A company needs to deploy Azure AD connect and want to
integrate Active Directory and
Azure AD tenant in such a way that it meets the following
requirements :
-- Reduce number of servers
-- Make sure user logon restrictions apply to user accounts
which are synced to the tenant.
Which authentication method can meet this goal ?
A.
Active Directory Quick Services ( AD QS)
B.
Active Directory Federation Services (AD FS)
C. Password Hash Synchronization
with SSO
D.
Pass-through authentication with SSO
Each Azure virtual machine has a single network interface as
shown in the table below.As a security admin, you have added network interface
of VM7 to an application security group named ASG7.
You need to find out the network interfaces of which VMs you
can add to ASG7.
A.
VM8 only
B. VM8 and VM9 only
C.
VM10 only
D.
VM11 only
You have deployed Azure Bastion to VNET8 where all the
virtual networks are peered. Which virtual machines can be protected by bastion
host for the below Azure subcription ?
A. VM7, VM8, VM9, VM10
B.
VM7, VM9 and VM10 only
C.
VM7 and VM9 only
D.
VM8 and VM10 only
Which virtual machines you can connect to Azure Sentinel if
you are planning to use Azure Sentinel to monitor Windows Defender Firewall on
the virtual machines ?
Azure subscription containing Azure Log Analytics Workspace
and virtual machines is shown below :
A. VM7, VM8, VM9, VM10
B.
VM7, VM9 and VM10 only
C.
VM7 and VM9 only
A.
D.VM8-and-VM10 only
On NIC7, application security group named ASG7 is
configured. On which other network interfaces ASG7 can be configured if an
Azure subscription containing virtual networks and virtual networks is shown
below:
A.
NIC8 only
B. NIC8 and NIC9 only
C.
NIC10 only
A.
D.NIC11 only
As a Security Engineer, how can you provide VM7 with secure
access to a database on SQL7 by using a contained database user ?
Azure Subscription containing the resources is shown below:
A.
Delete secret from KV7
B.
Delete key from KV7
C. Use-Managed-Identity-on-VM7
D.
Configure Endpoint on SQL7
As a Security Engineer, you need to configure auditing for
SQL7. Azure Subscripton containing the resources and storage accounts is shown
below:
As a Security Engineer, you plan to enable Azure Disk
Encryption on VM7 which resides in South India having resource group as RG7.
You have an Azure Subscription containing Azure Key Vaults
as shown below:
In which key vaults encryption key can be stored for VM7 ?
A.
Vault8 and Vault10 only
B. Vault7 and Vault9 only
C.
Vault7 and Vault8 only
D.
D.Vault9-and-Vault10-only
Which additional virtual machines can be updated by using
update7 and update8 if update7 updates VM9 and update8 updates VM12 ?
As a Global Admin tenant role, how can you manage Azure
Security Center settings to create a custom sensitivity label ?
A.
Upgrade to Premium P4 license
B.
Configure Storage Account
C. Create a custom sensitive
information type
D.
Switch role to Security Admin instead of Global
Admin
Identify the users who can carry out the below task as per the Azure Subscription associated with Azure AD tenant below:
As a Security Engineer, you need to grant Azure Functions
the least required privileges to create storage accounts for containerized
application instances. The solution should also reduce administrative effort.
An Azure subscription is associated with Azure AD tenant
which includes users shown below.
Select the appropriate user and tool which can achieve the
goal.
Which initiative and policy definitions can be added to
Azure Subscription with Azure Security Center ?
A. Initiative7 and Initiative8 only
B.
Policy7 and Policy8 only
C.
Initiative7, Initiative8, Policy7 and Policy8
D.
Poliey7 only
An Azure Subscription containing virtual machines, policies and resource locks created is shown below:
You have created Azure Blueprints definitions and hierarchy
of Azure resources as shown below:
You have created resource group named RG7 and Azure
subscription containing Azure AD tenant containing users is shown in the table
below.
Which users can carry out the task ?
A company needs to delegate administrative access to the key
vault using principle of least privilege.
As a security administrator, you have generated Shared
Access Signature ( SAS ) to connect to file service and blob service. You need
to use the appropriate tool to access the contents for the below Azure
Subscription :
If you have any problem so download the file to click on "Download".
I hope it's helpful for you. If you have any queries, don't hesitate to contact me.
0 comments:
Post a Comment
If you have any doubts, please let me know. I will help you.