You have an Azure subscription that contains the resources shown in the following table.

An IP address of 10.1.0.4 is assigned to VM5. VM5 does not have a public IP address.
VM5 has just in time (JIT) VM access configured as shown in the following exhibit.

You enable JIT VM access for VM5.
NSG1 has the inbound rules shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Comment: *

Name: *

Email: *

Verification: *

You create an alert rule that has the following settings:
* Resource: RG1
* Condition: All Administrative operations
* Actions: Action groups configured for this alert rule: ActionGroup1
* Alert rule name: Alert1
You create an action rule that has the following settings:
* Scope: VM1
* Filter criteria: Resource Type = "Virtual Machines"
* Define on this scope: Suppression
* Suppression config: From now (always)
* Name: ActionRule1
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Note: Each correct selection is worth one point.

Correct Answer:

Explanation

Box 1:
The scope for the action rule is set to VM1 and is set to suppress alerts indefinitely.
Box 2:
The scope for the action rule is not set to VM2.
Box 3:
Adding a tag is not an administrative operation.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-activity-log
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-action-rules

Comment: *

Name: *

Email: *

Verification: *

You have an Azure Active Directory (Azure AD) tenant that contains the resources shown in the following table.

User2 is the owner of Group2.
The user and group settings for App1 are configured as shown in the following exhibit.

You enable self-service application access for App1 as shown in the following exhibit.

User3 is configured to approve access to Appl.
You need to identify the owners of Group2 and the users of Appl.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/manage-self-service-access

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription that contains the following resources:
* A virtual network named VNET1 that contains two subnets named Subnet1 and Subnet2.
* A virtual machine named VM1 that has only a private IP address and connects to Subnet1.
You need to ensure that Remote Desktop connections can be established to VM1 from the internet.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange then in the correct order.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD)
tenant named contoso.com.
You are assigned the Global administrator role for the tenant. You are responsible for managing Azure
Security Center settings.
You need to create a custom sensitivity label.
What should you do first?

• A.Create a custom sensitive information type.
• B.Elevate access for global administrators in Azure AD.
• C.Upgrade the pricing tier of the Security Center to Standard.
• D.Enable integration with Microsoft Cloud App Security.

Comment: *

Name: *

Email: *

Verification: *