Azure Administrator AZ-104 Part 1

Ace your homework & exams now with Quizwiz!

What are the three different kinds of account storage?

StorageV2 (general purpose v2): the current offering that supports all storage types and all of the latest features Storage (general purpose v1): a legacy kind that supports all storage types but may not support all features Blob storage: a legacy kind that allows only block blobs and append blobs

administrative units

restrict administrative scope by using ________ for your organization. The division of roles and responsibilities is especially helpful for organizations that have many independent divisions.

zone-redundant storage (ZRS)

synchronously replicates your data across three storage clusters in a single region. Each storage cluster is physically separated from the others and resides in its own availability zone. Each availability zone, and the _________ cluster within it, is autonomous, and has separate utilities and networking capabilities. Storing your data in a ________ account ensures you can access and manage your data if a zone becomes unavailable. ________ isn't currently available in all regions. Changing to ______ from another data replication option requires the physical data movement from a single storage stamp to multiple stamps within a region.

Blob storage

Storage type best for: Serving images or documents directly to a browser. Storing files for distributed access. Streaming video and audio. Storing data for backup and restore, disaster recovery, and archiving. Storing data for analysis by an on-premises or Azure-hosted service.

Azure Resource Manager (ARM) template

A JavaScript Object Notation (JSON) file that defines one or more resources to deploy to a resource group. It also defines the dependencies between the deployed resources. The _____ can be used to deploy the resources consistently and repeatedly.

Sync Group (Az File Sync)

A _________ defines the sync topology for a set of files. Endpoints within a __________ are kept in sync with each other. Consider the scenario where you have two distinct sets of files that you want to manage with Azure File Sync. In this case, you create two _____________ and add different endpoints to each __________. An instance of the Storage Sync Service can host as many _________ as you need.

Server Endpoint (Az File Sync)

A __________ represents a specific location on a registered server, such as a folder on a server volume. Multiple ______________ can exist on the same volume if their namespaces are unique (for example, F:\\sync1 and F:\\sync2).

Cloud endpoint (Az File Sync)

A ____________ is an Azure Files share that's part of a sync group. As part of a sync group, the entire __________ (Azure Files share) syncs. An Azure Files share can be a member of one _________ only. An Azure Files share can be a member of one sync group only. Consider the scenario where you have a share with existing files. If you add the share as a _________ to a sync group, the files in the share are merged with files on other endpoints in the sync group.

Resource groups make administering resources easy.

A new project has several resources that need to be administered together. Which of the following strategies would provide a good solution? Azure templates Azure resource groups Azure subscriptions

resource provider

A service that supplies the resources you can deploy and manage through Resource Manager. Each ______ offers operations for working with the resources that are deployed. Some common resource providers are Microsoft.Compute, which supplies the virtual machine resource, Microsoft.Storage, which supplies the storage account resource, and Microsoft.Web, which supplies resources related to web apps.

Cloud identity

A user account with a ______ is defined only in Azure AD. This type of user account includes administrator accounts and users who are managed as part of your organization. A _______ can be for user accounts defined in your Azure AD organization, and also for user accounts defined in an external Azure AD instance. When a _______ is removed from the primary directory, the user account is deleted.

Connect-AzAccount The first thing to do is to connect to Azure and provide the user credentials.

Another Administrator is managing Azure locally using PowerShell. They have launched PowerShell as an Administrator. Which command should be executed first?

network rules

Any non-HTTP/S traffic that's allowed to flow through your firewall must have a ___. Consider a scenario where resources in one subnet must communicate with resources in another subnet.

FreeMicrosoft 365 Apps Premium P1 Premium P2

Azure Active Directory comes in four editions:

The CLI is cross-platform and can be installed on Linux, macOS, and Windows. After installation, the CLI commands are the same on every platform.

Azure CLI can be installed on which operating systems?

Storage Sync Service Sync group Registered server & Azure File Sync agent Server Endpoint & Cloud Endpoint

Azure File Sync is composed of four main components that work together to provide caching for Azure Files shares on an on-premises Windows Server or cloud virtual machine. What are the components?

If the resource already exists and no change is detected in the properties, no action is taken. If the resource already exists and a property has changed, the resource is updated. If the resource doesn't exist, it's created.

Azure Resource Manager templates are idempotent. This means that if you run a template with no changes a second time:

192.168.1.0 This value identifies the virtual network address .192.168.1.1 Azure configures this address as the default gateway. 192.168.1.2 and 192.168.1.3Azure maps these Azure DNS IP addresses to the virtual network space. 192.168.1.255 This value supplies the virtual network broadcast address.

Azure reserves five IP addresses. The first four addresses and the last address are reserved. What are the reserved addresses in an IP address range of 192.168.1.0/24.?

Azure Management Groups

provide a level of scope and control above your subscriptions. You can use management groups as containers to manage access, policy, and compliance across your subscriptions.

account

One of the Azure Active Directory concepts: An ______ is an identity that has data associated with it. To have an _________, you must first have a valid identity. You can't have an _______ without an identity.

infrastructure as code

Enables you to describe, through code, the infrastructure that you need for your application. You can maintain both your application code and everything you need to deploy your application in a central code repository

fault domain

Is essentially a rack of servers. It provides the physical separation of your workload across different power, cooling, and network hardware that support the physical servers in the data center server racks. In the event the hardware that supports a server rack becomes unavailable, only that rack of servers is affected by the outage.

identities

One of the Azure Active Directory concepts: is an object that can be authenticated. The ______ can be a user with a username and password. _______ can also be applications or other servers that require authentication by using secret keys or certificates. Azure AD is the underlying product that provides the _____ service.

Azure subscription

One of the Azure Active Directory concepts: An Azure ______ is used to pay for Azure cloud services. A ________ is linked to a credit card. Each ______ is joined to a single tenant. You can have multiple _______.

Azure tenant (directory)

One of the Azure Active Directory concepts: An Azure________ is a single dedicated and trusted instance of Azure AD. Each _________(also called a directory) represents a single organization. When your organization signs up for a Microsoft cloud service subscription, a new ________ is automatically created. Because each________ is a dedicated and trusted instance of Azure AD, you can create multiple_______ or instances.

Azure AD account

One of the Azure Active Directory concepts: An ____ is an identity that's created through Azure AD or another Microsoft cloud service, such as Microsoft 365. Identities are stored in Azure AD and are accessible to your organization's cloud service subscriptions. The ______ is also called a work or school account.

Registered Server (Az File Sync)

The _______ object represents a trust relationship between your server (or cluster) and the Storage Sync Service resource. You can register as many servers to a Storage Sync Service resource as you want.

Azure Files

Storage type best for: Many on-premises applications use file shares. This feature makes it easier to migrate those applications that share data to Azure. If you mount the file share to the same drive letter that the on-premises application uses, the part of your application that accesses the file share should work with minimal, if any, changes. Configuration files can be stored on a file share and accessed from multiple virtual machines. Tools and utilities used by multiple developers in a group can be stored on a file share, ensuring that everybody can find them, and that they use the same version. Diagnostic logs, metrics, and crash dumps are just three examples of data that can be written to a file share and processed or analyzed later.

Structured data

Structured data is stored in a relational format that has a shared schema. Structured data is often contained in a database table with rows, columns, and keys. Tables are an autoscaling NoSQL store. Structured data can be stored by using Azure Table Storage, Azure Cosmos DB, and Azure SQL Database. Azure Cosmos DB is a globally distributed database service. Azure SQL Database is a fully managed database-as-a-service built on SQL.

The Azure Portal is a good choice for one-off operations like creating a long-lived storage account. The portal gives you a GUI containing all the storage-account properties and provides tool tips to help you select the right options for your needs.

Suppose you are building a video-editing application that will offer online storage for user-generated video content. You will store the videos in Azure Blobs, so you need to create an Azure storage account to contain the blobs. Once the storage account is in place, it is unlikely you would remove and recreate it because this would delete all the user videos. Which tool is likely to offer the quickest and easiest way to create the storage account? PowerShell Azure CLI Azure Portal

declarative syntax

Syntax that lets you state "Here is what I intend to create" without having to write the sequence of programming commands to create it. The Resource Manager template is an example of _______. In the file, you define the properties for the infrastructure to deploy to Azure.

Cold tier (blob access tiers)

The _____ tier is optimized for storing large amounts of data that's infrequently accessed. This tier is intended for data that remains in the _______ tier for at least 30 days. A usage case for the _______ tier is short-term backup and disaster recovery datasets and older media content. This content shouldn't be viewed frequently, but it needs to be immediately available. Storing data in the _________ tier is more cost-effective. Accessing data in the _________ tier can be more expensive than accessing data in the Hot tier.

