| Question.11 This question requires that you evaluate the underlined text to determine if it is correct. Your Azure Active Directory Azure (Azure AD) tenant has an Azure subscription linked to it. Your developer has created a mobile application that obtains Azure AD access tokens using the OAuth 2 implicit grant type. The mobile application must be registered in Azure AD. You require a redirect URI from the developer for registration purposes. Instructions: Review the underlined text. If it makes the statement correct, select `No change is needed.` If the statement is incorrect, select the answer choice that makes the statement correct. (A) No change required. (B) a secret (C) a login hint (D) a client ID |
11. Click here to View Answer
Correct Answer: A
| Question.12 You are creating an Azure key vault using PowerShell. Objects deleted from the key vault must be kept for a set period of 90 days. Which two of the following parameters must be used in conjunction to meet the requirement? (Choose two.) (A) EnabledForDeployment (B) EnablePurgeProtection (C) EnabledForTemplateDeployment (D) EnableSoftDelete |
12. Click here to View Answer
Correct Answer: BD
| Question.13 HOTSPOT – You have an Azure Active Directory (Azure AD) tenant. You want to implement multi-factor authentication by making use of a conditional access policy. The conditional access policy must be applied to all users when they access the Azure portal. Which three settings should you configure? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point. Hot Area:  |
13. Click here to View Answer
Correct Answer:
Box 1:
The conditional access policy must be applied or assigned to Users and Groups.
Box 2:
The conditional access policy must be applied when users access the Azure portal, which is a cloud app. That is: Microsoft Azure Management
Box 3:
Access control must require multi-factor authentication when granting access.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-mfa
| Question.14 You manage an Azure SQL database that allows for Azure AD authentication. You need to make sure that database developers can connect to the SQL database via Microsoft SQL Server Management Studio (SSMS). You also need to make sure the developers use their on-premises Active Directory account for authentication. Your strategy should allow for authentication prompts to be kept to a minimum. Which of the following should you implement? (A) Azure AD token. (B) Azure Multi-Factor authentication. (C) Active Directory integrated authentication. (D) OATH software tokens. |
14. Click here to View Answer
Correct Answer: C
| Question.15 You are developing an application to transfer data between on-premises file servers and Azure Blob storage. The application stores keys, secrets, and certificates in Azure Key Vault and makes use of the Azure Key Vault APIs. You want to configure the application to allow recovery of an accidental deletion of the key vault or key vault objects for 90 days after deletion. What should you do? (A) Run the Add-AzKeyVaultKey cmdlet. (B) Run the az keyvault update –enable-soft-delete true –enable-purge-protection true CLI. (C) Implement virtual network service endpoints for Azure Key Vault. (D) Run the az keyvault update –enable-soft-delete false CLI. |
15. Click here to View Answer
Correct Answer: B