AZ-900
What is an Azure Function? (Choose 2) - A foundational component of any Azure infrastructure - A serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. - An add-on to any paid Azure subscription that allows using Azure services as functions in your applications - A function to update any resources on Azure - The smallest compute service on Azure that represents a single function of compute
- A serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. - The smallest compute service on Azure that represents a single function of compute Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. Instead of worrying about deploying and maintaining servers, the cloud infrastructure provides all the up-to-date resources needed to keep your applications running. Azure Functions are the smallest compute services on Azure that represent a single function of compute. Functions can be called or invoked via standard web address (URL).
What are the three kinds of App Service? (Choose 3) - API Apps - Web App for Linux - Azure Standard Apps - Event Grid for App Services - Web App for Containers - Web Apps
- API Apps - Web App for Containers - Web Apps API Apps is specifically used for building apps that will host APIs (application programming interfaces) used by other applications. Web App for Containers makes it simple to deploy container-based web applications. Web Apps allows you to easily deploy web-based applications in a number of languages.
Select all the true statements regarding Azure Resource Manager. (Choose 3) - Azure Resource Manager is the deployment and management service for Azure. - If a user sends a request from any Azure tools, APIs, or SDKs, Azure Resource Manager handles the request. - Azure Resource Manager enables the managing of your infrastructure through scripts rather than declarative templates. - Azure Resource Manager templates (ARM templates) always deploy resources in the same consistent state.
- Azure Resource Manager is the deployment and management service for Azure. - If a user sends a request from any Azure tools, APIs, or SDKs, Azure Resource Manager handles the request. - Azure Resource Manager templates (ARM templates) always deploy resources in the same consistent state. Azure Resource Manager enables you to create, update, and delete resources in your Azure account. Azure Resource Manager handles the request for any Azure tools, APIs, or SDKs. When you deploy your resources using ARM templates, you can be confident it happens in the same way every single time. Your resources will be deployed in a consistent state.
What type of Azure storage is ideal for long-term backups, disaster recovery, and archiving? - Azure Files - Disk storage - Blob storage - Hot access tier
- Blob storage Azure Blob storage is Microsoft's object storage solution for the cloud. Blob storage is optimized for storing massive amounts of unstructured data, such as text or binary data. Blob storage is ideal for storing data for backup and restore, disaster recovery, and archiving
What is the best scenario for using Azure ExpressRoute? - Connecting your on-premises networks into the Microsoft cloud over a private connection with the help of a connectivity provider - Connecting your on-premises networks into the Microsoft cloud over the public internet with the help of a connectivity provider - Connecting your on-premises networks into the Microsoft cloud over a private connection without a connectivity provider - Extending a VLAN to Azure using ExpressRoute
- Connecting your on-premises networks into the Microsoft cloud over a private connection with the help of a connectivity provider ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection with the help of a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure and Microsoft 365.
Which two actions can be performed by using the graphical user interface (GUI) in the Azure portal? Each correct answer presents a complete solution. - Create new resources. - Review a graphical view of all the services you are using. - Change the availability zone of a virtual machine. - Repeatedly set up one or more resources and ensure that all the dependencies are created in the proper order.
- Create new resources. - Review a graphical view of all the services you are using. The Azure portal provides a GUI to view all the services you are using, create new services, configure your services, and view reports.
What are some of the key advantages of using ARM templates for creating cloud infrastructure? - Declarative - Idempotency - Service integrations - Source control - Faster processing in the Azure Resource Manager
- Declarative - Idempotency - Source control You only say "what" you want to create, not "how." Azure takes care of the "how." You can execute a template any number of times with the same result. Use source control to track changes to the ARM template over time. This can identify any issues that come from changes to the template.
