2019 Free Microsoft EnsurePass AZ-102 Dumps VCE and PDF Download Part 1

EnsurePass
Exam Dumps

AZ-102 Dumps VCE and PDF

http://www.ensurepass.com/AZ-102.html

 

QUESTION 1

You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated to a different Azure AD tenant.

 

Subscription1 contains a virtual network named VNet1.VNet1 contains an Azure virtual machine named VM1 and has an IP address space of 10.0.0.0/16.

 

Subscription2 contains a virtual network named VNet2. VNet2 contains an Azure virtual machine named VM2 and has an IP address space of 10.10.0.0/24.

 

You need to connect VNet1 to VNet2.

 

What should you do first?

 

A.

Move VNet1 to Subscription2.

B.

Modify the IP address space of VNet2.

C.

Provision virtual network gateways.

D.

Move VM1 to Subscription2.

 

Correct Answer: C

Explanation:
The virtual networks can be in the same or different regions, and from the same or different subscriptions. When connecting VNets from different subscriptions, the subscriptions do not need to be associated with the same Active Directory tenant.

 

Configuring a VNet-to-VNet connection is a good way to easily connect VNets. Connecting a virtual network to another virtual network using the VNet-to-VNet connection type (VNet2VNet) is similar to creating a Site-to-Site IPsec connection to an on-premises location. Both connectivity types use a VPN gateway to provide a secure tunnel using IPsec/IKE, and both function the same way when communicating.

 

The local network gateway for each VNet treats the other VNet as a local site. This lets you specify additional address space for the local network gateway in order to route traffic.

 

References:

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal

 

 

QUESTION 2

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

 







 

When you are finished performing all the tasks, click the `Next’ button.

 

Note that you cannot return to the lab once you click the `Next’ button. Scoring occur in the background while you complete the rest of the exam.

 

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

 

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

 

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

 

To start the lab

You may start the lab by clicking the Next button.

 

You plan to deploy several Azure virtual machines and to connect them to a virtual network named VNET1007.

 

You need to ensure that future virtual machines in VNET1007 can register their name in an internal DNS zone named corp7523690.com. The zone must NOT be hosted on a virtual machine.

 

What should you do from Azure Cloud Shell?

 

To complete this task, start Azure Cloud Shell and select PowerShell(Linux). Click Show Advanced Settings, and then enter corp7523690n1 in the Storage account text box and File1 in the File share text box. Click Create storage, and then complete the task.

 

Correct Answer: See solution below.

Explanation:

Step 1: New-AzureRMResourceGroup -name MyResourceGroup

 

Before you create the DNS zone, create a resource group to contain the DNS zone.

 

Step 2: New-AzureRmDnsZone -Name corp7523690.com -ResourceGroupName MyResourceGroup

 

A DNS zone is created by using the New-AzureRmDnsZone cmdlet. This creates a DNS zone called corp7523690.com in the resource group called MyResourceGroup.

 

References:

https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-powershell

 

 

QUESTION 3

You purchase a new Azure subscription named Subscription1.

 

You create a virtual machine named VM1 in Subscription1. VM1 is not protected by Azure Backup.

 

You need to protect VM1 by using Azure Backup. Backups must be created at 01:00 and stored for 30 days.

 

What should you do?

 

To answer, select the appropriate options in the answer area.

 

NOTE: Each correct selection is worth one point.

 


 

Correct Answer:


 

 

QUESTION 4

You have an Azure subscription named Subscription1. Subscription1 contains a virtual machine named VM1.

 

You have a computer named Computer1 that runs Windows 10. Computer1 is connected to the Internet.

 

You add a network interface named Interface1 to VM1 as shown in the exhibit (Click the Exhibit button.)

 


 

From Computer1, you attempt to connect to VM1 by using Remote Desktop, but the connection fails.

 

You need to establish a Remote Desktop connection to VM1.

 

What should you do first?

 

A.

Start VM1.

B.

Attach a network interface.

C.

Delete the DenyAllOutBound outbound port rule.

D.

Delete the DenyAllInBound inbound port rule.

