AZ-102 Braindumps for Microsoft certification, Real Success Guaranteed with Updated AZ-102 Dumps. 100% PASS AZ-102 Microsoft Azure Administrator Certification Transition exam Today!
Free AZ-102 Demo Online For Microsoft Certifitcation:
NEW QUESTION 1
HOT SPOT
You have an Azure Active Directory (Azure AD) tenant named adatum.com. Adatum.com contains the groups in the following table.
You create two user accounts that are configured as shown in the following table.
To which groups do User1 and User2 belong? To answer. select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: Group 1 only First rule applies
Box 2: Group1 and Group2 only Both membership rules apply.
References: https://docs.microsoft.com/en-us/sccm/core/clients/manage/collections/createcollections
NEW QUESTION 2
DRAG DROP
You have two Azure virtual machines named VM1 and VM2. VM1 has a single data disk named Disk1. You need to attach Disk1 to VM2. The solution must minimize downtime for both virtual machines.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation: Step 1: Stop VM1.
Step 2: Detach Disk1 from VM1. Step 3: Start VM1.
Detach a data disk using the portal
In the left menu, select Virtual Machines.
Select the virtual machine that has the data disk you want to detach and click Stop to deallocate the
VM.
In the virtual machine pane, select Disks. At the top of the Disks pane, select Edit.
In the Disks pane, to the far right of the data disk that you would like to detach, click the Detach button image detach button.
After the disk has been removed, click Save on the top of the pane.
In the virtual machine pane, click Overview and then click the Start button at the top of the pane to restart the VM.
The disk stays in storage but is no longer attached to a virtual machine. Step 4: Attach Disk1 to VM2
Attach an existing disk
Follow these steps to reattach an existing available data disk to a running VM. Select a running VM for which you want to reattach a data disk.
From the menu on the left, select Disks.
Select Attach existing to attach an available data disk to the VM. From the Attach existing disk pane, select OK.
References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/detach-disk https://docs.microsoft.com/en-us/azure/lab-services/devtest-lab-attach-detach-data-disk
NEW QUESTION 3
You are planning the move of App1 to Azure. You create a network security group (NSG).
You need to recommend a solution to provide users with access to App1. What should you recommend?
- A. Create an outgoing security rule for port 443 from the Interne
- B. Associate the NSG to all the subnets.
- C. Create an incoming security rule for port 443 from the Interne
- D. Associate the NSG to all the subnets.
- E. Create an incoming security rule for port 443 from the Interne
- F. Associate the NSG to the subnet thatcontains the web servers.
- G. Create an outgoing security rule for port 443 from the Interne
- H. Associate the NSG to the subnet thatcontains the web server
Answer: C
Explanation: As App1 is public-facing we need an incoming security rule, related to the access of the web servers. Scenario: You have a public-facing application named App1. App1 is comprised of the following three tiers: a SQL database, a web front end, and a processing middle tier.
Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only.
NEW QUESTION 4
HOT SPOT
You have a virtual network named VNet1 that has the configuration shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: add a subnet
Your IaaS virtual machines (VMs) and PaaS role instances in a virtual network automatically receive a private IP address from a range that you specify, based on the subnet they are connected to. We
need to add the 192.168.1.0/24 subnet. Box 2: add a network interface
The 10.2.1.0/24 network exists. We need to add a network interface.
References: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-privateip- arm-pportal
NEW QUESTION 5
You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.
You need to delete the Recovery Services vault. What should you do first?
- A. From the Recovery Service vault, stop the backup of each backup item.
- B. From the Recovery Service vault, delete the backup data.
- C. Modify the disaster recovery properties of each virtual machine.
- D. Modify the locks of each virtual machin
Answer: A
Explanation: You can't delete a Recovery Services vault if it is registered to a server and holds backup data. If youtry to delete a vault, but can't, the vault is still configured to receive backup data. Remove vault dependencies and delete vault
In the vault dashboard menu, scroll down to the Protected Items section, and click Backup Items. In this menu, you can stop and delete Azure File Servers, SQL Servers in Azure VM, and Azure virtual machines.
References: https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault
NEW QUESTION 6
HOT SPOT
You have peering configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: vNET6 only
Box 2: Modify the address space
The virtual networks you peer must have non-overlapping IP address spaces.
References: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-managepeering#requirements-and-constraints
NEW QUESTION 7
Your marketing team creates a new website that you must load balance for 99.99 percent availability. You need to deploy and configure a solution for both machines in the Web-AS availability set to load balance the website over HTTP. The solution must use the load balancer your resource group.
What should you do from the Azure portal?
Answer:
Explanation: To distribute traffic to the VMs in the availability set, a back-end address pool contains the IP addresses of the virtual NICs that are connected to the load balancer. Create the back-end address pool to include the VMs in the availability set.
Step 1:
Select All resources on the left menu, and then select LoadBalancer from the resource list. Step 2:
Under Settings, select Backend pools, and then select Add. Step 3:
On the Add a backend pool page, select the Web-AS availability set, and then select OK:
References:
https://docs.microsoft.com/en-us/azure/load-balancer/quickstart-create-basic-load-balancer-portal
NEW QUESTION 8
You have an Azure subscription that contains a virtual machine named VM1. VM1 hosts a line-ofbusiness application that is available 24 hours a day. VM1 has one network interface and one
managed disk. VM1 uses the D4s v3 size.
You plan to make the following changes to VM1: Change the size to D8s v3.
Add a 500-GB managed disk. Add the Puppet Agent extension.
Attach an additional network interface. Which change will cause downtime for VM1?
- A. Add a 500-GB managed disk.
- B. Attach an additional network interface.
- C. Add the Puppet Agent extension.
- D. Change the size to D8s v3.
Answer: D
Explanation: While resizing the VM it must be in a stopped state.
References: https://azure.microsoft.com/en-us/blog/resize-virtual-machines/
NEW QUESTION 9
You need to define a custom domain name for Azure AD to support the planned infrastructure. Which domain name should you use?
- A. Join the client computers in the Miami office to Azure AD.
- B. Add http://autologon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miami office.
- C. Allow inbound TCP port 8080 to the domain controllers in the Miami office.
- D. Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication
- E. Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miamioffic
Answer: BD
Explanation: Every Azure AD directory comes with an initial domain name in the form of domainname.onmicrosoft.com. The initial domain name cannot be changed or deleted, but you can add your corporate domain name to Azure AD as well. For example, your organization probably has other domain names used to do business and users who sign in using your corporate domain name. Adding custom domain names to Azure AD allows you to assign user names in the directory that are familiar to your users, such as ‘alice@contoso.com.’ instead of 'alice@domain name.onmicrosoft.com'.
Scenario:
Network Infrastructure: Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.
Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com Planned Azure AD Infrastructure: The on-premises Active Directory domain will be synchronized to Azure AD.
References: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-customdomain
NEW QUESTION 10
HOT SPOT
You purchase a new Azure subscription named Subscription1.
You create a virtual machine named VM1 in Subscription1. VM1 is not protected by Azure Backup. You need to protect VM1 by using Azure Backup. Backups must be created at 01:00 and stored for 30 days.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: A Recovery Services vault
A Recovery Services vault is an entity that stores all the backups and recovery points you create over time.
Box 2: A backup policy
What happens when I change my backup policy?
When a new policy is applied, schedule and retention of the new policy is followed. References:
https://docs.microsoft.com/en-us/azure/backup/backup-configure-vault https://docs.microsoft.com/en-us/azure/backup/backup-azure-backup-faq
NEW QUESTION 11
DRAG DROP
You have an Azure subscription that contains an Azure Service Bus named Bus1.
Your company plans to deploy two Azure web apps named App1 and App2. The web apps will create messages that have the following requirements:
Each message created by App1 must be consumed by only a single consumer Each message created by App2 will be consumed by multiple consumers.
Which resource should you create for each web app? To answer, drag the appropriate resources to the correct web apps. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 12
You plan to migrate an on-premises Hyper-V environment to Azure by using Azure Site Recovery. The Hyper-V environment is managed by using Microsoft System Center Virtual Machine Manager (VMM).
The Hyper-V environment contains the virtual machines in the following table.
Which virtual machine can be migrated by using Azure Site Recovery?
- A. DC1
- B. SQL1
- C. CA1
- D. FS1
Answer: B
Explanation: Up to 300 GB OS disk size is supported for generation 2 VMs and BitLocker is not enabled.
NEW QUESTION 13
You have an Azure subscription named Subscription1. Subscription1 contains the resource groups in the following table.
RG1 has a web app named WebApp1. WebApp1 is located in West Europe. You move WebApp1 to RG2. What is the effect of the move?
- A. The App Service plan to WebApp1 moves to North Europ
- B. Policy2 applies to WebApp1.
- C. The App Service plan to WebApp1 moves to North Europ
- D. Policy1 applies to WebApp1.
- E. The App Service plan to WebApp1 remains to West Europ
- F. Policy2 applies to WebApp1.
- G. The App Service plan to WebApp1 remains to West Europ
- H. Policy1 applies to WebApp1.
Answer: C
NEW QUESTION 14
You plan to deploy a site-to-site VPN connection from on-premises network to your Azure environment. The VPN connection will be established to the VNET01-USEA2 virtual network. You need to create the required resources in Azure for the planned site-to-site VPN. The solution must minimize costs.
What should you do from the Azure portal?
NOTE: This task may a very long time to complete. You do NOT need to wait for the deployment to complete this task successfully.
Answer:
Explanation: We create a VPN gateway. Step 1:
On the left side of the portal page, click + and type 'Virtual Network Gateway' in search. In Results, locate and click Virtual network gateway.
Step 2:
At the bottom of the 'Virtual network gateway' page, click Create. This opens the Create virtual network gateway page.
Step 3:
On the Create virtual network gateway page, specify the values for your virtual network gateway. Gateway type: Select VPN. VPN gateways use the virtual network gateway type VPN.
Virtual network: Choose the existing virtual network VNET01-USEA2
Gateway subnet address range: You will only see this setting if you did not previously create a gateway subnet for your virtual network.
Step 4:
Select the default values for the other setting, and click create.
The settings are validated and you'll see the "Deploying Virtual network gateway" tile on the dashboard. Creating a gateway can take up to 45 minutes.
Note: This task may take a very long time to complete. You do NOT need to wait for the deployment to complete this task successfully.
References:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resourcemanager- portal
Case Study: 7 Contoso Case Study Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The Montreal office has 2,000 employees. The Seattle office has 1,000 employees. The New York office has 200 employees.
All the resources used by Contoso are hosted on-premises.
Contoso creates a new Azure subscription. The Azure Active Directory (Azure AD) tenant uses a domain named contoso.onmicrosoft.com. The tenant uses the P1 pricing tier.
Existing Environment
The network contains an Active Directory forest named contoso.com. All domain controllers are configured as DNS servers and host the contoso.com DNS zone.
Contoso has finance, human resources, sales, research, and information technology departments. Each department has an organizational unit (OU) that contains all the accounts of that respective department. All the user accounts have the department attribute set to their respective department.
New users are added frequently. Contoso.com contains a user named User1. All the offices connect by using private links.
Contoso has data centers in the Montreal and Seattle offices. Each data center has a firewall that can be configured as a VPN device.
All infrastructure servers are virtualized. The virtualization environment contains the servers in the following table.
Contoso uses two web applications named App1 and App2. Each instance on each web application requires 1GB of memory.
The Azure subscription contains the resources in the following table.
The network security team implements several network security groups (NSGs). Planned Changes
Contoso plans to implement the following changes:
• Deploy Azure ExpressRoute to the Montreal office.
• Migrate the virtual machines hosted on Server1 and Server2 to Azure.
• Synchronize on-premises Active Directory to Azure Active Directory (Azure AD).
• Migrate App1 and App2 to two Azure web apps named webApp1 and WebApp2..
Technical requirements
Contoso must meet the following technical requirements:
• Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instance*.
• Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
• Ensure that routing information is exchanged automatically between Azure and the routers in the Montreal office.
• Enable Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
• Ensure that webapp2.azurewebsites.net can be accessed by using the name app2.contoso.com.
• Connect the New Your office to VNet1 over the Internet by using an encrypted connection.
• Create a workflow to send an email message when the settings of VM4 are modified.
• Cre3te a custom Azure role named Role1 that is based on the Reader role.
• Minimize costs whenever possible.
NEW QUESTION 15
Note: This questions is part of a series of questions that present the same scenario. Each questions in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution. After you answer a questions in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.
You receive a notification that VM1 will be affected by maintenance. You need to move VM1 to a different host immediately.
Solution: From the Update management blade, you click enable. Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation: You would need to Redeploy the VM.
References: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/redeploy-to-newnode
NEW QUESTION 16
You need to meet the technical requirement for VM4. What should you create and configure?
- A. an Azure Notification Hub
- B. an Azure Event Hub
- C. an Azure Logic App
- D. an Azure services Bus
Answer: B
Explanation: Scenario: Create a workflow to send an email message when the settings of VM4 are modified. You can start an automated logic app workflow when specific events happen in Azure resources or third-party resources. These resources can publish those events to an Azure event grid. In turn, the event grid pushes those events to subscribers that have queues, webhooks, or event hubs as endpoints. As a subscriber, your logic app can wait for those events from the event grid before running automated workflows to perform tasks - without you writing any code.
References:
https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event-gridlogic- app
NEW QUESTION 17
HOT SPOT
You create an Azure web app named WebApp1. WebApp1 has the autoscale settings shown in the following exhibit.
The scale out and scale in rules are configured to have a duration of 10 minutes and a cool down time of five minutes.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 18
You download an Azure Resource Manager template based on an existing virtual machine. The template will be used to deploy 100 virtual machines.
You need to modify the template to reference an administrative password. You must prevent the password from being stored in plain text.
What should you create to store the password?
- A. Azure Active Directory (AD) Identity Protection and an Azure policy
- B. a Recovery Services vault and a backup policy
- C. an Azure Key Vault and an access policy
- D. an Azure Storage account and an access policy
Answer: C
Explanation: You can use a template that allows you to deploy a simple Windows VM by retrieving the password that is stored in a Key Vault. Therefore the password is never put in plain text in the template parameter file.
References: https://azure.microsoft.com/en-us/resources/templates/101-vm-secure-password/
NEW QUESTION 19
Note: This questions is part of a series of questions that present the same scenario. Each questions in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution. After you answer a questions in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company registers a domain name of contoso.com.
You create an Azure DNS zone named contoso.com, and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.
You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address.
You need to resolve the name resolution issue.
Solution: You create a PTR record for www in the contoso.com zone. Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation: Modify the Name Server (NS) record.
References: https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns
NEW QUESTION 20
Your company registers a domain name of contoso.com.
You create an Azure DNS named contoso.com and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.
You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address.
You need to resolve the name resolution issue.
Solution: You add an NS record to the contoso.com zone. Does this meet the goal?
- A. Yes
- B. No
Answer: A
Explanation: Before you can delegate your DNS zone to Azure DNS, you need to know the name servers for your
zone. The NS record set contains the names of the Azure DNS name servers assigned to the zone. References: https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns
P.S. Easily pass AZ-102 Exam with 195 Q&As Surepassexam Dumps & pdf Version, Welcome to Download the Newest Surepassexam AZ-102 Dumps: https://www.surepassexam.com/AZ-102-exam-dumps.html (195 New Questions)