What is the purpose of service principals in Azure AD?

  1. To manage physical servers in data centers
  2. To provide authentication for applications and services that need programmatic access to Azure resources ✓
  3. To encrypt data at rest
  4. To manage user licenses

Correct answer: To provide authentication for applications and services that need programmatic access to Azure resources

Option B is correct because service principals in Azure Active Directory (now Microsoft Entra ID) are identity objects that represent applications, services, or automated tools, allowing them to authenticate with Azure AD and be granted specific role-based access to Azure resources without using a human user account. Option A is wrong because service principals are identity and access management constructs in Azure AD and have no role in managing physical servers or data center infrastructure. Option C is wrong because encrypting data at rest is handled by Azure Storage Service Encryption, Azure Disk Encryption, and related services, not by service principals. Option D is wrong because user license management is an administrative function performed through Microsoft 365 or Azure AD user settings, not through service principals.

Topic: · azure ad, service principals, rbac, identity management

Practice Microsoft Azure Security Engineer (AZ-500) Questions Free