ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 4 question 92 discussion

Actual exam question from Microsoft's AZ-500
Question #: 92
Topic #: 4
[All AZ-500 Questions]

HOTSPOT
-

You have an Azure subscription that contains a user named User1. User1 is assigned the Reader role for the subscription.

You plan to create a custom role named Role1 and assign Role1 to User1.

You need to ensure that User1 can create and manage application security groups by using Azure portal.

Which two permissions should you add to Role1? To answer, select the appropriate permissions in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by Ajdlfasudfo0 at Jan. 19, 2023, 5:10 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
zellck
Highly Voted 2 years, 1 month ago
1. Microsoft Portal 2. Microsoft Network https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-services-resource-providers
upvoted 12 times
ITFranz
5 months, 1 week ago
This permission allows full control over application security groups, including creation, modification, and deletion. It's important to note that application security groups are used to group virtual machines and define network security policies based on those groups
upvoted 2 times
...
...
Manu1986
Highly Voted 2 years, 3 months ago
You need to have access to microsoft.resources/deployments/validate/action, Microsoft.Network/applicationSecurityGroups/write So, since Microsoft Resources is not listed, at least Network is required. Azure Portal is not required. Tested on my environment.
upvoted 6 times
...
OrangeSG
Most Recent 1 year, 8 months ago
Only need permission of Microsoft.Network. (1) To access Azure portal, User1 must be assigned the Reader role at the subscription level or higher. The Reader role allows users to view resources in Azure, but not modify them. If User1 is not assigned the Reader role, they will not be able to log in to Azure portal. User1 has been assigned the Reader role for the subscription. No further permission is required. (2) To create and manage application security groups by using Azure portal, User1 needs the following two permissions: - Microsoft.Network/applicationSecurityGroups/write - Microsoft.Network/applicationSecurityGroups/delete
upvoted 4 times
pentium75
11 months ago
Does the Reader role automatically include access to the Azure portal, if that is restricted?
upvoted 1 times
...
...
OrangeSG
2 years, 4 months ago
I agree with the given answer.
upvoted 3 times
...
Ajdlfasudfo0
2 years, 5 months ago
I think the answer should be Microsoft Graph and azure Service Management (Microsoft Portal) Microsoft Graph: Take advantage of the tremendous amount of data in Office 365, Enterprise Mobility + Security, and Windows 10. Access Azure AD, Excel, Intune, Outlook/Exchange, OneDrive, OneNote, SharePoint, Planner, and more through a single endpoint. Azure Service Management: Programmatic access to much of the functionality available through the Azure portal
upvoted 1 times
Fal991l
2 years, 4 months ago
"create and manage application security groups by using Azure portal" only. I didn't see any necessity yet.
upvoted 3 times
majstor86
2 years, 3 months ago
I agree. Azure portal only
upvoted 2 times
majstor86
2 years, 3 months ago
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/tutorial-manage-access-security
upvoted 2 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel