Plan and implement identity and security Questions
Practice questions for Plan and implement identity and security topic in Microsoft Certified: Azure Virtual Desktop Specialty. 38 questions covering this domain.
A team wants Microsoft Entra single sign-on to remote sessions. Which session host join state is required?
A security architect wants all outbound traffic from session host subnets to pass through a virtual firewall for inspection. Which routing configurati...
Which combination aligns with Microsoft's documented security recommendations for Azure Virtual Desktop?
Administrators need RDP and SSH access to session hosts over TLS on port 443 without assigning public IP addresses to those VMs. Which service should ...
Which Azure role should be assigned so a user can access published resources in an Azure Virtual Desktop application group?
Which user identity model is not supported for Azure Virtual Desktop sign-in?
A company wants just-in-time administrative access to Azure Virtual Desktop session hosts through Microsoft Defender for Cloud. Which prerequisite com...
A disaster recovery design proposes using confidential virtual machines for session hosts and protecting them with Azure Backup and Azure Site Recover...
An operations engineer must manage Azure Virtual Desktop resources but must not be able to grant access to other users. Which role best matches this r...
An administrator must enforce CMK encryption for managed disks of session hosts using a key in Azure Key Vault. Which configuration is required?
Which Microsoft Entra ID feature should an administrator use to require MFA specifically when users connect to the Azure Virtual Desktop client app?
An administrator scopes a Conditional Access policy that requires compliant devices for AVD. Users on supported clients suddenly cannot sign in. Which...
Which built-in role grants the AVD service principal permission to start, stop, and resize VMs as part of autoscaling?
A team uses Microsoft Entra joined session hosts and wants users to access on-premises file shares using Kerberos from inside the AVD session. Which d...
To deter photographing the screen by overlaying user-identifying information, which AVD feature should be enabled?
An organization wants AVD session hosts to use Trusted Launch features (Secure Boot, vTPM) for boot integrity. Which prerequisite applies?
A regulated workspace must prevent users from screen-capturing the AVD session contents using common OS capture tools. Which AVD feature should be ena...
A security team needs to require periodic re-authentication every 4 hours for AVD sessions to limit the risk of stolen tokens. Which Conditional Acces...
A security engineer wants to use Conditional Access to block connections to Azure Virtual Desktop from countries not in the approved list. Which Condi...
A security architect needs to implement passwordless authentication for Azure Virtual Desktop sessions. Which authentication methods are documented as...
Sign in to see all 38 questions
Create a free account to browse all questions — completely free during our launch phase.