Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You use Azure Security Center for the centralized policy management of three Azure subscriptions.You use several policy definitions to manage the security of the subscriptions.You need to deploy the policy definitions as a group to all three subscriptions.Solution: You create a resource graph and an assignment that is scoped to a management group.Does this meet the goal?
You have an Azure Active Directory (Azure AD) tenant.You need to prevent nonprivileged Azure AD users from creating service principals in Azure AD.What should you do in the Azure Active Directory admin center of the tenant?
You have an Azure AD tenant that contains the users shown in the following table.You need to ensure that the users cannot create app passwords. The solution must ensure that User1 can continue to use the Mail and Calendar app.What should you do?
You have an Azure subscription named Sub1. Sub1 contains a virtual network named VNet1 that contains one subnet named Subnet1.You create a service endpoint for Subnet1.Subnet1 contains an Azure virtual machine named VM1 that runs Ubuntu Server 18.04.You need to deploy Docker containers to VM1. The containers must be able to access Azure Storage resources and Azure SQL databases by using the service endpoint.
You have an Azure subscription that contains the virtual networks shown in the following table.The subscription contains the virtual machines shown in the following table.On NIC1, you configure an application security group named ASG1.On which other network interfaces can you configure ASG1?