DRAG DROP –
Match the term to the correct definition.
Instructions: To answer, drag the appropriate term from the column on the left to its description on the right. Each term may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point.
Select and Place:
Correct Answer: Explanation
Your company plans to deploy several web servers and several database servers to Azure.
You need to recommend an Azure solution to limit the types of connections from the web servers to the database servers.
What should you include in the recommendation?
- A. network security groups (NSGs)
- B. Azure Service Bus
- C. a local network gateway
- D. a route filter
Correct Answer: A
To what should an application connect to retrieve security tokens?
- A. an Azure Storage account
- B. Azure Active Directory (Azure AD)
- C. a certificate store
- D. an Azure key vault
Correct Answer: B
This question requires that you evaluate the underlined text to determine if it is correct.
Resource groups provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
- A. No change is needed
- B. Management groups
- C. Azure policies
- D. Azure App Service plans
Correct Answer: C
Your network contains an Active Directory forest. The forest contains 5,000 user accounts.
Your company plans to migrate all network resources to Azure and to decommission the on-premises data center.
You need to recommend a solution to minimize the impact on users after the planned migration.
What should you recommend?
- A. Implement Azure Multi-Factor Authentication (MFA)
- B. Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
- C. Instruct all users to change their password
- D. Create a guest user account in Azure Active Directory (Azure AD) for each user
Correct Answer: B
HOTSPOT –
You create a resource group named RG1 in Azure Resource Manager.
You need to prevent the deletion of the resources in RG1.
Which setting should you use? To answer, select the appropriate setting in the answer area.
Hot Area:
Correct Answer: Explanation
Which Azure service should you use to store certificates?
- A. Azure Security Center
- B. an Azure Storage account
- C. Azure Key Vault
- D. Azure Information Protection
Correct Answer: C
References:
https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview
You have a resource group named RG1.
You plan to create virtual networks and app services in RG1.
You need to prevent the creation of virtual machines only in RG1.
What should you use?
- A. a lock
- B. an Azure role
- C. a tag
- D. an Azure policy
Correct Answer: A
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources
What can Azure Information Protection encrypt?
- A. network traffic
- B. documents and email messages
- C. an Azure Storage account
- D. an Azure SQL database
Correct Answer: B
References:
https://docs.microsoft.com/en-us/azure/information-protection/compliance https://docs.microsoft.com/en-us/azure/information-protection/quickstart-label-dnf-protectedemail
What should you use to evaluate whether your company’s Azure environment meets regulatory requirements?
- A. the Knowledge Center website
- B. the Advisor blade from the Azure portal
- C. Compliance Manager from the Security Trust Portal
- D. the Security Center blade from the Azure portal
Correct Answer: D
References:
https://azure.microsoft.com/en-us/blog/regulatory-compliance-dashboard-in-azure-security-center-now-available/
HOTSPOT –
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer: 
References:
https://docs.microsoft.com/en-us/azure/advisor/advisor-overview https://microsoft.github.io/AzureTipsAndTricks/blog/tip173.html
This question requires that you evaluate the underlined text to determine if it is correct.
Your company implements Azure policies to automatically add a watermark to Microsoft Word documents that contain credit card information.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
- A. No change is needed.
- B. DDoS protection
- C. Azure Information Protection
- D. Azure Active Directory (Azure AD) Identity Protection
Correct Answer: C
References:
https://docs.microsoft.com/en-us/azure/information-protection/infoprotect-quick-start-tutorial
This question requires that you evaluate the underlined text to determine if it is correct.
From Azure Monitor, you can view which user turned off a specific virtual machine during the last 14 days.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
- A. No change is needed
- B. Azure Event Hubs
- C. Azure Activity Log
- D. Azure Service Health
Correct Answer: C
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit
This question requires that you evaluate the underlined text to determine if it is correct.
You have an Azure virtual network named VNET1 in a resource group named RG1.
You assign an Azure policy specifying that virtual networks are not an allowed resource type in RG1. VNET1 is deleted automatically.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
- A. No change is needed
- B. has moved automatically to another resource group
- C. continues to function normally
- D. is now a read-only object
Correct Answer: A
References:
https://docs.microsoft.com/en-us/azure/governance/policy/overview
HOTSPOT –
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer: 
References:
https://docs.microsoft.com/en-us/azure/security/azure-security-data-encryption-best-practices#protect-data-in-transit
Your company has an Azure environment that contains resources in several regions.
A company policy states that administrators must only be allowed to create additional Azure resources in a region in the country where their office is located.
You need to create the Azure resource that must be used to meet the policy requirement.
What should you create?
- A. a read-only lock
- B. an Azure policy
- C. a management group
- D. a reservation
Correct Answer: B
This question requires that you evaluate the underlined text to determine if it is correct.
Authorization is the process of verifying a user’s credentials.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
- A. No change is needed
- B. Authentication
- C. Federation
- D. Ticketing
Correct Answer: B
You need to configure an Azure solution that meets the following requirements:
✑ Secures websites from attacks
✑ Generates reports that contain details of attempted attacks
What should you include in the solution?
- A. Azure Firewall
- B. a network security group (NSG)
- C. Azure Information Protection
- D. DDoS protection
Correct Answer: D
HOTSPOT –
You plan to implement several security services for an Azure environment. You need to identify which Azure services must be used to meet the following security requirements:
✑ Monitor threats by using sensors
✑ Enforce azure Multi-Factor Authentication (MFA) based on a condition
Which Azure service should you identify for each requirement? To answer, select the appropriate option in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer: 
HOTSPOT –
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer: 
Related Posts
