Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam AZ-104 All Questions

View all questions & answers for the AZ-104 exam

Exam AZ-104 topic 2 question 3 discussion

Actual exam question from Microsoft's AZ-104
Question #: 3
Topic #: 2
[All AZ-104 Questions]

You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1.
You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days.
Which two groups should you create? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. a Microsoft 365 group that uses the Assigned membership type
  • B. a Security group that uses the Assigned membership type
  • C. a Microsoft 365 group that uses the Dynamic User membership type
  • D. a Security group that uses the Dynamic User membership type
  • E. a Security group that uses the Dynamic Device membership type
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
kennynelcon
Highly Voted 2 years, 4 months ago
Selected Answer: AC
Correct Answer: A and C Only O365 groups support automatic deletion after 180 days.
upvoted 52 times
jackdryan
1 year, 7 months ago
A and C are correct
upvoted 5 times
ConanBarb
3 weeks, 3 days ago
Sorry y'all AC:s, but you're wrong Correct, according to Microsoft own sample exam questions is: CD Microsoft exam question answers: "a security group that uses the dynamic membership type" "a Microsoft 365 group that uses the dynamic membership type" Corresponds to A. a Microsoft 365 group that uses the Assigned membership type B. a Security group that uses the Assigned membership type x C. a Microsoft 365 group that uses the Dynamic User membership type x D. a Security group that uses the Dynamic User membership type E. a Security group that uses the Dynamic Device membership type "Rationale: Groups that use dynamic membership rules reduce the overhead of access management by providing attribute-based membership and access to resources. Based on membership rules the membership, and resulting access, can be granted and removed automatically." https://learn.microsoft.com/en-us/certifications/resources/az-104-sample-questions
upvoted 7 times
MrBlueSky
1 year, 7 months ago
This is a different question. The reason why A and C is correct is because the answer specifies that the group needs automatic deletion and that's only supported by Microsoft 365 groups.
upvoted 23 times
...
...
...
...
Lazylinux
Highly Voted 2 years, 4 months ago
i Agree A&C Security groups are used to give group members access to applications, resources and assign licenses. Group members can be users, devices, service principals, and other groups. Microsoft 365 groups are used for collaboration, giving members access to a shared mailbox, calendar, files, SharePoint site, and so on. Group members can only be users. With the increase in usage of Microsoft 365 groups and Microsoft Teams, administrators and users need a way to clean up unused groups and teams. A Microsoft 365 groups expiration policy can help remove inactive groups from the system and make things cleaner. When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, team, etc.) are also deleted. When a group expires it is "soft-deleted" which means it can still be recovered for up to 30 days.
upvoted 12 times
Afsan
1 year, 9 months ago
Thanks
upvoted 1 times
...
...
Xpinguser
Most Recent 5 hours, 40 minutes ago
Selected Answer: AE
Here's why: Microsoft 365 Group (Assigned Membership): This option allows you to directly add User1, User2, and User3 to the group. Microsoft 365 groups are inherently linked to SharePoint sites, making it a good fit for document library access. Security Group (Dynamic Device Membership - with limitations): While less conventional, this approach can work with some limitations. You can create a security group and configure dynamic membership based on a specific device property. However, this requires assigning a unique device to each user (User1, User2, User3) and setting the dynamic membership rule to include those specific devices. This can be cumbersome and not ideal for large numbers of users.
upvoted 1 times
...
Chuong0810
1 week, 6 days ago
Selected Answer: AB
For this scenario, the most appropriate choices are: A & B Both options allow you to manually assign users (User1, User2, and User3) to the group and set an expiration policy to ensure the groups are deleted automatically after 180 days. A is widely used for collaboration purposes and integrates well with Microsoft 365 services like SharePoint. B is more general-purpose but can be used similarly for managing access.
upvoted 1 times
...
stanislaus450
3 weeks, 3 days ago
Selected Answer: AD
