Microsoft AZ-600 Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack Hub Exam Practice Test

Page: 1 / 14
Total 176 questions
Question 1

You have an Azure Stack Hub integrated system.

You plan to apply the latest updates to the integrated system.

You need to identify operational issues that will prevent the updates from being applied.

Which PowerShell cmdlet should you run?



Answer : A


Question 2

You have a connected Azure Stack Hub integrated system.

You need to offer users the Azure Kubernetes Service (AKS) engine for production workloads. Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.



Answer : A, C, D


Question 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You deploy a disconnected Azure Stack Hub integrated system.

You need to identify the IP address of the privileged endpoint (PEP).

Solution: You run the nslookup AzS-ERCS01.azurestack.local command.

Does this meet the goal?



Answer : A

nslookup is a network administration command-line tool for querying the Domain Name System to obtain the mapping between domain name and IP address, or other DNS records.

ASDK architecture, Virtual machine roles

The ASDK offers services using the following VMs hosted on the development kit host computer:

* AzS-ERCS01 - Emergency Recovery Console VM.


https://docs.microsoft.com/en-us/azure-stack/asdk/asdk-architecture?view=azs-2008

Question 4

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You deploy a disconnected Azure Stack Hub integrated system.

You need to identify the IP address of the privileged endpoint (PEP).

Solution: You review the AzureStackStampDeploymentInfo JSON file.

Does this meet the goal?



Answer : A

Instead: Solution: You run the nslookup AzS-ERCS01.azurestack.local command.

Note: nslookup is a network administration command-line tool for querying the Domain Name System to obtain the mapping between domain name and IP address, or other DNS records.

ASDK architecture, Virtual machine roles

The ASDK offers services using the following VMs hosted on the development kit host computer:

* AzS-ERCS01 - Emergency Recovery Console VM.


https://docs.microsoft.com/en-us/azure-stack/asdk/asdk-architecture?view=azs-2008

Question 5

You have an Azure Stack Hub integrated system linked to an Azure AD tenant.

You need to back up virtual machines in user subscriptions. The solution must meet the following requirements:

Back up running virtual machines.

Maximize resiliency.

What should you use?



Answer : A

Backup-restore

Backing up your applications and datasets enables you to quickly recover from downtime due to data corruption, accidental deletions, or disasters. For IaaS VM-based applications you can use an in-guest agent to protect application data, operating system configuration, and data stored on volumes.

Note: Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. Backups are stored in a Recovery Services vault with built-in management of recovery points. Configuration and scaling are simple, backups are optimized, and you can easily restore as needed.


https://learn.microsoft.com/en-us/azure-stack/user/azure-stack-manage-vm-protect

https://learn.microsoft.com/en-us/azure/backup/backup-azure-vms-introduction

Question 6

You have a disconnected Azure Stack Hub integrated system that contains a user named User1.

You need to ensure that User1 can assign role-based access control (RBAC) roles in Azure Stack Hub. The solution must use the principle of least privilege.

Which Azure Stack Hub built-in role should you assign to User1?



Answer : B

User Access Administrator

Lets you manage user access to Azure resources.

*/read Read resources of all types, except secrets.

Microsoft.Authorization/* Manage authorization

Microsoft.Support/* Create and update a support ticket


https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

Question 7

You have a disconnected Azure Stack Hub integrated system.

You plan to implement an app named App1.

You need to create a new service principal for App1. The solution must maximize security.

What should you do first?



Answer : D

You start by creating a new app registration in your directory, which creates an associated service principal object to represent the app's identity within the directory.

Your choice of either Azure AD or AD FS is determined by the mode in which you deploy Azure Stack Hub:

When you deploy it in a connected mode, you can use either Azure AD or AD FS.

When you deploy it in a disconnected mode, without a connection to the internet, only AD FS is supported.

Manage an AD FS app

If you deployed Azure Stack Hub with AD FS as your identity management service, you must use PowerShell to manage your app's identity. The following examples demonstrate both an X509 certificate and a client secret credential.

Once you have a certificate, use a PowerShell script to register your app and sign in using the app's identity.


https://learn.microsoft.com/en-us/azure-stack/operator/give-app-access-to-resources

Page:    1 / 14   
Total 176 questions