 

Correct Answer: A

 

 

 

 

 

 

 

 

QUESTION 5

You have an Azure Active Directory (Azure AD) tenant named contosocloud.onmicrosoft.com.

 

Your company has a public DNS zone for contoso.com.

 

You add contoso.com as a custom domain name to Azure AD.

 

You need to ensure that Azure can verify the domain name.

 

Which type of DNS record should you create?

 

A.

PTR

B.

MX

C.

NSEC3

D.

RRSIG

 

Correct Answer: B

Explanation:
To verify your custom domain name (example)

 

Sign in to the Azure portal using a Global administrator account for the directory.

Select Azure Active Directory, and then select Custom domain names.

On the Fabrikam – Custom domain names page, select the custom domain name, Contoso.

On the Contoso page, select Verify to make sure your custom domain is properly registered and is valid for Azure AD. Use either the TXT or the MX record type.

 


 

References:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain

 

 

QUESTION 6

You have an Azure subscription that contains a storage account.

 

You have an on-premises server named Server1 that runs Window Server 2016. Server1 has 2 TB of data.

 

You need to transfer the data to the storage account by using the Azure Import/Export service.

 

In which order should you perform the actions?

 

To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

 

NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.

 


 

Correct Answer:


 

 

 

 

 

 

QUESTION 7

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

 







 

When you are finished performing all the tasks, click the `Next’ button.

 

Note that you cannot return to the lab once you click the `Next’ button. Scoring occur in the background while you complete the rest of the exam.

 

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

 

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

 

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

 

To start the lab

You may start the lab by clicking the Next button.

 

You need to deploy two Azure virtual machines named VM1003a and VM1003b based on the Ubuntu Server 17.10 image. The deployment must meet the following requirements:

 

Provide a Service Level Agreement (SLA) of 99.95 percent availability.

Use managed disks.

 

What should you do from the Azure portal?

 

Correct Answer: See solution below.

Explanation:

1. Open the Azure portal.

2. On the left menu, select All resources. You can sort the resources by Type to easily find your images.

3. Select the image you want to use from the list. The image Overview page opens.

4. Select Create VM from the menu.

5. Enter the virtual machine information.

Select VM1003a as the name for the first Virtual machine.The user name and password entered here will be used to log in to the virtual machine. When complete, select OK. You can create the new VM in an existing resource group, or choose Create new to create a new resource group to store the VM.

6. Select a size for the VM. To see more sizes, select View all or change the Supported disk type filter.

7. Under Settings, make changes as necessary and select OK.

8. On the summary page, you should see your image name listed as a Private image. Select Ok to start the virtual machine deployment.

 

Repeat the procedure for the second VM and name it VM1003b.

 

References:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/create-vm-generalized-managed

 

 

QUESTION 8

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

 







 

When you are finished performing all the tasks, click the `Next’ button.

 

Note that you cannot return to the lab once you click the `Next’ button. Scoring occur in the background while you complete the rest of the exam.

 

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

 

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

 

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

 

To start the lab

You may start the lab by clicking the Next button.

 

You plan to move backup files and documents from an on-premises Windows file server to Azure Storage.

 

The backup files will be stored as blobs.

 

You need to create a storage account named corpdata7523690n2. The solution must meet the following requirements:

 

Ensure that the documents are accessible via drive mappings from Azure virtual machines that run Windows Server 2016.

Provide the highest possible redundancy for the documents.

Minimize storage access costs.

 

What should you do from the Azure portal?

 

Correct Answer: See solution below.

Explanation:

Step 1: In the Azure portal, click All services. In the list of resources, type Storage Accounts. As you begin typing, the list filters based on your input. Select Storage Accounts.

Step 2: On the Storage Accounts window that appears, choose Add.

Step 3: Select the subscription in which to create the storage account.

Step 4: Under the Resource group field, select Create New. Create a new Resource

Step 5: Enter a name for your storage account: corpdata7523690n2

Step 6: For Account kind select: General-purpose v2 accounts (recommended for most scenarios) General-purpose v2 accounts is recommended for most scenarios. . General-purpose v2 accounts deliver the lowest per-gigabyte capacity prices for Azure Storage, as well as industry-competitive transaction prices.

