In a SaaS model, the SaaS provider hosts and manages the software application on their servers, and customers access and use the application remotely via the internet. Customers provide their own application-specific data to the SaaS application, which is processed and stored by the SaaS provider's infrastructure. The SaaS provider takes care of providing the necessary data storage, compute resources, and application software, making it a convenient solution for users who don't want to manage the underlying technical details themselves.

The correct statements are:

2. To build a hybrid cloud, you must deploy resources to the public cloud.

Building a hybrid cloud involves integrating and managing resources across both private and public cloud environments. This often means deploying certain resources or services to the public cloud while keeping others in the private cloud, and establishing connections and integrations between them.

3. A private cloud must be disconnected from the internet.

This statement is generally not correct.

A private cloud is a cloud infrastructure that is dedicated to a single organization. It can be hosted on-premises or in a data center and offers similar benefits to public clouds, such as scalability and self-service provisioning. However, private clouds can be connected to the internet to facilitate data exchange, updates, and other necessary functionalities. The level of internet connectivity and security measures would depend on the organization's specific requirements and policies.

Explanation

An initiative definition is a collection of policy definitions that can be used as a common overarching goal.

Definitions group a set of policies as one single item that can be assigned to scopes.

The scope for an initiative definition must either be a management group or a subscription:

• Subscription – Resources within that subscription can be assigned the policy.

• Management group – Resources within child management groups and child subscriptions can be assigned the policy. The location must be a management group that contains those subscriptions if you plan to apply the policy definition to several subscription

It is not true that the maximum number of allowed initiative definitions for a tenant is 100.

The following is the maximum counts of policy objects you can create per scope or tenant:

• Policy definitions per scope – 500

• Initiative definitions per scope – 100

• Initiative definitions per tenant – 1,000

• Policy or initiative assignments per scope – 100

• Parameters per policy definition – 20

• Policies per initiative definition – 100

• Parameters per initiative definition – 100

Explanation :

You should create a sign-up or sign-in policy and a password reset policy. The sign-up or sign-in policy controls the consumer sign-up and sign-in experiences with a single policy. The sign-up or sign-in policy allows users to choose the right path for either sign-up or sign-in with identity provider credentials, depending on the context. This policy also describes the contents of tokens used for sign-ups or sign-ins from the application.

The password reset policy allows you to enable a fine-grained password to reset on your application. Note that the tenant-wide password reset option that has been specified is still applicable for sign-in policies.

After creating a sign-in policy (with local accounts) or a sign-up policy, the user should see on the first page of the experience a link for “Forgot Password” reminder. If the user clicks the link, the link will not automatically trigger a password reset policy. It will generate a specific error code AADB2C90118, which is returned back to your app. You must write logic into your app to handle this error and invoke a specific password reset policy.

Conditional Access is the tool used by Azure Active Directory to allow (or deny) access to resources based on identity signals. Conditional access is a more refined MFA (multifactor authentication) method.

Single sign-on (SSO) is __________ method that enables users to sign in the first time and access various applications and resource by using same password.

Single sign-on is an authentication method that allows users to sign in using one set of credentials to login across applications. Single sign-on makes it easier to manage passwords and increases security capabilities.