What is an important limitation of the Azure Storage premium performance options? (Choose 2) - Higher cost - Only apply to Azure Files - Fewer redundancy options - Lower IOPS available
- Higher cost - Fewer redundancy options The premium performance options cost more than their standard counterparts. None of the premium performance options offer multi-region redundancy. Premium page blobs have only LRS redundancy options
What is a good reason to use the Azure CLI? - It rarely changes, and the commands stay the same for the most part. - It makes it cheaper to use Azure, as you don't have to pay for the Azure portal. - You can use the Azure CLI with more than one cloud provider. - You can use products and services that aren't available in the Azure portal.
- It rarely changes, and the commands stay the same for the most part. - You can use products and services that aren't available in the Azure portal. The Azure CLI is all text-based, so there is no user interface to change. This means the commands and procedures stay very static in the tool. You can use all products and services with the CLI. While most Azure services can be managed through both the Azure portal and the Azure CLI, some tasks can only be done in the Azure CLI. Some tasks are easier in in the Azure Portal, and other tasks are easier in the Azure CLI.
When would you want to use Azure Data Box to transfer data to Azure Storage? (Choose 3) - Transferring on-premises servers to Azure - Limited network bandwidth - Transfer a very large amount of data - Regulatory compliance when data cannot travel over the internet
- Limited network bandwidth - Transfer a very large amount of data - Regulatory compliance when data cannot travel over the internet Azure Data Box is ideal for large data transfers when limited network bandwidth is available. Azure Data Box is ideal for transferring extremely large amounts of data. Data Box is an offline transfer method. If you need to transfer sensitive data that cannot travel over the internet, this is an ideal solution.
Which types of blobs are supported by Azure Storage? (Choose 3) - Standard blob - File blob - Page blob - Append blob - Block blob - Fast blob
- Page blob - Append blob - Block blob Page blobs are used for random read/write operations. Picture this like the computing equivalent of having a scrap piece of paper (or "page") on your desk to scribble notes on that you only need for temporary periods of time. Append blobs are used for operations where you are appending new data to existing content, rather than replacing it. Picture this like a log that you're constantly adding to. Block blobs are used for handling large amounts of data very effectively.
Select all the true statements per Microsoft's definitions of cloud types. (Choose 3) - Private clouds can be hosted at your datacenter or hosted by a third-party service. Private clouds offer advantages of flexibility, control, and scalability. - In private clouds, services and infrastructure are always maintained on a private network, and the hardware and software are dedicated solely to your organization. - A hybrid cloud combines a public cloud (such as Azure) with on-premises infrastructure (private cloud). - Public clouds typically cost more than private clouds, but they are generally less reliable than on-premises infrastructure (private cloud).
- Private clouds can be hosted at your datacenter or hosted by a third-party service. Private clouds offer advantages of flexibility, control, and scalability. - In private clouds, services and infrastructure are always maintained on a private network, and the hardware and software are dedicated solely to your organization. - A hybrid cloud combines a public cloud (such as Azure) with on-premises infrastructure (private cloud). Microsoft defines private clouds as being able to be hosted at your datacenter or hosted by a third-party service. Microsoft considers private clouds as offering more flexibility, control, and scalability. Note: Other cloud vendors would not agree with those advantages of private clouds, but it is best to be aware of Microsoft's view in case it comes up on the exam. A private cloud consists of cloud computing resources used exclusively by one business or organization. The private cloud can be physically located at your organization's on-site datacenter, or it can be hosted by a third-party service provider. But in a private cloud, the services and infrastructure are always maintained on a private network, and the hardware and software are dedicated solely to your organization. Reference: What is a private cloud? Microsoft defines hybrid cloud as combining a public cloud (such as Azure) with on-premises infrastructure (private cloud).
What are three use cases for the Azure mobile app? - Respond to outages and emergencies from anywhere you have an internet connection. - It is a replacement for using the Azure portal for everyday tasks, such as creating resources and analyzing Azure Monitor logs. - Interact with your Azure resources via Azure Resource Manager. - Maintain insight on the go into the current status and health of your Azure environment.
- Respond to outages and emergencies from anywhere you have an internet connection. - Interact with your Azure resources via Azure Resource Manager. - Maintain insight on the go into the current status and health of your Azure environment. Alerts are instantly visible, and you can investigate all your resources as well. All of your resources and subscriptions are visible on the mobile app. You can even manage resources in the CloudShell too. The Azure mobile app uses the Azure Resource Manager to interact with your Azure resources, which means it is in sync with the Azure CLI, Azure portal, or whatever else you use to interact with Azure. The Azure mobile app provides a quick overview of your resources.
Which cloud ability does predictability describe? (Choose 2) - The expectation that your application will perform as expected regardless of traffic - The ability to create standardized environments for regulatory requirements - The ability to recover from an unexpected disaster - Full visibility into current and future costs
- The expectation that your application will perform as expected regardless of traffic - Full visibility into current and future costs One aspect of predictability is knowing that your application will consistently perform as expected even if user load increases. This is accomplished with cloud computing features such as load balancing, high availability, and autoscaling. Predictability includes transparent cost usage, including accurate forecasts on future costs based on current usage.
In which scenario/s would you use an Application Gateway? (Choose 2) - To host multiple websites - For incoming traffic, to make routing decisions based on additional attributes of an HTTP request, such as URI path or host headers - To manage the IP addresses for an Azure subscription and ensure only secure traffic is allowed - To make sure the connection from a virtual network to the internet is secure - To send encrypted traffic between an Azure Virtual Network and an on-premises location over the public internet
- To host multiple websites - For incoming traffic, to make routing decisions based on additional attributes of an HTTP request, such as URI path or host headers You can use multi-site hosting to use the same Application Gateway for more than one website. You can, in fact, add up to 100 websites to the same instance of an Application Gateway. This will both save you on cost and complexity. An Application Gateway is similar to a load balancer, but it can redirect traffic based on attributes in the HTTP request, the request coming in from the internet. You can have a VM handling video, one handling images and so on. Application Gateways do not handle traffic security, nor manage any virtual networks.
Why would you use a content delivery network? (Choose 2) - To provide better performance and improved user experience for end users - To ensure maximum uptime for an application that is hosted in more than one datacenter - To ensure requests made from users are securely handled and served - To better handle instantaneous high loads, such as the start of a product launch event - For incoming traffic, to make routing decisions based on additional attributes of an HTTP request, such as URI path or host headers
- To provide better performance and improved user experience for end users - To better handle instantaneous high loads, such as the start of a product launch event A CDN keeps a recent copy of your web application and can deliver this much faster to users close to an endpoint. CDNs can handle a lot more data than a typical web server, which makes it ideal to handle traffic spikes as well. CDNs don't generally handle individual traffic routing rules, nor security.
What are valid managed disk storage types on Azure? (Choose 3) - Ultra Disk - Standard HDD - Premium Disk - Premium SSD and Standard SSD - Premium HDD - Slow HDD
- Ultra Disk - Standard HDD - Premium SSD and Standard SSD Azure offers four types of manage disk storage: Standard HDD, Standard SSD, Premium SSD, and Ultra Disk.
Which benefits does adding a load balancer provide? (Choose 3) - When there is too much incoming network traffic for a single VM to handle, a load balancer can distribute the load to many VMs. - A load balancer ensures only healthy servers process requests. - A load balancer can log traffic that passes through it. - When a virtual disk is running low on space on a virtual machine (but not low enough to cause the VM to be unhealthy), the incoming data can be preemptively redirected to another virtual machine to manage the load. - A load balancer ensures the load is evenly distributed between two to five virtual machines only.
- When there is too much incoming network traffic for a single VM to handle, a load balancer can distribute the load to many VMs. - A load balancer ensures only healthy servers process requests. - A load balancer can log traffic that passes through it. A load balancer sits in front of two or more virtual machines to manage, and balance, the load to the virtual machines. This can be based on amount of incoming traffic or specific properties in the traffic. A load balancer has nothing to do with virtual disks, and the max number of VMs to manage goes up to 1,000. A load balancer ensures only healthy instances receive traffic and will stop sending traffic to any server that does not pass health checks. All Azure load balancers can log traffic that passes through them.