Archive tier (blob access tiers)

The ______ tier is an offline tier that's optimized for data that can tolerate several hours of retrieval latency. Data must remain in the ______ tier for at least 180 days or be subject to an early deletion charge. Data for the _______ tier includes secondary backups, original raw data, and legally required compliance information. This tier is the most cost-effective option for storing data. Accessing data is more expensive in the ________ tier than accessing data in the other tiers.

Hot tier (blob access tiers)

The _______ tier is optimized for frequent reads and writes of objects in the Azure storage account. A good usage case is data that is actively being processed. By default, new storage accounts are created in the _______ tier. This tier has the lowest access costs, but higher storage costs.

Storage Sync Service (Az File Sync)

The ________ is the top-level Azure resource for Azure File Sync. This resource is a peer of the storage account resource and can be deployed in a similar manner. The _________ forms sync relationships with multiple storage accounts by using multiple sync groups. The _____________ requires a distinct top-level resource from the storage account resource to support the sync relationships. A subscription can have multiple ____________ resources deployed.

Azure File Sync agent

The ___________ is a downloadable package that enables Windows Server to be synced with an Azure Files share. The _________ has three main components: FileSyncSvc.exe: This file is the background Windows service that's responsible for monitoring changes on server endpoints, and for initiating sync sessions to Azure. StorageSync.sys: This file is the Azure File Sync file system filter that supports cloud tiering. The filter is responsible for tiering files to Azure Files when cloud tiering is enabled. PowerShell cmdlets: These PowerShell management cmdlets allow you to interact with the Microsoft.StorageSync Azure resource provider. You can find the cmdlets at the following (default) locations: C:\\Program Files\\Azure\\StorageSyncAgent\\StorageSync.Management.PowerShell.Cmdlets.dll C:\\Program Files\\Azure\\StorageSyncAgent\\StorageSync.Management.ServerCmdlets.dll

update domain

The collection of virtual machines in an availability set that are updated at the same time. Virtual machines in the same _____ are restarted together during planned maintenance. Azure never restarts more than one _______ at a time. Also referred to as an upgrade domain.

Azure Import/Export Service

Transfers data between on-prem and Azure Blob or Azure Files by shipping disk drives to an Azure Data Center.

The CLI is cross-platform and can be installed on Linux, macOS, and Windows. After installation, the CLI commands that you run are the same everywhere. This means you can learn the commands once and use them with any local installation or in the Azure Cloud Shell.

True or false: The Azure CLI can be installed on Linux, macOS, and Windows, and the CLI commands you use are the same in all platforms

False The three tools offer almost the same set of services. Generally, this is not a factor in deciding which tool is best for your tasks.

True or false: The Azure portal, the Azure CLI, and Azure PowerShell offer significantly different services, so it is unlikely that all three will support the operation you need.

Directory-synchronized identity

User accounts that have a ______ are defined in an on-premises Active Directory. A synchronization activity occurs via Azure AD Connect to bring these user accounts in to Azure. The source for these accounts is Windows Server Active Directory.

The elements of an Azure Resource Manager template are schema, contentVersion, apiProfile, parameters, variables, functions, resources, and output.

What are the elements of an ARM template?

Assigned Dynamic user Dynamic device

What are the three group membership types?

Virtual machine data

Virtual machine data storage includes disks and files. Disks are persistent block storage for Azure IaaS virtual machines. Files are fully managed file shares in the cloud. Storage for virtual machine data is provided through Azure managed disks. Data disks are used by virtual machines to store data like database files, website static content, or custom application code. The number of data disks you can add depends on the virtual machine size. Each data disk has a maximum capacity of 32,767 GB.

Cloud identity Directory-synchronized identity Guest user

What are the three types of user accounts? Azure Active Directory (Azure AD) supports three types of user accounts. The types indicate where the user is defined (in the cloud or on-premises), and whether the user is internal or external to your Azure AD organization.

Read-Only locks, which prevent any changes to the resource. Delete locks, which prevent deletion.

What are the two types of resource locks?

You only need to install the Azure CLI. You will use a shell to issue the CLI commands, but every platform has at least one built-in shell.

What do you need to install on your machine to let you execute Azure CLI commands locally?

An Azure Resource Manager template is a JSON file that defines the infrastructure and configuration for the deployment. Templates declare what will be deployed without having to write the sequence of programming commands to create it.

What is an Azure Resource Manager template?

An Azure Resource Manager template is a JSON file that defines the infrastructure and configuration for your deployment. ARM templates allow you to declare what you intend to deploy without having to write the sequence of programming commands to create it.

