Your company has an Azure DevOps environment that can only be accessed by Azure Active Directory users.You are instructed to make sure that the Azure DevOps environment can only be accessed from devices connected to the company's on-premises network.Which of the following actions should you take?A. Assign the devices to a security group.B. Create a GPO.C. Configure Security in Project Settings from Azure DevOps.D. Configure conditional access in Azure Active Directory.

You are an Azure administrator at a company that is migrating its on-premises applications to Azure. The company has strict regulatory requirements that only allow data access from its headquarters, which are located at a specific IP address range. The applications will use Azure Blob Storage for data storage.QuestionTo meet compliance requirements, which of the following should you configure to ensure that only traffic from the company's headquarters can access the Azure Blob Storage?A. Configure a service endpoint between the headquarters' virtual network and Azure Blob Storage.B. Implement Azure Entra Identity Governance for conditional access based on IP location.C. Set up a Network Security Group (NSG) with a rule allowing access only from the headquarters’ IP range.D. Apply an IP restriction rule in the Firewalls and virtual networks settings on the Azure Blob Storage account.

You're the systems administrator for an international trading company that uses Azure Active Directory (AD) and Microsoft Intune to manage their mobile devices. All company-owned mobile devices are registered in Azure AD and enrolled in Microsoft Intune.You've created the following dynamic user groups to manage access to company resources:Managers: jobTitle = "Manager"Consultants: jobTitle = "Customer Consultant"OfficeAdmin: jobTitle = "Office Administrator"SalesReps: jobTitle = "Sales Representative"You've created a conditional access policy that:Includes the SalesReps and Consultants user groups.Excludes the Managers user group.Applies the policy to the Microsoft 365, Microsoft Teams, and SharePoint cloud apps.Assigns the policy to Windows platforms.Requires that the Windows devices be marked as Compliant.Has a Location condition assigned to a Blocked Countries named location that blocks access from several countries based on IPv4 address.Is enabled.In addition, there is a device compliance policy that requires BitLocker to be installed and running on a Windows 11 device for the device to be marked as Compliant.After deploying the conditional access policy, you receive a support call from a customer consultant out in the field. She states that she's unable to access Microsoft Teams to join an important meeting. She's using a Windows 11 mobile device that's marked as Compliant in Intune.SOLUTION: You ask the consultant where she's located. She's in an airport in a country that's blocked by the named location. You inform her that she'll need to call into the Teams meeting using her cell phone.DragYesNoDropDoes this action resolve the device compliance policy issue?

You're the systems administrator for a fashion design company that uses Azure Active Directory (AD) and Microsoft Intune to manage their mobile devices. All company-owned mobile devices are registered in Azure AD and enrolled in Microsoft Intune.You've created the following Azure AD device groups:Win11dev: All company-owned Windows 11 mobile devicesiPadProdev: All company-owned iPad Pro tabletsAndroiddev: All company-owned Android mobile devicesYou've created a Microsoft App Store device configuration profile that restricts several options for employee management of apps in the Microsoft Store. These setting apply on the employees' managed Windows 11 mobile devices.However, when you test the device profile on a limited number of the Windows 11 mobile devices, you find that the device profile configurations aren't being applied.SOLUTION: You check the assignments for the device profile and notice that there are no assignments currently configured. On the Include tab, you assign the Win11dev device group to the device profile.DragYesNoDropDoes this action solve the issue of the unapplied device configuration profile?

You're the systems administrator for an international sports equipment retail company that uses Azure Active Directory (AD) and Microsoft Intune to their manage mobile devices. All company-owned mobile devices are registered in Azure AD, enrolled in Microsoft Intune, and have BitLocker installed and running.You've created a conditional access policy that:Includes an assigned Test user group.Applies the policy to the Microsoft 365, Microsoft Teams, and SharePoint cloud apps.Assigns the policy to Windows platforms.Requires the Windows device to be marked as Compliant.In addition, there's a device compliance policy that requires BitLocker to be installed and running on a Windows 11 device for the device to be marked as Compliant.After deploying the conditional access policy, you find that the policy isn't being applied to the user accounts in your Test user group.SOLUTION: You check the conditional access policy settings and discover that the Enable policy setting is set to Off. You change the setting to On.DragYesNoDropDoes this action resolve the compliance policy issue?

You're the systems administrator for an international sports equipment retail company that uses Azure Active Directory (AD) and Microsoft Intune to manage their mobile devices. All company-owned Windows 11 mobile devices are registered in Azure AD and enrolled in Microsoft Intune.You decide that you want to create an Intune conditional access policy that:Applies the policy to the Office 365, Microsoft Teams, and SharePoint cloud apps.Assigns the policy to Windows platforms.Requires the Windows 11 devices to be marked as Compliant.To properly configure this Intune conditional access policy, you need to perform several tasks. From the list of tasks on the left, drag the tasks to the right in the proper order for creating the policy. (Not all listed tasks are part of creating the policy.)Give the policy a name.Enable the policy.Send an email to the users.Assign users and user groups.Select cloud apps or user actions.Grant or block access based on controls.Select conditions.Set up network fencing.Determine the OS version.move rightmove left