Compliance Manager User Permissions for Microsoft 365 Security Administration Exam

Assigning User Permissions for Compliance Manager in Microsoft 365

Prev Question Next Question

Question

You are the global administrator of a company with Microsoft 365 licenses.

You are setting up Compliance Manager for the first time and need to sign in and set user permissions.

You will give User A permissions to assign users.

What role should you assign?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: D

You should assign user A the Global administrator-role, which is the only role that gives access to assign other users.

View the exhibit from Microsoft official documentation:

User can: Read but not edit data Edit data Edit test results Manage assessments, and template and tenant data Assign users Compliance Manager role Compliance Manager Reader Compliance Manager Contribution Compliance Manager Assessor Compliance Manager Administration Global Administrator Azure AD role Azure AD Global reader, Security reader Compliance Administrator Compliance Administrator Compliance Administrator, Com, Administrator, Security Administrator Global Administrator

Option A is incorrect.

This role allows users to read data.

Option B is incorrect.

This role allows users to edit data.

Option C is incorrect.

This role allows users to edit test results.

To know more about permissions within Compliance manager, please refer to the link below:

Compliance Manager is a tool in Microsoft 365 that helps organizations assess and manage their compliance with various regulations and standards. As the global administrator of a company, you have the responsibility to set up Compliance Manager for the first time and assign user permissions.

In this scenario, you want to give User A the permission to assign users. To do so, you need to assign a role to User A that grants the required permissions.

The available roles in Compliance Manager are:

A. Compliance Manager Reader: This role allows users to view compliance assessments, control mappings, and compliance documents.

B. Compliance Manager Contributor: This role allows users to create and edit compliance assessments, control mappings, and compliance documents.

C. Compliance Manager Assessor: This role allows users to create and edit compliance assessments and assign them to other users for review.

D. Global Administrator: This role grants full administrative access to the entire Microsoft 365 environment, including Compliance Manager.

Based on the requirements stated in the question, the most appropriate role to assign to User A would be Compliance Manager Assessor. This role allows User A to create and edit compliance assessments and assign them to other users for review, which includes the ability to assign users to specific tasks and responsibilities. Assigning User A the Compliance Manager Contributor role would give them the ability to create and edit compliance assessments, but not assign users to specific tasks. Assigning User A the Compliance Manager Reader role would only allow them to view compliance information, which is not suitable for their requirements.

Assigning the Global Administrator role to User A would grant them full administrative access to the entire Microsoft 365 environment, including Compliance Manager, which is not necessary for their job responsibilities and could pose a security risk to the organization.

In summary, the most appropriate role to assign to User A in this scenario is Compliance Manager Assessor.

Prev Question Next Question