What is an Azure Resource Manager template?

You can create a security group for a specific security policy and apply the same permissions to all members of the group.

What kind of group account can you create so you can apply the same permissions to all group members?

You need both the base PowerShell product and the Az module. The base product gives you the shell itself, a few core commands, and programming constructs like loops, variables, etc. The Az modules adds the cmdlets you need to work with Azure resources.

What needs to be installed on your machine to let you execute Azure PowerShell cmdlets locally?

A tenant is a dedicated and trusted instance of Azure AD. A tenant is automatically created when an organization signs up for a Microsoft cloud service subscription​.

What term defines a dedicated and trusted instance of Azure Active Directory? Azure tenant Identity Azure AD account

A guest user account restricts users to just the access they need.

What type of user account allows an external organization to access your resources?

The Global Administrator role manages all aspects of Azure AD and Microsoft services that use Azure AD identities. This role can manage groups across tenants and assign other administrator roles.

Which Azure AD role enables a user to manage all groups in your Teams tenants, and also assign other admin roles?

Azure AD is primarily an identity solution. It's designed for internet-based applications by using HTTP and HTTPS communications.

Which choice correctly describes Azure Active Directory? Azure AD can be queried through LDAP. Azure AD is primarily an identity solution. Azure AD uses organizational units (OUs) and group policy objects (GPOs).

subnet

provide a way for you to implement logical divisions within your virtual network. Your network can be segmented into __________ to help improve security, increase performance, and make it easier to manage.

Resources can be in only one resource group.

Which of the following is true about resource groups? Resources can be in only one resource group. Role-based access control can't be applied to a resource group Resource groups can be nested.

Outputs are part of the template schema. Outputs are used to return values from the deployed resources.

Which of the following parameters is an element in the template schema? Includes Scripts Outputs

An ExpressRoute Circuit is a critical resources Resource locks prevent other users in the organization from accidentally deleting or modifying critical resources.

Which of the following situations would be good example of when to use a resource lock? A ExpressRoute circuit with connectivity back to the on-premises network. A non-production virtual machine used to test occasional application builds. A storage account used to temporarily store images processed in a development environment.

The table parameter formats the output as a table. This can make things much more readable for commands that produce a large amount of output.

Which parameter value can you add to most CLI commands to get concise, formatted output?

DNAT (Destination Network Address Translation)

You can configure_____ or Azure Firewall ______ rules to translate and filter inbound traffic to your subnets. Each rule in your ___ rule collection is used to translate your firewall public IP and port to a private IP and port. A ___ rule that routes traffic must be accompanied by a matching network rule to allow the traffic.

Azure portal The portal is a good choice for one-off operations like creating a long-lived storage account. The portal provides a GUI containing all the storage-account properties and provides tool tips to help select the right options for the organization's needs.

Your company is building a video-editing application that will offer online storage for user-generated video content. The videos will be stored in Azure Blobs. An Azure storage account will contain the blobs. It's unlikely the storage account would ever need to be removed and recreated. Which tool is likely to offer the quickest and easiest way to create the storage account?

Joining the device provides the features you need.

Your users want to sign-in to devices, apps, and services from anywhere. Users want to sign-in by using an organizational work or school account instead of a personal account. What should you do first?

Unstructured data

_____ is the least organized. It can be a mix of information that's stored together, but the data doesn't have a clear relationship. The format of unstructured data is referred to as non-relational. _____ can be stored by using Azure Blob Storage and Azure Data Lake Storage. Blob Storage is a highly scalable, REST-based cloud object store. Azure Data Lake Storage is the Hadoop Distributed File System (HDFS) as a service.

Premium blob storage (blob access tiers)

______ is best suited for I/O intensive workloads that require low and consistent storage latency. ________ uses solid-state drives (SSDs) for fast and consistent response times. This storage is best for workloads that perform many small transactions. An example would be a mapping application that requires frequent and fast updates.

Guest User

_______ accounts are defined outside Azure. Examples include user accounts from other cloud providers, and Microsoft accounts like an Xbox LIVE account. The source for ________ accounts is Invited user. ______accounts are useful when external vendors or contractors need access to your Azure resources.

Public IP address

________ allow your resource to communicate with the internet. You can create a ______ to connect with Azure public-facing services. can be associated with virtual machine network interfaces, internet-facing load balancers, VPN gateways, and application gateways. You can associate your resource with both dynamic and static ________.

Azure Storage Explorer

_________ is a standalone application that makes it easy to work with Azure Storage data on Windows, macOS, and Linux. With ___________, you can access multiple accounts and subscriptions, and manage all your Storage content.

Standard storage account tier

_________ storage account tiers are backed by magnetic hard disk drives (HDD). A ________ storage account tier provides the lowest cost per GB. You can use Standard tier storage for applications that require bulk storage or where data is infrequently accessed.

Premium storage account tier

__________ storage accounts tiers are backed by solid-state drives (SSD) and offer consistent low-latency performance. You can use ___________ tier storage for Azure virtual machine disks with I/O-intensive applications like databases.

Role-Based Access Control (RBAC)

a mechanism that can help you manage who can access your Azure resources. ________lets you determine what operations specific users can do on specific resources, and control what areas of a resource each user can access.

policy iniative

a set of policy definitions that could be applied to the new branch office.

Resource Manager locks

allow organizations to put a structure in place that prevents the accidental deletion of resources in Azure.

Azure Quickstart Templates

are Azure Resource Manager templates provided by the Azure community. Some templates provide everything you need to deploy your solution, while others might serve as a starting point for your template. Either way, you can study these templates to learn how to best author and structure your own templates. The README.md file provides an overview of what the template does. The azuredeploy.json file defines the resources that will be deployed. The azuredeploy.parameters.json file provides the values the template needs.

Security groups

are used to manage member and computer access to shared resources for a group of users. You can create a _______ for a specific security policy and apply the same permissions to all members of a group

Geo-zone-redundant storage (GZRS)

combines the high availability of zone-redundant storage with protection from regional outages as provided by geo-redundant storage. Data in a __________ storage account is replicated across three Azure availability zones in the primary region, and also replicated to a secondary geographic region for protection from regional disasters. Each Azure region is paired with another region within the same geography, together making a regional pair.

application rules

define fully qualified domain names (FQDNs) that can be accessed from a subnet. An example is when you need to allow Windows Update network traffic through the firewall.

Azure Active Directory Premium P1

edition lets your hybrid users access both on-premises and cloud resources. This edition supports advanced administration like dynamic groups, self-service group management, and cloud write-back capabilities. Includes Microsoft Identity Manager, an on-premises identity and access management suite. The extra features allow self-service password reset for your on-premises users.

Azure Active Directory Premium P2

edition offers Azure AD Identity Protection to help provide risk-based Conditional Access to your apps and critical company data. Privileged Identity Management is included to help discover, restrict, and monitor administrators and their access to resources, and to provide just-in-time access when needed.

Private IP address

enable communication within an Azure virtual network and your on-premises network. You create a _______ for your resource when you use a VPN gateway or Azure ExpressRoute circuit to extend your network to Azure. resource can be associated with virtual machine network interfaces, internal load balancers, and application gateways. Azure can provide an IP address (dynamic assignment) or you can assign the IP address (static assignment).

Policy-based VPNs

encrypt and direct packets through IPsec tunnels based on the IPsec policies. The policies are configured with the combinations of address prefixes between your on-premises network and the Azure virtual network. The policy (or traffic selector) is defined as an access list in the VPN device configuration.

Geo-Redundant Storage (GRS)

eplicates your data to a secondary region (hundreds of miles away from the primary location of the source data). _______ provides a higher level of durability even during a regional outage. ________ is designed to provide at least 99.99999999999999% (16 9's) durability. When your storage account has ________ enabled, your data is durable even when there's a complete regional outage or a disaster where the primary region isn't recoverable.

Microsoft 365

groups provide collaboration opportunities. Group members have access to a shared mailbox, calendar, files, SharePoint site, and more.

Azure Active Directory (Azure AD)

is Microsoft's multi-tenant cloud-based directory and identity management service. ________ helps to support user access to resources and applications

Azure Bicep

is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. If you're ever going to edit or create JSON, this is a better language for it.

Azure Table Storage (Azure Cosmos DB)

is a fully managed NoSQL database service for modern app development. As a fully managed service, _______ takes database administration off your hands with automatic management, updates, and patching. It also handles capacity management with cost-effective serverless and automatic scaling options that respond to application needs to match capacity with demand. In addition to the existing _____________ service, there's a new _____________ Table API offering that provides throughput-optimized tables, global distribution, and automatic secondary indexes. Table Storage is ideal solution for storing structured or relational data.

