- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
In Azure AD Privileged Identity Management (PIM), the Role settings for the Contributor role are configured as shown in the exhibit. (Click the Exhibit tab.)
You assign users the Contributor role on May 1, 2019 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Solution:
References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-resource-roles-assi
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.
The company is developing an application named App1. App1 will run as a service on server that runs Windows Server 2016. App1 will authenticate to contoso.com and access Microsoft Graph to read directory data.
You need to delegate the minimum required permissions to App1.
Which three actions should you perform in sequence from the Azure portal? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Solution:
Step 1: Create an app registration
First the application must be created/registered.
Step 2: Add an application permission
Application permissions are used by apps that run without a signed-in user present.
Step 3: Grant permissions
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
You have an Azure Sentinel deployment.
You need to create a scheduled query rule named Rule1. What should you use to define the query rule logic for Rule1?
Correct Answer:
D
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-custom
- (Exam Topic 2)
HOTSPOT
You assign User8 the Owner role for RG4, RG5, and RG6.
In which resource groups can User8 create virtual networks and NSGs? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Solution:
Box1: RG6 only as there is not option for RG5 & RG6 which it should be. Box2: RG4 & RG6
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 3)
From Azure Security Center, you need to deploy SecPol1. What should you do first?
Correct Answer:
C
Reference:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/security-center/custom-security-policies.md https://zimmergren.net/create-custom-security-center-recommendation-with-azure-policy/