Microsoft Azure Security Technologies (AZ-500) - 340 Questions

1. A company assigns a developer the Contributor role on a resource group. The developer needs to grant a colleague read access to a storage account within that resource group. The colleague reports that the developer cannot complete this task. What is the reason?

2. A team member has the Contributor role on a subscription. A manager needs this team member to also be able to deploy resources but not modify existing role assignments. Which statement best describes whether the current role meets these requirements?

3. A security engineer needs to delegate the ability to assign Azure roles to a junior administrator without granting full ownership of the subscription. The junior administrator should not be able to manage resources directly. Which built-in role should the security engineer assign?

4. A cloud administrator needs to assign the Reader role to a new user so that the user can view all resources within a specific Azure subscription. The administrator is using the Azure portal. Which sequence of steps should the administrator follow?

5. An administrator needs to assign the Contributor role to a service principal named 'app-deploy-sp' on a resource group named 'rg-production' within subscription ID '00000000-1111-2222-3333-444444444444'. Which Azure CLI command should the administrator run?