You administer an Azure Active Directory (Azure AD) tenant. You add a custom application to the tenant

HOTSPOT

You administer an Azure Active Directory (Azure AD) tenant. You add a custom application to the tenant. The application must be able to:

* Read data from the tenant directly.

* Write data to the tenant on behalf of a user.

In the table below, identify the permission that must be granted to the application. Make only one selection in each column.

View Answer

Answer:

Explanation:

Application Permission: Read directory data

The application must be able to Read data from the tenant directly.

Delegated Permission: Read and write Directory Data

The application must be able to write data to the tenant on behalf of a user.

As an administrator, you can also consent to an application’s delegated permissions on behalf of all the users in your tenant. This will prevent the consent dialog from appearing for every user in the tenant. You can do this from the Azure portal from your application page. From the Settings blade for your application, click Required Permissions and click on the Grant Permissions button.

Explanation: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications