Microsoft Azure Security Technologies (AZ-500)

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft Azure Security Technologies (AZ-500) exam. Prepare with well-structured questions and detailed explanations. Enhance your understanding and improve your readiness for the certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

If users with a givenName attribute starting with LAB should not sync to Azure AD, what action should be taken?

  1. Create an attribute-based filtering rule using Active Directory Users and Computers

  2. Configure a DNAT rule on the Firewall

  3. Create an attribute-based filtering rule using the Synchronization Rules Editor

  4. Configure a network traffic filtering rule on the Firewall

The correct answer is: Create an attribute-based filtering rule using the Synchronization Rules Editor

To prevent users with a givenName attribute starting with "LAB" from syncing to Azure Active Directory (Azure AD), creating an attribute-based filtering rule using the Synchronization Rules Editor is the correct action to take for several reasons. The Synchronization Rules Editor is specifically designed for managing sync rules between on-premises directories and Azure AD. By creating an attribute-based filtering rule within this tool, administrators can define precise criteria for which objects should be included or excluded from the synchronization process. In this scenario, one can set a rule that specifically targets the givenName attribute, allowing you to exclude any users whose names begin with "LAB" from being synced to Azure AD. This approach ensures that unwanted objects are filtered at the synchronization level, providing an effective way to manage directory synchronization without inadvertently affecting other users or the entire directory structure. It leverages the built-in capabilities of the synchronization architecture, making it both efficient and easy to maintain. In contrast, options that involve firewall configurations or editing rules in Active Directory Users and Computers are not relevant to this specific requirement, as they do not provide a mechanism for filtering objects based on attribute values during the synchronization process. The Synchronization Rules Editor is the appropriate tool for handling attribute-based filtering in the context of Azure AD sync

More Questions Like This