AZ-500: How Do You Activate an Eligible Role in Azure Privileged Identity Management (PIM)?

Home » Exam » AZ-500 » AZ-500: How Do You Activate an Eligible Role in Azure Privileged Identity Management (PIM)?

Table of Contents

Where Do You Go to Activate a Privileged Role?
Question
Answer
Explanation

Where Do You Go to Activate a Privileged Role?

Get the correct procedure for the AZ-500 exam on how to activate an eligible privileged identity role. Learn why activation is done in the Azure portal via the PIM service and not the Authenticator app or user profile.

Question

You can activate an eligible privileged identity profile

A. via the Microsoft Authenticator App
B. via the Azure Privileged Identity app in the Azure portal
C. in the properties of your Office 365 user profile
D. All the above

Answer

B. via the Azure Privileged Identity app in the Azure portal

Explanation

Activating a profile is performed within the Azure AD PIM app in the Azure portal.

The activation of an eligible role assignment is performed exclusively within the Privileged Identity Management (PIM) service inside the Azure portal. A user who has been made “eligible” for a privileged role does not hold those privileges permanently. To use the role, they must perform a just-in-time (JIT) activation.

The process is as follows:

The user signs into the Azure portal.
They navigate to the Azure AD Privileged Identity Management service.
Within PIM, they go to the “My roles” section.
They locate the eligible role they wish to activate and click the “Activate” link.
The user may be required to provide a justification (a reason for needing the role) and pass a multi-factor authentication (MFA) challenge.

The other options are incorrect for the following reasons:

A. via the Microsoft Authenticator App: The Authenticator app is used to approve the MFA request that is often part of the activation process. However, the activation itself is initiated from the Azure portal, not from within the Authenticator app.

C. in the properties of your Office 365 user profile: A user’s profile in Microsoft 365 or Azure AD is for viewing personal details, licenses, and group memberships. It does not contain the functionality for activating privileged roles. This is a specialized administrative task managed by PIM.

Microsoft AZ-500 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Microsoft AZ-500 exam and earn Microsoft AZ-500 certification.