The latest Microsoft AZ-900 Azure Fundamentals certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-900 Azure Fundamentals exam and earn Microsoft AZ-900 Azure Fundamentals certification.
Question 321
You have an Active Directory forest named contoso.com.
You install and configure Azure AD Connect to use password hash synchronization as the single sign-on (SSO) method. Staging mode is enabled.
You review the synchronization results and discover that the Synchronization Service Manager does not display any sync jobs.
You need to ensure that the synchronization completes successfully.
What should you do?
A. Run Azure AD Connect and set the SSO method to Pass-through Authentication.
B. From Synchronization Service Manager, run a full import.
C. From Azure PowerShell, run Start-AdSyncSyncCycle ?PolicyType Initial.
*D. Run Azure AD Connect and disable staging mode.
Explanation
Staging mode must be disabled. If the Azure AD Connect server is in staging mode, password hash synchronization is temporarily disabled.
Azure AD Connect is the Microsoft tool designed to meet and accomplish your hybrid identity goals. It provides the following features:
Password hash synchronization – A sign-in method that synchronizes a hash of a users on-premises AD password with Azure AD.
Pass-through authentication – A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn’t require the additional infrastructure of a federated environment.
Federation integration – Federation is an optional part of Azure AD Connect and can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
Synchronization – Responsible for creating users, groups, and other objects. As well as, making sure identity information for your on-premises users and groups is matching the cloud. This synchronization also includes password hashes.
Health Monitoring – Azure AD Connect Health can provide robust monitoring and provide a central location in the Azure portal to view this activity.
Question 322
You have an Azure Active Directory (Azure AD) tenant.
All administrators must enter a verification code to access the Azure portal.
You need to ensure that the administrators can access the Azure portal only from your on-premises network.
What should you configure?
A. An Azure AD Identity Protection user risk policy.
*B. The multi-factor authentication service settings.
C. The default for all the roles in Azure AD Privileged Identity Management.
D. An Azure AD Identity Protection sign-in risk policy.
Explanation
The security of two-step verification lies in its layered approach. Compromising multiple authentication factors presents a significant challenge for attackers. Even if an attacker manages to learn the user’s password, it is useless without also having possession of the additional authentication method. It works by requiring two or more of the following authentication methods:
- Something you know (typically a password).
- Something you have (a trusted device that is not easily duplicated, like a phone).
- Something you are (biometrics).
Question 323
You have two Azure Active Directory (Azure AD) tenants named contoso.com and fabrikam.com.
You have a Microsoft account that you use to sign in to both tenants.
You need to configure the default sign-in tenant for the Azure portal.
What should you do?
A. From Azure Cloud Shell, run Set-AzureRmSubscription.
*B. From Azure Cloud Shell, run Set-AzureRmContext.
C. From the Azure portal, configure the portal settings.
D. From the Azure portal, change the directory.
Explanation
The Set-AzureRmContext cmdlet sets authentication information for cmdlets that you run in the current session. The context includes tenant, subscription, and environment information.
Example: PS C:\>Set-AzureRmContext -SubscriptionId “xxxx-xxxx-xxxx-xxxx”
Question 324
Match the cloud model to the correct advantage.
Instructions: To answer, drag the appropriate cloud model from the column on the left to its advantage on the right. Each cloud model may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point
Select and Place:
Cloud Model:
- Hybrid Cloud
- Private Cloud
- Public Cloud
Work Ares:
- No required capital expenditure
- Provides complete control over security.
- Provides a choice to use on-premises or cloud-based resources.
Answer:
- Public Cloud: No required capital expenditure
- Private Cloud: Provides complete control over security.
- Hybrid Cloud: Provides a choice to use on-premises or cloud-based resources.
Explanation
- Public Cloud: With a public cloud, there is no capital expenditure on server hardware etc. You only pay for cloud resources that you use as you use them.
- Private Cloud: A private cloud exists on premises, so you have complete control over security.
- Hybrid Cloud: A hybrid cloud is a mix of public cloud resources and on-premises resources. Therefore, you have a choice to use either.
Question 325
You have 50 virtual machines hosted on-premises and 50 virtual machines hosted in Azure. The on-premises virtual machines and the Azure virtual machines connect to each other.
Which type of cloud model is this?
*A. hybrid
B. private
C. public
Question 326
A Platform as a Service (PaaS) solution that hosts web apps in Azure can be provided with additional memory by changing the pricing tier.
*A. Yes
B. No
Question 327
A Platform as a Service (PaaS) solution that hosts web apps in Azure can be configured to automatically scale the number of instances based on demand.
*A. Yes
B. No
Explanation
A PaaS solution that hosts web apps in Azure does provide the ability to scale the platform automatically. This is known as autoscaling. Behind the scenes, the web apps are hosted on virtual machines running IIS. Autoscaling means adding more load balanced virtual machines to host the web apps.
Question 328
Building a data center infrastructure is an example of operational expenditure (OpEx) costs.
A. Yes
*B. No
Explanation
Building a data center infrastructure is capital expenditure, not operation expenditure.
Question 329
Monthly salaries for technical personnel are an example of operational expenditure (OpEx) costs.
*A. Yes
B. No
Explanation
OpEx is ongoing costs (costs of operations) such as staff salaries.
Question 330
Leasing software is an example of operational expenditure (OpEx) costs.
*A. Yes
B. No
Explanation
OpEx is ongoing costs (costs of operations) such as leasing software. If you purchased software as a one-off purchase, that would be CapEx, but leasing software is ongoing so it’s OpEx.