AZ 104 - KodeKloud Questions Flashcards
You create an Azure Storage account named contosostorage. You plan to create a file share named data. Users need to map a drive to the data file share from home computers that run Windows 10. Which outbound port should you open between the home computers and the data file share?
Server Message Block (SMB) is used to connect to an Azure file share over the internet. The SMB protocol requires TCP port 445 to be open.
Your company has several departments. Each department has a number of virtual machines (VMs). The company has an Azure subscription that contains a resource group named RG1. All VMs are located in RG1. You want to associate each VM with its respective department. What should you do?
Assign tags to the virtual machines
You have an Azure Active Directory (Azure AD) tenant named contosocloud.onmicrosoft.com. Your company has a public DNS zone for contoso.com. You add contoso.com as a custom domain name to Azure AD. You need to ensure that Azure can verify the domain name. Which type of DNS record should you create?
TXT Record for Verification:
Azure AD requires you to prove ownership of the domain name. This is done by adding a specific TXT record to your DNS zone.
** When you add a custom domain in Azure AD, it provides you with a unique TXT record value. Azure AD then checks your DNS records to see if this value exists.
** Once that value is found, Azure AD verifies that you control the domain.
You have an Azure virtual machine named VM1 that runs Windows Server 2019. You save VM1 as a template named Template1 to the Azure Resource Manager library. You plan to deploy a virtual machine named VM2 from Template1. What can you configure during the deployment of VM2?
- Administrator Username
- Virtual Machine Size
- Operating System
- Resource Group
Resource Group
All other configurations will be a part of the deployment
What are the Core DLP Functions in Azure?
**Sensitive Data Identification and Classification
** Policy Enforcement
** Monitoring & Auditing
** Prevention of Unauthorized Data Exfiltration
You have an Azure subscription. You have 100 Azure virtual machines. You need to quickly identify underutilized virtual machines that can have their service tier changed to a less expensive offering. Which blade should you use?
Advisor helps you optimize and reduce your overall Azure spend by identifying idle and underutilized resources. You can get cost recommendations from the Cost tab on the Advisor dashboard.
You have a public load balancer that balances ports 80 and 443 across three virtual machines. You need to direct all the Remote Desktop Protocol (RDP) connections to VM3 only. What should you configure?
Inbound NAT Rule
You have a registered DNS domain named contoso.com. You create a public Azure DNS zone named contoso.com. You need to ensure that records created in the contoso.com zone are resolvable from the internet. What should you do?
We need to modify the NS records on the domain registrar and delegate the requests to Azure DNS NS.