01. Your company has a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com. The company uses several Azure Files shares. Each share is assigned to a different department at the company. The department attribute in Azure AD is populated for all users. You need to ensure that the users can access the departmental file shares. Which two types of groups should you use?
a) a security group that uses the dynamic membership type
b) a Microsoft 365 group that uses the dynamic membership type
c) a distribution group that uses the dynamic membership type
d) a security group that uses the assigned membership type
e) a Microsoft 365 group that uses the assigned membership type
02. You have a production Azure Active Directory (Azure AD) tenant named contoso.com. You deploy a development Azure Active Directory (AD) tenant, and then you create several custom administrative roles in the development tenant. You need to copy the roles to the production tenant. What should you do first?
a) From the development tenant, export the custom roles to JSON.
b) From the production tenant, create a new custom role.
c) From the development tenant, perform a backup.
d) From the production tenant, create an administrative unit.
03. You have an Azure subscription that contains several Azure runbooks. The runbooks run nightly and generate reports. The runbooks are configured to store authentication credentials as variables. You need to replace the authentication solution with a more secure solution. What should you use?
a) Azure Active Directory (Azure AD) Identity Protection
b) Azure Key Vault
c) an access policy
d) an administrative unit
04. You have an Azure subscription that contains a virtual machine named VM1. VM1 requires volume encryption for its operating system and data disks. You create an Azure key vault named vault1. You need to configure vault1 to support Azure Disk Encryption for volume encryption. Which setting should you modify for vault1?
c) Access policies
05. You have an Azure Active Directory (Azure AD) tenant named contoso.com. You need to ensure that a user named User1 can review all the settings of the tenant. User1 must be prevented from changing any settings. Which role should you assign to User1?
a) Directory reader
b) Security reader
c) Reports reader
d) Global reader
06. You have an Azure virtual machine named VM1. You need to create five additional virtual machines that have the same configurations as VM1. The solution must ensure that VM1 remains available. From the Azure portal, you open the blade for VM1. What should you do next?
a) Select Capture
b) Select Availability and scaling.
c) Select Redeploy + reapply.
d) Select Export template.
07. You have an Azure subscription that contains an Azure App Service web app named webapp1. Webapp1 uses a domain name of webapp1.azurewebsites.net. You need to add a custom domain named www.contoso.com to webapp1. You verify the domain ownership. Which DNS record should you use next?
08. Your company has 10 different departments. You have an Azure subscription that contains several hundred virtual machines. The users of each department use only their department’s virtual machines. You plan to apply resource tags for each department to the virtual machines. Which two solutions should you use?
Each correct presents a complete solution.
b) Azure Resource Manager (ARM) templates
c) app registrations
d) Azure Advisor
09. You have to ensure to implement the backup solution for the application after it is moved to Azure. Which of the following would you create first for this requirement?
a) Create a recovery plan
b) Create an Azure Backup Server
c) Create a backup policy
d) Create a recovery services vault
10. Which Azure service is used to monitor on-premises connectivity?
a) Azure Logs
b) Azure Alerts
c) Azure Monitor
d) Azure DNS