Ms Azure Administrator - Mock Test Set 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has 100 users located in an office in Paris.

The on-premises network contains the servers shown in the following table.

You create a new subscription. You need to move all the servers to Azure.

Solution: You use the Data Migration Assistant tool.

Does this meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

Ms Azure Administrator - Mock Test Set 5

You have a computer named Computer1 that has a point-to-site VPN connection to an Azure virtual network named VNet1. The point-to-site connection uses a self-signed certificate.

From Azure, you download and install the VPN client configuration package on a computer named Computer2.

You need to ensure that you can establish a point-to-site VPN connection to VNet1 from Computer2.

Solution: You join Computer2 to Azure Active Directory (Azure AD).

Does this meet this goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

You create an Azure subscription that is associated to a basic Azure Active Directory (Azure AD) tenant. You need to receive an email notification when any user activates an administrative role.

What should you do?


Options are :

  • Purchase Azure AD Premium 92 and configure Azure AD Privileged Identity Management, (Correct)
  • Purchase Enterprise Mobility + Security E3 and configure conditional access policies.
  • Purchase Enterprise Mobility + Security E5 and create a custom alert rule in Azure Security Center.
  • Purchase Azure AD Premium PI and enable Azure AD Identity Protection.

Answer :Purchase Azure AD Premium 92 and configure Azure AD Privileged Identity Management,

You have an Azure subscription named Subscription1 that has a subscription ID of c276fc76-9cd4-44c9-99a7-4fd71546436e.

You need to create a custom RBAC role named CR1 that meets the following requirements:

Can be assigned only to the resource groups in Subscription1

Prevents the management of the access permissions for the resource groups

Allows the viewing, creating, modifying, and deleting of resource within the resource groups

What should you specify in the assignable scopes and the permission elements of the definition of CR1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Options are :

  • Box 1: "/Subscriptions/c276fc76-9cd4-44c9-99a7-ertert3453454353"/ResocurceGroups" Box 2: "Microsoft.Authorization/*" (Correct)
  • Box 1: "/Subscriptions/c276fc76-9cd4-44c9-99a7-ertert3453454353" Box 2: "Microsoft.Authorization/*"
  • Box 1: "/Subscriptions/c276fc76-9cd4-44c9-99a7-ertert3453454353" Box 2: "Microsoft.Security/*"
  • Box 1: "/Subscriptions/c276fc76-9cd4-44c9-99a7-ertert3453454353"/ResocurceGroups" Box 2: "Microsoft.Resources/*"

Answer :Box 1: "/Subscriptions/c276fc76-9cd4-44c9-99a7-ertert3453454353"/ResocurceGroups" Box 2: "Microsoft.Authorization/*"

70-533 Implementing Microsoft Azure Infrastructure Solution Set 2

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com that is configured for hybrid coexistence with the on-premises Active Directory domain. The tenant contains the users shown in the following table.

Whenever possible, you need to enable Azure Multi-Factor Authentication (MFA) for the users in contoso.com.

Which users should you enable for Azure MFA?


Options are :

  • User1 only
  • User1, User2, and User3 only
  • User1 and User2 only
  • User1, User2, User3, and User4 (Correct)
  • User2 only

Answer :User1, User2, User3, and User4

You have an Azure Active Directory (Azure AD) tenant.

All administrators must enter a verification code to access the Azure portal.

You need to ensure that the administrators can access the Azure portal only from your on-premises network.

What should you configure?


Options are :

  • an Azure AD Identity Protection user risk policy.
  • the multi-factor authentication service settings. (Correct)
  • the default for all the roles in Azure AD Privileged Identity Management
  • an Azure AD Identity Protection sign-in risk policy

Answer :the multi-factor authentication service settings.

You have an Azure virtual machine named VM1.

The network interface for VM1 is configured as shown in the exhibit. (Click the Exhibit tab.)

You deploy a web server on VM1, and then create a secure website that is accessible by using the HTTPS protocol. VM1 is used as a web server only.

You need to ensure that users can connect to the website from the internet.

What should you do?


