| Question.76 Which of the following lets you grant users only the rights they need to perform their jobs? (A) Azure Policy (B) Compliance Manager (C) Role-Based Access Control |
76. Click here to View Answer
Answer is (C) Role-Based Access Control (RBAC). RBAC lets you to grant users only the rights they need to perform their jobs.
| Question.77 Which of these options helps you most easily disable an account when an employee leaves your company? (A) Enforce multi-factor authentication (MFA) (B) Monitor sign-on attempts (C) Use single sign-on (SSO) |
77. Click here to View Answer
Answer is (C) Use single sign-on (SSO). SSO centralizes user identity, so you can disable an inactive account in a single step.
| Question.78 What is Azure Information Protection? (A) AIP is a cloud-based solution that helps organizations classify and (optionally) protect its documents and emails by applying labels. Labels can be applied automatically (by administrators who define rules and conditions), manually (by users), or with a combination of both (where users are guided by recommendations). (B) AIP is a cloud-based security solution that identifies, detects, and helps you investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. (C) AIP is a monitoring service that provides threat protection across all of your services both in Azure, and on-premises. |
78. Click here to View Answer
Answer is (A) AIP is a cloud-based solution that helps organizations classify and (optionally) protect its documents and emails by applying labels. Labels can be applied automatically (by administrators who define rules and conditions), manually (by users), or with a combination of both (where users are guided by recommendations).
AIP helps you to track and secure the usage of your company’s intellectual property.
| Question.79 Which of the following items would be good use of a resource lock? (A) An ExpressRoute circuit with connectivity back to your on-premises network (B) A non-production virtual machine used to test occasional application builds (B) A storage account used to temporarily store images processed in a development environment |
79. Click here to View Answer
Answer is (A) An ExpressRoute circuit with connectivity back to your on-premises network
Protection this mission critical resource from accidental deletion is a great idea.
| Question.80 Which of the following approaches would be the most efficient way to ensure a naming convention was followed across your subscription? (A) Send out an email with the details of your naming conventions and hope it is followed. (B) Create a policy with your naming requirements and assign it to the scope of your subscription (C) Give all other users except for yourself read-only access to the subscription. Have all requests to create resources sent to you so you can review the names being assigned to resources, and then create them. |
80. Click here to View Answer
Answer is (B) Create a policy with your naming requirements and assign it to the scope of your subscription
Using Azure Policy ensures that you can not only recommend a naming standard but report on its adoption.