Your network contains an on-premises Active Directory domain named contoso.com that contains a user named User1. The domain syncs to Azure Active Directory (Azure AD). You have the Windows 10 devices shown in the following table.

The User Sign-In settings are configured as shown in the following exhibit.


For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point

Correct Answer:

Explanation:
Box 1: Yes
Seamless SSO needs the user's device to be domain-joined only, but it is not used on Azure AD Joined or Hybrid Azure AD joined devices. SSO on Azure AD joined, Hybrid Azure AD joined, and Azure AD registered devices works based on the primary refresh token.
Box 2: No
Box 3: No
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso

Comment: *

Name: *

Email: *

Verification: *

Your company has an Azure subscription.
You enable multi-factor authentication (MFA) for all users.
The company's help desk reports an increase in calls from users who receive MFA requests while they work from the company's main office.
You need to prevent the users from receiving MFA requests when they sign in from the main office.
What should you do?

• A.From Azure Active Directory (Azure AD), configure organizational relationships.
• B.From the MFA service settings, create a trusted IP range.
• C.From Conditional access in Azure Active Directory (Azure AD), create a custom control.
• D.From Conditional access in Azure Active Directory (Azure AD), create a named location.

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription that contains a resource group named RG1.
You have a group named Group1 that is assigned the Contributor role for RG1.
You need to enhance security for the virtual machines in RG1 to meet the following requirements:
* Prevent Group1 from assigning external IP addresses to the virtual machines.
* Ensure that Group1 can establish an RDP connection to the virtual machines through a shared external IP address.
What should you use to meet each requirement? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

You have SQL Server on an Azure virtual machine named SQL1.
You need to automate the backup of the databases on SQL1 by using Automated Backup v2 for the virtual machines. The backups must meet the following requirements:
* Meet a recovery point objective (RPO) of 15 minutes.
* Retain the backups for 30 days.
* Encrypt the backups at rest.
What should you provision as part of the backup solution?

• A.Elastic Database jobs
• B.Azure Key Vault
• C.an Azure Storage account
• D.a Recovery Services vault

Comment: *

Name: *

Email: *

Verification: *

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen.
You have an Azure Active Directory {Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin 1 discovers that all the other Identity Governance settings are available.
Admin1 is assigned The User administrator. Compliance administrator, and Security administrator roles.
You need to ensure that Admin1 can create access reviews in contoso.com. .
Solution: You assign the Global administrator role to Admin1.
Does this meet the goal?

• A.Yes
• B.No

Comment: *

Name: *

Email: *

Verification: *