Microsoft AZ-500 Quiz 25 Topic 4 Questions 121-125

Question: 1

You have an Azure subscription that contains a user named Adminl1 and a virtual machine named VM1. VM1 runs Windows Server 2019 and was deployed by using an Azure Resource Manager template. VM1 is the member of a backend pool of a public Azure Basic Load Balancer.

Admin1 reports that VM1 is listed as Unsupported on the Just in time VM access blade of Azure Security Center.

You need to ensure that Admin1 can enable just in time (JIT) VM access for VM1.

What should you do?

ACreate and configure an additional public IP address for VM 1.

BReplace the Basic Load Balancer with an Azure Standard Load Balancer.

CAssign an Azure Active Directory Premium Plan 1 license to Admin1.

DCreate and configure a network security group (NSG).

Show Answer

Question: 2

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.

You need to ensure that User1 can create and manage administrative units. The solution must use the principle of least privilege.

Which role should you assign to User1?

APrivileged role administrator

BHelpdesk administrator

CGlobal administrator

DSecurity administrator

Show Answer

Question: 3

SIMULATION

You need to configure a Microsoft SQL server named Web11597200 only to accept connections from the Subnet0 subnet on the VNET01 virtual network.

To complete this task, sign in to the Azure portal.

AExplanation:
You need to allow access to Azure services and configure a virtual network rule for the SQL Server.
In the Azure portal, type SQL Server in the search box, select SQL Server from the search results then select the server named web11597200. Alternatively, browse to SQL Server in the left navigation pane.
In the properties of the SQL Server, click Firewalls and virtual networks.
In the Virtual networks section, click on Add existing. This will open the Create/Update virtual network rule window.
Give the rule a name such as Allow_VNET01-Subnet0 (it doesn't matter what name you enter for the exam).
In the Virtual network box, select VNET01.
In the Subnet name box, select Subnet0.
Click the OK button to save the rule.
Back in the Firewall / Virtual Networks window, set the Allow access to Azure services option to On.

Show Answer

Question: 4

SIMULATION

Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.

q4_AZ-500

When you are finished performing all the tasks, click the 'Next' button.

Note that you cannot return to the lab once you click the 'Next' button. Scoring occur in the background while you complete the rest of the exam.

Overview

The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

To start the lab

You may start the lab by clicking the Next button.

You plan to create several virtual machines in different availability zones, and then to configure the virtual machines to load balanced connections from the internet.

You need to create an IP address resource named ip1006 to support the planned load balancing solution.

The solution must minimize costs.

What should you do from the Azure portal?

AWe should create a public IP address.
Step 1: At the top, left corner of the portal, select + Create a resource.
Step 2: Enter public ip address in the Search the Marketplace box. When Public IP address appears in the search results, select it.
Step 3: Under Public IP address, select Create.
Step 4: Enter, or select values for the following settings, under Create public IP address, then select Create:
Name: ip1006
SKU: Basic SKU
IP Version: IPv6
IP address assignment: Dynamic
Subscription: Select appropriate
Resource group: Select appropriate

BWe should create a public IP address.
Step 1: At the top, left corner of the portal, select = Create a resource.
Step 2: Enter public ip address in the Search the Marketplace box. When Public IP address appears in the search results, select it.
Step 3: Under Public IP address, select Create.
Step 4: Enter, or select values for the following settings, under Create public IP address, then select Create:
Name: ip1008
SKU: Basic SKU
IP Version: IPv4
IP address assignment: Dynamic
Subscription: Select appropriate
Resource group: Select appropriate

Show Answer

Question: 5

You need to ensure that the AzureBackupReport log for the Vault1 Recovery Services vault is stored in the WS11641655 Azure Log Analytics workspace.

To complete this task, sign in to the Azure portal and modify the Azure resources.

AExplanation:
1. In the Azure portal, type Recovery Services Vaults in the search box, select Recovery Services Vaults from the search results then select Vault1. Alternatively, browse to Recovery Services Vaults in the left navigation pane.
2. In the properties of Vault1, scroll down to the Monitoring section and select Diagnostic Settings.
3. Click the Add a diagnostic setting link.
4. Enter a name in the Diagnostic settings name box.
5. In the Log section, select AzureBackupReport.

6. In the Destination details section, select Send to log analytics

7. Select the WS11641655 Azure Log Analytics workspace.
8. Click the Save button to save the changes.

Show Answer

Microsoft AZ-500 Quiz:25 Topic:4 Questions:121-125