ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
You have an Azure subscription that contains the virtual machines shown in the following table. You deploy a load balancer that has the following configurations: * Name: LB 1 * Type: Internal * SKU: Standard * Virtual network: VNET1 You need to ensure that you can add VM1 and VM2 to the backend pool of L81. Solution: You create two Standard SKU public IP addresses and associate a Standard SKU public IP address to the network interface of each virtual machine. Does this meet the goal?
You have an Azure subscription that contains the resources shown in the following table. You need to assign User1 the Storage File Data SMB Share Contributor role for share1. What should you do first?
You have an Azure App Service app named App1 that contains two running instances. You have an auto scale rule configured as shown in the following exhibit For the instance limits stale condition setting, you set Maximum to 5. During a 30-minute period. Appl uses 60 percent of the available memory. What is the maximum number of instances tor Appl during the 30-minute period:
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?

Question 344 - AZ-104 discussion

Report
Export

You have an Azure Active Directory (Azure AD) tenant.

All administrators must enter a verification code to access the Azure portal.

You need to ensure that the administrators can access the Azure portal only from your on-premises network.

What should you configure?

A.
an Azure AD Identity Protection user risk policy.
Answers
A.
an Azure AD Identity Protection user risk policy.
B.
the multi-factor authentication service settings.
Answers
B.
the multi-factor authentication service settings.
C.
the default for all the roles in Azure AD Privileged Identity Management
Answers
C.
the default for all the roles in Azure AD Privileged Identity Management
D.
an Azure AD Identity Protection sign-in risk policy
Answers
D.
an Azure AD Identity Protection sign-in risk policy
Suggested answer: B

Explanation:

the multi-factor authentication service settings - Correct choice

There are two criterias mentioned in the question.

1. MFA required

2. Access from only a specific geographic region/IP range.

To satisfy both the requirements you need MFA with location conditional access. Please note to achieve this configuration you need to have AD Premium account for Conditional Access policy.

Navigate to Active Directory --> Security --> Conditional Access --> Named Location. Here you can create a policy with location (on-premise IP range) and enable MFA. This will satisfy the requirements.

an Azure AD Identity Protection user risk policy - Incorrect choice

In the Identity Protection, there are three (3) protection policies- User Risk, Sign-In Risk & MFA

Registration. None of those in which you can enable a location (on-prem IP Range) requirement in any blade.

the default for all the roles in Azure AD Privileged Identity Management - Incorrect choice

This option will not help you to restrict the users to access only form on prem.

an Azure AD Identity Protection sign-in risk policy - Incorrect choice

In the Identity Protection, there are three (3) protection policies- User Risk, Sign-In Risk & MFA

Registration. None of those in which you can enable a location (on-prem IP Range) requirement in any blade.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

Show Answer
asked 26/09/2024
Mirza Daniyal Baig
40 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms