Topic 4: Mix Questions
You need to recommend which virtual machines to use to host App1. The solution must
meet the technical requirements for KeyVault1.
Which virtual machines should you use?
A. VM1 only
B. VM1 and VM2 only
C. VM1, VM2, and VM4 only
D. VM1, VM2, VM3. and VM4
You have an Azure subscription that contains the resources shown in the following table.
User1 is a member of Group1. Group1 and User2 are assigned the Key Vault Contributor
role for Vault1.
On January 1, 2019, you create a secret in Vault1. The secret is configured as shown in
the exhibit. (Click the Exhibit tab.)
User2 is assigned an access policy to Vault1. The policy has the following configurations:
Key Management Operations: Get, List, and Restore
Cryptographic Operations: Decrypt and Unwrap Key
Secret Management Operations: Get, List, and Restore
Group1 is assigned an access to Vault1. The policy has the following configurations:
Key Management Operations: Get and Recover
Secret Management Operations: List, Backup, and Recover
For each of the following statements, select Yes if the statement is true. Otherwise, select
No.
You have an Azure subscription that contains the virtual machines shown in the following
table.
For each of the following statements, select Yes if the statement is true. Otherwise, select
No.
NOTE: Each correct selection is worth one point.
You have an Azure subscription named Subscription1 that contains the resources shown in
the following table.
You need to identify which initiatives and policies you can add to Subscription1 by using
Azure Security Center.
What should you identify?
A. Policy1 and Policy2 only
B. Initiative1 only
C. Initiative1 and Initiative2 only
D. Initiative1, Initiative2, Policy1, and Policy2
You have a Microsoft Entra tenant named contoso.com. The tenant contains the users
shown in the following table.
Use the drop-down menus to select the answer choice that completes each statement
based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You plan to deploy an app that will modify the properties of Azure Active Directory (Azure AD) users by using Microsoft Graph. You need to ensure that the app can access Azure AD. What should you configure first?
A. a custom role-based access control (RBAC) role
B. an external identity
C. an Azure AD Application Proxy
D. an app registration
You have an Azure subscription that contains a resource group named RG1. RG1 contains
a virtual machine named VM1 that uses Azure Active Directory (Azure AD) authentication.
You have two custom Azure roles named Role1 and Role2 that are scoped to RG1.
The permissions for Role1 are shown in the following JSON code.
You assign the roles to the users shown in the following table.
You have an Azure subscription named Subscription1.
You need to view which security settings are assigned to Subscription1 by default.
Which Azure policy or initiative definition should you review?
A. the Audit diagnostic setting policy definition
B. the Enable Monitoring in Azure Security Center initiative definition
C. the Enable Azure Monitor for VMs initiative definition
D. the Azure Monitor solution ‘Security and Audit’ must be deployed policy definition
You have an Azure subscription.
You plan to use Microsoft Defender for Cloud to provide AI security posture management
capabilities.
You need to recommend a Defender for Cloud plan that supports the deployment
requirements. The solution must minimize costs.
What should you recommend?
A. Microsoft Defender for App Service
B. Microsoft Defender for APIs
C. Foundational Cloud Security Posture Management (CSPM
D. Defender Cloud Security Posture Management (CSPM)
You have an Azure key vault named Vault1 that stores the resources shown in the
following table.
Which resources support the creation of a rotation policy?
A. Key 1 only
B. Cert1 only
C. Key1 and Secret1 only
D. Key1 and Cert1 only
E. Secret1 and Cert1 only
F. Key1, Secret1, and Cert1
Lab Task
use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username
below.
To enter your password. place your cursor in the Enter password box and click on the
password below.
Azure Username: Userl -28681041@ExamUsers.com
Azure Password: GpOAe4@lDg
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 28681041
Task 3
The developers at your company plan to create a web app named App28681041 and to
publish the app to https://www.contoso.com. You need to perform the following tasks:
• Ensure that App28681041 is registered to Azure AD.
• Generate a password for App28681041.
Answer: Check below steps in explanation for Task.
You have an Azure subscription that contains a user named User1 and a storage account
named storage 1. The storage1 account contains the resources shown in the following
table:
Page 13 out of 38 Pages |
Previous |