Options are :

  • Create a new inbound rule that allows TCP protocol 443 and configure the protocol to have a priority of 501. (Correct)
  • For Rule5, change the Action to Allow and change the priority to 401.
  • Delete Rule1.
  • Modify the protocol of Rule4.

Answer :Create a new inbound rule that allows TCP protocol 443 and configure the protocol to have a priority of 501.

Ms Azure Administrator - Mock Test Set 8

Your network contains an Active Directory domain named contoso.com that is synced to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. The tenant contains only default domain names.

The domain contains the users shown in the following table.

The users have values sets for their user account as shown in the following table.

You plan to enable Azure Multi-Factor Authentication (MFA) by using the following bulk update file named

File1.

Username, MFA Status

CN=User1, DC=Contoso, DC=onmicrosoft, DC=com, Enabled

[email protected], Enabled

[email protected], Enabled

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Options are :

  • Yes No No (Correct)
  • No Yes Yes
  • No Yes No
  • Yes No Yes

Answer :Yes No No

What are two characteristics of the public cloud?

Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.


Options are :

  • Dedicated hardware.
  • Unsecured connections.
  • Limited storage.
  • Metered pricing. (Correct)
  • Self-service management. (Correct)

Answer :Metered pricing. Self-service management.

You have an Azure virtual machine named VM1.

Azure collects events from VM1.

You are creating an alert rule in Azure Monitor to notify an administrator when an error is logged in the

System event log of VM1.

You need to specify which resource type to monitor.

What should you specify?


Options are :

  • metric alert
  • Azure Log Analytics workspace (Correct)
  • virtual machine
  • virtual machine extension

Answer :Azure Log Analytics workspace

AZ-203 Microsoft Certified Azure Developer practice exams Set 15

You have the Azure virtual networks shown in the following table.

To which virtual networks can you establish a peering connection from VNet1?


Options are :

  • VNet2 and VNet3 only
  • VNet2 only
  • VNet3 and VNet4 only (Correct)
  • VNet2, VNet3, and VNet4

Answer :VNet3 and VNet4 only

You are configuring Azure Active Directory (AD) Privileged Identity Management.

You need to provide a user named Admm1 with read access to a resource group named RG1 for only one month.

The user role must be assigned immediately.

What should you do?


Options are :

  • Assign an active role.
  • Assign an eligible role. (Correct)
  • Assign a permanently active role.
  • Create a custom role and a conditional access policy.

Answer :Assign an eligible role.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has 100 users located in an office in Paris.

The on-premises network contains the servers shown in the following table.

You create a new subscription. You need to move all the servers to Azure.

Solution: You run azcopy.exe.

Does this meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

AZ-300 Microsoft Azure Architect Technologies Prc. Tests Set 1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has 100 users located in an office in Paris.

The on-premises network contains the servers shown in the following table.

You create a new subscription. You need to move all the servers to Azure.

Solution: You use Azure Site Recovery.

Does this meet the goal?


Options are :

  • Yes (Correct)
  • No

Answer :Yes

Your network is configured as shown in the following exhibit.

The firewalls are configured as shown in the following table.

Prod1 contains a vCenter server.

You install an Azure Migrate Collector on Test1.

You need to discover the virtual machines.

Which TCP port should be allowed on each firewall? To answer, drag the appropriate ports to the correct firewalls. Each port may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Options are :

  • FW1: Outbond 443 FW2: Outbond 443 (Correct)
  • FW1: Outbond 3389 FW2: Outbond 3389
  • FW1: Inbond 80 FW2: Outbond 443
  • FW1: Inbond 995 FW2: Outbond 443

Answer :FW1: Outbond 443 FW2: Outbond 443

You are the global administrator for an Azure Active Directory (Azure AD) tenant named adatum.com. From the Azure Active Directory blade, you assign the Conditional Access Administrator role to a user You need to ensure that Admin1 has just-in-time access as a conditional access administrator.

What should you do next?


Options are :

  • Enable Azure AD Multi-Factor Authentication (MFA). (Correct)
  • Set Admin1 as Eligible for the Privileged Role Administrator role.
  • Admin1 as Eligible for the Conditional Access Administrator role.
  • Enable Azure AD Identity Protection.

Answer :Enable Azure AD Multi-Factor Authentication (MFA).

