AZ-102 Microsoft Azure Administrator Certification Transition
Languages: English
Audiences: IT Professionals
Technology: Microsoft Azure
Skills measured from AZ-100: Microsoft Azure Infrastructure and Deployment
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.
Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.
If you have concerns about specific questions on this exam, please submit an exam challenge.
If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.
Manage Azure subscriptions and resources (5-10%)
Analyze resource utilization and consumption
May include but not limited to: Configure diagnostic settings on resources; create baseline for resources; create and rest alerts; analyze alerts across subscription; analyze metrics across subscription; create action groups; monitor for unused resources; monitor spend; report on spend; utilize Log Search query functions; view alerts in Log Analytics
Implement and manage storage (5-10%)
Configure Azure files
May include but not limited to: Create Azure file share; create Azure File Sync service; create Azure sync group; troubleshoot Azure File Sync
Configure and manage virtual networks (15-20%)
Create connectivity between virtual networks
May include but not limited to: Create and configure VNET peering; create and configure VNET to VNET; verify virtual network connectivity; create virtual network gateway
Configure name resolution
May include but not limited to: Configure Azure DNS; configure custom DNS settings; configure DNS zones
Manage identities (15-20%)
Manage Azure Active Directory (AD)
May include but not limited to: Add custom domains; configure Azure AD Identity Protection, Azure AD Join, and Enterprise State Roaming; configure self-service password reset; implement conditional access policies; manage multiple directories; perform an access review
Implement and manage hybrid identities
May include but not limited to: Install and configure Azure AD Connect; configure federation and single sign-on; manage Azure AD Connect; manage password sync and writeback
Skills measured from AZ-101: Microsoft Azure Integration and Security
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.
Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.
Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.
If you have concerns about specific questions on this exam, please submit an exam challenge.
If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.
Evaluate and perform server migration to Azure (15-20%)
Evaluate migration scenarios by using Azure Migrate
May include but not limited to: Discover and assess environment; identify workloads that can and cannot be deployed; identify ports to open; identify changes to network; identify if target environment is supported; setup domain accounts and credentials
Migrate servers to Azure
May include but not limited to: Migrate by using Azure Site Recovery (ASR); migrate using P2V; configure storage; create a backup vault; prepare source and target environments; backup and restore data; deploy Azure Site Recovery (ASR) agent; prepare virtual network
Implement and manage application services (5-10%)
Configure serverless computing
May include but not limited to: Create and manage objects; manage a Logic App resource; manage Azure Function app settings; manage Event Grid; manage Service Bus
Implement advanced virtual networking (5-10%)
Monitor and manage networking
May include but not limited to: Monitor on-premises connectivity; use network resource monitoring and Network Watcher; manage external networking and virtual network connectivity
Secure identities (5-10%)
Implement Multi-Factor Authentication (MFA)
May include but not limited to: Enable MFA for an Azure tenant; configure user accounts for MFA; configure fraud alerts; configure bypass options; configure trusted IPs; configure verification methods; manage role-based access control (RBAC); implement RBAC policies; assign RBAC Roles; create a custom role; configure access to Azure resources by assigning roles; configure management access to Azure
Question: 3
You need to prepare the environment to meet the authentication requirements.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE Each correct selection is worth one point.
A. Azure Active Directory (AD) Identity Protection and an Azure policy
B. a Recovery Services vault and a backup policy
C. an Azure Key Vault and an access policy
D. an Azure Storage account and an access policy
Answer: BD
Explanation:
D: Seamless SSO works with any method of cloud authentication – Password Hash Synchronization
or Pass-through Authentication, and can be enabled via Azure AD Connect.
B: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure
AD URL to all or selected users’ Intranet zone settings by using Group Policy in Active Directory:
https://autologon.microsoftazuread-sso.com
Incorrect Answers:
A: Seamless SSO needs the user’s device to be domain-joined, but doesn’t need for the device to be Azure AD Joined.
C: Azure AD connect does not port 8080. It uses port 443.
E: Seamless SSO is not applicable to Active Directory Federation Services (ADFS). Scenario: Users in the Miami office must use Azure Active Directory Seamless Single Sign-on (Azure
AD Seamless SSO) when accessing resources in Azure.Planned Azure AD Infrastructure include: The on-premises Active Directory domain will be synchronized to Azure AD.
Question: 4
You need to define a custom domain name for Azure AD to support the planned infrastructure.
Which domain name should you use?
A. Join the client computers in the Miami office to Azure AD.
B. Add https:://autologon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miami office.
C. Allow inbound TCP port 8080 to the domain controllers in the Miami office.
D. Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication
E. Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miami office.
Answer: BD
Explanation:
Every Azure AD directory comes with an initial domain name in the form of
domainname.onmicrosoft.com. The initial domain name cannot be changed or deleted, but you can
add your corporate domain name to Azure AD as well. For example, your organization probably has
other domain names used to do business and users who sign in using your corporate domain name.
Adding custom domain names to Azure AD allows you to assign user names in the directory that are
familiar to your users, such as ‘alice@contoso.com.’ instead of ‘alice@domain
name.onmicrosoft.com’.
Scenario:
Network Infrastructure: Each office has a local data center that contains all the servers for that
office. Each office has a dedicated connection to the Internet.
Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com
Planned Azure AD Infrastructure: The on-premises Active Directory domain will be synchronized to Azure AD.
Question: 5
You need to resolve the Active Directory issue.
What should you do?
A. From Active Directory Users and Computers, select the user accounts, and then modify the User Principal Name value.
B. Run idfix.exe, and then use the Edit action.
C. From Active Directory Domains and Trusts, modify the list of UPN suffixes.
D. From Azure AD Connect, modify the outbound synchronization rule.
Answer: B
IdFix is used to perform discovery and remediation of identity objects and their attributes in an onpremises
Active Directory environment in preparation for migration to Azure Active Directory. IdFix is
intended for the Active Directory administrators responsible for directory synchronization with Azure
Active Directory.
Scenario: Active Directory Issue
Several users in humongousinsurance.com have UPNs that contain special characters.
You suspect that some of the characters are unsupported in Azure AD.
Question: 6
Which blade should you instruct the finance department auditors to use?
A. invoices
B. partner information
C. cost analysis
D. External services
Answer: A
Question: 7
You need to define a custom domain name for Azure AD to support the planned infrastructure.
Which domain name should you use?
A. ad.humongousinsurance.com
B. humongousinsurance.onmicrosoft.com
C. humongousinsurance.local
D. humongousinsurance.com
Answer: D
Click here to view complete Q&A of AZ-102 exam
Certkingdom Review, Certkingdom PDF Torrents
Best Microsoft AZ-102 Certification, Microsoft AZ-102 Training at certkingdom.com