Step 7: For replication select: Read-access geo-redundant storage (RA-GRS)

Read-access geo-redundant storage (RA-GRS) maximizes availability for your storage account. RA-GRS provides read-only access to the data in the secondary location, in addition to geo-replication across two regions.

 

References:

https://docs.microsoft.com/en-us/azure/storage/common/storage-quickstart-create-account

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview

 

 

QUESTION 9

You have an Azure subscription that contains 100 virtual machines.

 

You regularly create and delete virtual machines.

 

You need to identify unused disks that can be deleted.

 

What should you do?

 

A.

From Microsoft Azure Storage Explorer, view the Account Management properties.

B.

From the Azure portal, configure the Advisor recommendations.

C.

From Cloudyn, open the Optimizer tab and create a report.

D.

From Cloudyn, create a Cost Management report.

 

Correct Answer: A

Explanation:
You can find unused disks in the Azure Storage Explorer console. Once you drill down to the Blob containers under a storage account, you can see the lease state of the residing VHD (the lease state determines if the VHD is being used by any resource) and the VM to which it is leased out. If you find that the lease state and the VM fields are blank, it means that the VHD in question is unused.

 

Note:

The ManagedBy property stores the Id of the VM to which Managed Disk is attached to. If the ManagedBy property is $null then it means that the Managed Disk is not attached to a VM

 

References:

https://cloud.netapp.com/blog/reduce-azure-storage-costs

 

 

QUESTION 10

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

 

You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.

 

You need to view the date and time when the resources were created in RG1.

 

Solution: From the Subscriptions blade, you select the subscription, and then clickProgrammatic deployment.

 

Does this meet the goal?

 

A.

Yes

B.

No

 

Correct Answer: B

 


 

2019 Free Microsoft EnsurePass AZ-101 Dumps VCE and PDF Download Part 2

EnsurePass Exam Dumps

AZ-101 Dumps VCE and PDF

http://www.ensurepass.com/AZ-101.html

 

QUESTION 11

HOTSPOT

You create an Azure web app named WebApp1. WebApp1 has the autoscale settings shown in the following exhibit.


The scale out and scale in rules are configured to have a duration of 10 minutes and a cool down time of five minutes.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.


Correct Answer:


QUESTION 12

You have an Azure App Service plan named AdatumASP1 that uses the P2v2 pricing tier. AdatumASP1 hosts Ml Azure web app named adatumwebapp1. You need to delegate the management of adatumwebapp1 to a group named Devs. Devs must be able to perform the following tasks:

Add deployment slots.

View the configuration of AdatumASP1.

Modify the role assignment for adatumwebapp1.

Which role should you assign to the Devs group?

A. Owner
B. Contributor
C. Web Plan Contributor
D. Website Contributor

Correct Answer: B

Explanation:
The Contributor role lets you manage everything except access to resources.

QUESTION 13

You have an Azure Service Bus.

You need to implement a Service Bus queue that guarantees first in first-out (FIFO) delivery of messages.

What should you do?

A. Set the Lock Duration setting to 10 seconds.
B. Enable duplicate detection.
C. Set the Max Size setting of the queue to 5 GB.
D. Enable partitioning.
E. Enable sessions.

Correct Answer: E

Explanation:
Through the use of messaging sessions you can guarantee ordering of messages, that is first-in-first-out (FIFO) delivery of messages.

References:

https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-bus-queues-compared-contrasted

QUESTION 14

DRAG DROP

You have an Azure subscription that contains an Azure Service Bus named Bus1.

Your company plans to deploy two Azure web apps named App1 and App2. The web apps will create messages that have the following requirements:

Each message created by App1 must be consumed by only a single consumer.

Each message created by App2 will be consumed by multiple consumers.

Which resource should you create for each web app?

To answer, drag the appropriate resources to the correct web apps. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Correct Answer:


QUESTION 15

DRAG DROP

You are developing an Azure web app named WebApp1. WebApp1 uses an Azure App Service plan named Plan1 that uses the B1 pricing tier.

You need to configure WebApp1 to add additional instances of the app when CPU usage exceeds 70 percent for 10 minutes.

Which three actions should you perform in sequence?

