dynamic groups and conditional access policies Answer D Explanation Scenario

Dynamic groups and conditional access policies answer

This preview shows page 139 - 141 out of 155 pages.

dynamic groups and conditional access policies Answer: D Explanation: Scenario: Ensure Azure Multi-Factor Authentication (MFA) for the users in the finance department only. The recommendation is to use conditional access policies that can then be targeted to groups of users, specific applications, or other conditions. References: NO.159 You need to meet the connection requirements for the New York office. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Answer: Explanation: Box 1: Create a virtual network gateway and a local network gateway. Azure VPN gateway. The VPN gateway service enables you to connect the VNet to the on-premises network through a VPN appliance. For more information, see Connect an on-premises network to a Microsoft Azure virtual network. The VPN gateway includes the following elements: * Virtual network gateway. A resource that provides a virtual VPN appliance for the VNet. It is responsible for routing traffic from the on-premises network to the VNet. * Local network gateway. An abstraction of the on-premises VPN appliance. Network traffic from the cloud application to the on-premises network is routed through this gateway. * Connection. The connection has properties that specify the connection type (IPSec) and the key shared with the on-premises VPN appliance to encrypt traffic. * Gateway subnet. The virtual network gateway is held in its own subnet, which is subject to various requirements, described in the Recommendations section below. Box 2: Configure a site-to-site VPN connection
Image of page 139
140 On premises create a site-to-site connection for the virtual network gateway and the local network gateway. Scenario: Connect the New York office to VNet1 over the Internet by using an encrypted connection. Incorrect Answers: Azure ExpressRoute: Established between your network and Azure, through an ExpressRoute partner. This connection is private. Traffic does not go over the internet. References: - networking/vpn =================================================== Topic 2, Humongous Insurance Overview Existing Environment Huongous Insurance is an insurance company that has three offices in Miami, Tokoyo, and Bankok. Each has 5000 users. Active Directory Environment Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com. The functional level of the forest is Windows Server 2012. You recently provisioned an Azure Active Directory (Azure AD) tenant. Network Infrastructure Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.
Image of page 140
Image of page 141

You've reached the end of your free preview.

Want to read all 155 pages?

  • Fall '19
  • IP address, virtual machine, Azure

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture