AZ-103 Exam Dumps, AZ-103 Exam Questions, AZ-103 PDF Dumps, AZ-103 VCE Dumps, Microsoft Exam

(May-2020-New)Braindump2go AZ-103 Dumps with PDF and VCE(251-261)

May 12, 2020May 12, 2020 | by bdadmin

May/2020 New Braindump2go AZ-103 PDF and VCE Dumps Free Updated Today! Following are some new AZ-103 Exam Questions.

QUESTION 251
You have an Azure DNS zone named adatum.com.
You need to delegate a subdomain named research.adatum.com to a different DNS server in Azure.
What should you do?

A. Create an PTR record named research in the adatum.com zone.
B. Create an NS record named research in the adatum.com zone.
C. Modify the SOA record of adatum.com.
D. Create an A record named “.research in the adatum.com zone.

Answer: B
Explanation:
You need to create a name server (NS) record for the zone.
References:
https://docs.microsoft.com/en-us/azure/dns/delegate-subdomain
QUESTION 252
You have an on-premises network that contains a Hyper-V host named Host1. Host1 runs Windows Server 2016 and hosts 10 virtual machines that run Windows Server 2016.
You plan to replicate the virtual machines to Azure by using Azure Site Recovery.
You create a Recovery Services vault named ASR1 and a Hyper-V site named Site1.
You need to add Host1 to ASR1.
What should you do?

A. Download the installation file for the Azure Site Recovery Provider.
Download the vault registration key.
Install the Azure Site Recovery Provider on Host1 and register the server.
B. Download the installation file for the Azure Site Recovery Provider.
Download the storage account key.
Install the Azure Site Recovery Provider on Host1 and register the server.
C. Download the installation file for the Azure Site Recovery Provider.
Download the vault registration key.
Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.
D. Download the installation file for the Azure Site Recovery Provider.
Download the storage account key.
Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.

Answer: A
Explanation:
Download the Vault registration key. You need this when you install the Provider. The key is valid for five days after you generate it.
Install the Provider on each VMM server. You don’t need to explicitly install anything on Hyper-V hosts.
Incorrect Answers:
B, D: Use the Vault Registration Key, not the storage account key.
References:
https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure

QUESTION 253
You plan to move services from your on-premises network to Azure.
You identify several virtual machines that you believe can be hosted in Azure. The virtual machines are shown in the following table.

Which two virtual machines can you access by using Azure migrate? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Sea-CA01
B. Hou-NW01
C. NYC-FS01
D. Sea-DC01
E. BOS-DB01

Answer: BE
Explanation:
The VMware VMs must be managed by vCenter Server (version 5.5, 6.0, or 6.5).
References:
https://docs.microsoft.com/en-us/azure/migrate/migrate-overview

QUESTION 254
You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
You hire a temporary vendor. The vendor uses a Microsoft account that has a sign-in of [email protected].
You need to ensure that the vendor can authenticate to the tenant by using [email protected].
What should you do?

A. From the Azure portal, add a custom domain name, create a new Azure AD user, and then specify [email protected] as the username.
B. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify the
C. From the Azure portal, add a new guest user, and then specify [email protected] as the email address.
D. From Windows PowerShell, run the New-AzureADUser cmdlet and specify the

Answer: C
Explanation:
We should use Azure portal, add a new guest user, and then specify [email protected] as the email address.
The New-AzureADUser cmdlet creates a new user not a new guest user. The New-AzureADMSInvitation cmdlet is used to invite a new external user to your directory, but the cmdlet uses the -InvitedUserEmailAddress parameter instead of -UserPrincipalName.

QUESTION 255
You set the multi-factor authentication status for a user named [email protected] to Enabled.
Admin1 accesses the Azure portal by using a web browser.
Which additional security verifications can Admin1 use when accessing the Azure portal?

A. a phone call, a text message that contains a verification code, and a notification or a verification code sent from the Microsoft Authenticator app
B. an app password, a text message that contains a verification code, and a notification sent from the Microsoft Authenticator app
C. an app password, a text message that contains a verification code, and a verification code sent from the Microsoft Authenticator app
D. a phone call, an email message that contains a verification code, and a text message that contains an app password

Answer: A

QUESTION 256
Your company has a main office in London that contains 100 client computers.
Three years ago, you migrated to Azure Active Directory (Azure AD).
The company’s security policy states that all personal devices and corporate-owned devices must be registered or joined to Azure AD.
A remote user named User1 is unable to join a personal device to Azure AD from a home network. You verify that other users can join their devices to Azure AD.
You need to ensure that User1 can join the device to Azure AD.
What should you do?

