Microsoft Azure Architect Design (AZ-304) Practice Test

Which Azure feature should be recommended to notify group owners about their group memberships every month?

• A. Azure AD Identity Protection
• B. Azure AD access reviews
• C. Tenant Restrictions
• D. conditional access policies

The correct answer is: Azure AD access reviews

The recommended Azure feature for notifying group owners about their group memberships on a monthly basis is Azure AD access reviews. This feature enables organizations to conduct periodic reviews of group memberships, application access, and role assignments within Azure Active Directory. Azure AD access reviews allow administrators or designated group owners to receive insights about who has access to resources and whether that access is still appropriate. By setting up a recurring review process, group owners can be promptly notified about any members added or removed from their groups, ensuring proper access management and compliance. This capability not only enhances administrative oversight but also helps maintain a security posture by ensuring that only the right individuals have access to sensitive resources. Other options do not specifically address the need for regular notifications about group memberships. Azure AD Identity Protection focuses on identifying and responding to potential vulnerabilities and risks related to user accounts. Tenant Restrictions is primarily aimed at controlling access to resources based on the organization’s policies, and conditional access policies are used to enforce access controls based on conditions rather than for reviewing memberships. Hence, while all these features play a role in Azure security and management, access reviews are uniquely suited for periodic group membership notifications.