AZURE notes

Storage lifecycle management rule applies to storage V2 std, Blobstroage

std, BlockBlobStroage premium and not Filestorage premium

Azure internal load balancer as a listern for availability group enable

Floating IP.

Tags and locks can be applied to Sub1,RG1, VM1 only.

Point to site VPN connection, if already computer1 exists, for computer2 to

connect, export certificate from 1 and install on 2.just modifying Azure AD
authentication policy will not work.

User1 can assign the reader role for Vnet1 to other users – Assigner user1
the owner role of Vnet1
For external users of 500 in number, from Azure AD in Azure portal to
create bulk user,
To send bulk invitations to external users
◦ Use Bulk invite users to prepare a comma-separated value (.csv) file with the
user information and invitation preferences
◦ Upload the .csv file to Azure AD
Verify the users were added to the directory

To automate the deployment of VM scaleset win 2016bDC , when provision ensure

they have web server component installed (keyword automation)

You have an Azure virtual machine named VM1 that runs Windows Server 2019.
You need to create an alert in Azure when more than two error events are logged to
the System event log on VM1 within an hour.
Solution: You create an event subscription on VM1. You create an alert in Azure
Monitor and specify VM1 as the source.
Does this meet the goal?
◦ Yes
◦ No
1 You create an Azure Log Analytics workspace and configure the data settings.
2 You install the Microsoft Monitoring Agent on VM1.
3 You create an alert in Azure Monitor and specify the Log Analytics workspace
as the source.
httns://dors microsoft_com/en-us/azure/azure-monitor/platform/agents-overview
You have an Azure subscription named Subscription that contains an Azure Log
Analytics workspace named Workspace1. You need to view the error events from a
table named Event. Which query should you run in Workspace1?
◦ search in (Event) * | where EventType eq "error"
◦ select * from Event where EventType == "error"
◦ Event | search "error"
Get-Event Event | where {$_EventType == "error"}
https://learn.microsoft.com/en-us/azure/data-
explorer/kusto/query/searchoperator#search-predicate-syntax-examples

Your company has two on-premises servers named SRV01 and SRV02. Developers
have created an application that runs on SRV01. The application calls a service on
SRVO2 by IP address. You plan to migrate the application on Azure virtual machines
You have configured two VMs on a single subnet in an Azure virtual network.
You need to configure the two VMs with static internal IP addresses.
What should you do?
A. Modify the IP properties in Windows Network and Sharing Center.
BRun the Set-AzureStaticVNetIP PowerShell cmdlet.
CModify the VM properties in the Azure Management Portal.
D. Run the New-AzureRMVMConfig PowerShell cmdlet/
E.Run the Set-AzureSubnet PowerShell cmdlet/,
(A – only local, C- does not provide way for static, D-for new VM config E-modfiying
Azure subnet)

You have an Azure subscription named Subscription1. You create an Azure Storage
account named contosostorage, and then you create a file share named data.
Which UNC path should you include in a script that references files from the data file
share? To answer, drag the appropriate values to the correct targets. Each value
may be used once, more than once or not at all?
Values:
blob
contosostorage
file.core.windows.net
data
blob.core.windows.net
Answer: //(storageaccountname).file.core.windows.net/(fileshare name)
//contosostorage.file.core.windows.net/data

-----------
Your company has an Azure Active Directory (Azure AD) tenant that is configured for
hybrid coexistence with the on-premises Active Directory domain.
The on-premise virtual environment consists of virtual machines running on Windows
Server 2012 R2 Hyper-V host servers. You have created some PowerShell scripts to
automate the configuration of newly created VMs. You plan to create several new
VMs and need a solution that ensures the scripts are run on the new VMs. Which of
the following is the best solution?
◦ A.Place the scripts in a new virtual hard disk (VHD).
◦ B.Configure a Group Policy Object (GPO) to run the scripts as startup scripts.
◦ C.Configure a SetupComplete.cmd batch file in the windir%|setup |scripts
directory.
D. Configure a Group Policy Object (GPO) to run the scripts as logon scripts.
Explanation
Setupcomplete.cd and ErrorHandler.cmd are custom scripts that run during or after
the Windows Setup process. They can be used to install applications or run other
tasks by using script/wscript scripts.
◦ %WINDIR%\Setup\Scripts\SetupComplete.cmd: This script runs with local
system permissions and starts immediately after the user sees the desktop. This
setting is disabled when using OEM product keys, except on Enterprise editions and
Windows Server operating systems.
◦ %WINDIR% \Setup \Scripts\ErrorHandler.cmd: This script runs automatically
when Setup encounters a fatal error. It runs with local system permission.
https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/add-a-
custom-script-to-windows-setup
--------------

You have an Azure Directory tenant named DevOpsHub and an Azure Subscription
named Subscription1. DevOpsHub contains a group named Developers.
Subscription1 contains a resource group named Dev. You need to provide the
Developers group with the ability to create Azure logic apps in the Dev resource
group.
Solution: On Subscription1, you assign the Logic App Operator role to the
Developers group.
Does this meet the goal?
◦ Yes
No
(if contributor than yes but for create No)

Your company has an Azure Active Directory (Azure AD) tenant that is configured for
hybrid coexistence with the on-premises Active Directory domain. You plan to deploy
several new virtual machines in Azure. The VMs will have the same operating
system and custom software requirements. You configure a reference VM in the on-
premise virtual environment. You then generalize the VM to create an image. You
need to upload the image to Azure to ensure that it is available for selection when
you create the new Azure VMs. Which PowerShell cmdlets should you use?
◦ Add-AzlmageDataDisk
◦ Add-Azlmage
◦ Add-AzVhd
Add-AzVM
Ans: A
(applied at subscription level, exclusion ContosoRG1, polics def: certain
resource types are not allow to create as mentioned, resource not allowed
is MS SQL, it means you are not allowed to create MS SQL as para but
contosoRG1 is excluded. Therefore ans A)

-------

Ans: C. User 1 and User 4. Remember AD license assignment to nested

group is not permitted and it just can assigned to 1 st level its applied. As
user 2 and 3 are member of Group 2 and Group 3 which are nested in
Group 1 and Group 2 respectively.

Explanation
• Group-based licensing currently doesn't support groups that contain other groups
(nested groups). If you apply a license to a nested group, only the immediate first-
level user members of the group have the licenses applied.
https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-
group-advanced#limitations-and-known-issues
--------------------

ITSM allows to connect SM tool like MS SCSM

You have three offices and an Azure subscription that contains an Azure Active
Directory (Azure AD) tenant. You need to grant user management permissions to a
local administrator in each office. What should you use?
◦ Access packages in Azure AD entitlement management
◦ Azure roles
◦ Administrative units
Azure AD roles
Administrative units restrict permissions in a role to any portion of your organization
that you define. You could, for example, use administrative units to delegate the
Helpdesk Administrator role to regional support specialists, so they can manage
users only in the region that they support.
https://learn.microsoft.com/en-us/azure/active-directory/roles/administrative-units