A. From the Device settings blade, modify the Users may join devices to Azure AD setting.
B. From the Device settings blade, modify the Maximum number of devices per user setting.
C. Create a point-to-site VPN from the home network of User1 to Azure.
D. Assign the User administrator role to User1.

Answer: B
Explanation:
The Maximum number of devices setting enables you to select the maximum number of devices that a user can have in Azure AD. If a user reaches this quota, they will not be able to add additional devices until one or more of the existing devices are removed.
Incorrect Answers:
A: The Users may join devices to Azure AD setting enables you to select the users who can join devices to Azure AD. Options are All, Selected and None. The default is All.
C: Azure AD Join enables users to join their devices to Active Directory from anywhere as long as they have connectivity with the Internet.
References:
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal http://techgenix.com/pros-and-cons-azure-ad-join/

QUESTION 257
You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
The User administrator role is assigned to a user named Admin1.
An external partner has a Microsoft account that uses the [email protected] sign in.
Admin1 attempts to invite the external partner to sign in to the Azure AD tenant and receives the following error message: “Unable to invite user [email protected] ?Generic authorization exception.”
You need to ensure that Admin1 can invite the external partner to sign in to the Azure AD tenant.
What should you do?

A. From the Roles and administrators blade, assign the Security administrator role to Admin1.
B. From the Organizational relationships blade, add an identity provider.
C. From the Custom domain names blade, add a custom domain.
D. From the Users blade, modify the External collaboration settings.

Answer: D
Explanation:
https://techcommunity.microsoft.com/t5/Azure-Active-Directory/Generic-authorization-exception-inviting-Azure-AD-gests/td-p/274742

QUESTION 258
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com that is configured for hybrid coexistence with the on-premises Active Directory domain. The tenant contains the users shown in the following table.

Whenever possible, you need to enable Azure Multi-Factor Authentication (MFA) for the users in contoso.com.
Which users should you enable for Azure MFA?

A. User1 only
B. User1, User2, and User3 only
C. User1 and User2 only
D. User1, User2, User3, and User4
E. User2 only

Answer: D

QUESTION 259
You have an Azure Active Directory (Azure AD) tenant.
All administrators must enter a verification code to access the Azure portal.
You need to ensure that the administrators can access the Azure portal only from your on-premises network.
What should you configure?

A. an Azure AD Identity Protection user risk policy.
B. the multi-factor authentication service settings.
C. the default for all the roles in Azure AD Privileged Identity Management
D. an Azure AD Identity Protection sign-in risk policy

Answer: B

QUESTION 260
Hotspot Question
You have an Azure subscription.
You plan to use Azure Resource Manager templates to deploy 50 Azure virtual machines that will be part of the same availability set.
You need to ensure that as many virtual machines as possible are available if the fabric fails or during servicing.
How should you configure the template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
Use two fault domains.
2 or 3 is max value, depending on which region you are in.
Use 20 for platformUpdateDomainCount
Increasing the update domain (platformUpdateDomainCount) helps with capacity and availability planning when the platform reboots nodes. A higher number for the pool (20 is max) means that fewer of their nodes in any given availability set would be rebooted at once.
References:
https://www.itprotoday.com/microsoft-azure/check-if-azure-region-supports-2-or-3-fault-domains-managed-disks
https://github.com/Azure/acs-engine/issues/1030

QUESTION 261
Hotspot Question
You have an Azure subscription named Subscription1 that has a subscription ID of c276fc76-9cd4-44c9- 99a7-4fd71546436e.
You need to create a custom RBAC role named CR1 that meets the following requirements:
– Can be assigned only to the resource groups in Subscription1
– Prevents the management of the access permissions for the resource groups
– Allows the viewing, creating, modifying, and deleting of resource within the resource groups
What should you specify in the assignable scopes and the permission elements of the definition of CR1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#microsoftresources