Free AZ-140 Exam Braindumps (page: 19)

Page 18 of 66

You have an Azure Virtual Desktop deployment.
You have a RemoteApp named App1.
You discover that from the Save As dialog box of App1, users can run executable applications other than App1 on the session hosts.
You need to ensure that the users can run only published applications on the session hosts.
What should you do?

  1. Configure a conditional access policy in Azure Active Directory (Azure AD).
  2. Modify the Access control (IAM) settings of the host pool.
  3. Modify the RDP Properties of the host pool.
  4. Configure an AppLocker policy on the session hosts.

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/azure/virtual-desktop/security-guide



HOTSPOT (Drag and Drop is not supported)
You have an Azure Virtual Desktop Deployment that contains a workspace named Workspace1 and a user named User1. Workspace1 contains a Desktop application group named Pool1Desktop.
At 09:00, you create a conditional access policy that has the following settings:
✑ Assignments:
- Users and groups: User1
- Cloud apps or actions: Azure Virtual Desktop
- Conditions: 0 conditions selected
✑ Access controls
- Grant: Grant access, Require multi-factor authentication
- Sessions: Sign-in frequency 1 hour
User1 performs the actions shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Note: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/virtual-desktop/set-up-mfa



You deploy an Azure Virtual Desktop session host pool that includes ten virtual machines.
You need to provide a group of pilot users access to the virtual machines in the pool.
What should you do?

  1. Create a role definition.
  2. Add the users to a Remote Desktop Users group on the virtual machines.
  3. Add the users to the local Administrators group on the virtual machines.
  4. Create a role assignment.

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/azure/virtual-desktop/delegated-access-virtual-desktop



You have an Azure Active Directory Domain Services (Azure AD DS) managed domain named contoso.com.
You create an Azure Virtual Desktop host pool named Pool1. You assign the Virtual Machine Contributor role for the Azure subscription to a user named Admin1.
You need to ensure that Admin1 can add session hosts to Pool1. The solution must use the principle of least privilege.
Which two actions should you perform? Each correct answer presents part of the solution.
Note: Each correct selection is worth one point.

  1. Assign Admin1 the Desktop Virtualization Host Pool Contributor role for Pool1
  2. Assign Admin1 the Desktop Virtualization Session Host Operator role for Pool1
  3. Add Admin1 to the AAD DC Administrators group
  4. Assign a Microsoft 365 Enterprise E3 license to Admin1
  5. Generate a registration token

Answer(s): B,E


Reference:

https://docs.microsoft.com/en-us/azure/virtual-desktop/rbac






Post your Comments and Discuss Microsoft AZ-140 exam with other Community members:

AZ-140 Discussions & Posts