Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-100 Exam - Topic 6 Question 36 Discussion

Actual exam question for Microsoft's SC-100 exam
Question #: 36
Topic #: 6
[All SC-100 Questions]

You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1 and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by using Microsoft Intune.

You are designing a privileged access strategy based on the rapid modernization plan (RaMP). The strategy will include the following configurations:

* Each user in Group1 will be assigned a Windows 11 device that will be configured as a privileged access device.

* The Security Administrator role will be mapped to the privileged access security level.

* The users in Group1 will be assigned the Security Administrator role.

* The users in Group2 will manage the privileged access devices.

You need to configure the local Administrators group for each privileged access device. The solution must follow the principle of least privilege.

What should you include in the solution?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Marjory at Mar 06, 2024, 09:22 AM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Irene
4 months ago
I think adding both groups is overkill. Just Group2 makes sense.
upvoted 0 times
...
Jerry
4 months ago
LAPS is a must for password management, right?
upvoted 0 times
...
Corrie
4 months ago
Wait, are we sure about adding Security Admins too? Seems risky.
upvoted 0 times
...
Amie
4 months ago
Totally agree, that keeps it simple!
upvoted 0 times
...
Whitley
5 months ago
Only Group2 should be in the local Administrators group.
upvoted 0 times
...
Solange
5 months ago
I think the best approach is to add Group2 and also include the Security Administrator role users to ensure they have the access they need for their tasks.
upvoted 0 times
...
Louisa
5 months ago
I vaguely recall something about Windows LAPS and its importance for managing local admin passwords. Could that be relevant here?
upvoted 0 times
...
Huey
5 months ago
I'm not entirely sure, but I think we practiced a similar question where we had to manage local admin rights. I feel like adding both Group2 and the Security Administrator role users might be too much.
upvoted 0 times
...
Delmy
5 months ago
I remember we discussed the principle of least privilege in class, and I think only adding Group2 to the local Administrators group makes the most sense.
upvoted 0 times
...
Mona
5 months ago
I feel pretty confident about this one. The solution is to go with option C, which seems to follow the principle of least privilege by only granting the necessary permissions to the relevant groups and users.
upvoted 0 times
...
Iluminada
5 months ago
Okay, I've got this. The key is to add Group2 to the local Administrators group, since they will be managing the privileged access devices. And I'll also need to add the Security Administrator user to the local Administrators group of their assigned device.
upvoted 0 times
...
Kimbery
5 months ago
This seems like a tricky question, but I think I have a good strategy. I'll need to carefully consider the principle of least privilege and how to properly configure the local Administrators group.
upvoted 0 times
...
Thea
6 months ago
I'm a bit confused by the requirements here. It's not entirely clear to me how the different groups and roles should be set up. I'll need to review the details closely.
upvoted 0 times
...
Jordan
6 months ago
Hmm, I'm a bit confused on this one. I know Vlocity Context Rules have different components, but I can't recall where the initialization policy is defined. I'll have to think this through.
upvoted 0 times
...
Breana
6 months ago
I kind of remember a question about performance and whether virtual machines actually enhance it. I'm not totally sure if that's the case or not.
upvoted 0 times
...
Claribel
6 months ago
I'm not totally sure about this one. There are a lot of details to keep track of. I think I'll start by setting the Total Terms field to 20 and the entitlement channel to Email, per option B. Then I'll see if I need to add anything else based on the premium phone service requirement.
upvoted 0 times
...
Celestina
2 years ago
That makes sense, Freida. We need to ensure the Security Administrator has access.
upvoted 0 times
...
Freida
2 years ago
But shouldn't we also add the Security Administrator user to the local Administrators group?
upvoted 0 times
...
France
2 years ago
I agree with Celestina. Group2 should definitely have access.
upvoted 0 times
...
Celestina
2 years ago
I think we should include Group2 in the local Administrators group.
upvoted 0 times
...
Cherelle
2 years ago
Hmm, I don't know. Option B with the Windows LAPS emulation mode sounds interesting. That could be a way to manage the local admin passwords without having to directly add users to the local Administrators group. Might be worth considering.
upvoted 0 times
...
Golda
2 years ago
Yeah, I'm with you guys on that one. Option C covers all the bases - it gives Group2 the necessary access to manage the devices, while also giving the Security Administrators the privileges they need on their assigned devices. Plus, it adheres to the principle of least privilege, which is key.
upvoted 0 times
...
Mirta
2 years ago
I agree, option C seems to be the most comprehensive solution. Adding Group2 to the local Administrators group makes sense, as they'll be managing the privileged access devices. And adding the user with the Security Administrator role to their assigned device's local Administrators group is also a good call.
upvoted 0 times
...
Vanda
2 years ago
Hmm, this question seems a bit tricky. We need to configure the local Administrators group for the privileged access devices, while following the principle of least privilege. I'm thinking option C might be the way to go here.
upvoted 0 times
Carmen
2 years ago
Option C is definitely the most secure choice for configuring the local Administrators group for the privileged access devices.
upvoted 0 times
...
Dulce
2 years ago
Absolutely. The security of privileged access devices is crucial in any modernization plan.
upvoted 0 times
...
Yvonne
2 years ago
It's important to carefully consider access controls when designing a privileged access strategy.
upvoted 0 times
...
Barrett
2 years ago
That's right. Option C covers all the necessary configurations while following the principle of least privilege.
upvoted 0 times
...
Valentine
2 years ago
We should always aim for least privilege to reduce the risk of unauthorized access.
upvoted 0 times
...
Leeann
2 years ago
Agreed. Adding Group2 to the local Administrators group and including the user assigned the Security Administrator role sounds like a good plan.
upvoted 0 times
...
Julio
2 years ago
Option C seems like the best choice for ensuring least privilege.
upvoted 0 times
...
...

Save Cancel