🔑 Role-Based Access Control - AZ-104 Practice Questions

Configure role assignments, custom roles, and scope-based access control for Azure resources.

4Questions Available
1Exam Domains

Practice RBAC Questions Now

Start a timed practice session focusing on Role-Based Access Control topics from the AZ-104 question bank.

Start AZ-104 Practice Quiz →

AZ-104 RBAC Question Bank (4 Questions)

Browse all 4 practice questions covering Role-Based Access Control for the AZ-104 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Manage Azure identities and governance

    What happens to RBAC role assignments when a resource is moved from one resource group to another?

    ARBAC assignments at the resource level are preserved; resource group-level assignments do not move with the resource
    BAll RBAC assignments are automatically removed
    CAll RBAC assignments move to the new resource group
    DRBAC assignments cannot be changed after resource creation

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-104 Quiz
  2. Question 2Manage Azure identities and governance

    What is the Contributor role's limitation compared to the Owner role?

    AContributors cannot create resources
    BContributors cannot modify existing resources
    CContributors cannot grant access rights to others
    DContributors cannot delete resources

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-104 Quiz
  3. Question 3Manage Azure identities and governance

    What is the difference between Azure AD built-in roles and Azure RBAC roles?

    AThey are the same type of roles
    BAzure AD built-in roles control Azure AD tenant operations (User Admin, Global Admin); Azure RBAC roles control Azure resource operations (Contributor, Reader, Owner)
    CAzure RBAC roles are more powerful than Azure AD roles
    DAzure AD roles are for PaaS; RBAC roles are for IaaS

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-104 Quiz
  4. Question 4Manage Azure identities and governance

    What is the scope hierarchy for applying RBAC in Azure, from broadest to narrowest?

    AResource → Resource Group → Subscription → Management Group
    BManagement Group → Subscription → Resource Group → Resource
    CTenant → Management Group → Resource
    DSubscription → Resource Group → Resource

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-104 Quiz

Key RBAC Concepts for AZ-104

rbacrole assignmentcustom rolescopebuilt-in rolecontributorownerreader

AZ-104 RBAC Exam Tips

Role-Based Access Control questions in AZ-104 are typically scenario-based. Focus on day-to-day Azure administration, identity, network, compute, storage, and monitoring. Priority concepts: rbac, role assignment, custom role, scope, built-in role, contributor.

What AZ-104 Expects

  • Anchor your answer in prioritize operationally practical configurations and least-privilege administration.
  • RBAC scenarios for AZ-104 are frequently mapped to Domain 1 (20-25%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where RBAC interacts with identity, networking, governance, or monitoring patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value RBAC Concepts

  • Know the core RBAC building blocks cold: rbac, role assignment, custom role, scope.
  • Review the edge-case features and limits for built-in role, contributor; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how RBAC pairs with Entra ID, Governance in real deployment patterns.
  • For AZ-104, explain why the chosen RBAC design meets reliability, security, and cost expectations better than the alternatives.

Common AZ-104 Traps

  • Watch for forgetting scope inheritance and RBAC precedence.
  • Questions in Manage Azure Identities and Governance often include distractors that look correct for RBAC but violate least-privilege, compliance, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two RBAC implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Manage Azure Identities and Governance (20-25%) outcomes for AZ-104?
  • Can you explain security and access boundaries for RBAC without relying on default-open assumptions?
  • Can you describe how RBAC integrates with Entra ID and Governance during failure, scaling, and monitoring events?

Exam Domains Covering RBAC

Domain 1Manage Azure Identities and Governance20-25%

Related Resources

🎯 Free AZ-104 Mock Exam Entra ID Questions Governance Questions

More AZ-104 Study Resources

← AZ-104 Study Hub30-Day Study PlanFull Practice Exam