Your success in AZ-102 Exam Questions is our sole target and we develop all our AZ-102 Exam Questions and Answers in a way that facilitates the attainment of this target. Not only is our AZ-102 Free Practice Questions material the best you can find, it is also the most detailed and the most updated. AZ-102 Exam Dumps for Microsoft AZ-102 are written to the highest standards of technical accuracy.

Online AZ-102 free questions and answers of New Version:

NEW QUESTION 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscript contains a resource group named Dev.d Subscription1. Adatum contains a group named Developers. Subscription!
You need to provide the Developers group with the ability to create Azure logic apps in the; Dev, resource group.
Solution: On Dev, you assign the Logic App Contributor role to the Developers group. Does this meet the goal?

  • A. Yes
  • B. No

Answer: A

Explanation: The Logic App Contributor role lets you manage logic app, but not access to them. It provides access to view, edit, and update a logic app.
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app

NEW QUESTION 2
HOT SPOT
You need to prepare the environment to implement the planned changes for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
AZ-102 dumps exhibit

    Answer:

    Explanation: Box 1: Create a Recovery Services vault
    Create a Recovery Services vault on the Azure Portal. Box 2: Install the Azure Site Recovery Provider
    Azure Site Recovery can be used to manage migration of on-premises machines to Azure. Scenario: Migrate the virtual machines hosted on Server1 and Server2 to Azure.
    Server2 has the Hyper-V host role. References:
    https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure

    Case Study: 8
    Mix Questions Set C (Evaluate and perform server migration to Azure)

    NEW QUESTION 3
    You plan to support many connections to your company's automatically uses up to five instances when CPU utilization on the instances exceeds 70 percent for 10 minutes. When CPU utilization decreases, the solution must automatically reduce the number of instances.
    What should you do from the Azure portal?

      Answer:

      Explanation: Step 1:
      Locate the Homepage App Service plan Step 2:
      Click Add a rule, and enter the appropriate fields, such as below, and the click Add. Time aggregation: average
      Metric Name: Percentage CPU Operator: Greater than Threshold 70
      Duration: 10 minutes Operation: Increase count by Instance count: 4
      AZ-102 dumps exhibit
      Step 3:
      We must add a scale in rule as well. Click Add a rule, and enter the appropriate fields, such as below, then click Add.
      Operator: Less than
      Threshold 70
      Duration: 10 minutes Operation: Decrease count by Instance count: 4 References:
      https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-setsautoscale- portal
      https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/insights-autoscale-bestpractices

      NEW QUESTION 4
      You need to create a web app named corp7509086n2 that can be scaled horizontally. The solution must use the lowest possible pricing tier for the App Service plan.
      What should you do from the Azure portal?

        Answer:

        Explanation: Step 1:
        In the Azure Portal, click Create a resource > Web + Mobile > Web App. Step 2:
        Use the Webb app settings as listed below. Web App name: corp7509086n2
        Hosting plan: Azure App Service plan Pricing tier of the Pricing Tier: Standard
        Change your hosting plan to Standard, you can't setup auto-scaling below standard tier. Step 3:
        Select Create to provision and deploy the Web app. References:
        https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-web-how-to-createa- web-app-in-an-ase
        https://azure.microsoft.com/en-us/pricing/details/app-service/plans/

        NEW QUESTION 5
        You are configuring serverless computing in Azure.
        You need to receive an email message whenever a resource is created in or deleted from a resource group. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
        AZ-102 dumps exhibit

          Answer:

          Explanation: Step 1: Create an event subscription
          When you subscribe to events for a resource group, your endpoint receives all events for that resource group. Step 2: Create an Azure Event Grid trigger
          Step 3: Create conditions and actions References:
          https://docs.microsoft.com/en-us/azure/event-grid/event-schema-resource-groups

          NEW QUESTION 6
          DRAG DROP
          You have two Azure virtual machines named VM1 and VM2. VM1 has a single data disk named Disk1. You need to attach Disk1 to VM2. The solution must minimize downtime for both virtual machines.
          Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
          AZ-102 dumps exhibit

            Answer:

