CIS131 Azure Week One
kubelet
Which of the following is the Kubernetes agent that processes the orchestration requests from the cluster master, and schedules running the requested containers? Select one.
Read-access geo-redundant storage
Which of the following replicates your data to a secondary region, maintains six copies of your data, and is the default replication option. Select one.
always on, custom domain names, publishing endpoints
Which of the following settings are not swapped when you swap an app? Select three.
custom domain names, always on, publishing endpoints
Which of the following settings are not swapped when you swap an app? Select three.
an expressroute circuit with connectivity back to your on-premises network
Which of the following would be good example of when to use a resource lock? Select one
Data Box Heavy
Your organization maintains historical images for large media companies. There are thousands of photos requiring over 600 TB of storage. Your datacenter has only limited bandwidth, and you need to quickly move the data to Azure blob storage. Additionally, security of the data including chain of custody logs and 256-bit encryption is required. Which of the following products would you recommend using? Select one.
Join the device to Azure AD.
Your users want to sign-in to devices, apps, and services from anywhere. They want to sign-in using an organizational work or school account instead of a personal account. You must ensure corporate assets are protected and that devices meet standards for security and compliance. Specifically, you need to be able to enable or disable a device. What should you do? Select one.
Enable the autoscale option.
Another IT administrator creates an Azure virtual machine scale set with 5 VMs. Later, you notice that the VMs are all running at max capacity with the CPU being fully consumed. However, additional VMs are not deploying in the scale set. You need to ensure that additional VMs are deployed when the CPU is 75% consumed. What should you do? Select one.
a JSON document with key-value pairs
Which of the following best describes the format of an Azure Resource Manager template? Select one.
Azure AD includes Federation Services,There are no Organizational Units (OUs) or Group Policy Objects (GPOs) in Azure AD,Azure AD uses HTTP and HTTPS communications
Identify three differences from the following list between Azure Active Directory (AD) and Active Directory Domain Services (AD DS). Select three.
inputs
Which of the following is not an element in the template schema? Select one.
is scheduled on multiple host machines
Which of the following is not true about container groups? Select one.
each user account can be assigned multiple machines
Which of the following is not true about the Cloud Shell?
redirection to a provider endpoint
What method does Microsoft Azure App Service use to obtain credentials for users attempting to access an app? Select one.
standard
You are administering a production web app. The app requires scaling to five instances, 40GB of storage, and a custom domain name. Which App Service Plan should you select? Select one
global administrator
You are assigning Azure AD roles. Which role will allow the user to manage all the groups in your Teams tenants and be able to assign other administrator roles? Select one.
Azure database for MySQL, app configuration
You are backing up your App Service. Which of the following is included in the backup? Select two.
A paging service. .
You are configuring Self-service Password Reset. Which of the following is not a validation method? Select one.
NodePort
You are configuring networking for the Azure Kubernetes service. Which of the following maps incoming direct traffic to the pods? Select one.
location , name
You are creating a new resource group to use for testing. Which two of the following parameters are required when you create a resource group with PowerShell or the CLI? Select two.
connect -AzAccount
You are managing Azure locally using PowerShell. You have launched the app as an Administrator. Which of the following commands would you do first?
Use shared access signatures for the non-production apps.,Use access keys for the production apps.
You are planning a delegation model for your Azure storage. The company has issued the following requirements for Azure storage access: Apps in the non-production environment must have automated time-limited access. Apps in the production environment must have unrestricted access to storage resources. You need to configure storage access to meet the requirements. What should you do? (Each answer presents part of the solution. Select two.
SSH key pair
You are planning to deploy several Linux VMs in Azure. The security team issues a policy that Linux VMs must use an authentication system other than passwords. You need to deploy an authentication method for the Linux VMs to meet the requirement. Which authentication method should you use? Select one.
Use HDD instead of SSD for VM storage.,Bring your own Windows license for each VM.,Use different Azure regions.
You are researching Microsoft Azure for your company. The company is considering deploying Win-dows-based VMs in Azure. However, before moving forward, the management team has asked you to research the costs associated with Azure VMs. You need to document the configuration options that are likely to save the company money on their Azure VMs. Which options should you document? (Each answer presents part of the solution. Select four.
request support increase your limit
You are reviewing your virtual machine usage. You notice that you have reached the limit for virtual machines in the US East region. Which of the following provides the easiest solution? Select one.
You can switch between hot and cool performance tiers at any time.
You are using blob storage. Which of the following is true? Select one.
node virtual machines
You decide to move all your services to Azure Kubernetes service. Which of the following components will contribute to your monthly Azure charge? Select one.
Tenant
You have a new Azure subscription and need to move resources to that subscription. Which of the following resources cannot be moved? Select one.
Use the AzCopy command-line tool
You have an existing storage account in Microsoft Azure. It stores unstructured data. You create a new storage account. You need to move half of the data from the existing storage account to the new storage account. What tool should you use? Select one.
assign the user to contributor role on VM3
You have three virtual machines (VM1, VM2, and VM3) in a resource group. The Helpdesk hires a new employee. The new employee must be able to modify the settings on VM3, but not on VM1 and VM2. Your solution must minimize administrative overhead. What should you do? Select one.
add a load balancer, put the virtual machines in an availability set
You host a service with two Azure virtual machines. You discover that occasional outages cause your service to fail. What two actions can you do to minimize the impact of the outages? Select two.
Generate a shared access signature (SAS) token for the container.
