Your company has virtual machines (VMs) hosted in Microsoft Azure. The VMs are located in a single Azure virtual network named VNet1.
The company has users that work remotely. The remote workers require access to the VMs on VNet1.
You need to provide access for the remote workers.
What should you
Configure a Site-to-Site (S2S) VPN.
Configure a VNet-toVNet VPN.
Configure a Point-to-Site (P2S) VPN.
Configure DirectAccess on a Windows Server 2012 server VM.
Configure a Multi-Site VPN
Answer is Configure a Point-to-Site (P2S) VPN.
A Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer.
P2S VPN is also a useful solution to use instead of S2S VPN when you have only a few clients that need to connect to a VNet.
How can the IT department ensure that employees at the company's retail stores can access company applications only from approved tablet devices?
SSO
Conditional Access
Multifactor authentication
Answer is Conditional Access
Conditional Access enables you to require users to access your applications only from approved, or managed, devices.
Question 103
How can the IT department use biometric properties, such as facial recognition, to enable delivery drivers to prove their identities?
SSO
Conditional Access
Multifactor authentication
Answer is Multifactor authentication
Authenticating through multifactor authentication can include something the user knows, something the user has, and something the user is.
Question 104
How can the IT department reduce the number of times users must authenticate to access multiple applications?
SSO
Conditional Access
Multifactor authentication
Answer is SSO
SSO enables a user to remember only one ID and one password to access multiple applications.
Question 105
How can companies allow some users to control the virtual machines in each environment but prevent them from modifying networking and other resources in the same resource group or Azure subscription?
Create a role assignment through Azure role-based access control (Azure RBAC).
Create a policy in Azure Policy that audits resource usage.
Split the environment into separate resource groups.
Answer is Create a role assignment through Azure role-based access control (Azure RBAC).
Azure RBAC enables you to create roles that define access permissions. You might create one role that limits access only to virtual machines and a second role that provides administrators with access to everything.
Question 106
Which is the best way for companies to ensure that they only deploy cost-effective virtual machine SKU sizes?
Create a policy in Azure Policy that specifies the allowed SKU sizes.
Periodically inspect the deployment manually to see which SKU sizes are used.
Create an Azure RBAC role that defines the allowed virtual machine SKU sizes.
Answer is Create a policy in Azure Policy that specifies the allowed SKU sizes.
After you enable this policy, that policy is applied when you create new virtual machines or resize existing ones. Azure Policy also evaluates any current virtual machines in your environment.
Question 107
Which is likely the best way for companies to identify which billing department each Azure resource belongs to?
Track resource usage in a spreadsheet.
Split the deployment into separate Azure subscriptions, where each subscription belongs to its own billing department.
Apply a tag to each resource that includes the associated billing department.
Answer is Apply a tag to each resource that includes the associated billing department.
Tags provide extra information, or metadata, about your resources. They might create a tag that's named BillingDept whose value would be the name of the billing department. You can use Azure Policy to ensure that the proper tags are assigned when resources are provisioned.
Question 108
Where can the company access details about the personal data Microsoft processes and how the company processes it, including for Cortana?
Microsoft Privacy Statement
The Azure compliance documentation
Microsoft compliance offerings
Answer is Microsoft Privacy Statement
The Microsoft Privacy Statement provides information that's relevant to specific services, including Cortana.
Question 109
Where can a legal team access information around how the Microsoft cloud helps them secure sensitive data and comply with applicable laws and regulations?
Microsoft Privacy Statement
Trust Center
Online Services Terms
Answer is Trust Center
The Trust Center is a great resource for people in your organization who might play a role in security, privacy, and compliance.
Question 110
Where can the IT department find reference blueprints that it can apply directly to its Azure subscriptions?
Online Services Terms
Azure compliance documentation
Microsoft Privacy Statement
Answer is Azure compliance documentation
The compliance documentation provides reference blueprints, or policy definitions, for common standards that you can apply to your Azure subscription.