You have an Azure subscription that uses Microsoft Defender for Cloud. You have accounts for the following cloud services:
• Alibaba Cloud
• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)
What can you add to Defender for Cloud?
You have an Azure subscription.
You plan to deploy a new Conditional Access policy named CAPolicy1.
You need to use the What If tool to evaluate how CAPolicy1 will affect uter1. The solution must minimize the impact of CAPolicy1 on the users.
To what should you set the Enable policy setting for CAPolicy1?
Your on-premises network contains a Hyper-V virtual machine named VM1. You need to use Azure Arc to onboard VM1 to Microsoft Defender for Cloud. What should you install first?
You network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. The tenant contains the users shown in the following table.
The tenant contains the groups shown in the following table.
You configure a multi-factor authentication (MFA) registration policy that and the following settings:
Assignments:
Include: Group1
Exclude Group2
Controls: Require Azure MFA registration
Enforce Policy: On
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a hybrid configuration of Azure Active Directory (Azure AD).
You have an Azure HDInsight cluster on a virtual network.
You plan to allow users to authenticate to the cluster by using their on-premises Active Directory credentials.
You need to configure the environment to support the planned authentication.
Solution: You deploy an Azure AD Application Proxy.
Does this meet the goal?
You have an Azure subscription that uses Microsoft Defender for Cloud. The subscription contains the Azure Policy definitions shown in the following table.
Which definitions can be assigned as a security policy in Defender for Cloud?
You have an Azure subscription that contains an Azure web app named Appl.
You plan to configure a Conditional Access policy for Appl. The solution must meet the following requirements:
• Only allow access to App1 from Windows devices.
• Only allow devices that are marked as compliant to access Appl.
Which Conditional Access policy settings should you configure? To answer, drag the appropriate settings to the correct requirements. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You have an on-premises server named Server1.
You have an Azure subscription that contains a Microsoft Sentinel workspace named Sentinel 1.
You install the Windows Firewall solution in Sentinel1.
You need to use Microsoft Sentinel to monitor Windows Defender Firewall on Server1.
What should you install on Server1, and what should you create in the Azure subscription? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
You need to ensure that ServerAdmins can perform the following tasks:
Create virtual machines in RG1 only.
Connect the virtual machines to the existing virtual networks in RG2 only.
The solution must use the principle of least privilege.
Which two role-based access control (RBAC) roles should you assign to ServerAdmins? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains a web app named App1 and an Azure key vault named Vault1.
You need to configure App1 to store and access the secrets in Vault1.
How should you configure App1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
