Microsoft AZ-102 Braindumps 2021

AZ-102 Exam Questions and Answers for Microsoft certification, Real Success Guaranteed with Updated AZ-102 Free Practice Questions. 100% PASS AZ-102 Microsoft Azure Administrator Certification Transition exam Today!

Online AZ-102 free questions and answers of New Version:

NEW QUESTION 1
You need to create a web app named corp7509086n2 that can be scaled horizontally. The solution must use the lowest possible pricing tier for the App Service plan.
What should you do from the Azure portal?

    Answer:

    Explanation: Step 1:
    In the Azure Portal, click Create a resource > Web + Mobile > Web App. Step 2:
    Use the Webb app settings as listed below. Web App name: corp7509086n2
    Hosting plan: Azure App Service plan Pricing tier of the Pricing Tier: Standard
    Change your hosting plan to Standard, you can't setup auto-scaling below standard tier. Step 3:
    Select Create to provision and deploy the Web app. References:
    https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-web-how-to-createa- web-app-in-an-ase
    https://azure.microsoft.com/en-us/pricing/details/app-service/plans/

    NEW QUESTION 2
    You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated to a different Azure AD tenant.
    Subscription1 contains a virtual network named VNet1.VNet1 contains an Azure virtual machine named VM1 and has an IP address space of 10.0.0.0/16.
    Subscription2 contains a virtual network named VNet2. VNet2 contains an Azure virtual machine named VM2 and has an IP address space of 10.10.0.0/24.
    You need to connect VNet1 to VNet2. What should you do first?

    • A. Move VNet1 to Subscription2.
    • B. Modify the IP address space of VNet2.
    • C. Provision virtual network gateways.
    • D. Move VM1 to Subscription2.

    Answer: C

    Explanation: The virtual networks can be in the same or different regions, and from the same or different subscriptions. When connecting VNets from different subscriptions, the subscriptions do not need to
    be associated with the same Active Directory tenant.
    Configuring a VNet-to-VNet connection is a good way to easily connect VNets. Connecting a virtual network to another virtual network using the VNet-to-VNet connection type (VNet2VNet) is similar to creating a Site-to-Site IPsec connection to an on-premises location. Both connectivity types use a VPN gateway to provide a secure tunnel using IPsec/IKE, and both function the same way when communicating.
    The local network gateway for each VNet treats the other VNet as a local site. This lets you specify additional address space for the local network gateway in order to route traffic.
    References: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnetresource- manager-portal

    NEW QUESTION 3
    You need to prepare the environment to meet the authentication requirements.
    Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.

    • A. Azure Active Directory (AD) Identity Protection and an Azure policy
    • B. a Recovery Services vault and a backup policy
    • C. an Azure Key Vault and an access policy
    • D. an Azure Storage account and an access policy

    Answer: BD

    Explanation: D: Seamless SSO works with any method of cloud authentication - Password Hash Synchronization or Pass-through Authentication, and can be enabled via Azure AD Connect.
    B: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure AD URL to all or selected users' Intranet zone settings by using Group Policy in Active Directory: https://autologon.microsoftazuread-sso.com
    Incorrect Answers:
    A: Seamless SSO needs the user's device to be domain-joined, but doesn't need for the device to be Azure AD Joined.
    C: Azure AD connect does not port 8080. It uses port 443.
    E: Seamless SSO is not applicable to Active Directory Federation Services (ADFS).
    Scenario: Users in the Miami office must use Azure Active Directory Seamless Single Sign-on (Azure AD Seamless SSO) when accessing resources in Azure.
    Planned Azure AD Infrastructure include: The on-premises Active Directory domain will be synchronized to Azure AD.
    References: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directoryaadconnect-sso-quick-start

    NEW QUESTION 4
    HOT SPOT
    Your network contains an Active Directory domain named adatum.com and an Azure Active Directory (Azure AD) tenant named adatum.onmicrosoft.com.
    Adatum.com contains the user accounts in the following table.
    AZ-102 dumps exhibit
    Adatum.onmicrosoft.com contains the user accounts in the following table.
    AZ-102 dumps exhibit
    You need to implement Azure AD Connect. The solution must follow the principle of least privilege. Which user accounts should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
    AZ-102 dumps exhibit

      Answer:

      Explanation: Box 1: User5
      In Express settings, the installation wizard asks for the following: AD DS Enterprise Administrator credentials
      Azure AD Global Administrator credentials
      The AD DS Enterprise Admin account is used to configure your on-premises Active Directory. These credentials are only used during the installation and are not used after the installation has
      completed. The Enterprise Admin, not the Domain Admin should make sure the permissions in Active Directory can be set in all domains.
      Box 2: UserA
      Azure AD Global Admin credentials credentials are only used during the installation and are not used after the installation has completed. It is used to create the Azure AD Connector account used for synchronizing changes to Azure AD. The account also enables sync as a feature in Azure AD. References: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directoryaadconnect- accounts-permissions

      NEW QUESTION 5
      You create a new replication policy in Azure for the physical servers. You successfully complete the following actions:
      Create and configure a Recovery Services vault.
      Ensure Internet connectivity.
      Ensure that the required URLs are reachable.
      Ensure that the host server requirements are met.
      Ensure that the servers marked for replication comply with the requirements of the Azure virtual machines.
      You need to replicate the on-premises servers to Azure.
      Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
      NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
      AZ-102 dumps exhibit

        Answer:

        Explanation: Step 2: Deploy the OVF template Set up the source environment.
        Download the OVF template for the configuration server, and import the template in VMware.
        Note: Open Virtualization Format (OVF) template is an industry standard software distribution model for virtual machine templates. Starting January 2021, configuration server for the VMware to Azure scenario will be available to all our customers as an OVF template.
        Step 3: Associate the configuration server to the replication policy Associate the replication policy with your on-premises configuration server. Step 4: Enable replication
        References:
        https://docs.microsoft.com/en-us/azure/site-recovery/vmware-azure-set-up-replication

        NEW QUESTION 6
        DRAG DROP
        You have an Azure Linux virtual machine that is protected by Azure Backup. One week ago, two files were deleted from the virtual machine.
        You need to restore the deleted files to an on-premises computer as quickly as possible.
        Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
        AZ-102 dumps exhibit

          Answer:

          Explanation: To restore files or folders from the recovery point, go to the virtual machine and choose the desired recovery point.
          Step 0. In the virtual machine's menu, click Backup to open the Backup dashboard. Step 1. In the Backup dashboard menu, click File Recovery.
          Step 2. From the Select recovery point drop-down menu, select the recovery point that holds the files you want. By default, the latest recovery point is already selected.
          Step 3: To download the software used to copy files from the recovery point, click Download Executable (for Windows Azure VM) or Download Script (for Linux Azure VM, a python script is generated).
          Step 4: Copy the files by using AzCopy
          AzCopy is a command-line utility designed for copying data to/from Microsoft Azure Blob, File, and Table storage, using simple commands designed for optimal performance. You can copy data between a file system and a storage account, or between storage accounts.
          References:
          https://docs.microsoft.com/en-us/azure/backup/backup-azure-restore-files-from-vm https://docs.microsoft.com/en-us/azure/storage/common/storage-use-azcopy

          NEW QUESTION 7
          You have an Azure subscription that contains the resources in the following table.
          AZ-102 dumps exhibit
          Subnet1 is associated to VNet1. NIC1 attaches VM1 to Subnet1. You need to apply ASG1 to VM1.
          What should you do?

          • A. Modify the properties of NSG1.
          • B. Modify the properties of ASG1.
          • C. Associate NIC1 to ASG1.

          Answer: B

          Explanation: When you deploy VMs, make them members of the appropriate ASGs. You associate the ASG with a subnet.
          References: https://azure.microsoft.com/en-us/blog/applicationsecuritygroups/

          NEW QUESTION 8
          HOT SPOT
          You have an Azure Storage accounts as shown in the following exhibit.
          AZ-102 dumps exhibit
          Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
          NOTE: Each correct selection is worth one point.
          AZ-102 dumps exhibit

            Answer:

            Explanation: Box 1: storageaccount1 and storageaccount2 only Box 2: All the storage accounts
            Note: The three different storage account options are: General-purpose v2 (GPv2) accounts, Generalpurpose v1 (GPv1) accounts, and Blob storage accounts.
            General-purpose v2 (GPv2) accounts are storage accounts that support all of the latest features for blobs, files, queues, and tables.
            Blob storage accounts support all the same block blob features as GPv2, but are limited to supporting only block blobs.
            General-purpose v1 (GPv1) accounts provide access to all Azure Storage services, but may not have the latest features or the lowest per gigabyte pricing.
            References: https://docs.microsoft.com/en-us/azure/storage/common/storage-account-options

            NEW QUESTION 9
            You need to recommend an identify solution that meets the technical requirements. What should you recommend?

            • A. federated single-on (SSO) and Active Directory Federation Services (AD FS)
            • B. password hash synchronization and single sign-on (SSO)
            • C. cloud-only user accounts
            • D. Pass-through Authentication and single sign-on (SSO)

            Answer: A

            Explanation: Active Directory Federation Services is a feature and web service in the Windows Server Operating System that allows sharing of identity information outside a company’s network.
            Scenario: Technical Requirements include:
            Prevent user passwords or hashes of passwords from being stored in Azure.
            References: https://www.sherweb.com/blog/active-directory-federation-services/

            NEW QUESTION 10
            You need to implement a backup solution for App1 after the application is moved. What should you create first?

