New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-204 Exam - Topic 3 Question 33 Discussion

Actual exam question for Microsoft's AZ-204 exam
Question #: 33
Topic #: 3
[All AZ-204 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.

You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level. You need to configure authorization.

Solution: Configure the Azure Web App for the website to allow only authenticated requests and require Azure AD log on.

Does the solution meet the goal?

Show Suggested Answer Hide Answer
Suggested Answer: B

Instead in the Azure AD application's manifest, set value of the groupMembershipClaims option to All.

References:

https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad-groups/


by Cordelia at May 05, 2022, 06:32 AM

Limited Time Offer

25%

Off

Get Premium AZ-204 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Lauran
4 months ago
Not sure this alone meets the goal.
upvoted 0 times
...
Erinn
4 months ago
Yeah, it should work if groups are set up right.
upvoted 0 times
...
Sherron
4 months ago
Wait, does that really cover all permission levels?
upvoted 0 times
...
Vanna
5 months ago
I think it needs more than just authentication.
upvoted 0 times
...
Lindsey
5 months ago
Sounds like a solid plan!
upvoted 0 times
...
Adria
5 months ago
I’m a bit confused. I thought requiring Azure AD log on would cover the permissions too, but maybe we need to configure something specific for the roles?
upvoted 0 times
...
Tori
5 months ago
I remember discussing how just authenticating users doesn't automatically assign them the correct permissions based on their group. I’m leaning towards "No" for this one.
upvoted 0 times
...
Yoko
5 months ago
This reminds me of a practice question where we had to set up role-based access control. I feel like we might need to do more than just require Azure AD log on.
upvoted 0 times
...
Lemuel
5 months ago
I think allowing only authenticated requests is a good start, but I'm not sure if it fully addresses the need for group-based permissions.
upvoted 0 times
...
Bettyann
5 months ago
Okay, let me think this through. The key here is that a DDoS attack involves multiple, dispersed attackers, so tracing back the source would be really challenging. I'm leaning towards C or D.
upvoted 0 times
...
Arlette
5 months ago
Alright, this seems pretty straightforward. I'll just need to double-check that the virtual-guest profile is actually being used after the reboot.
upvoted 0 times
...

Save Cancel