You need to consider the underlined segment to establish whether it is accurate.

You have been tasked with creating a different subscription for each of your company's divisions. However, the subscriptions will be linked to a single Azure Active

Directory (Azure AD) tenant.

You want to make sure that each subscription has identical role assignments.

You make use of Azure AD Privileged Identity Management (PIM).

Select `No adjustment required` if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option.

A. No adjustment required
B. Azure Blueprints
C. Conditional access policies
D. Azure DevOps

Your company has an Azure Container Registry.

You have been tasked with assigning a user a role that allows for the uploading of images to the Azure Container Registry. The role assigned should not require more privileges than necessary.

Which of the following is the role you should assign?

A. Owner
B. Contributor
C. AcrPush
D. AcrPull

Your company has an Azure Container Registry.

You have been tasked with assigning a user a role that allows for the downloading of images from the Azure Container Registry. The role assigned should not require more privileges than necessary.

Which of the following is the role you should assign?

A. Reader
B. Contributor
C. AcrDelete
D. AcrPull

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your Company's Azure subscription includes a virtual network that has a single subnet configured.

You have created a service endpoint for the subnet, which includes an Azure virtual machine that has Ubuntu Server 18.04 installed.

You are preparing to deploy Docker containers to the virtual machine. You need to make sure that the containers can access Azure Storage resources and Azure

SQL databases via the service endpoint.

You need to perform a task on the virtual machine prior to deploying containers.

Solution: You create an application security group.

Does the solution meet the goal?

A. Yes
B. No

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your Company's Azure subscription includes a virtual network that has a single subnet configured.

You have created a service endpoint for the subnet, which includes an Azure virtual machine that has Ubuntu Server 18.04 installed.

You are preparing to deploy Docker containers to the virtual machine. You need to make sure that the containers can access Azure Storage resources and Azure

SQL databases via the service endpoint.

You need to perform a task on the virtual machine prior to deploying containers.

Solution: You install the container network interface (CNI) plug-in.

Does the solution meet the goal?

A. Yes
B. No

You make use of Azure Resource Manager templates to deploy Azure virtual machines.

You have been tasked with making sure that Windows features that are not in use, are automatically inactivated when instances of the virtual machines are provisioned.

Which of the following actions should you take?

A. You should make use of Azure DevOps.
B. You should make use of Azure Automation State Configuration.
C. You should make use of network security groups (NSG).
D. You should make use of Azure Blueprints.

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

You are in the process of creating an Azure Kubernetes Service (AKS) cluster. The Azure Kubernetes Service (AKS) cluster must be able to connect to an Azure

Container Registry.

You want to make sure that Azure Kubernetes Service (AKS) cluster authenticates to the Azure Container Registry by making use of the auto-generated service principal.

Solution: You create an Azure Active Directory (Azure AD) role assignment.

Does the solution meet the goal?

A. Yes
B. No

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

You are in the process of creating an Azure Kubernetes Service (AKS) cluster. The Azure Kubernetes Service (AKS) cluster must be able to connect to an Azure

Container Registry.

You want to make sure that Azure Kubernetes Service (AKS) cluster authenticates to the Azure Container Registry by making use of the auto-generated service principal.

Solution: You create an Azure Active Directory (Azure AD) role assignment.

Does the solution meet the goal?

A. Yes
B. No

Your company has an Azure subscription that includes two virtual machines, named VirMac1 and VirMac2, which both have a status of Stopped (Deallocated).

The virtual machines belong to different resource groups, named ResGroup1 and ResGroup2.

You have also created two Azure policies that are both configured with the virtualMachines resource type. The policy configured for ResGroup1 has a policy definition of Not allowed resource types, while the policy configured for ResGroup2 has a policy definition of Allowed resource types.

You then create a Read-only resource lock on VirMac1, as well as a Read-only resource lock on ResGroup2.

Which of the following is TRUE with regards to the scenario? (Choose all that apply.)

A. You will be able to start VirMac1.
B. You will NOT be able to start VirMac1.
C. You will be able to create a virtual machine in ResGroup2.
D. You will NOT be able to create a virtual machine in ResGroup2.