The latest Microsoft AZ-900 Azure Fundamentals certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-900 Azure Fundamentals exam and earn Microsoft AZ-900 Azure Fundamentals certification.
Question 751
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Statement 1: To implement an Azure Multi-Factor Authentication (MFA) solution, you must sync on-premises identities to the cloud: No
Statement 2: Two valid methods for Azure Multi-Factor Authentication (MFA) are picture identification and a passport number: No
Statement 3: Azure Multi-Factor Authentication (MFA) can be required for administrative and non-administrative user accounts: Yes
Explanation
Statement 1: To implement an Azure Multi-Factor Authentication (MFA) solution, you must sync on-premises identities to the cloud: No
It is not true that you must deploy a federation solution or sync on-premises identities to the cloud. You can have a cloud-only environment and use MFA.
Statement 2: Two valid methods for Azure Multi-Factor Authentication (MFA) are picture identification and a passport number: No
Picture identification and passport numbers are not valid MFA authentication methods. Valid methods include: Password, Microsoft Authenticator App, SMS and Voice call.
Statement 3: Azure Multi-Factor Authentication (MFA) can be required for administrative and non-administrative user accounts: Yes
You can configure MFA to be required for administrator accounts only or you can configure MFA for any user account.
Question 752
Which two types of customers are eligible to use Azure Government to develop a cloud solution?
A. a Canadian government contractor
B. a European government contractor
*C. a United States government entity
*D. a United States government contractor
E. a European government entity
Explanation
Azure Government is a cloud environment specifically built to meet compliance and security requirements for US government. This mission-critical cloud delivers breakthrough innovation to U.S. government customers and their partners. Azure Government applies to government at any level — from state and local governments to federal agencies including Department of Defense agencies.
The key difference between Microsoft Azure and Microsoft Azure Government is that Azure Government is a sovereign cloud. It’s a physically separated instance of Azure, dedicated to U.S. government workloads only. It’s built exclusively for government agencies and their solution providers.
Question 753
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Statement 1: Azure Active Directory (Azure AD) requires the implementation of domain controllers on Azure virtual machines: No
Statement 2: Azure Active Directory (Azure AD) provides authentication services for resources hosted in Azure and Microsoft 365: Yes
Statement 3: Each user account in Azure Active Directory (Azure AD) can be assigned only one license: No
Explanation
Statement 1: Azure Active Directory (Azure AD) requires the implementation of domain controllers on Azure virtual machines: No
Azure Active Directory (Azure AD) is a cloud-based service. It does not require domain controllers on virtual machines.
Statement 2: Azure Active Directory (Azure AD) provides authentication services for resources hosted in Azure and Microsoft 365: Yes
Azure Active Directory (Azure AD) is a centralized identity provider in the cloud. This is the primary built-in authentication and authorization service to provide secure access to Azure resources and Microsoft 365.
Statement 3: Each user account in Azure Active Directory (Azure AD) can be assigned only one license: No
User accounts in Azure Active Directory can be assigned multiple licenses for different Azure or Microsoft 365 services.
Question 754
Your company has an Azure subscription that contains resources in several regions.
You need to ensure that administrators can only create resources in those regions.
What should you use?
A. a read-only lock
*B. an Azure policy
C. a management group
D. a reservation
Question 755
What should you use to evaluate whether your company’s Azure environment meets regulatory requirements?
A. Azure Service Health
B. Azure Knowledge Center
*C. Azure Security Center
D. Azure Advisor
Explanation
The advanced monitoring capabilities in Security Center lets you track and manage compliance and governance over time. The overall compliance provides you with a measure of how much your subscriptions are compliant with policies associated with your workload.
Question 756
To complete the sentence, select the appropriate option in the answer area.
You can view your company’s regulatory compliance report from __________.
Answer Area:
A. Azure Advisor
B. Azure Analysis Services
C. Azure Monitor
*D. Azure Security Center
Explanation
The advanced monitoring capabilities in Security Center lets you track and manage compliance and governance over time. The overall compliance provides you with a measure of how much your subscriptions are compliant with policies associated with your workload.
Question 757
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Statement 1: Authorization to access Azure resources can be provided only to Azure Active Directory (Azure AD) users: No
Statement 2: Identities stored in Azure Active Directory (Azure AD), third-party cloud services, and on-premises Active Directory can be used to access Azure resources: Yes
Statement 3: Azure has built-in authentication and authorization services that provide secure access to Azure resources: Yes
Explanation
Statement 1: Authorization to access Azure resources can be provided only to Azure Active Directory (Azure AD) users: No
Authorization to access Azure resources can be provided by other identity providers by using federation. A commonly used example of this is to federate your on-premises Active Directory environment with Azure AD and use this federation for authentication and authorization.
Statement 2: Identities stored in Azure Active Directory (Azure AD), third-party cloud services, and on-premises Active Directory can be used to access Azure resources: Yes
As described above, third-party cloud services and on-premises Active Directory can be used to access Azure resources. This is known as ‘federation’.
Federation is a collection of domains that have established trust. The level of trust may vary, but typically includes authentication and almost always includes authorization. A typical federation might include a number of organizations that have established trust for shared access to a set of resources.
Statement 3: Azure has built-in authentication and authorization services that provide secure access to Azure resources: Yes
Azure Active Directory (Azure AD) is a centralized identity provider in the cloud. This is the primary built-in authentication and authorization service to provide secure access to Azure resources.
Question 758
Your company plans to migrate all on-premises data to Azure.
You need to identify whether Azure complies with the company’s regional requirements.
What should you use?
A. the Knowledge Center
B. Azure Marketplace
C. the MyApps portal
*D. the Trust Center
Explanation
Azure has more than 90 compliance certifications, including over 50 specific to global regions and countries, such as the US, the European Union, Germany, Japan, the United Kingdom, India and China.
You can view a list of compliance certifications in the Trust Center to determine whether Azure meets your regional requirements.
Question 759
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Statement 1: An Azure resource can have multiple Delete locks: Yes
Statement 2: An Azure resource inherits locks from its resource group: Yes
Statement 3: If an Azure resource has a Read-only lock, you can add a Delete lock to the resource: Yes
Question 760
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Statement 1: Azure China is operated by Microsoft: No
Statement 2: Azure Government is operated by Microsoft: Yes
Statement 3: Azure Government is available only to US government agencies and their partners: Yes