Free Microsoft AZ-140 Actual Exam Questions - Question 1 Discussion
storage account named storage1.
You have an Azure Virtual Desktop deployment that contains a host pool named Pool1. Pool1
contains session hosts that are Microsoft Entra joined.
You plan to implement FSLogix profile containers for the session hosts of Pool1.
In storage1, you create a new Azure Files share named share1.
You need to ensure that share! can store the FSLogix profile containers.
What should you enable for share!?
Probably D could work here since FSLogix profile containers need strong security on the Azure Files share to protect user data. Setting the security profile to Maximum security might ensure SMB encryption and more stringent controls are in place. This feels like a safer bet compared to just compatibility mode, which might not enforce the needed protections for user profiles. Plus, if Kerberos were enough on its own, they might have said so directly, but this points to a combination of strong security settings being required.
C. FSLogix profile containers need Kerberos authentication to securely access Azure Files on Entra joined hosts, so enabling Microsoft Entra Kerberos is essential here. Other options don’t provide the necessary authentication protocol.
C. FSLogix needs Kerberos authentication to handle user profiles on Azure Files with Entra-joined hosts, so enabling Microsoft Entra Kerberos makes sense to allow proper access and security.
A, because FSLogix often needs broad SMB protocol support for profile containers.
A/D? I’m thinking it has to do with the SMB protocol compatibility. FSLogix needs certain SMB features enabled, and sometimes “Maximum compatibility” is recommended to avoid issues with profile containers. “Maximum security” might block some necessary access. So A makes sense, but D could be overkill and cause problems. The domain services and Kerberos options (B and C) seem less relevant since the session hosts are already Microsoft Entra joined and the main concern is the share settings itself.
Option A