“The members of Group1 must be able to enable Defender for Cloud plans and apply regulatory compliance initiatives.”
According t o Microsoft Defender for Cloud’s RBAC documentation, the Security Assessment Contributor role provides permissions to:
Enable and configure Defender plans,
Manage security policies and initiatives,
View and edit recommendations and compliance results.
This role gives enough permissions to perform Defender configuration tasks but follows the principle of least privilege , unlike broader roles like Owner or Contributor, which grant excessive rights.
✅ Answer for Question 9:C. Security Assessment Contributor
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit