Microsoft AZ-102 Microsoft Azure Administrator Certification Transition Online Training
Microsoft AZ-102 Online Training
The questions for AZ-102 were last updated at Dec 24,2024.
- Exam Code: AZ-102
- Exam Name: Microsoft Azure Administrator Certification Transition
- Certification Provider: Microsoft
- Latest update: Dec 24,2024
Note: This question is part of a series of questions that present the same scenario. Each questions in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution. Determine whether the solution meets the stated goals.
You manage a virtual network named VNet1 that is hosted in the West US Azure region. VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.
You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.
Solution: From Azure Monitor, you create a metric on Network In and Network Out.
Does this meet the goal?
- A . Yes
- B . No
You have an Azure subscription named Subscription1 that contains an Azure virtual machine named VM1. VM1 is in a resource group named RG1.
VM1 runs services that will be used to deploy resources to RG1.
You need to ensure that a service running on VM1 can manage the resources in RG1 by using the identity of VM1.
What should you do?
- A . From the Azure portal modify the Access control (IAM) settings of VM1.
- B . From the Azure portal, modify the Policies settings of RG1.
- C . From the Azure portal, modify the value of the Managed Service Identity option for VM1.
- D . From the Azure portal, modify the Access control (IAM) settings of RG1.
You are configuring Azure Active Directory (AD) Privileged Identity Management. You need to provide a user named Admin1 with read access to a resource group named RG1 for only one month. The user role must be assigned immediately.
What should you do?
- A . Assign an active role.
- B . Assign an eligible role.
- C . Assign a permanently active role.
- D . Create a custom role and a conditional access policy.
You are an administrator for a company. You plan to create a new Azure Active Directory (Azure AD) role.
You need to ensure that the new role can view all the resources in the Azure subscription and issue support requests to Microsoft. The solution must use the principle of least privilege.
How should you complete the JSON definition? (To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)
You have an Azure Active Directory (Azure AD) tenant named Tenant1 and an Azure subscription named Subscription1. You enable Azure AD Privileged Identity Management.
You need to secure the members of the Lab Creator role. The solution must ensure that the lab creators request access when they create labs.
What should you do first?
- A . From Azure AD Privileged Identity Management, edit the role settings for Lab Creator.
- B . From Subscription1 edit the members of the Lab Creator role.
- C . From Azure AD Identity Protection, creates a user risk policy.
- D . From Azure AD Privileged Identity Management, discover the Azure resources of Conscription.
You create an Azure subscription that is associated to a basic Azure Active Directory (Azure AD) tenant. You need to receive an email notification when any user activates an administrative role.
What should you do?
- A . Purchase Azure AD Premium P2 and configure Azure AD Privileged Identity Management.
- B . Purchase Enterprise Mobility + Security E3 and configure conditional access policies.
- C . Purchase Enterprise Mobility + Security E5 and create a custom alert rule in Azure Security Center.
- D . Purchase Azure AD Premium P1 and enable Azure AD Identity Protection.
You have an Azure Active Directory (Azure AD) tenant that contains three global administrators named Admin1, Admin2, and Admin3.
The tenant is associated to an Azure subscription. Access control for the subscription is configured as shown in the following exhibit.
You sign in to the Azure portal as Admin1 and configure the tenant as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
(NOTE: Each correct selection is worth one point.)
You are an administrator for a company. You have an Azure Active Directory (Azure AD) tenant.
You have an existing Azure AD conditional access policy named Policy1. Policy1 enforces the use of Azure AD-joined devices when members of the Global Administrators group authenticate to Azure AD from untrusted locations.
You need to ensure that members of the Global Administrators group will also be forced to use multi- factor authentication when authenticating from untrusted locations.
What should you do?
- A . From the multi-factor authentication page, modify the service settings.
- B . From the multi-factor authentication page, modify the user settings.
- C . From the Azure portal, modify grant control of Policy1.
- D . From the Azure portal, modify session control of Policy1.
You have an azure subscription that contains a virtual network named VNet1. VNet1 contains four subnets named Gateway, Perimeter, NVA, and Production.
The NVA subnet contains two network virtual appliances (NVAs) that will perform network traffic inspection between the perimeter subnet and the production subnet.
You need to implement an Azure load balancer for the NVAs.
The solution must meet the following requirements:
• The NVAs must run in an active-active configuration that uses automatic failover.
• The NVA must load balance traffic to two services on the Production subnet. The services have different IP addresses.
Which three actions should you perform? (Each correct answer presents parts of the solution. NOTE: Each correct selection is worth one point.)
- A . Add two load balancing rules that have HA Ports enabled and Floating IP disabled.
- B . Deploy a standard load balancer.
- C . Add a frontend IP configuration, two backend pools, and a health probe.
- D . Add a frontend IP configuration, a backend pool, and a health probe.
- E . Add two load balancing rules that have HA Ports and Floating IP enabled.
- F . Deploy a basic load balancer.
You have five Azure virtual machines that run Windows Server 2016 and you have an Azure load balancer named LB1 that provides load balancing services.
You need to ensure that visitors are serviced by the same web server for each request.
What should you configure?
- A . Floating IP (direct server return) to Disable.
- B . Session persistence to Client IP.
- C . A health probe.
- D . Session persistence to None.