Which two services are provided by Azure AD? Each correct answer presents a complete solution. - authentication - data encryption - multi-factor authentication (MFA) - single sign-on (SSO)
- authentication - single sign-on (SSO) Azure AD provides services for verifying identity and access to applications and resources. SSO enables you to remember a single username and password to access multiple applications and is available in Azure AD.
What are two characteristics of a consumption-based model? Each correct answer presents a complete solution. - no upfront costs - requires the purchase and management of the physical infrastructure - the ability to stop paying for resources that are no longer needed - high capital expenditures
- no upfront costs - the ability to stop paying for resources that are no longer needed In a consumption-based model, you do not pay for anything until you start using resources, and you only pay for what you use. If you stop using a resource, you stop paying for it. High expenditures are usually associated with the purchase of the physical infrastructure, which is not needed in a consumption-based model.
In a platform as a service (PaaS) model, which two components are the responsibility of the cloud service provider? Each correct answer presents a complete solution. - operating system - physical network - user access - information and data
- operating system - physical network In PaaS, the cloud provider is responsible for the operating system, physical datacenter, physical hosts, and physical network. In PaaS, the customer is responsible for accounts and identities.
Which two scenarios are common use cases for Azure Blob storage? Each correct answer presents a complete solution. - storing data for backup and restore - hosting ASPX files for a website - mounting a file storage share to be accessed as a virtual drive on multiple virtual machines - serving images or documents directly to a browser
- storing data for backup and restore - serving images or documents directly to a browser Low storage costs and unlimited file formats make blob storage a good location to store backups and archives. Blob storage can be reached from anywhere by using an internet connection. Azure Disk Storage provides disks for Azure virtual machines. Azure Files supports mounting file storage shares.
Which two tools can you use to create a new Azure virtual machine from a mobile device that runs Android? Each correct answer presents complete solution. - the Azure portal - SSH - Remote Desktop - PowerShell in Azure Cloud Shell
- the Azure portal - PowerShell in Azure Cloud Shell The Azure portal can run on devices that have the Android operating system installed. The browser can be any type, such as Internet Explorer 11, Chrome, Firefox, or Safari (all the latest versions). When you visit the portal, you will see Cloud Shell. Users can then access Bash and PowerShell from within Cloud Shell. You can use Bash and PowerShell to create Azure virtual machines.
What is a PowerShell cmdlet? - A lightweight command that is used in the PowerShell environment to perform an action - A piece of advice from Microsoft about PowerShell updates - A lightweight version of PowerShell that can run on mobile devices - A PowerShell scripting language specifically for Azure
A lightweight command that is used in the PowerShell environment to perform an action Cmdlets make up the majority of Azure features for PowerShell. This makes it easier to be consistent and efficient when interacting with Azure resources. PowerShell works with many different services.
What is an address space on a virtual network? - A definition of what types of resources can connect to either a private or public network hosted on Azure - A range of IP addresses that can be assigned to resources attached to the virtual network - A reserved number of public IP addresses that you can use to connect a virtual network to the public internet - A portion of the complete address space for a given Azure subscription that can be assigned to a virtual network
A range of IP addresses that can be assigned to resources attached to the virtual network An address space on a virtual network is a number of IP addresses that are unique only on the specific virtual network. These IP addresses are assigned to resources connected to the VNet, which allows the resources to interact and communicate. There is no limit to the number of VNets you can have, nor on the number of address spaces.
What is an Azure region? - One or more datacenters equipped with independent power, cooling, and networking - A collection of similar services that can be hosted in an Azure data center - A set of datacenters, deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network - A geographical part of the Azure platform
A set of datacenters, deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network An Azure region is a set of datacenters, deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network. With more global regions than any other cloud service provider, Azure gives customers the flexibility to deploy applications where they need. An Azure region has discrete pricing and service availability.
