related security roles
upvoted 2 times
...
SW85
2 years, 7 months ago
I would've said C if the answer was worded as removing the user from the security group for the specific environments, as opposed to ALL environments. With that said, I agree the answer is A based on options provided.
upvoted 3 times
...
Dynamic_MD
2 years, 11 months ago
Selected Answer: A
Well D can also be answer if User do not have direct role (access through Team being team member)
upvoted 2 times
...
YoussefB
2 years, 11 months ago
Selected Answer: A
Correct
upvoted 2 times
...
Daniel1992
3 years ago
Correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago