HOTSPOT -
You are a Dynamics 365 Customer Services administrator. You have a Production instance and Sandbox instance.
Users record Production instance data in the Sandbox instance.
You need to ensure that the users only record data in the Production instance.
Which security function needs to be edited to prevent access to the Sandbox? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Reference:
https://docs.microsoft.com/en-us/power-platform/admin/control-user-access
The ans should be Groups and Roles
No the answer given is correct (groups and groups) because the question is asking how to Prevent access by multiple users to the Sandbox, which you would remove/edit the security group assigned to the environment - "When you assign a security group to an environment, that environment will not show up in home.dynamics.com for users not in the group." from link given in answer
The group cannot be removed from the instance itself (from the model-driven app), so answer should be correct (Group from the admin center and Role from the D365 instance)
You are right. There are no Security "groups" in Dynamics instances -- only Roles, Users, Teams, and Business Units. If a user has no roles associated with their user record, they will not be able to log onto the environment and an error is displayed.
I also think this should be the correct one - Groups and Roles.
This article says you are not right: https://docs.microsoft.com/en-us/power-platform/admin/control-user-access
Well... it also says: "All licensed users, whether or not they are members of the security groups, must be assigned security roles to access data in the environments."
Initially, I was actually thinking about the correct answer is Groups and Roles. After reading this article https://docs.microsoft.com/en-us/power-platform/admin/control-user-access, I feel the original answer is actual correct. You can assign the appropriate security group to control the user access to the sandbox.
I agree !!!
There is no groups security on sandbox instance level. Correct answer should be Groups and Roles.
@KAL18, On the Environment settings, you can set the Security Group. This also works on Sandbox type environments (just checked). See: https://docs.microsoft.com/en-us/power-platform/admin/control-user-access#associate-a-security-group-with-a-dataverse-environment
New: Security groups can't be assigned to default and developer environment types. If you've already assigned a security group to your default or developer environment, we recommend removing it since the default environment is intended to be shared with all users in the tenant and the developer environment is intended for use by only the owner of the environment.
Question was NOT on the Exam - Jan 29, 2024
Groups and Groups is correct answer. Role should not be in the picture. https://learn.microsoft.com/en-us/power-platform/admin/control-user-access
The Answer should be (groups and groups) . Description Says ----------------------------------- If your company has multiple Microsoft Dynamics 365 Guides environments, you can use security groups to control which users can access each environment. A security group restricts access to the environment to people in the security group. If a Microsoft Dataverse environment does not have an associated security group, all users with a Dataverse license (Dynamics 365 Guides, Power Automate, Power Apps, and so on) will be created as users and enabled in the environment. Each environment can have just one security group. For example, you could create three security groups to control access to the following environments. https://learn.microsoft.com/en-us/dynamics365/mixed-reality/guides/admin-security
Question was NOT on my exam, June 12th, 2024
This question was NOT part of the exam in Aug 2022
I can't recommend this site enough. The study materials provided the foundation I needed, and the exam readiness tips were invaluable. Passed the PL-200 exam with flying colors!
Correct, Question was on exam, July 02, 2024
If a user is assigned the Dynamics 365 Service Admin role, then the user must be part of the security group before they are enabled in the environment. They can't access the environment until they are added to the security group and enabled. Environments support associating the following group types: Security and Microsoft 365. Associating other group types is not supported. in the link of the question I had read it, so I think it is group and group
Groups Access Rights
I think at the MS365 admin level, it should be groups and at the sandbox env level it should be roles
You can prevent environment access with roles so Groups and Groups is correct.
It should be Managed roles because user will access the Environment from the model driven apps/ Canvas apps. if they don't have this things in the place then they can remove the user role, so that user will not able to access the Environment.
I believe the answer is correct. I do not understand why many suggest that there are not security groups for instances. All provided documentation here suggest otherwise.
Groups and Roles are correct. In first part, you can easily configure through groups in Admin Center but for the second part, it says that application area is Sandbox instance. Since Sandbox instance is a D365 instance, not a Microsoft Admin Center, so you have to configure this from Roles in D365.
I think it should be Groups and Roles. what differentiate access to different environment in same tenant is either security group or roles. Security Groups are created in Office admin and can be use to restrict access once associated to environment. roles can be removed to users from in PPAC