Skip to content
Home » Azure Question and Answer Part -14

Azure Question and Answer Part -14

    Azure Question and Answer Part -14

    1.You have an Azure subscription named Subscription1 that contains a resource group named RG1.

    In RG1, you create an internal load balancer named LB1 and a public load balancer named LB2.

    You need to ensure that an administrator named Admin1 can manage LB1 and LB2. The solution must follow the

    principle of least privilege.

    Which role should you assign to Admin1 for each task? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

    To add a backend pool to LB1: Contributor on LB1

    To add a health probe to LB2: Contributor on LB2

    Click to Know Answer Collapse

    2.You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com and

    an Azure Kubernetes Service (AKS) cluster named AKS1.

    An administrator reports that she is unable to grant access to AKS1 to the users in contoso.com.

    You need to ensure that access to AKS1 can be granted to the contoso.com users.

    What should you do first?

    A. From contoso.com, modify the Organization relationships settings.

    B. From contoso.com, create an OAuth 2.0 authorization endpoint. Most Voted

    C. Recreate AKS1.

    D. From AKS1, create a namespace.

    B. From contoso.com, create an OAuth 2.0 authorization endpoint. Most Voted

    Click to Know Answer Collapse

    You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com.

    You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document

    library named Library1.

    You need to create groups for the users. The solution must ensure that the groups are deleted automatically after

    180 days.

    Which two groups should you create? Each correct answer presents a complete solution.

    NOTE: Each correct selection is worth one point.

    A. a Microsoft 365 group that uses the Assigned membership type Most Voted

    B. a Security group that uses the Assigned membership type

    C. a Microsoft 365 group that uses the Dynamic User membership type Most Voted

    D. a Security group that uses the Dynamic User membership type

    E. a Security group that uses the Dynamic Device membership type

    A. a Microsoft 365 group that uses the Assigned membership type Most Voted

    C. a Microsoft 365 group that uses the Dynamic User membership type Most Voted

    Click to Know Answer Collapse

    4. 

    Box 1: No –

    Virtual networks are not allowed at the root and is inherited. Deny overrides allowed.

    Box 2: Yes –

    Virtual Machines can be created on a Management Group provided the user has the required RBAC permissions.

    Box 3: Yes –

    Subscriptions can be moved between Management Groups provided the user has the required RBAC permissions.

    Reference:

    https://docs.microsoft.com/en-us/azure/governance/management-groups/overview

    https://docs.microsoft.com/en-us/azure/governance/management-groups/manage#moving-management-groups-

    and-subscriptions

    Click to Know Answer Collapse

    5.

    Tags applied to the resource group or subscription are not inherited by the resources.

    Note: Azure Policy allows you to use either built-in or custom-defined policy definitions and assign them to either a

    specific resource group or across a whole

    Azure subscription.

    VNET2: Label:Value1 only.

    Incorrect Answers:

    RGROUP: RG6 –

    Tags applied to the resource group or subscription are not inherited by the resources.

    Click to Know Answer Collapse

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Need Help?
    Call Now