You are implementing an Azure Kubernetes Service (AKS) cluster for a production workload. You need to ensure that the cluster meets the following requirements: Provides the highest networking performance possible Manages ingress traffic by using Kubernetes tools What should you use? CNI networking with Azure load balancers CNI networking with ingress resources and controllers Kubenet networking with Azure load balancers Kubenet networking with ingress resources and controllers You need to implement an Azure Policy initiative to monitor and enforce compliance for a payment processing service. Which policy initiative should you use? Azure Security Benchmark CIS controls NIST SP 800-53 PCI DSS You have an application that will securely share files hosted in Azure Blob storage to external users. The external users will not use Azure AD to authenticate. You plan to share more than 1,000 files. You need to restrict access to only a single IP address for each file. What should you do? Configure a storage account firewall. Generate a service SAS that include the signedIP field. Set the Allow public anonymous access to setting for the storage account. Set the Secure transfer required setting for the storage account.
You are implementing an Azure Kubernetes Service (AKS) cluster for a production workload. |
CNI networking with Azure load balancers |
CNI networking with ingress resources and controllers |
Kubenet networking with Azure load balancers |
Kubenet networking with ingress resources and controllers |
You need to implement an Azure Policy initiative to monitor and enforce compliance for a payment processing service. |
Azure Security Benchmark |
CIS controls |
NIST SP 800-53 |
PCI DSS |
You have an application that will securely share files hosted in Azure Blob storage to external users. The external users will not use Azure AD to authenticate. |
Configure a storage account firewall. |
Generate a service SAS that include the signedIP field. |
Set the Allow public anonymous access to setting for the storage account. |
Set the Secure transfer required setting for the storage account. |
You have an Azure SQL |
az sql mi ad-admin create |
az sql mi ad-only-auth enable |
az sql server ad-admin create |
az sql server ad-only-auth enable |
You have an application that securely shares files hosted in Azure Blob storage to external users by using an account SAS. |
Regenerate the storage account access keys. |
Set the Allow public anonymous access to setting for the storage account. |
Set the Secure transfer required property for the storage account. |
Switch to managed identities. |
|
Save assessment |
You have an Azure subscription that contains an Azure Kubernetes Service (AKS) cluster named AKS1 and a user named User1. |
Azure Kubernetes Service RBAC Admin |
Azure Kubernetes Service RBAC Cluster Admin |
Azure Kubernetes Service RBAC Reader |
Azure Kubernetes Service RBAC Writer |
You have a Linux virtual machine in an on-premises datacenter that is used as a forwarder for Microsoft Sentinel by using CEF-formatted logs. |
Run cef_gather_info.py on CEF forwarder. |
Run cef_gather_info.py on each system that sends events to the forwarder. |
Run TimeGenerated.py on each system that sends events to the forwarder. |
Run TimeGenerated.py on the CEF forwarder. |
Trending now
This is a popular solution!
Step by step
Solved in 3 steps