Azure - AZ-900 - Part 5
What is the minimum charge for having an Azure Account each month, even if you don't use any resources?
$0
True or false: Azure Cloud Shell allows access to the Bash and Powershell consoles in the Azure Portal
TRUE
True or false: You can run a containerized application on a virtual machine.
TRUE
How does the use of availability zones improve the availability of your application?
Keeps your servers in separate data centers in the same region, protecting them from data center specific issues such as power-outages or internet disconnection.
What Azure resource allows you to evenly split traffic coming in and direct it to several identical virtual machines to do the work and respond to the request?
Load Balancer or Application Gateway
Which free Azure security service checks all traffic travelling over a subnet against a set of rules before allowing it in, or out.
Network Security Group
True or false: Azure charges for bandwidth used <b>inbound</b> to Azure
FALSE
Which of the following is an example of passwordless authentication? Choose all that apply.
4-digit PIN code to unlock your laptop, Entering a number shown on your phone app, Magic login link sent to your email, Facial recognition.
Which of the following is a good example of a Hybrid cloud?
A server runs in your own environment but places files in the cloud so that it can extend the amount of storage it has access to.
Geo-redundant storage (GRS) stores how many copies of your file?
6
What makes estimating the cost of an unmanaged storage account difficult?
You are charged for data leaving Azure, and it's difficult to predict that
What Azure service allows you to use JSON to define your infrastructure, and is sometimes described as <b>infrastructure as code</b>?
ARM Templates
Which of the following is considered a benefit of consumption-based pricing?
Ability to save money by scaling-down services when not required.
_______________ are isolated (single-tenant) environments where you can deploy one or more Azure App Services on your own virtual network.
App Service Environments
Which of the following is not taken into account when comparing the total cost of ownership (TCO) of a cloud-hosted solution with an on-premises hosted solution?
Application Developer costs
What is the benefit of using a command line tool like Powershell or CLI as opposed to the Azure portal?
Automation
Which Azure service is the recommended Identity-as-a-Service offering inside Azure?
Azure Active Directory (AD)
__________ simplifies governance and management by delivering a consistent multi-cloud and on-premises management platform.
Azure Arc
If you are a US federal, state, local, or tribal government entities and their solution providers, which Azure option should you be looking to register for?
Azure Government
Which of the following is not an example of Infrastructure as a Service?
Azure SQL Database
Which tool within Azure is comprised of : Azure Status, Service Health and Resource Health?
Azure Service Health
Why are Azure App Services considered Platform as a Service?
You give Azure the code and configuration, and you have no access to the underlying hardware.
What is the concept of being able to get your applications and data running in another environment quickly?
Business Continuity / Disaster Recovery (BC/DR)
Of the following types of data, which type is best suited for the archive storage tier?
Data that you don't expect to ever need to access, but want to keep just in case
Windows servers use 'remote desktop protocol' (RDP) in order for administrators to get access to manage the server. Linux servers use SSH. What is the recommendation for ensuring the security of these protocols?
Do not allow public Internet access over the RDP and SSH ports directly to the server. Instead use a secure server like Bastion to control access to the servers behind.
What services does Azure Active Directory Domain Services (AD DS) provide?
Domain Join
Besides Azure Service Health, where else can you find out any issues that affect the Azure global network that affect you?
Each Virtual Machine has a Resource Health blade
What is the concept of paired regions?
Each region in the world has at least one other region in which is shares an extremely high speed connection, and where there is coordinated action by Azure not to do anything that will bring them both down at the same time.
True or false: You can create a virtual machine without attaching it to a virtual network.
FALSE
Which of the following cloud computing models requires the highest level of involvement in maintaining the operating system and file system by the customer?
IaaS
What effect does setting a budget have on a subscription?
It can alert you when the budget is reached or start an automation
In what way does Multi-Factor Authentication increase the security of a user account?
It requires the user to possess something like their phone to read an SMS, use a mobile app or biometric identification.
What is the benefit of using Powershell over CLI?
No benefit, it's the same
Each person has their own user id and password to log into Azure. But how many subscriptions can a single account be associated with?
No limit
Which of the following is the primary benefit of single-sign on (SSO)?
Not having to remember an additional user id and password
What types of files can a Content Delivery Network speed up the delivery of?
PDFs, JavaScript files, Images, Videos
Which of the following scenarios would Azure Policy be a recommended method for enforcement?
Prevent certain Azure Virtual Machine instance types from being used in a resource group
Application Gateway contains what additional optional security feature over a regular Load Balancer?
Web Application Firewall (or WAF)
What is the best criteria to decide what resources go into the same resource group?
Resource in a resource group should be related in some way, They should share the same lifecycle so they can be added, updated and deleted together.
Where can you go to see all of the international standards compliance documents and audit results that Azure provides for itself?
Service Trust Portal
Select all features part of Azure AD?
Single sign-on, custom banned password list, Device Management, Smart lockout
What is the concept of Availability?
The percentage of time a system responds properly to requests, expressed as a percentage over time
What would be a good reason to have multiple Azure subscriptions?
There is one person/credit card paying for resources, but many people who have accounts in Azure, and you need to separate out resources between clients so that there is absolutely no chance of resources being exposed between them.
Which of the following elements is considered part of the <b>perimeter</b> layer of security?
Use a firewall
Select the way(s) to increase the security of a traditional user id and password system?
Use multi-factor authentication which requires an additional device (something you have) to verify identity, Do not allow users to log into an application except using a company registered device. Require users to change their passwords more frequently. Require longer and more complex passwords.
Why is a user id and password sometimes not enough to prove someone is who they say they are?
User id and password can be used by anyone such as a co-worker, ex-employee or hacker half-way around the world.
One of the three core principles of the Zero Trust model of security is:
Verify explicitly
What Azure product allows you to autoscale virtual machines from 1 to 1000 instances, and also provides load balancing services built in?
Virtual Machine Scale Sets
What is the maximum amount of Azure Storage space a single subscription can store?
Virtually Unlimited
In Azure, resource tags are ________ that can be associated with each resource.
metadata elements