At ValidExamDumps, we consistently monitor updates to the Microsoft AZ-600 exam questions by Microsoft. Whenever our team identifies changes in the exam questions,exam objectives, exam focus areas or in exam requirements, We immediately update our exam questions for both PDF and online practice exams. This commitment ensures our customers always have access to the most current and accurate questions. By preparing with these actual questions, our customers can successfully pass the Microsoft Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack Hub exam on their first attempt without needing additional materials or study guides.
Other certification materials providers often include outdated or removed questions by Microsoft in their Microsoft AZ-600 exam. These outdated questions lead to customers failing their Microsoft Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack Hub exam. In contrast, we ensure our questions bank includes only precise and up-to-date questions, guaranteeing their presence in your actual exam. Our main priority is your success in the Microsoft AZ-600 exam, not profiting from selling obsolete exam questions in PDF or Online Practice Test.
You have a connected Azure Stack Hub integrated system that contains a user named User1.
You need to ensure that User1 can onboard a new guest tenant directory. The solution must use the principle of least privilege.
Which role should you assign to User1?
Hybrid Identity Administrator role is now available with Cloud Provisioning
Type: New feature
Service category: Azure AD Cloud Provisioning
Product capability: Identity Lifecycle Management
IT Admins can start using the new 'Hybrid Admin' role as the least privileged role for setting up Azure AD Connect Cloud Provisioning. With this new role, you no longer have to use the Global Admin role to set up and configure Cloud Provisioning.
Note: Hybrid Identity Administrator
Users in this role can create, manage and deploy provisioning configuration setup from AD to Azure AD using Cloud Provisioning as well as manage Azure AD Connect, Pass-through Authentication (PTA), Password hash synchronization (PHS), Seamless Single Sign-On (Seamless SSO), and federation settings. Users can also troubleshoot and monitor logs using this role.
You back up VM1 .
You restore VM1 to the integrated system.
You need to ensure that VM1 will start successfully and that users can connect to share!
Which three actions should you perform after restoring VM1 from the backup? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You provision a new certificate to support the planned changes.
You need to validate the certificate.
Which PowerShell module should you install first?
Use the Azure Stack Hub Readiness Checker tool to validate that generated public key infrastructure (PKI) certificates which are suitable for pre-deployment. Validate certificates by leaving enough time to test and reissue certificates if necessary.
The Readiness Checker tool performs the following certificate validations:
* Parse PFX
Checks for valid PFX file, correct password, and whether the public information is protected by the password.
* Expiry Date
Checks for minimum validity of seven days.
* Signature algorithm
Checks that the signature algorithm isn't SHA1.
* Private Key
Checks that the private key is present and is exported with the local machine attribute.
* Etc.
Note: Perform core services certificate validation
Use these steps to validate the Azure Stack Hub PKI certificates for deployment and secret rotation:
1. Install AzsReadinessChecker from a PowerShell prompt (5.1 or above) by running the following cmdlet:
Install-Module Microsoft.AzureStack.ReadinessChecker -Force -AllowPrerelease
2. Create the certificate directory structure.
3. Etc.
https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-validate-pki-certs
You are troubleshooting an Azure Stack Hub integrated system.
A Microsoft Support Engineer needs to review automatically uploaded logs.
What should you provide to the Microsoft Support Engineer?
The Cloud ID is the unique ID for tracking support data uploaded from a specific scale unit. When diagnostic logs are uploaded for support analysis, the Cloud ID is how the logs are associated with that scale unit.
You have 20 computers that run Linux.
You deploy a disconnected Azure Stack Hub integrated system.
You need to ensure that users on the Linux computers can manage their Azure Stack Hub resources by using Azure Command-Line Interface (CLI).
What should you do first?
Add certificate
Export and then import Azure Stack Hub certificate for disconnected integrated systems and for the ASDK.
You need the CA root certificate for Azure Stack Hub to use Azure CLI on your development machine.
Export the Azure Stack Hub CA root certificate
Export the CA root certificate. To export the ASDK root certificate in PEM format:
Get the name of your Azure Stack Hub Root Cert:
1. Sign in to the Azure Stack Hub User or Azure Stack Hub Administrator portal.
Select the lock in the browser address bar.
In the pop-up window, select Connection is secure.
In the Certificate window, select the Certification Path tab.
Note down the name of your Azure Stack Hub Root Cert, for example, *.<locale>.<FQDN>
2. Sign in to the VM, open an elevated PowerShell prompt, and then run the following script:
$label = '*.<locale>.<FQDN> from step 1'
Write-Host 'Getting certificate from the current user trusted store with subject CN=$label'
$root = Get-ChildItem Cert:\CurrentUser\Root | Where-Object Subject -eq 'CN=$label' | select -First 1
if (-not $root)
{
Write-Error 'Certificate with subject CN=$label not found'
return
}
Write-Host 'Exporting certificate'
Export-Certificate -Type CERT -FilePath root.cer -Cert $root
Write-Host 'Converting certificate to PEM format'
certutil -encode root.cer root.pem
https://learn.microsoft.com/en-us/azure-stack/asdk/asdk-cli
https://learn.microsoft.com/en-us/azure-stack/user/azure-stack-version-profiles-azurecli2
