You have two Microsoft Power Platform environments.
Users in one environment must not be able to see the other environment.
You need to grant salespeople access to the sales company environment.
What should you do?
You have two Microsoft Power Platform environments.
Users in one environment must not be able to see the other environment.
You need to grant salespeople access to the sales company environment.
What should you do?
To grant salespeople access to the sales company environment while ensuring they cannot see the other environment, you should add them to a security role. Security roles in the Power Platform define what data and functionality users can access within a specific environment. By assigning the appropriate security role to the salespeople, you control their permissions and ensure that they can only see and interact with the sales company environment.
Correct
B. Add salespeople to a security role. - By adding salespeople to a specific security role within the sales company environment, you can control their access and permissions within that environment. The security role defines the privileges and restrictions that users have in terms of accessing and manipulating data and functionality within the environment. Adding salespeople to a security role ensures that they have the necessary permissions to perform their job functions within the sales company environment while maintaining the separation and isolation between the two environments, preventing users from one environment from seeing the other. Option A - Adding salespeople to an Office 365 security group - may be useful for managing access to other Office 365 resources but is not specifically tied to controlling access within the Power Platform environments.
You can create an AAD security group team in Power Platform/D365 linked to the security group and assign roles to the team. Any team members added to the security group will inherit those roles
My read on this one is that once a user is in the environment, you can add them to a security role--but just adding a group of users to a security role does not prevent OTHER users from seeing the environment. Adding users to a security group and assigning it to the environment, however, does. From the cited doc: When a security group is associated with an existing environment with users, all users in the environment that are not members of the group will be disabled. The way I read it, adding users to the M365 group DOES immediately prevent anyone who's not in that group from seeing the environment, which is the core goal of the question.
in exam 29/8/2021 choose same answer
on exam 10 Dec 2021. Pass with 870 marks.
Sorry guys I think you're wrong on this one. Environments = SEC ROLE Adding users to some 365 security group may not have anything to do with security on an environment. It's not the way environments are secured. My answer = B Adding users to an environment security role IS a solution.
I had to re-read this. "Group" is the operative word. Answer = A
Just giving back to the community. This appeared on 3/18/2022 exam. Correct answer
A is not the complete answer, but rather the first step of granting salespeople access to the environment. You add them to a security group, then you assign a security role to its members, or to the entire SG. https://learn.microsoft.com/en-us/power-platform/admin/control-user-access
on exam 11/23/21
On exam 11/30/21
On exam July, 23, 2022
Setting up groups on every environment, you can just add/remove users from one group to another and they will get the access automatically
Answer is 'A' as we can control access using the O365 security groups. REF: https://learn.microsoft.com/en-us/power-platform/admin/control-user-access
Was on my exam -8/1/23
I thought it was B at first, but it is 100% A When users are added to the security group, they are added to the environment.
To grant salespeople access to the sales company environment and ensure users from one environment cannot see the other, you should consider using: B. Add salespeople to a security role. Explanation: Add salespeople to a security role (Option B): Security roles in the Power Platform allow you to define sets of permissions for users. By adding salespeople to a specific security role in the sales company environment, you can control their access to data and functionality within that environment. This helps ensure that users in one environment cannot see or access data in the other. Options A, C, and D may not directly address the requirement to restrict visibility between environments:
A is the answer
Add salespeople to a security role.
B. Add salespeople to a security role Security roles in Power Platform define what actions a user can perform and what data they can interact with. By adding the salespeople to a security role that has access to the sales company environment, you can ensure they have the necessary permissions. This method also ensures that users in one environment cannot see the other environment, as security roles are specific to the environment they are created in. Office 365 security groups (Option A) can be used to manage user access at a higher level, they are not environment-specific. Options C and D involve setting privileges and app security, which are components of a security role, but do not directly add users to an environment. Therefore, these options might not fully meet the requirements.
Option A. is not the correct approach in this scenario because Office 365 security groups control access to resources at the broader Office 365 level (like SharePoint sites, Teams, or mailboxes) and do not directly manage access within specific Power Platform environments or apps.
Office 365 Security Group is for M365 resources. within Power Platform you need Security Roles
Correct
on exam Dec 16, 2021
On exam Jan 27, 2022
In exam 28jan 2022
Correct
On exam 20 April 2022.
correct
correct
in exam 29/05/2022
Chose C
Looks Correct. I am not sure why C is wrong though. 50/50 from my side.
the answers here are not all clear, i would vote for A which Seems to be the most Logical, C is not Correct as privileges are attribute of security role
It's A dummies.
If an environment does not have an associated security group, all users with a Dataverse license, will be created as users and enabled in the environment. So in this case I guess Security group was implemented, so inorder that salespeople will be able to get access to the enviroment, I should add them to a security group.
This question was part of the exam in Aug 2022
On Exam Sept 9th, 2022
This question was on Sept 24th Scored 712 Selected: A
The answer at the seminar is D.
To grant salespeople access to the sales company environment and ensure users from one environment cannot see the other, you should consider using: B. Add salespeople to a security role. Explanation: Add salespeople to a security role (Option B): Security roles in the Power Platform allow you to define sets of permissions for users. By adding salespeople to a specific security role in the sales company environment, you can control their access to data and functionality within that environment. This helps ensure that users in one environment cannot see or access data in the other. Options A, C, and D may not directly address the requirement to restrict visibility between environments:
reading the URL
A doesn't appear to be the full solution so I'm thinking the answer is B
Cant be A, 365 is for managing resources. Got to be B.
i think its option B
Add salespeople to an Office 365 security group
You should add people to security groups so they can access the environment, roles is more related for what you can do in the environment
Think of it like this: You are going to a Party (Environment) with a Group of Friends (Security Group), once you enter the Party, you can have a defined Role (Security role) such as DJ, Bartender, Logistic or simply Invited