About This Flashcard Deck
This flashcard deck contains 5 cards covering key Identity & Governance concepts for the AZ-305 exam. Review architecture decisions for identity and governance in AZ-305. Use active recall by attempting to answer each question before revealing the answer. Research shows that flashcard-based active recall is one of the most effective study techniques for certification exams.
Question
When should you use Conditional Access vs. MFA?
Click to reveal answer
Answer
Conditional Access provides context-aware policies (location, device, risk). MFA is one of the grant controls within conditional access. Always prefer conditional access for flexibility.
Click to flip back
All Identity & Governance Flashcards
Q: When should you use Conditional Access vs. MFA?
A: Conditional Access provides context-aware policies (location, device, risk). MFA is one of the grant controls within conditional access. Always prefer conditional access for flexibility.
Q: What is the difference between Azure Policy and RBAC?
A: Azure Policy enforces what properties resources can have (compliance). RBAC controls who can perform actions on resources (access).
Q: When should you use PIM?
A: Privileged Identity Management provides just-in-time access for admin roles, reducing standing privileges. Use when you need approval workflows, time-limited access, or audit trails for elevated permissions.
Q: How do management groups help governance?
A: They create a hierarchy above subscriptions for applying policies and RBAC at scale. Up to 6 levels deep. Policies inherit downward.
Q: What is a landing zone?
A: A pre-configured, compliant subscription environment with networking, identity, governance, and security already set up. Part of Cloud Adoption Framework.
Effective Azure Flashcard Study Method
For Azure certifications, we recommend the spaced repetition approach: review these flashcards daily for the first week, then every other day for two weeks, then weekly until your exam date. Focus extra time on cards related to Azure service comparisons — understanding when to choose between similar services (e.g., App Service vs. AKS vs. Container Instances) is a common exam pattern.