Pinpoint AZ-102 Exam Dumps 2021
We provide AZ-102 Exam Dumps which are the best for clearing AZ-102 test, and to get certified by Microsoft Microsoft Azure Administrator Certification Transition. The AZ-102 Study Guides covers all the knowledge points of the real AZ-102 exam. Crack your Microsoft AZ-102 Exam with latest dumps, guaranteed!
Free AZ-102 Demo Online For Microsoft Certifitcation:
NEW QUESTION 1
You need to resolve the Active Directory issue. What should you do?
- A. From Active Directory Users and Computers, select the user accounts, and then modify the User PrincipalName value.
- B. Run idfix.exe, and then use the Edit action.
- C. From Active Directory Domains and Trusts, modify the list of UPN suffixes.
- D. From Azure AD Connect, modify the outbound synchronization rul
Explanation: IdFix is used to perform discovery and remediation of identity objects and their attributes in an onpremises Active Directory environment in preparation for migration to Azure Active Directory. IdFix is
intended for the Active Directory administrators responsible for directory synchronization with Azure Active Directory.
Scenario: Active Directory Issue
Several users in humongousinsurance.com have UPNs that contain special characters. You suspect that some of the characters are unsupported in Azure AD.
NEW QUESTION 2
You have a resource group named RG1. RG1 contains an Azure Storage account named storageaccount1 and a virtual machine named VM1 that runs Windows Server 2021. Storageaccount1 contains the disk files for VM1. You apply a ReadOnly lock to RG1. What can you do from the Azure portal?
- A. Generate an automation script for RG1.
- B. View the keys of storageaccount1.
- C. Upload a blob to storageaccount1.
- D. Start VM1.
Explanation: ReadOnly means authorized users can read a resource, but they can't delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.
NEW QUESTION 3
You have an on-premises data center and an Azure subscription. The data center contains two VPN devices. The subscription contains an Azure virtual network named VNet1. VNet1 contains a gateway subnet.
You need to create a site-to-site VPN. The solution must ensure that is a single instance of an Azure VPN gateway fails, or a single on-premises VPN device fails, the failure will not cause an interruption that is longer than two minutes.
What is the minimum number of public IP addresses, virtual network gateways, and local network gateways required in Azure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation: Box 1: 4
Two public IP addresses in the on-premises data center, and two public IP addresses in the VNET. The most reliable option is to combine the active-active gateways on both your network and Azure, as shown in the diagram below.
Box 2: 2
Every Azure VPN gateway consists of two instances in an active-standby configuration. For any planned maintenance or unplanned disruption that happens to the active instance, the standby instance would take over (failover) automatically, and resume the S2S VPN or VNet-to-VNet connections.
Box 3: 2
Dual-redundancy: active-active VPN gateways for both Azure and on-premises networks References:
NEW QUESTION 4
You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.
You need to delete the Recovery Services vault. What should you do first?
- A. From the Recovery Service vault, stop the backup of each backup item.
- B. From the Recovery Service vault, delete the backup data.
- C. Modify the disaster recovery properties of each virtual machine.
- D. Modify the locks of each virtual machin
Explanation: You can't delete a Recovery Services vault if it is registered to a server and holds backup data. If youtry to delete a vault, but can't, the vault is still configured to receive backup data. Remove vault dependencies and delete vault
In the vault dashboard menu, scroll down to the Protected Items section, and click Backup Items. In this menu, you can stop and delete Azure File Servers, SQL Servers in Azure VM, and Azure virtual machines.
NEW QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscript contains a resource group named Dev.d Subscription1. Adatum contains a group named Developers. Subscription!
You need to provide the Developers group with the ability to create Azure logic apps in the; Dev, resource group.
Solution: On Dev, you assign the Logic App Contributor role to the Developers group. Does this meet the goal?
- A. Yes
- B. No
Explanation: The Logic App Contributor role lets you manage logic app, but not access to them. It provides access to view, edit, and update a logic app.
NEW QUESTION 6
You have an Azure subscription.
You need to implement a custom policy that meet the following requirements:
*Ensures that each new resource group in the subscription has a tag named organization set to a value of Contoso.
*Ensures that resource group can be created from the Azure portal.
*Ensures that compliance reports in the Azure portal are accurate.
How should you complete the policy? To answer, select the appropriate options in the answers area.
Explanation: References: https://docs.microsoft.com/en-us/azure/governance/policy/concepts/definitionstructure
NEW QUESTION 7
You have a Microsoft SQL Server Always On availability group on Azure virtual machines. You need to configure an Azure internal load balancer as a listener for the availability group. What should you do?
- A. Enable Floating IP.
- B. Set Session persistence to Client IP and protocol.
- C. Set Session persistence to Client IP.
- D. Create an HTTP health probe on port 1433.
Explanation: Incorrect Answers:
D: The Health probe is created with the TCP protocol, not with the HTTP protocol. References:
Case Study: 6
Lab 1 SIMULATION
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button Tasks
Click to expand each objective
To connect to the Azure portal, type https:/portal.azure.com in the browser address bar. Instructions
Performance Based Lab
This type of question asks you to perform tasks in a virtual environment.
The screen for this type of question includes a virtual machine window and a tasks pane.
The window is a remotely connected live environment where you perform tasks on real software and applications.
On the right is a Tasks pane that lists the tasks you need to perform in the lab. Each task can be expanded or collapsed using the “+” or “-” symbols. A checkbox is provided for each task. This is provided for convenience, so you can mark each task as you complete it.
Click to expand each objective
Add the “Print and Document Services” role to server LON-SVR1, installing any required management features and enabling both Print and LPD Services.
+Configure file and share access
When you are finished performing all the tasks, click the ‘Next’ button.
Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background while you complete the rest of the exam.
Once the exam completes, the comment period will begin and you will have the opportunity to provide comments to Microsoft about the exam questions. To launch the comment period, click the “Finish” and then “Comment” buttions. To skip the comment period and the exam, click Exit.
You can navigate to a question from the Review screen to provide a comment. Please, see the Review Screen tab in the Review Screen help Menu (which can be accessed from the Review Screen) for details on accessing questions from the Review Screen.
To comment on a question, navigate to that question and click the Give Feedback icon. When you have entered your comment in the comment window, click Submit to close the window. To navigate to the Review screen again, click the Review button. You may navigate through all questions using the Next and Previous buttions. To skip commenting, go to the Review Screen by selecting the Review Screen button in the upper left-hand corner and from the Review Screen, select “Finished”.
For any question, one or more of the following controls might be available.
Keyboard Shortcuts Available
Exam features may be accessed using keyboard shortcuts. The following table describes the keyboard shortcuts that are available during this exam.
Some keyboard shortcuts require that you press two or more keys at the same time. These keys are separated by a plus sign (+) in the table below.
NEW QUESTION 8
You set the multi-factor authentication status for a user named email@example.com to Enabled.
Admin1 accesses the Azure portal by using a web browser.
Which additional security verifications can Admin1 use when accessing the Azure portal?
- A. a phone call, a text message that contains a verification code, and a notification or a verification code sent from the Microsoft Authenticator app.
- B. an app password, a text message that contains a verification code, and a notification sent from the Microsoft Authenticator ap
- C. C a phone call, an email message that contains a verification code, and a text message that contains an app password.
- D. an app password, a text message that contains a verification code, and a verification code sent from the Microsoft Authenticator app.
Explanation: The user portal is an IIS web site that allows users to enroll in Azure Multi-Factor Authentication (MFA) and maintain their accounts. A user may change their phone number, change their PIN, or choose to bypass
two-step verification during their next sign-on.
Mobile App verification method is an option. If the user selects the Mobile App verification method, the page prompts the user to install the Microsoft Authenticator app on their device and generate an activation code. After installing the app, the user clicks the Generate Activation Code button.
NEW QUESTION 9
You have an Azure subscription.
You plan to use Azure Resource Manager templates to deploy 50 Azure virtual machines that will be part of the same availability set.
You need to ensure that as many virtual machines as possible are available if the fabric fails or during servicing.
How should you configure the template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Select two alternatives below.
- A. platformFaultDomainCount: 0
- B. platformFaultDomainCount: 1
- C. platformFaultDomainCount: 2
- D. platformFaultDomainCount: 3
- E. platformFaultDomainCount: 4
- F. platformUpdateDomainCount: 10
- G. platformUpdateDomainCount: 20
- H. platformUpdateDomainCount: 25
- I. platformUpdateDomainCount: 30
- J. platformUpdateDomainCount: 40
- K. platformUpdateDomainCount: 50
Explanation: Use two fault domains.
2 or 3 is max, depending on which region you are in. Use 20 for platformUpdateDomainCount
Increasing the update domain (platformUpdateDomainCount) helps with capacity and availability planning when the platform reboots nodes. A higher number for the pool (20 is max) means that fewer of their nodes in any given availability set would be rebooted at once.
NEW QUESTION 10
You need to prepare the New York office infrastructure for the migration of the on-premises virtual machines to Azure.
Which four actions you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation: Box 1:
From the Azure portal, download the OVF file.
In the vCenter Server, import the Collector appliance as a virtual machine using the Deploy OVF Template wizard.
In vSphere Client console, click File > Deploy OVF Template.
In the Deploy OVF Template Wizard > Source, specify the location for the .ovf file. Box 2: From VM1, connect to the collector virtual machine
After you've created the Collector virtual machine, connect to it and run the Collector. Box 3: From the ASRV1 blade in the Azure portal, select a protection goal.
Box 4: From VM1, register the configuration server. Register the configuration server in the vault
Scenario: The Azure infrastructure and the on-premises infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual machines to Azure. References:
Migrate Your Virtual Machines to Microsoft Azure, Includes guidance for optional data migration, Proof of Concept guide, September 2021 https://azuremigrate.blob.core.windows.net/publicpreview/Azure%20Migrate%20-
NEW QUESTION 11
Note: This question is part of a series of Questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more
than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.
You receive a notification that VM1 will be affected by maintenance. You need to move VM1 to a different host immediately.
Solution: From the Overview blade, you move the virtual machine to a different resource group. Does this meet the goal?
- A. Yes
- B. No
NEW QUESTION 12
You are planning the move of App1 to Azure. You create a network security group (NSG).
You need to recommend a solution to provide users with access to App1. What should you recommend?
- A. Create an outgoing security rule for port 443 from the Interne
- B. Associate the NSG to all the subnets.
- C. Create an incoming security rule for port 443 from the Interne
- D. Associate the NSG to all the subnets.
- E. Create an incoming security rule for port 443 from the Interne
- F. Associate the NSG to the subnet thatcontains the web servers.
- G. Create an outgoing security rule for port 443 from the Interne
- H. Associate the NSG to the subnet thatcontains the web server
Explanation: As App1 is public-facing we need an incoming security rule, related to the access of the web servers. Scenario: You have a public-facing application named App1. App1 is comprised of the following three tiers: a SQL database, a web front end, and a processing middle tier.
Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only.
NEW QUESTION 13
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs.
What should you use?
- A. Diagram in VNet1
- B. the security recommendations in Azure Advisor
- C. Diagnostic settings in Azure Monitor
- D. Diagnose and solve problems in Traffic Manager Profiles
- E. IP flow verify in Azure Network Watcher
Explanation: Scenario: Contoso must meet technical requirements including:
Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
NEW QUESTION 14
You have an Azure subscription that contains an Azure Service Bus named Bus1.
Your company plans to deploy two Azure web apps named App1 and App2. The web apps will create messages that have the following requirements:
Each message created by App1 must be consumed by only a single consumer Each message created by App2 will be consumed by multiple consumers.
Which resource should you create for each web app? To answer, drag the appropriate resources to the correct web apps. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
NEW QUESTION 15
You have an Azure subscription that contains the resources in the following table.
To which subnets can you apply NSG1?
- A. the subnets on VNet2 only
- B. the subnets on VNet1 only
- C. the subnets on VNet2 and VNet3 only
- D. the subnets on VNet1, VNet2, and VNet3
- E. the subnets on VNet3 only
Explanation: All Azure resources are created in an Azure region and subscription. A resource can only be created in a virtual network that exists in the same region and subscription as the resource.
References: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-vnet-plandesign- arm
NEW QUESTION 16
You have an Azure DNS zone named adatum.com. You need to delegate a subdomain named research.adatum.com to a different DNS server in Azure. What should you do?
- A. Create an PTR record named research in the adatum.com zone.
- B. Create an NS record named research in the adatum.com zone.
- C. Modify the SOA record of adatum.com.
- D. Create an A record named “.research in the adatum.com zon
Explanation: Configure A records for the domains and sub domains.
References: http://www.stefanjohansson.org/2012/12/how-to-configure-custom-dns-names-formultiple- subdomain-based-azure-web-sites/
NEW QUESTION 17
You are the global administrator for an Azure Active Directory (Azure AD) tenant named adatum.com. From the Azure Active Directory blade, you assign the Conditional Access Administrator role to a user You need to ensure that Admin1 has just-in-time access as a conditional access administrator.
What should you do next?
- A. Enable Azure AD Multi-Factor Authentication (MFA).
- B. Set Admin1 as Eligible for the Privileged Role Administrator role.
- C. Admin1 as Eligible for the Conditional Access Administrator role.
- D. Enable Azure AD Identity Protectio
Explanation: Require MFA for admins is a baseline policy that requires MFA for the following directory roles: Global administrator
SharePoint administrator Exchange administrator Conditional access administrator Security administrator References:
NEW QUESTION 18
You need to recommend a solution to automate the configuration for the finance department users. The solution must meet the technical requirements.
What should you include in the recommended?
- A. Azure AP B2C
- B. Azure AD Identity Protection
- C. an Azure logic app and the Microsoft Identity Management (MIM) client
- D. dynamic groups and conditional access policies
Explanation: Scenario: Ensure Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
The recommendation is to use conditional access policies that can then be targeted to groups of users, specific applications, or other conditions.
100% Valid and Newest Version AZ-102 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/AZ-102/ (New 195 Q&As)