Skip to content

Desi banjara

learn and grow together

  • Azure
    • Azure Compute
      • Azure Logic Apps
      • Azure Mobile Apps
      • Azure App Service
      • Azure Serverless Computing
        • Azure Functions
    • Azure Networking services
      • Azure Networking – VNET
    • Azure Database Services
      • Azure SQL
      • Azure Data Factory
      • Azure Databricks
    • Azure Analytics Services
    • Azure Cognitive Services
    • Azure Data and Storage
    • Azure Devops
    • Azure landing zone
    • Azure IaaS
    • Azure Internet of Things (IoT)
      • Azure Machine Learning
      • Azure AI and ML services
    • Azure Migration
    • Microsoft Azure Log Analytics
  • Azure Security
    • Azure Identity and Access Management
    • Azure Active Directory
    • Azure Defender
    • Azure security tools for logging and monitoring
    • Azure Sentinel
    • Azure Sentinel – Data connectors
  • Agile Software development
    • Atlassian Jira
  • Amazon Web Services (AWS)
    • Amazon EC2
    • Amazon ECS
    • AWS Lambda
  • Google
    • Google Cloud Platform (GCP)
    • gmail api
    • Google Ads
    • Google AdSense
    • Google Analytics
    • Google Docs
    • Google Drive
    • Google Maps
    • Google search console
  • Software architecture
    • Service-oriented architecture (SOA)
    • Domain-Driven Design (DDD)
    • Microservices
    • Event-Driven Architecture
    • Command Query Responsibility Segregation (CQRS) Pattern
    • Layered Pattern
    • Model-View-Controller (MVC) Pattern
    • Hexagonal Architecture Pattern
    • Peer-to-Peer (P2P) pattern
    • Pipeline Pattern
  • Enterprise application architecture
  • IT/Software development
    • API development
    • ASP.Net MVC
    • ASP.NET Web API
    • C# development
    • RESTful APIs
  • Cybersecurity
    • Cross Site Scripting (XSS)
    • Reflected XSS
    • DOM-based XSS
    • Stored XSS attacks
    • Ransomware
    • cyber breaches
    • Static Application Security Testing (SAST)
  • Interview questions
    • Microsoft Azure Interview Questions
    • Amazon Web Services (AWS) Interview Questions
    • Agile Software development interview questions
    • C# interview questions with answers
    • Google analytics interview questions with answers
    • Javascript interview questions with answers
    • Python interview questions with answers
    • WordPress developer interview questions and answers
  • Cloud
    • Cloud computing
    • Infrastructure as a Service (IaaS)
    • Platform as a Service (PaaS)
    • Software as a Service (SaaS)
    • Zero Trust strategy
  • Toggle search form
  • What is the difference between SQL Server on Azure VM and Azure SQL Database? Azure
  • AWS DevOps Engineer Professional Exam Practice Questions – 9 AWS DevOps Engineer Professional Exam
  • Microsoft Azure – Security, compliance and identity concepts Azure
  • What is the difference between Table Storage and SQL Azure Table? Azure Storage
  • GPT-4 vs. ChatGPT ChatGPT
  • WordPress Content management system
  • Top 20 beginner level C# interview questions C# development
  • Getting Started with Azure App Service Azure

Sample Exam Questions 1: AZ-300: Microsoft Azure Architect Technologies

Posted on June 17, 2020 By DesiBanjara No Comments on Sample Exam Questions 1: AZ-300: Microsoft Azure Architect Technologies

Skill measure: Deploy and Configure Infrastructure

QUESTION 1

You have an Azure subscription named Subscription1 that is used by several departments at your company. Subscription1 contains the resources in the following table.

Another administrator deploys a virtual machine named VM1 and an Azure Storage account named Storage2 by using a single Azure Resource Manager template. You need to view the template used for the deployment.
From the Azure Portal, for which blade can you view the template that was used for the deployment?

  1. Container1 B. VM1
  2. Storage2 D. RG1

Correct Answer: D

Explanation
You can verify the deployment by exploring the resource group from the Azure portal

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-manager-tutorial https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-tutorial-create-first-template?tabs=azure-powershell


QUESTION 2

You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated to a different Azure AD tenant.
Subscription1 contains a virtual network named VNet1. VNet1 contains an Azure virtual machine named VM1 and has an IP address space of 10.0.0.0/16. Subscription2 contains a virtual network named VNet2. Vnet2 contains an Azure virtual machine named VM2 and has an IP address space of 10.10.0.0/24. You need to connect VNet1 to VNet2.

What should you do first?

  1. Modify the IP addresss pace of VNet2.
  2. Move VM1 to Subscription2.
  3. Provision virtual network gateways.
  4. Move VNet1 to Subscription2.

Correct Answer: C Section: (none) Explanation

Explanation
We require a virtual network gateway for VNet-to-VNet connectivity.

Incorrect Answers:
A: There is no need to modify the address space. If you update the address space for one VNet, the other VNet automatically knows to route to the updated address space.

Reference:

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-cli

QUESTION 3

You have an Azure Active Directory (Azure AD) tenant.

You have an existing Azure AD conditional access policy named Policy1. Policy1 enforces the use of Azure AD-joined devices when members of the Global Administrators group authenticate to Azure AD from untrusted locations.

You need to ensure that members of the Global Administrators group will also be forced to use multi-factor authentication when authenticating from untrusted locations.

What should you do?

  1. From the Azure portal, modify session control of Policy1.
  2. From multi-factor authentication page, modify the user settings.
  3. From multi-factor authentication page, modify the service settings.
  4. From the Azure portal, modify grant control of Policy1.

Correct Answer: D

Explanation
We need to modify the grant control of Policy1.

The grant control can trigger enforcement of one or more controls. Require multi-factor authentication (Azure Multi-Factor Authentication) Require device to be marked as compliant (Intune)
Require Hybrid Azure AD joined device
Require approved client app
Require app protection policy

Note: It is now possible to explicitly apply the Require MFA for admins rule.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/untrusted-networks
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-baseline-protection


QUESTION 4

You have an Azure subscription named Subscription1 that contains an Azure virtual machine named VM1. VM1 is in a resource group named RG1. VM1 runs services that will be used to deploy resources to RG1.

You need to ensure that a service running on VM1 can manage the resources in RG1 by using the identity of VM1. What should you do first?

  1. From the Azure portal, modify the Access control (IAM) settings of RG1.
  2. From the Azure portal, modify the Policies settings of RG1.
  3. From the Azure portal, modify the Access control (IAM) settings of VM1.
  4. From the Azure portal, modify the value of the Managed Service Identity option for VM1.

Correct Answer: D

Explanation
Through a create process, Azure creates an identity in the Azure AD tenant that’s trusted by the subscription in use. After the identity is created, the identity can be assigned to one or more Azure service instances.

Reference:

https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

QUESTION 5

You configure Azure AD Connect for Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) for an on-premises network.

Users report that when they attempt to access myapps.microsoft.com, they are prompted multiple times to sign in and are forced to use an account name that ends with onmicrosoft.com.

You discover that there is a UPN mismatch between Azure AD and the on-premises Active Directory. You need to ensure that the users can use single-sign on (SSO) to access Azure resources.
What should you do first?

  1. From on-premises network, deploy Active Directory Federation Services (ADFS).
  2. From AzureAD, add and verify a custom domain name.
  3. From on-premises network, request a new certificate that contains the Active Directory domain name.
  4. From the server that runs Azure AD Connect, modify the filtering options.

Correct Answer: B

Explanation
The UPN is used by Azure AD to allow users to sign-in. The UPN that a user can use, depends on whether or not the domain has been verified. If the domain has been verified, then a user with that suffix will be allowed to sign-in to Azure AD.

