2019 Free Microsoft EnsurePass AZ-102 Dumps VCE and PDF Download Part 5

 

EnsurePass
Exam Dumps

AZ-102 Dumps VCE and PDF

http://www.ensurepass.com/AZ-102.html

 

QUESTION 41

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

 

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups.

 

Another administrator plans to create several network security groups (NSGs) in the subscription.

 

You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.

 

Solution: You create a resource lock, and then you assign the lock to the subscription.

 

Does this meet the goal?

 

A.

Yes

B.

No

 

Correct Answer: B

Explanation:
How can I freeze or lock my production/critical Azure resources from accidental deletion? There is way to do this with both ASM and ARM resources using Azure resource lock.

 

References:

https://blogs.msdn.microsoft.com/azureedu/2016/04/27/using-azure-resource-manager-policy-and-azure-lock-to-control-your-azure-resources/

 

 

QUESTION 42

You have 100 Azure subscriptions. All the subscriptions are associated to the same Azure Active Directory (Azure AD) tenant named contoso.com.

 

You are a global administrator.

 

You plan to create a report that lists all the resources across all the subscriptions.

 

You need to ensure that you can view all the resources in all the subscriptions.

 

What should you do?

 

A.

From the Azure portal, modify the profile settings of your account.

B.

From Windows PowerShell, run the Add-AzureADAdministrativeUnitMember cmdlet.

C.

From Windows PowerShell, run the New-AzureADUserAppRoleAssignment cmdlet.

D.

From the Azure portal, modify the properties of the Azure AD tenant.

 

Correct Answer: C

Explanation:
The New-AzureADUserAppRoleAssignment cmdlet assigns a user to an application role in Azure Active Directory (AD). Use it for the application report.

 

References:

https://docs.microsoft.com/en-us/powershell/module/azuread/new-azureaduserapproleassignment?view=azureadps-2.0

 

 

QUESTION 43

You have an Azure subscription named Subscription1.

 

Subscription1 contains the virtual machines in the following table.

 


Subscription1 contains a virtual network named VNet1 that has the subnets in the following table.

 


 

VM3 has a network adapter named NIC3. IP forwarding is enabled on NIC3. Routing is enabled on VM3.

 

You create a route table named RT1. RT1 is associated to Subnet1 and Subnet2 and contains the routes in the following table.

 


 

You apply RT1 to Subnet1.

 

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

 

NOTE: Each correct selection is worth one point.

 


 

Correct Answer:


 

 

QUESTION 44

You sign up for Azure Active Directory (Azure AD) Premium.

 

You need to add a user named admin1@contoso.com as an administrator on all the computers that will be joined to the Azure AD domain.

 

What should you configure in Azure AD?

 

A.

Device settings from the Devices blade.

B.

General settings from the Groups blade.

C.

User settings from the Users blade.

D.

Providers from the MFA Server blade.

 

Correct Answer: C

Explanation:
When you connect a Windows device with Azure AD using an Azure AD join, Azure AD adds the following security principles to the local administrators group on the device:

 

The Azure AD global administrator role

The Azure AD device administrator role

The user performing the Azure AD join

 

In the Azure portal, you can manage the device administrator role on the Devices page. To open the Devices page:

 

1. Sign in to your Azure portal as a global administrator or device administrator.

2. On the left navbar, click Azure Active Directory.

3. In the Manage section, click Devices.

4. On the Devices page, click Device settings.

5. To modify the device administrator role, configure Additional local administrators on Azure AD joined devices.

 

References:

https://docs.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin

 

 

 

 

 

QUESTION 45

You have a resource group named RG1. RG1 contains an Azure Storage account named storageaccount1 and a virtual machine named VM1 that runs Windows Server 2016. Storageaccount1 contains the disk files for VM1. You apply a ReadOnly lock to RG1. What can you do from the Azure portal?

 

A.

Generate an automation script for RG1.

B.

View the keys of storageaccount1.

C.

Upload a blob to storageaccount1.

D.

Start VM1.

 

Correct Answer: B

Explanation:
ReadOnly means authorized users can read a resource, but they can’t delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.

 

References:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources

 

 

QUESTION 46

You have an Azure Linux virtual machine that is protected by Azure Backup.

 

One week ago, two files were deleted from the virtual machine.

 

You need to restore the deleted files to an on-premises computer as quickly as possible.

 

Which four actions should you perform in sequence?

