AZ-102 Exam Questions and Answers are updated and AZ-102 Braindumps are verified by experts. Once you have completely prepared with our AZ-102 Exam Questions and Answers you will be ready for the real AZ-102 exam without a problem. We have AZ-102 Dumps. PASSED AZ-102 Free Practice Questions First attempt! Here What I Did.
Also have AZ-102 free dumps questions for you:
NEW QUESTION 1
HOT SPOT
You have an Azure subscription named Subscription1.
In Subscription1, you create an Azure file share named share1.
You create a shared access signature (SAS) named SAS1 as shown in the following exhibit.
To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: Will be prompted for credentials
Azure Storage Explorer is a standalone app that enables you to easily work with Azure Storage data on Windows, macOS, and Linux. It is used for connecting to and managing your Azure storage accounts.
Box 2: Will have read, write, and list access
The net use command is used to connect to file shares. References:
https://docs.microsoft.com/en-us/azure/storage/common/storage-dotnet-shared-access-signaturepart- https://docs.microsoft.com/en-us/azure/vs-azure-tools-storage-manage-with-storageexplorer? tabs=windows
NEW QUESTION 2
You have an Azure App Service plan named AdatumASP1 that uses the P2v2 pricing tier. AdatumASP1 hosts Ml Azure web app named adatumwebapp1. You need to delegate the management of adatumwebapp1 to a group named Devs. Devs must be able to perform the following tasks:
• Add deployment slots.
• View the configuration of AdatumASP1.
• Modify the role assignment for adatumwebapp1. Which role should you assign to the Devs group?
- A. Owner
- B. Contributor
- C. Web Plan Contributor
- D. Website Contributor
Answer: B
Explanation: The Contributor role lets you manage everything except access to resources. Incorrect Answers:
A: The Owner role lets you manage everything, including access to resources.
C: The Web Plan Contributor role lets you manage the web plans for websites, but not access to them.
D: The Website Contributor role lets you manage websites (not web plans), but not access to them. References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
NEW QUESTION 3
DRAG DROP
You have an on-premises file server named Server1 that runs Windows Server 2021. You have an Azure subscription that contains an Azure file share.
You deploy an Azure File Sync Storage Sync Service, and you create a sync group. You need to synchronize files from Server1 to Azure.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation: Step 1: Install the Azure File Sync agent on Server1
The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file share
Step 2: Register Server1.
Register Windows Server with Storage Sync Service
Registering your Windows Server with a Storage Sync Service establishes a trust relationship between your server (or cluster) and the Storage Sync Service.
Step 3: Add a server endpoint
Create a sync group and a cloud endpoint.
A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on registered server. References: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deploymentguide
NEW QUESTION 4
You have an Azure Service Bus.
You need to implement a Service Bus queue that guarantees first in first-out (FIFO) delivery of messages.
What should you do?
- A. Set the Lock Duration setting to 10 seconds.
- B. Enable duplicate detection.
- C. Set the Max Size setting of the queue to 5 GB.
- D. Enable partitioning.
- E. Enable session
Answer: E
Explanation: Through the use of messaging sessions you can guarantee ordering of messages, that is first-in-firstout (FIFO) delivery of messages.
References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-busqueues- compared-contrasted
NEW QUESTION 5
Your company recently hired a user named janet-7509087@ExamUsers.com.
You need to ensure that janet-7509087@ ExamUsers.com can connect to load balancer named Web- LAB. The solution must ensure that janet-7509087@ ExamUsers.com can modify the backend pools. What should you do from the Azure portal?
Answer:
Explanation: Step 1:
In the navigation list, choose Load Balancer.
Step 2:
Locate the load balancer named Web-ALB, and click the Access icon. Step3:
In the Users blade, click Roles. In the Roles blade, click Add to add permissions for the user Janet- 7509087@ExamUsers.com.
Step 4:
Add permission to modify backend pools References:
https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-manage-permissions
NEW QUESTION 6
You plan to move services from your on-premises network to Azure.
You identify several virtual machines that you believe can be hosted in Azure. The virtual machines are shown in the following table.
Which two virtual machines can you access by using Azure migrate? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
- A. Sea-CA0l
- B. Hou-NW01
- C. NYC-FS01
- D. Sea-DC01
- E. BOS-DB01
Answer: CE
NEW QUESTION 7
You need to prepare the environment to meet the authentication requirements.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.
- A. Azure Active Directory (AD) Identity Protection and an Azure policy
- B. a Recovery Services vault and a backup policy
- C. an Azure Key Vault and an access policy
- D. an Azure Storage account and an access policy
Answer: BD
Explanation: D: Seamless SSO works with any method of cloud authentication - Password Hash Synchronization or Pass-through Authentication, and can be enabled via Azure AD Connect.
