You manage an Azure environment for a company. The environment has over 25,000 licensed users and 100 mission-critical applications. You need to recommend a solution that provides advanced user threat detection and remediation strategies. What should you recommend?

• A.Azure Active Directory (Azure AD) Identity Protection
• B.Azure Active Directory Federation Services (AD FS)
• C.Azure Active Directory (Azure AD) authentication
• D.Microsoft Identity Manager
• E.Azure Active Directory (Azure AD) Connect

Comment: *

Name: *

Email: *

Verification: *

You configure OAuth2 authorization in API Management as shown in the exhibit.

Use the drop-domain to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Box 1: Web applications
The Authorization Code Grant Type is used by both web apps and native apps to get an access token after a user authorizes an app.
Note: The Authorization Code grant type is used by confidential and public clients to exchange an authorization code for an access token.
After the user returns to the client via the redirect URL, the application will get the authorization code from the URL and use it to request an access token.
Answers:
Not Headless device authentication:
A headless system is a computer that operates without a monitor, graphical user interface (GUI) or peripheral devices, such as keyboard and mouse.
Headless computers are usually embedded systems in various devices or servers in multi-server data center environments. Industrial machines, automobiles, medical equipment, cameras, household appliances, airplanes, vending machines and toys are among the myriad possible hosts of embedded systems.
Box 2: Client Credentials
How to include additional client data
In case you need to store additional details about a client that don't fit into the standard parameter set the custom data parameter comes to help:
POST /c2id/clients HTTP/1.1
Host: demo.c2id.com
Content-Type: application/json
Authorization: Bearer ztucZS1ZyFKgh0tUEruUtiSTXhnexmd6
{
"redirect_uris" : [ "https://myapp.example.com/callback" ],
"data" : { "reg_type" : "3rd-party",
"approved" : true,
"author_id" : 792440 }
}
The data parameter permits arbitrary content packaged in a JSON object. To set it you will need the master registration token or a one-time access token with a client-reg:data scope.
Reference:
https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type
https://connect2id.com/products/server/docs/guides/client-registration

Comment: *

Name: *

Email: *

Verification: *

Your company has the infrastructure shown in the following table.

The on-premises Active Directory domain syncs to Azure Active Directory (Azure AD).
Server1 runs an application named Appl that uses LDAP queries to verify user identities in the on-premises Active Directory domain.
You plan to migrate Server1 to a virtual machine in Subscription1.
A company security policy states that the virtual machines and services deployed to Subscription! must be prevented from accessing the on-premises network.
You need to recommend a solution to ensure that Appl continues to function after the migration. The solution must meet the security policy.
What should you include in the recommendation?

• A.Azure AD Domain Services (Azure AD DS)
• B.an Azure VPN gateway
• C.the Active Directory Domain Services role on a virtual machine
• D.Azure AD Application Proxy

Comment: *

Name: *

Email: *

Verification: *

You are designing a cost-optimized solution that uses Azure Batch to run two types of jobs on Linux nodes. The first job type will consist of short-running tasks for a development environment. The second jot type will consist of long-running Message Passing Interface (MPI) applications for a production environment that requires timely job completion.
You need to recommend the pool type and node type for each job type. The solution must minimize compute charges and leverage Azure Hybrid Benefit whenever possible.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Reference:
https://docs.microsoft.com/en-us/azure/batch/batch-low-pri-vms

Comment: *

Name: *

Email: *

Verification: *

You have an Azure Active Directory (Azure AD) tenant named Contoso.com. The tenant contains a group named Group1. Group1 contains all the administrator user accounts.
You discover several login attempts to the Azure portal from countries administrator users do NOT work.
You need to ensure that all login attempts to the portal from those countries require Azure Multi-Factor Authentication (MFA).
Solution: Implement Azure AD Privileged Identity Management.
Does this meet the goal?

• A.Yes
• B.No

Comment: *

Name: *

Email: *

Verification: *