Which one of the actions below is the only one that a user with Security Admin role cannot perform?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D Option D is correct.
Creating new initiatives requires subscription owner credentials.
Option A, B and C are incorrect.
Security admin can perform these tasks with his/her role access.
Reference:
The Security Admin role in Microsoft Azure is a built-in role that has permissions to manage security-related features within Azure. This role is designed to manage Azure security resources, and typically does not have permissions to modify Azure subscriptions, resource groups, or other Azure resources outside of the security domain.
Out of the options given, the only action that a user with the Security Admin role cannot perform is B. Enable/disable Azure Defender plans.
Azure Defender is a suite of security tools offered by Microsoft that provides advanced threat protection for various Azure services. It includes features such as vulnerability assessment, threat intelligence, and advanced threat detection. Enabling or disabling Azure Defender plans requires the Global Administrator or Security Manager role.
Here's a brief explanation of the other actions mentioned:
A. Edit security policy: A user with the Security Admin role can edit the security policy for Azure resources, such as virtual machines, storage accounts, and SQL databases. This includes configuring security settings, such as network security groups, virtual network rules, and access control lists.
C. Enable/disable auto-provisioning: Auto-provisioning enables Azure Security Center to automatically discover and onboard Azure resources into Security Center. A user with the Security Admin role can enable or disable auto-provisioning for a subscription, resource group, or individual resources.
D. Add/assign initiatives (including regulatory compliance standards): Azure Security Center provides a set of security recommendations called initiatives, which help you comply with various security standards, such as ISO 27001, NIST SP 800-53, and PCI DSS. A user with the Security Admin role can add or assign initiatives to Azure resources to ensure compliance with these standards.