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Correct Answer:


QUESTION 16

You are building a custom Azure function app to connect to Azure Event Grid.

You need to ensure that resources are allocated dynamically to the function app. Billing must be based on the executions of the app.

What should you configure when you create the function app?

A. the Windows operating system and the Consumption plan hosting plan
B. the Windows operating system and the App Service plan hosting plan
C. the Docker container and an App Service plan that uses the Bl1 pricing tier
D. the Docker container and an App Service plan that uses the SI pricing

Correct Answer: A

Explanation:
Azure Functions runs in two different modes: Consumption plan and Azure App Service plan. The Consumption plan automatically allocates compute power when your code is running. Your app is scaled out when needed to handle load, and scaled down when code is not running.

QUESTION 17

HOTSPOT

You have an Azure web app named WebApp1 that runs in an Azure App Service plan named ASP1. ASP1 is based on the D1 pricing tier.

You need to ensure that WebApp1 can be accessed only from computers on your on-premises network. The solution must minimize costs.

What should you configure?

To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Correct Answer:


QUESTION 18

You have an Azure App Service plan that hosts an Azure App Service named App1.

You configure one production slot and four staging slots for App1.

You need to allocate 10 percent of the traffic to each staging slot and 60 percent of the traffic to the production slot.

What should you add to Appl1?

A. slots to the Testing in production blade
B. a performance test
C. a WebJob
D. templates to the Automation script blade

Correct Answer: A

Explanation:
Besides swapping, deployment slots offer another killer feature: testing in production. Just like the name suggests, using this, you can actually test in production. This means that you can route a specific percentage of user traffic to one or more of your deployment slots.

Example:


References:

https://stackify.com/azure-deployment-slots/

QUESTION 19

HOTSPOT

You have an Azure web app named WebApp1.

You need to provide developers with a copy of WebApp1 that they can modify without affecting the production WebApp1. When the developers finish testing their changes, you must be able to switch the current line version of WebApp1 to the new version.

Which command should you run prepare the environment?

To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Correct Answer:


QUESTION 20

A web developer creates a web application that you plan to deploy as an Azure web app.

Users must enter credentials to access the web application.

You create a new web app named WebAppl1 and deploy the web application to WebApp1.

You need to disable anonymous access to WebApp1.

What should you configure?

A. Advanced Tools
B. Authentication/ Authorization
C. Access control (IAM)
D. Deployment credentials

Correct Answer: B

Explanation:
Anonymous access is an authentication method. It allows users to establish an anonymous connection.

References:

https://docs.microsoft.com/en-us/biztalk/core/guidelines-for-resolving-iis-permissions-problems

Topic 3, Lab 1

SIMULATION

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

To start the lab

You may start lab by clicking the Next button

Tasks

Click to expand each objective

To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.

Instructions

Performance Based Lab

This type of question asks you to perform tasks in a virtual environment.

The screen for this type of question includes a virtual machine window and a tasks pane.

The window is a remotely connected live environment where you perform tasks on real software and applications.

On the right is a Tasks pane that lists the tasks you need to perform in the lab. Each task can be expanded or collapsed using the “+” or “-” symbols. A checkbox is provided for each task. This is provided for convenience, so you can mark each task as you complete it.

Tasks

Click to expand each objective

Configure servers

Add the “Print and Document Services” role to server LON-SVR1, installing any required management features and enabling both Print and LPD Services.

+Configure file and share access

When you are finished performing all the tasks, click the `Next’ button.

Note that you cannot return to the lab once you click the `Next’ button. Scoring occur in the background while you complete the rest of the exam.

Comments

Once the exam completes, the comment period will begin and you will have the opportunity to provide comments to Microsoft about the exam questions. To launch the comment period, click the “Finish” and then “Comment” buttons. To skip the comment period and the exam, click Exit.

You can navigate to a question from the Review screen to provide a comment. Please, see the Review Screen tab in the Review Screen help Menu (which can be accessed from the Review Screen) for details on accessing questions from the Review Screen.

