Home › Azure AZ-305 › cloudcomputing › az305identitygov › Which Microsoft Entra ID feature should an archi…
Which Microsoft Entra ID feature should an architect recommend to give engineers JIT, approval-and-MFA-gated activation of privileged roles with full audit?
AMicrosoft Entra Privileged Identity Management (PIM)
BDisabling MFA entirely
CSharing the global admin password during incidents
DLong-lived role assignments with no time window
Answer & Solution
Correct answer: A. Microsoft Entra Privileged Identity Management (PIM)
PIM is Entra's JIT-with-approval-and-audit privileged-access service (per AZ-305 §1 governance). The other options are textbook insecurity.
Related questions
Which Azure governance service should an architect recommend to track and report regulatorWhich Microsoft Entra feature should an architect recommend so external partners (e.g. conWhich Azure feature should an architect recommend so that the same Microsoft Entra workforWhich Microsoft Entra ID feature should an architect recommend for adaptive risk-based autWhich Azure feature should an architect recommend to give an Azure VM or App Service an idWhich Azure governance hierarchy should an architect recommend so that a single Azure PoliWhich Azure governance feature should an architect recommend to enforce constraints acrossWhich Azure service should an architect recommend to centrally store and rotate secrets, c