Show
December 8, 2022 Contributed by: C When using the Microsoft Azure Resource Manager to provision virtual machines in your Citrix Virtual Apps or Citrix Virtual Desktops service deployment, get familiar with the following:
To set up your Microsoft Azure Resource Manager, see Set up resource location. Where to go next
More information
Was this helpful Send us your feedback Instructions for Contributors
Microsoft Azure Resource Manager cloud environments December 8, 2022 Contributed by: C December 8, 2022 Contributed by: C In this article
Was this helpful Send us your feedback Instructions for Contributors Question 101 To complete the sentence, select the appropriate option in the answer area. (Describe general security and network security features) A resource group is a logical container for Azure resources.
Resource groups make the management of Azure resources easier. Reference: Question 102 Your company has virtual machines (VMs) hosted in Microsoft Azure. The VMs are located in a single Azure virtual network named VNet1. What should you Configure a Site-to-Site (S2S) VPN. Configure a VNet-toVNet VPN. Configure a Point-to-Site (P2S) VPN. Configure DirectAccess on a Windows Server 2012 server VM. Configure a Multi-Site VPN Answer is Configure a Point-to-Site (P2S) VPN. A Point-to-Site (P2S) VPN gateway connection lets you create a secure
connection to your virtual network from an individual client computer. Reference: Question 103 How can the IT department ensure that employees at the company's retail stores can
access company applications only from approved tablet devices? SSO Conditional Access Multifactor authentication Answer is Conditional Access Conditional Access enables you to require users to access your applications only from approved, or managed, devices. Question 104 How can the IT department use biometric properties, such as facial recognition, to enable delivery drivers to prove their identities? SSO Conditional Access Multifactor authentication Answer is Multifactor authentication Authenticating through multifactor authentication can include something the user knows, something the user has, and something the user is. Question 105 How can the IT department reduce the number of times users must authenticate to access multiple applications? SSO Conditional Access Multifactor authentication Answer is SSO SSO enables a user to remember only one ID and one password to access multiple applications. Question 106 How can companies allow some users to control the virtual machines in each environment but prevent them from modifying networking and other resources in the same resource group or Azure
subscription? Create a role assignment through Azure role-based access control (Azure RBAC). Create a policy in Azure Policy that audits resource usage. Split the environment into separate resource groups. Answer is Create a role assignment through Azure role-based access control (Azure RBAC). Azure RBAC enables you to create roles that define access permissions. You might create one role that limits access only to virtual machines and a second role that provides administrators with access to everything. Question 107 Which is the best way for companies to ensure that they only deploy cost-effective virtual machine SKU sizes? Create a policy in Azure Policy that specifies the allowed SKU sizes. Periodically inspect the deployment manually to see which SKU sizes are used. Create an Azure RBAC role that defines the allowed virtual machine SKU sizes. Answer is Create a policy in Azure Policy that specifies the allowed SKU sizes. After you enable this policy, that policy is applied when you create new virtual machines or resize existing ones. Azure Policy also evaluates any current virtual machines in your environment. Question 108 Which is likely the best way for companies to identify which billing department each Azure resource belongs to? Track resource usage in a spreadsheet. Split the deployment into separate Azure subscriptions, where each subscription belongs to its own billing department. Apply a tag to each resource that includes the associated billing department. Answer is Apply a tag to each resource that includes the associated billing department. Tags provide extra information, or metadata, about your resources. They might create a tag that's named BillingDept whose value would be the name of the billing department. You can use Azure Policy to ensure that the proper tags are assigned when resources are provisioned. Question 109 Where can the company access details about the personal data Microsoft processes and how the company processes it, including for Cortana? Microsoft Privacy Statement The Azure compliance documentation Microsoft compliance offerings Answer is Microsoft Privacy Statement The Microsoft Privacy Statement provides information that's relevant to specific services, including Cortana. Question 110 Where can a legal team access information around how
the Microsoft cloud helps them secure sensitive data and comply with applicable laws and regulations? Microsoft Privacy Statement Trust Center Online Services Terms Answer is Trust Center The Trust Center is a great resource for people in your organization who might play a role in security, privacy, and compliance. Previous QuestionNext Question Quick access to all questions in this examWhich feature restrict which virtual machine types can be created in a subscription?Correct Answer
Azure Policy: Restrict which virtual machine types can be created in a subscription. Azure tags: Identify Azure resources that are associated with specific cost centers. Azure Blueprints: Deploy a complete Azure application environment including resources configuration and role assignments.
Which situation will prevent a virtual machine VM from being migrated from an onFollowing are the situations which can hinder a virtual machine (VM) from being migrated from an on-premises environment to Azure; Moving large amounts go data at once. Sufficient bandwidth data transfer and potential downtime that can occur for Production VMs running business operations.
How to move VM from one subscription to another subscription in Azure?Use the Azure portal to move a VM to a different subscription. Go to the Azure portal to manage the resource group containing the VM to move. ... . Choose the resource group containing the VM that you would like to move.. At the top of the page for the resource group, select Move and then select Move to another subscription.. Can be used to prevent VMs being created in specific resource groups?In this question, we would create an Azure policy assigned to the resource group that denies the creation of virtual machines in the resource group. You could place a read-only lock on the resource group. However, that would prevent the creation of any resources in the resource group, not virtual machines only.
|