Tested: Technically you can create access review for Dynamic Device group (no errors/warnings during the creation), however it doesn't work and you will see a hitch "Warning - No access to review" for that access review in the list.

Correct. Dynamic user groups are also supported for Access Reviews

The distribution of votes shows that there is indeed a lack of clarity within the community regarding this question. As discussed, Azure does allow for the creation of access reviews for Dynamic Device groups, but the usage of this feature is not meaningful or functional. Thus the strictly correct answer would indeed be: E. Group1, Group2, Group3, Group4 and Group5 However, if the question is interpreted in terms of which groups can have a functionally meaningful access review, the answer would be: D. Group1, Group2, Group4, and Group5 only Microsoft in their official documentation does not explicitly mention device groups with regards to Access Reviews, which lends more weight to option D being the correct interpretation.

Reading through the below documentations I think suggested answers are wrong. Right answer should be : B: Group 1 & 4 only (which are assigned roles) Global administrators and Privileged Role administrators can create reviews on role-assignable groups. For more information, see Use Azure AD groups to manage role assignments. https://learn.microsoft.com/en-us/azure/active-directory/governance/create-access-review The membership type for role-assignable groups must be Assigned and can't be an Azure AD dynamic group. Automated population of dynamic groups could lead to an unwanted account being added to the group and thus assigned to the role. https://learn.microsoft.com/en-us/azure/active-directory/roles/groups-concept

i dont get the point of creating access review for DYNAMIC group since members or devices are added based on condition......whats the point or use case here

We can create access review to all. Note: we can also create access review to dynamic devices. though no access review can be seen , question is only asking for access review creation not for the actual review.

Selected Answer E

D. Group1, Group2, Group4, and Group5 only

it doesnt make any sense creating access review for dynamica devoices if the revioew cannot be performed or compledted

If you can create an access review for Dynamic Device groups, but can´t actually perform a review, then that´s a uncomplete, useless access review configuration in my book, therfore i think D is the correct answer

I think MSFT assumes that you know what you are doing so if you add access reviews to dynamic devices but won't do anything, why would you do it?

This really depends how you read the question, i go for c as those are only usefull ones

The question is imbecile. The only meaningful answer is B: the assigned groups. Dynamic groups cannot be "auto-remediated" through access reviews.

Group 1 and 4 Dynamic groups will get assigned by will not work

D is correct For the Group 3 - You cannot create access reviews for device groups.

Even you can create access review for device groups, it doesn't work at all.

i hate this sort of questions, nobody knows what is the correct answer, because you can create the review for all of this groups. But it does not make sense because only users can be reviewed in the actual review.