Your company plans to create separate subscriptions for each department. Each subscription will be associated to the same Azure Active Directory (Azure AD) tenant.
You need to configure each subscription to have the same role assignments.
What should you use?

• A.Azure Security Center
• B.Azure Blueprints
• C.Azure AD Privileged Identity Management (PIM)
• D.Azure Policy

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription that contains an Azure key vault named Vault1.
In Vault1, you create a secret named Secret1.
An application developer registers an application in Azure Active Directory (Azure AD).
You need to ensure that the application can use Secret1.
What should you do?

• A.In Azure AD, create a role.
• B.In Azure Key Vault, create a key.
• C.In Azure Key Vault, create an access policy.
• D.In Azure AD, enable Azure AD Application Proxy.

Comment: *

Name: *

Email: *

Verification: *

SIMULATION
You need to ensure that a user named Danny11597200 can sign in to any SQL database on a Microsoft SQL server named web11597200 by using SQL Server Management Studio (SSMS) and Azure Active Directory (Azure AD) credentials.
To complete this task, sign in to the Azure portal.

• A.You need to provision an Azure AD Admin for the SQL Server.
  * In the Azure portal, type SQL Server in the search box, select SQL Server from the search results then select the server named web11597288. Alternatively, browse to SQL Server in the left navigation pane.
  * In the SQL Server properties page, click on Active Directory Admin.
  * Click the Set Admin button.
  * In the Add Admin window, search for and select Danny11596200.
  * Click the Select button to add Danny11596200.
  * Click the Save button to save the changes.
• B.You need to provision an Azure AD Admin for the SQL Server.
  * In the Azure portal, type SQL Server in the search box, select SQL Server from the search results then select the server named web11597200. Alternatively, browse to SQL Server in the left navigation pane.
  * In the SQL Server properties page, click on Active Directory Admin.
  * Click the Set Admin button.
  * In the Add Admin window, search for and select Danny11597200.
  * Click the Select button to add Danny11597200.
  * Click the Save button to save the changes.

Comment: *

Name: *

Email: *

Verification: *

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

Azure AD Privileged Identity Management (PIM) is enabled for the tenant.
In PIM, the Password Administrator role has the following settings:
* Maximum activation duration (hours): 2
* Send email notifying admins of activation: Disable
* Require incident/request ticket number during activation: Disable
* Require Azure Multi-Factor Authentication for activation: Enable
* Require approval to activate this role: Enable
* Selected approver: Group1
You assign users the Password Administrator role as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Reference:
https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-resource-roles-

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription named Sub1. Sub1 has an Azure Storage account named Storage1 that contains the resources shown in the following table.

You generate a shared access signature (SAS) to connect to the blob service and the file service.
Which tool can you use to access the contents in Container1 and Share! by using the SAS? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *