aiotestking uk

AZ-102 Exam Questions - Online Test


AZ-102 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Proper study guides for AZ-102 Microsoft Azure Administrator Certification Transition certified begins with AZ-102 Exam Questions preparation products which designed to deliver the AZ-102 Dumps Questions by making you pass the AZ-102 test at your first time. Try the free AZ-102 Exam Questions and Answers right now.

Microsoft AZ-102 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
HOT SPOT
You plan to deploy five virtual machines to a virtual network subnet.
Each virtual machine will have a public IP address and a private IP address. Each virtual machine requires the same inbound and outbound security rules.
What is the minimum number of network interfaces and network security groups that you require? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-102 dumps exhibit

    Answer:

    Explanation: Box 1: 10
    One public and one private network interface for each of the five VMs. Box 2: 1
    You can associate zero, or one, network security group to each virtual network subnet and network interface in a virtual machine. The same network security group can be associated to as many subnets and network interfaces as you choose.
    References:
    https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

    NEW QUESTION 2
    You have an Azure subscription that contains three virtual networks named VNet1, VNet2, VNet3.
    VNet2 contains a virtual appliance named VM2 that operates as a router.
    You are configuring the virtual networks in a hub and spoke topology that uses VNet2 as the hub network.
    You plan to configure peering between VNet1 and VNet2 and between VNet2 and VNet3. You need to provide connectivity between VNet1 and VNet3 through VNet2.
    Which two configurations should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

    • A. On the peering connections, allow forwarded traffic.
    • B. On the peering connections, allow gateway transit.
    • C. Create route tables and assign the table to subnets.
    • D. Create a route filter.
    • E. On the peering connections, use remote gateway

    Answer: BE

    Explanation: Allow gateway transit: Check this box if you have a virtual network gateway attached to this virtual network and want to allow traffic from the peered virtual network to flow through the gateway. The peered virtual network must have the Use remote gateways checkbox checked when setting up the peering from the other virtual network to this virtual network.
    References:
    https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-managepeering# requirements-and-constraints

    NEW QUESTION 3
    You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1. You need to ensure that you can configure a point-to-site connection from VNet1 to an on-premises computer. Which two actions should you perform? Each correct answer presents part of the solution.
    NOTE: Each correct selection is worth one point.

    • A. Reset GW1.
    • B. Add a service endpoint to VNet1.
    • C. Add a connection to GW1.
    • D. Add a public IP address space to VNet1.
    • E. Delete GWL
    • F. Create a route-based virtual network gatewa

    Answer: EF

    Explanation: E: Policy-based VPN devices use the combinations of prefixes from both networks to define how traffic is encrypted/decrypted through IPsec tunnels. It is typically built on firewall devices that perform packet filtering. IPsec tunnel encryption and decryption are added to the packet filtering and processing engine.
    F: A VPN gateway is used when creating a VPN connection to your on-premises network.
    Route-based VPN devices use any-to-any (wildcard) traffic selectors, and let routing/forwarding tables direct traffic to different IPsec tunnels. It is typically built on router platforms where each IPsec tunnel is modeled as a network interface or VTI (virtual tunnel interface).
    Incorrect Answers:
    D: Point-to-Site connections do not require a VPN device or a public-facing IP address. References:
    https://docs.microsoft.com/en-us/azure/vpn-gateway/create-routebased-vpn-gateway-portal https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-connect-multiple-policybasedrm- ps

    Case Study: 10
    Lab 2 Overview
    This is a lab or performance-based testing (PBT) section.
    The following section of the exam is a lab. In this section, you will perform a set of tasks m a live environment. While most liable to you as it would be m a live environment, some functionality (e g, copy and paste, ability to having sites) will not be possible by design.
    Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the lab9s0 and all other sections of the exam in the time provided.
    Please note that once you submit your work by clicking the Next button within a lab. you will NOT be able to return to the tab.
    AZ-102 dumps exhibit
    AZ-102 dumps exhibit
    AZ-102 dumps exhibit
    To connect to Azure portal, type https://portal.azure.com in te browser address bar.

    NEW QUESTION 4
    You have an Azure Service Bus.
    You create a queue named Queue1. Queue1 is configured as shown in the following exhibit.
    AZ-102 dumps exhibit
    Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
    NOTE: Each correct selection is worth one point.
    AZ-102 dumps exhibit

      Answer:

      Explanation: Box 1: deleted after two hours
      All messages sent into a queue or topic are subject to a default expiration that is set at the entity level with the defaultMessageTimeToLive property and which can also be set in the portal during creation and adjusted later. The default expiration is used for all messages sent to the entity where TimeToLive is not explicitly set. The default expiration also functions as a ceiling for the TimeToLive value. Messages that have a longer TimeToLive expiration than the default value are silently adjusted to the defaultMessageTimeToLive value before being enqueued.
      Box 2: deleted in one hour References:
      https://docs.microsoft.com/en-us/azure/service-bus-messaging/message-expiration

      NEW QUESTION 5
      You set the multi-factor authentication status for a user named admin1@contoso.com to Enabled.
      Admin1 accesses the Azure portal by using a web browser.
      Which additional security verifications can Admin1 use when accessing the Azure portal?

      • A. a phone call, a text message that contains a verification code, and a notification or a verification code sent from the Microsoft Authenticator app.
      • B. an app password, a text message that contains a verification code, and a notification sent from the Microsoft Authenticator ap
      • C. C a phone call, an email message that contains a verification code, and a text message that contains an app password.
      • D. an app password, a text message that contains a verification code, and a verification code sent from the Microsoft Authenticator app.

      Answer: A

      Explanation: The user portal is an IIS web site that allows users to enroll in Azure Multi-Factor Authentication (MFA) and maintain their accounts. A user may change their phone number, change their PIN, or choose to bypass
      two-step verification during their next sign-on.
      Mobile App verification method is an option. If the user selects the Mobile App verification method, the page prompts the user to install the Microsoft Authenticator app on their device and generate an activation code. After installing the app, the user clicks the Generate Activation Code button.
      References:
      https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfaserver-deploy-userportal

      NEW QUESTION 6
      HOT SPOT
      You purchase a new Azure subscription named Subscription1.
      You create a virtual machine named VM1 in Subscription1. VM1 is not protected by Azure Backup. You need to protect VM1 by using Azure Backup. Backups must be created at 01:00 and stored for 30 days.
      What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
      AZ-102 dumps exhibit

        Answer:

        Explanation: Box 1: A Recovery Services vault
        A Recovery Services vault is an entity that stores all the backups and recovery points you create over time.
        Box 2: A backup policy
        What happens when I change my backup policy?
        When a new policy is applied, schedule and retention of the new policy is followed. References:
        https://docs.microsoft.com/en-us/azure/backup/backup-configure-vault https://docs.microsoft.com/en-us/azure/backup/backup-azure-backup-faq

        NEW QUESTION 7
        You have an Azure App Service plan named AdatumASP1 that uses the P2v2 pricing tier. AdatumASP1 hosts Ml Azure web app named adatumwebapp1. You need to delegate the management of adatumwebapp1 to a group named Devs. Devs must be able to perform the following tasks:
        • Add deployment slots.
        • View the configuration of AdatumASP1.
        • Modify the role assignment for adatumwebapp1. Which role should you assign to the Devs group?

        • A. Owner
        • B. Contributor
        • C. Web Plan Contributor
        • D. Website Contributor

        Answer: B

        Explanation: The Contributor role lets you manage everything except access to resources. Incorrect Answers:
        A: The Owner role lets you manage everything, including access to resources.
        C: The Web Plan Contributor role lets you manage the web plans for websites, but not access to them.
        D: The Website Contributor role lets you manage websites (not web plans), but not access to them. References:
        https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

        NEW QUESTION 8
        You plan to deploy an application getaway named appgw1015 to load balance IP traffic to the Azure virtual machines connected to subnet0.
        You need to configure a virtual network named VNET1015 to support the planned application gateway.
        What should you do from the Azure portal?

          Answer:

          Explanation: Step 1:
          Click Networking, Virtual Network, and select VNET1015. Step 2:
          Click Subnets, and Click +Add on the VNET1015 - Subnets pane that appears. Step 3:
          On the Subnets page, click +Gateway subnet at the top to open the Add subnet page.
          AZ-102 dumps exhibit
          Step 4:
          Locate subnet0 and add it. References:
          https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resourcemanager- portal

          NEW QUESTION 9
          HOT SPOT
          You need to prepare the environment to implement the planned changes for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
          AZ-102 dumps exhibit

            Answer:

            Explanation: Box 1: Create a Recovery Services vault
            Create a Recovery Services vault on the Azure Portal. Box 2: Install the Azure Site Recovery Provider
            Azure Site Recovery can be used to manage migration of on-premises machines to Azure. Scenario: Migrate the virtual machines hosted on Server1 and Server2 to Azure.
            Server2 has the Hyper-V host role. References:
            https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure

            Case Study: 8
            Mix Questions Set C (Evaluate and perform server migration to Azure)

            NEW QUESTION 10
            HOT SPOT
            You have an Azure Active Directory (Azure AD) tenant named adatum.com. Adatum.com contains the groups in the following table.
            AZ-102 dumps exhibit
            You create two user accounts that are configured as shown in the following table.
            AZ-102 dumps exhibit
            To which groups do User1 and User2 belong? To answer. select the appropriate options in the answer area.
            NOTE: Each correct selection is worth one point.
            AZ-102 dumps exhibit

              Answer:

              Explanation: Box 1: Group 1 only First rule applies
              Box 2: Group1 and Group2 only Both membership rules apply.
              References: https://docs.microsoft.com/en-us/sccm/core/clients/manage/collections/createcollections

              NEW QUESTION 11
              You have an Azure Active Directory (Azure AD) domain that contains 5,000 user accounts. You create a new user account named AdminUser1.
              You need to assign the User administrator administrative role to AdminUser1. What should you do from the user account properties?

