It is impossible to pass Microsoft AZ-102 exam without any help in the short term. Come to us soon and find the most advanced, correct and guaranteed AZ-102 Exam Questions and Answers. You will get a surprising result by our AZ-102 Exam Dumps.
Online AZ-102 free questions and answers of New Version:
NEW QUESTION 1
You need to define a custom domain name for Azure AD to support the planned infrastructure. Which domain name should you use?
- A. Join the client computers in the Miami office to Azure AD.
- B. Add http://autologon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miami office.
- C. Allow inbound TCP port 8080 to the domain controllers in the Miami office.
- D. Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication
- E. Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miamioffic
Answer: BD
Explanation: Every Azure AD directory comes with an initial domain name in the form of domainname.onmicrosoft.com. The initial domain name cannot be changed or deleted, but you can add your corporate domain name to Azure AD as well. For example, your organization probably has other domain names used to do business and users who sign in using your corporate domain name. Adding custom domain names to Azure AD allows you to assign user names in the directory that are familiar to your users, such as ‘alice@contoso.com.’ instead of 'alice@domain name.onmicrosoft.com'.
Scenario:
Network Infrastructure: Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.
Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com Planned Azure AD Infrastructure: The on-premises Active Directory domain will be synchronized to Azure AD.
References: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-customdomain
NEW QUESTION 2
You have an Azure Service Bus.
You create a queue named Queue1. Queue1 is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: deleted after two hours
All messages sent into a queue or topic are subject to a default expiration that is set at the entity level with the defaultMessageTimeToLive property and which can also be set in the portal during creation and adjusted later. The default expiration is used for all messages sent to the entity where TimeToLive is not explicitly set. The default expiration also functions as a ceiling for the TimeToLive value. Messages that have a longer TimeToLive expiration than the default value are silently adjusted to the defaultMessageTimeToLive value before being enqueued.
Box 2: deleted in one hour References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/message-expiration
NEW QUESTION 3
You have an azure subscription that contain a virtual named VNet1. VNet1. contains four subnets named Gatesway, perimeter, NVA, and production.
The NVA contain two network virtual appliance (NVAs) that will network traffic inspection between the perimeter subnet and the production subnet.
You need o implement an Azure load balancer for the NVAs. The solution must meet the following requirements:
The NVAs must run in an active-active configuration that uses automatic failover.
The NVA must load balance traffic to two services on the Production subnet. The services have different IP addresses
Which three actions should you perform? Each correct answer presents parts of the solution. NOTE: Each correct selection is worth one point.
- A. Add two load balancing rules that have HA Ports enabled and Floating IP disabled.
- B. Deploy a standard load balancer.
- C. Add a frontend IP configuration, two backend pools, and a health prob.
- D. Add a frontend IP configuration, a backend pool, and a health probe.
- E. Add two load balancing rules that have HA Ports and Floating IP enabled.
- F. Deploy a basic load balance
Answer: BCE
Explanation: A standard load balancer is required for the HA ports.
-Two backend pools are needed as there are two services with different IP addresses.
-Floating IP rule is used where backend ports are reused. Incorrect Answers:
F: HA Ports are not available for the basic load balancer. References:
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-overview https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-multivip-overview
NEW QUESTION 4
You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains 100 user accounts.
You purchase 10 Azure AD Premium P2 licenses for the tenant.
You need to ensure that 10 users can use all the Azure AD Premium features. What should you do?
- A. From the Groups blade of each user, invite the users to a group.
- B. From the Licenses blade of Azure AD, assign a license.
- C. From the Directory role blade of each user, modify the directory role.
- D. From the Azure AD domain, add an enterprise applicatio
Answer: B
Explanation: To assign a license, under Azure Active Directory > Licenses > All Products, select one or more
products, and then select Assign on the command bar.
References: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/license-usersgroups
NEW QUESTION 5
You have an Azure subscription that contains 100 virtual machines. You regularly create and delete virtual machines.
You need to identify unused disks that can be deleted. What should you do?
- A. From Microsoft Azure Storage Explorer, view the Account Management properties.
- B. From the Azure portal, configure the Advisor recommendations.
- C. From Cloudyn, open the Optimizer tab and create a report.
- D. From Cloudyn, create a Cost Management repor
Answer: A
Explanation: You can find unused disks in the Azure Storage Explorer console. Once you drill down to the Blob containers under a storage account, you can see the lease state of the residing VHD (the lease state determines if the VHD is being used by any resource) and the VM to which it is leased out. If you find that the lease state and the VM fields are blank, it means that the VHD in question is unused.
Note: The ManagedBy property stores the Id of the VM to which Managed Disk is attached to. If the ManagedBy property is $null then it means that the Managed Disk is not attached to a VM References:
https://cloud.netapp.com/blog/reduce-azure-storage-costs
NEW QUESTION 6
You plan to grant the member of a new Azure AD group named crop 75099086 the right to delegate administrative access to any resource in the resource group named 7509086.
You need to create the Azure AD group and then to assign the correct to e to the group. The solution must use the principle of least privilege and minimize the number of role assignments.
What should you do from the Azure portal?
Answer:
Explanation: Step 1:
Click Resource groups from the menu of services to access the Resource Groups blade
Step 2:
Click Add (+) to create a new resource group. The Create Resource Group blade appears. Enter corp7509086 as the Resource group name, and click the Create button.
Step 3: Select Create.
Your group is created and ready for you to add members. Now we need to assign a role to this resource group scope. Step 4:
Choose the newly created Resource group, and Access control (IAM) to see the current list of role assignments at the resource group scope. Click +Add to open the Add permissions pane.
Step 5:
In the Role drop-down list, select a role Delegate administration, and select Assign access to: resource group corp7509086
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal https://www.juniper.net/documentation/en_US/vsrx/topics/task/multi-task/security-vsrx-azuremarketplace- resource-group.html
Case Study: 11
Mix Questions Set E (Security Identities)
NEW QUESTION 7
HOT SPOT
You have an Azure Storage accounts as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: storageaccount1 and storageaccount2 only Box 2: All the storage accounts
Note: The three different storage account options are: General-purpose v2 (GPv2) accounts, Generalpurpose v1 (GPv1) accounts, and Blob storage accounts.
General-purpose v2 (GPv2) accounts are storage accounts that support all of the latest features for blobs, files, queues, and tables.
Blob storage accounts support all the same block blob features as GPv2, but are limited to supporting only block blobs.
General-purpose v1 (GPv1) accounts provide access to all Azure Storage services, but may not have the latest features or the lowest per gigabyte pricing.
References: https://docs.microsoft.com/en-us/azure/storage/common/storage-account-options
NEW QUESTION 8
Your company registers a domain name of contoso.com.
You create an Azure DNS named contoso.com and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.
You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address.
You need to resolve the name resolution issue.
Solution: You modify the SOA record in the contoso.com zone Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation: Modify the NS record, not the SOA record.
Note: The SOA record stores information about the name of the server that supplied the data for the zone; the administrator of the zone; the current version of the data file; the number of seconds a secondary name server should wait before checking for updates; the number of seconds a secondary name server should wait before retrying a failed zone transfer; the maximum number of seconds that a secondary name server can use data before it must either be refreshed or expire; and a default number of seconds for the time-to-live file on resource records.
References: https://searchnetworking.techtarget.com/definition/start-of-authority-record
NEW QUESTION 9
You have an on-premises network that contains a Hyper-V host named Host1. Host1 runs Windows Server 2021 and hosts 10 virtual machines that run Windows Server 2021.
You plan to replicate the virtual machines to Azure by using Azure Site Recovery. You create a Recovery Services vault named ASR1 and a Hyper-V site named Site1. You need to add Host1 to ASR1.
What should you do?
- A. Download the installation file for the Azure Site Recovery Provide
- B. Download the vault registration key.Install the Azure Site Recovery Provider on Host1 and register the server.
- C. Download the installation file for the Azure Site Recovery Provide
- D. Download the storage account key.Install the Azure Site Recovery Provider on Host1 and register the server.
- E. Download the installation file for the Azure Site Recovery Provide
- F. Download the vault registration key.Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.
- G. Download the installation file for the Azure Site Recovery Provide
- H. Download the storage account key.Install the Azure Site Recovery Provider on each virtual machine and register the virtual machine
Answer: A
Explanation: Download the Vault registration key. You need this when you install the Provider. The key is valid for five days after you generate it.
Install the Provider on each VMM server. You don't need to explicitly install anything on Hyper-V hosts.
Incorrect Answers:
B, D: Use the Vault Registration Key, not the storage account key. References:
https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure
NEW QUESTION 10
Note: This question is part of a series of questions that present the same scenario goals. Some question sets might have more than one correct solution, while others
ion in the series contains a unique solution that might meet the stated not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure web app named Appl. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.
You discover that App1 stops each day after running continuously for 60 minutes. You need to ensure that App1 can run continuously for the entire day.
Solution: You add a triggered WebJob to App1. Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation: You need to change to Basic pricing Tier.
Note: The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.
References:
https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
NEW QUESTION 11
You are building a custom Azure function app to connect to Azure Event Grid.
You need to ensure that resources are allocated dynamically to the function app. Billing must be based on the executions of the app.
What should you configure when you create the function app?
- A. the Windows operating system and the Consumption plan hosting plan
- B. the Windows operating system and the App Service plan hosting plan
- C. the Docker container and an App Service plan that uses the Bl1 pricing tier
- D. the Docker container and an App Service plan that uses the SI pricing
Answer: A
Explanation: Azure Functions runs in two different modes: Consumption plan and Azure App Service plan. The Consumption plan automatically allocates compute power when your code is running. Your app is scaled out when needed to handle load, and scaled down when code is not running.
Incorrect Answers:
B: When you run in an App Service plan, you must manage the scaling of your function app. References:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-first-azure-function
NEW QUESTION 12
You plan to migrate an on-premises Hyper-V environment to Azure by using Azure Site Recovery. The Hyper-V environment is managed by using Microsoft System Center Virtual Machine Manager (VMM).
The Hyper-V environment contains the virtual machines in the following table.
Which virtual machine can be migrated by using Azure Site Recovery?
- A. DC1
- B. SQL1
- C. CA1
- D. FS1
Answer: B
Explanation: Up to 300 GB OS disk size is supported for generation 2 VMs and BitLocker is not enabled.
NEW QUESTION 13
Which blade should you instruct the finance department auditors to use?
- A. invoices
- B. partner information
- C. cost analysis
- D. External services
Answer: A
NEW QUESTION 14
Note: This question is part of a series of Questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these Questions will not appear in the review screen.
You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.
You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Deployments.
Does this meet the goal?
- A. Yes
- B. No
Answer: A
NEW QUESTION 15
You need to resolve the Active Directory issue. What should you do?
- A. From Active Directory Users and Computers, select the user accounts, and then modify the User PrincipalName value.
- B. Run idfix.exe, and then use the Edit action.
- C. From Active Directory Domains and Trusts, modify the list of UPN suffixes.
- D. From Azure AD Connect, modify the outbound synchronization rul
Answer: B
Explanation: IdFix is used to perform discovery and remediation of identity objects and their attributes in an onpremises Active Directory environment in preparation for migration to Azure Active Directory. IdFix is
intended for the Active Directory administrators responsible for directory synchronization with Azure Active Directory.
Scenario: Active Directory Issue
Several users in humongousinsurance.com have UPNs that contain special characters. You suspect that some of the characters are unsupported in Azure AD.
References: https://www.microsoft.com/en-us/download/details.aspx?id=36832
NEW QUESTION 16
DRAG DROP
You have an Azure subscription named Subscription1.
You create an Azure Storage account named contosostorage, and then you create a file share named
data.
Which UNC path should you include in a script that references files from the data file share? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: contosostorage The name of account
Box 2: file.core.windows.net
Box 3: data
The name of the file share is data. Example:
References: https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows
NEW QUESTION 17
You are the global administrator for an Azure Active Directory (Azure AD) tenant named adatum.com. From the Azure Active Directory blade, you assign the Conditional Access Administrator role to a user You need to ensure that Admin1 has just-in-time access as a conditional access administrator.
What should you do next?
- A. Enable Azure AD Multi-Factor Authentication (MFA).
- B. Set Admin1 as Eligible for the Privileged Role Administrator role.
- C. Admin1 as Eligible for the Conditional Access Administrator role.
- D. Enable Azure AD Identity Protectio
Answer: A
Explanation: Require MFA for admins is a baseline policy that requires MFA for the following directory roles: Global administrator
SharePoint administrator Exchange administrator Conditional access administrator Security administrator References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/baseline-protection
NEW QUESTION 18
HOT SPOT
You plan to create a new Azure Active Directory (Azure AD) role.
You need to ensure that the new role can view all the resources in the Azure subscription and issue support requests to Microsoft. The solution must use the principle of least privilege.
How should you complete the JSON definition? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: "*/read",
*/read lets you view everything, but not make any changes. Box 2: " Microsoft.Support/*"
The action Microsoft.Support/* enables creating and management of support tickets. References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
NEW QUESTION 19
You have the Azure virtual networks shown in the following table.
To which virtual networks can you establish a peering connection from VNet1?
- A. VNet2 and VNet3 only
- B. VNet2 only
- C. VNet3 and VNet4 only
- D. VNet2, VNet3, and VNet4
Answer: C
Explanation: The virtual networks you peer must have non-overlapping IP address spaces. The VNet1 and VNhet2 address spaces overlap. The range of VNet2 is contained inside the range of VNet1.
References:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-managepeering# requirements-and-constraints
100% Valid and Newest Version AZ-102 Questions & Answers shared by prep-labs.com, Get Full Dumps HERE: https://www.prep-labs.com/dumps/AZ-102/ (New 195 Q&As)