Which resource provider permissions are required for each role?

HOTSPOT

You have an Azure subscription.

You need to create two custom roles named Role1 and Role2.

The solution must meet the following requirements:

• Users that are assigned Role1 can create or delete instances of Azure Container Apps.

• Users that are assigned Role2 can enforce adaptive network hardening rules.

Which resource provider permissions are required for each role? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer: Role 1: Microsoft.App

Role 2 : Microsoft.Security

Does this meet the goal?

You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.

Yon receive more than 100 email alerts each day for tailed Azure Al) user sign-in attempts.

You need to ensure that a new security administrator receives the alerts instead of you.

Solution: From Azure AD, you create an assignment for the Insights at administrator role.

Does this meet the goal?
A . Yes
B. No

Answer: B

What should you do next?

HOTSPOT

You need to implement password restrictions to meet the authentication requirements.

You install the Azure AD password Protection DC agent on DC1.

What should you do next? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer: Server2

Azure AD.

Does this meet the goal?

You have a Microsoft 365 tenant.

All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.

Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.

You need to block the users automatically when they report an MFA request that they did not Initiate.

Solution: From the Azure portal, you configure the Block/unblock users settings for multi-factor authentication (MFA).

Does this meet the goal?
A . Yes
B. No

Answer: B

Explanation:

You need to configure the fraud alert settings.

Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings

Which MFA authentication method can the users use from the remote location?

You have a Microsoft 365 tenant.

All users have mobile phones and laptops.

The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity.

While working from the remote locations, the users connect their laptop to a wired network that has internetaccess.

You plan to implement multi-factor authentication (MFA).

Which MFA authentication method can the users use from the remote location?
A . a verification code from the Microsoft Authenticator app
B. security questions
C. voice
D. SMS

Answer: A

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-authenticator-app#verification-code-from-mobile-app

Which risk detection type is classified as a user risk?

You have an Azure Active Directory (Azure AD) tenant.

You open the risk detections report.

Which risk detection type is classified as a user risk?
A . impossible travel
B. anonymous IP address
C. atypical travel
D. leaked credentials

Answer: D

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks

Does this meet the goal?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant.

You have 100 IT administrators who are organized into 10 departments.

You create the access review shown in the exhibit. (Click the Exhibit tab.)

You discover that all access review requests are received by Megan Bowen.

You need to ensure that the manager of each department receives the access reviews of their respective department.

Solution: You add each manager as a fallback reviewer.

Does this meet the goal?
A . Yes
B. No

Answer: B

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review