- Email support@dumps4free.com
Topic 3 : Mix Questions
You have an Azure Container Registry named ContReg1 that contains a container image named image1. You enable content trust for ContReg1. After content trust is enabled, you push two images to ContReg1 as shown in the following table. Which images are trusted images?
A. image1 and image2 only
B. image2 only
C. image1, image2, and image3
Explanation:
Azure Container Registry implements Docker's content trust model, enabling pushing and pulling of signed images.
To push a trusted image tag to your container registry, enable content trust and push the image with docker push.
To work with trusted images, both image publishers and consumers need to enable content trust for their Docker clients. As a publisher, you can sign the images you push to a content trust-enabled registry.
[Reference:, https://docs.microsoft.com/en-us/azure/container-registry/container-registry-content-trust, , , , , , , , , ]
Lab Task
Task 2
You need to ensure that the events in the NetworkSecurityGroupRuleCounter log of the VNETOI-Subnet0-NSG network security group (NSG) are stored in the Iogs31330471 Azure Storage account for 30 days.
Explanation:
Enable diagnostic resource logging for the NSG. You can use the Azure portal, Azure PowerShell, or the Azure CLI to do this. You need to select the Rule counter category under Logs and choose the Iogs31330471 storage account as the destination.
Configure the retention policy for the storage account to keep the logs for 30 days. You can use the Azure portal, Azure PowerShell, or the Azure CLI to do this. You need to specify the days parameter as 30 for the Set-AzStorageServiceProperty cmdlet or the az storage logging update command.
View and analyze the logs in the storage account. You can use any tool that can read JSON files, such as Azure Storage Explorer or Visual Studio Code. You can also export the logs to any visualization tool, SIEM solution, or IDS of your choice
You need to configure support for Azure Sentinel notebooks to meet the technical requirements. What is the minimum number of Azure container registries and Azure Machine Learning workspaces required?
Explanation:
[Reference:, https://docs.microsoft.com/en-us/azure/sentinel/notebooks, , ]
You need to encrypt storage1 to meet the technical requirements. Which key vaults can you use?
A. KeyVault1 only
B. KeyVault2 and KeyVault3 only
C. KeyVault1 and KeyVault3 only
D. KeyVault1 KeyVault2 and KeyVault3
Explanation:
The storage account and the key vault must be in the same region and in the same Azure Active Directory (Azure AD) tenant, but they can be in different subscriptions.
Storage1 is in the West US region. KeyVault1 is the only key vault in the same region.
[Reference:, https://docs.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview, , , , ]
You plan to configure Azure Disk Encryption for VM4. Which key vault can you use to store the encryption key?
A. KeyVault1
B. KeyVault3
C. KeyVault2
Explanation:
The key vault needs to be in the same subscription and same region as the VM.
VM4 is in West US. KeyVault1 is the only key vault in the same region as the VM.
[Reference:, https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-key-vault, , , , ]
| Page 1 out of 7 Pages |