Azure Ch 1-7
Your CIO suggests the possibility of moving some of your organization's resources to Azure to cut costs and improve availability and DR options. She asks you to explain how Azure subscriptions work. Choose all answers that are correct. -An organization can have multiple Azure subscriptions associated with either the same or different Azure AD tenants. -You can use Azure multiple subscriptions to distribute costs to multiple groups within your organization. -A subscription can be moved to a new Azure AD tenant. -A subscription can contain resources only from a single region.
-An organization can have multiple Azure subscriptions associated with either the same or different Azure AD tenants. -You can use Azure multiple subscriptions to distribute costs to multiple groups within your organization. -A subscription can be moved to a new Azure AD tenant.
Which of the following correctly describe Azure Active Directory? (Choose all that apply.) -Azure AD is a key component of role‐based access control (RBAC) in Azure -You must register an Azure web application with Azure AD to enable that application to authenticate and authorize users -All editions of Azure AD enable management of users and groups. -You must use on‐premises Active Directory along with Azure AD to enable on‐premises users to authenticate in Azure.
-Azure AD is a key component of role‐based access control (RBAC) in Azure -You must register an Azure web application with Azure AD to enable that application to authenticate and authorize users -All editions of Azure AD enable management of users and groups.
You are out of the office at an appointment and one of your team members sends you an urgent request to reset a web app because the only other people with the appropriate access are not available. All you have is your mobile device. Which two options can you use to reset the web app? -Azure portal -Azure CLI -Azure Cloud Shell -Azure PowerShell
-Azure CLI -Azure Cloud Shell
Which of the following use scenarios are appropriate for Azure Advisor? (Choose all that apply.) -Determining ways to reduce costs -Deploying security policies and initiatives based on recommendations from Microsoft -Getting recommendations for improving security -Viewing service health
-Determining ways to reduce costs -Getting recommendations for improving security
Which of the following correctly describe Azure Functions? (Choose all that apply.) -Functions are typically stateless but can be made stateful with the addition of a storage account. -Functions operate independently and cannot be integrated with Logic Apps. -You can use drag‐and‐drop features to create functions that automate processes. -Functions can be developed with any of several programming languages.
-Functions are typically stateless but can be made stateful with the addition of a storage account. -Functions can be developed with any of several programming languages.
Which of the following describes Azure DDoS Protection Standard? Choose all that apply. -It protects against volumetric, protocol, and resource layer attacks. -It alerts you when an attack is happening. -DDoS Standard protects all resources on a virtual network as soon as the service is enabled. -It provides mitigation reports.
-It protects against volumetric, protocol, and resource layer attacks. -It alerts you when an attack is happening. -DDoS Standard protects all resources on a virtual network as soon as the service is enabled. -It provides mitigation reports.
Which of the following describe Azure Machine Learning Studio? (Choose all that apply.) -It provides the ability for developers to create no‐code and code‐first machine learning solutions. -It provides a web portal through which developers can use drag‐and‐drop to create machine learning solutions. -It enables you to deploy machine learning models as web services. -None of the above
-It provides the ability for developers to create no‐code and code‐first machine learning solutions. -It provides a web portal through which developers can use drag‐and‐drop to create machine learning solutions. -It enables you to deploy machine learning models as web services.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below?Entering your PIN after you insert a debit card into an ATM is an example of multifactor authentication (MFA). -Providing a username and password to log into Windows. -Entering a PIN code on a keypad to enter a building. -Providing an email address and password to log into a website. -No change is needed.
-No change is needed.
Which of the following are capabilities of Azure Cognitive Services? (Choose all that apply.) -Processes natural language to determine what a user is asking. -Performs translation from one language to another. -Acts as a virtual agent to interact with users in a humanlike way. -Analyzes photos to identify content within them.
-Processes natural language to determine what a user is asking. -Performs translation from one language to another. -Analyzes photos to identify content within them.
Which of the following accurately describe Azure Key Vault? (Choose all that apply.) -Provides the capability to create, manage, and store certificates and other secrets. -Provides highly secure storage for certificates and other keys but not the capability to create them. -Works in conjunction with Azure Threat Protection (ATP) to secure and contain certificate‐based threats. -Enables application developers to avoid storing credentials in an application.
-Provides the capability to create, manage, and store certificates and other secrets. -Enables application developers to avoid storing credentials in an application.
Which of the following are correct statements regarding Azure Security Center? (Choose all that apply.) -Security Center integrates natively with Microsoft Defender to provide risk detection and assessment. -Security Center supports Linux operating systems. -Youmust add resources to Security Center to begin monitoring those resources. -Security Center provides monitoring and threat protection for VMs in Azure as well as on‐premises.
-Security Center integrates natively with Microsoft Defender to provide risk detection and assessment. -Security Center supports Linux operating systems. -Security Center provides monitoring and threat protection for VMs in Azure as well as on‐premises.
Which of the following capabilities require an Azure AD Premium edition? (Choose all that apply.) -Self‐service password management for on‐premises users, enabling them to change their own passwords -Enabling users to access on‐premises resources such as an on‐premises website using an Azure AD account -Managing Azure AD groups -Using RBAC to control access to resources with policies and initiatives
-Self‐service password management for on‐premises users, enabling them to change their own passwords -Enabling users to access on‐premises resources such as an on‐premises website using an Azure AD account
Which of the following accurately describe Azure Services that are in private preview? (Choose all that apply.) -They are available for all customers in the United States only. -They are available for customers by invitation from Microsoft. -They are generally not subject to SLAs. -They are not guaranteed to move to general availability.
-They are available for customers by invitation from Microsoft. -They are generally not subject to SLAs. -They are not guaranteed to move to general availability.
Your organization has made the decision to move workloads into Azure. As the Directory Services administrator, you need to explain authentication and authorization in Azure to the program managers leading the project. Which of the following are correct statements? -Identifying a user by a username and password is a form of authorization. -Validating that a user account has the necessary permissions to access a resource is an example of authorization. -Authentication identifies a user but does not provide access to resources. -9Providing a password to access a shared resource is a form of authorization.
-Validating that a user account has the necessary permissions to access a resource is an example of authorization. -Authentication identifies a user but does not provide access to resources.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below?Azure Information Protection (AIP) enables organizations to protect emails and documents using encryption, identity, and authorization policies. -encrypts data stored in Azure Premium storage. -provides secure storage for certificates, cryptographic keys, and other secrets. -is a mechanism in Azure Active Directory for encrypting and securing administrator credentials. -No change is needed.
...
How much notice does Microsoft provide before it retires an Azure service? -30 days -6 months -12 months -5 years
12 months
Your organization maintains two on‐premises data centers named Alpha and Bravo, and you are considering moving some or all the resources hosted in those data centers to Azure. As part of an Azure proof of concept, you need to establish a connection to Azure from a server named vmtest01 in data center Alpha. Which VPN solution meets the requirement for minimum setup and cost? -A point‐to‐site VPN from vmtest01 to Azure -An ExpressRoute connection between Alpha and Azure -A multi‐site VPN connection between Alpha, Bravo, and Azure -A site‐to‐site VPN from vmtest01 to Azure
A point‐to‐site VPN from vmtest01 to Azure
Your organization maintains two on‐premises data centers named Alpha and Bravo, and you are considering moving some or all the resources hosted in those data centers to Azure. As part of an Azure proof of concept, you need to establish a connection to Azure from a server named vmtest01 in data center Alpha. Which VPN solution meets the requirement for minimum setup and cost? -An ExpressRoute connection between Alpha and Azure -A multi‐site VPN connection between Alpha, Bravo, and Azure -A point‐to‐site VPN from vmtest01 to Azure -A site‐to‐site VPN from vmtest01 to Azure
A point‐to‐site VPN from vmtest01 to Azure
Contoso is building a web application that uses a SQL database to store data. Which of the following represents a hybrid cloud scenario? (Choose all that apply.) -A web application hosted in Azure that stores its data in an Azure SQL database -A web application hosted in Azure that sends data to and from a database hosted in Contoso's on? premises data center -A virtual machine in Azure that hosts the web application and a second virtual machine in Azure running SQL Server -A two node SQL cluster in a third? party data center that hosts the data and two virtual machines in Azure running the web application
A two node SQL cluster in a third?party data center that hosts the data and two virtual machines in Azure running the web application ...
You are the Director of IT for your organization. Your CIO has asked you what methods or processes your organization should consider using to build out the capability to deploy large numbers of Azure resources with connected services and policies in a controlled way. Which of the following solutions should you recommend? -Azure PowerShell -Azure CLI -Azure portal -ARM templates
ARM templates
Which of the following threats can ATP help you detect? -Reconnaissance attacks -Pass‐the‐hash -Pass‐the‐token -All of the above
All of the above
An Azure region ________________. -is always paired with another region. -All of the answers are correct. -contains one or more data centers. -specifies the location of Azure resources.
All of the answers are correct.
You have been tasked by your CIO with moving a large amount data from on‐premises to Azure. The data needs to be maintained for compliance reasons but will not be accessed unless required by an audit or litigation. Which type of storage is the most cost effective? -Archive access storage -File storage -Disk storage -Cool access storage
Archive access storage
Which of the following Azure services can identify suspicious activities such as pass‐the‐hash attacks? -Security Center -Azure Information Protection (AIP) -Azure Advanced Threat Protection (ATP) -Microsoft Defender
Azure Advanced Threat Protection (ATP)
You are developing a solution in Azure that requires sending HTTPS traffic within a region to a specific endpoint based on the requested URL. Which of the following is the appropriate load‐balancing service? -Azure Load Balancer -Azure Traffic Manager -Azure Front Door -Azure Application Gateway
Azure Application Gateway
You are an infrastructure management engineer for your organization. You work most with Linux servers and are therefore very familiar with Bash and know what command you would use to retrieve specific properties of a VM. Which of the following management solutions should you use to retrieve a property of one of the VMs that you manage? -Azure PowerShell -Azure CLI -Azure portal -Azure Monitor
Azure CLI
Which of the following Azure services is designed for storing nonstructured data and includes support for NoSQL? -Azure HDInsight -Azure SQL Database -Azure Database for MySQL -Azure Cosmos DB
Azure Cosmos DB
Which of the following enables you to define budgets for your subscriptions and receive notifications when spending crosses alert thresholds that you have set? -Azure Quota Management -Azure Budget Management -Azure Cost Management -Azure Monitor
Azure Cost Management
You are a project manager for a project to move several key web applications from on‐premises to Azure. The development team has stated that support for LAMP is critical to simplifying the development effort. Which of the following is the most likely choice to support LAMP development? -Azure Database for MySQL -Azure SQL Database -Azure Cosmos DB -Azure Database for PostgreSQL
Azure Database for MySQL
Your organization is building a hybrid Azure environment where several on‐premises services need to interact with resources in Azure, and vice versa, over a secure connection. You require high‐speed connectivity through an encrypted tunnel across the Internet. The connection will be provided and managed by a third party. Which Azure service does this scenario describe? -Azure Client VPN -Azure VPN Gateway -Azure ExpressRoute Direct -Azure ExpressRoute
Azure ExpressRoute
You are an IT infrastructure manager for a large bank. You propose moving some of your IT infrastructure and services to Azure. You need to provide a secure, high‐bandwidth connection from your primary data center to Azure, but the connection cannot traverse the Internet. Which of the following meets these requirements? -Azure ExpressRoute Direct -None of the answers are correct. -Azure VPN Gateway -Azure ExpressRoute
Azure ExpressRoute Direct
You are an IT infrastructure manager for a large bank. You propose moving some of your IT infrastructure and services to Azure. You need to provide a secure, high‐bandwidth connection from your primary data center to Azure, but the connection cannot traverse the Internet. Which of the following meets these requirements? -None of the answers are correct. -Azure VPN Gateway -Azure ExpressRoute Direct -Azure ExpressRoute
Azure ExpressRoute Direct
You need to deploy a stateful application using Azure Container Instances. Which of the following provides storage, enabling the application to store and retrieve persistent state? -Azure Files -Azure Blob -Azure Disk -Azure Archive
Azure Files
You are setting up resources in Azure and need to filter traffic based on source IP address and port, destination IP address and port, and protocol between your on‐premises network and Azure. Which of the following meets these minimum requirements? -ExpressRoute -Azure Firewall -Application security groups -User‐defined routes
Azure Firewall
You are deploying a web application in Azure and need to distribute traffic based on a single public IP address to the virtual machines that are hosting the database. Which of the following best satisfies that requirement? -Azure Traffic Manager -Azure Front Door -Azure Load Balancer -Azure Application Gateway
Azure Load Balancer
You are planning a deployment of resources in Azure of various types to support a new project, and you want to use templates to simplify deployment and ensure that the new resources are configured the same as your existing Azure resources. Which one of the following would you use? -Resource groups -Azure Resource Templates -None of the answers are correct. -Azure Resource Manager
Azure Resource Manager
You want to ensure that the VMs created in a resource group do not exceed certain limits for cores and other resources to reduce costs. Which of the following Azure features enables you to control this? -Resource locks -Azure policies -Azure Resource Manager -Azure initiatives
Azure policies
You are a developer and need to deploy a single VM to test some code overnight. Which of the following management options is the best choice? -Azure PowerShell -Azure CLI -Azure portal -ARM templates
Azure portal
You decide to use Azure Container Instances (ACI) to deploy containers as part of a project to deploy a new solution. You need to describe the benefits of using containers to your project team. Which of the following does NOT describe containers in Azure? -Containers can run on either Windows or Linux. -Containers require setup and configuration of a virtual machine hosting them. -All containers in a container group share the same operating system. -Containers represent a single application and the application's dependencies.
Containers require setup and configuration of a virtual machine hosting them.
You have set up a new Azure subscription and need to deploy storage to support a virtual machine. What is the first thing you must do to add storage? -Enable the subscription to support storage. -Choose the appropriate blob storage tier. -Create a storage account. -Nothing, because the VM includes blob hot access tier storage by default.
Create a storage account.
Your organization hosts a VM that performs a security‐related function. For both security and auditing purposes, you need to ensure that all traffic reaches the VM from a single IP address in another subnet, regardless of source. Which of the following solutions meets this requirement? -Create a network security group (NSG) that directs all traffic for the VM to the designated IP address and then apply the NSG to all subnets as required. -Create an application security group (ASG) that directs all traffic for the VM to the designated IP address and apply the ASG to all subnets in the virtual network. -Create a user‐defined route as a custom routing table and apply the table to all subnets in the virtual network. -Use rules in Azure Firewall to route traffic to the target VM based on source and target IP addresses.
Create a user‐defined route as a custom routing table and apply the table to all subnets in the virtual network.
Which of the following is the first step in deploying services to Azure? -Choosing a storage tier -Purchasing the appropriate Azure resources -Creating an Azure subscription -None of the above
Creating an Azure subscription
Your organization is planning to deploy a containerized solution in Azure and needs a container orchestration service that enables you to coordinate application upgrades and easily scale out containers. Which solution meets these goals? -Deploy the solution using Azure Kubernetes Service (AKS). -Deploy the solution using Azure Container Instances (ACI). -Deploy containers using scale sets. -Deploy the containers using the Docker Management Portal (DMP).
Deploy the solution using Azure Kubernetes Service (AKS)
You have deployed several VMs into Azure and need to increase the SLA for the VMs to meet mandated business requirements. Which of the following would achieve that requirement? -Adding more storage for the VMs -Deploying additional instances of the VMs to two or more availability zones -Increasing the number of VMs -None of the above
Deploying additional instances of the VMs to two or more availability zones
Which of the following is most likely to increase Azure operational costs? -Adding another subscription -Moving storage from the hot access tier to the archive tier -Deploying connected resources across multiple regions -None of the above
Deploying connected resources across multiple regions
The cost per subscriber decreases as the number of Azure subscribers increases. Which benefit of cloud computing does this statement describe? -Elastacity -Economy of Scale -Agility -Scalability
Economy of Scale
You deploy a web app using Azure App Services and configure autoscaling for it so that it can request additional compute resources when the app experiences high increases in demand. What is this an example of? -High Availability -Elastacity -Fault tolerance -PaaS
Elastacity
You deploy a custom data analytics application to Azure that includes a single web front end through which the users access the application. At peak times during the day, the web server experiences very high memory usage and temporarily enters an unresponsive state due to a bug in your application. As a stopgap measure while your developers research the issue, you add a second web server and balance the load between the two web servers. Although the service sometimes slows down, the servers are able to independently recover from the memory issue and the service remains available. Scaling out the web servers resulted in improvements in which two areas? -High availability -Disaster recovery -Agility -Fault tolerance
Fault tolerance
Which of the following is not a feature of Azure App Service? -Support for Windows and Linux -Support for containers -Firewall protection for apps you develop with Azure a)pp Service -Support for multiple development languages, including Java and Python
Firewall protection for apps you develop with Azure a)pp Service
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Your organization hosts its public website in Azure. You want to use URL path‐based routing to accommodate processing for videos and images by sending traffic to server pools optimized for each content type. Your organization operates globally, and you also want to ensure the best possible performance regardless of where your consumers are in the world. You should use Application Gateway as a load‐balancing solution to meet these requirements. -Front Door -Azure Load Balancer -No change is needed. -Traffic Manager
Front Door
Which of the following is intended primarily for collaborating on open source development efforts? -Azure Repos -Azure Boards -GitHub -Azure DevTest Labs
GitHub
You are an IT manager for a small company that hosts a web application for e?commerce. The web application uses two web servers and a small database cluster. As demand increases through a peak season, you want to add additional web servers to handle the increased demand, then remove those additional servers as demand decreases. You propose moving the application to Azure. Which of the following statements is true? -The web servers can be moved to Azure but the database cluster must remain on? premises, which represents a hybrid cloud model. -Horizontal scaling enables you to add and remove web servers to meet demand changes. -Azure will automatically add the web servers for you as demand approaches a threshold set by the Azure App Service. -Vertical scaling enables you to add and remove web servers to meet demand changes.
Horizontal scaling enables you to add and remove web servers to meet demand changes.
You are a server administrator for Wingtip Toys, a small company that makes and distributes wooden toys. You manage a custom line-of-business (LOB) application for order management and shipping. The solution is hosted on aging servers in a server room in your manufacturing facility. You want to eventually move the application's functions to Microsoft Dynamics 365 and eliminate the custom application. You propose to your manager that you first migrate the servers into virtual machines hosted in Azure to avoid purchasing new, up-to-date hardware. The current application will run on these new VMs. This proposal represents which of the following? -Platform as a service (PaaS) -A hybrid cloud scenario -Infrastructure as a service (IaaS) -Software as a service (SaaS)
Infrastructure as a service (IaaS)
You are considering deploying a key web application to Azure. You decide to deploy Web Application Firewall with Application Gateway as part of the project. Which of the following correctly describes the function of Web Application Firewall in this scenario? -When properly configured, it ensures that traffic reaches the application only on port 80 for HTTP traffic. -It protects the web application from common web‐based attacks. -It ensures that users can reach the web service on port 80 and administrators can RDP to the VMs on port 3389. -None of the above.
It protects the web application from common web‐based attacks.
Which of the following Azure services provides the ability to create workflow‐based processes? -Functions -Bot Service -Logic Apps -None of the above
Logic Apps
Which of the following is an example of a honeytoken attack? -Testing multiple passwords against a username -Authentication attempts against an alphabetical list of usernames -Login to a fake account that you created -None of the above
Login to a fake account that you created
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Azure Artifacts is a component service of Azure DevOps that provides a repository for storing development artifacts such as compiled source code. -provides a means for managing development projects and individual items such as features and bugs. -is intended for open source code development projects. -works in conjunction with Azure Blueprints to provide a means of storing information about Azure resources. -No change is needed.
No change is needed.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? The Azure Pricing Calculator enables you to estimate the cost of a specific Azure solution based on the resources and services in that solution. -can calculate the estimated cost of moving a data center to Azure. -factors facilities costs such as power and cooling into an estimate. -is a downloadable tool that can help you calculate the costs of deploying an Azure solution. -No change is needed.
No change is needed.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? A resource group in Azure serves as a logical container for Azure resources. -protects resources in the group from being deleted. -provides high availability for resources within the resource group. -contains resources only from the region in which the resource group resides. -No change is needed.
No change is needed.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Azure Machine Learning consists of multiple services that enable you to use data to train and validate AI models. -enables you to create virtual machine agents that learn from user interaction and provide corresponding services such as answering questions. -can be used to analyze photos and videos for content. -enables you to deploy AI models as stand‐alone applications in Azure or on premises. -No change is needed.
