Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview -
Humongous Insurance is an insurance company that has three offices in Miami, Tokyo and Bangkok. Each office has 5.000 users.
Existing Environment -
Active Directory Environment -
Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com. The functional level of the forest is Windows Server 2012.
You recently provisioned an Azure Active Directory (Azure AD) tenant.
Network Infrastructure -
Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.
Each office has several link load balancers that provide access to the servers.
Active Directory Issue -
Several users in humongousinsurance.com have UPNs that contain special characters.
You suspect that some of the characters are unsupported in Azure AD.
Licensing Issue -
You attempt to assign a license in Azure to several users and receive the following error message: "Licenses not assigned. License agreement failed for one user."
You verify that the Azure subscription has the available licenses.
Requirements -
Planned Changes -
Humongous Insurance plans to open a new office in Paris. The Paris office will contain 1,000 users who will be hired during the next 12 months. All the resources used by the Paris office users will be hosted in Azure.
Planned Azure AD Infrastructure -
The on-premises Active Directory domain will be synchronized to Azure AD.
All client computers in the Paris office will be joined to an Azure AD domain.
Planned Azure Networking Infrastructure
You plan to create the following networking resources in a resource group named All_Resources:
- Default Azure system routes that will be the only routes used to route traffic
- A virtual network named Paris-VNet that will contain two subnets named Subnet1 and Subnet2
- A virtual network named ClientResources-VNet that will contain one subnet named ClientSubnet
- A virtual network named AllOffices-VNet that will contain two subnets named Subnet3 and Subnet4
You plan to enable peering between Paris-VNet and AllOffices-VNet. You will enable the Use remote gateways setting for the Paris-VNet peerings.
You plan to create a private DNS zone named humongousinsurance.local and set the registration network to the ClientResources-VNet virtual network.
Planned Azure Computer Infrastructure
Each subnet will contain several virtual machines that will run either Windows Server 2012 R2, Windows Server 2016, or Red Hat Linux.
Department Requirements -
Humongous Insurance identifies the following requirements for the company's departments:
- Web administrators will deploy Azure web apps for the marketing department. Each web app will be added to a separate resource group. The initial configuration of the web apps will be identical. The web administrators have permission to deploy web apps to resource groups.
- During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.
Authentication Requirements -
Users in the Miami office must use Azure Active Directory Seamless Single Sign-on (Azure AD Seamless SSO) when accessing resources in Azure.
You need to define a custom domain name for Azure AD to support the planned infrastructure.
Which domain name should you use?
Introductory Info
Question
Click on the arrows to vote for the correct answer
A. B. C. D.C
Every Azure AD directory comes with an initial domain name in the form of domainname.onmicrosoft.com. The initial domain name cannot be changed or deleted, but you can add your corporate domain name to Azure AD as well. For example, your organization probably has other domain names used to do business and users who sign in using your corporate domain name. Adding custom domain names to Azure AD allows you to assign user names in the directory that are familiar to your users, such as "alice@contoso.com.' instead of 'alice@domain name.onmicrosoft.com'.
Scenario:
Network Infrastructure: Each office has a local data center that contains all the servers for that office. Each office has a dedicated connection to the Internet.
Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com
Planned Azure AD Infrastructure: The on-premises Active Directory domain will be synchronized to Azure AD.
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domainTo support the planned infrastructure, you need to define a custom domain name for Azure AD. The domain name you choose should be unique, resolvable, and under your ownership.
Option A, ad.humongousinsurance.com, could be a valid option, but it is not recommended to use "ad" as a domain name, as it is commonly used for Active Directory. Moreover, it may cause issues with certain protocols, such as LDAP.
Option B, humongousinsurance.local, is not a recommended option for a custom domain name in Azure AD. The .local domain is reserved for Multicast DNS (mDNS) and is not routable on the internet. Therefore, it should not be used as a custom domain name.
Option C, humongousinsurance.com, is a recommended option for a custom domain name in Azure AD. It is a registered domain that is owned by Humongous Insurance and can be used to create a public domain in Azure AD. It is also a resolvable domain name that can be accessed from anywhere on the internet.
Option D, humongousinsurance.onmicrosoft.com, is the default domain name that Azure AD assigns to every new tenant. It can be used as a custom domain name, but it is not recommended since it does not reflect the company's branding and may cause confusion among users.
Therefore, the recommended domain name to use as a custom domain name for Azure AD in this case is option C, humongousinsurance.com.