B: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure AD URL to all or selected users' Intranet zone settings by using Group Policy in Active Directory: https://autologon.microsoftazuread-sso.com
Incorrect Answers:
A: Seamless SSO needs the user's device to be domain-joined, but doesn't need for the device to be Azure AD Joined.
C: Azure AD connect does not port 8080. It uses port 443.
E: Seamless SSO is not applicable to Active Directory Federation Services (ADFS).
Scenario: Users in the Miami office must use Azure Active Directory Seamless Single Sign-on (Azure AD Seamless SSO) when accessing resources in Azure.
Planned Azure AD Infrastructure include: The on-premises Active Directory domain will be synchronized to Azure AD.
References: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directoryaadconnect-sso-quick-start
NEW QUESTION 8
DRAG DROP
You have an Azure subscription that contains a storage account.
You have an on-premises server named Server1 that runs Window Server 2021. Server1 has 2 TB of data.
You need to transfer the data to the storage account by using the Azure Import/Export service.
In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
Answer:
Explanation:
NEW QUESTION 9
HOT SPOT
You have an Azure subscription named Subscription1. Subscription1 contains the resources in the following table.
VNet1 is in RG1. VNet2 is in RG2. There is no connectivity between VNet1 and Vnet2.
An administrator named Admin1 creates an Azure virtual machine named VM1 in RG1. VM1 uses a disk named Disk1 and connects to VNet1. Admin1 then installs a custom application in VM1.
You need to move the custom application to Vnet2. The solution must minimize administrative effort.
Which two actions should you perform? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: You can move a VM and its associated resources to another resource group using the portal. References: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/move-vm
NEW QUESTION 10
You have an Azure Service Bus.
You create a queue named Queue1. Queue1 is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: deleted after two hours
All messages sent into a queue or topic are subject to a default expiration that is set at the entity level with the defaultMessageTimeToLive property and which can also be set in the portal during creation and adjusted later. The default expiration is used for all messages sent to the entity where TimeToLive is not explicitly set. The default expiration also functions as a ceiling for the TimeToLive value. Messages that have a longer TimeToLive expiration than the default value are silently adjusted to the defaultMessageTimeToLive value before being enqueued.
Box 2: deleted in one hour References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/message-expiration
NEW QUESTION 11
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the Logic App Operator role to the Developers group. Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation: The Logic App Operator role only lets you read, enable and disable logic app. With it you can view the logic app and run history, and enable/disable. Cannot edit or update the definition.
You would need the Logic App Contributor role. References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app
NEW QUESTION 12
You plan to support many connections to your company's automatically uses up to five instances when CPU utilization on the instances exceeds 70 percent for 10 minutes. When CPU utilization decreases, the solution must automatically reduce the number of instances.
What should you do from the Azure portal?
Answer:
Explanation: Step 1:
Locate the Homepage App Service plan Step 2:
Click Add a rule, and enter the appropriate fields, such as below, and the click Add. Time aggregation: average
Metric Name: Percentage CPU Operator: Greater than Threshold 70
Duration: 10 minutes Operation: Increase count by Instance count: 4
Step 3:
We must add a scale in rule as well. Click Add a rule, and enter the appropriate fields, such as below, then click Add.
Operator: Less than
Threshold 70
Duration: 10 minutes Operation: Decrease count by Instance count: 4 References:
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-setsautoscale- portal
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/insights-autoscale-bestpractices
NEW QUESTION 13
From the MFA Server blade, you open the Block/unblock users blade as shown in the exhibit. Block/unblock users
A blocked user will not receive Multi-Factor Authentication requests. Authentication attempts for that user will be automatically denied. A user will remain blocked for 90 days from the time they are blocked. To manually unblock a user, click the “Unblock” action.
What caused AlexW to be blocked?
- A. The user entered an incorrect PIN four times within 10 minutes.
- B. The user account password expired.
- C. An administrator manually blocked the user.
- D. The user reported a fraud alert when prompted for additional authenticatio
Answer: D
NEW QUESTION 14
HOT SPOT
You have an Azure subscription named Subscription1. Subscription1 contains the virtual machines in the following table.
Subscription1 contains a virtual network named VNet1 that has the subnets in the following table.
VM3 has a network adapter named NIC3. IP forwarding is enabled on NIC3. Routing is enabled on VM3.
You create a route table named RT1. RT1 is associated to Subnet1 and Subnet2 and contains the routes in the following table.
You apply RT1 to Subnet1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: Yes
Traffic from VM1 and VM2 can reach VM3 thanks to the routing table, and as IP forwarding is enabled on VM3, traffic from VM3 can reach VM1.
Box 2: No
VM3, which has IP forwarding, must be turned on, in order for traffic from VM2 to reach VM1. Box 3: Yes
The traffic from VM1 will reach VM3, which thanks to IP forwarding, will send the traffic to VM2. References: https://www.quora.com/What-is-IP-forwarding
NEW QUESTION 15
You have an Azure subscription that contains the resources in the following table.
