- (Exam Topic 5)
You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1.
You need to ensure that you can configure a point-to-site connection from an on-premises computer to VNet1. Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

1. A. Add a service endpoint to VNet1
2. B. Reset GW1
3. C. Create a route-based virtual network gateway
4. D. Add a connection to GW1
5. E. Delete GW1
6. F. Add a public IP address space to VNet1

Correct Answer: CE
C: A VPN gateway is used when creating a VPN connection to your on-premises network.
Route-based VPN devices use any-to-any (wildcard) traffic selectors, and let routing/forwarding tables direct traffic to different IPsec tunnels. It is typically built on router platforms where each IPsec tunnel is modeled as a network interface or VTI (virtual tunnel interface).
E: Policy-based VPN devices use the combinations of prefixes from both networks to define how traffic is encrypted/decrypted through IPsec tunnels. It is typically built on firewall devices that perform packet filtering.
IPsec tunnel encryption and decryption are added to the packet filtering and processing engine. Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/create-routebased-vpn-gateway-portal https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-connect-multiple-policybased-rm-ps

- (Exam Topic 5)
You have an Azure subscription named Subscroption1. In Subscription1, you create an alert rule named Alert1.
The Alert1 action group is configured as shown in the following exhibit.

Alert1 alert criteria is triggered every minute.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Solution:
Box 1: 60
One alert per minute will trigger one email per minute.
Box 2: 12
No more than 1 SMS every 5 minutes can be send, which equals 12 per hour.
Note: Rate limiting is a suspension of notifications that occurs when too many are sent to a particular phone number, email address or device. Rate limiting ensures that alerts are manageable and actionable.
The rate limit thresholds are:
SMS: No more than 1 SMS every 5 minutes.
Voice: No more than 1 Voice call every 5 minutes.
Email: No more than 100 emails in an hour.
Other actions are not rate limited.
References:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/monitoring-and-diagnostics/monitoring-overv

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 6)
A web developer creates a web application that you plan to deploy as an Azure web app. Users must enter credentials to access the web application.
You create a new web app named WebApp1 and deploy the web application to WebApp1. You need to disable anonymous access to WebApp1.
What should you configure?

1. A. Access control (IAM)
2. B. Advanced Tools
3. C. Deployment credentials
4. D. Authentication/Authorization

Correct Answer: D
Anonymous access is an authentication method. It allows users to establish an anonymous connection. References:
https://docs.microsoft.com/en-us/biztalk/core/guidelines-for-resolving-iis-permissions-problems

- (Exam Topic 6)
You have a hybrid deployment of Azure Active Directory (Azure AD) that contains the users shown in the following table.

You need to modify the JobTitle and UsageLocation attributes for the users.
For which users can you modify the- attributes from Azure AD? To answer, select the appropriate options in the answer area.

Solution:
Box 1: User1 and User3 only
You must use Windows Server Active Directory to update the identity, contact info, or job info for users whose source of authority is Windows Server Active Directory.
Box 2: User1, User2, and User3 Reference:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-profile-azure-portal

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure virtual machine named VM1 that runs Windows Server 2016.
You need to create an alert in Azure when more than two error events are logged to the System log on VM1 within an hour.
Solution: You create an event subscription on VM1. You create an alert in Azure Monitor and specify VM1 as the source.
Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: B
Instead: You create an Azure Log Analytics workspace and configure the data settings. You install the Microsoft Monitoring Agent on VM1. You create an alert in Azure Monitor and specify the Log Analytics workspace as the source.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agents-overview