Exam SC-100 topic 1 question 9 discussion

I would go for: a) Azure AD application (https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-application-management) b) An access package in identity governance (https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-access-package-create)

Answer is incorrect Box 1 is the Azure AD Application https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app Box 2 is Access Package in Identity Governance https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-access-package-create

Yes, Box 2 is Access Package for me too. I was wondering about Access Review. Access Reviews are used to re-view: Stale account or Periodic requests Access Pagackes are used for requesting access and grouping packages for roles and partners. The Package can be based used with a workflow to contain stages for approval. https://learn.microsoft.com/en-us/entra/id-governance/entitlement-management-access-package-create In Identity Governance, start the process to create an access package. Select the catalog where you want to put the access package and ensure that it has the necessary resources. Add resource roles from resources in the catalog to your access package. Specify an initial policy for users who can request access. Specify approval settings and lifecycle settings in that policy.

Azure AD Application Registration & An access package

On Exam 8 Apr. 2024 scored 764 Answered Azure AD application Registration (updated answer) and Access package in Identity governance

Selected answer: Azure AD application REGISTRATION and Access package in Identity governance, In exam Nov 23

a) Azure AD application (https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-application-management) b) An access package in identity governance (https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-access-package-create)

Box1: Azure AD application Box2: An access review in Identity Governance

got this in exam 6oct23. passed with 896 marks. I answered AZURE AD APP REGISTRATION AN ACCESS PACKAGE IN IDENTITY GOVERNANCE

Box1: Azure AD application Box2: An access review in Identity Governance You can find explanation here: https://www.youtube.com/playlist?list=PLQ2ktTy9rklhzzkSEZvDZT4QSIVUQZD-Y

Agree ans is AA

Azure AD Application and Access Package in Identity Governance are the correct answers.

1. Azure AD application 2. Access package in Identity Governance https://learn.microsoft.com/en-us/azure/app-service/configure-authentication-provider-aad https://learn.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview#what-are-access-packages-and-what-resources-can-i-manage-with-them Entitlement management introduces the concept of an access package. An access package is a bundle of all the resources with the access a user needs to work on a project or perform their task. Access packages are used to govern access for your internal employees, and also users outside your organization.

Box one is self explanatory with AAD App, and box two is Access Package in Identity Governance. The giveaway was "Users will request access to App1 through the My Apps portal" https://learn.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-scenarios#access-package-manager-allow-employees-in-your-organization-to-request-access-to-resources

To enable Azure AD authentication for App1, use Azure AD application To implement access requests for App1, use an access package in identity governance To enable Azure AD authentication for App1 and provide access security, the recommended solution is to use an Azure AD application. You should create an Azure AD application, configure the necessary permissions, and assign users and groups to the application. An access package in identity governance should be used to implement access requests for App1. Identity Governance provides access packages that allow users to request access to specific applications, groups, or roles. The request is routed to the appropriate approver, who can either approve or reject the request. Access packages can be created, managed, and assigned in the Azure portal, and can be customized to include specific access policies and permissions. This provides a streamlined and secure way to manage access to App1, ensuring that only authorized users can access sensitive data or resources.

If you really delve deep, its a sneaky question. As it states your app is running in the Azure App Service, and if you read about it, you can configure AAD as the identity provider here inside the resource group: https://learn.microsoft.com/en-us/azure/app-service/scenario-secure-app-authentication-app-service-as-user So you don't need to touch 'Azure AD application' settings at all. The app gets registered by default when following the steps above.

Azure AD Application https://learn.microsoft.com/en-us/azure/active-directory/develop/authentication-flows-app-scenarios An access package in Identity Governance https://learn.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-access-package-create#requests