AZ-104

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

You have an Azure Storage account named MyStorageAccount. You have deployed an Azure App Services app named App-01 and App-02 that runs in an Azure container instance. Each app uses a managed identity. You need to ensure that App-01 and App-02 can read blobs from MyStorageAccount. The solution must meet the following requirements: - Minimize the number of secrets used - Ensure that App-02 can only read from MyStorageAccount for the next 30 days. What should you configure in MyStorageAccount for App-01?

Access control (IAM)

You have an Azure subscription that contains a virtual network named vNET1. vNET1 uses an IP address space of 10.0.0.0/16 and contains the subnets in the following table: Name IP address range Subnet0 10.0.0.0/24 Subnet1 10.0.1.0/24 Subnet2 10.0.2.0\24 GatewaySubnet 10.0.254.0\24 Subnet1 contains a virtual appliance named VM1 that operates as a router. You create a routing table named RT1. You need to route all inbound traffic from the VPN gateway to vNET1 through VM1. How should you configure RT1?

Address prefix - 10.0.0.0/16 Next hop type - Virtual appliance Assigned to - Gateway Subnet

You are running a virtual machine scale set in your Azure subscription. The scale set contains four instances that have the following configurations: Operating system: Windows Server 2016 Size: Standard_D1_v2 You run the Get-AzVmss cmdlet as shown in the following exhibit: When a new version of the Windows Server 2016 image is released, the new build will be deployed to ..... virtual machines simultaneously?

0

Overview Contoso, Ltd. is a manufacturing company that has offices worldwide. Contoso works with partner organizations to bring products to market. Contoso products are manufactured by using blueprint files that the company authors and maintains. Existing Environment Currently, Contoso uses multiple types of servers for business operations, including the following: - File servers - Domain controllers - Microsoft SQL Server servers Your network contains an Active Directory forest named contoso.com. All servers and client computers are joined to Active Directory. You have a public-facing application named App1. App1 is comprised of the following three tiers: - A SQL database - A web front end - A processing middle tier Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only. Requirements Planned Changes Contoso plans to implement the following changes to the infrastructure: - Move all the tiers of App1 to Azure. - Move the existing product blueprint files to Azure Blob storage. - Create a hybrid directory to support an upcoming Microsoft Office 365 migration project. Technical Requirements - Contoso must meet the following technical requirements: - Move all the virtual machines for App1 to Azure. - Minimize the number of open ports between the App1 tiers. - Ensure that all the virtual machines for App1 are protected by backups. - Copy the blueprint files to Azure over the Internet. - Ensure that the blueprint files are stored in the archive storage tier. - Ensure that partner access to the blueprint files is secured and temporary. - Prevent user passwords or hashes of passwords from being stored in Azure. - Use unmanaged standard storage for the hard disks of the virtual machines. - Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity. - Minimize administrative effort whenever possible. User Requirements Contoso identifies the following requirements for users: - Ensure that only users who are part of a group named Pilot can join devices to Azure AD. - Designate a new user named Admin1 as a local admin on all joined devices - Admin1 must receive email alerts regarding service outages. - Ensure that a new user named User3 can create network objects for the Azure subscription. You need to configure the Device settings to meet the technical requirements and the user requirements.

1 - Selected users may join devices 6 - Manage Additional local administrators on all Azure AD joined devices

You have Azure Storage accounts as shown in the following exhibit: Storage accounts Name Type Kind RG Location Subscription 1az104 Storage Storage RG-A East US X-A-A-S 2az104 Storage Storagev2 RG-B Central US X-A-A-S 3az104 Storage Blob RG-C East US X-A-A-S You can use ----------- for Azure Table Storage.

1az104 and 2az104

You are running a virtual machine scale set in your Azure subscription. The scale set contains four instances that have the following configurations: Operating system: Windows Server 2016 Size: Standard_D1_v2 You run the Get-AzVmss cmdlet as shown in the following exhibit: When an administrator changes the virtual machine size, the size will be changed on up to ---- virtual machines simultaneously?

4

You have an Azure subscription that contains the resources in the following table: Name Type ASG1 Application Security Group NSG1 Network Security Group Subnet1 Subnet vNET1 Virtual Network NIC1 Network Interface VM1 Virtual Machine NIC1 network interface card attaches VM1 to Subnet1. Subnet1 is associated to VNet1. You need to apply ASG1 to VM1. What should you do?

Associate NIC1 to ASG1

You have an Azure Storage account named storage-01 that uses Azure Blob storage. You need to use AzCopy to copy data to blob storage, in storage account storage-01. Which authentication method should you use for blob storage?

Azure AD and Shared Access Signatures (SAS) only

You have an Azure subscription that contains an Azure Storage account. You need to create and Azure container instance that will use a Docker image. The image contains a Microsoft SQL Server instance that requires persistent storage. You need to configure a storage service for your container. What Azure service should you use?

Azure Files

You are running four VMs in your Azure subscription. The virtual machines are deployed as follows: Name IP Address Connected to VM-01 10.1.0.100 vNET1/Subnet-Prod VM-02 10.2.0.200 vNET1/Subnet-Dev VM-03 172.16.25.25 vNET2/Subnet-01 VM-04 192.168.0.33 vNET3/Subnet-02 A DNS service is installed on VM-01. You configure the DNS servers settings for each virtual network to use 10.1.0.100 as their DNS server. You need to ensure that all the virtual machines can resolve DNS names by using the DNS service on VM-01. What should you do?

Configure peering between vNET1, vNET2, and vNET3

You have two Azure virtual networks named vNET1 and vNET2. vNET1 contains an Azure virtual machine named VM1. vNET2 contains an Azure virtual machine named VM2. VM1 hosts a frontend application that connects to VM2 to retrieve data. Users report that the frontend application is slower than usual. You need to view the average round-trip time (RTT) of the packets from VM1 to VM2. Which Azure Network Watcher feature should you use?

Connection monitor

You are using an Azure subscription with data deployed in the following Azure services: Name Type Container1 Blob Share1 File shares DB1 SQL Table1 Table You plan to export data by using Azure Import/Export job named DataExport. Which data can be exported by using DataExport?

Container1

You have an Azure subscription named Subscription1 that contains an Azure virtual network named VNet1. VNet1 connects to your on-premises network by using Azure ExpressRoute. You plan to prepare the environment for automatic failover in case of ExpressRoute failure. You need to connect VNet1 to the on-premises network by using a site-to-site VPN. The solution must minimize cost. Which three actions should you perform? Each correct answer presents part of the solution.

Create a connection Create a local site VPN gateway Create a VPN gateway that uses the VpnGw1 SKU

You are running three virtual machines in Azure, deployed in Subnet-01, inside vNET1 virtual network. Each virtual machine has a public IP address. The virtual machines host several applications that are accessible over port 443 to users on the Internet. Your on-premises network has a site-to-site VPN connection to vNet1. You discover that the virtual machines can be accessed by using the Remote Desktop Protocol (RDP) from the Internet and from the on-premises network. You need to prevent RDP access to the virtual machines from the Internet, unless the RDP connection is established from the on-premises network. The solution must ensure that all other applications can still be accessed by the Internet users. What should you do?

Create a deny rule in a network security group (NSG) that is linked to Subnet-01

You have the Azure virtual machines shown in the following table. *** Name: VM1,????????????????????Azure Region: West Europe Name: VM2,????????????????????Azure Region: West Europe Name: VM3,????????????????????Azure Region: North Europe Name: VM4,????????????????????Azure Region: North Europe *** You have a Recovery Services vault that protects VM1 and VM2. You need to protect VM3 and VM4 by using Recovery Services. What should you do first?

Create a new Recovery Services vault

You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named vNET1. You need to ensure that you can configure a point-to-site connection from an on-prem computer to vNET1. Which two actions should you perform?

Create a route-based virtual network gateway. Delete GW1

You have an Azure subscription that contains the resources shown in the following table: Name Type Resource Group Tag RG6 Resource Group - None vNET1 Virtual Network RG6 Department:D1 You assign a policy to RG6 as shown in the following table: Section Setting Value Scope Scope Subscription1/RG6 Exclusions None Basics Policy definition Apply tag & default value Assignment name Apply tag & default value Parameters Tag name Label Tag value Value1 To RG6, you apply the tag: RGroup: RG6 Which tags apply to vNET1?

Department D1 only

You have a virtual network named vNET1 that contains the subnets shown in the following table: Name Subnet NSG Subnet1 10.10.1.0/24 NSG1 Subnet2 10.10.2.0/24 - You have three Azure virtual machines that have the network configurations shown in the following table: Name Subnet IP Address NSG VM1 Subnet1 10.10.1.5 NSG2 VM2 Subnet2 10.10.2.5 - VM3 Subnet2 10.10.2.6 - For NSG1, you create the inbound security rule shown below: Priority Source Destination Dest. port Action 101 10.10.2.0/24 10.10.1.0/24 TCP/1433 Allow For NSG2, you create the inbound security rule below: Priority Source Destination Dest. port Action 125 10.10.2.5 10.10.1.5 TCP/1433 Block VM2 can connect to TCP port 1433 services on VM1.

False

You have an Azure Active Directory (Azure AD) tenant named az104exam.com that contains the users shown in the following table: Name Type Member of User 1 Member Admins_Group User 2 Guest Admins_Group User 3 Member None User 4 Member Secondary_Group User 5 Guest Secondary_Group User 3 is the owner of Admins_Group. Secondary_Group is a member of Admins_Group. You configure an access review named Review-01 as shown: Review name: Review-01 Description: Start date: 11/13/2020 Frequency: One time End date: 11/23/2020 Users Users to review: Members of a group Scope: Guest users only Group Admins_Group Reviewers: Group owners User 3 can perform an access review of User 1.

False

You have an Azure Active Directory (Azure AD) tenant named az104exam.com that contains the users shown in the following table: Name Type Member of User 1 Member Admins_Group User 2 Guest Admins_Group User 3 Member None User 4 Member Secondary_Group User 5 Guest Secondary_Group User 3 is the owner of Admins_Group. Secondary_Group is a member of Admins_Group. You configure an access review named Review-01 as shown: Review name: Review-01 Description: Start date: 11/13/2020 Frequency: One time End date: 11/23/2020 Users Users to review: Members of a group Scope: Guest users only Group Admins_Group Reviewers: Group owners User 3 can perform an access review of User 4.

False

You have an Azure subscription that contains the Azure virtual machines shown in the following table: Name Connected to subnet VM-01 10.0.0.0/24 VM-02 10.0.1.0/24 You add inbound security rules to a network security group (NSG) named NSG-01 as shown in the following table: Priority Source Destination Protocol Port Action 100 10.0.0.0/24 10.0.1.0/24 TCP 80,443 Allow 101 Any 10.0.1.0/24 TCP Any Deny You run Azure Network Watcher as shown in the following exhibit: Subscription: X-A-A-S Resource Group: RG-01 Source Type: VM VM: VM-01 Destination: RG-01, VM-02 Probe Settings: TCP Port 8080; unreachable You run Network Watcher again as shown in the following exhibit: Subscription: X-A-A-S Resource Group: RG-01 Source Type: VM VM: VM-01 Destination: RG-01, VM-02 Probe Settings: ICMP; reachable Please evaluate the following statement and decide if it's true or false. NSG-01 limits VM-01 traffic.

False

You have an Azure subscription that contains the following table: Name Type RG-01 Resource Group vNET1 Virtual Network vNET2 VM connected to vNET1 VM6 VM connected to vNET2 In Azure, you create a private DNS zone named az104exam.com. You set the registration virtual network to vNET2. The az104exam.com zone is configured as shown in the following exhibit: Essentials Resource group: rg-01 Subscription: X-A-A-S Subscription ID: 78a7c101-4056-4947.................. Tags: Click here to add tags Name Type TTL Value @ SOA 3600 Email: azureprivatedns- host.microsoft.com Host: azureprivatedns.net Refresh: 3600 Retry: 300 Expire: 2419200 Minimum TTL: 10 Serial number: 1 vm1 A 3600 10.1.0.4 vm9 A 3600 10.1.0.12 The A record for VM5 will be registered automatically in the az104exam.com zone?

