Microsoft - AZ-140: Configuring and Operating Microsoft Azure Virtual Desktop
Sample Questions
Question: 293
Measured Skill: Plan and implement identity and security (15–20%)
You have a Microsoft Entra hybrid tenant that contains the users shown in the following table.
You have an Azure Virtual Desktop deployment that contains the host pools shown in the following table.
Which users can sign in to the session hosts of each pool?
(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)
| A | Pool1: User1 only
Pool2: User2 only |
| B | Pool1: User2 only
Pool2: User1 and User2 only |
| C | Pool1: User1 and User2 only
Pool2: User1, User2, and User3 |
| D | Pool1: User1 and User3 only
Pool2: User1 only |
| E | Pool1: User1, User2, and User3
Pool2: User1 and User3 only |
| F | Pool1: User1, User2, and User3
Pool2: User1, User2, and User3 |
Correct answer: BExplanation:
Azure Virtual Desktop supports different types of identities depending on which configuration you choose.
The session hosts of Pool1 are joined to On-Premises Active Directory and use an on-premises domain controller for user authentication. User2 is the only one out of the three users that is sourced in on-premises Active Directory.
The session hosts of Pool2 are joined to Microsoft Entra ID and use Entra ID to authenticate users. User1 and User3 are created in Entra ID. User2 is created in on-premises Active Directory and synced to Entra ID. All three users can be authenticated by Microsoft Entra ID. Since Azure Virtual Desktop doesn't support external identities, including external guest accounts or business-to-business (B2B) identities, only User1 and User2 can sign-inb to the session hosts of Pool2.
References:
Supported identities and authentication methods
Licensing Azure Virtual Desktop
Question: 294
Measured Skill: Plan and implement user environments and apps (20–25%)
You have an Azure subscription that contains an Azure Virtual Desktop host pool. The host pool uses FSLogix profile containers.
You need to create a configuration file to prevent specific folders from syncing to the FSLogix profile containers when a user signs out.
How should you name the file?| A | profile.xml |
| B | redirections.xml |
| C | fslogix.config |
| D | folders.json |
Correct answer: BExplanation:
FSLogix redirections.xml provides functionality that allows some parts of a user's profile to be excluded from a user's container.
Reference: Tutorial: Create and implement redirections.xml
Question: 295
Measured Skill: Monitor and maintain an Azure Virtual Desktop infrastructure (10–15%)
You have an Azure subscription that contains the resources shown in the following table.
Share1 stores FSLogix profile containers and is backed up daily to Vault1.
You need to change the backup location of share1 to Vault2.
Which two settings should you modify for Vault1 to prepare for the change?
(To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.)
| A | Networking |
| B | Backup |
| C | Backup items |
| D | Replicated items |
| E | Backup policies |
| F | Backup Infrastructure |
Correct answer: C, EExplanation:
From Vault1, we need to stop the existing backup of the Azure Files share and delete the existing backup items. To do so, we need to delete the Backup policy for share1 and the existing Backup items of share1.
References:
Create and configure a Recovery Services vault
Monitor and manage Recovery Services vaults
Question: 296
Measured Skill: Plan and implement user environments and apps (20–25%)
You have an Azure subscription that contains a user named User1 and an Azure Virtual Desktop host pool named Pool1. Pool1 contains the session hosts shown in the following table.
You have the devices shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
(NOTE: Each correct selection is worth one point.)
| A | When User1 connects to Host1 by using Device1 and a default web browser, the desktop is watermark protected: Yes
When User1 connects to Host2 by using Device2 and a default web browser, the desktop is watermark protected: Yes
When User1 connects to Host1 by using Device1 and the Remote Desktop Connection client, the desktop is watermark protected: Yes |
| B | When User1 connects to Host1 by using Device1 and a default web browser, the desktop is watermark protected: Yes
When User1 connects to Host2 by using Device2 and a default web browser, the desktop is watermark protected: Yes
When User1 connects to Host1 by using Device1 and the Remote Desktop Connection client, the desktop is watermark protected: No |
| C | When User1 connects to Host1 by using Device1 and a default web browser, the desktop is watermark protected: Yes
When User1 connects to Host2 by using Device2 and a default web browser, the desktop is watermark protected: No
When User1 connects to Host1 by using Device1 and the Remote Desktop Connection client, the desktop is watermark protected: Yes |
| D | When User1 connects to Host1 by using Device1 and a default web browser, the desktop is watermark protected: No
When User1 connects to Host2 by using Device2 and a default web browser, the desktop is watermark protected: Yes
When User1 connects to Host1 by using Device1 and the Remote Desktop Connection client, the desktop is watermark protected: No |
| E | When User1 connects to Host1 by using Device1 and a default web browser, the desktop is watermark protected: No
When User1 connects to Host2 by using Device2 and a default web browser, the desktop is watermark protected: No
When User1 connects to Host1 by using Device1 and the Remote Desktop Connection client, the desktop is watermark protected: Yes |
| F | When User1 connects to Host1 by using Device1 and a default web browser, the desktop is watermark protected: No
When User1 connects to Host2 by using Device2 and a default web browser, the desktop is watermark protected: No
When User1 connects to Host1 by using Device1 and the Remote Desktop Connection client, the desktop is watermark protected: No |
Correct answer: BExplanation:
Watermarking, alongside screen capture protection, helps prevent sensitive information from being captured on client endpoints. When you enable watermarking, QR code watermarks appear as part of remote desktops. The QR code contains the Connection ID or Device ID of a remote session that admins can use to trace the session. Watermarking is configured on session hosts using Microsoft Intune or Group Policy, and enforced by Windows App or the Remote Desktop client.
The following clients support watermarking:
Note: The Remote Desktop client (supported) is the client you download from the Microsoft Store. The Remote Desktop Connection client (not supported) is the client that is integrated in Windows 10/11 (mstsc.exe).
References:
Watermarking in Azure Virtual Desktop
What is Windows App?
Question: 297
Measured Skill: Plan and implement user environments and apps (20–25%)
You have an Azure subscription that contains the storage accounts shown in the following table.
You deploy Azure Virtual Desktop. All the session hosts in the deployment are joined to Active Directory.
You need to implement FSLogix profile containers.
Which storage accounts can you use to store the profile containers?| A | storage1 only |
| B | storage4 only |
| C | storage1 and storage4 only |
| D | storage2, storage3, and storage4 only |
| E | storage1, storage2, storage3, and storage4 |
Correct answer: CExplanation:
Azure Virtual Desktop offers FSLogix profile containers as the recommended user profile solution. FSLogix is designed to roam profiles in remote computing environments, such as Azure Virtual Desktop. At sign-in, this container is dynamically attached to the computing environment using a natively supported Virtual Hard Disk (VHD) and a Hyper-V Virtual Hard Disk (VHDX). The user profile is immediately available and appears in the system exactly like a native user profile. All FSLogix containers can be stored on file shares that support the SMB protocol. Storage1 and storage4 support SMB file shares.
Reference: Storage options for FSLogix profile containers in Azure Virtual Desktop