Question 1

Answer: C

Explanation:

To associate each VM with its respective department, you can assign tags to the
virtual machines. Tags are key-value pairs that you can use to organize your
resources. In this case, you could create a tag called "department" and assign it
the value of the department name. For example, you could create a tag called
"department" and assign it the value of "sales" for all of the VMs that are used by
the sales department.

Question 2

Answer: B

Explanation:

The solution does not meet the goal because it only changes the user settings for
multi-factor authentication. In order to require members of the Global
Administrators group to use multi-factor authentication and an Azure AD-joined
device when they connect to Azure AD from untrusted locations, you need to create a
conditional access policy.

Question 3

Answer: B

Explanation:

The solution does not meet the goal because it only changes the session control of
the Azure AD conditional access policy. In order to require members of the Global
Administrators group to use multi-factor authentication and an Azure AD-joined
device when they connect to Azure AD from untrusted locations, you need to change
the grant control of the policy to require multi-factor authentication and an Azure
AD-joined device.

Question 4

Answer: B

Explanation:

The solution does meet the goal because it changes the grant control of the Azure
AD conditional access policy to require multi-factor authentication and an Azure
AD-joined device. This will ensure that members of the Global Administrators group
can only access Azure AD from trusted locations and when they are using a multi-
factor authentication-enabled device.

Question 5

Answer: C

Explanation:

The Create-AzVM cmdlet is used to create an Azure virtual machine. The cmdlet takes
a number of parameters, including the name of the virtual machine, the size of the
virtual machine, the operating system image, and the location of the virtual
machine. In this case, you would need to specify the name of the virtual machine,
the size of the virtual machine, the operating system image, the location of the
virtual machine, and the trusted root certification authority (CA).

Question 6

Answer: B

Explanation:

The solution does not meet the goal because it only reconfigures the existing usage
model via the Azure portal. In order to require all new employees to use multi-
factor authentication, you need to change the default usage model for Multi-Factor
Authentication. You can do this by using the Azure CLI or the Azure portal.

Question 7

Answer: A

Explanation:

The solution meets the goal because it reconfigures the existing usage model for
Multi-Factor Authentication via the Azure CLI. This will ensure that all new
employees are required to use multi-factor authentication when they sign in to
Azure AD.

Question 8

Answer: B

Explanation:

The solution does not meet the goal because it creates a new Multi-Factor
Authentication provider with a backup from the existing Multi-Factor Authentication
provider data. In order to require all new employees to use multi-factor
authentication, you need to change the default usage model for Multi-Factor
Authentication. You can do this by using the Azure CLI or the Azure portal.

Question 9

Answer: A

Explanation:

The solution meets the goal because it runs the Start-ADSyncSyncCycle -PolicyType
Initial PowerShell cmdlet. This will force the DirSync server to replicate the user
information from the on-premises Active Directory to Azure AD immediately.

Question 10

Answer: B

Explanation:

The solution does not meet the goal because it uses Active Directory Sites and
Services to force replication of the Global Catalog on a domain controller. This
will only force the Global Catalog on the domain controller to replicate with other
domain controllers in the same site. It will not force the user information to
replicate to Azure AD.