Home › Azure AZ-305 › cloudcomputing › az305identitygov › Which Azure governance hierarchy should an archi…
Which Azure governance hierarchy should an architect recommend so that a single Azure Policy definition can apply across many subscriptions for an entire business unit?
AAzure Bastion
BAzure DNS
CPer-subscription manual copies of policies
DManagement groups (organise subscriptions in a tree; policies assigned at MG scope flow down)
Answer & Solution
Correct answer: D. Management groups (organise subscriptions in a tree; policies assigned at MG scope flow down)
Management groups + policy inheritance is Azure's canonical multi-sub governance (per AZ-305 §1 governance hierarchy). The other options don't scale.
Related questions
Which Azure governance service should an architect recommend to track and report regulatorWhich Microsoft Entra feature should an architect recommend so external partners (e.g. conWhich Azure feature should an architect recommend so that the same Microsoft Entra workforWhich Microsoft Entra ID feature should an architect recommend for adaptive risk-based autWhich Azure feature should an architect recommend to give an Azure VM or App Service an idWhich Azure governance feature should an architect recommend to enforce constraints acrossWhich Azure service should an architect recommend to centrally store and rotate secrets, cWhich Microsoft Entra ID feature should an architect recommend to give engineers JIT, appr