AZ-104 Real Azure Administrator Practice Test Set 5

You have an Azure Active Directory (Azure AD) tenant named Tenant1 and an Azure subscription named. You enable Azure AD Privileged Identity Management.

You need to secure the members of the Lab Creator role. The solution must ensure that the lab creators request access when they create labs.

What should you do first?


Options are :

  • From Azure AD Privileged Identity Management, edit the role settings for Lab Creator. (Correct)
  • From Subscription1 edit the members of the Lab Creator role.
  • From Azure AD Identity Protection, creates a user risk policy.
  • From Azure AD Privileged Identity Management, discover the Azure resources of Conscription.

Answer :From Azure AD Privileged Identity Management, edit the role settings for Lab Creator.

You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.

You need to delete the Recovery Services vault.

What should you do first?


Options are :

  • From the Recovery Service vault, stop the backup of each backup item. (Correct)
  • From the Recovery Service vault, delete the backup data.
  • Modify the disaster recovery properties of each virtual machine.
  • Modify the locks of each virtual machine.

Answer :From the Recovery Service vault, stop the backup of each backup item.

AZ-203 Microsoft Certified Azure Developer practice exams Set 10

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

When you are finished performing all the tasks, click the ‘Next' button.

Note that you cannot return to the lab once you click the ‘Next' button. Scoring occur in the background while you complete the rest of the exam.

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

To start the lab

You may start the lab by clicking the Next button.

You plan to protect on-premises virtual machines and Azure virtual machines by using Azure Backup. You need to prepare the backup infrastructure in Azure. The solution must minimize the cost of storing the backups in Azure.

What should you do from the Azure portal?


Options are :

  • Please see the Explanation section for solution (Correct)

Answer :Please see the Explanation section for solution

You purchase a new Azure subscription named Subscription1.

You create a virtual machine named VM1 in Subscription1. VM1 is not protected by Azure Backup.

You need to protect VM1 by using Azure Backup. Backups must be created at 01:00 and stored for 30 days.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Options are :

  • A blob container A batch job
  • A file share A batch schedule
  • A Recovery Services vault A backup policy (Correct)
  • A storage account A recovery plan

Answer :A Recovery Services vault A backup policy

You have peering configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.


Options are :

  • vNET6 only modify the address space (Correct)
  • vNET6 and vNET1 only add a service endpoint
  • vNET6, vNET1 and vNET2 only add a subnet
  • vNET6 only delete peering1

Answer :vNET6 only modify the address space

AZ-300 Microsoft Azure Architect Practice Exam Questions NEW Set 3

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

To start the lab

You may start the lab by clicking the Next button.

You plan to prevent users from accidentally deleting blob data from Azure.

You need to ensure that administrators can recover any blob data that is deleted accidentally from the storagelod8095859 storage account for 14 days after the deletion occurred.

What should you do from the Azure portal?


Options are :

  • Please see the Explanation section for solution (Correct)

Answer :Please see the Explanation section for solution

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

To start the lab

You may start the lab by clicking the Next button.

You plan to allow connections between the VNET01-USEA2 and VNET01-USWE2 virtual networks.

You need to ensure that virtual machines can communicate across both virtual networks by using their private IP address. The solution must NOT require any virtual network gateways.

What should you do from the Azure portal?


Options are :

  • Please see the Explanation section for solution (Correct)

Answer :Please see the Explanation section for solution

You have an Active Directory forest named contoso.com.

You install and configure Azure AD Connect to use password hash synchronization as the single sign-on (SSO) method. Staging mode is enabled.

You review the synchronization results and discover that the Synchronization Service Manager does not display any sync jobs.

You need to ensure that the synchronization completes successfully.

What should you do?


Options are :

  • From Synchronization Service Manager, run a full import.
  • Run Azure AD Connect and set the SSO method to Pass-through Authentication.
  • From Azure PowerShell, run Start-AdSyncSyncCycle -PolicyType Initial.
  • Run Azure AD Connect and disable staging mode. (Correct)

Answer :Run Azure AD Connect and disable staging mode.

Ms Azure Administrator - Mock Test Set 1

You have an Azure subscription named Subscription1.

