CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-204

Free AZ-204 Exam Braindumps (page: 26)

Page 26 of 79
PDF with 400 Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.

You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user’s Azure AD group membership must be used to determine the permission level.
You need to configure authorization.

Solution:
-Create a new Azure AD application. In the application’s manifest, set value of the groupMembershipClaims option to All.
-In the website, use the value of the groups claim from the JWT for the user to determine permissions.

Does the solution meet the goal?

  1. Yes
  2. No

Answer(s): A

Explanation:

To configure Manifest to include Group Claims in Auth Token
1. Go to Azure Active Directory to configure the Manifest. Click on Azure Active Directory, and go to App registrations to find your application:
2. Click on your application (or search for it if you have a lot of apps) and edit the Manifest by clicking on it.
3. Locate the “groupMembershipClaims” setting. Set its value to either “SecurityGroup” or “All”. To help you decide which:
-“SecurityGroup” - groups claim will contain the identifiers of all security groups of which the user is a member.
-“All” - groups claim will contain the identifiers of all security groups and all distribution lists of which the user is a member
Now your application will include group claims in your manifest and you can use this fact in your code.


Reference:

https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad-groups/



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.

You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user’s Azure AD group membership must be used to determine the permission level.
You need to configure authorization.

Solution:
-Create a new Azure AD application. In the application’s manifest, define application roles that match the required permission levels for the application.
-Assign the appropriate Azure AD group to each role. In the website, use the value of the roles claim from the JWT for the user to determine permissions.

Does the solution meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

To configure Manifest to include Group Claims in Auth Token
1. Go to Azure Active Directory to configure the Manifest. Click on Azure Active Directory, and go to App registrations to find your application:
2. Click on your application (or search for it if you have a lot of apps) and edit the Manifest by clicking on it.
3. Locate the “groupMembershipClaims” setting. Set its value to either “SecurityGroup” or “All”. To help you decide which:
-“SecurityGroup” - groups claim will contain the identifiers of all security groups of which the user is a member.
-“All” - groups claim will contain the identifiers of all security groups and all distribution lists of which the user is a member
Now your application will include group claims in your manifest and you can use this fact in your code.


Reference:

https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad-groups/



DRAG DROP (Drag & Drop is not supported)
You are developing an application to securely transfer data between on-premises file systems and Azure Blob storage. The application stores keys, secrets, and certificates in Azure Key Vault. The application uses the Azure Key Vault APIs.

The application must allow recovery of an accidental deletion of the key vault or key vault objects. Key vault objects must be retained for 90 days after deletion.

You need to protect the key vault and key vault objects.

Which Azure Key Vault feature should you use? To answer, drag the appropriate features to the correct actions. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Box 1: Soft delete
When soft-delete is enabled, resources marked as deleted resources are retained for a specified period (90 days by default). The service further provides a mechanism for recovering the deleted object, essentially undoing the deletion.

Box 2: Purge protection
Purge protection is an optional Key Vault behavior and is not enabled by default. Purge protection can only be enabled once soft-delete is enabled.

When purge protection is on, a vault or an object in the deleted state cannot be purged until the retention period has passed. Soft-deleted vaults and objects can still be recovered, ensuring that the retention policy will be followed.


Reference:

https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview



You provide an Azure API Management managed web service to clients. The back-end web service implements HTTP Strict Transport Security (HSTS).

Every request to the backend service must include a valid HTTP authorization header. You need to configure the Azure API Management instance with an authentication policy. Which two policies can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  1. Basic Authentication
  2. Digest Authentication
  3. Certificate Authentication
  4. OAuth Client Credential Grant

Answer(s): C,D



Page 26 of 79



Post your Comments and Discuss Microsoft AZ-204 exam with other Community members:

Vinod commented on December 28, 2024
very good questions
INDIA
upvote

n commented on December 25, 2024
Question are
Anonymous
upvote

Ni commented on December 25, 2024
useful questions
Anonymous
upvote

Robin commented on December 24, 2024
nice course
Anonymous
upvote

blaze commented on December 12, 2024
is the PDF worth it? Are these questions the same on the exam?
Anonymous
upvote

Gobenathan commented on October 16, 2024
This is a good exam done but the free version is not complete the PDF version has all the question. that is what I used to pass my exam.
INDIA
upvote

Girish commented on October 16, 2024
Question are nice
Anonymous
upvote

doctor kekana commented on September 18, 2024
hope to pass
Anonymous
upvote

Nuru commented on September 13, 2024
The document is help full .thanks
Anonymous
upvote

Skamza commented on September 05, 2024
challenging
Anonymous
upvote

Sugballs commented on August 06, 2024
The questions are still valid in this exam dumps. Got a 899 mark.
UNITED STATES
upvote

TigerLord commented on July 21, 2024
Great questions
Anonymous
upvote

Raj commented on July 14, 2024
Question are nice
Anonymous
upvote

Vesna commented on June 23, 2024
Nice questions
MACEDONIA THE FORMER YUGOSLAV REPUBLIC OF
upvote

Dr. Nug commented on June 23, 2024
Got 91% in my exam. This site ROCKS. I wish all questions were free... but still worth the $32 for the PDF full version.
UNITED KINGDOM
upvote

falmant commented on June 17, 2024
awesome content
Anonymous
upvote

YNR commented on June 10, 2024
Excellent material for Exam AZ-204
UNITED STATES
upvote

anunymous commented on April 11, 2024
useful .thanks
INDIA
upvote

Shashank commented on February 22, 2024
I passed exams using this dump
UNITED STATES
upvote

Abhishek Narayan commented on January 28, 2024
I am planning to give AZ 204 and need some questions to prepare
Anonymous
upvote

s_123 commented on August 12, 2023
do we need c# coding to be az204 certified
Anonymous
upvote

sachin commented on June 27, 2023
can you share the pdf
Anonymous
upvote

johnson commented on October 24, 2023
i studied for the microsoft azure az-204 exam through it has 100% real questions available for practice along with various mock tests. i scored 900/1000.
GERMANY
upvote

bot commented on July 26, 2023
more comments here
UNITED STATES
upvote

User123 commented on October 08, 2023
good question
UNITED STATES
upvote

VINNY commented on June 02, 2023
very good use full
Anonymous
upvote

Jose commented on August 30, 2023
nice questions
PORTUGAL
upvote

keylly commented on November 28, 2023
im study azure
Anonymous
upvote

Raj commented on May 25, 2023
nice questions
UNITED STATES
upvote

Meghali commented on January 17, 2024
Useful questions listed here, thanks
UNITED STATES
upvote

King J commented on January 09, 2024
These resources proved to be good
UNITED ARAB EMIRATES
upvote

Carlos commented on January 04, 2024
Good questions
Anonymous
upvote

keylly commented on November 28, 2023
i'm study azure
Anonymous
upvote

johnson commented on October 24, 2023
I studied for the Microsoft Azure AZ-204 exam through it has 100% real questions available for practice along with various mock tests. I scored 900/1000.
GERMANY
upvote