To comment on a question, navigate to that question and click the Give Feedback icon. When you have entered your comment in the comment window, click Submit to close the window. To navigate to the Review screen again, click the Review button. You may navigate through all questions using the Next and Previous buttons. To skip commenting, go to the Review Screen by selecting the Review Screen button in the upper left-hand corner and from the Review Screen, select “Finished”.

Controls Available

For any question, one or more of the following controls might be available.


Keyboard Shortcuts Available

Exam features may be accessed using keyboard shortcuts. The following table describes the keyboard shortcuts that are available during this exam.

Some keyboard shortcuts require that you press two or more keys at the same time. These keys are separated by a plus sign (+) in the table below.




 

2019 Free Microsoft EnsurePass AZ-101 Dumps VCE and PDF Download Part 1

EnsurePass Exam Dumps

AZ-101 Dumps VCE and PDF

http://www.ensurepass.com/AZ-101.html

 

QUESTION 1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.

You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.

Solution: On Subscription1, you assign the Logic App Operator role to the Developers group.

Does this meet the goal?

A. Yes
B. No

Correct Answer: B

Explanation:
The Logic App Operator role only lets you read, enable and disable logic app. With it you can view the logic app and run history, and enable/disable. Cannot edit or update the definition.

You would need the Logic App Contributor role.

References:

https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app

QUESTION 2

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure web app named Appl. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.

You discover that App1 stops each day after running continuously for 60 minutes.

You need to ensure that App1 can run continuously for the entire day.

Solution: You change the pricing tier of Plan1 to Basic. Does this meet the goal?

A. Yes
B. No

Correct Answer: A

Explanation:
The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.

References:

https://azure.microsoft.com/en-us/pricing/details/app-service/windows/

QUESTION 3

Note: This question is part of a series of questions that present the same scenario goals. Some question sets might have more than one correct solution, while others question in the series contains a unique solution that might meet the stated not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure web app named Appl. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.

You discover that App1 stops each day after running continuously for 60 minutes.

You need to ensure that App1 can run continuously for the entire day.

Solution: You add a triggered WebJob to App1.

Does this meet the goal?

A. Yes
B. No

Correct Answer: B

Explanation:
You need to change to Basic pricing Tier.

Note:

The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.

References:

https://azure.microsoft.com/en-us/pricing/details/app-service/windows/

QUESTION 4

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.

You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.

Solution: On Subscription1, you assign the DevTest Labs User role to the Developers group.

Does this meet the goal?

A. Yes
B. No

Correct Answer: B

Explanation:
DevTest Labs User role only lets you connect, start, restart, and shutdown virtual machines in your Azure DevTest Labs.

You would need the Logic App Contributor role.

References:

https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app

QUESTION 5

Note This question is part of a series of questions that present the same seer Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a virtual network named VNet1 that is hosted in the West US Azure region.

VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.

You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.

Solution: From Performance Monitor, you create a Data Collector Set (DCS)

Does this meet the goal?

A. Yes
B. No

Correct Answer: B

Explanation:
You should use Azure Network Watcher.

References:

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

QUESTION 6

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals.

Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to these questions will not appear m the review screen.

You manage a virtual network named VNetl1 that is hosted in the West US Azure region.

VNetl1 hosts two virtual machines named VM1 and VM2 that run Windows Server.

You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.

Solution: From Azure Network Watcher, you create a packet capture.

Does this meet the goal?

A. Yes
B. No

Correct Answer: A

Explanation:
Azure Network Watcher provides tools to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network.

Capture packets to and from a VM

Advanced filtering options and fine-tuned controls, such as the ability to set time and size limitations, provide versatility. The capture can be stored in Azure Storage, on the VM’s disk, or both. You can then analyze the capture file using several standard network capture analysis tools.

Network Watcher variable packet capture allows you to create packet capture sessions to track traffic to and from a virtual machine. Packet capture helps to diagnose network anomalies both reactively and proactivity.

References:

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

QUESTION 7

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscript contains a resource group named Dev.

Adatum contains a group named Developers.

You need to provide the Developers group with the ability to create Azure logic apps in the Dev, resource group.

Solution: On Dev, you assign the Logic App Contributor role to the Developers group.

Does this meet the goal?

A. Yes
B. No

Correct Answer: A

Explanation:
The Logic App Contributor role lets you manage logic app, but not access to them. It provides access to view, edit, and update a logic app.

