You have an Azure Load Balancer named LB1 that balances requests to five Azure virtual machines.
You need to develop a monitoring solution for LB1. The solution must generate an alert when any of the following conditions are met:
Which signal should you include in the solution for each condition? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer is in the explanation below.
Reference / correct answer:
Box 1: Data path availability
Standard Load Balancer continuously exercises the data path from within a region to the load balancer front end, all the way to the SDN stack that supports your VM. As long as healthy instances remain, the measurement follows the same path as your application's load-balanced traffic. The data path that your customers use is also validated. The measurement is invisible to your application and does not interfere with other operations.
Note: Load balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances. These flows are according to configured load-balancing rules and health probes. The backend pool instances can be Azure Virtual Machines or instances in a virtual machine scale set.
Box 2: SYN count
SYN (synchronize) count: Standard Load Balancer does not terminate Transmission Control Protocol (TCP) connections or interact with TCP or UDP packet flows. Flows and their handshakes are always between the source and the VM instance. To better troubleshoot your TCP protocol scenarios, you can make use of SYN packets counters to understand how many TCP connection attempts are made. The metric reports the number of TCP SYN packets that were received.
You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.
Your company has a line-of-business (LOB) application that was developed internally.
You need to implement. SAML single sign-on (SSO) and enforce multi-factor authentication (MFA) when users attempt to access the application from an unknown location.
Which two features should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Select all that apply, then click Submit answer.
○
Azure AD enterprise applications
○
Azure AD Identity Protection
○
Azure Application Gateway
○
Conditional Access policies
○
Azure AD Privileged Identity Management (PIM)
Reference / correct answer:
Azure AD enterprise applications
Conditional Access policies
To achieve SAML single sign-on (SSO) for an internally developed LOB application, you must configure Azure AD enterprise applications to integrate the application with Azure Active Directory using SAML-based authentication. Additionally, to enforce multi-factor authentication (MFA) when users are accessing the application from unknown locations, you should use Conditional Access policies. Conditional Access allows you to set conditions under which users must perform MFA to gain access to applications. This ensures added security when the system detects potentially risky sign-in behavior, such as those from unknown locations. More information can be found in Azure AD Connect documentation and Conditional Access documentation.
Question 6(New Update)
You have an Azure subscription that contains an Azure Blob storage account named store1.
You have an on-premises file server named Setver1 that runs Windows Sewer 2016. Server1 stores 500 GB of company files.
You need to store a copy of the company files from Server 1 in store1.
Which two possible Azure services achieve this goal? Each correct answer presents a complete solution.
