You need to revoke all access to MyApp for the SaaSApp …

You administer an Azure Active Directory (Azure AD) tenant that hosts a Software as a Service (SaaS)
application named MyApp.
You control access to MyApp by using the following two Azure AD groups:
a group named SaaSApp that contains 200 users
a group named AdminSaaS that contains 20 usersYou need to revoke all access to MyApp for the SaaSApp by using the least administrative effort.
What should you do?

You administer an Azure Active Directory (Azure AD) tenant that hosts a Software as a Service (SaaS)
application named MyApp.
You control access to MyApp by using the following two Azure AD groups:
a group named SaaSApp that contains 200 users
a group named AdminSaaS that contains 20 usersYou need to revoke all access to MyApp for the SaaSApp by using the least administrative effort.
What should you do?

A.
Delete the tenant.

B.
Revoke access to MyApp.

C.
Delete the SaaSApp group from Azure AD.

D.
Revoke application access from users belonging to the SaaSApp group.

Explanation:
https://blogs.technet.microsoft.com/enterprisemobility/2014/05/21/identity-and-access-management-for-thecloud/

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

cloud

cloud

Group-based provisioning and access to SaaS apps
We have talked a bit about SaaS integration with Azure AD, but it’s worth mentioning here that administrators can provide and revoke application access to users based on the groups to which they belong; you don’t need to configure each user individually. When you combine this with the self-service group membership requests and the delegation of approval, you have a powerful and efficient way to manage access to SaaS applications with minimal administrative effort. Read more here.

Reply