|Exam Name||:||Microsoft Azure Integration and Security?|
|Questions and Answers||:||67 Q & A|
|Updated On||:||Click to Check Update|
|PDF Download Mirror||:||AZ-101 Brain Dump|
|Get Full Version||:||Pass4sure AZ-101 Full Version|
You have an Azure Active Directory (Azure AD) tenant named Tenant1 and an Azure subscription named You enable Azure AD Privileged Identity Management. You need to secure the members of the Lab Creator role. The solution must ensure that the lab creators request access when they create labs. What should you do first?
From Azure AD Privileged Identity Management, edit the role settings for Lab Creator.
From Subscription1 edit the members of the Lab Creator role.
From Azure AD Identity Protection, creates a user risk policy.
From Azure AD Privileged Identity Management, discover the Azure resources of Conscription.
As a Privileged Role Administrator you can:
Enable approval for specific roles
Specify approver users and/or groups to approve requests
View request and approval history for all privileged roles
You create an Azure subscription that is associated to a basic Azure Active Directory (Azure AD) tenant. You need to receive an email notification when any user activates an administrative role. What should you do?
Purchase Azure AD Premium 92 and configure Azure AD Privileged Identity Management,
Purchase Enterprise Mobility + Security E3 and configure conditional access policies.
Purchase Enterprise Mobility + Security E5 and create a custom alert rule in Azure Security Center.
Purchase Azure AD Premium PI and enable Azure AD Identity Protection.
When key events occur in Azure AD Privileged Identity Management (PIM), email
notifications are sent. For example, PIM sends emails for the following events:
When a privileged role activation is pending approval
When a privileged role activation request is completed
When a privileged role is activated
When a privileged role is assigned
When Azure AD PIMis enabled
You have an Azure Active Directory (Azure AD) tenant that contains three global administrators named Admin1, Admin2, and Admin3.
The tenant is associated to an Azure subscription. Access control for the subscription is configured as shown in the Access control exhibit. (Click the Exhibit tab.)
You sign in to the Azure portal as Admin1 and configure the tenant as shown in the Tenant exhibit. (Click the Exhibit tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure Active Directory (Azure AD) tenant. You have an existing Azure AD conditional access policy named Policy1. Policy1 enforces the use of Azure AD- joined devices when members of the Global Administrators group authenticate to Azure AD from untrusted locations. You need to ensure that members of the Global Administrators group will also be forced to use multi- factor authentication when authenticating from untrusted locations. What should you do?
From the multi-factor authentication page, modify the service settings.
From the multi-factor authentication page, modify the user settings.
From the Azure portal, modify grant control of Policy1.
From the Azure portal, modify session control of Policy1.
There are two types of controls:
Grant controls– To gate access
Session controls– To restrict access to a session
Grant controls oversee whether a user can complete authentication and reach the resource that they’re attempting to sign-in to. If you have multiple controls selected, you can configure whether all of them are required when your policy is processed. The current implementation of Azure Active Directory enables you to set the following grant control requirements:
You have an Azure subscription. You enable multi-factor authentication for all users. Some users report that the email applications on their mobile device cannot co browser and from Microsoft Outlook 2016 on their computer.
You need to ensure that the users can use the email applications on their mobile device. What should you instruct the users to do?
The users can access Exchange Online by using a web
Enable self-service password reset.
Create an app password.
Reset the Azure Active Directory (Azure AD) password.
Reinstall the Microsoft Authenticator app.
You have an Azure subscription named Subscription1 and two Azure Active Directory (Azure AD) tenants named Tenant1 and Tenant2.
Subscnption1 is associated to Tenant1 Multi-factor authentication (MFA) is enabled for all the users in Tenant1.
You need to enable MFA for the users in Tenant2. The solution must maintain MFA forTenant1. What should you do first?
Transfer the administration of Subscription1 to a global administrator of Tenants.
Configure the MFA Server setting in Tenant1.
Create and link a subscription to Tenant2.
Change the directory for Subscription1.