Win IT Exam with Last Dumps 2025

You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
The User administrator role is assigned to a user named Admin1.
An external partner has a Microsoft account that uses the [email protected] sign in.
Admin1 attempts to invite the external partner to sign in to the Azure AD tenant and receives the following error message: `Unable to invite user [email protected] Generic authorization exception.`
You need to ensure that Admin1 can invite the external partner to sign in to the Azure AD tenant.
What should you do?

A. From the Roles and administrators blade, assign the Security administrator role to Admin1. B. From the Organizational relationships blade, add an identity provider. C. From the Custom domain names blade, add a custom domain. D. From the Users blade, modify the External collaboration settings.

You have an Azure Active Directory (Azure AD) tenant.
You have the deleted objects shown in the following table.

On May 4, 2020, you attempt to restore the deleted objects by using the Azure Active Directory admin center.
Which two objects can you restore? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Group1 B. Group2 C. User2 D. User1

HOTSPOT -
You have an Azure subscription named Subscription1 that contains the resources shown in the following table.

You create an Azure role by using the following JSON file.

You assign Role1 to User1 for RG1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.
You plan to publish several apps in the tenant.
You need to ensure that User1 can grant admin consent for the published apps.
Which two possible user roles can you assign to User1 to achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Security administrator B. Cloud application administrator C. Application administrator D. User administrator E. Application developer

You have an Azure subscription that is associated with an Azure Active Directory (Azure AD) tenant.
When a developer attempts to register an app named App1 in the tenant, the developer receives the error message shown in the following exhibit.

You need to ensure that the developer can register App1 in the tenant.
What should you do for the tenant?

A. Modify the Directory properties. B. Set Enable Security defaults to Yes. C. Configure the Consent and permissions settings for enterprise applications. D. Modify the User settings.

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant and a user named User1.
The App registrations settings for the tenant are configured as shown in the following exhibit.

You plan to deploy an app named App1.
You need to ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.
Which role should you assign to User1?

A. App Configuration Data Owner for the subscription B. Managed Application Contributor for the subscription C. Cloud application administrator in Azure AD D. Application developer in Azure AD

You have the Azure virtual machines shown in the following table.

Each virtual machine has a single network interface.
You add the network interface of VM1 to an application security group named ASG1.
You need to identify the network interfaces of which virtual machines you can add to ASG1.
What should you identify?

A. VM2 only B. VM2 and VM3 only C. VM2, VM3, VM4, and VM5 D. VM2, VM3, and VM5 only

SIMULATION -
You need to create a new Azure Active Directory (Azure AD) directory named 12345678.onmicrosoft.com. The new directory must contain a user named user12345678 who is configured to sign in by using Azure Multi-Factor Authentication (MFA).

You have an Azure subscription named Subcription1 that contains an Azure Active Directory (Azure AD) tenant named contoso.com and a resource group named
RG1.
You create a custom role named Role1 for contoso.com.
Where you can use Role1 for permission delegation?

A. contoso.com only B. contoso.com and RG1 only C. contoso.com and Subscription1 only D. contoso.com, RG1, and Subscription1

You have an Azure subscription.
You enable Azure Active Directory (Azure AD) Privileged Identity Management (PIM).
Your company's security policy for administrator accounts has the following conditions:
- The accounts must use multi-factor authentication (MFA).
- The accounts must use 20-character complex passwords.
- The passwords must be changed every 180 days.
- The accounts must be managed by using PIM.
You receive multiple alerts about administrators who have not changed their password during the last 90 days.
You need to minimize the number of generated alerts.
Which PIM alert should you modify?

A. Roles are being assigned outside of Privileged Identity Management B. Roles don't require multi-factor authentication for activation C. Administrators aren't using their privileged roles D. Potential stale accounts in a privileged role