Your company has a main office and two branch offices. Each office connects directly to the internet. The router in each branch office is configured as an endpoint for the following VPNs:
A VPN connection to the main office
A site-to-site VPN to Azure
The routers in each branch office have the Quality of Service (QoS) rules shown in the following table.
Users in the branch office report slow responses and connection errors when they attempt to connect to Windows Virtual Desktop resources.
You need to modify the QoS rules on the branch office routers to improve Windows Virtual Desktop performance.
For which rule should you increase the bandwidth allocation?
Your network contains an on-premises Active Directory domain that syncs to a Microsoft Entra tenant. The domain contains the users shown in the following table.
You have a Azure Virtual Desktop deployment that contains the application groups shown in the following table.
You have the workspaces shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure Virtual Desktop deployment.
You plan to use a Conditional Access policy to enforce multi-factor authentication (MFA) when users connect to the deployment. The solution must meet the following requirements:
• Enforce MFA when a user connects to Azure Virtual Desktop by using a subscription feed.
• Enforce MFA when a user authenticates to a session host that has single sign-on (SSO) enabled.
You need to identify which cloud apps to use for the Conditional Access policy.
Which app should you use for each requirement? To answer, drag the appropriate apps to the correct requirements. Each app may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You deploy multiple Windows Virtual Desktop session hosts that have only private IP addresses.
You need to ensure that administrators can initiate an RDP session to the session hosts by using the Azure portal.
What should you implement?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Virtual Desktop deployment
You need to ensure that users are signed out automatically when they disconnect from a session.
Solution: From the Local Group Policy Editor, you configure the Connections settings.
Does this meet the goal?
You are designing an Azure Virtual Desktop deployment.
You identify the network latency between the locations where users reside and the planned deployment.
What should you use to identify the best Azure region to deploy the host pool?
You network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. The domain contains the users shown in the following table.
You have a Windows Virtual Desktop deployment that contains the application groups shown in the following table.
You have the workspaces shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure Virtual Desktop deployment.
The session hosts are joined to an on-premises Active Directory domain named contoso.com.
You need to limit user sessions to three hours.
What should you configure?
You have an Azure Virtual Desktop deployment that contains the resources shown in the following table.
You need to enable just-in-time (JIT) VM access for all the session hosts.
What should you do first?
You have a Windows Virtual Desktop host pool named Pool1 and an Azure Automation account named account1. Pool1 is integrated with an Azure Active Directory Domain Services (Azure AD DS) managed domain named contoso.com.
You plan to configure scaling for Pool1 by using Azure Automation runbooks.
You need to authorize the runbooks to manage the scaling of Pool1. The solution must minimize administrative effort.
What should you configure?
TESTED 22 Feb 2025
