You are implementing an Azure Kubernetes Service (AKS) cluster for a production workload. You need to ensure that the cluster meets the following requirements: Provides the highest networking performance possible Manages ingress traffic by using Kubernetes tools What should you use?  CNI networking with Azure load balancers   CNI networking with ingress resources and controllers  Kubenet networking with Azure load balancers  Kubenet networking with ingress resources and controllers You need to implement an Azure Policy initiative to monitor and enforce compliance for a payment processing service. Which policy initiative should you use?   Azure Security Benchmark   CIS controls   NIST SP 800-53   PCI DSS You have an application that will securely share files hosted in Azure Blob storage to external users. The external users will not use Azure AD to authenticate. You plan to share more than 1,000 files. You need to restrict access to only a single IP address for each file. What should you do?   Configure a storage account firewall.   Generate a service SAS that include the signedIP field.   Set the Allow public anonymous access to setting for the storage account.   Set the Secure transfer required setting for the storage account.

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
Question

You are implementing an Azure Kubernetes Service (AKS) cluster for a production workload.

You need to ensure that the cluster meets the following requirements:

Provides the highest networking performance possible
Manages ingress traffic by using Kubernetes tools

What should you use?

 CNI networking with Azure load balancers

  CNI networking with ingress resources and controllers

 Kubenet networking with Azure load balancers

 Kubenet networking with ingress resources and controllers

You need to implement an Azure Policy initiative to monitor and enforce compliance for a payment processing service.

Which policy initiative should you use?

  Azure Security Benchmark

  CIS controls

  NIST SP 800-53

  PCI DSS

You have an application that will securely share files hosted in Azure Blob storage to external users. The external users will not use Azure AD to authenticate.

You plan to share more than 1,000 files.

You need to restrict access to only a single IP address for each file.

What should you do?

  Configure a storage account firewall.

  Generate a service SAS that include the signedIP field.

  Set the Allow public anonymous access to setting for the storage account.

  Set the Secure transfer required setting for the storage account.

You have an Azure SQL Database server.

You enable Azure AD authentication for Azure SQL.

You need to prevent other authentication methods from being used.

Which command should you run?

 az sql mi ad-admin create

 az sql mi ad-only-auth enable

  az sql server ad-admin create

  az sql server ad-only-auth enable

You have an application that securely shares files hosted in Azure Blob storage to external users by using an account SAS.

One of the SAS tokens is compromised.

How should you stop the compromised SAS token from being used?

 Regenerate the storage account access keys.

  Set the Allow public anonymous access to setting for the storage account.

  Set the Secure transfer required property for the storage account.

  Switch to managed identities.

 

Save assessment

You have an Azure subscription that contains an Azure Kubernetes Service (AKS) cluster named AKS1 and a user named User1.

You need to ensure that User1 has access to AKS1 secrets. The solution must follow the principle of least privilege.

Which role should you assign to User1?

  Azure Kubernetes Service RBAC Admin

  Azure Kubernetes Service RBAC Cluster Admin

  Azure Kubernetes Service RBAC Reader

  Azure Kubernetes Service RBAC Writer

You have a Linux virtual machine in an on-premises datacenter that is used as a forwarder for Microsoft Sentinel by using CEF-formatted logs.

The timestamp on events retrieved from the forwarder is the time the agent on the forwarder received the event, not the time the event occurred on the system it came from.

You need to ensure that Microsoft Sentinel receives the time the event was generated.

What should you do?

  Run cef_gather_info.py on CEF forwarder.

  Run cef_gather_info.py on each system that sends events to the forwarder.

  Run TimeGenerated.py on each system that sends events to the forwarder.

  Run TimeGenerated.py on the CEF forwarder. 

Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 3 steps

Blurred answer
Knowledge Booster
Network Transmission Cabling
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Similar questions
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education