Least Privilege — Microsoft Azure Security Engineer (AZ-500) Practice Questions
Least privilege is the security principle that every user, service, and process should have only the minimum permissions required to perform its intended function, nothing more. On the AZ-500, this principle is applied through Azure RBAC role assignments, Privileged Identity Management time-bound access, managed identities scoped to specific resources, and Key Vault access policies that grant only the secret or key operations a workload actually needs. Least privilege directly limits the blast radius of a compromised account or misconfigured service, and it is tested implicitly across nearly every domain of the AZ-500 exam.
Free questions on least privilege
Which role provides the least privilege for reading Azure resources?
Free question · easy · full answer + explanation
More least privilege questions in the full bank
- An administrator requires a JIT (Just-In-Time) approach for privileged access. How should you implement this? Unlock answer & explanation →
- Which feature allows temporary access to privileged roles? Unlock answer & explanation →
- Your organization needs to grant a contractor temporary access to specific Azure resources. What is the most secure approach? Unlock answer & explanation →