No change is needed.
You are deploying a new solution that requires four instances of Azure SQL Server in an existing subscription, and you receive a message that you need to increase the subscription limit to create these resources. Which option correctly describes how to increase the limit? -Modify the policy that is restricting you from creating the resource. -Use Azure Resource Manager to increase the limits. -You must create a new subscription and deploy the resources to it. -Open an online support case to have Microsoft increase the limit for you.
Open an online support case to have Microsoft increase the limit for you.
You are the CIO for a company and are concerned about the security of your data in the cloud. You need to implement a cloud solution in which you gain the flexibility and agility of a cloud solution but maintain full control of your data and infrastructure. You propose to your CEO that you contract with a third-party cloud vendor to host your IT services, and the infrastructure on which your services will be hosted will not be used by any other organization. This represents which type of cloud model? -Hybrid cloud -Both private and public -Public cloud -Private cloud
Private cloud
Which of the following correctly describes an availability set? (Choose all that apply.) -Distributes VM instances across multiple fault and update domains to guard against outages caused by a data center outage and to enable VMs to be updated without making all instances in the set unavailable. -The first 2 answers are correct. -Two or more VM instances deployed to the same availability set results in a 99.99 percent SLA. -Protects against power, cooling, or other physical outages but requires distribution of additional instances to other availability zones to enable rolling updates.
Protects against power, cooling, or other physical outages but requires distribution of additional instances to other availability zones to enable rolling updates. ...
Which blade in the Azure portal should you use to view security alerts and recommendations? -All Services -App Security -Security Center -Monitor
Security Center
You are tasked with explaining some of the security options in Azure to your CIO, who has asked about how Azure will improve security over your on‐premises environment. Which Azure service provides security recommendations for securing your Azure resources? -Advanced Threat Protection (ATP) -Azure DDoS Protection -Security Center -Azure Service Health
Security Center
You are the Director of Infrastructure for your organization, which currently has no Azure subscriptions. Your CIO has requested an estimate of how much your organization can save by moving its entire data center to Azure. Which of the following should you use for an initial overall estimate? -Azure Advisor -Pricing Calculator -TCO Calculator -Create an Azure subscription and use the Azure Estimator tool to model costs.
TCO Calculator
You are planning to deploy a solution in Azure that comprises two VMs, each of which has a 99.5 percent SLA, and one Azure SQL Database with a 99.99 percent SLA. Which of the following is the resulting composite SLA for this scenario? -The lowest SLA value, 99.5 percent -The highest SLA value, 99.99 percent -The average of the three SLAs, or 99.97 percent -The product of the three SLAs, or 98.99 percent
The product of the three SLAs, or 98.99 percent
Which two of the following would potentially increase operational costs for an Azure solution that you have deployed? -The region in which the resources are deployed -The subscription in which the resources are deployed -The billing account used for the target subscription -Deploying resources across multiple regions
The region in which the resources are deployed ...
Azure is owned and managed by Microsoft. -True -False
True
Which of the following is NOT an option for purchasing Azure services? -Enterprise agreement -Cloud solution provider -Web Direct -Unified Support
Unified Support
Your global organization hosts an intranet that serves training content in the form of videos and large drawing files used by service personnel. These resources need to be available to users in the United States, Canada, the UK, and France with minimal network latency. Which of the following options meets these requirements with minimal cost? -Use ExpressRoute to provide higher bandwidth for user connections. -Use VNet‐to‐VNet connections between regions to enable the documents and videos to flow rapidly between regions. -None of the answers are correct. -Use Azure Content Delivery Network to host the files geographically close to your users.
Use Azure Content Delivery Network to host the files geographically close to your users.
Your global organization hosts an intranet that serves training content in the form of videos and large drawing files used by service personnel. These resources need to be available to users in the United States, Canada, the UK, and France with minimal network latency. Which of the following options meets these requirements with minimal cost? -Use VNet‐to‐VNet connections between regions to enable the documents and videos to flow rapidly between regions. -Use ExpressRoute to provide higher bandwidth for user connections. -None of the answers are correct. -Use Azure Content Delivery Network to host the files geographically close to your users.
Use Azure Content Delivery Network to host the files geographically close to your users.