References:

https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app

QUESTION 8

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it As a result these questions will not appear in the review screen.

You have an Azure wet) app named Appl. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.

You discover that App1 stops each day after running continuously for 60 minutes.

You need to ensure that App1 can run continuously for the entire day.

Solution: You change the pricing tier of Plan1 to Shared.

Does this meet the goal?

A. Yes
B. No

Correct Answer: B

Explanation:
You should switch to the Basic Tier.

The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Shared Tier provides 240 CPU minutes / day. The Basic tier has no such cap.

References:

https://azure.microsoft.com/en-us/pricing/details/app-service/windows/

QUESTION 9

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a virtual network named VNet1 that is hosted in the West US Azure region.

VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.

You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.

Solution: From Azure Monitor, you create a metric on Network In and Network Out.

Does this meet the goal?

A. Yes
B. No

Correct Answer: B

Explanation:
You should use Azure Network Watcher.

References:

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

Topic 2, Mix Questions Set B (Implement advanced networking)

QUESTION 10

You have a Microsoft SQL Server Always On availability group on Azure virtual machines. You need to configure an Azure internal load balancer as a listener for the availability group. What should you do?

A. Enable Floating IP.
B. Set Session persistence to Client IP and protocol.
C. Set Session persistence to Client IP.
D. Create an HTTP health probe on port 1433.

Correct Answer: A


2019 Free Microsoft EnsurePass AZ-100 Dumps VCE and PDF Download Topic 1, Humongous Insurance

EnsurePass Dumps

AZ-100 Dumps VCE and PDF

http://www.ensurepass.com/AZ-100.html

 

Topic 1, Humongous Insurance

Overview

Existing Environment

Active Directory Environment

Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com. The functional level of the forest is Windows Server 2012.

You recently provisioned an Azure Active Directory (Azure AD) tenant.

Network Infrastructure

Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.

Each office has several link load balancers that provide access to the servers.

Active Directory Issue

Several users in humongousinsurance.com have UPNs that contain special characters.

You suspect that some of the characters are unsupported in Azure AD.

Licensing Issue

You attempt to assign a license in Azure to several users and receive the following error message: “Licenses not assigned. License agreement failed for one user.”

You verify that the Azure subscription has the available licenses.

Requirements

Planned Changes

Humongous Insurance plans to open a new office in Paris. The Paris office will contain 1,000 users who will be hired during the next 12 months. All the resources used by the Paris office users will be hosted in Azure.

Planned Azure AD Infrastructure

The on-premises Active Directory domain will be synchronized to Azure AD.

All client computers in the Paris office will be joined to an Azure AD domain.

Planned Azure Networking Infrastructure

You plan to create the following networking resources in a resource group named All_Resources:

Default Azure system routes that will be the only routes used to route traffic

A virtual network named Paris-VNet that will contain two subnets named Subnet1 and Subnet2

A virtual network named ClientResources-VNet that will contain one subnet named ClientSubnet

A virtual network named AllOffices-VNet that will contain two subnets named Subnet3 and Subnet4

You plan to enable peering between Paris-VNet and AllOffices-VNet. You will enable the Use remote gateways setting for the Paris-VNet peerings.

You plan to create a private DNS zone named humongousinsurance.local and set the registration network to the ClientResources-VNet virtual network.

Planned Azure Computer Infrastructure

Each subnet will contain several virtual machines that will run either Windows Server 2012 R2, Windows Server 2016, or Red Hat Linux.

Department Requirements

Humongous Insurance identifies the following requirements for the company’s departments:

Web administrators will deploy Azure web apps for the marketing department. Each web app will be added to a separate resource group. The initial configuration of the web apps will be identical. The web administrators have permission to deploy web apps to resource groups.

During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.

Authentication Requirements

Users in the Miami office must use Azure Active Directory Seamless Single Sign-on (Azure AD Seamless SSO) when accessing resources in Azure.

QUESTION 1

Which blade should you instruct the finance department auditors to use?

A. invoices
B. partner information
C. cost analysis
D. External services

Correct Answer: A

QUESTION 2

You need to resolve the Active Directory issue. What should you do?

