分类
软件类

Microsoft 365 认证:消息管理员助理 MS-203

MS-203认证介绍

Microsoft 365 消息传送管理员计划、部署、配置和保护混合和云企业环境中的消息传送基础结构并对其进行故障排除。
他们负责管理收件人、邮箱、传输、邮件流、管理角色、威胁防护、合规性、迁移和客户端连接。
消息传送管理员与其他工作负载管理员和 Microsoft 365 企业版管理员协作,以实现可满足企业业务需求的安全混合或纯云消息传送拓扑。
消息传送管理员应在身份验证类型、许可和与 Microsoft 365 应用程序的集成方面具备实际应用知识。

工作角色:管理员
要求的考试:MS-203

MS-203考试大纲

This list contains the skills measured on the exam associated with this certification. For more detailed information, visit the exam details page and download the study guide.
Manage organizational settings and resources
Plan and manage the mail transport architecture
Plan and implement a hybrid configuration and migration
Secure the messaging environment

MS-203学习路径

MS-203 在 Microsoft 365 中管理传输管道


MS-203 管理和排查 Microsoft 365 中的邮件流问题


MS-203 管理 Microsoft 365 的消息安全性


MS-203 管理 Microsoft 365 中的合规性


MS-203 管理 Microsoft 365 消息传送环境

微软docs上,给出了MS-203完整的学习路径,https://docs.microsoft.com/zh-cn/certifications/m365-messaging-administrator/

MS-203考试报名

扫码添加微信 免费咨询
分类
软件类

Microsoft 365 认证:安全管理员助理 MS-500

MS-500认证介绍

Microsoft 365 安全管理员主动保护 Microsoft 365 企业和混合环境,实施和管理安全和合规性解决方案,响应威胁并实施数据治理。

工作角色:管理员
要求的考试:MS-500

MS-500考试大纲

This list contains the skills measured on the exam associated with this certification. For information about upcoming or recent changes, see the associated exam details page and download the exam skills outline.
Implement and manage identity and access
Implement and manage threat protection
Implement and manage information protection
Manage governance and compliance features in Microsoft 365

MS-500学习路径

MS-500 第 1 部分 – 实现和管理标识和访问


MS-500 第 2 部分 – 实现和管理威胁防护


MS-500 第 3 部分 – 实现和管理信息保护


MS-500 第 4 部分:管理 Microsoft 365 中的治理和合规性功能

微软docs上,给出了MS-500完整的学习路径,

https://docs.microsoft.com/zh-cn/certifications/m365-security-administrator/

MS-500考试报名

扫码添加微信 免费咨询
分类
软件类

Microsoft 365 认证:新式桌面管理员助理 MD-100 + MD-101

现代桌面管理员在企业环境中部署、配置、保护、管理和监控设备和客户端应用程序。

工作角色:管理员
要求的考试:MD-100  MD-101

MD-100: Windows 客户端

MD-101: Managing Modern Desktops

MD-100介绍

MD-100: Windows 客户端

此考试的考生是具备在域基础结构中安装、配置和维护 Microsoft Windows 客户端这类学科专业知识的 IT 专业人员。责任包括保护和维护 Windows 设备的可靠性以及存储在设备上的数据。此考试的考生在 Azure Active Directory环境中管理 Windows 客户端。此考试的考生可以与 Microsoft 365 企业管理员、Microsoft 365 安全管理员和 Windows Server 管理员协作,以实现满足组织业务需求的新式桌面和设备策略。
此考试的考生必须熟悉设备管理、客户端计算机网络、基于策略的管理和基于云的解决方案。

MD-100考试大纲

安装和配置 Windows (20-25%)
配置并管理连接和存储 (15-20%)
维护 Windows (30-35%)
保护设备和数据 (25-30%)

MD-100学习路径

MD-100 安装 Windows 客户端


MD-100 配置授权和身份验证


MD-100 配置安装后设置和个性化


MD-100 在 Windows 客户端上配置网络


MD-100 在 Windows 客户端上配置存储

微软docs上,给出了MD-100完整的学习路径,

https://docs.microsoft.com/zh-cn/certifications/exams/md-100

MD-101介绍

此考试的考生是具备在域基础结构中安装、配置和维护 Windows 客户端这类学科专业知识的 IT 专业人员。责任包括保护和维护 Windows 设备的可靠性以及存储在设备上的数据。此考试的考生在 Active Directory 环境中管理 Windows 客户端。此考试的考生可以与 Microsoft 365 企业管理员、Microsoft 365 安全管理员和 Windows Server 管理员协作,以实现满足组织业务需求的新式桌面和设备策略。
此考试的考生必须熟悉设备管理、客户端计算机网络、基于策略的管理和基于云的解决方案。

MD-101考试大纲

部署 Windows 客户端 (25-30%)
管理身份和访问 (10-15%)
管理合规性策略和配置文件 (10-15%)
管理、维护和保护设备 (25-30%)
管理应用 (10-15%)

MD-101学习路径

MD-101 探索新式管理


MD-101 实施设备注册


MD-101 配置用户和设备配置文件


MD-101 浏览应用程序管理


MD-101 管理身份验证和合规性

微软docs上,给出了MD-101完整的学习路径,

https://docs.microsoft.com/zh-cn/certifications/exams/md-101

考试报名

扫码添加微信 免费咨询
分类
软件类

Microsoft 认证:Azure 网络工程师助理 AZ-700

az-700介绍

参加 Azure 网络工程师助理认证的考生应具备规划、实施和维护 Azure 网络解决方案(包括混合网络、连接、路由、安全性和对 Azure 服务的专用访问)方面的学科知识专长。
担任此角色的职责包括建议、规划和实现 Azure 网络解决方案。担任此角色的专业人员负责管理性能、复原能力、规模和安全性的解决方案。他们使用 Azure 门户和其他方法部署网络解决方案,包括 PowerShell、Azure 命令行接口 (CLI) 和 Azure 资源管理器模板(ARM 模板)。
Azure 网络工程师与解决方案架构师、云管理员、安全工程师、应用程序开发人员和 DevOps 工程师合作,提供 Azure 解决方案。
除了在网络、混合连接和网络安全方面的丰富经验和知识外,此认证的考生还应具备 Azure 管理专家技能。

工作角色:网络工程师
要求的考试:AZ-700

az-700考试大纲

Design, implement, and manage hybrid networking
Design and implement core networking infrastructure
Design and implement routing
Secure and monitor networks
Design and implement Private access to Azure Services

az-700学习路径

设计和实现 Microsoft Azure 网络解决方案

微软docs上,给出了AZ-700完整的学习路径,

https://docs.microsoft.com/zh-cn/certifications/azure-network-engineer-associate/

az-700报考联系

扫码添加微信 免费咨询
分类
软件类

Microsoft 认证:Azure 安全工程师助理 AZ-500

az-500认证介绍

参加 Azure 安全工程师助理认证的考生应具备实施 Azure 安全控制(作为端到端基础结构的一部分,保护云和混合环境中的标识、访问、数据、应用程序和网络)方面的学科知识专长。
Azure 安全工程师的职责包括管理安全状况,识别和补救漏洞,实施威胁建模,实施威胁保护以及对安全事件升级做出响应。
Azure 安全工程师通常作为更大团队的一员来规划和实施基于云的管理和安全。
此认证的考生应具有管理 Azure 和混合环境的实践经验。考生应具备基础设施即代码、安全操作过程、云功能和 Azure 服务方面的经验。

工作角色:安全工程师
要求的考试:AZ-500

az-500学习路径

1.管理标识和访问

2.实现平台保护

3.保护数据和应用程序

4.管理安全操作

微软docs上,给出了AZ-500完整的学习路径,

https://docs.microsoft.com/zh-cn/certifications/azure-security-engineer/

az-500考试报名

扫码添加微信 免费咨询
分类
软件类

Microsoft 认证:DevOps 工程师专家 AZ-104/AZ-204 + AZ-400

认证介绍

DevOps工程师是开发人员或基础结构管理员,他们同时还是与人员协作、流程和产品方面的行业专家,可以实现组织的价值持续交付。
担任此角色的职责包括设计和实施协作、代码、基础结构、源代码控制、安全性、合规性、持续整合、测试、交付、监视和反馈的策略。
DevOps 工程师负责跨职能团队,其中包括开发人员、站点可靠性工程师和 Azure 管理员。
参加该认证的考生必须具备在 Azure 中管理和开发的经验,并且至少在其中一个领域具有很强的技能。他们应熟悉 Azure DevOps 和 GitHub。

认证先决条件

1.Microsoft 认证:Azure 管理员助理 (AZ-104)
Azure 管理员实施、管理和监控组织的 Microsoft Azure 环境。

2.Microsoft 认证:Azure 开发人员助理 (AZ-204)

Azure 开发人员设计、构建、测试和维护云端应用程序和服务。

3.两者2选1

AZ-104介绍

参加AZ104考试,可以获得AZ-104: Microsoft Azure Administrator认证。
获得该认证的考生,可以实施、管理和监控组织的 Microsoft Azure 环境。
担任此角色的职责包括在云端环境中实施、管理和监控身份,治理、存储、计算和虚拟网络,以及在需要时提供、重设大小、监控和调整资源。
Azure 管理员通常在一个较大团队中致力于实现组织的云基础结构。
参加该考试的考生应至少具有六个月的Azure管理实践经验,并对核心 Azure 服务、Azure工作负荷、安全性和治理有深刻的了解。此外,该角色应具有使用 PowerShell、Azure CLI、Azure 门户和 Azure Resource Manager 模板的经验。

az-104考试大纲

管理 Azure 标识和治理 (15 – 20%)
实现和管理存储 (15 – 20%)
部署和管理 Azure 计算资源 (20 – 25%)
配置和管理虚拟网络 (20 – 25%)
监视和维护 Azure 资源 (10 – 15%)

az-104学习路径

了解成为 Azure 管理员所需了解的Azure 基本概念。下面是 AZ-104 Azure 管理员系列中的学习路径:

1.成为Azure管理员的先决条件


2.在Azure管理标识和治理措施


3.在 Azure 中实现和管理存储

4.部署和管理 Azure 计算资源


5.为Azure管理员配置和管理虚拟网络

6.监视和备份 Azure 资源

微软docs上,给出了AZ-104完整的学习路径,

https://docs.microsoft.com/zh-cn/training/paths/az-104-administrator-prerequisites/

az-204介绍

参加此考试的考生是云开发人员,他们将参与从需求定义和设计到开发、部署和维护的所有开发阶段。他们与云数据库管理员,云管理员和客户合作以实施解决方案。
考生应精通 Azure SDK、数据存储选项、数据连接、API、应用程序身份验证和授权、计算和容器部署、调试、性能调整和监视。
考生应具有 1-2 年的专业开发经验和 Microsoft Azure 的经验。他们应该能够以 Azure 支持的语言进行编程,并且应该熟练使用 Azure CLI、Azure PowerShell 和其他工具。

az-204考试大纲

1.开发 Azure 计算解决方案 (25-30%)
2.开发 Azure 存储(15-20%)
3.实现 Azure 安全性 (20-25%)
4.监控、故障排除并优化 Azure 解决方案(15-20%)
5.连接并使用 Azure 服务和第三方服务 (15-20%)

az-204学习路径

1.创建 Azure 应用服务 Web 应用


2.实现 Azure Functions


3.开发使用 Blob 存储的解决方案


4.开发使用 Azure Cosmos DB 的解决方案


5.实现基础结构作为服务解决方案

微软docs上,给出了AZ-204完整的学习路径,

https://docs.microsoft.com/zh-cn/certifications/exams/az-204

az-400介绍

参加该考试的考生是开发人员或基础结构管理员,他们同时还是与人员协作、流程和产品方面的行业专家,可以实现组织的价值持续交付。
DevOps 工程师必须具备在 Azure 中管理和开发的经验,并且至少在其中一个领域具有很强的技能。他们应熟悉 Azure DevOps 和 GitHub。

az-400考试大纲

配置流程和通信 (10 – 15%)
设计和实现源代码管理 (15 – 20%)
设计和实现生成和发布管道 (40 – 45%)
制定安全性和合规性计划 (10 – 15%)
实现检测策略 (10 – 15%)

az-400学习路径

1.开启 DevOps 转换之旅


2.面向企业 DevOps 进行开发

3.
使用 Azure Pipelines 和 GitHub Actions 实现 CI


4.设计和实现发布策略


5.使用 Azure Pipelines 实现安全的持续部署

微软docs上,给出了AZ-400完整的学习路径,

https://docs.microsoft.com/zh-cn/certifications/exams/az-400

考试报名

扫码添加微信 免费咨询
分类
软件类

微软云Azure基础认证:AZ-900 AI-900 DP-900介绍

认证列表

微软认证体系:AZ-900,AI-900,DP-900是Azure基础级认证,它们构成了助理和专家级认证的基础,可以帮助我们建立知识并熟悉Azure的工作环境。

AZ-900  Microsoft Azure 基础知识
AI-900 Microsoft Azure AI基础知识
DP-900 Microsoft Azure 数据基础知识

AZ-900参加的认证考试为:Microsoft Certified: Azure Fundamentals,代号为AZ900,是Azure的初级认证考试。

Azure Fundamentals 考试是一个证明云概念、Azure 服务、Azure 工作负荷、Azure 安全和隐私以及 Azure 定价和支持等方面知识的机会。考生应熟悉一般技术概念,包括联网、存储、计算、应用程序支持和应用程序开发的概念。
Azure Fundamentals 可用于准备其他基于 Azure 角色的或专业的认证,但这不是其中任何一项的先决条件。

微软docs上,给出了AZ-900完整的学习路径,https://docs.microsoft.com/zh-cn/learn/certifications/azure-fundamentals

AI-900

参加此考试的考生应具有机器学习 (ML) 和人工智能 (AI) 概念以及相关的 Microsoft Azure 服务的基础知识。
这次考试是一次展示常见的 ML和 AI工作负荷以及如何在Azure上实施知识的机会。
该考试适用于具有技术和非技术背景的考生。不需要数据科学和软件工程经验;但是,一些通用的编程知识或经验将是有益的。
Azure AI Fundamentals 可用于准备其他基于 Azure 角色的认证,例如 Azure Data Scientist Associate 或 Azure AI Engineer Associate,但这不是其中任何一个的先决条件。

微软docs上,给出了AI-900完整的学习路径,https://docs.microsoft.com/zh-cn/learn/certifications/azure-ai-fundamentals

DP-900

DP-900的认证目标,掌握云环境中数据处理和数据库使用的基本知识,区别关系型数据库与非关系型数据库数据结构的区别和对应该产品。
DP-900的工作角色包括DBA,数据工程师和数据分析师。DP-900关于数据基础知识,也可用于准备其他基于Azure角色的认证,如Azure数据工程师助理[DP-200/DP-201],Azure数据科学家助理[DP-100]和Azure数据库管理员助理[DP-300] ,但这不是任何这些考试的先决条件。
该考试适用于开始使用云端中的数据的考生。

微软docs上,给出了DP-900完整的学习路径,https://docs.microsoft.com/zh-cn/certifications/exams/dp-900

Azure认证报考联系

扫码添加微信 免费咨询
分类
软件类

2022微软考试 AZ-700:设计和实现 Microsoft Azure 网络解决方案 真题每日一练

You work as a Systems Administrator for your company. The company has recently purchased a subscription to Microsoft 365.
All users in your company have a Microsoft 365 E3 license.
You are in the process of configuring Microsoft Teams.
You need to configure Microsoft Teams to ensure that users within your company can collaborate with users in a partner company. You plan to create guest accounts for users in the partner company.
Users with Guest accounts must not be able to invite other guests.
Only users in the partner company must be able to collaborate with your users by using Microsoft Teams.
Which of the following should you configure?
A. The external sharing settings in the SharePoint Admin Center.
B. The external collaboration settings in Azure Active Directory.
C. The Anonymous users can join a meeting setting the in the Teams Meeting Settings. 

D. The Global Meeting Policy in the Teams Admin Center.

You work as a Systems Administrator for your company. The company has recently purchased a subscription to Microsoft 365.
All users in your company have a Microsoft 365 E3 license.
You are in the process of configuring Microsoft Teams.
You enable Guest access in Microsoft Teams to allow users in your company to collaborate with external users.
A company security policy states that guest users should not be able to use their cameras during Microsoft Teams meetings. Company users should be able to use their cameras during Microsoft Teams meetings.
You need to configure Microsoft Teams to meet the security requirement.
Which of the following actions should you perform in the Microsoft Teams Adm in Center?
A. Configure the External access settings in Org-wide settings.
B. Configure the Teams settings in Org-wide settings.
C. Configure the Guest access settings in Org-wide settings.
D. Configure the Audio & Video settings in the default Meeting Policy


You work as a Microsoft 365 Administrator for your company. All users have Microsoft 365 licenses.
Users frequently collaborate by using private chats in Microsoft Teams.
You need to ensure that a single user is unable to permanently delete private chats. Which of the following should you configure?
A. The user’s Microsoft 365 license options in the Microsoft 365 Admin Center.
B. A meeting policy in Microsoft Teams.
C. A litigation hold on the user’s mailbox.
D. A Sensitivity Label in the Security & Compliance Admin Center.

You work as a Systems Administrator for your company. The company has departments named Sales, Accounts, Research and Production.
The company has recently purchased a subscription to Microsoft 365.
All users in your company have a Microsoft 365 E3 license.
You are in the process of configuring Microsoft Teams. You plan to create a team for each of the company departments.
All users have the Microsoft Teams desktop client installed.
You need to ensure that the Research team is labelled as Confidential when viewed in the Microsoft Teams client.
Which of the following actions should you perform?
A. Configure and publish a Sensitivity Label in the Security & Compliance admin center. 

B. Configure and publish a Retention Label in the Security & Compliance admin center. 

C. Configure a Teams policy in the Microsoft Teams admin center.
D. Configure the Meeting Settings in the Microsoft Teams ad min center.

You work as a Systems Administrator for your company. The company has departments named Sales, Accounts, Research and Production.
The company has a subscription to Microsoft 365. All users in your company have a Microsoft 365 E5 license.
You have configured a Team for each of the departments.
Currently, users in any department can use Microsoft Teams to communicate with users from any other department.
You need to configure the environment to ensure that users in the Research team can only communicate with other users in the Research team by using Microsoft Teams.
What should you do?
A. Configure a Teams Meeting policy.
B. Configure Information Barrier policies. 

C. Configure an App Protection policy. 

D. Configure Conference Bridges.

You work as a Systems Administrator for your company. The company has several departments.
The company has a subscription to Microsoft 365. All users in your company have a Microsoft 365 E5 license.
You have configured a Team for each of the departments.
You need to ensure that you are notified if a user creates a new Team by using the Create a Team option in the Microsoft Teams client.
Which of the following actions should you perform?
A. Configure the External Collaboration settings in the Azure Active Directory admin center.
B. Configure a supervision policy in the Security & Compliance admin center. 

C. Configure an eDiscovery Case in the Security & Compliance admin center. 

D. Configure an alert policy in the Security & Compliance admin center.

Your company has a subscription to Microsoft 365. All users in your company have a Microsoft 365 E5 license.
All users use Microsoft Teams for collaboration.
A manager wants to be able to view the Microsoft Teams usage reports.
You need to assign the manager permission to view the usage reports. The solution
must use the principle of least privilege.
Which of the following actions should you perform?
A. Assign the Teams Communications Administrator role to the manager.

B. Assign the Security Administrator role to the manager.
C· Assign the Reports Reader role to the manager.
D. Assign the Compliance Manager role to the manager.

You work as a Systems Administrator for your company. The company has a subscription to Microsoft 365. All users in your company have a
Microsoft 365 E5 license.
All users in the company use Microsoft Teams for collaboration.
Users report that a team has been deleted in Microsoft Teams. The team was available
yesterday.
You need to restore the deleted team. Which tool should you use?
A. The Microsoft Teams admin center
B. The Microsoft Teams client app
C. The Azure Active Directory admin center 

D. The Exchange Online admin center

Your company has a subscription to Microsoft 365. All users in your company have a Microsoft 365 E5 license.
All users use Microsoft Teams for collaboration.
An Office 365 group contains 300 users including 50 guest accounts. A Microsoft Team has been created from the group.
You need to ensure that the group contains only members and guest accounts that require access to the group. Any members or guest accounts
that are either inactive or no longer require access to the group should be removed. The solution must ensure that group membership is validated every month.
Which of the following should you configure? 

A. A Conditional Access policy
B. A Supervision policy
C. An Access Review 

D. A Teams policy

微软认证AZ-305,AZ-204,AZ-500,AZ-700,MD-100,MD-101,DP-300,DP-900等题库和考试券请扫微信二维码联系老师
分类
软件类

2022微软考试 AZ-500:Microsoft Azure 安全技术 真题每日一练


Your company recently created an Azure subscription.
You have been tasked with making sure that a specified user is able to implement Azure
AD Privileged Identity Management (PIM).
Which of the following is the role you should assign to the user?
A. The Global administrator role.
B. The Security administrator role.
C. The Password administrator role. 

D. The Compliance administrator role.


Your company has an Active Directory forest with a single domain, named weylandindustries.com. They also have an Azure Active Directory (Azure AD) tenant with the same name.
You have been tasked with integrating Active Directory and the Azure AD tenant. You intend to deploy Azure AD Connect.
Your strategy for the integration must make sure that password policies and user logon limitations affect user accounts that are synced to the Azure AD tenant, and that the amount of necessary servers are reduced.
Solution: You recommend the use of pass-through authentication and seamless SSO with password hash synchronization.
Does the solution meet the goal?
A.Yes  B.No


Your company has an Active Directory forest with a single domain, named weylandindustries.com. They also have an Azure Active Directory (Azure AD) tenant with the same name.
You have been tasked with integrating Active Directory and the Azure AD tenant. You intend to deploy Azure AD Connect.
Your strategy for the integration must make sure that password policies and user logon limitations affect user accounts that are synced to the Azure AD tenant, and that the amount of necessary servers are reduced.
Solution: You recommend the use of federation with Active Directory Federation Services (AD FS).
Does the solution meet the goal?

A.Yes  B.No


Your company has an Active Directory forest with a single domain, named weylandindustries.com. They also have an Azure Active Directory (Azure AD) tenant with the same name.
After syncing all on-premises identities to Azure AD, you are informed that users with a givenName attribute starting with LAB should not be allowed to sync to Azure AD.
Which of the following actions should you take?

A. You should make use of the Synchronization Rules Editor to create an attribute- based filtering rule.
B. You should configure a DNAT rule on the Firewall.
C. You should configure a network traffic filtering rule on the Firewall.
D. You should make use of Active Directory Users and Computers to create an attribute-based filtering rule.

You have been tasked with applying conditional access policies for your companyג€TMs current Azure Active Directory (Azure AD).
The process involves assessing the risk events and risk levels.
Which of the following is the risk level that should be configured for users that have leaked credentials?
A. None 

B. Low
C. Medium
D. High

You have been tasked with configuring an access review, which you plan to assigned to a new collection of reviews. You also have to make sure that the reviews can be reviewed by resource owners.
You start by creating an access review program and an access review control.
You now need to configure the Reviewers.
Which of the following should you set Reviewers to?
A. Selected users.

B. Members (Self). 

C. Group Owners

D. Anyone.

Your company recently created an Azure subscription. You have, subsequently, been tasked with making sure that you are able to secure Azure AD roles by making use of Azure Active Directory (Azure AD) Privileged Identity Management (PIM).
Which of the following actions should you take FIRST?
A.You should sign up Azure Active Directory (Azure AD) Privileged Identity Management (PIM) for Azure AD roles.
B.You should consent to Azure Active Directory (Azure AD) Privileged Identity Management (PIM).
C. You should discover privileged roles. 

D. You should discover resources.。


You need to consider the underlined segment to establish whether it is accurate.
You have been tasked with creating a different subscription for each of your companyג€TMs divisions. However, the subscriptions will be linked to a single Azure ActiveDirectory (Azure AD) tenant.
You want to make sure that each subscription has identical role assignments.
You make use of Azure AD Privileged Identity Management (PIM).
Select ג€No adjustment requiredג€ if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option.
A. No adjustment required 

B. Azure Blueprints
C. Conditional access policies 

D. Azure DevOps

Your company has an Azure Container Registry.
You have been tasked with assigning a user a role that allows for the uploading of images to the Azure Container Registry. The role assigned should not require more privileges than necessary.
Which of the following is the role you should assign?
A. Owner
B. Contributor 

C. AcrPush 

D. AcrPull

微软认证AZ-305,AZ-204,AZ-500,AZ-700,MD-100,MD-101,DP-300,DP-900等题库和考试券请扫微信二维码联系老师
分类
软件类

2022微软考试 AZ-305:Microsoft Azure 解决方案架构师专家 真题每日一练


After you migrate App1 to Azure, you need to enforce the data modification requirements to meet the security and compliance requirements.
What should you do?

A.Create an access policy for the blob service.
B.Implement Azure resource locks.
C.Create Azure RBAC assignments.
D.Modify the access level of the blob service.

You have an Azure subscription that contains a custom application named Application1. Application1 was developed by an external company named Fabrikam, Ltd. Developers at Fabrikam were assigned role-based access control (RBAC) permissions to the Application1 components. All users are licensed for the Microsoft 365 E5 plan.
You need to recommend a solution to verify whether the Fabrikam developers still require permissions to Application1. The solution must meet the following requirements:
To the manager of the developers, send a monthly email message that lists the access permissions to Application1.
If the manager does not verify an access permission, automatically revoke that permission. Minimize development effort.
What should you recommend?

A.In Azure Active Directory (Azure AD), create an access review of Application1.
B.Create an Azure Automation runbook that runs the Get-AzRoleAssignment cmdlet.
C.In Azure Active Directory (Azure AD) Privileged Identity Management, create a custom role assignment for the Application1 resources.
D.Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet.


You have an Azure subscription. The subscription has a blob container that contains multiple blobs.
Ten users in the finance department of your company plan to access the blobs during the month of April.
You need to recommend a solution to enable access to the blobs during the month of April only. Which security solution should you include in the recommendation?
A.shared access signatures (SAS)
B.Conditional Access policies
C.certificates
D.access keys


You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.
You have an internal web app named WebApp1 that is hosted on-premises. WebApp1 uses Integrated Windows authentication.
Some users work remotely and do NOT have VPN access to the on-premises network. You need to provide the remote users with single sign-on (SSO) access to WebApp1.
Which two features should you include in the solution? Each correct answer presents part of the solution.

A.Azure AD Application Proxy
B.Azure AD Privileged Identity Management (PIM)
C.Conditional Access policies
D.Azure Arc
E.Azure AD enterprise applications
F.Azure Application Gateway

You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group1. Group1 is configured for assigned membership. Group1 has 50 members, including 20 guest users.
You need to recommend a solution for evaluating the membership of Group1. The solution must meet the following requirements:
The evaluation must be repeated automatically every three months.
Every member must be able to report whether they need to be in Group1.
Users who report that they do not need to be in Group1 must be removed from Group1 automatically.
Users who do not report whether they need to be in Group1 must be removed from Group1 automatically.
What should you include in the recommendation?

A.Implement Azure AD Identity Protection.
B.Change the Membership type of Group1 to Dynamic User.
C.Create an access review.
D.Implement Azure AD Privileged Identity Management (PIM).

You plan to deploy Azure Databricks to support a machine learning application. Data engineerswill mount an Azure Data Lake Storage account to the Databricks file system. Permissions to folders are granted directly to the data engineers.
You need to recommend a design for the planned Databrick deployment. The solution must meet the following requirements:
Ensure that the data engineers can only access folders to which they have permissions. Minimize development effort.
Minimize costs.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.

You plan to deploy an Azure web app named App1 that will use Azure Active Directory (Azure AD) authentication.
App1 will be accessed from the internet by the users at your company. All the users have computers that run Windows 10 and are joined to Azure AD.
You need to recommend a solution to ensure that the users can connect to App1 without being prompted for authentication and can access App1 only from company-owned computers.
What should you recommend for each requirement? To answer, select the appropriate options in the answer area.

Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is being deployed and configured for on-premises to Azure connectivity.
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines.
Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic. Does this meet the goal?

A.Yes  B.No


Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is deployed and configured for on-premises to Azure connectivity.
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines.
Solution: Use Azure Advisor to analyze the network traffic. Does this meet the goal?

A.Yes  B.No

微软认证AZ-305,AZ-204,AZ-500,AZ-700,MD-100,MD-101,DP-300,DP-900等题库和考试券请扫微信二维码联系老师