To do so, you need to add and verify a custom domain in Azure AD before you can start syncing the users.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-design-concepts#azure-ad-sign-in

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/tshoot-connect-objectsync#detect-upn-mismatch-if-object-is-synced-to-azure-active-directory



 

Next: Sample Exam Questions 2: AZ-300: Microsoft Azure Architect Technologies

AZ-300: Microsoft Azure Architect Technologies Exam, Microsoft Azure certifications Tags:Architect a data platform in Azure, Architect API integration in Azure, Architect compute infrastructure in Azure, Architect infrastructure operations in Azure, Architect message brokering, Architect migration, Architect modern applications in Azure, Architect network infrastructure in Azure, Architect storage infrastructure in Azure, AZ-300, disaster recovery in Azure, Microsoft Azure, Microsoft Azure Architect Technologies Exam, serverless applications in Azure

Post navigation

Previous Post: AZ-300: Microsoft Azure Architect Technologies Exam Preparation
Next Post: Sample Exam Questions 2: AZ-300: Microsoft Azure Architect Technologies

Related Posts

  • Sample Exam Questions 3: AZ-300: Microsoft Azure Architect Technologies AZ-300: Microsoft Azure Architect Technologies Exam
  • Sample Exam Questions 5: AZ-300: Microsoft Azure Architect Technologies AZ-300: Microsoft Azure Architect Technologies Exam
  • Sample Exam Questions 6: AZ-300: Microsoft Azure Architect Technologies AZ-300: Microsoft Azure Architect Technologies Exam
  • Sample Exam Questions 2: AZ-300: Microsoft Azure Architect Technologies AZ-300: Microsoft Azure Architect Technologies Exam
  • AZ-300: Microsoft Azure Architect Technologies Exam Preparation AZ-300: Microsoft Azure Architect Technologies Exam
  • Microsoft AZ-220 Certification Exam Practice Questions – Part 1 Microsoft Azure certifications

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.



Categories

  • Agile Software development
  • Amazon AWS Certification Exam
  • Amazon EC2
  • Amazon ECS
  • Amazon Web Services (AWS)
  • Apache Kafka
  • API development
  • API development
  • Apple Mac
  • ASP.NET Core
  • ASP.Net MVC
  • ASP.NET Web API
  • Atlassian Jira
  • AWS DevOps Engineer Professional Exam
  • AWS Lambda
  • AZ-300: Microsoft Azure Architect Technologies Exam
  • Azure
  • Azure Active Directory
  • Azure AI and ML services
  • Azure Analytics Services
  • Azure App Service
  • Azure Application Gateway
  • Azure Archive Storage
  • Azure Blob Storage
  • Azure Cognitive Services
  • Azure Compute
  • Azure Container Instances (ACI)
  • Azure Core Services
  • Azure Cosmos DB
  • Azure Data and Storage
  • Azure Data Factory
  • Azure Data Lake Storage
  • Azure Database Services
  • Azure Databricks
  • Azure DDoS Protection
  • Azure Defender
  • Azure Devops
  • Azure Disk Storage
  • Azure File Storage
  • Azure Functions
  • Azure IaaS
  • Azure Identity and Access Management
  • Azure Internet of Things (IoT)
  • Azure Key Vault
  • Azure Kubernetes Service (AKS)
  • Azure landing zone
  • Azure Load Balancer
  • Azure Logic Apps
  • Azure Machine Learning
  • Azure Machine Learning
  • Azure Migration
  • Azure Mobile Apps
  • Azure Networking – VNET
  • Azure Networking services
  • Azure Pricing and Support
  • Azure Queue Storage
  • Azure Resource Manager
  • Azure Security
  • Azure Security Center
  • Azure Security Information and Event Management (SIEM)
  • Azure security tools for logging and monitoring
  • Azure Security, Privacy, Compliance, and Trust
  • Azure Sentinel
  • Azure Sentinel – Data connectors
  • Azure Serverless Computing
  • Azure Service Level Agreement (SLA)
  • Azure SLA calculation
  • Azure SQL
  • Azure SQL Database
  • Azure Storage
  • Azure Stream Analytics
  • Azure Synapse Analytics
  • Azure Table Storage
  • Azure Virtual Machine
  • Azure VNET
  • Business
  • C# development
  • C# interview questions with answers
  • CDA (Clinical Document Architecture)
  • ChatGPT
  • CI/CD pipeline
  • CISSP certification
  • CKEditor
  • Cloud
  • Cloud computing
  • Cloud Computing Concepts
  • Cloud services
  • COBIT
  • Command Query Responsibility Segregation (CQRS) Pattern
  • Configure SSL offloading
  • Content management system
  • Continuous Integration
  • conversational AI
  • Cross Site Scripting (XSS)
  • cyber breaches
  • Cybersecurity
  • Data Analysis
  • Database
  • DevOps
  • DevSecOps
  • Docker
  • DOM-based XSS
  • Domain-Driven Design (DDD)
  • Dynamic Application Security Testing (DAST)
  • Enterprise application architecture
  • Event-Driven Architecture
  • git
  • GIT
  • gmail api
  • Google
  • Google Ads
  • Google AdSense
  • Google Analytics
  • Google analytics interview questions with answers
  • Google Cloud Platform (GCP)
  • Google Docs
  • Google Drive
  • Google Maps
  • Google search console
  • Healthcare Interoperability Resources
  • Hexagonal Architecture Pattern
  • HL7 vs FHIR
  • HTML
  • Information security
  • Infrastructure as a Service (IaaS)
  • Internet of Things (IoT)
  • Interview questions
  • Introduction to DICOM
  • Introduction to FHIR
  • Introduction to HL7
  • IT governance
  • IT Infrastructure networking
  • IT/Software development
  • Javascript interview questions with answers
  • Kubernetes
  • Layered Pattern
  • Leadership Quote
  • Life lessons
  • Load Balancing Algorithms
  • Low-code development platform
  • Microservices
  • Microservices
  • Microsoft
  • Microsoft 365 Defender
  • Microsoft AI-900 Certification Exam
  • Microsoft AZ-104 Certification Exam
  • Microsoft AZ-204 Certification Exam
  • Microsoft AZ-900 Certification Exam
  • Microsoft Azure
  • Microsoft Azure certifications
  • Microsoft Azure Log Analytics
  • Microsoft Cloud Adoption Framework
  • Microsoft Exam AZ-220
  • Microsoft Exam AZ-400
  • Microsoft Excel
  • Microsoft Office
  • Microsoft Teams
  • Microsoft Teams
  • Microsoft word
  • Model-View-Controller (MVC) Pattern
  • Monitoring and analytics
  • NoSQL
  • OpenAI
  • OutSystems
  • Peer-to-Peer (P2P) pattern
  • Pipeline Pattern
  • PL-100: Microsoft Power Platform App Maker
  • PL-200: Microsoft Power Platform Functional Consultant Certification
  • PL-900: Microsoft Power Platform Fundamentals
  • Platform as a Service (PaaS)
  • postman
  • Postman
  • Postman
  • Project management
  • Python interview questions with answers
  • Ransomware
  • Reflected XSS
  • RESTful APIs
  • Rich Text Editor
  • SC-100: Microsoft Cybersecurity Architect
  • Scrum Master Certification
  • Service-oriented architecture (SOA)
  • Software architecture
  • Software as a Service (SaaS)
  • SonarQube
  • Splunk
  • SQL
  • SQL Azure Table
  • SQL Server
  • Static Application Security Testing (SAST)
  • Stored XSS attacks
  • Table Storage
  • Test Driven Development (TDD)
  • TinyMCE
  • Top technology trends for 2023
  • Uncategorized
  • User Experience (UX) design
  • Version control system
  • visual studio
  • WCF (Windows Communication Foundation)
  • Web development
  • WordPress
  • WordPress developer interview questions and answers
  • Zero Trust strategy



Recent Posts

  • Get started with Azure Cosmos DB
  • Azure Cosmos DB
  • How can I run web and api projects together in visual studio
  • Azure DDoS Protection
  • Azure Security Information and Event Management (SIEM)
  • What is Cyber Security? Definition, Challenges & Best Practices Cybersecurity
  • Amazon Elastic Compute Cloud (Amazon EC2) Amazon EC2
  • AWS DevOps Engineer Professional Exam Practice Questions – 6 AWS DevOps Engineer Professional Exam
  • Interview question: What is the purpose of “as” operator in C#? C# development
  • What is the best practice for achieving the High availability of applications running on Azure VM having web tier and DB tier? Azure
  • Google Ads Google
  • Dynamic Application Security Testing (DAST) Dynamic Application Security Testing (DAST)
  • Azure Core Services Azure Core Services

Copyright © 2023 Desi banjara.

Powered by PressBook News WordPress theme