Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Exam AZ-104 topic 2 question 3 discussion

Actual exam question from Microsoft's AZ-104
Question #: 3
Topic #: 2
[All AZ-104 Questions]

You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1.
You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days.
Which two groups should you create? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. a Microsoft 365 group that uses the Assigned membership type
  • B. a Security group that uses the Assigned membership type
  • C. a Microsoft 365 group that uses the Dynamic User membership type
  • D. a Security group that uses the Dynamic User membership type
  • E. a Security group that uses the Dynamic Device membership type
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
You can set expiration policy only for Office 365 groups in Azure Active Directory (Azure AD).
Note: With the increase in usage of Office 365 Groups, administrators and users need a way to clean up unused groups. Expiration policies can help remove inactive groups from the system and make things cleaner.
When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, etc.) are also deleted.
You can set up a rule for dynamic membership on security groups or Office 365 groups.
Incorrect Answers:
B, D, E: You can set expiration policy only for Office 365 groups in Azure Active Directory (Azure AD).
Reference:
https://docs.microsoft.com/en-us/office365/admin/create-groups/office-365-groups-expiration-policy?view=o365-worldwide

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
kennynelcon
Highly Voted 1 year ago
Selected Answer: AC
Correct Answer: A and C Only O365 groups support automatic deletion after 180 days.
upvoted 32 times
jackdryan
3 months, 2 weeks ago
A and C are correct
upvoted 3 times
ConanBarb
3 months ago
Sorry y'all AC:s, but you're wrong Correct, according to Microsoft own sample exam questions is: CD Microsoft exam question answers: "a security group that uses the dynamic membership type" "a Microsoft 365 group that uses the dynamic membership type" Corresponds to A. a Microsoft 365 group that uses the Assigned membership type B. a Security group that uses the Assigned membership type x C. a Microsoft 365 group that uses the Dynamic User membership type x D. a Security group that uses the Dynamic User membership type E. a Security group that uses the Dynamic Device membership type "Rationale: Groups that use dynamic membership rules reduce the overhead of access management by providing attribute-based membership and access to resources. Based on membership rules the membership, and resulting access, can be granted and removed automatically." https://learn.microsoft.com/en-us/certifications/resources/az-104-sample-questions
upvoted 5 times
MrBlueSky
3 months ago
This is a different question. The reason why A and C is correct is because the answer specifies that the group needs automatic deletion and that's only supported by Microsoft 365 groups.
upvoted 12 times
...
...
...
...
GVKGVK
Highly Voted 11 months, 1 week ago
Gave exam on June 29th 2022 and passed with 870. 80 Percent of the question came from here. Thanks every one for comments.
upvoted 18 times
...
ZZhere
Most Recent 17 hours, 5 minutes ago
In exam today, thanks for ET answer.
upvoted 1 times
...
stonwall12
6 days, 19 hours ago
The answer is only the O365 groups, as they support automatic deletion as required by the question.
upvoted 1 times
...
Juanchooo
2 weeks, 4 days ago
Came in my exam today 17/05/23
upvoted 4 times
Yodao
4 days, 20 hours ago
with how much did you pass?
upvoted 1 times
...
...
Andre369
2 weeks, 5 days ago
Selected Answer: AC
Both options A and C are correct. Explanation: Option A: Creating a Microsoft 365 group using the Assigned membership type allows you to manually assign users (User1, User2, and User3) to the group. This type of group is suitable when you want to have control over the membership and manually manage who belongs to the group. Option C: Creating a Microsoft 365 group using the Dynamic User membership type allows you to define dynamic membership rules based on user attributes such as department, job title, or other attributes.
upvoted 1 times
...
JunetGoyal
1 month ago
Exact same Q came in my exam on 30 April2023.
upvoted 3 times
...
Madbo
1 month, 3 weeks ago
The correct answers are A and C. A Microsoft 365 group that uses the Assigned membership type and a Microsoft 365 group that uses the Dynamic User membership type should be created. Assigned membership type groups are manually managed groups, and Dynamic User membership type groups automatically add or remove members based on certain rules or conditions. Both types of groups can be set to expire after a certain period of time using Azure AD access reviews. Access reviews enable you to efficiently manage group memberships and ensure that only the right people have continued access to group resources.
upvoted 2 times
...
Aluksy
1 month, 3 weeks ago
was on today's exam passed with 830 score
upvoted 3 times
...
lokii9980
2 months ago
B. a Security group that uses the Assigned membership type D. a Security group that uses the Dynamic User membership type Explanation: In this scenario, we should use Security groups since they can be used to grant access to SharePoint sites or resources. We should use the Assigned membership type because we want to add the three users directly to the group. We should use the Dynamic User membership type for the second group because we want to automatically remove the group after 180 days, and this type of group allows for dynamic membership based on user attributes like the LastDirSyncTime attribute. Therefore, we should create the following groups: A Security group named "Library1 Access Group" that uses the Assigned membership type, and add User1, User2, and User3 directly to the group. A Security group named "Library1 Temporary Access Group" that uses the Dynamic User membership type, and configure the group to automatically remove itself after 180 days.
upvoted 1 times
...
Driede
2 months ago
I hate the phrasing of these questions. Why C would be correct? It never mentions anything to base the condition for the dynamic membership. It explicitly states the members so it should be only direct assignment. I understand that the official exam considers both the correct answer but...how? I don't understand the rationale.
upvoted 3 times
...
mohsanarfandanish
2 months, 2 weeks ago
Cleared Exam 930 was appeared in exam 18/3/2023 A&C
upvoted 5 times
...
ConanBarb
3 months ago
Selected Answer: CD
Sorry y'all AC:s, but you're wrong Correct, according to Microsoft own sample exam questions is: CD Microsoft exam question answers: "a security group that uses the dynamic membership type" "a Microsoft 365 group that uses the dynamic membership type" Corresponds to A. a Microsoft 365 group that uses the Assigned membership type B. a Security group that uses the Assigned membership type x C. a Microsoft 365 group that uses the Dynamic User membership type x D. a Security group that uses the Dynamic User membership type E. a Security group that uses the Dynamic Device membership type "Rationale: Groups that use dynamic membership rules reduce the overhead of access management by providing attribute-based membership and access to resources. Based on membership rules the membership, and resulting access, can be granted and removed automatically." https://learn.microsoft.com/en-us/certifications/resources/az-104-sample-questions
upvoted 4 times
vanr2000
2 months ago
Read the exam example question. They are talking about sharing files, not SharePoint. This is a different question. For SharePoint you need Office 365 groups.
upvoted 1 times
...
...
zellck
4 months ago
Selected Answer: AC
AC is the answer. https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-lifecycle Currently, only one expiration policy can be configured for all Microsoft 365 groups in an Azure AD organization.
upvoted 3 times
...
Hongzu13
4 months, 2 weeks ago
This was on the exam today!
upvoted 6 times
...
fesioche
4 months, 2 weeks ago
Selected Answer: AC
https://learn.microsoft.com/en-us/certifications/resources/az-104-sample-questions
upvoted 1 times
...
wpestan
4 months, 4 weeks ago
Selected Answer: CD
C e D - CORRECT Appear in Sample Exam Questions A. a security group that uses the dynamic membership type B. a Microsoft 365 group that uses the dynamic membership type
upvoted 1 times
wpestan
4 months, 3 weeks ago
The answer is little bit different , we dont have "user" https://learn.microsoft.com/en-us/certifications/resources/az-104-sample-questions
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...