Free AZ-500 Exam Braindumps (page: 31)

Page 30 of 128

You have an Azure web app named webapp1.
You need to configure continuous deployment for webapp1 by using an Azure Repo.
What should you create first?

  1. an Azure Application Insights service
  2. an Azure DevOps organization
  3. an Azure Storage account
  4. an Azure DevTest Labs lab

Answer(s): B

Explanation:

To use Azure Repos, make sure your Azure DevOps organization is linked to your Azure subscription.


Reference:

https://docs.microsoft.com/en-us/azure/app-service/deploy-continuous-deployment



Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
The company develops an application named App1. App1 is registered in Azure AD.
You need to ensure that App1 can access secrets in Azure Key Vault on behalf of the application users.
What should you configure?

  1. an application permission without admin consent
  2. a delegated permission without admin consent
  3. a delegated permission that requires admin consent
  4. an application permission that requires admin consent

Answer(s): B

Explanation:

Delegated permissions - Your client application needs to access the web API as the signed-in user, but with access limited by the selected permission. This type of permission can be granted by a user unless the permission requires administrator consent.
Incorrect Answers:
A, D: Application permissions - Your client application needs to access the web API directly as itself (no user context). This type of permission requires administrator consent and is also not available for public (desktop and mobile) client applications.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-configure-app-access-web-apis



DRAG DROP (Drag and Drop is not supported) (Drag and Drop is not supported)
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.
The company is developing an application named App1. App1 will run as a service on server that runs Windows Server 2016. App1 will authenticate to contoso.com and access Microsoft Graph to read directory data.
You need to delegate the minimum required permissions to App1.
Which three actions should you perform in sequence from the Azure portal? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Step 1: Create an app registration
First the application must be created/registered.
Step 2: Add an application permission
Application permissions are used by apps that run without a signed-in user present.
Step 3: Grant permissions
Incorrect Answers:
Delegated permission
Delegated permissions are used by apps that have a signed-in user present.
Application Proxy:
Azure Active Directory's Application Proxy provides secure remote access to on-premises web applications.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent



Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.
You need to register App1 in Azure AD.
What information should you obtain from the developer to register the application?

  1. a redirect URI
  2. a reply URL
  3. a key
  4. an application ID

Answer(s): A

Explanation:

For Native Applications you need to provide a Redirect URI, which Azure AD will use to return token responses.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code






Post your Comments and Discuss Microsoft AZ-500 exam with other Community members:

AZ-500 Discussions & Posts