Free Microsoft Power Platform PL-200 Actual Exam Questions - Question 6 Discussion
HOTSPOT You are a Dynamics 365 Customer Services administrator. You have a Production instance and Sandbox instance. Users record Production instance data in the Sandbox instance. You need to ensure that the users only record data in the Production instance. Which security function needs to be edited to prevent access to the Sandbox? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. 
This seems to be about controlling environment access itself, so editing the Environment Access security function makes sense to block sandbox usage. User roles won't stop them if they can still enter that environment.
I think the key here is the Environment security role, but not the user roles themselves. The users shouldn’t have access to the Sandbox environment at all if we want to block data entry there. So editing the Environment security role to restrict access to Sandbox makes more sense than just tweaking user roles in Production. That way, users won’t even be able to open the Sandbox instance, forcing them to use Production only. The Environment access setting alone feels too broad or different; it’s more about which environments they can use rather than what actions they can perform inside them.
This one’s tricky, not sure if it’s about environment access or user roles. Anyone got a clue?