Atlassian Cloud Organization Admin Certification ACP-520 Exam Questions

Answer : A

By default, Jira Software creates two groups: jira-software-users and jira-software-admins. The jira-software-users group is granted the Jira Software User role, and the jira-software-admins group is granted the Jira Software Admin role. These roles determine the permissions and access that the group members have within Jira Software. The default groups also have a suffix that matches the site name, in this case ''ewok7a''.Therefore, the default groups for Jira Software on the ''ewok7a'' cloud site are jira-software-users-ewok7a and jira-software-admins-ewok7a, as shown in Option A12

Reference=Manage product access,Manage project roles

Answer : A

Shadow IT refers to the product creation and usage administered outside of an organization's IT department, which can lead to unexpected costs, security and compliance concerns, and operational complexity1.Atlassian Access is a service that provides enhanced security and governance features for Atlassian Cloud products, such as SAML SSO, user provisioning, enforced two-step verification, and audit logs2.Atlassian Access also offers a feature called automatic product discovery, which helps admins discover and manage the shadow IT products created by their managed users1.

A managed user is a user whose account is on a domain that is verified by an organization3.A verified domain is a domain that an organization has proven ownership of by adding a DNS or HTTPS record4. For example, if an organization verifies the domain acme.com, then any user with an email address ending with @acme.com is a managed user of that organization.

A product is an instance of an Atlassian Cloud product, such as Jira Software, Confluence, Bitbucket, or Trello5.A product belongs to a site, which is a collection of products that share a URL and administration settings6.A site belongs to an organization, which is a way to group and manage multiple sites and products under one central admin console7.

A managed user can create a product in another Cloud organization by using their work email address to sign up for a new site or join an existing site that is not owned by their organization1. This creates a shadow IT product that is not visible or controlled by their organization's admins.Atlassian Access can discover these shadow IT products by scanning the domains of all Atlassian Cloud products and matching them with the domains of the organizations that have Atlassian Access enabled1. Atlassian will proactively send an email to the organization admins with the number of shadow IT products created by their managed users and what the exact shadow IT product is.Within admin.atlassian.com, organization admins can also view additional information, such as the owner of these products, how many users are in that product, and the date it was created1.

Therefore, the statement that explains how Atlassian Access discovered shadow IT is that one of your managed accounts created a product in another Cloud organization.

Automatic product discovery in Atlassian Access

Atlassian Access: Enhanced Cloud Data Security & Governance

What is a managed account?

Verify a domain to manage accounts

What is a product?

Understand Atlassian sites and organizations

What is an Atlassian organization?

Answer : A

When you start a site with a Premium subscription trial to a Cloud product, you automatically create a ''site-admins'' group that contains your account as the only member. The ''site-admins'' group has the site admin role, which allows you to manage the site settings, products, users, and groups. You can also add other users to the ''site-admins'' group if you want to delegate some of the site administration tasks.

Reference=Create and update groupsandManage site-level permissions

Answer : D

Organization insights is a feature that provides analytics and reports on your organization's users, products, and security. You can access it from the Insights tab in your organization settings.Organization insights is available for all Atlassian cloud products and plans1.

View organization insights

Answer : E

As an organization admin, you can delete both managed and unmanaged accounts. Managed accounts are those that belong to your organization and are verified by a domain or an allowlist. Unmanaged accounts are those that do not belong to your organization and are not verified by a domain or an allowlist. Deleting an account removes the user's access to all Atlassian products and services, and deletes their personal data.

Answer : A

By removing the default group from the Jira Software User product role, you can prevent new users from automatically getting access to Jira Software when they join your site. This way, you can control who gets access to Jira Software and how many licenses are consumed.

Reference Manage product accessProduct roles and permissions

Answer : B

This statement is false because every site belongs to an organization.When you create a new site, you either join an existing organization or create a new one1. You cannot have a site without an organization.