False

You have an Azure subscription that contains the following table: Name Type RG-01 Resource Group vNET1 Virtual Network vNET2 VM connected to vNET1 VM6 VM connected to vNET2 In Azure, you create a private DNS zone named az104exam.com. You set the registration virtual network to vNET2. The az104exam.com zone is configured as shown in the following exhibit: Essentials Resource group: rg-01 Subscription: X-A-A-S Subscription ID: 78a7c101-4056-4947.................. Tags: Click here to add tags Name Type TTL Value @ SOA 3600 Email: azureprivatedns- host.microsoft.com Host: azureprivatedns.net Refresh: 3600 Retry: 300 Expire: 2419200 Minimum TTL: 10 Serial number: 1 vm1 A 3600 10.1.0.4 vm9 A 3600 10.1.0.12 VM5 ca resolve VM9.az104exam.com?

False

You have an Azure subscription that contains the virtual machines shown in the following table: Name Operating System Connects to VM1 Windows Server 2019 Subnet1 VM2 Windows Server 2019 Subnet 2 VM1 and VM2 use public IP addresses. From Windows Server 2019 on VM1 and VM2, you allow inbound Remote Desktop connections. Subnet1 and Subnet2 are in a virtual network named vNET1. The subscription contains two network security groups (NSGs) named NSG1 and NSG2. NSG1 uses only the default rules. NSG2 uses the default rules and the following custom incoming rule: - Priority: 100 - Name: Rule 1 - Port: 3389 -Protocol: TCP -Source: Any - Destination: Any - Action: Allow NSG1 is associated to Subnet1. NSG2 is associated to the network interface of VM2. From the internet, you can connect to VM1 using Remote Desktop?

False

You have the Azure management groups shown in the following table: Name in Management Group Tenant Root Group - ManagementGroup11 Tenant Root Group ManagementGroup12 Tenant Root Group ManagementGroup21 ManagementGroup11 You add Azure subscriptions to the management groups as shown in the following table: Name Management Group Subscription 1 ManagementGroup21 Subscription 2 ManagementGroup12 You create the Azure policies shown in the following table: Name Parameter Scope Not allowed virtualNetworks Tenant Root Group Allowed virtualNetworks ManagementGroup12 You can create a virtual machine in Subscription 2.

False

You have the Azure management groups shown in the following table: Name in Management Group Tenant Root Group - ManagementGroup11 Tenant Root Group ManagementGroup12 Tenant Root Group ManagementGroup21 ManagementGroup11 You add Azure subscriptions to the management groups as shown in the following table: Name Management Group Subscription 1 ManagementGroup21 Subscription 2 ManagementGroup12 You create the Azure policies shown in the following table: Name Parameter Scope Not allowed virtualNetworks Tenant Root Group Allowed virtualNetworks ManagementGroup12 You can create a virtual network in subscription 1.

False

You have an Azure subscription named Subscription1. Subscription1 contains the resources in the following table: Name Type RG1 Resource Group RG2 Resource Group vNET1 Virtual Network vNET2 Virtual Network vNET1 is in RG1. vNET2 is in RG2. There is no connectivity between vNET1 and vNET2. An administrator named Admin1 creates an Azure virtual machine named VM1 in RG1. VM1 uses a disk named Disk1 and connects to vNET1. Admin1 then installs a custom application in VM1. You need to move the custom application to vNET2. The solution must minimize administrative effort. Which two actions should you perform?

First action: Delete VM1 Second action: Create a new virtual machine

You recently created a new Azure subscription that contains a user named Admin1. Admin1 attempts to deploy an Azure Marketplace resource by using an Azure Resource Manager template. Admin1 deploys the template by using Azure PowerShell and receives the following error message: "User failed validation to purchase resources. Error message: Legal terms have not been accepted for this item on this subscription. To accept legal terms, please go to the Azure portal (http://go.microsoft.com/fwlink/? LinkId=534873) and configure programmatic deployment for the Marketplace item or create it there for the first time." You need to ensure that Admin1 can deploy the Marketplace resource successfully. What should you do?

From Azure PowerShell, run the Set-AzMarketplaceTerms cmd

You have an Azure subscription that contains a resource group named AZ-104-RG. You use AZ-104-RG to validate an Azure deployment. AZ-104-RG contains the following resources: Name Type Desc VM1 VM VM1 is running and configured to backup to Vault1 daily Vault1 Recovery Serv V. Vault1 includes all VM1 backups VNET1 vNET vNET1 has a resource lock type Delete You need to delete AZ-104-RG. What should you do before deleting AZ-104-RG?

From Recovery Services Vault, Vault1, stop the backup of VM1, and remove the resource lock from VNET1

You have an Azure subscription that contains an Azure AD tenant named exam.com and an Azure Kubernetes Service (AKS) cluster named AKS1. An Administrator reports that she is unable to grant access to AKS1 to the users in exam.com. You need to ensure that access to AK1 can e granted to the exam.com users. What should you do first?

From exam.com, create an OAuth 2.0 authorization endpoint

You have an Azure subscription named Subscription1 that contains an Azure virtual machine named VM1. VM1 is in a resource group named RG1. VM1 runs services that will be used to deploy resources to RG1. You need to ensure that a service running on VM1 can manage the resources in RG1 by using the identity of VM1. What should you do first?

From the Azure portal, modify the Managed Identity settings of VM1

You have an Azure web app named webapp1. Users report that they often experience HTTP 500 errors when they connect to webapp1. You need to provide the developers of webapp1 with real-time access to the connection errors. The solution must provide all the connection error details. What should you do first?

From webapp1, enable Web server logging

You have an Azure subscription that contains the resources shown in the following table: Name Type Location Resource Grp RG1 Resource Group East US RG2 Resource Group West US Recovery-V--1 Recovery Serv V West Europe RG1 Storage1 Storage Acct East US RG2 Storage2 Storage Acct West US RG1 Storage3 Storage Acct West Europe RG2 LAW1 Log Analy. Wkspc East US RG1 LAW2 Log Analy. Wkspc West US RG2 LAW3 Log Analy. Wkspc West Europe RG1 You need to configure Azure Backup reports for Recovery-Vault-1. You are configuring the Diagnostics settings for the AzureBackupReports log. Which Log Analytics Workspace can you use for the Azure Backup reports of Recovery-Vault-1?

LAW1, LAW2 and LAW3

You have an Azure subscription that contains the resources shown in the following table: Name Type Resource Group Tag RG6 Resource Group - None vNET1 Virtual Network RG6 Department:D1 You assign a policy to RG6 as shown in the following table: Section Setting Value Scope Scope Subscription1/RG6 Exclusions None Basics Policy definition Apply tag & default value Assignment name Apply tag & default value Parameters Tag name Label Tag value Value1 To RG6, you apply the tag: RGroup: RG6. You deploy a virtual network named vNET2 to RG6. Which tags apply to vNET2?