You want to deploy a solution that uses SQL to store and retrieve data on sales managers, sales quotas, and seller attainment. You want to minimize cost and configuration effort. Which solution achieves these goals? -Use a VM with SQL Server installed to host the data. -None of the answers are correct -Use Cosmos DB to host the data. -Use Azure SQL Database to host the data.
Use Azure SQL Database to host the data
You have deployed a VM to a subnet in Azure and need to ensure that only your and one other individual can connect to the VM using RDP on port 3389 to manage it. No other access from outside the subnet should be allowed at this time on any other ports. Which of the following should you use? (Choose all that apply.) -Use a network security group to filter traffic and only allow port 3389 to the VM. -Apply an Azure policy to the subnet to limit access on port 3389 to only your and your peer's accounts. -Create a policy initiative that restricts access to the server based on your and your peer's roles, and to port 3389 for the IP address of the VM. -Use role‐based access control (RBAC) to ensure that only you and your peer can access the server.
Use a network security group to filter traffic and only allow port 3389 to the VM. Use role‐based access control (RBAC) to ensure that only you and your peer can access the server.
Your organization completed a sizable Azure deployment over the past year encompassing compute, storage, big data, and serverless computing, with a relatively small DevOps component. As the IT Director, you have been tasked by the CIO with reducing Azure expenditures. You cannot reduce the resources you have deployed in Azure. Which option could provide the most significant cost savings? -Reviewing and resizing VMs -Moving resources to less expensive regions -Using Azure reservations to prepay for services -Moving from Azure SQL Database to Azure SQL Managed Instance
Using Azure reservations to prepay for services
Your organization needs to provide a consistent user experience for running Windows applications across your enterprise, including for macOS, iOS, and Android devices. Which of the following Azure resources provide that consistent experience? -Windows 10 Enterprise -Windows Virtual Desktop -Microsoft 365 -Azure Client Emulator
Windows Virtual Desktop
Which of the following are correct statements describing Azure policies? (Choose all that apply.) -You can apply policies individually to a resource or within an Azure initiative. -You can apply permissions using policies to determine what actions a user can take against a resource. -Applying a policy to resource group causes the policy to apply to all resources within that resource group. -Azure policies are a component of Security Center that enables you to define security‐related policies to protect resources.
You can apply policies individually to a resource or within an Azure initiative. Applying a policy to resource group causes the policy to apply to all resources within that resource group.
You are an IT director for Contoso and are preparing a proposal to your CIO to move all IT infrastructure to Azure. Which of the following is an advantage to moving your infrastructure to a public cloud provider? -You will reduce your operational expenditures. -You can scale your infrastructure horizontally or vertically without capital expenditure costs. -You will have complete control over all infrastructure, network, applications, and all other resources in the cloud. -The cloud provider will manage all infrastructure for you, enabling Contoso to reduce IT staff.
You can scale your infrastructure horizontally or vertically without capital expenditure costs.
As a consequence of organizational changes that require restructuring some of your IT infrastructure, you need to move virtual machines from one region to another. Which of the following methods presents the easiest solution? -) You back up the VM, restore it to the new region, and delete the original VM. -You move the VM to a resource group located in the new region. -You configure site recovery between the regions, migrate the VM to the new region using site recovery, and fail over to the new VM. -You use Azure Resource Manager to move the resource to the new region.
You configure site recovery between the regions, migrate the VM to the new region using site recovery, and fail over to the new VM.
You want to use the Azure CLI to perform management functions in Azure. Which of the following configurations does not suit this requirement? -You install the Azure CLI on a Windows 10 PC. -You install the Azure CLI on a Mac. -You open the Azure portal in a browser and then run the Azure CLI in the Azure Cloud Shell. -You run the Azure CLI from PowerShell on a Windows 10 device.
You run the Azure CLI from PowerShell on a Windows 10 device.
You need to deploy three virtual machines that will host an application. You want the VMs to reside in the same region, but you want to guard against power or other potential outages. You also need to ensure minimum latency between the instances. Which option describes a scenario that meets your requirements and is the most cost effective? -You place the VMs in separate resource groups in the same region. -You deploy an additional set of three VMs to a different region and use continual replication between the two regions, then fail over to the other region in the event of an outage. -You use separate availability zones for the VMs. -You use separate availability sets for the VMs.