 

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

 


 

Correct Answer:


 

 

QUESTION 47

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

 







 

When you are finished performing all the tasks, click the `Next’ button.

 

Note that you cannot return to the lab once you click the `Next’ button. Scoring occur in the background while you complete the rest of the exam.

 

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

 

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

 

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

 

To start the lab

You may start the lab by clicking the Next button.

 

You need to create a virtual network named VNET1008 that contains three subnets named subnet0, subnet1, and subnet2. The solution must meet the following requirements:

 

Connections from any of the subnets to the Internet must be blocked.

Connections from the Internet to any of the subnets must be blocked.

The number of network security groups (NSGs) and NSG rules must be minimized.

 

What should you do from the Azure portal?

 

Correct Answer: See solution below.

Explanation:

Step 1: Click Create a resource in the portal.

Step 2: Enter Virtual network in the Search the Marketplace box at the top of the New pane that appears. Click Virtual network when it appears in the search results.

Step 3: Select Classic in the Select a deployment model box in the Virtual Network pane that appears, then click Create.

Step 4: Enter the following values on the Create virtual network (classic) pane and then click Create:

 

Name: VNET1008

Address space: 10.0.0.0/16

Subnet name: subnet0

Resource group: Create new

Subnet address range: 10.0.0.0/24

Subscription and location: Select your subscription and location.

 

Step 5: In the portal, you can create only one subnet when you create a virtual network. Click Subnets (in the SETTINGS section) on the Create virtual network (classic) pane that appears.

Click +Add on the VNET1008 – Subnets pane that appears.

Step 6: Enter subnet1 for Name on the Add subnet pane. Enter 10.0.1.0/24 for Address range. Click OK.

Step 7: Create the third subnet: Click +Add on the VNET1008 – Subnets pane that appears. Enter subnet2 for Name on the Add subnet pane. Enter 10.0.2.0/24 for Address range. Click OK.

 

References:

https://docs.microsoft.com/en-us/azure/virtual-network/create-virtual-network-classic

 

 

QUESTION 48

You have an Azure subscription named Subscription1. Subscription1 contains the virtual networks in the following table.

 


 

Subscription1 contains the virtual machines in the following table:

 


 

The firewalls on all the virtual machines are configured to allow all ICMP traffic.

 

You add the peerings in the following table.

 


 

For each of the following statements, select Yest if the statement is true. Otherwise, select No.

 

NOTE: Each correct selection is worth one point.

 


 

Correct Answer:


 

 

QUESTION 49

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

 







 

When you are finished performing all the tasks, click the `Next’ button.

 

Note that you cannot return to the lab once you click the `Next’ button. Scoring occur in the background while you complete the rest of the exam.

 

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

 

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

 

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

 

To start the lab

You may start the lab by clicking the Next button.

 

You plan to create 100 Azure virtual machines on each of the following three virtual networks:

VNET1005a

VNET1005b

VNET1005c

 

All the network traffic between the three virtual networks will be routed through VNET1005a.

 

You need to create the virtual networks, and then to ensure that all the Azure virtual machines can connect to other virtual machines by using their private IP address. The solution must NOT require any virtual network gateways and must minimize costs.

 

What should you do from the Azure portal before you configure IP routing?

 

Correct Answer: See solution below.

Explanation:

Step 1: Click Create a resource in the portal.

Step 2: Enter Virtual network in the Search the Marketplace box at the top of the New pane that appears. Click Virtual network when it appears in the search results.

Step 3: Select Classic in the Select a deployment model box in the Virtual Network pane that appears, then click Create.

Step 4: Enter the following values on the Create virtual network (classic) pane and then click Create:

 

Name: VNET1005a

Address space: 10.0.0.0/16

Subnet name: subnet0

Resource group: Create new

Subnet address range: 10.0.0.0/24

Subscription and location: Select your subscription and location.

 

Step 5: Repeat steps 3-5 for VNET1005b (10.1.0.0/16, 10.1.0.0/24), and for VNET1005c 10.2.0.0/16, 10.2.0.0/24).

 

References:

https://docs.microsoft.com/en-us/azure/virtual-network/create-virtual-network-classic

 

 

QUESTION 50

You have an Azure subscription named Subscription1.

 

You create an Azure Storage account named contosostorage, and then you create a file share named data.

 

Which UNC path should you include in a script that references files from the data file share?

 

To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

 

NOTE: Each correct selection is worth one point.

 


 

Correct Answer:


 


 

Leave a Reply

Your email address will not be published. Required fields are marked *