Microsoft AZ-102 Study Guides 2021
AZ-102 Braindumps for Microsoft certification, Real Success Guaranteed with Updated AZ-102 Exam Questions and Answers. 100% PASS AZ-102 Microsoft Azure Administrator Certification Transition exam Today!
Also have AZ-102 free dumps questions for you:
NEW QUESTION 1
HOT SPOT
You need to implement App2 to meet the application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: Standard
Not Shared: A Shared plan does not support Always on. Box 2: Always on
If your function app is on the Consumption plan, there can be up to a 10-minute delay in processing new blobs if a function app has gone idle. To avoid this cold-start delay, you can switch to an App Service plan with Always On enabled, or use a different trigger type.
Scenario: A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs immediately.
App2 must be able to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
The cost of App1 and App2 must be minimized. References:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-storage-blob https://azure.microsoft.com/en-us/pricing/details/app-service/plans/
Case Study: 13 Mix Questions Set F
NEW QUESTION 2
HOT SPOT
You plan to create an Azure Storage account in the Azure region of East US 2. You need to create a storage account that meets the following requirements: Replicates synchronously
Remains available if a single data center in the region fails
How should you configure the storage account? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: Zone-redundant storage (ZRS)
Zone-redundant storage (ZRS) replicates your data synchronously across three storage clusters in a single region.
LRS would not remain available if a data center in the region fails GRS and RA GRS use asynchronous replication.
Box 2: StorageV2 (general purpose V2) ZRS only support GPv2.
References:
https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy-zrs
NEW QUESTION 3
You have an Azure subscription named Subscnption1 that contains an Azure virtual machine named VM1. VM1 is in a resource group named RG1.
VM1 runs services that will be used to deploy resources to RG1.
You need to ensure that a service running on VM1 can manage the resources in RG1 by using the identity of VM1. What should you do fit -
- A. From the Azure portal modify the Access control (1AM) settings of VM1.
- B. From the Azure portal, modify the Policies settings of RG1.
- C. From the Azure portal, modify the value of the Managed Service Identity option for VM1.
- D. From the Azure portal, modify the Access control (IAM) settings of RG1.
Answer: C
Explanation: A managed identity from Azure Active Directory allows your app to easily access other AADprotected
resources such as Azure Key Vault. The identity is managed by the Azure platform and does not require you to provision or rotate any secrets.
User assigned managed identities can be used on Virtual Machines and Virtual Machine Scale Sets. References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-managed-service-identity
NEW QUESTION 4
You need to add a deployment slot named staging to an Azure web app named corplod@lab.LabInstance.Idn4. The solution must meet the following requirements:
When new code is deployed to staging, the code must be swapped automatically to the production slot. Azure-related costs must be minimized.
What should you do from the Azure portal?
Answer:
Explanation: Step 1:
Locate and open the corplod@lab.LabInstance.Idn4 web app.
1. In the Azure portal, on the left navigation panel, click Azure Active Directory.
2. In the Azure Active Directory blade, click Enterprise applications. Step 2:
Open your app's resource blade and Choose the Deployment slots option, then click Add Slot.
Step 3:
In the Add a slot blade, give the slot a name, and select whether to clone app configuration from another existing deployment slot. Click the check mark to continue.
The first time you add a slot, you only have two choices: clone configuration from the default slot in production or not at all.
References:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-staged-publishing
NEW QUESTION 5
HOT SPOT
You have an Azure subscription named Subscription1. Subscription1 contains the resources in the following table.
In Azure, you create a private DNS zone named adatum.com. You set the registration virtual network to VNet2. The adatum.com zone is configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: No
Azure DNS provides automatic registration of virtual machines from a single virtual network that's linked to a private zone as a registration virtual network. VM5 does not belong to the registration virtual network though.
Box 2: No
Forward DNS resolution is supported across virtual networks that are linked to the private zone as resolution virtual networks. VM5 does belong to a resolution virtual network.
Box 3: Yes
VM6 belongs to registration virtual network, and an A (Host) record exists for VM9 in the DNS zone. By default, registration virtual networks also act as resolution virtual networks, in the sense that DNS resolution against the zone works from any of the virtual machines within the registration virtual network.
References: https://docs.microsoft.com/en-us/azure/dns/private-dns-overview
NEW QUESTION 6
You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2021 Datacenter image.
You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.
- A. Modify the extensionProfile section of the Azure Resource Manager template.
- B. Create a new virtual machine scale set in the Azure portal.
- C. Create an Azure policy.
- D. Create an automation account.
- E. Upload a configuration scrip
Answer: AB
Explanation: Virtual Machine Scale Sets can be used with the Azure Desired State Configuration (DSC) extension handler. Virtual machine scale sets provide a way to deploy and manage large numbers of virtual machines, and can elastically scale in and out in response to load. DSC is used to configure the VMs as they come online so they are running the production software.
References: https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machinescale- sets-dsc
NEW QUESTION 7
You have an Azure subscription that contains 10 virtual machines.
You need to ensure that you receive an email message when any virtual machines are powered off, restarted, or deallocated.
What is the minimum number of rules and action groups that you require?
- A. three rules and three action groups
- B. one rule and one action group
- C. three rules and one action group
- D. one rule and three action groups
Answer: C
Explanation: An action group is a collection of notification preferences defined by the user. Azure Monitor and Service
Health alerts are configured to use a specific action group when the alert is triggered. Various alerts may use the same action group or different action groups depending on the user's requirements. References: https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-actiongroups
NEW QUESTION 8
HOT SPOT
You need to prepare the environment to implement the planned changes for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: Create a Recovery Services vault
Create a Recovery Services vault on the Azure Portal. Box 2: Install the Azure Site Recovery Provider
Azure Site Recovery can be used to manage migration of on-premises machines to Azure. Scenario: Migrate the virtual machines hosted on Server1 and Server2 to Azure.
Server2 has the Hyper-V host role. References:
https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure
Case Study: 8
Mix Questions Set C (Evaluate and perform server migration to Azure)
NEW QUESTION 9
You have an Azure subscription that contains a virtual machine named VM1. VM1 hosts a line-ofbusiness application that is available 24 hours a day. VM1 has one network interface and one
managed disk. VM1 uses the D4s v3 size.
You plan to make the following changes to VM1: Change the size to D8s v3.
Add a 500-GB managed disk. Add the Puppet Agent extension.
Attach an additional network interface. Which change will cause downtime for VM1?
- A. Add a 500-GB managed disk.
- B. Attach an additional network interface.
- C. Add the Puppet Agent extension.
- D. Change the size to D8s v3.
Answer: D
Explanation: While resizing the VM it must be in a stopped state.
References: https://azure.microsoft.com/en-us/blog/resize-virtual-machines/
NEW QUESTION 10
You have a public load balancer that balancer ports 80 and 443 across three virtual machines. You need to direct all the Remote Desktop protocol (RDP) to VM3 only.
What should you configure?
- A. an inbound NAT rule
- B. a load public balancing rule
- C. a new public load balancer for VM3
- D. a new IP configuration
Answer: A
Explanation: To port forward traffic to a specific port on specific VMs use an inbound network address translation (NAT) rule.
Incorrect Answers:
B: Load-balancing rule to distribute traffic that arrives at frontend to backend pool instances. References:
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
NEW QUESTION 11
HOT SPOT
You have an Azure subscription named Subscription1 that contains a virtual network named VNet1. You add the users in the following table.
Which user can perform each configuration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation: Box 1: User1 and User3 only.
The Owner Role lets you manage everything, including access to resources. The Network Contributor role lets you manage networks, but not access to them. Box 2: User1 and User2 only
The Security Admin role: In Security Center only: Can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations.
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
NEW QUESTION 12
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these Questions will not appear in the review screen.
You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.
You need to view the date and time when the resources were created in RG1.
Solution: From the Subscriptions blade, you select the subscription, and then click Resource providers.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
NEW QUESTION 13
HOT SPOT
You have an Azure Active Directory (Azure AD) tenant.
You need to create a conditional access policy that requires all users to use multi-factor authentication when they access the Azure portal.
Which three settings should you configure? To answer, select the appropriate settings in the answer area.
Answer:
Explanation: Box 1: Assignments, Users and Groups
When you configure the sign-in risk policy, you need to set:
The users and groups the policy applies to: Select Individuals and Groups
Box 2:
When you configure the sign-in risk policy, you need to set the type of access you want to be enforced.
Box 3:
When you configure the sign-in risk policy, you need to set:
The type of access you want to be enforced when your sign-in risk level has been met:
References:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy
NEW QUESTION 14
HOT SPOT
You need to provision the resources in Azure to support the virtual machine that will be migrated from the New York office.
What should you include in the solution? To answer, select the appropriate options in the answer
area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: 10.20.0.0/16
Scenario: The New York office an IP address of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
Box 2: Storage (general purpose v1)
Scenario: The New York office has a virtual machine named VM1 that has the vSphere console installed.
NEW QUESTION 15
You are troubleshooting a performance issue for an Azure Application Gateway. You need to compare the total requests to the failed requests during the past six hours. What should you use?
- A. Metrics in Application Gateway
- B. Diagnostics logs in Application Gateway
- C. NSG flow logs in Azure Network Watcher
- D. Connection monitor in Azure Network Watcher
Answer: A
Explanation: Application Gateway currently has seven metrics to view performance counters.
Metrics are a feature for certain Azure resources where you can view performance counters in the portal. For Application Gateway, the following metrics are available: Total Requests
Failed Requests Current Connections Healthy Host Count Response Status Throughput Unhealthy Host count
You can filter on a per backend pool basis to show healthy/unhealthy hosts in a specific backend pool References: https://docs.microsoft.com/en-us/azure/application-gateway/applicationgatewaydiagnostics# Metrics
NEW QUESTION 16
You have an Azure Active Directory (Azure AD) tenant named Tenant1 and an Azure subscription named You enable Azure AD Privileged Identity Management.
You need to secure the members of the Lab Creator role. The solution must ensure that the lab creators request access when they create labs.
What should you do first?
- A. From Azure AD Privileged Identity Management, edit the role settings for Lab Creator.
- B. From Subscription1 edit the members of the Lab Creator role.
- C. From Azure AD Identity Protection, creates a user risk policy.
- D. From Azure AD Privileged Identity Management, discover the Azure resources of Conscriptio
Answer: A
Explanation: As a Privileged Role Administrator you can: Enable approval for specific roles
Specify approver users and/or groups to approve requests View request and approval history for all privileged roles References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pimconfigure
NEW QUESTION 17
You are the global administrator for an Azure Active Directory (Azure AD) tenet named adatum.com. You need to enable two-step verification for Azure users.
What should you do?
- A. Create a sign-in risk policy in Azure AD Identity Protection
- B. Enable Azure AD Privileged Identity Management.
- C. Create and configure the Identity Hub.
- D. Configure a security policy in Azure Security Cente
Answer: A
Explanation: With Azure Active Directory Identity Protection, you can: require users to register for multi-factor authentication handle risky sign-ins and compromised users
References:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/flows
Recommend!! Get the Full AZ-102 dumps in VCE and PDF From Surepassexam, Welcome to Download: https://www.surepassexam.com/AZ-102-exam-dumps.html (New 195 Q&As Version)