Practice free →
HomeAzure AZ-900cloudcomputingidentitysecurity › Azure role-based access control (RBAC) grants pe…

Azure role-based access control (RBAC) grants permissions by combining three things. Which combination is correct?

AA security principal (user, group, or service principal) + a role definition (set of allowed actions) + a scope (management group, subscription, resource group, or resource)
BA storage SAS token + a private endpoint + a backup vault
CA network IP allowlist + a TLS certificate + a billing tag
DA Conditional Access policy + a sign-in risk score + a passwordless device
Answer & Solution
Correct answer: A. A security principal (user, group, or service principal) + a role definition (set of allowed actions) + a scope (management group, subscription, resource group, or resource)
An Azure RBAC role assignment = (principal, role definition, scope). The other options conflate networking, storage access, and sign-in security with resource permissions.
Solve this in the app — Azure AZ-900 practice & 24k+ MCQs →
Related questions