Skip Navigation Links
 

Archive - AZ-100: Microsoft Azure Infrastructure and Deployment

Sample Questions

Question: 199
Measured Skill: Manage identities (15-20%)

You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

You hire a temporary vendor. The vendor uses a Microsoft account that has a sign-in of user1@outlook.com.

You need to ensure that the vendor can authenticate to the tenant by using user1@outlook.com.

What should you do?

AFrom Windows PowerShell, run the New-AzureADUser cmdlet and specify the -UserPrincipalName user1@outlook.com parameter.
B From the Azure portal, add a custom domain name, create a new Azure AD user, and then specify user1@outlook.com as the username.
C From Azure Cloud Shell, run the New-AzureADMSInvitation cmdlet and specify the -UserPrincipalName user1@outlook.com parameter.
D From the Azure portal, add a new guest user, and then specify user1@outlook.com as the email address.

Correct answer: D

Explanation:

We should use Azure portal, add a new guest user, and then specify user1@outlook.com as the email address.



Note: The New-AzureADUser cmdlet creates a new user not a new guest user. The New-AzureADMSInvitation cmdlet is used to invite a new external user to your directory, but the cmdlet uses the -InvitedUserEmailAddress parameter instead of -UserPrincipalName.

Question: 200
Measured Skill: Manage identities (15-20%)

You have an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant has the users shown in the following table.



Azure AD Privileged Identity Management is enabled for contoso.com.

The User Administrator role is configured as shown in the following exhibit.



Group1 is configured as the approver for the User Administrator role.

You configure User1 and User2 to be eligible for the User Administrator role.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AUser1 will be added to the User Administrator role automatically: Yes
If User2 requests to be added to the User Administrator role, only...: Yes
If you configure User3 to be eligable for the User Administrator role,...:: Yes
B User1 will be added to the User Administrator role automatically: Yes
If User2 requests to be added to the User Administrator role, only...: Yes
If you configure User3 to be eligable for the User Administrator role,...:: No
C User1 will be added to the User Administrator role automatically: Yes
If User2 requests to be added to the User Administrator role, only...: No
If you configure User3 to be eligable for the User Administrator role,...:: No
D User1 will be added to the User Administrator role automatically: No
If User2 requests to be added to the User Administrator role, only...: Yes
If you configure User3 to be eligable for the User Administrator role,...:: No
E User1 will be added to the User Administrator role automatically: No
If User2 requests to be added to the User Administrator role, only...: No
If you configure User3 to be eligable for the User Administrator role,...:: Yes
F User1 will be added to the User Administrator role automatically: No
If User2 requests to be added to the User Administrator role, only...: No
If you configure User3 to be eligable for the User Administrator role,...:: No

Correct answer: D

Explanation:

User1 is configured as eligable for the User Administrator role. In order to use the role privileges, User1 has to request role activation and the request has to be approved by a member of Group1.

Self-approval is not allowed, that is why Microsoft recommends to add at least 2 approvers.

Configuring User3 to be eligable for the User Administrator role means that User3 can request role activation if needed. User3 is added as a role member, after the request has been approved by a member of Group1.

Question: 201
Measured Skill: Manage Azure subscriptions and resources (15-20%)

You have an Azure subscription that contains an Azure file share and you have an on-premises server named Server1 that runs Windows Server 2016.

You plan to set up Azure File Sync between Server1 and the Azure file share.

You need to prepare the subscription for the planned Azure File Sync.

Which two actions should you perform in the Azure subscription?

(To answer, drag the appropriate actions to the correct targets. Each action may be used once, more than once, or not at all.)

www.cert2brain.com

AFirst action: Create a Storage Sync Service.
Second action: Create a sync group.
B First action: Install the Azure File Sync agent.
Second action: Run Server Registration.
C First action: Create a Storage Sync Service.
Second action: Run Server Registration.
D First action: Create a sync group.
Second action: Install the Azure File Sync agent.