              • A. From the Directory role blade, modify the directory role.
              • B. From the Groups blade, invite the user account to a new group.
              • C. From the Licenses blade, assign a new licens

              Answer: A

              Explanation: Assign a role to a user
              Sign in to the Azure portal with an account that's a global admin or privileged role admin for the directory.
              Select Azure Active Directory, select Users, and then select a specific user from the list.
              For the selected user, select Directory role, select Add role, and then pick the appropriate admin roles from the Directory roles list, such as Conditional access administrator.
              Press Select to save.
              References: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/activedirectory-users-assign-role-azure-portal

              NEW QUESTION 12
              You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.
              You need to delete the Recovery Services vault. What should you do first?

              • A. From the Recovery Service vault, stop the backup of each backup item.
              • B. From the Recovery Service vault, delete the backup data.
              • C. Modify the disaster recovery properties of each virtual machine.
              • D. Modify the locks of each virtual machin

              Answer: A

              Explanation: You can't delete a Recovery Services vault if it is registered to a server and holds backup data. If youtry to delete a vault, but can't, the vault is still configured to receive backup data. Remove vault dependencies and delete vault
              In the vault dashboard menu, scroll down to the Protected Items section, and click Backup Items. In this menu, you can stop and delete Azure File Servers, SQL Servers in Azure VM, and Azure virtual machines.
              AZ-102 dumps exhibit
              References: https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault

              NEW QUESTION 13
              You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2021 Datacenter image.
              You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.
              Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.

              • A. Modify the extensionProfile section of the Azure Resource Manager template.
              • B. Create a new virtual machine scale set in the Azure portal.
              • C. Create an Azure policy.
              • D. Create an automation account.
              • E. Upload a configuration scrip

              Answer: AB

              Explanation: Virtual Machine Scale Sets can be used with the Azure Desired State Configuration (DSC) extension handler. Virtual machine scale sets provide a way to deploy and manage large numbers of virtual machines, and can elastically scale in and out in response to load. DSC is used to configure the VMs as they come online so they are running the production software.
              References: https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machinescale- sets-dsc

              NEW QUESTION 14
              Note: This question is part of a series questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
              After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
              You manage a virtual network named Vnet1 that is hosted in the West US Azure region. VNet hosts two virtual machines named VM1 and VM2 run Windows Server.
              You need to inspect all the network traffic from VM1 to VM2 for a period of three hours. Solution: From Azure Network Watcher, you create a connection monitor.
              Does this meet the goal?

              • A. YES
              • B. NO

              Answer: A

              Explanation: Azure Network Watcher provides tools to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network.
              Capture packets to and from a VM
              Advanced filtering options and fine-tuned controls, such as the ability to set time and size limitations, provide versatility. The capture can be stored in Azure Storage, on the VM's disk, or both. You can then analyze the capture file using several standard network capture analysis tools.
              Network Watcher variable packet capture allows you to create packet capture sessions to track traffic to and from a virtual machine. Packet capture helps to diagnose network anomalies both reactively and proactivity.
              References:
              https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

              NEW QUESTION 15
              You have an Azure Active Directory (Azure AD) tenant named contosocloud.onmicrosoft.com. Your company has a public DNS zone for contoso.com.
              You add contoso.com as a custom domain name to Azure AD. You need to ensure that Azure can verify the domain name.
              Which type of DNS record should you create?

              • A. RRSIG
              • B. PTR
              • C. DNSKEY
              • D. TXT

              Answer: D

              Explanation: Create the TXT record. App Services uses this record only at configuration time to verify that you own the custom domain. You can delete this TXT record after your custom domain is validated and configured in App Service.
              References: https://docs.microsoft.com/en-us/azure/dns/dns-web-sites-custom-domain

              NEW QUESTION 16
              You have an Azure subscription that contains the resources in the following table.
              AZ-102 dumps exhibit
              To which subnets can you apply NSG1?

              • A. the subnets on VNet2 only
              • B. the subnets on VNet1 only
              • C. the subnets on VNet2 and VNet3 only
              • D. the subnets on VNet1, VNet2, and VNet3
              • E. the subnets on VNet3 only

              Answer: E

              Explanation: All Azure resources are created in an Azure region and subscription. A resource can only be created in a virtual network that exists in the same region and subscription as the resource.
              References: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-vnet-plandesign- arm

              NEW QUESTION 17
              You have the Azure virtual networks shown in the following table.
              AZ-102 dumps exhibit
              To which virtual networks can you establish a peering connection from VNet1?

              • A. VNet2 and VNet3 only
              • B. VNet2 only
              • C. VNet3 and VNet4 only
              • D. VNet2, VNet3, and VNet4

              Answer: C

              Explanation: The virtual networks you peer must have non-overlapping IP address spaces. The VNet1 and VNhet2 address spaces overlap. The range of VNet2 is contained inside the range of VNet1.
              References:
              https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-managepeering# requirements-and-constraints

              NEW QUESTION 18
              You have a Microsoft SQL Server Always On availability group on Azure virtual machines. You need to configure an Azure internal load balancer as a listener for the availability group. What should you do?

              • A. Enable Floating IP.
              • B. Set Session persistence to Client IP and protocol.
              • C. Set Session persistence to Client IP.
              • D. Create an HTTP health probe on port 1433.

              Answer: A

              Explanation: Incorrect Answers:
              D: The Health probe is created with the TCP protocol, not with the HTTP protocol. References:
              https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windowsportal- sql-alwayson-int-listener

              Case Study: 6
              Lab 1 SIMULATION
              The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
              Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
              Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
              Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
              To start the lab
              You may start lab by clicking the Next button Tasks
              Click to expand each objective
              To connect to the Azure portal, type https:/portal.azure.com in the browser address bar. Instructions
              Performance Based Lab
              This type of question asks you to perform tasks in a virtual environment.
              The screen for this type of question includes a virtual machine window and a tasks pane.
              The window is a remotely connected live environment where you perform tasks on real software and applications.
              On the right is a Tasks pane that lists the tasks you need to perform in the lab. Each task can be expanded or collapsed using the “+” or “-” symbols. A checkbox is provided for each task. This is provided for convenience, so you can mark each task as you complete it.
              Tasks
              Click to expand each objective
              -Configure servers
              Add the “Print and Document Services” role to server LON-SVR1, installing any required management features and enabling both Print and LPD Services.
              +Configure file and share access
              When you are finished performing all the tasks, click the ‘Next’ button.
              Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background while you complete the rest of the exam.
              Comments
              Once the exam completes, the comment period will begin and you will have the opportunity to provide comments to Microsoft about the exam questions. To launch the comment period, click the “Finish” and then “Comment” buttions. To skip the comment period and the exam, click Exit.
              You can navigate to a question from the Review screen to provide a comment. Please, see the Review Screen tab in the Review Screen help Menu (which can be accessed from the Review Screen) for details on accessing questions from the Review Screen.
              To comment on a question, navigate to that question and click the Give Feedback icon. When you have entered your comment in the comment window, click Submit to close the window. To navigate to the Review screen again, click the Review button. You may navigate through all questions using the Next and Previous buttions. To skip commenting, go to the Review Screen by selecting the Review Screen button in the upper left-hand corner and from the Review Screen, select “Finished”.
              Controls Available
              For any question, one or more of the following controls might be available.
              AZ-102 dumps exhibit
              Keyboard Shortcuts Available
              Exam features may be accessed using keyboard shortcuts. The following table describes the keyboard shortcuts that are available during this exam.
              Some keyboard shortcuts require that you press two or more keys at the same time. These keys are separated by a plus sign (+) in the table below.
              AZ-102 dumps exhibit
              AZ-102 dumps exhibit
              AZ-102 dumps exhibit

              NEW QUESTION 19
              You have an Azure subscription that contains two virtual networks named VNet1 and VNet2. Virtual machines connect to the virtual networks.
              The virtual networks have the address spaces and the subnets configured as shown in the following table.
              AZ-102 dumps exhibit
              You need to add the address space of 10.33.0.0/16 to VNet1. The solution must ensure that the hosts on VNet1 and VNet2 can communicate.
              Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
              AZ-102 dumps exhibit

                Answer:

                Explanation: Step 1: Remove peering between Vnet1 and VNet2.
                You can't add address ranges to, or delete address ranges from a virtual network's address space once a virtual network is peered with another virtual network. To add or remove address ranges, delete the peering, add or
                remove the address ranges, then re-create the peering. Step 2: Add the 10.44.0.0/16 address space to VNet1. Step 3: Recreate peering between VNet1 and VNet2 References:
                https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-peering

                P.S. Easily pass AZ-102 Exam with 195 Q&As Surepassexam Dumps & pdf Version, Welcome to Download the Newest Surepassexam AZ-102 Dumps: https://www.surepassexam.com/AZ-102-exam-dumps.html (195 New Questions)