Correct Answer: B
Microsoft Azure AD provides a variety of features, like Application management, Authentication, Business-to-Business (B2B), Business-to-Customer (B2C), Conditional access, Identity protection, Privileged identity management (PIM), etc.
Azure AD Business-to-Business (B2B) functionality offers guest users and external partners` management. Azure AD B2B invites guest users to create a user account, join a group, or get access to the application. The guest must redeem the invitation from the email to have access to the application and resources. With Azure AD B2B, you can use dynamic groups as well. The tenant admin can define the external collaboration settings to regulate the guest user access to the Azure AD resources.
Azure AD B2B is the best solution for your team. You advise the Tenant B admin to create a new Azure AD security group and invite your team members to join the group. Azure AD will provide an email invitation to each member. The email invitation will be sent to their existing email addresses, even if they are Tenant A users. Then the admin can assign the group access to the application and required resources in Tenant
B. After team members click on the invitation link, they will access the resources in Tenant
B.Option A is incorrect because MFA (Multi-factor authentication) is a process and requirements for the user to establish two and more forms of identification. Azure AD admin can require MFA from all the users, including guests. But MFA doesn`t manage guest and external partners` accounts.
Option C is incorrect because Azure AD Business-to-Customer (B2C) helps Azure customers use external identity providers for their apps or API users to sign up, sign in, and manage their profiles. But it doesn`t manage guest and external partners` accounts.
Option D is incorrect because Azure AD Privileged Identity Management (PIM) manages, controls, and monitors access to the critical resources in an organization. But it doesn`t manage guest and external partners` accounts.
Option E is incorrect because Azure AD Conditional access is the set of policies that secure access to organization data and applications. But it doesn`t manage guest and external partners` accounts.
For more information about Azure AD Business-to-Business (B2B), please visit the below URLs:
https://docs.microsoft.com/en-us/learn/modules/create-users-and-groups-in-azure-active-directory/6-collaborate-guest-accounts-azure-ad-b2b
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/add-users-administrator
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/compare-with-b2c
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/delegate-invitations