Download Renewal for Microsoft Certified Azure Administrator Associate.pdf and more Exams Nursing in PDF only on Docsity!
Associate
Overview - Contoso, Ltd. is a manufacturing company that has offices worldwide. Contoso works with partner organizations to bring products to market. Contoso products are manufactured by using blueprint files that the company authors and maintains. Existing Environment - Currently, Contoso uses multiple types of servers for business operations, including the following: File servers Domain controllers Microsoft SQL Server servers Your network contains an Active Directory forest named contoso.com. All servers and client computers are joined to Active Directory. You have a public-facing application named App1. App1 is comprised of the following three tiers: A SQL database
- A web front end A processing middle tier Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only. Requirements - Planned Changes - Contoso plans to implement the following changes to the infra - ANSB. Use Azure Storage Explorer to copy the files. Overview - Contoso, Ltd. is a manufacturing company that has offices worldwide. Contoso works with partner organizations to bring products to market. Contoso products are manufactured by using blueprint files that the company authors and maintains. Existing Environment - Currently, Contoso uses multiple types of servers for business operations, including the following: File servers Domain controllers Microsoft SQL Server servers Your network contains an Active Directory forest named contoso.com. All servers and client computers are joined to Active Directory.
Associate
You have a public-facing application named App1. App1 is comprised of the following three tiers: A SQL database - A web front end A processing middle tier Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only. Requirements
- Planned Changes
- Contoso plans to implement the following changes to the infra - ANSD. a Recovery Services vault You have a deployment template named Template1 that is used to deploy 10 Azure web apps. You need to identify what to deploy before you deploy Template1. The solution must minimize Azure costs. What should you identify? A. five Azure Application Gateways B. one App Service plan C. 10 App Service plans D. one Azure Traffic Manager E. one Azure Application Gateway - ANSB. one App Service plan You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com. You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1. You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days. Which two groups should you create? A. an Office 365 group that uses the Assigned membership type B. a Security group that uses the Assigned membership type C. an Office 365 group that uses the Dynamic User membership type D. a Security group that uses the Dynamic User membership type E. a Security group that uses the Dynamic Device membership type - ANSA. an Office 365 group that uses the Assigned membership type C. an Office 365 group that uses the Dynamic User membership type
Associate
You create a new user account named AdminUser1. You need to assign the User administrator administrative role to AdminUser1. What should you do from the user account properties? A. From the Licenses blade, assign a new license B. From the Directory role blade, modify the directory role C. From the Groups blade, invite the user account to a new group - ANSB. From the Directory role blade, modify the directory role You have an Azure Storage account named storage1. You plan to use AzCopy to copy data to storage1. You need to identify the storage services in storage1 to which you can copy the data. What should you identify? A. blob, file, table, and queue B. blob and file only C. file and table only D. file only E. blob, table, and queue only - ANSB. blob and file only You have an Azure subscription named Subscription1 and an on-premises deployment of Microsoft System Center Service Manager. Subscription1 contains a virtual machine named VM1. You need to ensure that an alert is set in Service Manager when the amount of available memory on VM is below 10 percent. What should you do first? A. Create an automation runbook B. Deploy a function app C. Deploy the IT Service Management Connector (ITSM) D. Create a notification - ANSC. Deploy the IT Service Management Connector (ITSM) You have an Azure subscription named Subscription1 that contains a virtual network named VNet1. VNet1 is in a resource group named RG1.Subscription1 has a user named User1. User1 has the following roles: ✑ Reader
Associate
✑ Security Admin Security Reader - You need to ensure that User1 can assign the Reader role for VNet1 to other users.What should you do? A. Remove User 1 from the Security Reader role for Subscription1. Assign User1 the Contributor role for RG1. B. Assign User1 the Owner role for VNet1. C. Remove User1 from the Security Reader and Reader roles for Subscription1. D. Assign User1 the Network Contributor role for RG1. - ANSB. Assign User1 the Owner role for VNet1. You have an Azure subscription named Subscription1 that contains two Azure virtual networks named VNet1 and VNet2. VNet1 contains a VPN gateway named VPNGW1 that uses static routing. There is a site-to-site VPN connection between your on-premises network and VNet1. On a computer named Client1 that runs Windows 10, you configure a point-to-site VPN connection to VNet1. You configure virtual network peering between VNet1 and VNet2. You verify that you can connect to VNet2 from the on-premises network. Client1 is unable to connect to VNet2. You need to ensure that you can connect Client1 to VNet2.What should you do? A. Download and re-install the VPN client configuration package on Client1. B. Select Allow gateway transit on VNet1. C. Select Allow gateway transit on VNet2. D. Enable BGP on VPNGW1 - ANSA. Download and re-install the VPN client configuration package on Client1. You have an Azure subscription named Subscription1 that has the following providers registered: ✑ Authorization ✑ Automation ✑ Resources ✑ Compute ✑ KeyVault ✑ Network ✑ Storage
Associate
You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Automation script. Does this meet the goal? A. Yes B. No - ANSB. No You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Deployments. Does this meet the goal? A. Yes B. No - ANSA. Yes You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the Subscriptions blade, you select the subscription, and then click Programmatic deployment. Does this meet the goal? A. Yes B. No - ANSB. No You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: From the Resource providers blade, you unregister the Microsoft.ClassicNetwork provider. Does this meet the goal? A. Yes
Associate
B. No - ANSB. No You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You assign a built-in policy definition to the subscription. Does this meet the goal? A. Yes B. No - ANSB. No You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You configure a custom policy definition, and then you assign the policy to the subscription. Does this meet the goal? A. Yes B. No - ANSA. Yes You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1. You need to ensure that you can configure a point-to-site connection from an on-premises computer to VNet1. Which two actions should you perform? A. Add a service endpoint to VNet B. Reset GW C. Create a route-based virtual network gateway D. Add a connection to GW E. Delete GW F. Add a public IP address space to VNet1 - ANSC. Create a route-based virtual network gateway
Associate
You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains four subnets named Gateway, Perimeter, NVA, and Production. The NVA subnet contains two network virtual appliances (NVAs) that will perform network traffic inspection between the Perimeter subnet and the Production subnet. You need to implement an Azure load balancer for the NVAs. The solution must meet the following requirements: ✑ The NVAs must run in an active-active configuration that uses automatic failover. ✑ The NVA must load balance traffic to two services on the Production subnet. The services have different IP addresses. Which three actions should you perform? A. Deploy a basic load balancer B. Deploy a standard load balancer C. Add two load balancing rules that have HA Ports and Floating IP enabled D. Add two load balancing rules that have HA Ports enabled and Floating IP disabled E. Add a frontend IP c - ANSB. Deploy a standard load balancer C. Add two load balancing rules that have HA Ports and Floating IP enabled F. Add a frontend IP configuration, two backend pools, and a health probe You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com and an Azure Kubernetes Service (AKS) cluster named AKS1. An administrator reports that she is unable to grant access to AKS1 to the users in contoso.com. You need to ensure that access to AKS1 can be granted to the contoso.com users. What should you do first? A. From contoso.com, modify the Organization relationships settings. B. From contoso.com, create an OAuth 2.0 authorization endpoint. C. Recreate AKS1. D. From AKS1, create a namespace. - ANSB. From contoso.com, create an OAuth 2.0 authorization endpoint. You have an Azure subscription that contains an Azure Storage account. You plan to create an Azure container instance named container1 that will use a Docker image named Image1. Image1 contains a Microsoft SQL Server instance that requires persistent storage.
Associate
You need to configure a storage service for Container1. What should you use? A. Azure Files B. Azure Blob storage C. Azure Queue storage D. Azure Table storage - ANSD. Azure Table storage You have an Azure subscription that contains an Azure virtual machine named VM1. VM1 runs a financial reporting app named App1 that does not support multiple active instances. At the end of each month, CPU usage for VM1 peaks when App1 runs. You need to create a scheduled runbook to increase the processor performance of VM1 at the end of each month.What task should you include in the runbook? A. Add the Azure Performance Diagnostics agent to VM1. B. Modify the VM size property of VM1. C. Add VM1 to a scale set. D. Increase the vCPU quota for the subscription. E. Add a Desired State Configuration (DSC) extension to VM1. - ANSE. Add a Desired State Configuration (DSC) extension to VM1. You have an Azure virtual machine named VM1 that runs Windows Server 2016. You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour. Solution: You create an Azure Log Analytics workspace and configure the data settings. You add the Microsoft Monitoring Agent VM extension to VM1. You create an alert in Azure Monitor and specify the Log Analytics workspace as the source. Does this meet the goal? A. Yes B. No - ANSB. No You have an Azure virtual machine named VM1 that runs Windows Server 2016. You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour. Solution: You create an Azure Log Analytics workspace and configure the data settings. You install the Microsoft Monitoring Agent on VM1. You create an alert in Azure Monitor and specify the Log Analytics workspace as the source.
Associate
A. the modified screen saver timeout B. the new desktop background C. the new files on drive D D. the new files on drive C - ANSA. the modified screen saver timeout You have an Azure web app named webapp1. Users report that they often experience HTTP 500 errors when they connect to webapp1. You need to provide the developers of webapp1 with real-time access to the connection errors. The solution must provide all the connection error details. What should you do first? A. From webapp1, enable Web server logging B. From Azure Monitor, create a workbook C. From Azure Monitor, create a Service Health alert D. From webapp1, turn on Application Logging - ANSA. From webapp1, enable Web server logging You have an on-premises server that contains a folder named D:\Folder1. You need to copy the contents of D:\Folder1 to the public container in an Azure Storage account named contosodata. Which command should you run? A. https://contosodata.blob.core.windows.net/public B. azcopy sync D:\folder1 https://contosodata.blob.core.windows.net/public --snapshot C. azcopy copy D:\folder1 https://contosodata.blob.core.windows.net/public --recursive D. az storage blob copy start-batch D:\Folder1 https://contosodata.blob.core.windows.net/public - ANSC. azcopy copy D:\folder1 https://contosodata.blob.core.windows.net/public --recursive You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure? A. Floating IP (direct server return) to Enabled B. Idle Time-out (minutes) to 20
Associate
C. Protocol to UDP D. Session persistence to Client IP and Protocol - ANSD. Session persistence to Client IP and Protocol You have two Azure virtual networks named VNet1 and VNet2. VNet1 contains an Azure virtual machine named VM1. VNet2 contains an Azure virtual machine named VM2. VM1 hosts a frontend application that connects to VM2 to retrieve data.Users report that the frontend application is slower than usual. You need to view the average round-trip time (RTT) of the packets from VM1 to VM2. Which Azure Network Watcher feature should you use? A. IP flow verify B. Connection troubleshoot C. Connection monitor D. NSG flow logs - ANSC. Connection monitor You need to deploy an Azure virtual machine scale set that contains five instances as quickly as possible.What should you do? A. Deploy five virtual machines. Modify the Availability Zones settings for each virtual machine. B. Deploy five virtual machines. Modify the Size setting for each virtual machine. C. Deploy one virtual machine scale set that is set to VM (virtual machines) orchestration mode. D. Deploy one virtual machine scale set that is set to ScaleSetVM orchestration mode. - ANSD. Deploy one virtual machine scale set that is set to ScaleSetVM orchestration mode. You plan to deploy several Azure virtual machines that will run Windows Server 2019 in a virtual machine scale set by using an Azure Resource Manager template. You need to ensure that NGINX is available on all the virtual machines after they are deployed. What should you use? A. Azure Active Directory (Azure AD) Application Proxy B. Azure Application Insights C. Azure Custom Script Extension D. the New-AzConfigurationAssignement cmdlet - ANSC. Azure Custom Script Extension You plan to deploy three Azure virtual machines named VM1, VM2, and VM3. The virtual machines will host a web app named App1.
Associate
You need to connect the datacenters to the subscription. The solution must minimize network latency between the datacenters. What should you create? A. three Azure Application Gateways and one On-premises data gateway B. three virtual hubs and one virtual WAN C. three virtual WANs and one virtual hub D. three On-premises data gateways and one Azure Application Gateway - ANSC. three virtual WANs and one virtual hub Your on-premises network contains an SMB share named Share1. You have an Azure subscription that contains the following resources: ✑ A web app named webapp ✑ A virtual network named VNET You need to ensure that webapp1 can connect to Share1. What should you deploy? A. an Azure Application Gateway B. an Azure Active Directory (Azure AD) Application Proxy C. an Azure Virtual Network Gateway - ANSC. an Azure Virtual Network Gateway
