- web.groovymark@gmail.com
- December 2, 2024
Question 01
Which role can invite guest users into an Azure AD tenant by default?
a) Global Administrator
b) User Administrator
c) Security Administrator
d) Both a and b
Correct Answer: d) Both a and b
Explanation: Both the Global Administrator and User Administrator roles can invite guest users into an Azure AD tenant.
Question 02
Which type of Azure AD object should be used to manage delegation of permissions within an Azure AD administrative unit?
a) User
b) Security Group
c) Application
d) Custom Role
Correct Answer: b) Security Group
Explanation: A Security Group can be used to manage permissions within an Azure AD administrative unit.
Question 03
Which tool can be used to update Microsoft Azure AD groups?
a) Azure CLI
b) Azure PowerShell
c) Azure Portal
d) All of the above
Correct Answer: d) All of the above
Explanation: Azure CLI, PowerShell, and the Azure Portal can all be used to update Azure AD groups.
Question 04
What additional piece of information is required when inviting a new guest account to Azure AD?
a) Phone number
b) Email address
c) Full name
d) User role
Correct Answer: b) Email address
Explanation: The email address is required for each new guest account in Azure AD.
Question 05
What should be created to apply specific Azure security permissions to a new IT group?
a) Built-in role
b) Custom role
c) Security group
d) Resource group
Correct Answer: b) Custom role
Explanation: A custom role should be created to apply specific security permissions to the new IT group.
Question 06
What determines the effective permissions when assigning multiple roles to a user?
a) The most permissive role
b) The least permissive role
c) The role assigned first
d) The role with the highest scope
Correct Answer: a) The most permissive role
Explanation: The effective permissions are determined by the most permissive role assigned to the user.
Question 07
What should be configured to resolve the error “No more role assignments can be created”?
a) Add users to groups
b) Assign roles to the groups
c) Increase the role assignment limit
d) Remove existing role assignments
Correct Answer: a) Add users to groups
Explanation: To resolve this error, you can add users to groups and assign roles to those groups.
Question 08
How can the least amount of work be done to adjust Azure AD user privileges?
a) Delete the existing role and create a new one
b) Clone an existing role and modify it
c) Use Azure Policy to modify permissions
d) Remove the user from all roles
Correct Answer: b) Clone an existing role and modify it
Explanation: Cloning an existing role allows for easier adjustments to user permissions.
Question 09
What is used to enforce standardized tagging rules for Azure resources?
a) Azure Policy
b) Resource Locks
c) RBAC
d) Management Groups
Correct Answer: a) Azure Policy
Explanation: Azure Policy is used to create and enforce tagging rules on Azure resources.
Question 10
How can virtual machines be categorized by environment purpose?
a) Using management groups
b) By applying tags
c) Through role assignments
d) By creating resource groups
Correct Answer: b) By applying tags
Explanation: Tags can be used to categorize virtual machines by their environmental purposes.
Question 11
What should be used to grant a user access to Enterprise Agreement (EA) subscriptions through a single role assignment?
a) Resource Groups
b) Management Groups
c) Custom Roles
d) Security Groups
Correct Answer: b) Management Groups
Explanation: Management Groups allow for access to multiple subscriptions with a single role assignment.
Question 12
Where are backup policies associated with a virtual machine stored?
a) Recovery Services vault
b) Azure Storage account
c) Resource Group
d) Azure AD
Correct Answer: a) Recovery Services vault
Explanation: Backup policies for virtual machines are stored in the associated Recovery Services vault.
Question 13
Which Azure resource should be created to store Azure Backup reporting data?
a) Azure Storage account
b) Azure Log Analytics workspace
c) Recovery Services vault
d) Resource Group
Correct Answer: b) Azure Log Analytics workspace
Explanation: An Azure Log Analytics workspace is required to store backup reporting data.
Question 14
Which service should be used for continuous replication of an on-premises VMware virtual machine to an Azure virtual machine?
a) Azure Backup
b) Azure Site Recovery
c) Azure Blob Storage
d) Azure Files
Correct Answer: b) Azure Site Recovery
Explanation: Azure Site Recovery is used for continuous replication of VMs to Azure.
Question 15
Which types of Azure Storage objects are supported by Azure Backup vaults?
a) Files and Disks
b) Blobs and Tables
c) Blobs and Disks
d) Tables and Queues
Correct Answer: c) Blobs and Disks
Explanation: Azure Backup vaults support backup of blobs and disks.
Question 16
What additional property is required when creating an Azure AD user?
a) Phone number
b) Security group
c) Full name
d) Role
Correct Answer: c) Full name
Explanation: The full name is a required property when creating a new Azure AD user.
Question 17
Which group and membership type should be used in Azure AD Free edition to set permissions?
a) Security Group with Assigned membership
b) Distribution Group with Dynamic membership
c) Security Group with Dynamic membership
d) Role Group with Assigned membership
Correct Answer: a) Security Group with Assigned membership
Explanation: Assigned membership in a Security Group allows for manual control of permissions.
Question 18
Which property specifies the type of user in Azure Active Directory?
a) User Type
b) Source
c) Role
d) Status
Correct Answer: b) Source
Explanation: The Source property indicates whether the user is a cloud or Microsoft Account user.
Question 19
What file type should be created to bulk create Azure AD users?
a) TXT
b) CSV
c) JSON
d) XML
Correct Answer: b) CSV
Explanation: A CSV file is used for bulk user creation in Azure AD.
Question 20
What is the least privileged role that includes Microsoft.Authorization/roleAssignment/ permissions?*
a) Reader
b) Contributor
c) User Access Administrator
d) Owner
Correct Answer: c) User Access Administrator
Explanation: The User Access Administrator role includes the least privileges for role assignments.