🔥 3-day streak
Microsoft Cybersecurity Architect Expert62 / 158
Question 62 of 158

A multinational manufacturer runs primary workloads in Azure with Entra ID as the corporate IdP. It is acquiring a subsidiary that already operates entirely on AWS and uses AWS IAM Identity Center (federated to its own Okta tenant) for all employee sign-ins. During the 18-month integration period, subsidiary staff must access several Azure-hosted line-of-business apps, while the parent company's engineers must access AWS management consoles. Leadership requires that each company continue managing its own employee lifecycle in its existing IdP, that no shadow accounts be created, and that Conditional Access policies from Entra ID be enforced for access to the Azure apps. Which identity design best meets these requirements?

Reviewed for accuracy · Report an issueNext question