You use separate availability zones for the VMs.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below?As a cloud service, Microsoft Azure enables your organization to budget IT infrastructure costs as a capital expenditure. -on an annual basis. -as an operational expenditure. -using the Azure Pricing Estimator. -No change is needed.
as an operational expenditure
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? An Azure geography always corresponds to a specific country. -determines where your resources can reside. -represents physical data centers. -No change is needed. -corresponds to a single country or a market encompassing multiple countries.
corresponds to a single country or a market encompassing multiple countries.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? You are evaluating moving a web application that you host on‐premises to Azure. The solution comprises three VMs—a web front end, an application server, and a database server. You need to ensure that your administrators can access all of the VMs for remote management on port 3389, but only the web front end should be accessible over port 80. You decide to deploy an application security group to protect the web server and enable access to the other servers. -deploy Web Application Firewall to filter and route traffic to the web server and deploy network security groups to enable RDP to all three VMs. -deploy Web Application Firewall to filter the traffic and meet both requirements. -deploy a network security group to filter traffic and meet both requirements. -No change is needed.
deploy a network security group to filter traffic and meet both requirements.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below?Azure initiatives enable you to build blueprints to define how resources should be created and deployed in your Azure environment. -control how blueprints are published and assigned to resources. -enable you to manage and implement policies as a group to achieve governance goals. -define security policies that you apply using Azure Security Center. -No change is needed.
enable you to manage and implement policies as a group to achieve governance goals.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Azure Bot Services provides the capability to analyze photos and other data types to identify specific content. -is a stand‐alone Azure service that cannot interact with other Azure services. -provides natural language translation services. -enables you to build virtual agents that interact with users in a humanlike way. -No change is needed.
enables you to build virtual agents that interact with users in a humanlike way.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Azure Hybrid Benefit is a cost‐saving option offered by Microsoft for all Azure hybrid deployments. -enables you to leverage your existing Windows Server and SQL Server licenses that are covered by Software Assurance for deployments in Azure. -reduces pricing for network ingress traffic from your on‐premises data center to Azure in a hybrid deployment. -enables you to leverage all your Microsoft perpetual licenses in Azure if those licenses are decommissioned in your on‐premises data center. -No change is needed.
enables you to leverage your existing Windows Server and SQL Server licenses that are covered by Software Assurance for deployments in Azure.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Moving servers from an on-premises data center to virtual machines in Azure enables you to reduce IT staffing because Microsoft manages the infrastructure for you. -enables you to use additional firewall services only available in Azure to protect against security risks. -represents a platform-as-a-service (PaaS) solution. -No change is needed. -enables you to pay for only the Azure resources you consume on a monthly basis.
enables you to pay for only the Azure resources you consume on a monthly basis.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Azure DevTest Labs provides a customizable development environment in which your developers can collaborate on code projects. -provides alerting and monitoring tools to analyze telemetry from servers in an application test. -enables your development team to quickly and easily deploy virtual machines and other Azure resources to test an application, then decommission those resources. -can provision Windows servers but not Linux servers. -No change is needed.
enables your development team to quickly and easily deploy virtual machines and other Azure resources to test an application, then decommission those resources.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? Azure China is only available to Chinese government entities. -No change is needed. -includes Azure services that are only available in China) -has less restrictive regulations than other Azure geographies. *b) is a physically isolated instance of Azure. -is a physically isolated instance of Azure.
is a physically isolated instance of Azure.
Is the underlined portion of the following statement true, or does it need to be replaced with one of the other fragments that appear below? IoT Hub is an Azure service that enables you to view telemetry from IoT devices and view a dashboard showing device state. -supports secure communication between devices and controls applications using custom microcontrollers and certificate‐based authentication of devices. -provides bidirectional communication between IoT devices and other Azure services and/or an IoT application. -enables you to easily manage deployed IoT devices with dashboards and reports. -No change is needed.
provides bidirectional communication between IoT devices and other Azure services and/or an IoT application.
An Azure region ________________. (Choose all that apply.) -can span multiple countries. -specifies the location of Azure resources. -is paired with another region to help ensure high availability. -corresponds to a specific data center.
specifies the location of Azure resources. is paired with another region to help ensure high availability.
