Win IT Exam with Last Dumps 2025

You have an Azure subscription that contains a resource group named RG1 and the network security groups (NSGs) shown in the following table.

You create the Azure policy shown in the following exhibit.

You assign the policy to RG1.
What will occur if you assign the policy to NSG1 and NSG2?

A. Flow logs will be enabled for NSG2 only.

B. Flow logs will be disabled for NSG1 and NSG2.

C. Flow logs will be enabled for NSG1 and NSG2.

D. Flow logs will be enabled for NSG1 only.

HOTSPOT
-
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has Azure Active Directory Premium Plan 1 licenses.
You need to create a group named Group1 that will be assigned the Global reader role.
Which portal should you use to create Group1, and which type of group should you create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

HOTSPOT
-
You have a management group named MG1 that contains an Azure subscription and a resource group named RG1. RG1 contains a virtual machine named VM1.
You have the custom Azure roles shown in the following table.

The permissions for Role1 are shown in the following role definition file.

The permissions for Role2 are shown in the following role definition file.

You assign the roles to the users shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You have an Azure Active Directory (Azure AD) tenant.
You need to prevent nonprivileged Azure AD users from creating service principles in Azure AD.
What should you do in the Azure Active Directory admin center of the tenant?

A. From the User settings blade, set Users can register applications to No.

B. From the Properties blade, set Access management for Azure resources to No.

C. From the User settings blade, set Restrict access to Azure AD administration portal to Yes.

D. From the Properties blade, set Enable Security defaults to Yes.

HOTSPOT
-
You have an Azure subscription that contains the following Azure firewall:
• Name: Fw1
• Azure region: UK West
• Private IP address: 10.1.3.4
• Public IP address: 23.236.62.147
The subscription contains the virtual networks shown in the following table.

The subscription contains the subnets shown in the following table.

The subscription contains the routes shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

HOTSPOT
-
You have an Azure subscription that contains a user named User1 and a storage account named storage1. The storage1 account contains the resources shown in the following table.

In storage1, you create a shared access signature (SAS) named SAS1 as shown in the following exhibit.

To which resources can User1 write on July 1, 2022 by using SAS1 and key1? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure subscription that contains a managed identity named Identity1 and the Azure key vaults shown in the following table.

KeyVault1 contains an access policy that grants Identity1 the following key permissions:
• Get
• List
• Wrap
• Unwrap
You need to provide Identity1 with the same permissions for KeyVault2. The solution must use the principle of least privilege.
Which role should you assign to Identity1?

A. Key Vault Crypto Service Encryption User

B. Key Vault Crypto User

C. Key Vault Reader

D. Key Vault Crypto Officer

HOTSPOT
-
You have an Azure subscription that contains a user named User1. User1 is assigned the Reader role for the subscription.
You plan to create a custom role named Role1 and assign Role1 to User1.
You need to ensure that User1 can create and manage application security groups by using Azure portal.
Which two permissions should you add to Role1? To answer, select the appropriate permissions in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure subscription named Sub1.
In Microsoft Defender for Cloud, you have a workflow automation named WF1. WF1 is configured to send an email message to a user named User1.
You need to modify WF1 to send email messages to a distribution group named Alerts.
What should you use to modify WF1?

A. Azure Logic Apps Designer

B. Azure Application Insights

C. Azure DevOps

D. Azure Monitor

DRAG DROP
-
You have an Azure subscription that contains a resource group named RG1 and an Azure policy named Policy1.
You need to assign Policy1 to RG1.
How should you complete the script? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.