- (Exam Topic 4)
You have an Azure subscription that contains 100 virtual machines and has Azure Security Center Standard tier enabled.
You plan to perform a vulnerability scan of each virtual machine.
You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager template.
Which two values should you specify in the code to automate the deployment of the extension to the virtual machines? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Correct Answer:AC
- (Exam Topic 4)
You have an Azure subscription.
You need to create and deploy an Azure policy that meets the following requirements:
When a new virtual machine is deployed, automatically install a custom security extension.
Trigger an autogenerated remediation task for non-compliant virtual machines to install the extension. What should you include in the policy? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Solution:
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources
Does this meet the goal?
Correct Answer:A
- (Exam Topic 4)
You have an Azure subscription that contains the alerts shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Solution:
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-overview
Does this meet the goal?
Correct Answer:A
- (Exam Topic 4)
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below. Azure Username: User1-10598168@ExamUsers.com
Azure Password: Ag1Bh9!#Bd
The following information is for technical support purposes only: Lab Instance: 10598168
You need to email an alert to a user named admin1@contoso.com if the average CPU usage of a virtual machine named VM1 is greater than 70 percent for a period of 15 minutes.
To complete this task, sign in to the Azure portal.
Solution:
Create an alert rule on a metric with the Azure portal
* 1. In the portal, locate the resource, here VM1, you are interested in monitoring and select it.
* 2. Select Alerts (Classic) under the MONITORING section. The text and icon may vary slightly for different resources.
* 3. Select the Add metric alert (classic) button and fill in the fields as per below, and click OK. Metric: CPU Percentage
Condition: Greater than Period: Over last 15 minutes Notify via: email
Additional administrator email(s): admin1@contoso.com
Reference:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-insights-alerts-portal
Does this meet the goal?
Correct Answer:A
- (Exam Topic 4)
You create a new Azure subscription that is associated to a new Azure Active Directory (Azure AD) tenant. You create one active conditional access policy named Portal Policy. Portal Policy is used to provide access to the Microsoft Azure Management cloud app.
The Conditions settings for Portal Policy are configured as shown in the Conditions exhibit. (Click the Conditions tab.)
The Grant settings for Portal Policy are configured as shown in the Grant exhibit. (Click the Grant tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Solution:
Box 1: No
The Contoso location is excluded
Box 2: NO
Box 3: NO
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
Does this meet the goal?
Correct Answer:A