You implement the planned changes for NSG1 and NSG2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You discover that VM3 does NOT meet the technical requirements.
You need to verify whether the issue relates to the NSGs.
What should you use?
You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.
What should you do?
You need to the appropriate sizes for the Azure virtual for Server2.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution to automate the configuration for the finance department users. The solution must meet the technical requirements.
What should you include in the recommended?
You need to meet the connection requirements for the New York office.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to implement Role1.
Which command should you run before you create Role1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to meet the technical requirement for VM4.
What should you create and configure?
You need to define a custom domain name for Azure AD to support the planned infrastructure.
Which domain name should you use?
You need to prepare the environment to meet the authentication requirements.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You are evaluating the connectivity between the virtual machines after the planned implementation of the Azure networking infrastructure.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
You need to prepare the environment to meet the authentication requirements.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE Each correct selection is worth one point.
You need to resolve the Active Directory issue.
What should you do?
Which blade should you instruct the finance department auditors to use?
You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to define a custom domain name for Azure AD to support the planned infrastructure.
Which domain name should you use?
Which blade should you instruct the finance department auditors to use?
You need to resolve the licensing issue before you attempt to assign the license again.
What should you do?
You are evaluating the name resolution for the virtual machines after the planned implementation of the Azure networking infrastructure.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
You need to add VM1 and VM2 to the backend poo! of LB1. What should you do first?
You have an Azure Active Directory (Azure AD) tenant that contains three global administrators named Admin1, Admin2, and Admin3.
The tenant is associated to an Azure subscription. Access control for the subscription is configured as shown in the Access control exhibit. (Click the Exhibit tab.)
You sign in to the Azure portal as Admin1 and configure the tenant as shown in the Tenant exhibit. (Click the Exhibit tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You need to generate a shared access signature (SAS). The solution must meet the following requirements:
• Ensure that the SAS can only be used to enumerate and download blobs stored in container1.
• Use the principle of least privilege,
Which three settings should you enable? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains a virtual machine named VM1.
You have an on-premises datacenter that contains a domain controller named DC1. ExpressRoute is used to connect the on-premises datacenter to Azure.
You need to use Connection Monitor to identify network latency between VM1 and DC1.
What should you install on DC1?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You manage a virtual network named VNet1 that is hosted in the West US Azure region.
VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.
You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.
Solution: From Azure Monitor, you create a metric on Network in and Network Out.
Does this meet the goal?
You have an Azure subscription that contains the resource groups shown in the following table.
RG1 contains the resources shown in the following table.
VM1 is running and connects to NIC1 and Disk1. NIC1 connects to VNET1.
RG2 contains a public IP address named IP2 that is in the East US location. IP2 is not assigned to a virtual machine.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You are configuring Azure AD authentication for an Azure Storage account named storage1.
You need to ensure that the members of a group named Group1 can upload files by using the Azure portal. The solution must use the principle of least privilege.
Which two roles should you assign to Group1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have an Azure subscription named Subscription1 that contains the following resource group:
Name: RG1
Region: West US
Tag: “tag1”: “value1”
You assign an Azure policy named Policy1 to Subscription1 by using the following configurations:
Exclusions: None
Policy definition: Append tag and its default value
Assignment name: Policy1
Parameters:
- Tag name: Tag2
- Tag value: Value2
After Policy1 is assigned, you create a storage account that has the following configurations:
Name: storage1
Location: West US
Resource group: RG1
Tags: “tag3”: “value3”
You need to identify which tags are assigned to each resource.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure App Service app named WebApp1 that contains two folders named Folder1 and Folder2.
You need to configure a daily backup of WebApp1. The solution must ensure that Folder2 is excluded from the backup.
What should you create first and what should you use to exclude Fokier2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an app named App1 that is installed on two Azure virtual machines named VM1 and VM2. Connections to Appl are managed by using an Azure Load Balancer.
The effective network security configurations for VM2 are shown in the following exhibit.
You discover that connections 10 Appl from 131.107.100.50 over TCP port 443 fail.
You verity that the Load Balancer rules are configured correctly.
You need to ensure that connections to Appl can be established successfully from 131.107.100.50 over TCP port 443.
Solution: You create an inbound security rule that allows any traffic from the Azureload Balancer source and has a priority of 150.
Does this meet the goal?
You have an Azure subscription named Sub1 that contains the Azure resources shown in the following table.
You assign an Azure policy that has the following settings:
Scope: Sub1
Exclusions: Sub1/RG1/VNET1
Policy definition: Append a tag and its value to resources
Policy enforcement: Enabled
Tag name: Tag4
Tag value: value4
You assign tags to the resources as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure virtual machine named VM1 that connects to a virtual network named VNet1. VM1 has the following configurations:
Subnet: 10.0.0.0/24
Availability set: AVSet
Network security group (NSG): None
Private IP address: 10.0.0.4 (dynamic)
Public IP address: 40.90.219.6 (dynamic)
You deploy a standard, Internet-facing load balancer named slb1.
You need to configure slb1 to allow connectivity to VM1.
Which changes should you apply to VM1 as you configure slb1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that uses the public IP addresses shown in the following table.
You need to create a public Azure Standard Load Balancer.
Which public IP addresses can you use?
You have an Azure subscription that contains the virtual networks shown in the following table.
Each virtual network has 50 connected virtual machines.
You need to implement Azure Bastion. The solution must meet the following requirements:
• Support host scaling.
• Support uploading and downloading files.
• Support the virtual machines on both VNet1 and VNet2.
• Minimize the number of addresses on the Azure Bastion subnet.
How should you configure Azure Bastion? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
You configure Azure Site Recovery to replicate VM1 between the East US and W«t US regions.
You perform a test failove of VM1 and specify VNET2 as the target v>riual network.
When the test version of VM1 is created, to which subnet will the virtual machine be connected?
You have an Azure App Service plan named ASP1.
CPU usage for ASP1 is shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have two Azure virtual networks named VNet1 and VNet2. VNet1 contains an Azure virtual machine named VM1. VNet2 contains an Azure virtual machine named VM2.
VM1 hosts a frontend application that connects to VM2 to retrieve data.
Users report that the frontend application is slower than usual.
You need to view the average round-trip time (RTT) of the packets from VM1 to VM2.
Which Azure Network Watcher feature should you use?
You have an Azure subscription that contains the resources in the following table.
To which subnets can you apply NSG1?
You have an Azure subscription That contains a Recovery Services vault named Vault1.
You need to enable multi-user authorization (MAU) for Vaultl.
Which resource should you create first?
You have an Azure subscription named Subscription1 that contains the storage accounts shown in the following table:
You plan to use the Azure Import/Export service to export data from Subscription1.
Which account can be used to export the data.
What should you identify?
You have an Azure subscription named Subscription1 that has a subscription ID of c276fc76-9cd4-44c9-99a7-4fd71546436e.
You need to create a custom RBAC role named CR1 that meets the following requirements:
Can be assigned only to the resource groups in Subscription1
Prevents the management of the access permissions for the resource groups
Allows the viewing, creating, modifying, and deleting of resource within the resource groups
What should you specify in the assignable scopes and the permission elements of the definition of CR1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to implement the planned changes for DCR1. Which type of query should you use?
You need to configure Azure Backup to meet the technical requirements for cont1 and share1.
To what should you set the backup frequency for each resource? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You implement the planned changes for Scope1.
You need to ensure that Scope1 meets the technical requirements.
What can you encrypt by using Scope1?
You implement the planned changes for cont2.
What is the maximum number of additional access policies you can create for cont2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to implement the planned changes for the new containers.
Which Azure services can you use for each image? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to implement the planned changes for User1.
Which roles should you assign to User1, and for which resources? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to implement the planned changes for the storage account content. Which containers and file shares can you use to organize the content?
You need to configure encryption for the virtual machines. The solution must meet the technical requirements.
Which virtual machines can you encrypt?
You need to configure WebApp1 to meet the technical requirements.
Which certificate can you use from Vault1?
You are planning the move of App1 to Azure.
You create a network security group (NSG).
You need to recommend a solution to provide users with access to App1.
What should you recommend?
You need to recommend a solution for App1. The solution must meet the technical requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to configure the Device settings to meet the technical requirements and the user requirements.
Which two settings should you modify? To answer, select the appropriate settings in the answer area.
You need to identify the storage requirements for Contoso.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You need to recommend an identify solution that meets the technical requirements.
What should you recommend?
You need to implement a backup solution for App1 after the application is moved.
What should you create first?
You need to move the blueprint files to Azure.
What should you do?
You need to meet the user requirement for Admin1.
What should you do?