ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-800 All Questions

View all questions & answers for the AZ-800 exam
Go to Exam

Exam AZ-800 topic 2 question 8 discussion

Actual exam question from Microsoft's AZ-800
Question #: 8
Topic #: 2
[All AZ-800 Questions]

HOTSPOT -
You have an Azure subscription named sub1 and 500 on-premises virtual machines that run Windows Server.
You plan to onboard the on-premises virtual machines to Azure Arc by running the Azure Arc deployment script.
You need to create an identity that will be used by the script to authenticate access to sub1. The solution must use the principle of least privilege.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/azure/azure-arc/servers/onboard-service-principal
by edykss at Sept. 13, 2022, 4:56 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
edykss
Highly Voted 2 years, 2 months ago
Answer is Correct
upvoted 11 times
...
leegend
Highly Voted 1 year, 6 months ago
Got this question 28-5-23
upvoted 5 times
...
boapaulo
Most Recent 11 months, 3 weeks ago
To create an identity that will be used by the script to authenticate access to the Azure subscription called sub1, following the principle of least privilege, you must use the New-AzADServicePrincipal command with the -Role parameter set to 'Azure Connected Machine Onboarding' This command creates a new service principal in Azure Active Directory and assigns it the role that only allows machines to be onboarded to Azure Arc, with no additional permissions to reonboard or delete the resource from the machine. The full command would be: New-AzADServicePrincipal -DisplayName 'Arc-for-servers' -Role 'Azure Connected Machine Onboarding' This command ensures that the identity created has only the permissions necessary to perform the task of onboarding the on-premises virtual machines to Azure Arc, without granting excessive privileges that could be improperly exploited.
upvoted 2 times
...
syu31svc
1 year, 8 months ago
Answer is correct and link given supports it
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel