Microsoft AZ-102 - Microsoft Azure Administrator Certification Transition Exam
Page: 2 / 16
Total 76 questions
Question #6 (Topic: Testlet 2)
Overview
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares
the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises
workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory
forest named adatum.com and run Windows Server 2016.
The New York office an IP address of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft
Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal. The infrastructure contains the resources shown in the following table.
[Microsoft-AZ-102-1.0/xmlfile-9_1.png]
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
A new web app named App1 that will access third-parties for credit card processing must be deployed.
A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs
immediately.
The Azure infrastructure and the on-premises infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual
machines to Azure.
The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
AG1 must load balance incoming traffic in the following manner:
1. http://corporate.adatum.com/video/* will be load balanced across Pool11.
2. http://corporate.adatum.com/images/* will be load balanced across Pool12.
AG2 must load balance incoming traffic in the following manner:
1. http://www.adatum.com will be load balanced across Pool21.
2. http://www.fabrikam.com will be load balanced across Pool22.
ER1 must route traffic between the New York office and the platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
ER2 must route traffic between the Los Angeles office and the PaaS sevices in the West US region, as long as ER2 is available.
ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be able to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
The cost of App1 and App2 must be minimized.
The transactional charges of Azure Storage account must be minimized.
DRAG DROP
You need to prepare the New York office infrastructure for the migration of the on-premises virtual machines to Azure.
Which four actions you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct
order.
Select and Place:
[Microsoft-AZ-102-1.0/xmlfile-11_1.jpg]
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares
the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises
workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory
forest named adatum.com and run Windows Server 2016.
The New York office an IP address of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft
Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal. The infrastructure contains the resources shown in the following table.
[Microsoft-AZ-102-1.0/xmlfile-9_1.png]
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
A new web app named App1 that will access third-parties for credit card processing must be deployed.
A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs
immediately.
The Azure infrastructure and the on-premises infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual
machines to Azure.
The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
AG1 must load balance incoming traffic in the following manner:
1. http://corporate.adatum.com/video/* will be load balanced across Pool11.
2. http://corporate.adatum.com/images/* will be load balanced across Pool12.
AG2 must load balance incoming traffic in the following manner:
1. http://www.adatum.com will be load balanced across Pool21.
2. http://www.fabrikam.com will be load balanced across Pool22.
ER1 must route traffic between the New York office and the platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
ER2 must route traffic between the Los Angeles office and the PaaS sevices in the West US region, as long as ER2 is available.
ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be able to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
The cost of App1 and App2 must be minimized.
The transactional charges of Azure Storage account must be minimized.
DRAG DROP
You need to prepare the New York office infrastructure for the migration of the on-premises virtual machines to Azure.
Which four actions you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct
order.
Select and Place:
[Microsoft-AZ-102-1.0/xmlfile-11_1.jpg]
Answer: [Microsoft-AZ-102-1.0/xmlfile-12_1.jpg]
Question #7 (Topic: Testlet 2)
Overview
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares
the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises
workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory
forest named adatum.com and run Windows Server 2016.
The New York office an IP address of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft
Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal. The infrastructure contains the resources shown in the following table.
[Microsoft-AZ-102-1.0/xmlfile-9_1.png]
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
A new web app named App1 that will access third-parties for credit card processing must be deployed.
A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs
immediately.
The Azure infrastructure and the on-premises infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual
machines to Azure.
The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
AG1 must load balance incoming traffic in the following manner:
1. http://corporate.adatum.com/video/* will be load balanced across Pool11.
2. http://corporate.adatum.com/images/* will be load balanced across Pool12.
AG2 must load balance incoming traffic in the following manner:
1. http://www.adatum.com will be load balanced across Pool21.
2. http://www.fabrikam.com will be load balanced across Pool22.
ER1 must route traffic between the New York office and the platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
ER2 must route traffic between the Los Angeles office and the PaaS sevices in the West US region, as long as ER2 is available.
ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be able to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
The cost of App1 and App2 must be minimized.
The transactional charges of Azure Storage account must be minimized.
HOTSPOT
You need to provision the resources in Azure to support the virtual machine that will be migrated from the New York office.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
[Microsoft-AZ-102-1.0/xmlfile-14_1.jpg]
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares
the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises
workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory
forest named adatum.com and run Windows Server 2016.
The New York office an IP address of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft
Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal. The infrastructure contains the resources shown in the following table.
[Microsoft-AZ-102-1.0/xmlfile-9_1.png]
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
A new web app named App1 that will access third-parties for credit card processing must be deployed.
A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs
immediately.
The Azure infrastructure and the on-premises infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual
machines to Azure.
The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
AG1 must load balance incoming traffic in the following manner:
1. http://corporate.adatum.com/video/* will be load balanced across Pool11.
2. http://corporate.adatum.com/images/* will be load balanced across Pool12.
AG2 must load balance incoming traffic in the following manner:
1. http://www.adatum.com will be load balanced across Pool21.
2. http://www.fabrikam.com will be load balanced across Pool22.
ER1 must route traffic between the New York office and the platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
ER2 must route traffic between the Los Angeles office and the PaaS sevices in the West US region, as long as ER2 is available.
ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be able to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
The cost of App1 and App2 must be minimized.
The transactional charges of Azure Storage account must be minimized.
HOTSPOT
You need to provision the resources in Azure to support the virtual machine that will be migrated from the New York office.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
[Microsoft-AZ-102-1.0/xmlfile-14_1.jpg]
Answer: [Microsoft-AZ-102-1.0/xmlfile-15_1.jpg]
Question #8 (Topic: Testlet 2)
Overview
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares
the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises
workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory
forest named adatum.com and run Windows Server 2016.
The New York office an IP address of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft
Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal. The infrastructure contains the resources shown in the following table.
[Microsoft-AZ-102-1.0/xmlfile-9_1.png]
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
A new web app named App1 that will access third-parties for credit card processing must be deployed.
A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs
immediately.
The Azure infrastructure and the on-premises infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual
machines to Azure.
The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
AG1 must load balance incoming traffic in the following manner:
1. http://corporate.adatum.com/video/* will be load balanced across Pool11.
2. http://corporate.adatum.com/images/* will be load balanced across Pool12.
AG2 must load balance incoming traffic in the following manner:
1. http://www.adatum.com will be load balanced across Pool21.
2. http://www.fabrikam.com will be load balanced across Pool22.
ER1 must route traffic between the New York office and the platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
ER2 must route traffic between the Los Angeles office and the PaaS sevices in the West US region, as long as ER2 is available.
ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be able to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
The cost of App1 and App2 must be minimized.
The transactional charges of Azure Storage account must be minimized.
HOTSPOT
You need to implement App2 to meet the application requirements.
What should you include in the implementation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
[Microsoft-AZ-102-1.0/xmlfile-16_1.png]
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares
the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises
workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory
forest named adatum.com and run Windows Server 2016.
The New York office an IP address of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft
Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal. The infrastructure contains the resources shown in the following table.
[Microsoft-AZ-102-1.0/xmlfile-9_1.png]
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
A new web app named App1 that will access third-parties for credit card processing must be deployed.
A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs
immediately.
The Azure infrastructure and the on-premises infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual
machines to Azure.
The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
AG1 must load balance incoming traffic in the following manner:
1. http://corporate.adatum.com/video/* will be load balanced across Pool11.
2. http://corporate.adatum.com/images/* will be load balanced across Pool12.
AG2 must load balance incoming traffic in the following manner:
1. http://www.adatum.com will be load balanced across Pool21.
2. http://www.fabrikam.com will be load balanced across Pool22.
ER1 must route traffic between the New York office and the platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
ER2 must route traffic between the Los Angeles office and the PaaS sevices in the West US region, as long as ER2 is available.
ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be able to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
The cost of App1 and App2 must be minimized.
The transactional charges of Azure Storage account must be minimized.
HOTSPOT
You need to implement App2 to meet the application requirements.
What should you include in the implementation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
[Microsoft-AZ-102-1.0/xmlfile-16_1.png]
Answer: [Microsoft-AZ-102-1.0/xmlfile-17_1.png]
Question #9 (Topic: Testlet 3)
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The Montreal office has 2,000 employees. The Seattle office has 1,000 employees. The New York office has 200 employees.
All the resources used by Contoso are hosted on-premises.
Contoso creates a new Azure subscription. The Azure Active Directory (Azure AD) tenant uses a domain named contoso.onmicrosoft.com. The tenant uses the P1
pricing tier.
Existing environment
The network contains an Active Directory forest named contoso.com. All domain controllers are configured as DNS servers and host the contoso.com DNS zone.
Contoso has finance, human resources, sales, research, and information technology departments. Each department has an organizational unit (OU) that contains
all the accounts of that respective department. All the user accounts have the department attribute set to their respective department. New users are added
frequently.
Contoso.com contains a user named User1.
All the offices connect by using private links.
Contoso has data centers in the Montreal and Seattle offices. Each data center has a firewall that can be configured as a VPN device.
All infrastructure servers are virtualized. The virtualization environment contains the servers in the following table.
[Microsoft-AZ-102-1.0/xmlfile-19_1.png]
Contoso uses two web applications named App1 and App2. Each instance on each web application requires 1 GB of memory.
The Azure subscription contains the resources in the following table.
[Microsoft-AZ-102-1.0/xmlfile-20_1.png]
The network security team implements several network security groups (NSGs).
Requirements
Planned Changes
Contoso plans to implement the following changes:
Deploy Azure ExpressRoute to the Montreal office.
Migrate the virtual machines hosted on Server1 and Server2 to Azure.
Synchronize on-premises Active Directory to Azure Active Directory (Azure AD).
Migrate App1 and App2 to two Azure web apps named WebApp1 and WebApp2.
Technical Requirements
Contoso must meet the following technical requirements:
Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instances.
Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
Ensure that routing information is exchanged automatically between Azure and the routers in the Montreal office.
Enable Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
Ensure that webapp2.azurewebsites.net can be accessed by using the name app2.contoso.com.
Connect the New York office to VNet1 over the Internet by using an encrypted connection.
Create a workflow to send an email message when the settings of VM4 are modified.
Create a custom Azure role named Role1 that is based on the Reader role.
Minimize costs whenever possible.
You discover that VM3 does NOT meet the technical requirements.
You need to verify whether the issue relates to the NSGs.
What should you use?
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The Montreal office has 2,000 employees. The Seattle office has 1,000 employees. The New York office has 200 employees.
All the resources used by Contoso are hosted on-premises.
Contoso creates a new Azure subscription. The Azure Active Directory (Azure AD) tenant uses a domain named contoso.onmicrosoft.com. The tenant uses the P1
pricing tier.
Existing environment
The network contains an Active Directory forest named contoso.com. All domain controllers are configured as DNS servers and host the contoso.com DNS zone.
Contoso has finance, human resources, sales, research, and information technology departments. Each department has an organizational unit (OU) that contains
all the accounts of that respective department. All the user accounts have the department attribute set to their respective department. New users are added
frequently.
Contoso.com contains a user named User1.
All the offices connect by using private links.
Contoso has data centers in the Montreal and Seattle offices. Each data center has a firewall that can be configured as a VPN device.
All infrastructure servers are virtualized. The virtualization environment contains the servers in the following table.
[Microsoft-AZ-102-1.0/xmlfile-19_1.png]
Contoso uses two web applications named App1 and App2. Each instance on each web application requires 1 GB of memory.
The Azure subscription contains the resources in the following table.
[Microsoft-AZ-102-1.0/xmlfile-20_1.png]
The network security team implements several network security groups (NSGs).
Requirements
Planned Changes
Contoso plans to implement the following changes:
Deploy Azure ExpressRoute to the Montreal office.
Migrate the virtual machines hosted on Server1 and Server2 to Azure.
Synchronize on-premises Active Directory to Azure Active Directory (Azure AD).
Migrate App1 and App2 to two Azure web apps named WebApp1 and WebApp2.
Technical Requirements
Contoso must meet the following technical requirements:
Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instances.
Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
Ensure that routing information is exchanged automatically between Azure and the routers in the Montreal office.
Enable Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
Ensure that webapp2.azurewebsites.net can be accessed by using the name app2.contoso.com.
Connect the New York office to VNet1 over the Internet by using an encrypted connection.
Create a workflow to send an email message when the settings of VM4 are modified.
Create a custom Azure role named Role1 that is based on the Reader role.
Minimize costs whenever possible.
You discover that VM3 does NOT meet the technical requirements.
You need to verify whether the issue relates to the NSGs.
What should you use?
A. Diagnose and solve problems in Traffic Manager profiles
B. The security recommendations in Azure Advisor
C. Diagram in VNet1
D. Diagnostic settings in Azure Monitor
E. IP flow verify in Azure Network Watcher
Answer: E
Question #10 (Topic: Testlet 3)
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The Montreal office has 2,000 employees. The Seattle office has 1,000 employees. The New York office has 200 employees.
All the resources used by Contoso are hosted on-premises.
Contoso creates a new Azure subscription. The Azure Active Directory (Azure AD) tenant uses a domain named contoso.onmicrosoft.com. The tenant uses the P1
pricing tier.
Existing environment
The network contains an Active Directory forest named contoso.com. All domain controllers are configured as DNS servers and host the contoso.com DNS zone.
Contoso has finance, human resources, sales, research, and information technology departments. Each department has an organizational unit (OU) that contains
all the accounts of that respective department. All the user accounts have the department attribute set to their respective department. New users are added
frequently.
Contoso.com contains a user named User1.
All the offices connect by using private links.
Contoso has data centers in the Montreal and Seattle offices. Each data center has a firewall that can be configured as a VPN device.
All infrastructure servers are virtualized. The virtualization environment contains the servers in the following table.
[Microsoft-AZ-102-1.0/xmlfile-19_1.png]
Contoso uses two web applications named App1 and App2. Each instance on each web application requires 1 GB of memory.
The Azure subscription contains the resources in the following table.
[Microsoft-AZ-102-1.0/xmlfile-20_1.png]
The network security team implements several network security groups (NSGs).
Requirements
Planned Changes
Contoso plans to implement the following changes:
Deploy Azure ExpressRoute to the Montreal office.
Migrate the virtual machines hosted on Server1 and Server2 to Azure.
Synchronize on-premises Active Directory to Azure Active Directory (Azure AD).
Migrate App1 and App2 to two Azure web apps named WebApp1 and WebApp2.
Technical Requirements
Contoso must meet the following technical requirements:
Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instances.
Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
Ensure that routing information is exchanged automatically between Azure and the routers in the Montreal office.
Enable Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
Ensure that webapp2.azurewebsites.net can be accessed by using the name app2.contoso.com.
Connect the New York office to VNet1 over the Internet by using an encrypted connection.
Create a workflow to send an email message when the settings of VM4 are modified.
Create a custom Azure role named Role1 that is based on the Reader role.
Minimize costs whenever possible.
HOTSPOT
You need to prepare the environment to implement the planned changes for Server2.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
[Microsoft-AZ-102-1.0/xmlfile-22_1.jpg]
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The Montreal office has 2,000 employees. The Seattle office has 1,000 employees. The New York office has 200 employees.
All the resources used by Contoso are hosted on-premises.
Contoso creates a new Azure subscription. The Azure Active Directory (Azure AD) tenant uses a domain named contoso.onmicrosoft.com. The tenant uses the P1
pricing tier.
Existing environment
The network contains an Active Directory forest named contoso.com. All domain controllers are configured as DNS servers and host the contoso.com DNS zone.
Contoso has finance, human resources, sales, research, and information technology departments. Each department has an organizational unit (OU) that contains
all the accounts of that respective department. All the user accounts have the department attribute set to their respective department. New users are added
frequently.
Contoso.com contains a user named User1.
All the offices connect by using private links.
Contoso has data centers in the Montreal and Seattle offices. Each data center has a firewall that can be configured as a VPN device.
All infrastructure servers are virtualized. The virtualization environment contains the servers in the following table.
[Microsoft-AZ-102-1.0/xmlfile-19_1.png]
Contoso uses two web applications named App1 and App2. Each instance on each web application requires 1 GB of memory.
The Azure subscription contains the resources in the following table.
[Microsoft-AZ-102-1.0/xmlfile-20_1.png]
The network security team implements several network security groups (NSGs).
Requirements
Planned Changes
Contoso plans to implement the following changes:
Deploy Azure ExpressRoute to the Montreal office.
Migrate the virtual machines hosted on Server1 and Server2 to Azure.
Synchronize on-premises Active Directory to Azure Active Directory (Azure AD).
Migrate App1 and App2 to two Azure web apps named WebApp1 and WebApp2.
Technical Requirements
Contoso must meet the following technical requirements:
Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instances.
Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
Ensure that routing information is exchanged automatically between Azure and the routers in the Montreal office.
Enable Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
Ensure that webapp2.azurewebsites.net can be accessed by using the name app2.contoso.com.
Connect the New York office to VNet1 over the Internet by using an encrypted connection.
Create a workflow to send an email message when the settings of VM4 are modified.
Create a custom Azure role named Role1 that is based on the Reader role.
Minimize costs whenever possible.
HOTSPOT
You need to prepare the environment to implement the planned changes for Server2.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
[Microsoft-AZ-102-1.0/xmlfile-22_1.jpg]
Answer: [Microsoft-AZ-102-1.0/xmlfile-23_1.jpg]
