You have data files in Azure Blob storage.
You plan to transform the files and move them to Azure Data Lake Storage.
You need to transform the data by using mapping data flow.
Which Azure service should you use?

• A.Azure Data Box Gateway
• B.Azure Storage Sync
• C.Azure Data Factory
• D.Azure Databricks

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription that contains web apps in three Azure regions.
You need to implement Azure Key Vault to meet the following requirements:
* In the event of a regional outage, all keys must be readable.
* All the web apps in the subscription must be able to access Key Vault.
* The number of Key Vault resources to be deployed and managed must be minimized.
How many instances of Key Vault should you implement?

• A.1
• B.2
• C.3
• D.6

Comment: *

Name: *

Email: *

Verification: *

You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network.
You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:
* Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.
* The number of incoming microservice calls must be rate-limited.
* Costs must be minimized.
What should you include in the solution?

• A.Azure API Management Premium tier with virtual network connection
• B.Azure Front Door with Azure Web Application Firewall (WAF)
• C.Azure API Management Standard tier with a service endpoint
• D.Azure App Gateway with Azure Web Application Firewall (WAF)

Comment: *

Name: *

Email: *

Verification: *

You need to configure an Azure policy to ensure that the Azure SQL databases have TDE enabled. The solution must meet the security and compliance requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

1 - Create an Azure policy definition that uses the deployIfNotExists identity.
2 - Create an Azure policy assignment
3 - Invoke a remediation task
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription that contains a custom application named Application was developed by an external company named fabric, Ltd. Developers at Fabrikam were assigned role-based access control (RBAV) permissions to the Application components. All users are licensed for the Microsoft 365 E5 plan.
You need to recommends a solution to verify whether the Faricak developers still require permissions to Application1. The solution must the following requirements.
* To the manager of the developers, send a monthly email message that lists the access permissions to Application1.
* If the manager does not verify access permission, automatically revoke that permission.
* Minimize development effort.
What should you recommend?

• A.In Azure Active Directory (AD) Privileged Identity Management, create a custom role assignment for the Application1 resources
• B.Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet
• C.Create an Azure Automation runbook that runs the Get-AzureRmRoleAssignment cmdlet
• D.In Azure Active Directory (Azure AD), create an access review of Application1

Comment: *

Name: *

Email: *

Verification: *