What is a scale set? - A set of similar services that all work together for a service or application - A set of virtual machines running in the same data center - A set of individual virtual machines that can be configured and managed as a single group - A range of sizes of virtual machines ready to take over a workload
A set of individual virtual machines that can be configured and managed as a single group Azure virtual machine scale sets let you create and manage a group of load balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide high availability to your applications and allow you to centrally manage, configure, and update a large number of VMs. With virtual machine scale sets, you can build large-scale services for areas such as compute, big data, and container workloads
What does Infrastructure as a Service describe? - A complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications - A type of cloud computing service that allows users to connect to and use cloud-based apps over the internet - Any service on Azure that you can rent or buy upfront - A type of cloud computing service that offers essential compute, storage, and networking resources on demand, on a pay-as-you-go basis
A type of cloud computing service that offers essential compute, storage, and networking resources on demand, on a pay-as-you-go basis Infrastructure as a service (IaaS) is a type of cloud computing service that offers essential compute, storage, and networking resources on demand, on a pay-as-you-go basis. IaaS lets you bypass the cost and complexity of buying and managing physical servers and datacenter infrastructure. Each resource is offered as a separate service component, and you only pay for a particular resource for as long as you need it.
What is an availability zone? - A set of datacenters close together - A unique physical location within a region that is made up of one or more datacenters equipped with independent power, cooling, and networking - One or more datacenters (with shared power and cooling) that are close together to provide backup for each other - A collection of software that can enable high scalability at short notice
A unique physical location within a region that is made up of one or more datacenters equipped with independent power, cooling, and networking AZs are individual physical locations within a region. Each zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
What is "serverless" computing? - A theory for making computing completely cloud-based for certain scenarios - A way for developers to build applications faster by eliminating the need for them to manage infrastructure - An application that is running on the cloud platform without the use of servers - A complete development and deployment environment in the cloud
A way for developers to build applications faster by eliminating the need for them to manage infrastructure Serverless computing solutions provide a simple way to create manageable and scalable solutions at low costs. There is always a server somewhere to run your application, but you don't control it. Serverless is a kind of extreme PaaS.
Which Azure products and services are available through the Azure portal? - Only products that are not in private or public preview - All products and services that are generally available and in private or public preview - Only products that are globally available - Only products and services that aren't free
All products and services that are generally available and in private or public preview
What can you store in a blob container inside Azure Storage? - Any kind of binary file that is less than 4096 KB in size - Binary files that comply with the Azure data types defined for the storage type - Only known binary formats such as images, video, and text documents - Any kind of binary file, such as videos, images, documents, and applications
Any kind of binary file, such as videos, images, documents, and applications Blob containers on Azure act similar to directories in a file system. They can contain an unlimited number of blobs.
Which definition best describes compute on Microsoft Azure? - An optional component to improve the efficiency of Azure - A virtual machine - Any serverless service, such as Azure Functions - Any service that performs or enables a computation
Any service that performs or enables a computation Compute is one of three foundational components of cloud computing. The other two are network and storage. This means any service that performs a compute function on Azure is part of "Compute" on Azure. It isn't a single service.
Which Azure Blob storage tier stores data offline and offers the lowest storage costs and the highest costs to access data? - Archive - Hot - Cool
Archive The Archive storage tier stores data offline and offers the lowest storage costs, but also the highest costs to rehydrate and access data. The Hot storage tier is optimized for storing data that is accessed frequently. Data in the Cool access tier can tolerate slightly lower availability, but still requires high durability, retrieval latency, and throughput characteristics similar to hot data.
When can you delete a resource group from Azure? - Only when the resource group is empty - When an account is deactivated - At any time, as long as your resources or resource group are not locked by a related service - When all the resources in the resource group have stopped
At any time, as long as your resources or resource group are not locked by a related service When a resource group is removed or deleted, all of the resources within it are deleted with it. You can remove resource groups at any time. To delete a resource group, you need access to the delete action. You also need delete for all resources in the resource group. If you have the required access, but the delete request fails, it may be because there's a lock on the resources or resource group. Even if you didn't manually lock a resource group, it may have been automatically locked by a related service. Or, the deletion can fail if the resources are connected to resources in other resource groups that aren't being deleted. For example, you can't delete a virtual network with subnets that are still in use by a virtual machine
Which Azure Storage utility is a command-line-based application for moving/manipulating Azure Storage data, specifically blob and Azure Files objects? - Storage Explorer - AzCopy - Azure File Sync - Azure CLI
AzCopy AzCopy is a command-line utility for transferring Azure blobs and Azure Files.
