ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-104 All Questions

View all questions & answers for the AZ-104 exam
Go to Exam

Exam AZ-104 topic 2 question 3 discussion

Actual exam question from Microsoft's AZ-104
Question #: 3
Topic #: 2
[All AZ-104 Questions]

You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1.
You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days.
Which two groups should you create? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. a Microsoft 365 group that uses the Assigned membership type
  • B. a Security group that uses the Assigned membership type
  • C. a Microsoft 365 group that uses the Dynamic User membership type
  • D. a Security group that uses the Dynamic User membership type
  • E. a Security group that uses the Dynamic Device membership type
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
by juniorccs at May 19, 2022, 10:17 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kennynelcon
Highly Voted 3 years, 1 month ago
Selected Answer: AC
Correct Answer: A and C Only O365 groups support automatic deletion after 180 days.
upvoted 61 times
jackdryan
2 years, 4 months ago
A and C are correct
upvoted 7 times
ConanBarb
9 months, 2 weeks ago
Sorry y'all AC:s, but you're wrong Correct, according to Microsoft own sample exam questions is: CD Microsoft exam question answers: "a security group that uses the dynamic membership type" "a Microsoft 365 group that uses the dynamic membership type" Corresponds to A. a Microsoft 365 group that uses the Assigned membership type B. a Security group that uses the Assigned membership type x C. a Microsoft 365 group that uses the Dynamic User membership type x D. a Security group that uses the Dynamic User membership type E. a Security group that uses the Dynamic Device membership type "Rationale: Groups that use dynamic membership rules reduce the overhead of access management by providing attribute-based membership and access to resources. Based on membership rules the membership, and resulting access, can be granted and removed automatically." https://learn.microsoft.com/en-us/certifications/resources/az-104-sample-questions
upvoted 9 times
MrBlueSky
2 years, 4 months ago
This is a different question. The reason why A and C is correct is because the answer specifies that the group needs automatic deletion and that's only supported by Microsoft 365 groups.
upvoted 30 times
...
...
...
...
Lazylinux
Highly Voted 3 years ago
i Agree A&C Security groups are used to give group members access to applications, resources and assign licenses. Group members can be users, devices, service principals, and other groups. Microsoft 365 groups are used for collaboration, giving members access to a shared mailbox, calendar, files, SharePoint site, and so on. Group members can only be users. With the increase in usage of Microsoft 365 groups and Microsoft Teams, administrators and users need a way to clean up unused groups and teams. A Microsoft 365 groups expiration policy can help remove inactive groups from the system and make things cleaner. When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, team, etc.) are also deleted. When a group expires it is "soft-deleted" which means it can still be recovered for up to 30 days.
upvoted 18 times
Afsan
2 years, 6 months ago
Thanks
upvoted 1 times
...
...
4f45fce
Most Recent 2 months, 3 weeks ago
Selected Answer: AB
ChatGPT says that A and C are both related to SharePoint access, but only A supports automatic expiration, which is the key part of your question. So A, B is correct
upvoted 2 times
...
Bhuru
5 months, 1 week ago
Selected Answer: AC
Security groups do not support expiration policies, it is only supported by Microsoft 365 groups, so A and C are correct.
upvoted 2 times
...
RealmTarget
7 months ago
Selected Answer: AC
A & C are correct. Expiration policies only valid for Microsoft 365 groups. https://learn.microsoft.com/en-us/entra/identity/users/groups-lifecycle
upvoted 2 times
...
Mark74
7 months ago
Selected Answer: AC
A and C for me is correct
upvoted 1 times
...
Dankho
8 months, 2 weeks ago
Selected Answer: AC
Both related to SharePoint, others are not.
upvoted 3 times
...
FredFrom
8 months, 3 weeks ago
Selected Answer: AC
To meet the requirement of granting access to a SharePoint document library and ensuring that the groups are automatically deleted after 180 days, the solution should use Microsoft 365 groups with expiration policies. Security groups do not have built-in expiration policies. Correct Answers: A. a Microsoft 365 group that uses the Assigned membership type C. a Microsoft 365 group that uses the Dynamic User membership type
upvoted 1 times
