Microsoft Azure Security Technologies (AZ-500)

How can User1 from an external domain gain access to resources in an Azure AD tenant while minimizing administrative effort?

• A. Create a user account for User1
• B. Add the external domain as a custom domain
• C. Create an invite for User1
• D. Enable guest self-service sign up for the tenant

The correct answer is: Create an invite for User1

Inviting User1 through an invite is the most efficient way to provide access to resources in an Azure AD tenant while minimizing administrative effort. When an organization uses Azure AD, it can allow external users to access its resources by sending them an invitation. This process establishes User1 as a guest user, granting them access to specific resources without the need for creating a full user account or managing additional identities. The invitation process is designed to be straightforward, as it allows external users to securely join the tenant with a minimal administrative overhead. After receiving the invitation, User1 can use their existing credentials from their home domain to log in and gain access to the necessary resources. Alternatively, creating a user account for User1 involves more administrative overhead since it requires managing that user account within the Azure AD environment. Adding the external domain as a custom domain complicates the setup without directly addressing user access and would require additional configurations. Enabling guest self-service sign-up is beneficial for scalability but may not minimize administrative effort if not managed properly, as it opens up the tenant to potentially uncontrolled access if not configured securely. Thus, the most streamlined and efficient method for granting User1 access while minimizing the administrative burden is through the invitation process.