AZ-720 Exam Question 41
A company uses Azure Active Directory (Azure AD) with Azure role-based access control (RBAC) for access to resources.
Some users report that they are unable to grant RBAC roles to other users.
You need to troubleshoot the issue.
How should you complete the Azure Monitor query?
Some users report that they are unable to grant RBAC roles to other users.
You need to troubleshoot the issue.
How should you complete the Azure Monitor query?
AZ-720 Exam Question 42
A company is deploying Azure Bastion to provide secure clientless access to its Azure VMs. The company configures a network security group named NSG1.
During deployment, the following error displays: Network security group NSG1 does not have necessary rules for Azure Bastion Subnet AzureBastionSubnet.
You need to fix the inbound rules for NSG1.
How should you complete the configuration?
During deployment, the following error displays: Network security group NSG1 does not have necessary rules for Azure Bastion Subnet AzureBastionSubnet.
You need to fix the inbound rules for NSG1.
How should you complete the configuration?
AZ-720 Exam Question 43
A company has an Azure tenant. The company deploys an Azure firewall named FW1 to control access from an on-premises datacenter to an Azure virtual machine named VM1.
The company troubleshoots ICMP connectivity from the on-premises datacenter to VM1. You are unable to ping VM1 from an on-premises server.
You need to determine if ICMP connectivity to VM1 is allow on FW1.
What should you do?
The company troubleshoots ICMP connectivity from the on-premises datacenter to VM1. You are unable to ping VM1 from an on-premises server.
You need to determine if ICMP connectivity to VM1 is allow on FW1.
What should you do?
AZ-720 Exam Question 44
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.
You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1.
What should you do?
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.
You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1.
What should you do?
AZ-720 Exam Question 45
A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).
An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue.
Solution: Disable password writeback and then enable password writeback.
Does the solution meet the goal?
An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue.
Solution: Disable password writeback and then enable password writeback.
Does the solution meet the goal?