New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-500 Exam - Topic 2 Question 17 Discussion

Actual exam question for Microsoft's AZ-500 exam
Question #: 17
Topic #: 2
[All AZ-500 Questions]

You have an Azure Active Directory (Azure AD) tenant and a root management group.

You create 10 Azure subscriptions and add the subscriptions to the rout management group.

You need to create an Azure Blueprints definition that will be stored in the root management group.

What should you do first?

Show Suggested Answer Hide Answer
Suggested Answer: B

https://docs.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin

by Lucy at May 05, 2022, 01:53 PM

Limited Time Offer

25%

Off

Get Premium AZ-500 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Alfred
4 months ago
A seems right, but I’m not 100% sure.
upvoted 0 times
...
Annabelle
4 months ago
Wait, can you really create a blueprint without a policy?
upvoted 0 times
...
Lovetta
4 months ago
I think modifying RBAC is more important first.
upvoted 0 times
...
Fletcher
5 months ago
Totally agree, A is the way to go!
upvoted 0 times
...
King
5 months ago
You need to set up an Azure Policy first.
upvoted 0 times
...
Lemuel
5 months ago
I feel like creating a service principal might be part of the process, but I don't remember if it's the very first step.
upvoted 0 times
...
Verona
5 months ago
Creating a user-assigned identity seems like it could be relevant, but I can't recall if it's essential for starting the blueprint process.
upvoted 0 times
...
Lera
5 months ago
I remember a practice question where we had to set up RBAC for a management group. Maybe modifying the role assignments is the first thing to do?
upvoted 0 times
...
Noah
5 months ago
I think the first step might be to add an Azure Policy definition, but I'm not entirely sure if that's necessary right away.
upvoted 0 times
...
Dalene
5 months ago
Okay, I think I've got this. The Policy Verification landing page is used to test if a user's channel-specific password meets the defined property requirements, as stated in option C. That makes sense for verifying security settings.
upvoted 0 times
...
Gail
5 months ago
I think the minimum permissions might include 'List Folder/Read Data', but I'm not entirely sure about the others.
upvoted 0 times
...
Daniel
5 months ago
This is a good one. I like the idea of the Trusted Subsystem pattern in the last option. That seems like a smart way to handle the compatibility between the SAML tokens issued by the different authentication brokers. I'll make sure to consider that as a potential solution.
upvoted 0 times
...
Merilyn
5 months ago
The difference in formats sounds familiar; I wonder if option C is correct since it talks about how registry records depend on the specific product.
upvoted 0 times
...

Save Cancel