Topic 4: Mix Questions
Lab Task
use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username
below.
To enter your password. place your cursor in the Enter password box and click on the
password below.
Azure Username: Userl -28681041@ExamUsers.com
Azure Password: GpOAe4@lDg
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 28681041
Task 2
You need to add the network interface of a virtual machine named VM1 to an application
security group named ASG1.
Lab Task 2 Explanation:
Goal:
Add the network interface of a virtual machine (VM1) to an Application Security Group (ASG1) in Azure.
Step-by-Step Instructions:
Login to Azure Portal:
Go to https://portal.azure.com
Username: User1-28681041@ExamUsers.com
Password: GpOAe4@lDg
If the portal fails to load, press CTRL + K to reload in a new tab.
Locate VM1:
In the Azure portal, go to Virtual machines.
Find and select VM1 from the list.
Find the Network Interface (NIC):
On the VM1 Overview page, locate the Networking section.
Click on the Network interface name (usually something like vm1-nic).
Edit Application Security Groups (ASGs):
In the NIC settings, click on Configuration (under Settings).
Scroll down to Application Security Groups.
Click on the dropdown and select ASG1.
Save the Configuration:
Click Save at the top to apply the changes.
Why This Matters:
Application Security Groups (ASGs) let you group VMs logically and apply network security rules to those groups rather than individual IPs or NICs.
Assigning the VM’s NIC to ASG1 allows NSG rules to filter traffic based on group membership.
You have the Azure virtual machines shown in the following table.
A. VM2 and VM3 only
B. VM2, VM3, and VM4 only
C. VM1, VM2, and VM4 only
D. VM1, VM2, VM3, and VM4
E. VM1, VM2, and VM3 only
Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.
You have an Azure subscription named Sub1.
You have an Azure Storage account named sa1 in a resource group named RG1.
Users and applications access the blob service and the file service in sa1 by using several
shared access signatures (SASs) and stored access policies.
You discover that unauthorized users accessed both the file service and the blob service.
You need to revoke all access to sa1.
Solution: You regenerate the Azure storage account access keys.
Does this meet the goal?
A. Yes
B. No
You have a Microsoft Entra tenant that contains three users named User1, User2, and
User3.
You configure Microsoft Entra Password Protection as shown in the following exhibit.
The users perform the following tasks:
• User1 attempts to reset her password to COntOsO
• User2 attempts to reset her password to F@brikamHQ
• User3 attempts to reset her password to PrOduct123.
Which password reset attempts fail?
A. User1 only
B. User2only
C. User3 only
D. User1 and User3 only
E. User1, User2, and User3
You have an Azure subscription that contains the virtual networks shown in the following table.
You create an alert rule that has the following settings:
Resource: RG1
Condition: All Administrative operations
Actions: Action groups configured for this alert rule: ActionGroup1
Alert rule name: Alert1
You create an action rule that has the following settings:
Scope: VM1
Filter criteria: Resource Type = "Virtual Machines"
Define on this scope: Suppression
Suppression config: From now (always)
Name: ActionRule1
For each of the following statements, select Yes if the statement is true. Otherwise, select
No.
Note: Each correct selection is worth one point.
You have an Azure subscription that contains the virtual networks shown in the following
table.
You plan to create an Azure web app named WebApp2 that will have the following
configurations:
• Region: East US
• VNet integration: Enabled
• Scale out; Autoscale to up to 10 instances
For each of the following statements, select Yes if the statement is true. Otherwise, select
No.
NOTE: Each correct selection is worth one point.
You have the hierarchy of Azure resources shown in the following exhibit.
You have Azure Resource Manager templates that you use to deploy Azure virtual machines. You need to disable unused Windows features automatically as instances of the virtual machines are provisioned. What should you use?
A. device compliance policies in Microsoft Intune
B. Azure Automation State Configuration
C. application security groups
D. Azure Advisor
You have an Azure Active Directory (Azure AD) tenant named Contoso.com and an Azure Service (AKS) cluster AKS1. You discover that AKS1 cannot be accessed by using accounts from Contoso.com You need to ensure AKS1 can be accessed by using accounts from Contoso.com The solution must minimize administrative effort. What should you do first?
A. From Azure recreate AKS1,
B. From AKS1, upgrade the version of Kubermetes.
C. From Azure AD, implement Azure AD Premium P2.
D. From Azure AD, configure the User settings
You have an Azure subscription that contains an Azure key vault named Vault1.
On January 1, 2019, Vault1 stores the following secrets.
You have an Azure subscription that contains a virtual network. The virtual network contains the subnets shown in the following table.
A. VM4 only
B. VM1 and VM3 only
C. VM1, VM3 and VM4 only
D. VM1, VM2, VM3, and VM4
| Page 6 out of 38 Pages |
| Previous |