You create an Azure Storage account named contosostorage, and then you create a file share named data.

Which UNC path should you include in a script that references files from the data file share? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Options are :

  • Box 1: contosostorage Box 2: file.core.windows.net Box 3: data (Correct)
  • Box 1: blob Box 2: file.core.windows.net Box 3: file
  • Box 1: blob.core.windows.net Box 2: portal.azure.com Box 3: data
  • Box 1: contosostorage Box 2: file.core.windows.net Box 3: subscription1

Answer :Box 1: contosostorage Box 2: file.core.windows.net Box 3: data

You have an Azure subscription that contains a storage account named account1.

You plan to upload the disk files of a virtual machine to account1 from your on-premises network. The on-premises network uses a public IP address space of 131.107.1.0/24.

You plan to use the disk files to provision an Azure virtual machine named VM1. VM1 will be attached to a virtual network named VNet1. VNet1 uses an IP address space of 192.168.0.0/24.

You need to configure account1 to meet the following requirements:

Ensure that you can upload the disk files to account1.

Ensure that you can attach the disks to VM1.

Prevent all other access to account1.

Which two actions should you perform? Each correct selection presents part of the solution.

NOTE: Each correct selection is worth one point.


Options are :

  • From the Firewalls and virtual networks blade of account1, add the 131.107.1.0/24 IP address range.
  • From the Firewalls and virtual networks blade of account1, select Selected networks. (Correct)
  • From the Firewalls and virtual networks blade of acount1, add VNet1.
  • From the Firewalls and virtual networks blade of account1, select Allow trusted Microsoft services to access this storage account.
  • From the Service endpoints blade of VNet1, add a service endpoint. (Correct)

Answer :From the Firewalls and virtual networks blade of account1, select Selected networks. From the Service endpoints blade of VNet1, add a service endpoint.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

You receive a notification that VM1 will be affected by maintenance.

You need to move VM1 to a different host immediately.

Solution: From the Overview blade, you move the virtual machine to a different resource group.

Does this meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

AZ-203 Microsoft Certified Azure Developer practice exams Set 9

You have a resource group named RG1. RG1 contains an Azure Storage account named storageaccount1 and a virtual machine named VM1 that runs Windows Server 2016. Storageaccount1 contains the disk files for VM1. You apply a ReadOnly lock to RG1.

What can you do from the Azure portal?


Options are :

  • Generate an automation script for RG1.
  • View the keys of storageaccount1. (Correct)
  • Upload a blob to storageaccount1.
  • Start VM1.

Answer :View the keys of storageaccount1.

You have an Azure subscription.

You need to implement a custom policy that meet the following requirements:

* Ensures that each new resource group in the subscription has a tag named organization set to a value of Contoso.

* Ensures that resource group can be created from the Azure portal.

* Ensures that compliance reports in the Azure portal are accurate.

How should you complete the policy?

To answer, select the appropriate options in the answers area.


Options are :

  • "Microsoft.Resources/subsriptions/resourceGroup" "Deny"
  • "Microsoft.Resources/subsriptions/resourceGroup" "DeployifNotExists" (Correct)
  • "Microsoft.Resources/deployments" "DeployifNotExists"
  • "Microsoft.Resources/subsriptions" "Append"

Answer :"Microsoft.Resources/subsriptions/resourceGroup" "DeployifNotExists"

You have an Azure subscription that contains a virtual network named VNet1. VNet1 uses an IP address space of 10.0.0.0/16 and contains the subnets in the following table.

Subnet1 contains a virtual appliance named VM1 that operates as a router.

You create a routing table named RT1.

You need to route all inbound traffic to VNet1 through VM1.

How should you configure RT1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Options are :

  • 10.0.0.0/16 Virtual appliance GatewaySubnet (Correct)
  • 10.0.1.0/24 Virtual networ Subnet0
  • 10.0.254.0/24 Virtual network gateway Subnet1 and Subnet2
  • 10.0.0.0/16 Virtual appliance Subnet1 and Subnet2

Answer :10.0.0.0/16 Virtual appliance GatewaySubnet

Ms Azure Administrator - Mock Test Set 10

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions