Microsoft Azure Architect Design (AZ-304) Practice Test

Which service can help identify Azure AD administrative accounts that have not signed in for the past 30 days?

• A. Azure AD Identity Protection
• B. Azure Activity Log
• C. Azure Advisor
• D. Azure AD Privileged Identity Management (PIM)

The correct answer is: Azure AD Privileged Identity Management (PIM)

Azure AD Privileged Identity Management (PIM) is designed to manage, monitor, and control access to important Azure resources. One of its key features is the ability to discover and manage users with administrative roles in Azure Active Directory. PIM helps ensure that only the necessary privileges are granted to users at specific times and can identify privileged accounts that have not been used recently. In the context of the question, PIM enables administrators to view the last sign-in activity of these administrative accounts, allowing them to identify accounts that have not been signed into for specific periods, such as the past 30 days. This feature supports organizations in maintaining a secure environment by uncovering potentially stale or unused accounts, highlighting potential security risks. The other services listed do not serve the same purpose. Azure AD Identity Protection focuses on detecting potential vulnerabilities and risks related to user accounts and does not track sign-in activity specifically. The Azure Activity Log provides insights into operations performed on Azure resources, but it does not provide a report specifically on user sign-in activity. Azure Advisor offers recommendations regarding resource optimization, performance, and security but lacks detailed monitoring of user sign-in behavior.