Which of the following best describes the difference between an Azure AD Security Group and an Office 365 Group?
Think about what collaboration tools Office 365 Groups offer compared to Security Groups.
Security Groups are primarily for access management to resources. Office 365 Groups include collaboration tools like shared mailboxes, calendars, and files.
You want to add a user with object ID 1234-5678-9012 to a group with object ID abcd-efgh-ijkl using Azure CLI. Which command will do this correctly?
Check the Azure CLI command syntax for adding members to groups.
The correct Azure CLI command to add a member to an Azure AD group is az ad group add-member with the --group and --member-id parameters.
You manage multiple applications in Azure that require different access levels. You want to use Azure AD groups to simplify access management. Which design approach is best?
Think about how to manage access efficiently and securely for multiple apps.
Creating separate groups per application allows precise access control and easier management. Assigning groups to application roles follows best practices.
Which Azure AD group membership practice helps prevent accidental privilege escalation?
Consider how group nesting and auditing affect security.
Nested groups can hide permissions, so use them carefully. Regular audits help detect unwanted access and prevent privilege escalation.
After adding a user to a new Azure AD group that grants access to a resource, when will the userβs access token reflect this new group membership?
Think about how tokens are issued and refreshed in Azure AD.
Access tokens are issued at sign-in and do not update dynamically. The user must sign out and sign back in to receive a token with updated group claims.