Agreed, PIM is essentially enabled by default in a new tenant with azurep2, an assigned admin should be able to start on it without intervention by the global admin. Not sure what the phone number is referenced for, red herring? MFA?
https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-started
When a user who is active in a privileged role in an Azure AD organization with a Premium P2 license goes to Roles and administrators in Azure AD and selects a role (or even just visits Privileged Identity Management):
We automatically enable PIM for the organization
Their experience is now that they can either assign a "regular" role assignment or an eligible role assignment
When PIM is enabled it doesn't have any other effect on your organization that you need to worry about. It gives you additional assignment options such as active vs eligible with start and end time. PIM also enables you to define scope for role assignments using Administrative Units and custom roles. If you are a Global Administrator or Privileged Role Administrator, you might start getting a few additional emails like the PIM weekly digest. You might also see MS-PIM service principal in the audit log related to role assignment. This is an expected change that should have no effect on your workflow.
D is the answer:
note: You must have the Global Administrator or Privileged Role Administrator role , and in the choices you have "Privileged Administrator Role " which is not exist
The catch here is that there is no role called "Privileged administrator" so D: global administrator has to be the answer. There is a role called "Privileged Role Administrator" which would be a better choice but it is not an option in this question
Description: Users with this role can manage role assignments in Azure Active Directory, as well as within Azure AD Privileged Identity Management. In addition, this role allows management of all aspects of Privileged Identity Management.
Check below link and it's "rights needed" section to find the correct answer.
If you need to enable and configure PIM, Privileged Administrator role is needed.
Global admin is sufficient to enable PIM, but not to configure anything there, hence A should be correct answer.
(https://www.vansurksum.com/2020/03/25/lessons-learned-while-implementing-azure-ad-privileged-identity-management-pim/#Rights-needed)
why not A ? In addition, this role allows management of all aspects of Privileged Identity Management and administrative units. https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#privileged-role-administrator
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.MS-500 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
pete26
Highly Voted 2 years, 9 months agoAWpkl
2 years, 5 months agoiknowit
Highly Voted 2 years, 9 months agoapyasir
Most Recent 2 years agoKodoi
2 years agodadmundur
2 years, 1 month agomichaukotlowski
2 years, 2 months agoVJO
2 years, 7 months agogiver
2 years, 7 months agoTimmyMAZ
2 years, 9 months agoSekoume
2 years, 9 months ago