Anwser: A & D To grant access to the temporary Microsoft SharePoint document library named Library1 for the users User1, User2, and User3, you should create the following groups: Microsoft 365 A Microsoft 365 group that uses the Assigned membership type: This group allows you to explicitly assign members and manage their access. You can add User1, User2, and User3 to this group, granting them access to Library1. After 180 days, you can delete this group to ensure automatic cleanup. A Security group that uses the Dynamic User membership type: This type of group dynamically adds or removes members based on specified criteria (such as user attributes or roles). You can configure this group to automatically include User1, User2, and User3 based on their attributes or roles. After 180 days, the group will no longer include these users, achieving the desired automatic deletion.
upvoted 1 times
...
Josh219
3 weeks, 3 days ago
As of now, Azure AD does not offer an expiration policy feature for security groups. The expiration policy feature is specifically available for Microsoft 365 groups. If you need to manage the lifecycle of security groups, you might consider implementing manual processes or using automation scripts with Azure AD PowerShell or Microsoft Graph API to periodically review and clean up unused groups. So, correct is A & C
upvoted 2 times
...
SeMo0o0o0o
1 month, 1 week ago
Selected Answer: AC
A & C are correct
upvoted 1 times
...
Nico1973
3 months ago
Answer: C and D To grant User1, User2, and User3 access to the temporary Microsoft SharePoint document library named Library1 and ensure that the groups are automatically deleted after 180 days, you should create the following two groups: • A Microsoft 365 group that uses the Dynamic User membership type • A Security group that uses the Dynamic User membership type
upvoted 1 times
...
justjeroen
4 months, 2 weeks ago
The question states: Which 2 groups SHOULD you create? Why Should i create 2groups in the first place? Why is 1 group not enough?
upvoted 1 times
...
Hommedollars
4 months, 3 weeks ago
Selected Answer: AC
To meet the requirements of granting access to a temporary Microsoft SharePoint document library and ensuring that the groups are deleted automatically after 180 days, you need to create groups that support expiration policies. This functionality is supported by Microsoft 365 groups but not by security groups. Therefore, the correct answers are: A. A Microsoft 365 group that uses the Assigned membership type C. A Microsoft 365 group that uses the Dynamic User membership type These choices ensure that: The groups are part of Microsoft 365, which supports group expiration policies. The groups can be configured to automatically delete after 180 days. Security groups do not support the automatic deletion feature based on expiration policies, making options B, D, and E incorrect for this scenario.
upvoted 2 times
...
Malkymagic
4 months, 3 weeks ago
Why A and C? Why not just A? Is it something to do with the SPO library needs created with a group (365-Outlook) and then another 365 group for the users? So confused.
upvoted 3 times
...
Amir1909
8 months ago
Correct
upvoted 1 times
...
reggina
9 months, 1 week ago
365 Groups don't "ensure" deletion https://learn.microsoft.com/en-us/entra/identity/users/groups-lifecycle "Groups with user activities are automatically renewed as the expiration nears." I don't get it
upvoted 1 times
suddin1
4 months, 4 weeks ago
now I'm confused about the answer
upvoted 1 times
...
...
mihir25
11 months, 2 weeks ago
Selected Answer: AC
I've done practical both 365 group will work no security group support this
upvoted 1 times
...
fiahbone
1 year, 1 month ago
Selected Answer: AC
O365 groups required for the automatic deletion
upvoted 2 times
...
LemonVine
1 year, 2 months ago
ChatGPt said, answer is A and D Based on the information I found, the two groups that you should create to grant access to Library1 and ensure that the groups are deleted automatically after 180 days are: A Microsoft 365 group that uses the Dynamic User membership type A security group that uses the Dynamic User membership type These two types of groups allow you to set an expiration policy for them in Azure Active Directory (Azure AD), which will delete the groups and their associated resources after a specified period of inactivity1. You can also configure the groups to have dynamic membership, which means that the group members are added or removed automatically based on user attributes such as department, location, title, etc2. This way, you can ensure that only the relevant users have access to Library1.
upvoted 1 times
ajdann
1 year, 1 month ago
ChatGPT will provide mostly inaccurate information, especially when you need to find out something specific.
upvoted 3 times
...
...
Mehedi007
1 year, 2 months ago
Selected Answer: AC
"You can set expiration policy only for Microsoft 365 groups in Azure Active Directory (Azure AD), part of Microsoft Entra." Ref: https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-lifecycle
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...