Microsoft Azure Architect Design (AZ-304) Practice Test

What tool should be recommended to ensure group owners receive alerts about group membership changes monthly?

• A. Azure AD access reviews
• B. Tenant Restrictions
• C. Azure AD Identity Protection
• D. Conditional access policies

The correct answer is: Azure AD access reviews

The recommendation to use Azure AD access reviews for ensuring that group owners receive alerts about group membership changes monthly is well-founded. Azure AD access reviews provide a systematic way for organizations to review and manage access to resources. This tool empowers administrators and group owners to regularly assess group memberships and verify whether users still require access or if any changes are necessary. With Azure AD access reviews, you can automate notifications and ensure that group owners are alerted on a specified schedule, such as monthly, about changes in group membership. This functionality helps maintain security and compliance, as it allows for timely reviews and responses to any unauthorized or unnecessary access. This approach directly addresses the requirement of keeping group owners informed about changes in group memberships and ensuring that they can take appropriate action when necessary, enhancing governance and reducing security risks. The other options listed, while important for different aspects of Azure AD and security governance, do not specifically provide the capability to alert group owners about changes in group membership on a regular basis. Tenant Restrictions pertain to controlling the applications users can access, Azure AD Identity Protection is focused on identifying and mitigating identity risks, and Conditional access policies enforce real-time access control based on conditions, but none of these tools offer the specific capability of scheduled alerts for group membership changes like