Win IT Exam with Last Dumps 2024

Microsoft AZ-500 Exam

Page 8/45
Viewing Questions 71 80 out of 443 Questions
17.78%

Question 71
HOTSPOT -
Your company has an Azure subscription named Subscription1 that contains the users shown in the following table.
AZ-500_71Q_1.png related to the Microsoft AZ-500 Exam
The company is sold to a new owner.
The company needs to transfer ownership of Subscription1.
Which user can transfer the ownership and which tool should the user use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_71Q_2.jpg related to the Microsoft AZ-500 Exam
Image AZ-500_71R.jpg related to the Microsoft AZ-500 Exam



Box 1; User2 -
Billing Administrator -
Select Transfer billing ownership for the subscription that you want to transfer.
Enter the email address of a user who's a billing administrator of the account that will be the new owner for the subscription.
Box 2: Azure Account Center -
Azure Account Center can be used.
Reference:
https://docs.microsoft.com/en-us/azure/billing/billing-subscription-transfer#transfer-billing-ownership-of-an-azure-subscription

Question 72
SIMULATION -
The developers at your company plan to create a web app named App12345678 and to publish the app to https://www.contoso.com.
You need to perform the following tasks:
- Ensure that App12345678 is registered to Azure Active Directory (Azure AD).
- Generate a password for App12345678.
To complete this task, sign in to the Azure portal.



Step 1: Register the Application
1. Sign in to your Azure Account through the Azure portal.
2. Select Azure Active Directory.
3. Select App registrations.
4. Select New registration.
5. Name the application 12345678. Select a supported account type, which determines who can use the application. Under Redirect URI, select Web for the type of application you want to create. Enter the URI:
https://www.contoso.com , where the access token is sent to.
AZ-500_72E.jpg related to the Microsoft AZ-500 Exam
6. Click Register
Step 2: Create a new application secret
If you choose not to use a certificate, you can create a new application secret.
7. Select Certificates & secrets.
8. Select Client secrets -> New client secret.
9. Provide a description of the secret, and a duration. When done, select Add.
After saving the client secret, the value of the client secret is displayed. Copy this value because you aren't able to retrieve the key later. You provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal

Question 73
SIMULATION -
You need to create a new Azure Active Directory (Azure AD) directory named 12345678.onmicrosoft.com and a user named User1 in the new directory.
To complete this task, sign in to the Azure portal.



Step 1: Create an Azure Active Directory tenant
1. Browse to the Azure portal and sign in with an account that has an Azure subscription.
2. Select the plus icon (+) and search for Azure Active Directory.
AZ-500_73E_1.png related to the Microsoft AZ-500 Exam
3. Select Azure Active Directory in the search results.
AZ-500_73E_2.png related to the Microsoft AZ-500 Exam
4. Select Create.
5. Provide an Organization name and an Initial domain name (12345678). Then select Create. Your directory is created.
AZ-500_73E_3.png related to the Microsoft AZ-500 Exam
6. After directory creation is complete, select the information box to manage your new directory.
Next, you're going to add tenant users.
Step 2: Create an Azure Active Directory tenant user
7. In the Azure portal, make sure you are on the Azure Active Directory fly out.
AZ-500_73E_4.png related to the Microsoft AZ-500 Exam
8. Under Manage, select Users.
AZ-500_73E_5.jpg related to the Microsoft AZ-500 Exam
9. Select All users and then select + New user.
10. Provide a Name and User name (user1) for the regular user tenant. You can also show the temporary password. When you're done, select Create.
Name: user1 -
User name: [email protected]
AZ-500_73E_6.png related to the Microsoft AZ-500 Exam
Reference:
https://docs.microsoft.com/en-us/power-bi/developer/create-an-azure-active-directory-tenant

Question 74
HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
AZ-500_74Q_1.png related to the Microsoft AZ-500 Exam
In Azure AD Privileged Identity Management (PIM), the Role settings for the Contributor role are configured as shown in the exhibit. (Click the Exhibit tab.)
AZ-500_74Q_2.png related to the Microsoft AZ-500 Exam
You assign users the Contributor role on May 1, 2019 as shown in the following table.
AZ-500_74Q_3.png related to the Microsoft AZ-500 Exam
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_74Q_4.jpg related to the Microsoft AZ-500 Exam
Image AZ-500_74R.jpg related to the Microsoft AZ-500 Exam



References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-resource-roles-assign-roles

Question 75
HOTSPOT -
You work at a company named Contoso, Ltd. that has the offices shown in the following table.
AZ-500_75Q_1.png related to the Microsoft AZ-500 Exam
Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com. All contoso.com users have Azure Multi-Factor Authentication (MFA) enabled. The tenant contains the users shown in the following table.
AZ-500_75Q_2.png related to the Microsoft AZ-500 Exam
The multi-factor authentication settings for contoso.com are configured as shown in the following exhibit.
AZ-500_75Q_3.jpg related to the Microsoft AZ-500 Exam
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_75Q_4.png related to the Microsoft AZ-500 Exam
Image AZ-500_75R.png related to the Microsoft AZ-500 Exam





Question 76
You have an Azure subscription.
You configure the subscription to use a different Azure Active Directory (Azure AD) tenant.
What are two possible effects of the change? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.



Reference:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-subscriptions-associated-directory

Question 77
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription named Sub1.
You have an Azure Storage account named sa1 in a resource group named RG1.
Users and applications access the blob service and the file service in sa1 by using several shared access signatures (SASs) and stored access policies.
You discover that unauthorized users accessed both the file service and the blob service.
You need to revoke all access to sa1.
Solution: You generate new SASs.
Does this meet the goal?



Instead you should create a new stored access policy.
To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately affects all of the shared access signatures associated with it.
Reference:
https://docs.microsoft.com/en-us/rest/api/storageservices/Establishing-a-Stored-Access-Policy

Question 78
You have an Azure subscription that contains virtual machines.
You enable just in time (JIT) VM access to all the virtual machines.
You need to connect to a virtual machine by using Remote Desktop.
What should you do first?



Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/connect-logon

Question 79
HOTSPOT -
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. The tenant contains the users shown in the following table.
AZ-500_79Q_1.png related to the Microsoft AZ-500 Exam
The tenant contains the groups shown in the following table.
AZ-500_79Q_2.png related to the Microsoft AZ-500 Exam
You configure a multi-factor authentication (MFA) registration policy that has the following settings:
- Assignments:
- Include: Group1
- Exclude: Group2
- Controls: Require Azure MFA registration
- Enforce Policy: On
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_79Q_3.png related to the Microsoft AZ-500 Exam
Image AZ-500_79R.png related to the Microsoft AZ-500 Exam




Question 80
SIMULATION -
The developers at your company plan to publish an app named App12345678 to Azure.
You need to ensure that the app is registered to Azure Active Directory (Azure AD). The registration must use the sign-on URLs of https://app.contoso.com.
To complete this task, sign in to the Azure portal and modify the Azure resources.



Step 1: Register the Application
1. Sign in to your Azure Account through the Azure portal.
2. Select Azure Active Directory.
3. Select App registrations.
4. Select New registration.
5. Name the application App12345678. Select a supported account type, which determines who can use the application. Under Redirect URI, select Web for the type of application you want to create. Enter the URI:
https://app.contoso.com , where the access token is sent to.
AZ-500_80E.jpg related to the Microsoft AZ-500 Exam
6. Click Register
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal





Premium Version