            Explanation: Step 1: Stop VM1.
            Step 2: Detach Disk1 from VM1. Step 3: Start VM1.
            Detach a data disk using the portal
            In the left menu, select Virtual Machines.
            Select the virtual machine that has the data disk you want to detach and click Stop to deallocate the
            VM.
            In the virtual machine pane, select Disks. At the top of the Disks pane, select Edit.
            In the Disks pane, to the far right of the data disk that you would like to detach, click the Detach button image detach button.
            After the disk has been removed, click Save on the top of the pane.
            In the virtual machine pane, click Overview and then click the Start button at the top of the pane to restart the VM.
            The disk stays in storage but is no longer attached to a virtual machine. Step 4: Attach Disk1 to VM2
            Attach an existing disk
            Follow these steps to reattach an existing available data disk to a running VM. Select a running VM for which you want to reattach a data disk.
            From the menu on the left, select Disks.
            Select Attach existing to attach an available data disk to the VM. From the Attach existing disk pane, select OK.
            References:
            https://docs.microsoft.com/en-us/azure/virtual-machines/windows/detach-disk https://docs.microsoft.com/en-us/azure/lab-services/devtest-lab-attach-detach-data-disk

            NEW QUESTION 7
            SIMULATION
            Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
            AZ-102 dumps exhibit
            AZ-102 dumps exhibit
            AZ-102 dumps exhibit
            When you are finished performing all the tasks, click the ‘Next’ button.
            Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background while you complete the rest of the exam.
            Overview
            The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
            Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
            Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
            To start the lab
            You may start the lab by clicking the Next button.
            Your on-premises network uses an IP address range of 131.107.2.0 to 131.107.2.255. You need to ensure that only devices from the on-premises network can connect to the rg1lod7523691n1 storage account.
            What should you do from the Azure portal?

              Answer:

              Explanation: Step 1: Navigate to the rg1lod7523691n1 storage account.
              Step 2: Click on the settings menu called Firewalls and virtual networks. Step 3: Ensure that you have elected to allow access from 'Selected networks'.
              Step 4: To grant access to an internet IP range, enter the address range of 131.107.2.0 to 131.107.2.255 (in CIDR format) under Firewall, Address Ranges.
              References: https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security

              NEW QUESTION 8
              You have an Azure subscription.
              You enable multi-factor authentication for all users.
              Some users report that the email applications on their mobile device cannot co browser and from Microsoft Outlook 2021 on their computer.
              You need to ensure that the users can use the email applications on their mobile device. What should you instruct the users to do?
              The users can access Exchange Online by using a web

              • A. Enable self-service password reset.
              • B. Create an app password.
              • C. Reset the Azure Active Directory (Azure AD) password.
              • D. Reinstall the Microsoft Authenticator app.

              Answer: A

              Explanation: References:
              https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks

              NEW QUESTION 9
              You sign up for Azure Active Directory (Azure AD) Premium.
              You need to add a user named admin1@contoso.com as an administrator on all the computers that will be joined to the Azure AD domain.
              What should you configure in Azure AD?

              • A. Device settings from the Devices blade.
              • B. General settings from the Groups blade.
              • C. User settings from the Users blade.
              • D. Providers from the MFA Server blade.

              Answer: C

              Explanation: When you connect a Windows device with Azure AD using an Azure AD join, Azure AD adds the following security principles to the local administrators group on the device:
              The Azure AD global administrator role The Azure AD device administrator role
              The user performing the Azure AD join In the Azure portal, you can manage the device administrator role on the Devices page. To open the Devices
              page: 1. Sign in to your Azure portal as a global administrator or device administrator.
              2. On the left navbar, click Azure Active Directory.
              3. In the Manage section, click Devices.
              4. On the Devices page, click Device settings.
              5. To modify the device administrator role, configure Additional local administrators on Azure AD joined
              devices.
              References: https://docs.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin

              NEW QUESTION 10
              You have an Azure Active Directory (Azure AD) tenant.
              All administrators must enter a verification code to access the Azure portal.
              You need to ensure that the administrators can access the Azure portal only from your on-premises network. What should you configure?

              • A. the multi-factor authentication service settings
              • B. an Azure AD Identity Protection user risk policy
              • C. the default for all the roles in Azure AD Privileged Identity Management
              • D. an Azure AD Identity Protection sign-in risk policy

              Answer: A

              NEW QUESTION 11
              Note: This question is part of a series questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
              After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
              You manage a virtual network named Vnet1 that is hosted in the West US Azure region. VNet hosts two virtual machines named VM1 and VM2 run Windows Server.
              You need to inspect all the network traffic from VM1 to VM2 for a period of three hours. Solution: From Azure Network Watcher, you create a connection monitor.
              Does this meet the goal?

              • A. YES
              • B. NO

              Answer: A

              Explanation: Azure Network Watcher provides tools to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network.
              Capture packets to and from a VM
              Advanced filtering options and fine-tuned controls, such as the ability to set time and size limitations, provide versatility. The capture can be stored in Azure Storage, on the VM's disk, or both. You can then analyze the capture file using several standard network capture analysis tools.
              Network Watcher variable packet capture allows you to create packet capture sessions to track traffic to and from a virtual machine. Packet capture helps to diagnose network anomalies both reactively and proactivity.
              References:
              https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

              NEW QUESTION 12
              You have an Azure subscription that contains the resources in the following table.
              AZ-102 dumps exhibit
              Store1 contains a file share named Data. Data contains 5,000 files.
              You need to synchronize the files in Data to an on-premises server named Server1.
              Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

              • A. Download an automation script.
              • B. Create a container instance.
              • C. Create a sync group.
              • D. Register Server1.
              • E. Install the Azure File Sync agent on Server1.

              Answer: CDE

              Explanation: Step 1 (E): Install the Azure File Sync agent on Server1
              The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file share
              Step 2 (D): Register Server1.
              Register Windows Server with Storage Sync Service
              Registering your Windows Server with a Storage Sync Service establishes a trust relationship between your server (or cluster) and the Storage Sync Service.
              Step 3 (C): Create a sync group and a cloud endpoint.
              A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on registered server. References: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deploymentguide

              NEW QUESTION 13
              You have the Azure virtual machines shown in the following table.
              AZ-102 dumps exhibit
              You have a Recovery Services vault that protects VM1 and VM2. You need to protect VM3 and VM4 by using Recovery Services. What should you do first?

              • A. Configure the extensions for VM3 and VM4.
              • B. Create a new Recovery Services vault.
              • C. Create a storage account.
              • D. Create a new backup polic

              Answer: B

              Explanation: A Recovery Services vault is a storage entity in Azure that houses dat
              A. The data is typically copies of
              data, or configuration information for virtual machines (VMs), workloads, servers, or workstations. You can use Recovery Services vaults to hold backup data for various Azure services
              References: https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-tutorial-enablereplication

              NEW QUESTION 14
              HOT SPOT
              You have an Azure subscription named Subscription1 that contains a virtual network named VNet1. You add the users in the following table.
              AZ-102 dumps exhibit
              Which user can perform each configuration? To answer, select the appropriate options in the answer area.
              NOTE: Each correct selection is worth one point.
              AZ-102 dumps exhibit

                Answer:

                Explanation: Box 1: User1 and User3 only.
                The Owner Role lets you manage everything, including access to resources. The Network Contributor role lets you manage networks, but not access to them. Box 2: User1 and User2 only
                The Security Admin role: In Security Center only: Can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations.
                References:
                https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

                NEW QUESTION 15
                You need to prepare the environment to meet the authentication requirements.
                Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.

                • A. Azure Active Directory (AD) Identity Protection and an Azure policy
                • B. a Recovery Services vault and a backup policy
                • C. an Azure Key Vault and an access policy
                • D. an Azure Storage account and an access policy

                Answer: BD

                Explanation: D: Seamless SSO works with any method of cloud authentication - Password Hash Synchronization or Pass-through Authentication, and can be enabled via Azure AD Connect.
                B: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure AD URL to all or selected users' Intranet zone settings by using Group Policy in Active Directory: https://autologon.microsoftazuread-sso.com
                Incorrect Answers:
                A: Seamless SSO needs the user's device to be domain-joined, but doesn't need for the device to be Azure AD Joined.
                C: Azure AD connect does not port 8080. It uses port 443.
                E: Seamless SSO is not applicable to Active Directory Federation Services (ADFS).
                Scenario: Users in the Miami office must use Azure Active Directory Seamless Single Sign-on (Azure AD Seamless SSO) when accessing resources in Azure.
                Planned Azure AD Infrastructure include: The on-premises Active Directory domain will be synchronized to Azure AD.
                References: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directoryaadconnect-sso-quick-start

                NEW QUESTION 16
                HOT SPOT
                You plan to create an Azure Storage account in the Azure region of East US 2. You need to create a storage account that meets the following requirements: Replicates synchronously
                Remains available if a single data center in the region fails
                How should you configure the storage account? To answer, select the appropriate options in the answer area.
                NOTE: Each correct selection is worth one point.
                AZ-102 dumps exhibit

                  Answer:

                  Explanation: Box 1: Zone-redundant storage (ZRS)
                  Zone-redundant storage (ZRS) replicates your data synchronously across three storage clusters in a single region.
                  LRS would not remain available if a data center in the region fails GRS and RA GRS use asynchronous replication.
                  Box 2: StorageV2 (general purpose V2) ZRS only support GPv2.
                  References:
                  https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy-zrs

                  NEW QUESTION 17
                  You have a resource group named RG1. RG1 contains an Azure Storage account named storageaccount1 and a virtual machine named VM1 that runs Windows Server 2021. Storageaccount1 contains the disk files for VM1. You apply a ReadOnly lock to RG1. What can you do from the Azure portal?

                  • A. Generate an automation script for RG1.
                  • B. View the keys of storageaccount1.
                  • C. Upload a blob to storageaccount1.
                  • D. Start VM1.

                  Answer: B

                  Explanation: ReadOnly means authorized users can read a resource, but they can't delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.
                  References: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lockresources

                  NEW QUESTION 18
                  You have an Azure subscription named Subscription1. Subscription1 contains the resource groups in the following table.
                  AZ-102 dumps exhibit
                  RG1 has a web app named WebApp1. WebApp1 is located in West Europe. You move WebApp1 to RG2. What is the effect of the move?

                  • A. The App Service plan to WebApp1 moves to North Europ
                  • B. Policy2 applies to WebApp1.
                  • C. The App Service plan to WebApp1 moves to North Europ
                  • D. Policy1 applies to WebApp1.
                  • E. The App Service plan to WebApp1 remains to West Europ
                  • F. Policy2 applies to WebApp1.
                  • G. The App Service plan to WebApp1 remains to West Europ
                  • H. Policy1 applies to WebApp1.

                  Answer: C

                  NEW QUESTION 19
                  You need to implement a backup solution for App1 after the application is moved. What should you create first?

                  • A. a recovery plan
                  • B. an Azure Backup Server
                  • C. a backup policy
                  • D. a Recovery Services vault

                  Answer: D

                  Explanation: A Recovery Services vault is a logical container that stores the backup data for each protected resource, such as Azure VMs. When the backup job for a protected resource runs, it creates a recovery point inside the Recovery Services vault.
                  Scenario:
                  There are three application tiers, each with five virtual machines.
                  Move all the virtual machines for App1 to Azure.
                  Ensure that all the virtual machines for App1 are protected by backups.
                  References: https://docs.microsoft.com/en-us/azure/backup/quick-backup-vm-portal

                  NEW QUESTION 20
                  You have an Azure subscription that contains a storage account named account1.
                  You plan to upload the disk files of a virtual machine to account1 from your on-premises network. The on-premises network uses a public IP address space of 131.107.1.0/24.
                  You plan to use the disk files to provision an Azure virtual machine named VM1. VM1 will be attached to a virtual network named VNet1. VNet1 uses an IP address space of 192.168.0.0/24. You need to configure account1 to meet the following requirements:
                  Ensure that you can upload the disk files to account1. Ensure that you can attach the disks to VM1. Prevent all other access to account1.
                  Which two actions should you perform? Each correct selection presents part of the solution. NOTE: Each correct selection is worth one point.

                  • A. From the Firewalls and virtual networks blade of account1, add the 131.107.1.0/24 IP address range.
                  • B. From the Firewalls and virtual networks blade of account1, select Selected networks.
                  • C. From the Firewalls and virtual networks blade of acount1, add VNet1.
                  • D. From the Firewalls and virtual networks blade of account1, select Allow trusted Microsoft services toaccess this storage account.
                  • E. From the Service endpoints blade of VNet1, add a service endpoin

                  Answer: BE

                  Explanation: B: By default, storage accounts accept connections from clients on any network. To limit access to selected networks, you must first change the default action.
                  Azure portal
                  Navigate to the storage account you want to secure.
                  Click on the settings menu called Firewalls and virtual networks.
                  To deny access by default, choose to allow access from 'Selected networks'. To allow traffic from all networks, choose to allow access from 'All networks'.
                  Click Save to apply your changes.
                  E: Grant access from a Virtual Network
                  Storage accounts can be configured to allow access only from specific Azure Virtual Networks. By enabling a Service Endpoint for Azure Storage within the Virtual Network, traffic is ensured an optimal route to the Azure Storage service. The identities of the virtual network and the subnet are also transmitted with each request.
                  References: https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security

                  100% Valid and Newest Version AZ-102 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/AZ-102/ (New 195 Q&As)