A. From Active Directory Users and Computers, select the user accounts, and then modify the User Principal Name value.
B. Run idfix.exe , and then use the Edit action.
C. From Active Directory Domains and Trusts, modify the list of UPN suffixes.
D. From Azure AD Connect, modify the outbound synchronization rule.

Correct Answer: B

Explanation:
IdFix is used to perform discovery and remediation of identity objects and their attributes in an on-premises Active Directory environment in preparation for migration to Azure Active Directory. IdFix is intended for the Active Directory administrators responsible for directory synchronization with Azure Active Directory.

Scenario:

Active Directory Issue

Several users in humongousinsurance.com have UPNs that contain special characters.

You suspect that some of the characters are unsupported in Azure AD.

References:

https://www.microsoft.com/en-us/download/details.aspx?id=36832

QUESTION 3

You need to prepare the environment to meet the authentication requirements.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE Each correct selection is worth one point.

A. Azure Active Directory (AD) Identity Protection and an Azure policy
B. a Recovery Services vault and a backup policy
C. an Azure Key Vault and an access policy
D. an Azure Storage account and an access policy

Correct Answer: BD

Explanation:
D: Seamless SSO works with any method of cloud authentication – Password Hash Synchronization or Pass-through Authentication, and can be enabled via Azure AD Connect.

B: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure AD URL to all or selected users’ Intranet zone settings by using Group Policy in Active Directory: https://autologon.microsoftazuread-sso.com

QUESTION 4

You need to define a custom domain name for Azure AD to support the planned infrastructure. Which domain name should you use?

A. Join the client computers in the Miami office to Azure AD.
B. Add http://autologon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miami office.
C. Allow inbound TCP port 8080 to the domain controllers in the Miami office.
D. Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication
E. Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miami office.

Correct Answer: BD

Explanation:
Every Azure AD directory comes with an initial domain name in the form of domainname.onmicrosoft.com. The initial domain name cannot be changed or deleted, but you can add your corporate domain name to Azure AD as well. For example, your organization probably has other domain names used to do business and users who sign in using your corporate domain name. Adding custom domain names to Azure AD allows you to assign user names in the directory that are familiar to your users, such as `alice@contoso.com.’ instead of ‘alice@domain name.onmicrosoft.com’.

Scenario:

Network Infrastructure: Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.

Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com

Planned Azure AD Infrastructure: The on-premises Active Directory domain will be synchronized to Azure AD.

References:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain

QUESTION 5

You need to define a custom domain name for Azure AD to support the planned infrastructure. Which domain name should you use?

A. ad.humongousinsurance.com
B. humongousinsurance.onmicrosoft.com
C. humongousinsurance.local
D. humongousinsurance.com

Correct Answer: D

Explanation:
Every Azure AD directory comes with an initial domain name in the form of domainname.onmicrosoft.com. The initial domain name cannot be changed or deleted, but you can add your corporate domain name to Azure AD as well. For example, your organization probably has other domain names used to do business and users who sign in using your corporate domain name. Adding custom domain names to Azure AD allows you to assign user names in the directory that are familiar to your users, such as `alice@contoso.com.’ instead of ‘alice@domain name.onmicrosoft.com’.

Scenario:

Network Infrastructure: Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.

Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com

Planned Azure AD Infrastructure: The on-premises Active Directory domain will be synchronized to Azure AD.

References:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain

QUESTION 6

Which blade should you instruct the finance department auditors to use?

A. Partner information
B. Overview
C. Payment methods
D. Invoices

Correct Answer: D

Explanation:
You can opt in and configure additional recipients to receive your Azure invoice in an email. This feature may not be available for certain subscriptions such as support offers, Enterprise Agreements, or Azure in Open.

Select your subscription from the Subscriptions page. Opt-in for each subscription you own. Click Invoices then Email my invoice.

Click Opt in and accept the terms.

Scenario: During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.

References:

https://docs.microsoft.com/en-us/azure/billing/billing-download-azure-invoice-daily-usage-date

QUESTION 7

DRAG DROP

You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible.

Which three actions should you perform in sequence?

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Correct Answer: