You are deploying Microsoft Entra ID Governance. Which THREE capabilities should you include to meet compliance requirements for access recertification and lifecycle management?
Access Reviews allow periodic recertification of access.
Why this answer
Access Reviews (B) are a core capability of Microsoft Entra ID Governance that directly enables compliance-driven access recertification. They allow administrators to create recurring reviews of group memberships, application assignments, and privileged roles, ensuring that only authorized users retain access. This satisfies regulatory requirements like SOX, GDPR, or HIPAA by providing attestation workflows and audit trails.
Exam trap
The trap here is that candidates often confuse Identity Protection's risk-based conditional access with governance recertification, or assume B2B Collaboration covers lifecycle management, when in fact only Access Reviews, Lifecycle Workflows, and Entitlement Management directly address compliance-driven access recertification and lifecycle automation.