Plan and Implement Entitlement Management Flashcards
Define “Access Package”
A bundle of resources that a team or project needs and is governed with policies.
Define “Access Request”
A request that usually requires a workflow and approval process.
Define “Assignment”
Connecting an access package to a user typically with a expiration time.
Define “Catalog”
Container of related resource so that non-administrators can create their own packages.
Define “Catalog Creator”
A collection of users who can create a new catalog.
Define “Connected Organization”
An external Azure AD directory or domain that you have a relationship with.
Define “policy”
A set of rules that defines the access lifecycle.
Define “resource”
An asset, such as an Office group, a security group, an application, or a SharePoint Online site, with a role that a user can be granted permissions to.
Define “Resource Directory”
A directory that has one or more resources to share.
Define “Resource Role”
A collection of permissions associated with and defined by a resource group.
What delegation is needed to call the entitlement management API?
EntitlementManagement.ReadWrite.ALl
What file type can be uploaded as a Terms of Use Policy in Entitlement Management?
Can a published ToU document be edited?
No
How do you update a published ToU document?
Use the “Update” option
What is the default guest user account lifetime if it has not access package assignments?
30 days
True or false:
If a guest user exists in the directory before an invitation to an access package that they are later removed from, the guest user will remain in the directory.
True
What do catalogs contain?
Resources and access packages
How long are deleted users retained by Azure AD by default?
30 days
When should access packages be used?
For access that requires the approval of an employee’s manager or other designated individuals
