You have an Azure subscription that uses Microsoft Defender for Cloud. You have accounts for the following cloud services:

• Alibaba Cloud
• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)

What can you add to Defender for Cloud?

A. AWS only

B. Alibaba Cloud and AWS only

C. Alibaba Good and GCP only

D. AWS and GCP only

E. Alibaba Cloud, AWS. and GCP

You have an Azure subscription named Sub 1 that is associated to an Azure AD Tenant named contoso.com. The tenant contains the users shown in the following table.



Each user is assigned an Azure AD Premium P2 license.
You plan to onboard and configure Azure AD Identity Protection.
Which users can onboard Azure AD Identity Protection, remediate users, and configure policies? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your network contains an on-premises Active Directory domain named adatum.com that syncs to Azure Active Directory (Azure AD). Azure AD Connect is installed on a domain member server named Server1. You need to ensure that a domain administrator for the adatum.com domain can modify the synchronization options. The solution must use the principle of least privilege. Which Azure AD role should you assign to the domain administrator?

A. Security administrator

B. Global administrator

C. User administrator

Your network contains an on-premises Active Directory domain named adatum.com that syncs to a Microsoft Entra tenant. The Microsoft Entra tenant contains the users shown in the following table.

You have an Azure subscription that contains an Azure firewall named AzFW1. AzFW1 has a firewall policy named FWPolicy1. You need to add rule collections to FWPolicy1 to meet the following requirements:
• Allow traffic based on the FQDN of the destination.
• Allow TCP traffic.
Which types of rule collections should you add for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your on-premises network contains the servers shown in the following table.

You have an Azure Active Directory (Azure AD) tenant named contoso1812.onmicrosoft.com that contains the users shown in the following table.

You have an Azure subscription that contains the virtual machines shown in the following table.
Subnet1 and Subnet2 have a network security group {NSG). The NSG has an outbound rule that has the following configurations:
• Port; Any
• Source: Any
• Priority: 100
• Action: Deny
• Protocol: Any
• Destination: Storage
The subscription contains a storage account named storage1.
You create a private endpoint named Private1 that has the following settings:
• Resource type: Microsoft.Storage/storageAccounts
• Resource: storage1
• Target sub-resource: blob
• Virtual network: VNet1
• Subnet: Subnet1
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You have an Azure subscription named Sub1 that contains the resources shown in the following table.

A. Enable a managed service identity on VM1.

B. Create a secret in KV1.

C. Configure a service endpoint on SQL1.

D. Create a key in KV1.

You have an Azure resource group that contains 100 virtual machines. You have an initiative named Initiative1 that contains multiple policy definitions. Initiative1 is assigned to the resource group. You need to identify which resources do NOT match the policy definitions. What should you do?

A. From Azure Security Center, view the Regulatory compliance assessment

B. From the Policy blade of the Azure Active Directory admin center, select Compliance

C. From Azure Security Center, view the Secure Score.

D. From the Policy blade of the Azure Active Directory admin center, select Assignments

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1. You need to ensure that User1 can create and manage administrative units. The solution must use the principle of least privilege. Which role should you assign to User1?

A. Privileged role administrator

B. Helpdesk administrator

C. Global administrator

D. Security administrator

You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.