Which of the following could grant or deny access based on the originating IP address?
Answer
Azure Active Directory
Aure Firewall
VPN Gateway
Question 2
Question
Which of the following could require both a password and a security question for full authentication?
Answer
Azure Firewall
Application Gateway
Multi-Factor Authentication
Question 3
Question
Which of the following services would you use to filter internet traffic in your Azure virtual network?
Answer
Azure Firewall
Network Security Group
VPN Gateway
Question 4
Question
Which of the following lets you store passwords in Azure so you can centrally manage them for your services and applications?
Answer
Azure Advanced Threat Protection
Azure Key Vault
Azure Security Center
Question 5
Question
Which of the following should you use to download published audit reports and how Microsoft builds and operates its cloud services?
Answer
Azure Policy
Azure Service Health
Service Trust Portal
Question 6
Question
Which of the following provides information about planned maintenance and changes that could affect the availability of your resources?
Answer
Azure Monitor
Azure Security Center
Azure Service Health
Question 7
Question
Where can you obtain details about the personal data Microsoft processes, how Microsoft processes it, and for what purposes?
Answer
Microsoft Privacy Statement
Compliance Manager
Azure Service Health
Question 8
Question
Which of the following can be used to help you enforce resource tagging so you can manage billing?
Answer
Azure Policy
Azure Service Health
Compliance Manager
Question 9
Question
Which of the following can be used to define a repeatable set of Azure resources that implement organizational requirements?
Answer
Azure Blueprint
Azure Policy
Azure Resource Groups
Question 10
Question
Which of the following lets you grant users only the rights they need to perform their jobs?
Answer
Azure Policy
Compliance Manager
Role-Based Access Control
Question 11
Question
Which of these options helps you most easily disable an account when an employee leaves your company?
Answer
Enforce multi-factor authentication (MFA)
Monitor sign-on attempts
Use single sign-on (SSO)
Question 12
Question
What is Azure Information Protection?
Answer
AIP is a cloud-based solution that helps organizations classify and (optionally) protect its documents and emails by applying labels. Labels can be applied automatically (by administrators who define rules and conditions), manually (by users), or with a combination of both (where users are guided by recommendations).
AIP is a cloud-based security solution that identifies, detects, and helps you investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
AIP is a monitoring service that provides threat protection across all of your services both in Azure, and on-premises.
Question 13
Question
Which of the following items would be good use of a resource lock?
Answer
An ExpressRoute circuit with connectivity back to your on-premises network
A non-production virtual machine used to test occasional application builds
A storage account used to temporarily store images processed in a development environment
Question 14
Question
Which of the following approaches would be the most efficient way to ensure a naming convention was followed across your subscription?
Answer
Send out an email with the details of your naming conventions and hope it is followed.
Create a policy with your naming requirements and assign it to the scope of your subscription
Give all other users except for yourself read-only access to the subscription. Have all requests to create resources sent to you so you can review the names being assigned to resources, and then create them.