            • A. a recovery plan
            • B. an Azure Backup Server
            • C. a backup policy
            • D. a Recovery Services vault

            Answer: D

            Explanation: A Recovery Services vault is a logical container that stores the backup data for each protected resource, such as Azure VMs. When the backup job for a protected resource runs, it creates a recovery point inside the Recovery Services vault.
            Scenario:
            There are three application tiers, each with five virtual machines.
            Move all the virtual machines for App1 to Azure.
            Ensure that all the virtual machines for App1 are protected by backups.
            References: https://docs.microsoft.com/en-us/azure/backup/quick-backup-vm-portal

            NEW QUESTION 11
            SIMULATION
            Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
            AZ-102 dumps exhibit
            AZ-102 dumps exhibit
            AZ-102 dumps exhibit
            AZ-102 dumps exhibit
            AZ-102 dumps exhibit
            AZ-102 dumps exhibit
            When you are finished performing all the tasks, click the ‘Next’ button.
            Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background while you complete the rest of the exam.
            Overview
            The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
            Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
            Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
            To start the lab
            You may start the lab by clicking the Next button.
            You plan to move backup files and documents from an on-premises Windows file server to Azure Storage. The backup files will be stored as blobs.
            You need to create a storage account named corpdata7523690n2. The solution must meet the following requirements:
            Ensure that the documents are accessible via drive mappings from Azure virtual machines that run Windows Server 2021.
            Provide the highest possible redundancy for the documents. Minimize storage access costs.
            What should you do from the Azure portal?

              Answer:

              Explanation: Step 1: In the Azure portal, click All services. In the list of resources, type Storage Accounts. As you begin typing, the list filters based on your input. Select Storage Accounts.
              Step 2: On the Storage Accounts window that appears, choose Add. Step 3: Select the subscription in which to create the storage account.
              Step 4: Under the Resource group field, select Create New. Create a new Resource
              AZ-102 dumps exhibit
              Step 5: Enter a name for your storage account: corpdata7523690n2
              Step 6: For Account kind select: General-purpose v2 accounts (recommended for most scenarios) General-purpose v2 accounts is recommended for most scenarios. . General-purpose v2 accounts deliver the lowest per-gigabyte capacity prices for Azure Storage, as well as industry-competitive transaction prices.
              Step 7: For replication select: Read-access geo-redundant storage (RA-GRS)
              Read-access geo-redundant storage (RA-GRS) maximizes availability for your storage account. RA-GRS provides read-only access to the data in the secondary location, in addition to geo-replication across
              two regions.
              References:
              https://docs.microsoft.com/en-us/azure/storage/common/storage-quickstart-create-account https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview

              NEW QUESTION 12
              You have an Azure subscription that contains two resource groups named RG1 and RG2. RG2 does not contain any resources. RG1 contains the resources in the following table.
              AZ-102 dumps exhibit
              Which resource can you move to RG2?

              • A. W10_OsDisk
              • B. VNet1
              • C. VNet3
              • D. W10

              Answer: B

              Explanation: When moving a virtual network, you must also move its dependent resources. For example, you must move gateways with the virtual network. VM W10, which is in Vnet1, is not a dependent resource.
              Incorrect Answers:
              A: Managed disks don't support move.
              C: Virtual networks (classic) can't be moved.
              D: Virtual machines with the managed disks cannot be moved.
              References: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-groupmove- resources#virtual-machines-limitations

              NEW QUESTION 13
              You configure Azure AD Connect for Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) for an on-premises network. Users report that when they attempt to access myapps.microsoft.com, they are prompted multiple times to sign in and are forced to use an account name that ends with onmicrosoft.com.
              You discover that there is a UPN mismatch between Azure AD and the on-premises Active Directory. You need to ensure that the users can use single-sign on (SSO) to access Azure resources.
              What should you do first?

              • A. From the on-premises network, deploy Active Directory Federation Services (AD FS).
              • B. From Azure AD, add and verify a custom domain name.
              • C. From the on-premises network, request a new certificate that contains the Active Directory domain name.
              • D. From the server that runs Azure AD Connect, modify the filtering option

              Answer: B

              Explanation: Azure AD Connect lists the UPN suffixes that are defined for the domains and tries to match them
              with a custom domain in Azure AD. Then it helps you with the appropriate action that needs to be taken. The Azure AD sign-in page lists the UPN suffixes that are defined for on-premises Active Directory and displays the corresponding status against each suffix. The status values can be one of the following:
              State: Verified Azure AD Connect found a matching verified domain in Azure AD. All users for this domain can sign in by using their on-premises credentials.
              State: Not verified Azure AD Connect found a matching custom domain in Azure AD, but it isn't verified. The UPN suffix of the users of this domain will be changed to the default .onmicrosoft.com suffix after synchronization if the domain isn't verified.
              Action Required: Verify the custom domain in Azure AD.
              References: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-userQuestions& Answers PDF P-80 signin

              NEW QUESTION 14
              Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
              After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
              You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.
              You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Automation script.
              Does this meet the goal?

              • A. Yes
              • B. No

              Answer: B

              NEW QUESTION 15
              DRAG DROP
              You are developing an Azure web app named WebApp1. WebApp1 uses an Azure App Service plan named Plan1 that uses the B1 pricing tier.
              You need to configure WebApp1 to add additional instances of the app when CPU usage exceeds 70 percent for 10 minutes.
              Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
              AZ-102 dumps exhibit

                Answer:

                Explanation: Box 1: From the Scale out (App Service Plan) settings blade, change the pricing tier The B1 pricing tier only allows for 1 core. We must choose another pricing tier. Box 2: From the Scale out (App Service Plan) settings blade, enable autoscale
                Log in to the Azure portal at http://portal.azure.com Navigate to the App Service you would like to autoscale. Select Scale out (App Service plan) from the menu
                Click on Enable autoscale. This activates the editor for scaling rules.
                AZ-102 dumps exhibit
                Box 3: From the Scale mode to Scale based on metric, add a rule, and set the instance limits.
                Click on Add a rule. This shows a form where you can create a rule and specify details of the scaling. References:
                https://azure.microsoft.com/en-us/pricing/details/app-service/windows/ https://blogs.msdn.microsoft.com/hsirtl/2021/07/03/autoscaling-azure-web-apps/

                NEW QUESTION 16
                You have an Azure subscription named Subscription1 that has the following providers registered: Authorization
                Automation Resources Compute KeyVault Network Storage Billing Web
                Subscription1 contains an Azure virtual machine named VM1 that has the following configurations: Private IP address: 10.0.0.4 (dynamic)
                Network security group (NSG): NSG1 Public IP address: None
                Availability set: AVSet Subnet: 10.0.0.0/24 Managed disks: No Location: East US
                You need to record all the successful and failed connection attempts to VM1.
                Which three actions should you perform? Each correct answer presents part of the solution.
                NOTE: Each correct selection is worth one point.

                • A. Register the Microsoft.Insights resource provider
                • B. Add an Azure Network Watcher connection monitor
                • C. Register the Microsoft.LogAnalytics provider
                • D. Enable Azure Network Watcher in the East US Azure region
                • E. Create an Azure Storage account
                • F. Enable Azure Network Watcher flow logs

                Answer: ADF

                Explanation:
                Step 1: (D)
                We must have a network watcher enabled in the East US region Step 2: (A+F)
                A: NSG flow logging requires the Microsoft.Insights provider, which must be registered.
                F: Network security groups (NSG) allow or deny inbound or outbound traffic to a network interface in a VM. The NSG flow log capability allows you to log the source and destination IP address, port, protocol, and whether traffic was allowed or denied by an NSG.
                References:
                https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-portal

                NEW QUESTION 17
                You need to meet the technical requirement for VM4. What should you create and configure?

                • A. an Azure Notification Hub
                • B. an Azure Event Hub
                • C. an Azure Logic App
                • D. an Azure services Bus

                Answer: B

                Explanation: Scenario: Create a workflow to send an email message when the settings of VM4 are modified. You can start an automated logic app workflow when specific events happen in Azure resources or third-party resources. These resources can publish those events to an Azure event grid. In turn, the event grid pushes those events to subscribers that have queues, webhooks, or event hubs as endpoints. As a subscriber, your logic app can wait for those events from the event grid before running automated workflows to perform tasks - without you writing any code.
                References:
                https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event-gridlogic- app

                NEW QUESTION 18
                You have an Azure subscription that contains a virtual machine named VM1. VM1 hosts a line-ofbusiness application that is available 24 hours a day. VM1 has one network interface and one
                managed disk. VM1 uses the D4s v3 size.
                You plan to make the following changes to VM1: Change the size to D8s v3.
                Add a 500-GB managed disk. Add the Puppet Agent extension.
                Attach an additional network interface. Which change will cause downtime for VM1?

                • A. Add a 500-GB managed disk.
                • B. Attach an additional network interface.
                • C. Add the Puppet Agent extension.
                • D. Change the size to D8s v3.

                Answer: D

                Explanation: While resizing the VM it must be in a stopped state.
                References: https://azure.microsoft.com/en-us/blog/resize-virtual-machines/

                Recommend!! Get the Full AZ-102 dumps in VCE and PDF From Certleader, Welcome to Download: https://www.certleader.com/AZ-102-dumps.html (New 195 Q&As Version)