LabelValue1 only

You want to monitor the metrics and logs of your Linux virtual machine VM-01. Which of the following Azure services would you use for this task?

Linux Diagnostic Extension (LAD) 3.0

You have an Azure subscription that contains an Azure virtual machine named VM-01. VM-01 runs an application that does not support multiple active instances. At the end of each month, CPU usage for VM-01 peaks when the application runs. You need to create a scheduled runbook to increase the processor performance of VM-01 at the end of each month. What task should you include in the runbook?

Modify VM size property of VM-01

You have an Azure subscription named Subscription-Prod that contains a resource group named RG-01. In RG-01, you create a public load balancer named LB-02. You need to ensure that an administrator named Admin-01 can manage LB-02 and is allowed to add a health probe to LB-02. The solution must follow the principle of least privilege. Which role should you assign to Admin-01?

Network Contributor on RG-01

You have an Azure subscription named Subscription-Prod that contains a resource group named RG-01. In RG-01, you create an internal load balancer named LB-01. You need to ensure that an administrator named Admin-01 can manage LB-01 and is allowed to add a backend pool to LB-01. The solution must follow the principle of least privilege. Which role should you assign to Admin-01?

Network Contributor on RG-01

You have a computer named Computer-01 that has a point-to-site VPN connection to an Azure virtual network named AZ-104-vNET. The point-to-site connection uses a self-signed certificate. From Azure, you download and install the VPN client configuration package on a computer named Computer-01. You need to ensure that you can establish a point-to-site VPN connection to AZ-104-vNET from Computer-02. Solution: You join Computer-02 to Azure AD. Does this meet the goal?

No

You have a computer named Computer-01 that has a point-to-site VPN connection to an Azure virtual network named AZ-104-vNET. The point-to-site connection uses a self-signed certificate. From Azure, you download and install the VPN client configuration package on a computer named Computer-01. You need to ensure that you can establish a point-to-site VPN connection to AZ-104-vNET from Computer-02. Solution: You modify the Azure AD authentication policies. Does this meet the goal?

No

You have an Azure subscription named Subscription-Dev. Subscription-Dev contains a resource group named RG-01. RG-01 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG-01. Solution: From the Subscriptions blade, you select the subscription, and then click Programmatic deployment. Does this meet the goal?

No

You have an Azure subscription named Subscription-Dev. Subscription-Dev contains a resource group named RG-01. RG-01 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG-01. Solution: From the Subscriptions blade, you select the subscription, and then click Resource providers. Does this meet the goal?

No

You have an Azure subscription named Subscription-Dev. Subscription-Dev contains a resource group named RG-01. RG-01 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG-01. Solution: From the RG-01 blade, you click Automation script. Does this meet the goal?

No

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: From the Resource providers blade, you unregister the Microsoft.ClassicNetwork provider. Does this meet the goal?

No

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You assign a build-in policy definition to the subscription. Does this meet the goal?

No

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You create a resource lock, and then you assign the lock to the subscription. Does this meet the goal?

No

You have an Azure subscription that contains the following users in an Azure Active Directory tenant named 'az104exam.onmicrosoft.com': Andy GA Azure AD Maria GA AD John User Admin Azure AD Beatrice Owner Azure Subscription Andy creates a new Azure AD tenant named external.azure104exam.onmicrosoft.com. You need to create new user accounts in external.azure104exam.onmicrosoft.com. Solution: You instruct John to create the user accounts. Does this meet the goal?

No

You have an Azure virtual machine named VM1 that runs Windows Server 2016. You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour. Solution: You create an Azure storage account and configure shared access signatures (SASs). You install the Microsoft Monitoring Agent on VM1. You create an alert in Azure Monitor and specify the storage account as the source. Does this meet the goal?

No

You have an Azure virtual machine named VM1 that runs Windows Server 2016. You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour. Solution: You create an event subscription on VM1. You create an alert in Azure Monitor and specify VM1 as the source. Does this meet the goal?

No

You have an Azure virtual machine named VM1 that runs Windows Server 2016. You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour. Solution: You create an Azure Log Analytics workspace and configure the data settings. You add the Microsoft Monitoring Agent VM extension to VM1. You create an alert in Azure Monitor and specify the Log Analytics workspace as the source. Does this meet the goal?

No

You have an azure subscription that contains the following users in an Azure Active Directory tenant named 'az104exam.onmicrosoft.com': Andy GA AAD Maria GA AD John User Admin AAD Beatrice Owner Azure Subscription Andy creates a new AAD tenant named external.azure104exam.onmicrosoft.com. You need to create new user accounts in external.azure104exam.onmicrosoft.com. Solution: You instruct Beatrice to create the user accounts. Does this meet the goal?

No

You have an azure subscription that contains the following users in an Azure Active Directory tenant named 'az104exam.onmicrosoft.com': Andy GA AAD Maria GA AD John User Admin AAD Beatrice Owner Azure Subscription Andy creates a new AAD tenant named external.azure104exam.onmicrosoft.com. You need to create new user accounts in external.azure104exam.onmicrosoft.com. Solution: You instruct Maria to create the user accounts. Does this meet the goal?

No

You have an Azure subscription that contains the resources shown in the following table: Name Type Resource Group Location RG1 Resource Group n/a Central US RG2 Resource Group n/a West US VMSS1 VM Scale Set RG2 West US Proximity1 Proximity Plcmnt Grp RG1 Central US Proximity2 Proximity Plcmnt Grp RG2 West US Proximity3 Proximity Plcmnt Grp RG1 Central US You need to configure a proximity placement group for VMSS1. Which proximity placement groups should you use?

Proximity2 only

You have an Azure subscription named Dev-Test-Sub that is used by several departments at your company. Dev-Test-Sub contains the resources in the following table: Name Type Storage1 Storage RG1 Resource Group Container1 Blob Share1 File share Another administrator deploys a virtual machine named VM-01 and an Azure Storage account named Storage-02 by using a single Azure Resource Manager template. You need to view the template used for deployment. From which blade can you view the template that was used for the deployement?

RG1

You create the following resources in an Azure subscription: - An Azure Container Registry instance named Registry1 - An Azure Kubernetes Service (AKS) cluster named Cluster1 You create a container image named App1 on your administrative workstation. You need to deploy App1 to Cluster1. What should you do first?

Run the az acr build command

You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure?

Session persistence to Client IP and Protocol

You have an Azure Storage account named storage-01 that uses Azure File storage. You need to use AzCopy to copy data to the file storage, in storage account storage-01. Which authentication method should you use for file storage?

Shared Access Signatures (SAS) only

You have an Azure Storage account named MyStorageAccount. You have deployed an Azure App Services app named App-01 and App-02 that runs in an Azure container instance. Each app uses a managed identity. You need to ensure that App-01 and App-02 can read blobs from MyStorageAccount. The solution must meet the following requirements: - Minimize the number of secrets used - Ensure that App-02 can only read from MyStorageAccount for the next 30 days. What should you configure in MyStorageAccount for App-02?

Shared access signatures (SAS)

You try to connect to a Windows Server VM running in Azure, but the connection fails. You begin investigating the problem by taking a look at the Networking settings: You need to establish a Remote Desktop Connection to VM-01. What should you do to fix the problem?

Start VM-01

You have an Azure subscription that contains the resources shown in the following table: Name Type Location Resource Grp RG1 Resource Group East US RG2 Resource Group West US Recovery-V--1 Recovery Serv V West Europe RG1 Storage1 Storage Acct East US RG2 Storage2 Storage Acct West US RG1 Storage3 Storage Acct West Europe RG2 LAW1 Log Analy. Wkspc East US RG1 LAW2 Log Analy. Wkspc West US RG2 LAW3 Log Analy. Wkspc West Europe RG1 You need to configure Azure Backup reports for Recovery-Vault-1. You are configuring the Diagnostics settings for the AzureBackupReports log. Which storage accounts can you use for the Azure Backup reports of Recovery-Vault-1?

Storage3 only

You have an Azure subscription named X-A-A-S-Primary that contains the storage accounts displayed in the following table: Name Account kind Azure Service containing data Storage1 Storage File Storage2 Storage V2 File, Table Storage3 Storage v2 Queue Storage4 BlobStorage Blob You want to use the Azure Import/Export service to export data from X-A-A-S-Primary subscription. Which storage account can be used to export the data?

Storage4

You have an Azure web app named App-01. App-01 has the deployment slots shown in the following table: Name Function Webapp-01-Prod Production Webapp-01-Test Staging In Webapp-01-Test, you test several changes to App-01. You back up App-01. you swap Webapp-01-Test for Webapp-01-Prod and discover that App-01 is experiencing performance issues. You need to revert to the previous version of App-01 as quickly as possible. What should you do?

Swap the slots

Contoso, Ltd. is a manufacturing company that has offices worldwide. Contoso works with partner organizations to bring products to market. Contoso products are manufactured by using blueprint files that the company authors and maintains. Existing Environment Currently, Contoso uses multiple types of servers for business operations, including the following: - File servers - Domain controllers - Microsoft SQL Server servers Your network contains an Active Directory forest named contoso.com. All servers and client computers are joined to Active Directory. You have a public-facing application named App1. App1 is comprised of the following three tiers: - A SQL database - A web front end - A processing middle tier Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only. Requirements Planned Changes Contoso plans to implement the following changes to the infrastructure: - Move all the tiers of App1 to Azure. - Move the existing product blueprint files to Azure Blob storage. - Create a hybrid directory to support an upcoming Microsoft Office 365 migration project. Technical Requirements Contoso must meet the following technical requirements: - Move all the virtual machines for App1 to Azure. - Minimize the number of open ports between the App1 tiers. - Ensure that all the virtual machines for App1 are protected by backups. - Copy the blueprint files to Azure over the Internet. - Ensure that the blueprint files are stored in the archive storage tier. - Ensure that partner access to the blueprint files is secured and temporary. - Prevent user passwords or hashes of passwords from being stored in Azure. - Use unmanaged standard storage for the hard disks of the virtual machines. - Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity. - Minimize administrative effort whenever possible. User Requirements Contoso identifies the following requirements for users: - Ensure that only users who are part of a group named Pilot can join devices to Azure AD. - Designate a new user named Admin1 as the service admin for the Azure subscription. - Admin1 must receive email alerts regarding service outages. - Ensure that a new user named User3 can create network objects for the Azure subscription. QUESTION 3 Contoso requires a storage account that supports blob storage?

True

You have a virtual network named vNET1 that contains the subnets shown in the following table: Name Subnet NSG Subnet1 10.10.1.0/24 NSG1 Subnet2 10.10.2.0/24 - You have three Azure virtual machines that have the network configurations shown in the following table: Name Subnet IP Address NSG VM1 Subnet1 10.10.1.5 NSG2 VM2 Subnet2 10.10.2.5 - VM3 Subnet2 10.10.2.6 - For NSG1, you create the inbound security rule shown below: Priority Source Destination Dest. port Action 101 10.10.2.0/24 10.10.1.0/24 TCP/1433 Allow For NSG2, you create the inbound security rule below: Priority Source Destination Dest. port Action 125 10.10.2.5 10.10.1.5 TCP/1433 Block VM1 can connect to the TCP port 1433 services on VM2.

True

You have a virtual network named vNET1 that contains the subnets shown in the following table: Name Subnet NSG Subnet1 10.10.1.0/24 NSG1 Subnet2 10.10.2.0/24 - You have three Azure virtual machines that have the network configurations shown in the following table: Name Subnet IP Address NSG VM1 Subnet1 10.10.1.5 NSG2 VM2 Subnet2 10.10.2.5 - VM3 Subnet2 10.10.2.6 - For NSG1, you create the inbound security rule shown below: Priority Source Destination Dest. port Action 101 10.10.2.0/24 10.10.1.0/24 TCP/1433 Allow For NSG2, you create the inbound security rule below: Priority Source Destination Dest. port Action 125 10.10.2.5 10.10.1.5 TCP/1433 Block VM2 can connect to the TCP port 1433 service on VM3.

True

You have an Azure Active Directory (Azure AD) tenant named az104exam.com that contains the users shown in the following table: Name Type Member of User 1 Member Admins_Group User 2 Guest Admins_Group User 3 Member None User 4 Member Secondary_Group User 5 Guest Secondary_Group User 3 is the owner of Admins_Group. Secondary_Group is a member of Admins_Group. You configure an access review named Review-01 as shown: Review name: Review-01 Description: Start date: 11/13/2020 Frequency: One time End date: 11/23/2020 Users Users to review: Members of a group Scope: Guest users only Group Admins_Group Reviewers: Group owners User 3 can perform an access review of User 5.

True

You have an Azure subscription that contains the following table: Name Type RG-01 Resource Group vNET1 Virtual Network vNET2 VM connected to vNET1 VM6 VM connected to vNET2 In Azure, you create a private DNS zone named az104exam.com. You set the registration virtual network to vNET2. The az104exam.com zone is configured as shown in the following exhibit: Essentials Resource group: rg-01 Subscription: X-A-A-S Subscription ID: 78a7c101-4056-4947.................. Tags: Click here to add tags Name Type TTL Value @ SOA 3600 Email: azureprivatedns- host.microsoft.com Host: azureprivatedns.net Refresh: 3600 Retry: 300 Expire: 2419200 Minimum TTL: 10 Serial number: 1 vm1 A 3600 10.1.0.4 vm9 A 3600 10.1.0.12 VM6 can resolve VM9.az104exam.com?

True

You have an Azure subscription that contains the virtual machines shown in the following table: Name Operating System Connects to VM1 Windows Server 2019 Subnet1 VM2 Windows Server 2019 Subnet 2 VM1 and VM2 use public IP addresses. From Windows Server 2019 on VM1 and VM2, you allow inbound Remote Desktop connections. Subnet1 and Subnet2 are in a virtual network named vNET1. The subscription contains two network security groups (NSGs) named NSG1 and NSG2. NSG1 uses only the default rules. NSG2 uses the default rules and the following custom incoming rule: - Priority: 100 - Name: Rule 1 - Port: 3389 -Protocol: TCP -Source: Any - Destination: Any - Action: Allow NSG1 is associated to Subnet1. NSG2 is associated to the network interface of VM2. From VM1, you can connect to VM2 by using Remote Desktop?

True

You have an Azure subscription that contains the virtual machines shown in the following table: Name Operating System Connects to VM1 Windows Server 2019 Subnet1 VM2 Windows Server 2019 Subnet 2 VM1 and VM2 use public IP addresses. From Windows Server 2019 on VM1 and VM2, you allow inbound Remote Desktop connections. Subnet1 and Subnet2 are in a virtual network named vNET1. The subscription contains two network security groups (NSGs) named NSG1 and NSG2. NSG1 uses only the default rules. NSG2 uses the default rules and the following custom incoming rule: - Priority: 100 - Name: Rule 1 - Port: 3389 -Protocol: TCP -Source: Any - Destination: Any - Action: Allow NSG1 is associated to Subnet1. NSG2 is associated to the network interface of VM2. From the internet, you can connect to VM2 using Remote Desktop?

True

You have the Azure management groups shown in the following table: Name in Management Group Tenant Root Group - ManagementGroup11 Tenant Root Group ManagementGroup12 Tenant Root Group ManagementGroup21 ManagementGroup11 You add Azure subscriptions to the management groups as shown in the following table: Name Management Group Subscription 1 ManagementGroup21 Subscription 2 ManagementGroup12 You create the Azure policies shown in the following table: Name Parameter Scope Not allowed virtualNetworks Tenant Root Group Allowed virtualNetworks ManagementGroup12 You can add Subscription 1 to ManagementGroup11.

True

Contoso, Ltd. is a manufacturing company that has offices worldwide. Contoso works with partner organizations to bring products to market. Contoso products are manufactured by using blueprint files that the company authors and maintains. Existing Environment Currently, Contoso uses multiple types of servers for business operations, including the following: - File servers - Domain controllers - Microsoft SQL Server servers Your network contains an Active Directory forest named contoso.com. All servers and client computers are joined to Active Directory. You have a public-facing application named App1. App1 is comprised of the following three tiers: - A SQL database - A web front end - A processing middle tier Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only. Requirements Planned Changes Contoso plans to implement the following changes to the infrastructure: - Move all the tiers of App1 to Azure. - Move the existing product blueprint files to Azure Blob storage. - Create a hybrid directory to support an upcoming Microsoft Office 365 migration project. Technical Requirements Contoso must meet the following technical requirements: - Move all the virtual machines for App1 to Azure. - Minimize the number of open ports between the App1 tiers. - Ensure that all the virtual machines for App1 are protected by backups. - Copy the blueprint files to Azure over the Internet. - Ensure that the blueprint files are stored in the archive storage tier. - Ensure that partner access to the blueprint files is secured and temporary. - Prevent user passwords or hashes of passwords from being stored in Azure. - Use unmanaged standard storage for the hard disks of the virtual machines. - Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity. - Minimize administrative effort whenever possible. User Requirements Contoso identifies the following requirements for users: - Ensure that only users who are part of a group named Pilot can join devices to Azure AD. - Designate a new user named Admin1 as the service admin for the Azure subscription. - Admin1 must receive email alerts regarding service outages. - Ensure that a new user named User3 can create network objects for the Azure subscription. QUESTION 2 You need to move the blueprint files to Azure. What should you do?

Use Azure Storage Explorer to copy the files

You have an Azure subscription named New-Subscription. New-Subscription contains two Azure virtual machines VM-01 and VM-02. VM-01 and VM-02 run Windows Server 2016. VM-01 is backed up daily by Azure Backup without using the Azure Backup agent. VM-01 data has been compromised by a Ransonware attack, that encrypted all the data. VM-01 is not working, you need to restore the latest backup of VM-01. To which location can you restore the backup? You can restore VM-01 to ---------?

VM-01 or a new Azure virtual machine only

You have an Azure subscription named New-Subscription. New-Subscription contains two Azure virtual machines VM-01 and VM-02. VM-01 and VM-02 run Windows Server 2016. VM-01 is backed up daily by Azure Backup without using the Azure Backup agent. VM-01 data has been compromised by a Ransonware attack, that encrypted all the data. VM-01 is not working, you need to restore the latest backup of VM-01. To which location can you restore the backup? You can perform a file recovery of VM-01 to ---------?

