You have an Azure subscription that contains the resources shown in the following table.



App1 uses Function 1, SQL1, and storage 1.
You need to secure the traffic between App1, Function1, SQL1. and storage1, by using private endpoints.
With which resources can App1 communicate by using a private endpoint?

A. SQL1 only

B. storage1 only

C. Function1 only

D. SQL1 and storage1 only

E. storage1 and Function1 only

F. storage1, SQL1, and Function1

You have an Azure subscription that contains two virtual machines named VM1 and VM2 that run Windows Server 2019.
You are implementing Update Management in Azure Automation.
You plan to create a new update deployment named Update1.
You need to ensure that Update! meets the following requirements:

• Automatically applies updates to VM1 and VM2.
• Automatically adds any new Windows Server 2019 virtual machines to Update1.

What should you include in Update1?

A. a security group that has a Membership type of Dynamic Device

B. a security group that has a Membership type of Assigned

C. a Kusto query language query

D. a dynamic group query

You have an Azure subscription that contains the resources shown in the following table.



You need to configure network connectivity to meet the following requirements:

• Communication from VM1 to storage' must traverse an optimized Microsoft backbone network.
• All the outbound traffic from VM1 to the internet must be denied.
• The solution must minimize costs and administrative effort

What should you configure for VNetl and NSG1? To answer, drag the appropriate components to the correct resources. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
NOTE: Each correct selection is worth one point.

You have an Azure subscription named Subscription1 that contains the resources shown in the following table.

You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1.
You have 100 on-premises servers that run Windows Server 2012 R2 and Windows Server 2016. The servers connect to LAW1. LAW1 is configured to collect security-related performance counters from the connected servers.
You need to configure alerts based on the data collected by LAW1. The solution must meet the following requirements:

Alert rules must support dimensions.
The time it takes to generate an alert must be minimized.
Alert notifications must be generated only once when the alert is generated and once when the alert is resolved.

Which signal type should you use when you create the alert rules?

A. Log

B. Log (Saved Query)

C. Metric

D. Activity Log

You work at a company named Contoso, Ltd. that has the offices shown in the following table.

You plan to deploy a custom policy initiative for Microsoft Defender for Cloud.
You need to identify all the resource groups that have a Delete lock.
How should you complete the policy definition? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure Container Registry named Registry1.
You add role assignment for Registry1 as shown in the following table.



Which users can upload images to Registry1 and download images from Registry1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure subscription named Subscription1 that is linked to a Microsoft Entra tenant named contoso.com and a resource group named RG1. You create a custom role named Role1 in contoso.com. Where can you use Role1 for permission delegation?

A. contoso.com only

B. contoso.com and RG1 only

C. contoso.com and Subscription 1 only

D. contoso.com. RG1. and Subscription1

You have an Azure subscription that contains a SQL Server on Azure Virtual Machines instance named SQt1 and a Microsoft Sentinel workspace named Sentinel1.
You need to monitor security incidents on SQL1 by using Sentinel1.
What should you do first?

A. On SQL1, enable SQL1 Server audit.

B. On SQL1. install the Connected Machine agent for Azure Arc-enabled servers.

C. From the Azure portal, create a Log Analytics workspace.

D. From Sentinel1, enable VM insights.