Correct answer: A

Explanation:

Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share. You can use any protocol that's available on Windows Server to access your data locally, including SMB, NFS, and FTPS. You can have as many caches as you need across the world.

The deployment of Azure File Sync starts with placing a Storage Sync Service resource into a resource group of your selected subscription. We recommend provisioning as few of these as needed. You will create a trust relationship between your servers and this resource and a server can only be registered to one Storage Sync Service. As a result, it is recommended to deploy as many storage sync services as you need to separate groups of servers. Keep in mind that servers from different storage sync services cannot sync with each other.

A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on a registered server. A server can have server endpoints in multiple sync groups. You can create as many sync groups as you need to appropriately describe your desired sync topology.

Note: The Azure File Synchronization Agent is installed on the on-premise server. The server registration for the storage synchronization service is also done on-premise.

Reference: Deploy Azure File Sync

Question: 202
Measured Skill: Manage Azure subscriptions and resources (15-20%)

You are an administrator for a company. You have an Azure Service Bus.

You create a queue named Queue1. Queue1 is configured as shown in the following exhibit.



Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AIf a message that has a TTL of four hours is written to Queue1 and is never read, the message will be deleted after two hours and five minutes.
If a message that has a TTL of two hours is written to Queue1, and then read after one hour, the message will be deleted in one hour.
B If a message that has a TTL of four hours is written to Queue1 and is never read, the message will be retained until manually deleted.
If a message that has a TTL of two hours is written to Queue1, and then read after one hour, the message will be deleted immediately.
C If a message that has a TTL of four hours is written to Queue1 and is never read, the message will be deleted after two hours.
If a message that has a TTL of two hours is written to Queue1, and then read after one hour, the message will be retained until manually deleted.
D If a message that has a TTL of four hours is written to Queue1 and is never read, the message will be deleted after four hours.
If a message that has a TTL of two hours is written to Queue1, and then read after one hour, the message will be deleted in five minutes.

Correct answer: B

Explanation:

Service Bus queues support a brokered messaging communication model. When using queues, components of a distributed application do not communicate directly with each other; instead they exchange messages via a queue, which acts as an intermediary (broker). A message producer (sender) hands off a message to the queue and then continues its processing. Asynchronously, a message consumer (receiver) pulls the message from the queue and processes it. The producer does not have to wait for a reply from the consumer in order to continue to process and send further messages. Queues offer First In, First Out (FIFO) message delivery to one or more competing consumers. That is, messages are typically received and processed by the receivers in the order in which they were added to the queue, and each message is received and processed by only one message consumer.

By default, after a message is retrieved from a consumer, the message is deleted from the queue.

Exceeding TimeToLive
When the QueueDescription.EnableDeadLetteringOnMessageExpiration or SubscriptionDescription.EnableDeadLetteringOnMessageExpiration property is set to true (the default is false), all expiring messages are moved to the DLQ, specifying the TTLExpiredException reason code.

Note that expired messages are only purged and moved to the DLQ when there is at least one active receiver pulling from the main queue or subscription; that behavior is by design.

Reference: Overview of Service Bus dead-letter queues

Question: 203
Measured Skill: Manage Azure subscriptions and resources (15-20%)

You have an Azure subscription that contains the resources shown in the following table.



The "Not allowed resource types" Azure policy is assigned to RG1 and uses the following parameters:
  • Microsoft.Network/virtualNetworks
  • Microsoft.Compute/virtualMachines
In RG1, you need to create a new virtual named VM2, and then connected VM2 to VNET1.

What should you do first?

AAdd a subnet to VNET1.
B Remove Microsoft.Network/virtualNetworks from the policy.
C Create an Azure resource Manager template.
D Remove Microsoft.Compute/virtualMachines from the policy.

Correct answer: D

Explanation:

The "Not allowed resource types" Azure policy defines resource types that are blocked from being created in the scope of the policy.

RG1 already contains a virtual network named VNet1 and a virtual machine named VM1. Before VM2 can be created, the Microsoft.Compute/virtualMachines resource type must be removed from the policy.



 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2020 by cert2brain.com