To which subnets can you apply NSG1?
- A. the subnets on VNet2 only
- B. the subnets on VNet1 only
- C. the subnets on VNet2 and VNet3 only
- D. the subnets on VNet1, VNet2, and VNet3
- E. the subnets on VNet3 only
Answer: E
Explanation: All Azure resources are created in an Azure region and subscription. A resource can only be created in a virtual network that exists in the same region and subscription as the resource.
References: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-vnet-plandesign- arm
NEW QUESTION 16
HOT SPOT
You need to recommend a solution for App1. The solution must meet the technical requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: This reference architecture shows how to deploy VMs and a virtual network configured for an N-tier application, using SQL Server on Windows for the data tier.
Scenario: You have a public-facing application named App1. App1 is comprised of the following three tiers:
A SQL database A web front end
A processing middle tier
Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only. Technical requirements include:
Move all the virtual machines for App1 to Azure. Minimize the number of open ports between the App1 tiers.
References: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/n-tier/n-tier-sql-server
NEW QUESTION 17
HOT SPOT
You need to configure the Device settings to meet the technical requirements and the user requirements.
Which two settings should you modify? To answer, select the appropriate settings in the answer area.
Answer:
Explanation:
Box 1: Selected
Only selected users should be able to join devices Box 2: Yes
Require Multi-Factor Auth to join devices. From scenario:
Ensure that only users who are part of a group named Pilot can join devices to Azure AD
Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity.
NEW QUESTION 18
You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated to a different Azure AD tenant.
Subscription1 contains a virtual network named VNet1.VNet1 contains an Azure virtual machine named VM1 and has an IP address space of 10.0.0.0/16.
Subscription2 contains a virtual network named VNet2. VNet2 contains an Azure virtual machine named VM2 and has an IP address space of 10.10.0.0/24.
You need to connect VNet1 to VNet2. What should you do first?
- A. Move VNet1 to Subscription2.
- B. Modify the IP address space of VNet2.
- C. Provision virtual network gateways.
- D. Move VM1 to Subscription2.
Answer: C
Explanation: The virtual networks can be in the same or different regions, and from the same or different subscriptions. When connecting VNets from different subscriptions, the subscriptions do not need to
be associated with the same Active Directory tenant.
Configuring a VNet-to-VNet connection is a good way to easily connect VNets. Connecting a virtual network to another virtual network using the VNet-to-VNet connection type (VNet2VNet) is similar to creating a Site-to-Site IPsec connection to an on-premises location. Both connectivity types use a VPN gateway to provide a secure tunnel using IPsec/IKE, and both function the same way when communicating.
The local network gateway for each VNet treats the other VNet as a local site. This lets you specify additional address space for the local network gateway in order to route traffic.
References: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnetresource- manager-portal
NEW QUESTION 19
You create an Azure subscription that is associated to a basic Azure Active Directory (Azure AD) tenant. You need to receive an email notification when any user activates an administrative role. What should you do?
- A. Purchase Azure AD Premium 92 and configure Azure AD Privileged Identity Management,
- B. Purchase Enterprise Mobility + Security E3 and configure conditional access policies.
- C. Purchase Enterprise Mobility + Security E5 and create a custom alert rule in Azure Security Center.
- D. Purchase Azure AD Premium PI and enable Azure AD Identity Protectio
Answer: A
Explanation: When key events occur in Azure AD Privileged Identity Management (PIM), email notifications are sent. For example, PIM sends emails for the following events:
When a privileged role activation is pending approval When a privileged role activation request is completed When a privileged role is activated
When a privileged role is assigned When Azure AD PIM is enabled References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pimemail- notifications
NEW QUESTION 20
You have an Azure Active Directory (Azure AD) domain that contains 5,000 user accounts. You create a new user account named AdminUser1.
You need to assign the User administrator administrative role to AdminUser1. What should you do from the user account properties?
- A. From the Directory role blade, modify the directory role.
- B. From the Groups blade, invite the user account to a new group.
- C. From the Licenses blade, assign a new licens
Answer: A
Explanation: Assign a role to a user
Sign in to the Azure portal with an account that's a global admin or privileged role admin for the directory.
Select Azure Active Directory, select Users, and then select a specific user from the list.
For the selected user, select Directory role, select Add role, and then pick the appropriate admin roles from the Directory roles list, such as Conditional access administrator.
Press Select to save.
References: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/activedirectory-users-assign-role-azure-portal
Recommend!! Get the Full AZ-102 dumps in VCE and PDF From 2passeasy, Welcome to Download: https://www.2passeasy.com/dumps/AZ-102/ (New 195 Q&As Version)