Microsoft Azure Security Technologies (AZ-500)

Which accounts are eligible to receive ownership transfer for an Azure subscription associated with an Azure AD tenant?

• A. contoso.com only
• B. contoso.com, fabrikam.com, and Hotmail only
• C. contoso.com and fabrikam.com only
• D. contoso.com, fabrikam.com, Hotmail, and OpenID-enabled user account

The correct answer is: contoso.com and fabrikam.com only

The correct answer highlights the eligibility criteria for ownership transfer concerning Azure subscriptions within an Azure Active Directory (AD) tenant context. Azure subscriptions are typically bound to a single Azure AD tenant, and only users who are part of that tenant can be granted ownership over the subscription. In the context of this question, accounts associated with the Azure AD tenant “contoso.com” would always be able to receive ownership transfer, as they are members of the tenant. Similarly, accounts from another trusted organization, such as “fabrikam.com,” can also be granted ownership if federated or invited as guests into the contoso.com tenant, thus allowing for cross-tenant ownership scenarios, provided they are correctly integrated. Contrastingly, accounts from the providers mentioned in other answer choices, including Hotmail and OpenID accounts, do not inherently have the same eligibility. While guest accounts can be invited to collaborate in an Azure AD tenant, they do not automatically qualify for ownership transfer just based on their email domains. The focus on maintaining ownership within defined boundaries of an Azure AD tenant ensures security and proper management practices. This understanding clarifies that only specific accounts tied to established Azure AD tenants (like contoso.com and potentially fabrikam.com when set up correctly) qualify for