Pinpoint AZ-101 Exam Dumps 2019

AZ-101 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

Download AZ-101 Dumps Free

Product Description:
Exam Number/Code: AZ-101
Exam name: Microsoft Azure Integration and Security
n questions with full explanations
Certification: Microsoft Certification

HOW TO GET AZ-101 Exam PDF Collection Free?

Proper study guides for AZ-101 Microsoft Azure Integration and Security certified begins with AZ-101 Dumps Questions preparation products which designed to deliver the AZ-101 Study Guides by making you pass the AZ-101 test at your first time. Try the free AZ-101 Exam Questions right now.

Free demo questions for Microsoft AZ-101 Exam Dumps Below:

NEW QUESTION 1
You are the global administrator for an Azure Active Directory (Azure AD) tenet named adatum.com. You need to enable two-step verification for Azure users.
What should you do?

  • A. Create a sign-in risk policy in Azure AD Identity Protection
  • B. Enable Azure AD Privileged Identity Management.
  • C. Create and configure the Identity Hub.
  • D. Configure a security policy in Azure Security Center.

Answer: A

Explanation: With Azure Active Directory Identity Protection, you can:
require users to register for multi-factor authentication
handle risky sign-ins and compromised users References:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/flows

NEW QUESTION 2
You create an Azure subscription that is associated to a basic Azure Active Directory (Azure AD) tenant. You need to receive an email notification when any user activates an administrative role.
What should you do?

  • A. Purchase Azure AD Premium 92 and configure Azure AD Privileged Identity Management,
  • B. Purchase Enterprise Mobility + Security E3 and configure conditional access policies.
  • C. Purchase Enterprise Mobility + Security E5 and create a custom alert rule in Azure Security Center.
  • D. Purchase Azure AD Premium PI and enable Azure AD Identity Protection.

Answer: A

Explanation: When key events occur in Azure AD Privileged Identity Management (PIM), email notifications are sent. For example, PIM sends emails for the following events:
When a privileged role activation is pending approval
When a privileged role activation request is completed
When a privileged role is activated
When a privileged role is assigned
When Azure AD PIM is enabled References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim- email-notifications

NEW QUESTION 3
You need to prevent remote users from publishing via FTP to a function app named FunctionApplod7509087fa. Remote users must be able to publish via FTPS. What should you do from the Azure portal?

    Answer:

    Explanation: Step 1:
    Locate and select the function app FunctionApplod7509087fa.
    Step 2:
    Select Application Settings > FTP Access, change FTP access to FTPS Only, and click Save.
    AZ-101 dumps exhibit
    References:
    https://blogs.msdn.microsoft.com/appserviceteam/2018/05/08/web-apps-making-changes-to-ftp- deployments/

    NEW QUESTION 4
    DRAG DROP
    You have an Azure subscription that contains an Azure Service Bus named Bus1.
    Your company plans to deploy two Azure web apps named App1 and App2. The web apps will create messages that have the following requirements:
    Each message created by App1 must be consumed by only a single consumer
    Each message created by App2 will be consumed by multiple consumers.
    Which resource should you create for each web app? To answer, drag the appropriate resources to the correct web apps. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
    NOTE: Each correct selection is worth one point.
    AZ-101 dumps exhibit

      Answer:

      Explanation: AZ-101 dumps exhibit

      NEW QUESTION 5
      You need to deploy an application gateway named appgwl015 to meet the following requirements: Load balance internal IP traffic to the Azure virtual machines connected to subnet0.
      Provide a Service Level Agreement (SLA) of 99.99 percent availability for the Azure virtual machines.
      What should you do from the Azure portal?

        Answer:

        Explanation: Step 1:
        Click New found on the upper left-hand corner of the Azure portal.
        Step 2:
        Select Networking and then select Application Gateway in the Featured list.
        Step 3:
        Enter these values for the application gateway: appgw1015 - for the name of the application gateway. SKU Size: Standard_V2
        The new SKU [Standard_V2] offers autoscaling and other critical performance enhancements.
        AZ-101 dumps exhibit
        Step 4:
        Accept the default values for the other settings and then click OK.
        Step 5:
        Click Choose a virtual network, and select subnet0. References:
        https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-create-gateway- portal

        NEW QUESTION 6
        You have an Azure subscription.
        You enable multi-factor authentication for all users.
        Some users report that the email applications on their mobile device cannot co browser and from Microsoft Outlook 2016 on their computer.
        You need to ensure that the users can use the email applications on their mobile device. What should you instruct the users to do?
        The users can access Exchange Online by using a web

        • A. Enable self-service password reset.
        • B. Create an app password.
        • C. Reset the Azure Active Directory (Azure AD) password.
        • D. Reinstall the Microsoft Authenticator app.

        Answer: A

        Explanation: References:
        https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks

        NEW QUESTION 7
        Note: This question is part of a series of questions that present the same scenario
        goals. Some question sets might have more than one correct solution, while others ion in the series contains a unique solution that might meet the stated not have a correct solution.
        After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
        You have an Azure web app named Appl. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.
        You discover that App1 stops each day after running continuously for 60 minutes. You need to ensure that App1 can run continuously for the entire day.
        Solution: You add a triggered WebJob to App1. Does this meet the goal?

        • A. Yes
        • B. No

        Answer: B

        Explanation: You need to change to Basic pricing Tier.
        Note: The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.
        References:
        https://azure.microsoft.com/en-us/pricing/details/app-service/windows/

        NEW QUESTION 8
        You are configuring Azure Active Directory (AD) Privileged Identity Management.
        You need to provide a user named Admm1 with read access to a resource group named RG1 for only one month.
        The user role must be assigned immediately.
        What should you do?

        • A. Assign an active role.
        • B. Assign an eligible role.
        • C. Assign a permanently active role.
        • D. Create a custom role and a conditional access policy.

        Answer: B

        Explanation: Azure AD Privileged Identity Management introduces the concept of an eligible admin. Eligible admins should be users that need privileged access now and then, but not all-day, every day. The role is inactive until the user needs access, then they complete an activation process and become an active admin for a predetermined amount of time.
        References:
        https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

        NEW QUESTION 9
        HOTSPOT
        You need to prepare the environment to implement the planned changes for Server2.
        What should you do? To answer, select the appropriate options in the answer area.
        NOTE: Each correct selection is worth one point.
        AZ-101 dumps exhibit

          Answer:

          Explanation: Box 1: Create a Recovery Services vault
          Create a Recovery Services vault on the Azure Portal. Box 2: Install the Azure Site Recovery Provider
          Azure Site Recovery can be used to manage migration of on-premises machines to Azure. Scenario: Migrate the virtual machines hosted on Server1 and Server2 to Azure.
          Server2 has the Hyper-V host role. References:
          https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure

          Case Study: 5
          Mix Questions Set C (Evaluate and perform server migration to Azure)

          NEW QUESTION 10
          You have an Azure Active Directory (Azure AD) tenant named Tenant1 and an Azure subscription named You enable Azure AD Privileged Identity Management.
          You need to secure the members of the Lab Creator role. The solution must ensure that the lab creators request access when they create labs.
          What should you do first?

          • A. From Azure AD Privileged Identity Management, edit the role settings for Lab Creator.
          • B. From Subscription1 edit the members of the Lab Creator role.
          • C. From Azure AD Identity Protection, creates a user risk policy.
          • D. From Azure AD Privileged Identity Management, discover the Azure resources of Conscription.

          Answer: A

          Explanation: As a Privileged Role Administrator you can:
          Enable approval for specific roles
          Specify approver users and/or groups to approve requests
          View request and approval history for all privileged roles References:
          https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

          NEW QUESTION 11
          You have an Azure Service Bus.
          You need to implement a Service Bus queue that guarantees first in first-out (FIFO) delivery of messages.
          What should you do?

          • A. Set the Lock Duration setting to 10 seconds.
          • B. Enable duplicate detection.
          • C. Set the Max Size setting of the queue to 5 GB.
          • D. Enable partitioning.
          • E. Enable sessions.

          Answer: E

          Explanation: Through the use of messaging sessions you can guarantee ordering of messages, that is first-in-first- out (FIFO) delivery of messages.
          References:
          https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-bus- queues-compared-contrasted

          NEW QUESTION 12
          You have an Azure virtual network named VNet1 that contains a subnet named Subnet1. Subnet1 contains three Azure virtual machines. Each virtual machine has a public IP address.
          The virtual machines host several applications that are accessible over port 443 to user on the Internet.
          Your on-premises network has a site-to-site VPN connection to VNet1.
          You discover that the virtual machines can be accessed by using the Remote Desktop Protocol (RDP) from the Internet and from the on-premises network.
          You need to prevent RDP access to the virtual machines from the Internet, unless the RDP connection is established from the on-premises network. The solution must ensure that all the applications can still be accesses by the Internet users.
          What should you do?

          • A. Modify the address space of the local network gateway.
          • B. Remove the public IP addresses from the virtual machines.
          • C. Modify the address space of Subnet1.
          • D. Create a deny rule in a network security group (NSG) that is linked to Subnet1.

          Answer: D

          Explanation: You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
          References:
          https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

          NEW QUESTION 13
          From the MFA Server blade, you open the Block/unblock users blade as shown in the exhibit.
          AZ-101 dumps exhibit
          What caused AlexW to be blocked?

          • A. An administrator manually blocked the user.
          • B. The user reports a fraud alert when prompted for additional authentication.
          • C. The user account password expired.
          • D. The user entered an incorrect PIN four times within 10 minutes.

          Answer: B

          NEW QUESTION 14
          You plan to deploy an application getaway named appgw1015 to load balance IP traffic to the Azure virtual machines connected to subnet0.
          You need to configure a virtual network named VNET1015 to support the planned application gateway.
          What should you do from the Azure portal?

            Answer:

            Explanation: Step 1:
            Click Networking, Virtual Network, and select VNET1015.
            Step 2:
            Click Subnets, and Click +Add on the VNET1015 - Subnets pane that appears.
            Step 3:
            On the Subnets page, click +Gateway subnet at the top to open the Add subnet page.
            AZ-101 dumps exhibit
            Step 4:
            Locate subnet0 and add it. References:
            https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource- manager-portal

            NEW QUESTION 15
            HOTSPOT
            Your company has offices in New York and Los Angeles.
            You have an Azure subscription that contains an Azure virtual network named VNet1. Each office has a site-to-site VPN connection to VNet1.
            Each network uses the address spaces shown in the following table.
            AZ-101 dumps exhibit
            You need to ensure that all Internet-bound traffic from VNet1 is routed through the New York office.
            What should you do? To answer, select the appropriate options in the answer are a.
            NOTE: Each correct selection is worth one point.
            AZ-101 dumps exhibit

              Answer:

              Explanation: Incorrect Answers:
              Not: New-AzureRmVirtualNetworkGatewayConnection
              This command creates the Site-to-Site VPN connection between the virtual network gateway and the on-prem VPN device. We already have Site-to-Site VPN connections.
              Box 2: 192.168.0.0/20
              Specify the VNET1 address. References:
              https://docs.microsoft.com/en-us/powershell/module/azurerm.network/set- azurermvirtualnetworkgatewaydefaultsite

              NEW QUESTION 16
              A web developer creates a web application that you plan to deploy as an Azure web app.
              Users must enter credentials to access the web application.
              You create a new web app named WebAppl1 and deploy the web application to WebApp1.
              You need to disable anonymous access to WebApp1. What should you configure?

              • A. Advanced Tools
              • B. Authentication/ Authorization
              • C. Access control (IAM)
              • D. Deployment credentials

              Answer: B

              Explanation: Anonymous access is an authentication method. It allows users to establish an anonymous connection.
              References:
              https://docs.microsoft.com/en-us/biztalk/core/guidelines-for-resolving-iis-permissions-problems

              NEW QUESTION 17
              You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1. You need to ensure that you can configure a point-to-site connection from VNet1 to an on-premises computer. Which two actions should you perform? Each correct answer presents part of the solution.
              NOTE: Each correct selection is worth one point.

              • A. Reset GW1.
              • B. Add a service endpoint to VNet1.
              • C. Add a connection to GW1.
              • D. Add a public IP address space to VNet1.
              • E. Delete GWL
              • F. Create a route-based virtual network gateway.

              Answer: EF

              Explanation: E: Policy-based VPN devices use the combinations of prefixes from both networks to define how traffic is encrypted/decrypted through IPsec tunnels. It is typically built on firewall devices that perform packet filtering. IPsec tunnel encryption and decryption are added to the packet filtering and processing engine.
              F: A VPN gateway is used when creating a VPN connection to your on-premises network.
              Route-based VPN devices use any-to-any (wildcard) traffic selectors, and let routing/forwarding tables direct traffic to different IPsec tunnels. It is typically built on router platforms where each IPsec tunnel is modeled as a network interface or VTI (virtual tunnel interface).
              Incorrect Answers:
              D: Point-to-Site connections do not require a VPN device or a public-facing IP address. References:
              https://docs.microsoft.com/en-us/azure/vpn-gateway/create-routebased-vpn-gateway-portal https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-connect-multiple-policybased-rm- ps

              Case Study: 7
              Lab 2
              Overview
              This is a lab or performance-based testing (PBT) section.
              The following section of the exam is a lab. In this section, you will perform a set of tasks m a live environment. While most liable to you as it would be m a live environment, some functionality (e g, copy and paste, ability to having sites) will not be possible by design.
              Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the lab9s0 and all other sections of the
              exam in the time provided.
              Please note that once you submit your work by clicking the Next button within a lab. you will NOT be able to return to the tab.
              AZ-101 dumps exhibit
              AZ-101 dumps exhibit
              AZ-101 dumps exhibit
              To connect to Azure portal, type https://portal.azure.com in te browser address bar.

              Recommend!! Get the Full AZ-101 dumps in VCE and PDF From Surepassexam, Welcome to Download: https://www.surepassexam.com/AZ-101-exam-dumps.html (New 67 Q&As Version)


              [TRY FREE] BUY AZ-101 Full version( pdf+software ):
              https://www.exambible.com/AZ-101-exam/