AZ-303 Exam - Question 246

Question

Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other Identity Governance settings are available.

Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles.

You need to ensure that the Admin1 can create access reviews in contoso.com.

Solution: You purchase an Azure Directory Premium P2 license for contoso.com.

Does this meet the goal?

Examice · Accepted Answer

To create access reviews in Azure Active Directory (Azure AD), an Azure AD Premium P2 license is required for the tenant. Admin1, who is assigned the User administrator, Compliance administrator, and Security administrator roles, will need this type of license for the Access reviews settings to be available. This licensing requirement is necessary for enabling features under Identity Governance, including access reviews, which are part of the Azure AD Premium P2 offering.

nemojzapipu · Answer

YES

It clearly states that user wants to access section  "Access review" from AAD (Identity Governance)  which leads to:

A valid Azure AD Premium P2, Enterprise Mobility + Security E5 paid, or trial license is required to use Azure AD access reviews.

I tried this on two tenants.
1. Global Admin + P2  -> I can create Access review   ->  https://ibb.co/8j81w5p
2. Global Admin without P2 -> Cannot access "Access review"  -> https://ibb.co/QFC2hh6

BigR · Answer

Ans is Yes 
Admin1 has AD Premium P2 license + User administrator.

Alivina · Answer

I think the answer is NO.

https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

Azure AD Premium P2 licenses are not required for users with the Global Administrator or User Administrator roles who set up (CREATE) access reviews, configure settings, or apply the decisions from the reviews.

For example, An administrator creates an access review of Group B with 500 users and 3 group owners, and assigns the 3 group owners as reviewers. Only required 3 Licenses.

Mj11Az · Answer

Yes, Azure AD Premium P2
Global administrator or User administrator

nfett · Answer

repeat

syu31svc · Answer

User Administrator role does not require P2 license to setup access reviews.

Instead, you need to onboard access reviews in your tenant.

https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

Answer is No

firstabed · Answer

Ensure that your directory has at least as many Azure AD Premium P2 licenses as you have employees that will be performing the following tasks

Azure AD Premium P2 licenses are not required for the following tasks:

No licenses are required for users who set up PIM, configure policies, receive alerts, and set up access reviews.

So , Ans NO

StarkStrange · Answer

Ans is Yes. for access review.. Global Admin/user admin role is needed which Admin1 has another requirement is P2 license so ans is yes here.
https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review

[Removed] · Answer

YES:
https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review
Prerequisites
Azure AD Premium P2
Global administrator or User administrator

malyaban · Answer

Also, for all such confusion in the solution notes -- https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure shows clearly that -- Using PIM feature requires an Azure AD Premium P2 license !!

Anonymous · Answer

Prerequisite license - Azure AD Premium P2 license.
Azure Portal -->  Identity Governance --> Privileged Identity Management --> Azure resources --> access review
So, with P2 license, it is not auto, still need PIM.

Ario · Answer

Prerequisites for Access review  : 
Azure AD Premium P2
Global administrator or User administrator
Microsoft 365 and Security group owner (Preview)

AD3 · Answer

Look at the page and expand Identity Governance. You will see bunch of items under it and the statement in the problem says all other identity governance are available. That means the P2 license is enabled. Only thing that is needed is to use PIM. So answer is NO. 
https://www.microsoft.com/en-us/security/business/identity-access-management/azure-ad-pricing?rtc=1

sukhdeep · Answer

I did tested without P2 license you can't do access review.

G_Z · Answer

Azure AD Premium P2 license. and PIM configuration

mindtrax · Answer

Just purchasing Azure Directory Premium P2 license won't cut it, the user still needs to have the correct role.

Stephan99 · Answer

Azure AD Premium P2 licenses are not required for users with the Global Administrator or User Administrator roles who set up access reviews, configure settings, or apply the decisions from the reviews.
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

Krsto · Answer

With P2 license and User admin role you should have access.
Tenant does not have a valid license (EMS E5 or P2) required for Access reviews. You get this message when trying to see Access Reviews. And this is with Global admin role. In order to use this you need to have:

Azure AD Premium P2
    Global administrator or User administrator

https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review

aabdous · Answer

Answer is YES
https://docs.microsoft.com/en-us/azure/active-directory/governance/deploy-access-reviews#licenses

rockyykrish · Answer

if you have a P2 License you can get an access review. So the answer should be yes.

Hrithiktej · Answer

seems correct to me

under what does it do ? section of this What is Azure AD Privileged Identity Management? we see "Conduct access reviews to ensure users still need roles"

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

network_zeal · Answer

YES, need p2 license to create access review

aabdous · Answer

Answer is Yes.
Look this page
https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review
Show Prerequisites

bigticket · Answer

YES.

You need a valid Azure AD Premium (P2) license for each person, other than Global administrators or User administrators, who will create or do access reviews.

https://docs.microsoft.com/en-us/azure/active-directory/governance/deploy-access-reviews

SKAZ303 · Answer

Sould be A.

Premium P2 ($9 per user per month)
Everything offered in P1
Identity Protection
Privileged Identity Management
Access reviews

jr_luciano · Answer

Correct Answer: B (NO)

BhupalS · Answer

Azure AD Premium P2 licenses are not required for the following tasks:

No licenses are required for users who set up PIM, configure policies, receive alerts, and set up access reviews.
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/subscription-requirements

AZ-303 Exam - Question 246

Discussion