Question 1
Question
Which of the following could grant or deny access based on the originating IP address?
Answer
-
Azure Active Directory
-
Aure Firewall
-
VPN Gateway
Question 2
Question
Which of the following could require both a password and a security question for full authentication?
Question 3
Question
Which of the following services would you use to filter internet traffic in your Azure virtual network?
Answer
-
Azure Firewall
-
Network Security Group
-
VPN Gateway
Question 4
Question
Which of the following lets you store passwords in Azure so you can centrally manage them for your services and applications?
Question 5
Question
Which of the following should you use to download published audit reports and how Microsoft builds and operates its cloud services?
Answer
-
Azure Policy
-
Azure Service Health
-
Service Trust Portal
Question 6
Question
Which of the following provides information about planned maintenance and changes that could affect the availability of your resources?
Answer
-
Azure Monitor
-
Azure Security Center
-
Azure Service Health
Question 7
Question
Where can you obtain details about the personal data Microsoft processes, how Microsoft processes it, and for what purposes?
Question 8
Question
Which of the following can be used to help you enforce resource tagging so you can manage billing?
Answer
-
Azure Policy
-
Azure Service Health
-
Compliance Manager
Question 9
Question
Which of the following can be used to define a repeatable set of Azure resources that implement organizational requirements?
Answer
-
Azure Blueprint
-
Azure Policy
-
Azure Resource Groups
Question 10
Question
Which of the following lets you grant users only the rights they need to perform their jobs?
Question 11
Question
Which of these options helps you most easily disable an account when an employee leaves your company?
Question 12
Question
What is Azure Information Protection?
Answer
-
AIP is a cloud-based solution that helps organizations classify and (optionally) protect its documents and emails by applying labels. Labels can be applied automatically (by administrators who define rules and conditions), manually (by users), or with a combination of both (where users are guided by recommendations).
-
AIP is a cloud-based security solution that identifies, detects, and helps you investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
-
AIP is a monitoring service that provides threat protection across all of your services both in Azure, and on-premises.
Question 13
Question
Which of the following items would be good use of a resource lock?
Answer
-
An ExpressRoute circuit with connectivity back to your on-premises network
-
A non-production virtual machine used to test occasional application builds
-
A storage account used to temporarily store images processed in a development environment
Question 14
Question
Which of the following approaches would be the most efficient way to ensure a naming convention was followed across your subscription?
Answer
-
Send out an email with the details of your naming conventions and hope it is followed.
-
Create a policy with your naming requirements and assign it to the scope of your subscription
-
Give all other users except for yourself read-only access to the subscription. Have all requests to create resources sent to you so you can review the names being assigned to resources, and then create them.