Azure Policy

is a service in Azure that you can use to create, assign, and manage policies. You can use policies to enforce rules on your resources to meet corporate compliance standards and service level agreements.

Azure Active Directory Free

provides user and group management, on-premises directory synchronization, and basic reports. Single sign-on access is supported across Azure, Microsoft 365, and many popular SaaS apps.

Intermediary domain mapping

is applied to a domain that's already in use within Azure. This approach might result in minor downtime while the domain is being mapped. To avoid downtime, you can use the asverify intermediary domain to validate the domain. By prepending the asverify keyword to your own subdomain, you permit Azure to recognize your custom domain without modifying the DNS record for the domain. After you modify the DNS record for the domain, your domain is mapped to the blob endpoint with no downtime.

Read-access geo-redundant storage (RA-GRS)

is based on GRS. ______ replicates your data to another data center in a secondary region, and also provides you with the option to read from the secondary region. With _____, you can read from the secondary region regardless of whether Microsoft initiates a failover from the primary to the secondary.

WAImportExport tool

is the Azure Import/Export service tool. The tool is used to prepare drives before importing data, and to repair any corrupted or missing files after data transfer.

AzCopy tool

is the next-generation command-line utility for copying data to and from Azure Blob Storage and Azure Files. ________ v10 offers a redesigned command-line interface (CLI) and new architecture for high-performance reliable data transfers. You can use _______________ to copy data between a file system and a storage account, or between storage accounts.

Active Directory Domain Services (AD DS)

is the traditional deployment of Windows Server-based Active Directory on a physical or virtual server. _________ is commonly considered to be primarily a directory service, but it's only one component of the Windows Active Directory suite of technologies. The suite also includes Active Directory Certificate Services (AD CS), Active Directory Lightweight Directory Services (AD LS), Active Directory Federation Services (AD FS), and Active Directory Rights Management Services (AD RMS).

Azure Queue Storage (Queue)

is used to store and retrieve messages. _________ messages can be up to 64 KB in size, and a queue can contain millions of messages. _______ are used to store lists of messages to be processed asynchronously. Consider a scenario where you want your customers to be able to upload pictures, and you want to create thumbnails for each picture. You could have your customer wait for you to create the thumbnails while uploading the pictures. An alternative is to use a _______. When the customer finishes the upload, you can write a message to the _______. Then you can use an Azure Function to retrieve the message from the ________ and create the thumbnails. Each of the processing parts can be scaled separately, which gives you more control when tuning the configuration.

Azure Network Peering

lets you connect virtual networks in the same or different regions, so resources in both networks can communicate with each other. enables you to seamlessly connect two Azure virtual networks. After the networks are peered, the two virtual networks operate as a single network, for connectivity purposes.

Direct mapping

lets you enable a custom domain for a subdomain to an Azure storage account. For this approach, you create a CNAME record that points from the subdomain to the Azure storage account.

Local Redundant Storage (LRS)

the lowest-cost replication option and offers the least durability compared to other strategies. If a data center-level disaster occurs, such as fire or flooding, all replicas might be lost or unrecoverable. Your application stores data that can be easily reconstructed if data loss occurs. Your data is constantly changing like in a live feed, and storing the data isn't essential. Your application is restricted to replicating data only within a country/region due to data governance requirements.

Azure Active Directory Microsoft 365 Apps

this edition provides Identity and Access Management for Microsoft 365 apps. The extra support includes branding, MFA, group access management, and self-service password reset for cloud users.

Route-based VPNs

use routes in the IP forwarding or routing table to direct packets into their corresponding tunnel interfaces. The tunnel interfaces then encrypt or decrypt the packets in and out of the VPN tunnels. The policy (or traffic selector) for ______ VPNs are configured as any-to-any (or wild cards).

Azure AD roles

you can assign roles to allow adding or changing users, resetting user passwords, managing user licenses, or managing domain names.


Related study sets

[PSYC] CHAPTER 5 -- Sensations & Perceptions

View Set

MA110 Medical Terminology Chapters 1, 2, & 3

View Set

Renin-Angiotensin-Aldosterone System

View Set

Chapter Two - The February / March Revolution of 1917

View Set

SUITABILITY: PORTFOLIO + IN-DEPTH

View Set

Med Surg Ch 56 Coordinating Care for Patients With Oral and Esophageal Disorders

View Set

Terrorism & ISIL: Iraq, Syria, & Turkey

View Set