You need to provide a contingent staff employee temporary read-only access to the contents of an Azure storage account container named media. It is important that you grant access while adhering to the security principle of least-privilege. What should you do? Select one.
Create management groups
You need to target policies and review spend budgets across several subscriptions you manage. What should you do? Select one.
Implement stored access policies for each container to enable revocation of access or change of duration.
You use a Microsoft Azure storage account for storing large numbers of video and audio files. You create containers to store each type of file and want to limit access to those files for specific periods. Additional¬ly, the files can only be accessed through shared access signatures (SAS). You need the ability to revoke access to the files and to change the period for which users can access the files. What should you do in order to accomplish this in the most simple and effective way? Select one.
Create a new container, move all the blobs to the new container, and then set the public access level to Blob.
You work for an open source development company. You use Microsoft Azure for a variety of storage needs. Up to now, all the storage was used for internal purposes only. It is organized in block blobs. Each block blob is in its own container. Each container is set to default settings. In total, you have 50 block blobs. The company has decided to provide read access to the data in the block blobs, as part of releasing more information about their open source development efforts. You need to reconfigure the storage to meet the following requirements: All block blobs must be readable by anonymous internet users. What should you do? Select one.
Guest user
You would like to add a user who has a Microsoft account to your subscription. Which type of user account is this? Select one.
Create tags for each department and create azure policy
You would like to categorize resources and billing for different departments like IT and HR. The billing needs to be consolidated across multiple resource groups and you need to ensure everyone complies with the solution. What should you do? {Choose two to complete a solution}.
Create a budget and a spending threshold.
Your company financial comptroller wants to be notified whenever the company is half-way to spending the money allocated for cloud services. What should you do? Select one.
Deploy the DSC extension for Linux VMs.
Your company has Windows Server 2012 R2 VMs and Ubuntu Linux VMs in Microsoft Azure. The company has a new project to standardize the configuration of servers across the Azure environment. The company opts to use Desired State Configuration (DSC) across all VMs. You need to ensure that DSC can be used across all the VMs. What two things should you do? Select two.
Deploy Azure File Sync.
Your company has a file server named FS01. The server has a single shared folder that users' access to shared files. The company wants to make the same files available from Microsoft Azure. The company has the following requirements: Microsoft Azure should maintain the exact same data as the shared folder on FS01. Files deleted on either side (on-premises or cloud) shall be subsequently and automatically deleted from the other side (on-premises or cloud). You need to implement a solution to meet the requirements. What should you do? Select one. Deploy DFS Namespaces. Install and use AZCopy. Deploy Azure File Sync. Install and use Azure Storage Explorer. Deploy storage tiering.
Assign her as a Resource Group Owner.
Your company hires a new IT administrator. She needs to manage a resource group with first-tier web servers including assigning permissions . However, she should not have access to other resource groups inside the subscription. You need to configure role-based access. What should you do? Select one.
Azure Blob Storage
Your company is building an app in Azure. The app has the following storage requirements: Storage must be reachable programmatically through a REST API. Storage must be globally redundant. Storage must be accessible privately within the company's Azure environment. Storage must be optimal for unstructured data. Which type of Azure storage should you use for the app? Select one.
Deploy the application and database VMs in one availability set and the web VMs into a separate availability set.
Your company is deploying a critical business application to Microsoft Azure. The uptime of the application is of utmost importance. The application has the following components: 2 web servers 2 application servers 2 database servers You need to design the layout of the VMs to meet the following requirements: Each VM in a tier must run on different hardware Uptime for the application must be maximized. You need to deploy the VMs to meet the above requirements. What should you do? Select one.
Azure Files
Your company is planning to storage log data, crash dump files, and other diagnostic data for Azure VMs in Azure. The company has issued the following requirements for the storage: Administrators must be able to browse to the data in File Explorer. Access over SMB 3.0 must be supported. The storage must support quotas. You need to choose the storage type to meet the requirements. Which storage type should you use? Select one.
Deploy the app in a virtual machine scale set.
Your company is preparing to deploy an application to Microsoft Azure. The app is a self-contained unit that runs independently on several servers. The company is moving the app to the cloud to provide better performance. To get better performance, the team has the following requirements: If the CPU across the servers goes above 85%, a new VM should be deployed to provide additional resources. If the CPU across the servers drops below 15%, an Azure VM running the app should be decommissioned to reduce costs. You need to deploy a solution to meet the requirements while minimizing the administrative overhead to implement and manage the solution. What should you do? Select one.
Deploy blob storage using append blobs.
Your company provides cloud software to audit administrative access in Microsoft Azure resources. The software logs all administrative actions (including all clicks and text input) to log files. The software is about to be released from beta and the company is concerned about storage performance. You need to deploy a storage solution for the log files to maximize performance. What should you do? Select one.
Resource groups can be nested.
Your manager asks you to explain how Azure uses resource groups. You provide all of the following information, except? Select one.
Install Azure AD Connect Health.
Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com and an Azure Active Directory (Azure AD) domain named contoso.onmicrosoft.com. Azure AD Connect is installed and Active Directory Federation Services (AD FS) is configured. Pass¬word-writeback is enabled. You need to monitor synchronization events generated by Azure AD Connect. Select one.
Configure the Bastion service
Your organization has a security policy that prohibits exposing SSH ports to the outside world. You need to connect to an Azure Linux virtual machine to install software. What should you do? Select one.
create a policy initiative
Your organization has several Azure policies that they would like to create and enforce for a new branch office. What should you do? Select one.