Question

You are the administrator for your company’s Azure Active Directory (Azure AD) tenant, and on-prem Active Directory domain. A partner published a multi-tenant Software as a Service (SaaS) application, and gave your company access to the SaaS app. You configure access to several HR users in your company. Later, a team member in HR moves to a new department and no longer needs access to the partner’s app. You need to remove access to the app for this user, without affecting access for other users. The user must still be able to access other Line-of-Business (LOB) SaaS apps. What should you do?
A. Delete the team member from the Azure AD tenant.
B. Delete the team member from the on-prem Active Directory Domain
C. Delete the partner's webapp from the "Apps my company users" section of the azure portal.
D. Delete the team member's assignment to the app in the azure portal.

Answer 1

$<b>$
☺️☺️
__________________________________________________

Answer:
A. Delete the team member from the Azure AD tenant.

Reason :
>> Provided that " without affecting access for other users."

Steps:
Sign in to the Azure portal using a Global administrator account for the directory.

Select Azure Active Directory, select Users, and then search for and select the user you want to delete from your Azure AD tenant.


__________________________________________________
✌✌✌

Answer 2

Answer:

The correct answer to the given question is:

A. Delete the team member from the Azure AD tenant.

Explanation:

The constraint given is:

We need to remove the access so it does not interfere with other users' access.

Step for removing the access:

• Sign in to the Azure portal with the global administrator account for the directory.
• Select Azure Active Directory, select Users, then browse and select the user you want to remove from your Azure AD tenant.

An Azure Active Directory (Azure AD) solution to this problem is a feature called tenant restrictions. Tenant restrictions allow organizations to control access to SaaS cloud applications based on the Azure AD tenant that the application uses for single sign-on. The

tenant limit allows organizations to specify a list of tenants that users on their network can access. Azure AD then grants access only to allowed tenants. All other tenants are blocked, even if the user can be a guest.

#SPJ2