Pass Microsoft AZ-900 in Just 3 Days – Stress-Free, No Study Needed!
Have questions? Contact us directly on WhatsApp for quick support!
HOTSPOT –
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: Yes –
The tool you would use to sync the accounts is Azure AD Connect. The Azure Active Directory Connect synchronization services (Azure AD Connect sync) is a main component of Azure AD Connect. It takes care of all the operations that are related to synchronize identity data between your on-premises environment and
Azure AD.
Box 2: Yes –
As described above, third-party cloud services and on-premises Active Directory can be used to access Azure resources. This is known as ‘federation’.
Federation is a collection of domains that have established trust. The level of trust may vary, but typically includes authentication and almost always includes authorization. A typical federation might include a number of organizations that have established trust for shared access to a set of resources.
Box 3: Yes –
Azure Active Directory (Azure AD) is a centralized identity provider in the cloud. This is the primary built-in authentication and authorization service to provide secure access to Azure resources.
References:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-whatis https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-fed https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios
HOTSPOT –
To complete the sentence, select the appropriate option in the answer area.
Hot Area:
The advanced monitoring capabilities in Security Center lets you track and manage compliance and governance over time. The overall compliance provides you with a measure of how much your subscriptions are compliant with policies associated with your workload.
Reference:
https://docs.microsoft.com/en-us/azure/security-center/security-center-intro
What should you use to evaluate whether your company’s Azure environment meets regulatory requirements?
- A. Azure Service Health
- B. Azure Knowledge Center
- C. Azure Security Center
- D. Azure Advisor
HOTSPOT –
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: No –
Azure Active Directory (Azure AD) is a cloud-based service. It does not require domain controllers on virtual machines.
Box 2: Yes –
Azure Active Directory (Azure AD) is a centralized identity provider in the cloud. This is the primary built-in authentication and authorization service to provide secure access to Azure resources and Microsoft 365.
Box 3: No –
User accounts in Azure Active Directory can be assigned multiple licenses for different Azure or Microsoft 365 services.
Which two types of customers are eligible to use Azure Government to develop a cloud solution? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
- A. a Canadian government contractor
- B. a European government contractor
- C. a United States government entity
- D. a United States government contractor
- E. a European government entity
HOTSPOT –
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: No –
It is not true that you must deploy a federation solution or sync on-premises identities to the cloud. You can have a cloud-only environment and use MFA.
Box 2: No –
Picture identification and passport numbers are not valid MFA authentication methods. Valid methods include: Password, Microsoft Authenticator App, SMS and
Voice call.
Box 3:
You can configure MFA to be required for administrator accounts only or you can configure MFA for any user account.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
You need to ensure that when Azure Active Directory (Azure AD) users connect to Azure AD from the Internet by using an anonymous IP address, the users are prompted automatically to change their password.
Which Azure service should you use?
- A. Azure AD Connect Health
- B. Azure AD Privileged Identity Management
- C. Azure Advanced Threat Protection (ATP)
- D. Azure AD Identity Protection
DRAG DROP –
Match the term to the correct definition.
Instructions: To answer, drag the appropriate term from the column on the left to its description on the right. Each term may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point.
Select and Place:
Box 1: ISO –
ISO is the International Organization for Standardization. Companies can be certified to ISO standards, for example ISO 9001 or 27001 are commonly used in IT companies.
Box 2: NIST –
The National Institute of Standards and Technology (NIST) is a physical sciences laboratory, and a non-regulatory agency of the United States Department of
Commerce.
Box 3: GDPR –
GDPR is the General Data Protection Regulations. This standard was adopted across Europe in May 2018 and replaces the now deprecated Data Protection
Directive.
The General Data Protection Regulation (EU) (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European
Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Box 4: Azure Government –
US government agencies or their partners interested in cloud services that meet government security and compliance requirements, can be confident that
Microsoft Azure Government provides world-class security, protection, and compliance services. Azure Government delivers a dedicated cloud enabling government agencies and their partners to transform mission-critical workloads to the cloud. Azure Government services handle data that is subject to certain government regulations and requirements, such as FedRAMP, NIST 800.171 (DIB), ITAR, IRS 1075, DoD L4, and CJIS. In order to provide you with the highest level of security and compliance, Azure Government uses physically isolated datacenters and networks (located in U.S. only).
References:
https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology https://en.wikipedia.org/wiki/General_Data_Protection_Regulation https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-welcome
To what should an application connect to retrieve security tokens?
- A. an Azure Storage account
- B. Azure Active Directory (Azure AD)
- C. a certificate store
- D. an Azure key vault
Your network contains an Active Directory forest. The forest contains 5,000 user accounts.
Your company plans to migrate all network resources to Azure and to decommission the on-premises data center.
You need to recommend a solution to minimize the impact on users after the planned migration.
What should you recommend?
- A. Implement Azure Multi-Factor Authentication (MFA)
- B. Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
- C. Instruct all users to change their password
- D. Create a guest user account in Azure Active Directory (Azure AD) for each user