You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A. Azure Monitor action groups
B. Azure Arc
C. Azure Monitor metrics
D. Azure Activity Log
Question 52
DRAG DROP - You have an Azure AD tenant that contains an administrative unit named MarketingAU. MarketingAU contains 100 users. You create two users named User1 and User2. You need to ensure that the users can perform the following actions in MarketingAU: • User1 must be able to create user accounts. • User2 must be able to reset user passwords. Which role should you assign to each user? To answer, drag the appropriate roles to the correct users. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Question 53
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A. Azure Arc
B. Azure Log Analytics
C. Application insights
D. Azure Monitor action groups
Question 54
HOTSPOT - You are designing an app that will be hosted on Azure virtual machines that run Ubuntu. The app will use a third-party email service to send email messages to users. The third-party email service requires that the app authenticate by using an API key. You need to recommend an Azure Key Vault solution for storing and accessing the API key. The solution must minimize administrative effort. What should you recommend using to store and access the key? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 55
DRAG DROP - You have two app registrations named App1 and App2 in Azure AD. App1 supports role-based access control (RBAC) and includes a role named Writer. You need to ensure that when App2 authenticates to access App1, the tokens issued by Azure AD include the Writer role claim. Which blade should you use to modify each app registration? To answer, drag the appropriate blades to the correct app registrations. Each blade may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Question 56
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A. Application Insights
B. Azure Arc
C. Azure Log Analytics
D. Azure Monitor metrics
Question 57
You have an Azure subscription. You plan to deploy a monitoring solution that will include the following: • Azure Monitor Network Insights • Application Insights • Microsoft Sentinel • VM insights The monitoring solution will be managed by a single team. What is the minimum number of Azure Monitor workspaces required?
A. 1
B. 2
C. 3
D. 4
Question 58
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A. Application Insights
B. Azure Analysis Services
C. Azure Advisor
D. Azure Activity Log
Question 59
You need to recommend a solution that meets the data requirements for App1. What should you recommend deploying to each availability zone that contains an instance of App1?
A. an Azure Cosmos DB that uses multi-region writes
B. an Azure Data Lake store that uses geo-zone-redundant storage (GZRS)
C. an Azure Storage account that uses geo-zone-redundant storage (GZRS)
Scenario: App1 has the following data requirements: - Each instance will write data to a data store in the same availability zone as the instance. - Data written by any App1 instance must be visible to all App1 instances. Azure Cosmos DB: Each partition across all the regions is replicated. Each region contains all the data partitions of an Azure Cosmos container and can serve reads as well as serve writes when multi-region writes is enabled. Incorrect Answers: B, D: GZRS protects against failures. Geo-redundant storage (with GRS or GZRS) replicates your data to another physical location in the secondary region to protect against regional outages. However, that data is available to be read only if the customer or Microsoft initiates a failover from the primary to secondary region. C: Active geo-replication is designed as a business continuity solution that lets you perform quick disaster recovery of individual databases in case of a regional disaster or a large scale outage. Once geo-replication is set up, you can initiate a geo-failover to a geo-secondary in a different Azure region. The geo-failover is initiated programmatically by the application or manually by the user. Reference: https://docs.microsoft.com/en-us/azure/cosmos-db/high-availability
Question 60
You have an Azure subscription that contains 10 web apps. The apps are integrated with Azure AD and are accessed by users on different project teams. The users frequently move between projects. You need to recommend an access management solution for the web apps. The solution must meet the following requirements: • The users must only have access to the app of the project to which they are assigned currently. • Project managers must verify which users have access to their project’s app and remove users that are no longer assigned to their project. • Once every 30 days, the project managers must be prompted automatically to verify which users are assigned to their projects. What should you include in the recommendation?
