You have an Azure subscription that contains 100 virtual machines and has Azure Security Center Standard tier enabled.
You plan to perform a vulnerability scan of each virtual machine.
You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager template.
Which two values should you specify in the code to automate the deployment of the extension to the virtual machines? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A. the user-assigned managed identity

B. the workspace ID

C. the Azure Active Directory (Azure AD) ID

D. the Key Vault managed storage account key

E. the system-assigned managed identity

F. the primary shared key

You have an Azure subscription that contains a resource group named RG1 and a security group named ServerAdmins. RG1 contains 10 virtual machines, a virtual network named VNET1, and a network security group JNSG) named NSG1. ServerAdmins can access the virtual machines by using RDP.

You need to ensure that NSG1 only allows RDP connections to the virtual machines for a maximum of 60 minutes when a member of ServerAdmins requests access.

What should you configure?

A. an Azure policy assigned to RGl

B. a just in time (JIT) VM access policy in Microsoft Defender for Cloud

C. an Azure AD Privileged Identity Management (PiM) role assignment

D. an Azure Bastion host on VNET1

NO: 19 DRAG DROP

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Subscription named Sub1. Sub1 contains an Azure virtual machine named VM1 that runs Windows Server 2016.

You need to encrypt VM1 disks by using Azure Disk Encryption.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You have an Azure Active Directory (Azure AD) tenant that contains two administrative units named AU1 and AU2.
Users are assigned to the administrative units as shown in the following table.

You have an Azure subscription.
You plan to deploy the virtual machines shown in the following table.



You need to identify the virtual machines and operating systems that can be deployed as confidential virtual machines?
Which Windows virtual machines and which Linux virtual machines should you identify?

You have an Azure subscription that contains the resources shown in the following table.



The subscription is linked to an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.



The membership rules for Group1 and Group2 are configured as shown in the following exhibit.

You have two Azure subscriptions named Sub1 and Sub2 that contain the virtual networks shown in the following table.



You have an Azure Virtual Network Manager instance that has the following settings:

• Name: NetMgr1
• Region: East US
• Features: Connectivity
• Management scope: Sub1

For NetMgr1, you create the target network groups shown in the following table.

Your company uses cloud-based resources from the following platforms:

• Azure
• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)

You plan to implement Microsoft Defender for Cloud.
On which platforms can you use Defender for Cloud to protect containers and storage? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure subscription that contains the virtual machines shown in the following table.

You have an Azure subscription that contains the virtual networks shown in the following table.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.