Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
You are creating security recommendations for an Azure App Service web app named App1. The specifications for App1 are as follows: Users will request access to App1 through the My Apps portal, and these requests will be approved by a human resources manager. Additionally, users will authenticate using Azure Active Directory (Azure AD) user accounts. Your objective is to recommend an access security architecture for App1. This security architecture should enable Azure AD authentication for App1 and also manage access requests for the application through the My Apps portal. What should you include in your recommendation? Ensure to select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You are creating security recommendations for an Azure App Service web app named App1. The specifications for App1 are as follows: Users will request access to App1 through the My Apps portal, and these requests will be approved by a human resources manager. Additionally, users will authenticate using Azure Active Directory (Azure AD) user accounts. Your objective is to recommend an access security architecture for App1. This security architecture should enable Azure AD authentication for App1 and also manage access requests for the application through the My Apps portal. What should you include in your recommendation? Ensure to select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
To enable Azure AD authentication for App1, you should register the app as an Azure AD application. This allows Azure AD to handle the authentication process. Additionally, to manage access requests through the My Apps portal and have them routed to a human resource manager for approval, you should use an access package in Identity Governance. An access package allows you to bundle resources and manage access requests and approvals, ensuring a secure and streamlined process for granting access to the application.