You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1.
You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days.
Which two groups should you create? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
To meet the requirements of granting access to a temporary Microsoft SharePoint document library and ensuring that the groups are deleted automatically after 180 days, you should create groups that support expiration policies. This functionality is supported by Microsoft 365 groups. The Microsoft 365 groups support expiration policies, which can automatically remove groups and their associated services after a set time period. Therefore, the correct answers are a Microsoft 365 group that uses the Assigned membership type and a Microsoft 365 group that uses the Dynamic User membership type. These types of groups ensure compliance with the requirement of automatic deletion.
Correct Answer: A and C Only O365 groups support automatic deletion after 180 days.
A and C are correct
Sorry y'all AC:s, but you're wrong Correct, according to Microsoft own sample exam questions is: CD Microsoft exam question answers: "a security group that uses the dynamic membership type" "a Microsoft 365 group that uses the dynamic membership type" Corresponds to A. a Microsoft 365 group that uses the Assigned membership type B. a Security group that uses the Assigned membership type x C. a Microsoft 365 group that uses the Dynamic User membership type x D. a Security group that uses the Dynamic User membership type E. a Security group that uses the Dynamic Device membership type "Rationale: Groups that use dynamic membership rules reduce the overhead of access management by providing attribute-based membership and access to resources. Based on membership rules the membership, and resulting access, can be granted and removed automatically." https://learn.microsoft.com/en-us/certifications/resources/az-104-sample-questions
This is a different question. The reason why A and C is correct is because the answer specifies that the group needs automatic deletion and that's only supported by Microsoft 365 groups.
Gave exam on June 29th 2022 and passed with 870. 80 Percent of the question came from here. Thanks every one for comments.
This question came on 21/7/2023. The selected answer is correct.
This was on my exam 25/02/2024!
This question was in exam 01/03/2024
To meet the requirements of granting access to a temporary Microsoft SharePoint document library and ensuring that the groups are deleted automatically after 180 days, you need to create groups that support expiration policies. This functionality is supported by Microsoft 365 groups but not by security groups. Therefore, the correct answers are: A. A Microsoft 365 group that uses the Assigned membership type C. A Microsoft 365 group that uses the Dynamic User membership type These choices ensure that: The groups are part of Microsoft 365, which supports group expiration policies. The groups can be configured to automatically delete after 180 days. Security groups do not support the automatic deletion feature based on expiration policies, making options B, D, and E incorrect for this scenario.
Why A and C? Why not just A? Is it something to do with the SPO library needs created with a group (365-Outlook) and then another 365 group for the users? So confused.
This was on exam. Feb 2024.
O365 groups required for the automatic deletion
Answer: C and D To grant User1, User2, and User3 access to the temporary Microsoft SharePoint document library named Library1 and ensure that the groups are automatically deleted after 180 days, you should create the following two groups: • A Microsoft 365 group that uses the Dynamic User membership type • A Security group that uses the Dynamic User membership type
The question states: Which 2 groups SHOULD you create? Why Should i create 2groups in the first place? Why is 1 group not enough?
Correct
Anwser: A & D To grant access to the temporary Microsoft SharePoint document library named Library1 for the users User1, User2, and User3, you should create the following groups: Microsoft 365 A Microsoft 365 group that uses the Assigned membership type: This group allows you to explicitly assign members and manage their access. You can add User1, User2, and User3 to this group, granting them access to Library1. After 180 days, you can delete this group to ensure automatic cleanup. A Security group that uses the Dynamic User membership type: This type of group dynamically adds or removes members based on specified criteria (such as user attributes or roles). You can configure this group to automatically include User1, User2, and User3 based on their attributes or roles. After 180 days, the group will no longer include these users, achieving the desired automatic deletion.
365 Groups don't "ensure" deletion https://learn.microsoft.com/en-us/entra/identity/users/groups-lifecycle "Groups with user activities are automatically renewed as the expiration nears." I don't get it
now I'm confused about the answer
I've done practical both 365 group will work no security group support this
ChatGPt said, answer is A and D Based on the information I found, the two groups that you should create to grant access to Library1 and ensure that the groups are deleted automatically after 180 days are: A Microsoft 365 group that uses the Dynamic User membership type A security group that uses the Dynamic User membership type These two types of groups allow you to set an expiration policy for them in Azure Active Directory (Azure AD), which will delete the groups and their associated resources after a specified period of inactivity1. You can also configure the groups to have dynamic membership, which means that the group members are added or removed automatically based on user attributes such as department, location, title, etc2. This way, you can ensure that only the relevant users have access to Library1.
ChatGPT will provide mostly inaccurate information, especially when you need to find out something specific.
"You can set expiration policy only for Microsoft 365 groups in Azure Active Directory (Azure AD), part of Microsoft Entra." Ref: https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-lifecycle