VM-02 only

You have an Azure subscription named X-A-A-S-Primary that contains the resources shown in the following table: Name Type Storage1 Azure Storage Account vNET1 Virtual Network VM1 Azure virtual machine VM1Managed Managed disk for VM1 RVAULT1 Recovery vault for VM1 You create a new Azure subscription named X-A-A-S-Secondary and want to move all existing resources to this new subscription. Which of the resources can be moved?

VM1, Storage1, vNET1, VM1Managed, and RVAULT1

You have an Azure subscription that has a Recovery Services vault named Vault1. The subscription contains the virtual machines shown in the following table: Name Operating System Auto-shutdown VM1 Windows Server 2012 R2 Off VM2 Windows Server 2016 19:00 VM3 Ubuntu Server 18.04 LTS Off VM4 Windows 10 19:00 You plan to schedule backups to occur every night at 23:00. Which virtual machines can you back up by using Azure Backup?

VM1, VM2, VM3, and VM4

You have an Azure subscription named Subscription1 that contains the resources shown in the following table: Name Type Region Resource Group RG1 Resource Group West Europe N/a RG2 Resource Group North Europe N/a Vault1 Recovery Serv V West Europe RG1 You create virtual machines in Subscription1 as shown in the following table: Name Resource Group Region OS VM1 RG1 West Europe Windows Server 2016 VM2 RG1 North Europe Windows Server 2016 VM3 RG2 West Europe Windows Server 2016 VMA RG1 West Europe Ubuntu Server 18.04 VMB RG1 North Europe Ubuntu Server 18.04 VMC RG2 West Europe Ubuntu Server 18.04 You plan to use Vault1 for the backup of as many virtual machines as possible. Which virtual machines can be backed up to Vault1?

VM1, VM3, VMA, VMC

You have the App Service plans shown in the following table: Name Operating System Location ASP1 Windows West US ASP2 Windows Central US ASP3 Linux West US You plan to create the Azure web apps shown in the following table: Name Runtime stack Location WebApp1 .NET Core 3.0 West US WebApp2 ASP .NET 4.7 West US You need to identify which App Service plans can be used for the web apps. What should you identify?

WebApp1 - ASP1 and ASP3 only WebApp2 - ASP1 only

You have an Azure subscription named Subscription-Dev. Subscription-Dev contains a resource group named RG-01. RG-01 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG-01. Solution: From the RG-01 blade, you click Deployments. Does this meet the goal?

Yes

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You configure a custom policy definition, and then you assign the policy to the subscription. Does this meet the goal?

Yes

You have an Azure subscription that contains the Azure virtual machines shown in the following table: Name Connected to subnet VM-01 10.0.0.0/24 VM-02 10.0.1.0/24 You add inbound security rules to a network security group (NSG) named NSG-01 as shown in the following table: Priority Source Destination Protocol Port Action 100 10.0.0.0/24 10.0.1.0/24 TCP 80,443 Allow 101 Any 10.0.1.0/24 TCP Any Deny You run Azure Network Watcher as shown in the following exhibit: Subscription: X-A-A-S Resource Group: RG-01 Source Type: VM VM: VM-01 Destination: RG-01, VM-02 Probe Settings: TCP Port 8080; unreachable You run Network Watcher again as shown in the following exhibit: Subscription: X-A-A-S Resource Group: RG-01 Source Type: VM VM: VM-01 Destination: RG-01, VM-02 Probe Settings: ICMP; reachable Please evaluate the following statement and decide if it's true or false. NSG-01 may be applied to VM-02

Yes

You have an Azure virtual machine named VM1 that runs Windows Server 2016. You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour. Solution: You create an Azure Log Analytics workspace and configure the data settings. You install the Microsoft Monitoring Agent on VM1. You create an alert in Azure Monitor and specify the Log Analytics workspace as the source. Does this meet the goal?

Yes

You plan to assign the following Azure policy definitions as shown in the following exhibits: Not allowed resource types Scope: X-A-A-S Exclusions: X-A-A-S/RG-01 Basics Assignment name: Not allowed resource types Description: Policy Enforcement: Enabled Parameters Not allowed resource types: servers What is the effect of this policy?

You can create Azure SQL servers in RG-01 resource group only

Contoso, Ltd. is a manufacturing company that has offices worldwide. Contoso works with partner organizations to bring products to market. Contoso products are manufactured by using blueprint files that the company authors and maintains. Existing Environment Currently, Contoso uses multiple types of servers for business operations, including the following: - File servers - Domain controllers - Microsoft SQL Server servers Your network contains an Active Directory forest named contoso.com. All servers and client computers are joined to Active Directory. You have a public-facing application named App1. App1 is comprised of the following three tiers: - A SQL database - A web front end - A processing middle tier Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only. Requirements Planned Changes Contoso plans to implement the following changes to the infrastructure: - Move all the tiers of App1 to Azure. - Move the existing product blueprint files to Azure Blob storage. - Create a hybrid directory to support an upcoming Microsoft Office 365 migration project. Technical Requirements Contoso must meet the following technical requirements: - Move all the virtual machines for App1 to Azure. - Minimize the number of open ports between the App1 tiers. - Ensure that all the virtual machines for App1 are protected by backups. - Copy the blueprint files to Azure over the Internet. - Ensure that the blueprint files are stored in the archive storage tier. - Ensure that partner access to the blueprint files is secured and temporary. - Prevent user passwords or hashes of passwords from being stored in Azure. - Use unmanaged standard storage for the hard disks of the virtual machines. - Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity. - Minimize administrative effort whenever possible. User Requirements Contoso identifies the following requirements for users: - Ensure that only users who are part of a group named Pilot can join devices to Azure AD. - Designate a new user named Admin1 as the service admin for the Azure subscription. - Admin1 must receive email alerts regarding service outages. - Ensure that a new user named User3 can create network objects for the Azure subscription. QUESTION 1 You need to implement a backup solution for App1 after the application is moved. What should you create first?

a Recovery Services Vault

You have Azure Storage accounts as shown in the following exhibit: Storage accounts Name Type Kind RG Location Subscription 1az104 Storage Storage RG-A East US X-A-A-S 2az104 Storage Storagev2 RG-B Central US X-A-A-S 3az104 Storage Blob RG-C East US X-A-A-S You can use --------- for Azure Blob Storage.

all storage accounts

You download an Azure Resource Manager template based on an existing virtual machine. The template will be used to deploy 100 virtual machines. You need to modify the template to reference an administrative password. You must prevent the password from being stored in plain text. What should you create to store the password?

