Practice free →
HomeAzure AZ-900cloudcomputingazurearchitecture › Which Azure access-control mechanism grants perm…

Which Azure access-control mechanism grants permissions by assigning users, groups, or service principals to ROLES on a scope (resource, resource group, subscription, or management group)?

AAzure Conditional Access policies (which only evaluate sign-in risk)
BAzure Storage shared access signatures (SAS tokens)
CAzure role-based access control (RBAC)
DAzure Network Security Groups (NSGs)
Answer & Solution
Correct answer: C. Azure role-based access control (RBAC)
Azure RBAC is the model for granting permissions: a role definition lists allowed actions, and a role assignment binds (principal, role, scope). NSGs are network firewalls. Conditional Access controls sign-in risk evaluation, not resource permissions. SAS tokens are URL-level access grants for storage objects.
Solve this in the app — Azure AZ-900 practice & 24k+ MCQs →
Related questions