Microsoft AZ-101 Dumps Questions 2019

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW AZ-101 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/AZ-101-dumps.html


AZ-101 Product Description:
Exam Number/Code: AZ-101 vce
Exam name: Microsoft Azure Integration and Security
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: Microsoft AZ-101 Microsoft Azure Integration and Security

AZ-101 examcollection

AZ-101 Braindumps are updated and AZ-101 Exam Questions and Answers are verified by experts. Once you have completely prepared with our AZ-101 Braindumps you will be ready for the real AZ-101 exam without a problem. We have AZ-101 Braindumps. PASSED AZ-101 Exam Questions First attempt! Here What I Did.

Free AZ-101 Demo Online For Microsoft Certifitcation:

NEW QUESTION 1
HOTSPOT
You have an Azure web app named WebApp1 that runs in an Azure App Service plan named ASP1. ASP1 is based on the D1 pricing tier.
You need to ensure that WebApp1 can be accessed only from computers on your on-premises network. The solution must minimize costs.
What should you configure? To answer, select the appropriate options in the answer are a.
NOTE: Each correct selection is worth one point.
AZ-101 dumps exhibit

    Answer:

    Explanation: Box 1: B1
    B1 (Basic) would minimize cost compared P1v2 (premium) and S1 (standard). Box 2: Cross Origin Resource Sharing (CORS)
    Once you set the CORS rules for the service, then a properly authenticated request made against the service from a different domain will be evaluated to determine whether it is allowed according to the
    rules you have specified.
    Note: CORS (Cross Origin Resource Sharing) is an HTTP feature that enables a web application running under one domain to access resources in another domain. In order to reduce the possibility of cross-site scripting attacks, all modern web browsers implement a security restriction known as same-origin policy. This prevents a web page from calling APIs in a different domain. CORS provides a secure way to allow one origin (the origin domain) to call APIs in another origin.
    References:
    https://azure.microsoft.com/en-us/pricing/details/app-service/windows/ https://docs.microsoft.com/en-us/azure/cdn/cdn-cors

    NEW QUESTION 2
    You have an Azure Active Directory (Azure AD) tenant named Tenant1 and an Azure subscription named You enable Azure AD Privileged Identity Management.
    You need to secure the members of the Lab Creator role. The solution must ensure that the lab creators request access when they create labs.
    What should you do first?

    • A. From Azure AD Privileged Identity Management, edit the role settings for Lab Creator.
    • B. From Subscription1 edit the members of the Lab Creator role.
    • C. From Azure AD Identity Protection, creates a user risk policy.
    • D. From Azure AD Privileged Identity Management, discover the Azure resources of Conscription.

    Answer: A

    Explanation: As a Privileged Role Administrator you can:
    Enable approval for specific roles
    Specify approver users and/or groups to approve requests
    View request and approval history for all privileged roles References:
    https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

    NEW QUESTION 3
    You have an Azure subscription that contains a virtual network named VNet1. VNet 1 has two subnets named Subnet1 and Subnet2. VNet1 is in the West Europe Azure region.
    The subscription contains the virtual machines in the following table.
    AZ-101 dumps exhibit
    You need to deploy an application gateway named AppGW1 to VNet1. What should you do first?

    • A. Add a service endpoint.
    • B. Add a virtual network.
    • C. Move VM3 to Subnet1.
    • D. Stop VM1 and VM2.

    Answer: D

    Explanation: If you have an existing virtual network, either select an existing empty subnet or create a new subnet in your existing virtual network solely for use by the application gateway.
    Verify that you have a working virtual network with a valid subnet. Make sure that no virtual machines or cloud deployments are using the subnet. The application gateway must be by itself in a virtual network subnet.
    References:
    https://social.msdn.microsoft.com/Forums/azure/en-US/b09367f9-5d01-4cda-9127- b7a506a0a151/cant-create-application-gateway?forum=WAVirtualMachinesVirtualNetwork https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-create-gateway

    NEW QUESTION 4
    You have an Azure App Service plan that hosts an Azure App Service named App1. You configure one production slot and four staging slots for App1.
    You need to allocate 10 percent of the traffic to each staging slot and 60 percent of the traffic to the production slot.
    What should you add to Appl1?

    • A. slots to the Testing in production blade
    • B. a performance test
    • C. a WebJob
    • D. templates to the Automation script blade

    Answer: A

    Explanation: Besides swapping, deployment slots offer another killer feature: testing in production. Just like the name suggests, using this, you can actually test in production. This means that you can route a specific percentage of user traffic to one or more of your deployment slots.
    Example:
    AZ-101 dumps exhibit
    References:
    https://stackify.com/azure-deployment-slots/

    NEW QUESTION 5
    You have a Microsoft SQL Server Always On availability group on Azure virtual machines. You need to configure an Azure internal load balancer as a listener for the availability group. What should you do?

    • A. Enable Floating IP.
    • B. Set Session persistence to Client IP and protocol.
    • C. Set Session persistence to Client IP.
    • D. Create an HTTP health probe on port 1433.

    Answer: A

    Explanation: Incorrect Answers:
    D: The Health probe is created with the TCP protocol, not with the HTTP protocol. References:
    https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windows-portal-sql-alwayson-int-listener

    Case Study: 3
    Lab 1
    SIMULATION
    The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
    Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
    Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
    To start the lab
    You may start lab by clicking the Next button
    Tasks
    Click to expand each objective
    To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
    Instructions
    Performance Based Lab
    This type of question asks you to perform tasks in a virtual environment.
    The screen for this type of question includes a virtual machine window and a tasks pane.
    The window is a remotely connected live environment where you perform tasks on real software and applications.
    On the right is a Tasks pane that lists the tasks you need to perform in the lab. Each task can be expanded or collapsed using the “+” or “-” symbols. A checkbox is provided for each task. This is provided for convenience, so you can mark each task as you complete it.
    Tasks
    Click to expand each objective
    -Configure servers
    Add the “Print and Document Services” role to server LON-SVR1, installing any required management features and enabling both Print and LPD Services.
    +Configure file and share access
    When you are finished performing all the tasks, click the ‘Next’ button.
    Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background while you complete the rest of the exam.
    Comments
    Once the exam completes, the comment period will begin and you will have the opportunity to provide comments to Microsoft about the exam questions. To launch the comment period, click the “Finish” and then “Comment” buttons. To skip the comment period and the exam, click Exit.
    You can navigate to a question from the Review screen to provide a comment. Please, see the Review Screen tab in the Review Screen help Menu (which can be accessed from the Review Screen) for details on accessing questions from the Review Screen.
    To comment on a question, navigate to that question and click the Give Feedback icon. When you have entered your comment in the comment window, click Submit to close the window. To navigate to the Review screen again, click the Review button. You may navigate through all questions using the Next and Previous buttons. To skip commenting, go to the Review Screen by selecting the Review Screen button in the upper left-hand corner and from the Review Screen, select “Finished”.
    Controls Available
    For any question, one or more of the following controls might be available.
    AZ-101 dumps exhibit
    Keyboard Shortcuts Available
    Exam features may be accessed using keyboard shortcuts. The following table describes the keyboard shortcuts that are available during this exam.
    Some keyboard shortcuts require that you press two or more keys at the same time. These keys are separated by a plus sign (+) in the table below.
    AZ-101 dumps exhibit
    AZ-101 dumps exhibit

    NEW QUESTION 6
    You have an Azure subscription named Subscription1 and two Azure Active Directory (Azure AD) tenants named Tenant1 and Tenant2.
    Subscnption1 is associated to Tenant1 Multi-factor authentication (MFA) is enabled for all the users in Tenant1.
    You need to enable MFA for the users in Tenant2. The solution must maintain MFA forTenant1. What should you do first?

    • A. Transfer the administration of Subscription1 to a global administrator of Tenants.
    • B. Configure the MFA Server setting in Tenant1.
    • C. Create and link a subscription to Tenant2.
    • D. Change the directory for Subscription1.

    Answer: C

    NEW QUESTION 7
    You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1. You need to ensure that you can configure a point-to-site connection from VNet1 to an on-premises computer. Which two actions should you perform? Each correct answer presents part of the solution.
    NOTE: Each correct selection is worth one point.

    • A. Reset GW1.
    • B. Add a service endpoint to VNet1.
    • C. Add a connection to GW1.
    • D. Add a public IP address space to VNet1.
    • E. Delete GWL
    • F. Create a route-based virtual network gateway.

    Answer: EF

    Explanation: E: Policy-based VPN devices use the combinations of prefixes from both networks to define how traffic is encrypted/decrypted through IPsec tunnels. It is typically built on firewall devices that perform packet filtering. IPsec tunnel encryption and decryption are added to the packet filtering and processing engine.
    F: A VPN gateway is used when creating a VPN connection to your on-premises network.
    Route-based VPN devices use any-to-any (wildcard) traffic selectors, and let routing/forwarding tables direct traffic to different IPsec tunnels. It is typically built on router platforms where each IPsec tunnel is modeled as a network interface or VTI (virtual tunnel interface).
    Incorrect Answers:
    D: Point-to-Site connections do not require a VPN device or a public-facing IP address. References:
    https://docs.microsoft.com/en-us/azure/vpn-gateway/create-routebased-vpn-gateway-portal https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-connect-multiple-policybased-rm- ps

    Case Study: 7
    Lab 2
    Overview
    This is a lab or performance-based testing (PBT) section.
    The following section of the exam is a lab. In this section, you will perform a set of tasks m a live environment. While most liable to you as it would be m a live environment, some functionality (e g, copy and paste, ability to having sites) will not be possible by design.
    Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the lab9s0 and all other sections of the
    exam in the time provided.
    Please note that once you submit your work by clicking the Next button within a lab. you will NOT be able to return to the tab.
    AZ-101 dumps exhibit
    AZ-101 dumps exhibit
    AZ-101 dumps exhibit
    To connect to Azure portal, type https://portal.azure.com in te browser address bar.

    NEW QUESTION 8
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
    You have an Azure web app named Appl. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.
    You discover that App1 stops each day after running continuously for 60 minutes. You need to ensure that App1 can run continuously for the entire day.
    Solution: You change the pricing tier of Plan1 to Basic. Does this meet the goal?

    • A. Yes
    • B. No

    Answer: A

    Explanation: The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.
    References:
    https://azure.microsoft.com/en-us/pricing/details/app-service/windows/

    NEW QUESTION 9
    You create an Azure subscription that is associated to a basic Azure Active Directory (Azure AD) tenant. You need to receive an email notification when any user activates an administrative role.
    What should you do?

    • A. Purchase Azure AD Premium 92 and configure Azure AD Privileged Identity Management,
    • B. Purchase Enterprise Mobility + Security E3 and configure conditional access policies.
    • C. Purchase Enterprise Mobility + Security E5 and create a custom alert rule in Azure Security Center.
    • D. Purchase Azure AD Premium PI and enable Azure AD Identity Protection.

    Answer: A

    Explanation: When key events occur in Azure AD Privileged Identity Management (PIM), email notifications are sent. For example, PIM sends emails for the following events:
    When a privileged role activation is pending approval
    When a privileged role activation request is completed
    When a privileged role is activated
    When a privileged role is assigned
    When Azure AD PIM is enabled References:
    https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim- email-notifications

    NEW QUESTION 10
    You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs.
    What should you use?

    • A. Diagram in VNet1
    • B. the security recommendations in Azure Advisor
    • C. Diagnostic settings in Azure Monitor
    • D. Diagnose and solve problems in Traffic Manager Profiles
    • E. IP flow verify in Azure Network Watcher

    Answer: E

    Explanation: Scenario: Contoso must meet technical requirements including:
    Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
    IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
    References:
    https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview

    NEW QUESTION 11
    A web developer creates a web application that you plan to deploy as an Azure web app.
    Users must enter credentials to access the web application.
    You create a new web app named WebAppl1 and deploy the web application to WebApp1.
    You need to disable anonymous access to WebApp1. What should you configure?

    • A. Advanced Tools
    • B. Authentication/ Authorization
    • C. Access control (IAM)
    • D. Deployment credentials

    Answer: B

    Explanation: Anonymous access is an authentication method. It allows users to establish an anonymous connection.
    References:
    https://docs.microsoft.com/en-us/biztalk/core/guidelines-for-resolving-iis-permissions-problems

    NEW QUESTION 12
    Note This question is part of a series of questions that present the same seer Some question sets might have more than one correct solution, while others might not have a correct solution.
    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
    You manage a virtual network named VNet1 that is hosted in the West US Azure region.
    VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server. You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.
    Solution: From Performance Monitor, you create a Data Collector Set (DCS) Does this meet the goal?

    • A. Yes
    • B. No

    Answer: B

    Explanation: You should use Azure Network Watcher. References:
    https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

    NEW QUESTION 13
    You have an Azure Active Directory (Azure AD) tenant.
    You have an existing Azure AD conditional access policy named Policy1. Policy1 enforces the use of Azure AD-joined devices when members of the Global Administrators group authenticate to Azure AD from untrusted locations.
    You need to ensure that members of the Global Administrators group will also be forced to use multi- factor authentication when authenticating from untrusted locations.
    What should you do?

    • A. From the multi-factor authentication page, modify the service settings.
    • B. From the multi-factor authentication page, modify the user settings.
    • C. From the Azure portal, modify grant control of Policy1.
    • D. From the Azure portal, modify session control of Policy1.

    Answer: C

    Explanation: There are two types of controls:
    Grant controls – To gate access
    Session controls – To restrict access to a session
    Grant controls oversee whether a user can complete authentication and reach the resource that
    they’re attempting to sign-in to. If you have multiple controls selected, you can configure whether all of them are required when your policy is processed. The current implementation of Azure Active Directory enables you to set the following grant control requirements:
    AZ-101 dumps exhibit
    References:
    https://blog.lumen21.com/2017/12/15/conditional-access-in-azure-active-directory/

    NEW QUESTION 14
    HOTSPOT
    You plan to create a new Azure Active Directory (Azure AD) role.
    You need to ensure that the new role can view all the resources in the Azure subscription and issue support requests to Microsoft. The solution must use the principle of least privilege.
    How should you complete the JSON definition? To answer, select the appropriate options in the answer are
    a.
    NOTE: Each correct selection is worth one point.
    AZ-101 dumps exhibit

      Answer:

      Explanation: Box 1: "*/read",
      */read lets you view everything, but not make any changes. Box 2: " Microsoft.Support/*"
      The action Microsoft.Support/* enables creating and management of support tickets. References:
      https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

      NEW QUESTION 15
      DRAG DROP
      You have an Azure subscription that contains an Azure Service Bus named Bus1.
      Your company plans to deploy two Azure web apps named App1 and App2. The web apps will create messages that have the following requirements:
      Each message created by App1 must be consumed by only a single consumer
      Each message created by App2 will be consumed by multiple consumers.
      Which resource should you create for each web app? To answer, drag the appropriate resources to the correct web apps. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
      NOTE: Each correct selection is worth one point.
      AZ-101 dumps exhibit

        Answer:

        Explanation: AZ-101 dumps exhibit

        NEW QUESTION 16
        You need to create a web app named corp7509086n2 that can be scaled horizontally. The solution must use the lowest possible pricing tier for the App Service plan.
        What should you do from the Azure portal?

          Answer:

          Explanation: Step 1:
          In the Azure Portal, click Create a resource > Web + Mobile > Web App. Step 2:
          Use the Webb app settings as listed below. Web App name: corp7509086n2
          Hosting plan: Azure App Service plan Pricing tier of the Pricing Tier: Standard
          Change your hosting plan to Standard, you can't setup auto-scaling below standard tier.
          Step 3:
          Select Create to provision and deploy the Web app.
          References:
          https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-web-how-to-create-a- web-app-in-an-ase
          https://azure.microsoft.com/en-us/pricing/details/app-service/plans/

          NEW QUESTION 17
          You are configuring Azure Active Directory (AD) Privileged Identity Management.
          You need to provide a user named Admm1 with read access to a resource group named RG1 for only one month.
          The user role must be assigned immediately.
          What should you do?

          • A. Assign an active role.
          • B. Assign an eligible role.
          • C. Assign a permanently active role.
          • D. Create a custom role and a conditional access policy.

          Answer: B

          Explanation: Azure AD Privileged Identity Management introduces the concept of an eligible admin. Eligible admins should be users that need privileged access now and then, but not all-day, every day. The role is inactive until the user needs access, then they complete an activation process and become an active admin for a predetermined amount of time.
          References:
          https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

          NEW QUESTION 18
          You recently deployed a web app named homepagelod7509087.
          You need to back up the code used for the web app and to store the code in the homepagelod7509Q87 storage account. The solution must ensure that a new backup is created daily.
          What should you do from the Azure portal?

            Answer:

            Explanation: Step 1:
            Locate and select the web app homepagelod7509087, select Backups. The Backups page is displayed.
            AZ-101 dumps exhibit
            Step 2:
            In the Backup page, Click Configure. Step 3:
            In the Backup Configuration page, click Storage: Not configured to configure a storage account.
            AZ-101 dumps exhibit
            Step 4:
            Choose your backup destination by selecting a Storage Account and Container. Select the homepagelod7509087 storage account.
            Step 5:
            In the Backup Configuration page that is still left open, select Scheduled backup On, and configure daily backups.
            AZ-101 dumps exhibit
            Step 6:
            In the Backup Configuration page, click Save. Step 7:
            In the Backups page, click Backup. References:
            https://docs.microsoft.com/en-us/azure/app-service/web-sites-backup

            P.S. Easily pass AZ-101 Exam with 67 Q&As Certleader Dumps & pdf Version, Welcome to Download the Newest Certleader AZ-101 Dumps: https://www.certleader.com/AZ-101-dumps.html (67 New Questions)