an Azure Key Vault and an access policy

You have a Microsoft 365 tenant and an Azure AD tenant named az104exam.com. You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library 1. You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days. Which two groups should you create?

an Office 365 group that uses the Assigned membership type an Office 365 group that uses the Dynamic membership type

You have an on-prem server that contains a folder named D:\Important_Data. You need to copy the contents of D:\Important_Data to the public container in an Azure Storage account named az104data. Which command should you run?

azcopy copy D:\Important_Data https://az104data.blob.core.windows.net/public --recursive

You have an Azure storage account named storage-01. You plan to use AzCopy to copy data to storage-01. Which of the following are valid storage services in storage-01 that you can copy data to?

blob and file only

You are currently running in your Azure subscription a virtual machine named VM-01. You install and configure a web server and a DNS server on VM-01. VM-01 has the inbound network security rules shown in the following exhibit: Network Interface: vm-01457 Virtual network/subnet: RG-01-vnet/default NIC Public IP: 20.71.138.119 Inbound port rules VM-01-nsg security group attached to NIC vm-01457 Priority Name Port Protocol Source Dest. Action 1000 Rule_1 50-60 Any Any Any Deny 2000 Rule_2 3389 TCP Any Any Allow 3000 Rule_3 50-500 TCP Any Any Allow 65000 AllowVnetInBnd Any Any VN VN Allow 65001 AllwLdBlnrInBnd Any Any AZLB Any Allow 65500 DenyAllInBnd Any Any Any Any Deny Select the option that completes correctly the following sentence: If you delete Rule_1, Internet users....

can connect to only the web server on VM-01

You are currently running in your Azure subscription a virtual machine named VM-01. You install and configure a web server and a DNS server on VM-01. VM-01 has the inbound network security rules shown in the following exhibit: Network Interface: vm-01457 Virtual network/subnet: RG-01-vnet/default NIC Public IP: 20.71.138.119 Inbound port rules VM-01-nsg security group attached to NIC vm-01457 Priority Name Port Protocol Source Dest. Action 1000 Rule_1 50-60 Any Any Any Deny 2000 Rule_2 3389 TCP Any Any Allow 3000 Rule_3 50-500 TCP Any Any Allow 65000 AllowVnetInBnd Any Any VN VN Allow 65001 AllwLdBlnrInBnd Any Any AZLB Any Allow 65500 DenyAllInBnd Any Any Any Any Deny Select the option that completes correctly the following sentence: Internet users ......

can connect to only the web server on VM-01

You have the following peerings configured for vNET6, as shown in the following exhibit: Name Peering status Peer Gateway transit peering1 Disconnected vNET1 Enabled peering2 Disconnected vNET2 Disabled To change the status of the peering connection to vNET1 to Connected, you must first -------.

delete peering 1

You plan to deploy three Azure virtual machines named VM-01, VM-02, and VM-03. You need to ensure that at least two virtual machines are available if a single Azure datacenter becomes unavailable. Which VM availability option should you choose?

each VM deployed in a separate Availability Zone

You have an on-premises virtual machine named VM-01. Some settings for VM-01 are shown below: Integration Services: -Operating system shutdown -Time synchronization -Data Exchange -Heartbeat -Backup (volume shadow copy) You need to ensure that you can use the disks attached to VM-01 as a template for Azure virtual machines. What should you modify on VM-01?

hard drive

You have an Azure virtual machine named VM-01 that runs Windows Server 2019. You save VM-01 as a template named VM-Template to the Azure Resource Manager library. You plan to deploy a virtual machine named VM-02 from VM-Template using Azure Portal. What can you configure during the deployment of VM-02?

resource group

You have an Azure Kubernetes Service (AKS) cluster named AKS1. You need to configure cluster autoscaler for AKS1. Which two tools should you use?

the az aks command the Azure portal

You have an Azure virtual machine named VM-W2019 that runs Windows Server 2019. The virtual machine was deployed using default options during the setup. You sig in to VM-W2019 and perform the following actions: -Create files on drive C -Create files on drive D -Modify the screen saver timeout -Change the desktop background You plan to redeploy VM-W2019. Which changes will be lost after you redeploy VM-W2019?

the files on drive D

You have deployed in Azure an application App1, on two Azure virtual machines named VM1 and VM2. You plan to implement an Azure Availability Set for App1. The solution must ensure that App1 is available during planned maintenance of the servers hosting VM1 and VM2. What should you include in your Availability Set?

two update domains

You have the following peerings configured for vNET6, as shown in the following exhibit: Name Peering status Peer Gateway transit peering1 Disconnected vNET1 Enabled peering2 Disconnected vNET2 Disabled Host on vNET6 can communicate with hosts on --------?

vNET6 only

You have an Azure subscription named Subscription1. In Subscription1, you create an Azure file share named share1. You create a shared access signature (SAS) named SAS1 as shown in the following exhibit: Allowed services: File Allowed permissions: Read, Write, List Start date/time: 11/01/2020 2pm End date/time: 11/14/2020 2pm Allowed IP address: 134.92.112.10-134.92.112.50 Allowed protocols: HTTPS only If on November 10, 2020, you run the net use command on a computer that has an IP address of 134.92.112.50 and you use SAS1 to connect to share1, you....

will have no access

You have an Azure subscription named Subscription1. In Subscription1, you create an Azure file share named share1. You create a shared access signature (SAS) named SAS1 as shown in the following exhibit: Allowed services: File Allowed permissions: Read, Write, List Start date/time: 11/01/2020 2pm End date/time: 11/14/2020 2pm Allowed IP address: 134.92.112.10-134.92.112.50 Allowed protocols: HTTPS only If on November 2, 2020, you run Microsoft Azure Storage Explorer on a computer that has an IP address of 134.92.112.1 and you use SAS1 to connect to the storage account, you....

will have no access


Ensembles d'études connexes

MicroEcon - Chapter 12: practice exam

View Set

M.11-1: Exemplar: Increased Intracranial Pressure

View Set

Module 3 PrepU Question Collection Assignment

View Set

Top Reasons for Business Failure

View Set

SBAC Week 5 Geometry Vocabulary Circles

View Set

Chapter 6: Asians/Asian Americans

View Set

MA Office Financial Management, Billing, Insurance

View Set