2019 Free Microsoft EnsurePass AZ-102 Dumps VCE and PDF Download Part 8

EnsurePass
Exam Dumps

AZ-102 Dumps VCE and PDF

http://www.ensurepass.com/AZ-102.html

 

QUESTION 71

You have an Azure subscription named Subscription1 that is used be several departments at your company. Subscription1 contains the resources in the following table:

 


 

Another administrator deploys a virtual machine named VM1 and an Azure Storage account named Storage2 by using a single Azure Resource Manager template.

 

You need to view the template used for the deployment.

 

From which blade can you view the template that was used for the deployment?

 

A.

RG1

B.

VM1

C.

Storage1

D.

Container1

 

Correct Answer: A

Explanation:
1. View template from deployment history

 

Go to the resource group for your new resource group. Notice that the portal shows the result of the last deployment. Select this link.

 


 

2. You see a history of deployments for the group. In your case, the portal probably lists only one deployment.

 

Select this deployment.

 


 

The portal displays a summary of the deployment. The summary includes the status of the deployment and its operations and the values that you provided for parameters. To see the template that you used for the deployment, select View template.

 


 

References:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-export-template

 

 

QUESTION 72

You have an Azure subscription named Subscription1. Subscription1 contains the resource groups in the following table.

 


 

RG1 has a web app named WebApp1. WebApp1 is located in West Europe.

 

You move WebApp1 to RG2. What is the effect of the move?

 

A.

The App Service plan to WebApp1 moves to North Europe. Policy2 applies to WebApp1.

B.

The App Service plan to WebApp1 moves to North Europe. Policy1 applies to WebApp1.

C.

The App Service plan to WebApp1 remains to West Europe. Policy2 applies to WebApp1.

D.

The App Service plan to WebApp1 remains to West Europe. Policy1 applies to WebApp1.

 

Correct Answer: C

 

QUESTION 73

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

 

You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

 

You receive a notification that VM1 will be affected by maintenance.

 

You need to move VM1 to a different host immediately.

 

Solution: From the Overview blade, you move the virtual machine to a different resource group.

 

Does this meet the goal?

 

A.

Yes

B.

No

 

Correct Answer: B

Explanation:
You should redeploy the VM.

 

References:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/redeploy-to-new-node

 

 

QUESTION 74

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

 

You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1.

 

RG1 contains resources that were deployed by using templates.

 

You need to view the date and time when the resources were created in RG1.

 

Solution: From the Subscriptions blade, you select the subscription, and then clickResource providers.

 

Does this meet the goal?

 

A.

Yes

B.

No

 

Correct Answer: B

 

 

QUESTION 75

Your company has an Azure subscription named Subscription1.

 

The company also has two on-premises servers named Server1 and Server2 that run Windows Server 2016. Server1 is configured as a DNS server that has a primary DNS zone named adatum.com. Adatum.com contains 1,000 DNS records.

 

You manage Server1 and Subscription1 from Server2. Server2 has the following tools installed:

 

The DNS Manager console

Azure PowerShell

Azure CLI 2.0

 

You need to move the adatum.com zone to Subscription1. The solution must minimize administrative effort.

 

What should you use?

 

A.

Azure PowerShell

B.

Azure CLI

C.

the Azure portal

D.

the DNS Manager console

 

Correct Answer: B

Explanation:
Azure DNS supports importing and exporting zone files by using the Azure command-line interface (CLI). Zone file import is not currently supported via Azure PowerShell or the Azure portal.

 

References:

https://docs.microsoft.com/en-us/azure/dns/dns-import-export

 

 

QUESTION 76

You have an Azure subscription that contains the resources in the following table.

 


 

VM1 and VM2 are deployed from the same template and host line-of-business applications accessed by using Remote Desktop. You configure the network security group (NSG) shown in the exhibit. (Click theExhibitbutton.)

 


 

You need to prevent users of VM1 and VM2 from accessing websites on the Internet.

 

What should you do?

 

A.

Associate the NSG to Subnet1.

B.

Disassociate the NSG from a network interface.

C.

Change the DenyWebSites outbound security rule.

D.

Change the Port_80 inbound security rule.

 

Correct Answer: A

Explanation:
You can associate or dissociate a network security group from a network interface or subnet.

The NSG has the appropriate rule to block users from accessing the Internet. We just need to associate it with Subnet1.

 

References:

https://docs.microsoft.com/en-us/azure/virtual-network/manage-network-security-group

 

 

QUESTION 77

You have an Azure subscription that contains a storage account named account1.

 

You plan to upload the disk files of a virtual machine to account1 from your on-premises network. The on-premises network uses a public IP address space of 131.107.1.0/24.

 

You plan to use the disk files to provision an Azure virtual machine named VM1. VM1 will be attached to a virtual network named VNet1. VNet1 uses an IP address space of 192.168.0.0/24.

 

You need to configure account1 to meet the following requirements:

 

Ensure that you can upload the disk files to account1.

Ensure that you can attach the disks to VM1.

Prevent all other access to account1.

 

Which two actions should you perform? Each correct selection presents part of the solution.

 

NOTE:Each correct selection is worth one point.

 

A.

From the Firewalls and virtual networks blade of account1, add the 131.107.1.0/24 IP address range.

B.

From the Firewalls and virtual networks blade of account1, selectSelected networks.

C.

From the Firewalls and virtual networks blade of acount1, add VNet1.

D.

From the Firewalls and virtual networks blade of account1, selectAllow trusted Microsoft services to access this storage account.

E.

From the Service endpoints blade of VNet1, add a service endpoint.

 

Correct Answer: BE

Explanation:
B: By default, storage accounts accept connections from clients on any network. To limit access to selected networks, you must first change the default action.

 

Azure portal

Navigate to the storage account you want to secure.

Click on the settings menu called Firewalls and virtual networks.

To deny access by default, choose to allow access from ‘Selected networks’. To allow traffic from all networks, choose to allow access from ‘All networks’.

Click Save to apply your changes.

 

E: Grant access from a Virtual Network

Storage accounts can be configured to allow access only from specific Azure Virtual Networks.

By enabling a Service Endpoint for Azure Storage within the Virtual Network, traffic is ensured an optimal route to the Azure Storage service. The identities of the virtual network and the subnet are also transmitted with each request.

 

References:

https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security

 

 

QUESTION 78

You have an Azure subscription named Subscription1. Subscription1 contains a virtual machine named VM1.

 

You install and configure a web server and a DNS server on VM1.

 

VM1 has the effective network security rules shown in the following exhibit.

 

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

 

NOTE: Each correct selection is worth one point.

 


 

Correct Answer:


 

 

QUESTION 79

Your company registers a domain name of contoso.com.

 

You create an Azure DNS named contoso.com and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.

 

You discover that Internet hosts are unable to resolvewww.contoso.comto the 131.107.1.10 IP address.

 

You need to resolve the name resolution issue.

 

Solution: You modify the SOA record in the contoso.com zone

 

Does this meet the goal?

 

A.

Yes

B.

No

 

Correct Answer: B

Explanation:
Modify the NS record, not the SOA record.

 

Note:

The SOA record stores information about the name of the server that supplied the data for the zone; the administrator of the zone; the current version of the data file; the number of seconds a secondary name server should wait before checking for updates; the number of seconds a secondary name server should wait before retrying a failed zone transfer; the maximum number of seconds that a secondary name server can use data before it must either be refreshed or expire; and a default number of seconds for the time-to-live file on resource records.

 

References:

https://searchnetworking.techtarget.com/definition/start-of-authority-record

 

 

QUESTION 80

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

 




 

When you are finished performing all the tasks, click the `Next’ button.

 

Note that you cannot return to the lab once you click the `Next’ button. Scoring occur in the background while you complete the rest of the exam.

 

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

 

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

 

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

 

To start the lab

You may start the lab by clicking the Next button.

 

You need to allow RDP connections over TCP port 3389 to VM1 from the internet. The solution must prevent connections from the Internet over all other TCP ports.

 

What should you do from the Azure portal?

 

Correct Answer: See solution below.

Explanation:

Step 1: Create a new network security group

 

Step 2: Select your new network security group.

 


 

Step 3: Select Inbound security rules, . Under Add inbound security rule , enter the following

 

Destination: Select Network security group, and then select the security group you created previously.

 

Destination port ranges: 3389

 

Protocol: Select TCP

 


 

References:

https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-filter-network-traffic


 

Leave a Reply