Examice

Exam AZ-500 All QuestionsBrowse all questions from this exam

Go to Exam

Question 77

You have an Azure subscription.

You configure the subscription to use a different Azure Active Directory (Azure AD) tenant.

What are two possible effects of the change? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Role assignments at the subscription level are lost.

Virtual machine managed identities are lost.

Virtual machine disk snapshots are lost.

Existing Azure resources are deleted.

Correct Answer: A, B

When you configure an Azure subscription to use a different Azure Active Directory (Azure AD) tenant, it results in the loss of specific configurations related to the original tenant. Firstly, role assignments at the subscription level, which are associated with the Azure AD users, will be lost as these assignments are based on the identities in the original Azure AD tenant. Secondly, virtual machine managed identities are tied to the specific Azure AD tenant, thus changing the tenant will invalidate these managed identities, necessitating their reconfiguration. Existing resources like virtual machine disk snapshots and Azure resources themselves will not be deleted as they are not directly related to the Azure AD tenant.

Discussion

Exam_Master_MeOptions: AB

Review the following list of changes that will occur after you associate or add your subscription, and how you might be affected: Users that have been assigned roles using RBAC will lose their access Service Administrator and Co-Administrators will lose access If you have any key vaults, they'll be inaccessible and you'll have to fix them after association If you have any managed identities for resources such as Virtual Machines or Logic Apps, you must re-enable or recreate them after the association If you have a registered Azure Stack, you'll have to re-register it after association https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-subscriptions-associated-directory

tutaOptions: AB

tested - AB

teehexOptions: AB

A and B are correct answers. When you change to a different Azure AD tenant your user identities are changed to. This basically mean the role assignment assigned to those identities are no longer valid. When you enable a system-assigned managed identity an identity is created in Azure AD that is tied to the lifecycle of that service instance. So if you change to different Azure AD such an identity is no longer valid. https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview#managed-identity-types

us3rOptions: AB

captain obvious

AS179Options: AB

Correct

francis6170Options: AB

Got this in the AZ-500 exam (Sept 2021)! A: A&B

EltoothOptions: AB

A & B are correct.

kumax

On exam, May 2021.

JohnYinTorontoOptions: AB

Answer correct. AB

LDodgeOptions: AB

Correct

Jco

#exam question # 29 Sep

SandroAndrade

Correct Answer

workhard

This is a more updated documentation https://learn.microsoft.com/en-us/azure/role-based-access-control/transfer-subscription#understand-the-impact-of-transferring-a-subscription

ESAJRROptions: AB

A. Role assignments at the subscription level are lost. B. Virtual machine managed identities are lost.

majstor86Options: AB

A. Role assignments at the subscription level are lost. B. Virtual machine managed identities are lost.

rohitmedi

correct answer

swi48Options: AB

AB should the correct answer