👉Get Full PDF
| Question.36 You are developing an app that will read activity logs for an Azure subscription by using Azure Functions. You need to recommend an authentication solution for Azure Functions. The solution must minimize administrative effort. What should you include in the recommendation? (A) an enterprise application in Azure AD (B) system-assigned managed identities (C) shared access signatures (SAS) (D) application registration in Azure AD |
36. Click here to View Answer
Answer: B
Explanation:
system-assigned managed identities reduce administrative efforts – B makes more sense
https://learn.microsoft.com/en-us/azure/app-service/overview-authentication-authorization
| Question.37 Your company has the divisions shown in the following table.  Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1. You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1. What should you recommend? (A) Configure Azure AD join. (B) Use Azure AD entitlement management to govern external users. (C) Enable Azure AD pass-through authentication and update the sign-in endpoint. (D) Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management (PIM). |
37. Click here to View Answer
Answer: B
Explanation:
Use Azure AD entitlement management to govern external users.many times repeated
| Question.38 Your company has the divisions shown in the following table.  Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1. You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1. What should you recommend? (A) Configure Azure AD join. (B) Configure Azure AD Identity Protection. (C) Use Azure AD entitlement management to govern external users. (D) Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management (PIM). |
38. Click here to View Answer
Answer: C
Explanation:
When you reach here, this question will no longer be challenging.
| Question.39 You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation? (A) Azure Activity Log (B) Azure Arc (C) Azure Analysis Services (D) Azure Monitor metrics |
39. Click here to View Answer
Answer: A
Explanation:
Azure activity log contains required data.
| Question.40 HOTSPOT – You have an Azure subscription that contains an Azure key vault named KV1 and a virtual machine named VM1. VM1 runs Windows Server 2022: Azure Edition. You plan to deploy an ASP.Net Core-based application named App1 to VM1. You need to configure App1 to use a system-assigned managed identity to retrieve secrets from KV1. The solution must minimize development effort. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.  |
40. Click here to View Answer
Answer:
Explanation:
Client Credentials grant flows
OAuth2 Access Token endpoint of azure ad