Recent

  • Show all results for ""
quiz image
By @chuttersnap

Azure Management Groups and Policies

UnfetteredBay avatar
UnfetteredBay
·
·
Download

Start Quiz

Study Flashcards

40 Questions

What is the effect of inheriting a deny policy?

It overrides any allowed permissions

Where can virtual networks be created?

At any management group level

What is required to create Virtual Machines on a Management Group?

The required RBAC permissions

Can subscriptions be moved between Management Groups?

Yes, provided the user has the required RBAC permissions

What is the effect of the policy in Exhibit?

You are prevented from creating Azure SQL servers anywhere in Subscription 1

What is the purpose of Management Groups?

To organize subscriptions

What is required to move a subscription between Management Groups?

The required RBAC permissions

What is the effect of inheriting an allow policy?

It overrides any deny policies

What is the purpose of verifying your custom domain name on the Fabrikam - Custom domain names page?

To ensure your custom domain is properly registered and valid for Azure AD

Which of the following record types can be used to verify a custom domain name for Azure AD?

Both TXT and MX

What role should you assign to the Developers group to provide them with the ability to create Azure logic apps?

Logic App Contributor role

What is the primary function of the DevTest Labs User role?

Connect, start, restart, and shutdown virtual machines

What is the purpose of the Azure AD tenant named Adatum?

To contain a group named Developers

What is the name of the resource group in Subscription1 that you need to provide the Developers group with access to?

Dev

What is the correct sequence of steps to verify a custom domain name for Azure AD?

Select the custom domain name, then select Verify

What is the primary goal of providing the Developers group with the ability to create Azure logic apps?

To manage Azure logic apps

What is the first step in an import job?

Attach an external disk to Server1 and then run waimportexport.exe

What is the purpose of the WAImportExport tool?

To copy data to disk drives.

What is required to be provided during job creation?

Return address and carrier account number for shipping the drives back.

What happens to the drives after they are received at the Azure data center?

They are processed and the data is imported to Azure storage.

What is the purpose of the drive journal files?

To track the delivery of the drives.

What is the purpose of Server1 and Server2 in Azure File Sync?

To register as a server endpoint.

What is the cloud endpoint of Group1 in Azure File Sync?

Share1

What is the server endpoint of Group1 in Azure File Sync?

D:\Folder1

Where can a Log Analytics workspace be created in relation to the location and subscription of your vaults?

In a different location and subscription than your vaults

What type of storage account is used to host premium file shares?

FileStorage account

Which storage accounts can be used to host premium file shares?

contoso101, contoso102, and contoso103 only

What is the purpose of the net use command in relation to file shares?

To connect to file shares

What access does the IP 193.77.134.1 have on the SAS?

Will have no access

What is the purpose of a shared access signature (SAS)?

To grant temporary access to a file share

Which storage accounts can be used to host standard file shares?

Any of the above

What is the purpose of a Log Analytics workspace?

To analyze and report on data from Azure resources

What is a requirement for a sync group in Azure File Sync?

It must contain one cloud endpoint and one or more server endpoints.

What is the purpose of a cloud endpoint in Azure File Sync?

To represent an Azure file share.

What is the name of the Azure Storage account in the given scenario?

contosostorage

What is the UNC path for accessing files from the data file share?

\contosostorage\file.core.windows.net\data

What command should you run to create a container named vmimages?

az storage container create vmimages

What is the purpose of a server endpoint in Azure File Sync?

To represent a server or a cluster of servers.

What is required to create a sync group in Azure File Sync?

One cloud endpoint and one or more server endpoints.

What is the name of the file share in the given scenario?

data

Study Notes

Azure Management Groups

  • Management groups are used to organize Azure subscriptions and resources
  • A subscription can be moved between management groups if the user has the required RBAC permissions
  • Virtual networks are not allowed at the root and are inherited, deny overrides are allowed

Azure Policies

  • Azure policies can be created to manage Azure resources
  • Policies can be used to allow or deny specific actions on Azure resources
  • For example, a policy can be created to prevent the creation of Azure SQL servers in a specific subscription or resource group

Azure Logic Apps

  • Logic App Contributor role is required to manage logic apps, but not to access them
  • Developers group needs the Logic App Contributor role to create logic apps in the Dev resource group

Azure Data Import/Export

  • Import job involves attaching an external disk to a server, copying data to disk drives, encrypting the disk drives, and shipping the drives to an Azure data center
  • The WAImportExport tool is used to copy data to disk drives
  • The import job is created in the Azure portal, and the drives are shipped to the Azure data center for processing

Azure File Sync

  • Azure File Sync is used to sync files between on-premises servers and Azure file shares
  • A sync group must contain one cloud endpoint, which represents an Azure file share, and one or more server endpoints
  • Server endpoints can be added to the sync group, and files can be synced between the servers and the Azure file share

Azure Storage Accounts

  • An Azure storage account can contain multiple file shares
  • A UNC path is used to reference files in a file share, in the format \.file.core.windows.net\
  • A container can be created in a storage account using the Azure CLI

Shared Access Signatures (SAS)

  • A SAS is a URI that grants limited access to a resource in a storage account
  • A SAS can be created with specific permissions and a specific duration
  • A SAS can be used to grant access to a file share or container in a storage account

Test your knowledge of Azure management groups and policies. Learn how to add subscriptions and create policies in Azure.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

Mastering Azure
5 questions

Mastering Azure

CapableAmethyst avatar
CapableAmethyst
Mastering Azure Pricing and Cost Management
8 questions

Mastering Azure Pricing and Cost Management

CapableAmethyst avatar
CapableAmethyst
Microsoft Azure Administrator AZ-104 Exam: Virtual Machines and Resource Management
5 questions

AZ-104 Exam Quiz: Virtual Machines and Resource Management Interview Q...

UnrivaledStrength avatar
UnrivaledStrength
Microsoft Azure Data Fundamentals: Data Storage, Analytics, and Processing
12 questions

Microsoft Azure Data Fundamentals: Data Storage, Analytics, and Proces...

TransparentCornflower avatar
TransparentCornflower
Use Quizgecko on...
Browser
Open
Browser
Browser