...
Xpinguser
8 months, 3 weeks ago
Selected Answer: AE
Here's why: Microsoft 365 Group (Assigned Membership): This option allows you to directly add User1, User2, and User3 to the group. Microsoft 365 groups are inherently linked to SharePoint sites, making it a good fit for document library access. Security Group (Dynamic Device Membership - with limitations): While less conventional, this approach can work with some limitations. You can create a security group and configure dynamic membership based on a specific device property. However, this requires assigning a unique device to each user (User1, User2, User3) and setting the dynamic membership rule to include those specific devices. This can be cumbersome and not ideal for large numbers of users.
upvoted 1 times
...
Chuong0810
9 months, 1 week ago
Selected Answer: AB
For this scenario, the most appropriate choices are: A & B Both options allow you to manually assign users (User1, User2, and User3) to the group and set an expiration policy to ensure the groups are deleted automatically after 180 days. A is widely used for collaboration purposes and integrates well with Microsoft 365 services like SharePoint. B is more general-purpose but can be used similarly for managing access.
upvoted 2 times
...
stanislaus450
9 months, 2 weeks ago
Selected Answer: AD
Anwser: A & D To grant access to the temporary Microsoft SharePoint document library named Library1 for the users User1, User2, and User3, you should create the following groups: Microsoft 365 A Microsoft 365 group that uses the Assigned membership type: This group allows you to explicitly assign members and manage their access. You can add User1, User2, and User3 to this group, granting them access to Library1. After 180 days, you can delete this group to ensure automatic cleanup. A Security group that uses the Dynamic User membership type: This type of group dynamically adds or removes members based on specified criteria (such as user attributes or roles). You can configure this group to automatically include User1, User2, and User3 based on their attributes or roles. After 180 days, the group will no longer include these users, achieving the desired automatic deletion.
upvoted 2 times
...
Josh219
9 months, 2 weeks ago
As of now, Azure AD does not offer an expiration policy feature for security groups. The expiration policy feature is specifically available for Microsoft 365 groups. If you need to manage the lifecycle of security groups, you might consider implementing manual processes or using automation scripts with Azure AD PowerShell or Microsoft Graph API to periodically review and clean up unused groups. So, correct is A & C
upvoted 2 times
...
Nico1973
11 months, 4 weeks ago
Answer: C and D To grant User1, User2, and User3 access to the temporary Microsoft SharePoint document library named Library1 and ensure that the groups are automatically deleted after 180 days, you should create the following two groups: • A Microsoft 365 group that uses the Dynamic User membership type • A Security group that uses the Dynamic User membership type
upvoted 1 times
...
justjeroen
1 year, 1 month ago
The question states: Which 2 groups SHOULD you create? Why Should i create 2groups in the first place? Why is 1 group not enough?
upvoted 1 times
rhv9
8 months, 2 weeks ago
there are two different tenants
upvoted 1 times
...
...
Hommedollars
1 year, 1 month ago
Selected Answer: AC
To meet the requirements of granting access to a temporary Microsoft SharePoint document library and ensuring that the groups are deleted automatically after 180 days, you need to create groups that support expiration policies. This functionality is supported by Microsoft 365 groups but not by security groups. Therefore, the correct answers are: A. A Microsoft 365 group that uses the Assigned membership type C. A Microsoft 365 group that uses the Dynamic User membership type These choices ensure that: The groups are part of Microsoft 365, which supports group expiration policies. The groups can be configured to automatically delete after 180 days. Security groups do not support the automatic deletion feature based on expiration policies, making options B, D, and E incorrect for this scenario.
upvoted 2 times
...
Malkymagic
1 year, 1 month ago
Why A and C? Why not just A? Is it something to do with the SPO library needs created with a group (365-Outlook) and then another 365 group for the users? So confused.
upvoted 3 times
Stunomatic
8 months, 3 weeks ago
because each answer provide a complete solution.
upvoted 1 times
...
...
Amir1909
1 year, 4 months ago
Correct
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel