| Question.86 How can the IT department use biometric properties, such as facial recognition, to enable delivery drivers to prove their identities? (A) SSO (B) Conditional Access (C) Multifactor authentication |
86. Click here to View Answer
Answer is (C) Multifactor authentication
Authenticating through multifactor authentication can include something the user knows, something the user has, and something the user is.
| Question.87 How can the IT department reduce the number of times users must authenticate to access multiple applications? (A) SSO (B) Conditional Access (C) Multifactor authentication |
87. Click here to View Answer
Answer is (A) SSO
SSO enables a user to remember only one ID and one password to access multiple applications.
| Question.88 How can companies allow some users to control the virtual machines in each environment but prevent them from modifying networking and other resources in the same resource group or Azure subscription? (A) Create a role assignment through Azure role-based access control (Azure RBAC). (B) Create a policy in Azure Policy that audits resource usage. (C) Split the environment into separate resource groups. |
88. Click here to View Answer
Answer is (A) Create a role assignment through Azure role-based access control (Azure RBAC).
Azure RBAC enables you to create roles that define access permissions. You might create one role that limits access only to virtual machines and a second role that provides administrators with access to everything.
| Question.89 Which is the best way for companies to ensure that they only deploy cost-effective virtual machine SKU sizes? (A) Create a policy in Azure Policy that specifies the allowed SKU sizes. (B) Periodically inspect the deployment manually to see which SKU sizes are used. (C) Create an Azure RBAC role that defines the allowed virtual machine SKU sizes. |
89. Click here to View Answer
Answer is (A) Create a policy in Azure Policy that specifies the allowed SKU sizes.
After you enable this policy, that policy is applied when you create new virtual machines or resize existing ones. Azure Policy also evaluates any current virtual machines in your environment.
| Question.90 Which is likely the best way for companies to identify which billing department each Azure resource belongs to? (A) Track resource usage in a spreadsheet. (B) Split the deployment into separate Azure subscriptions, where each subscription belongs to its own billing department. (C) Apply a tag to each resource that includes the associated billing department. |
90. Click here to View Answer
Answer is (C) Apply a tag to each resource that includes the associated billing department.
Tags provide extra information, or metadata, about your resources. They might create a tag that’s named BillingDept whose value would be the name of the billing department. You can use Azure Policy to ensure that the proper tags are assigned when resources are provisioned.