What can you use to sync identities between Azure AD and an on-premises deployment of Active Directory Domain Services (AD DS)? - Azure AD Connect -Azure Resource Manager (ARM) - Conditional Access - Azure Key Vault
Azure AD Connect Azure AD Connect syncs user identities between on-premises Active Directory and Azure AD. Azure AD Connect syncs changes between both identity systems, so you can use features such as single sign-on (SSO), MFA, and self-service password reset (SSPR) in both systems. SSPR prevents users from using known compromised passwords.
What can you use to manage resources, such as virtual machines, across multiple cloud platforms and on-premises environments? - Azure Arc - Azure CLI - Azure Monitor - Azure PowerShell
Azure Arc simplifies governance and management by delivering a consistent multi-cloud and on-premises management platform.
Which tool is accessible via Azure Cloud Shell and allows you to write Bash scripts to manage an Azure environment? - Azure PowerShell - Azure Resource Manager (ARM) templates - Azure Repos - Azure CLI
Azure CLI Azure CLI is an executable program with which a user can execute commands in Bash that call the Azure REST API.
What can you use to create alerts that relate to resource utilization for a specific Azure virtual machine? - Azure Advisor - Azure Monitor - Azure Policy - Azure Service Health
Azure Monitor Azure Monitor is a platform for collecting, analyzing, visualizing, and alerting based on metrics. Azure Monitor can log data from an entire Azure and on-premises environment.
What can you use to restrict the deployment of a virtual machine to a specific location? - Azure AD - resource locks - Azure Policy - resource groups
Azure Policy Azure Policy can help to create a policy for allowed regions, which enables you to restrict the deployment of virtual machines to a specific location.
What can you use to ensure that a development team can only create virtual machines of a certain size? - Azure Blueprints - Azure Policy - Cloud Adoption Framework - Conditional Access
Azure Policy Azure Policy enables you to define both individual policies and groups of related policies called initiatives. Azure Policy evaluates your resources and highlights resources that are not compliant with the policies you created. Azure Policy can also prevent noncompliant resources from being created
What can you use to ensure that new and existing Azure resources stay in compliance with corporate standards? - Azure Policy - Resource locks - Resource tags - Azure Advisor
Azure Policy a service in Azure that enables you to create, assign, and manage policies that control or audit resources. These policies enforce different rules across all resource configurations so that the configurations stay compliant with corporate standards.
You plan to build a new solution in Azure that will use platform as a service (PaaS) products. What should you use to estimate the monthly costs? - Total Cost of Ownership (TOC) Calculator - Azure Pricing calculator - Azure Advisor - Azure Cost Management
Azure Pricing calculator allows you to estimate and configure according to your specific requirements. You will then receive a consolidated estimated price and a detailed breakdown of the costs associated with each resource you added to your solution.
Your organization plans to deploy several production virtual machines that will have consistent resource usage throughout the year. What can you use to minimize the costs of the virtual machines without reducing the functionality of the virtual machines? - Azure Monitor alerts - Azure Reservations - Spending limits
Azure Reservations offers discounted prices on certain Azure services. Azure Reservations can save you up to 72 percent compared to pay-as-you-go prices. To receive a discount, you can reserve services and resources by paying in advance. Spending limits can suspend a subscription when the spend limit is reached.
[Answer choice] is the deployment and management service for Azure. - Azure AD - Azure API Management - Azure Monitor - Azure Resource Manager (ARM)
Azure Resource Manager (ARM) ARM is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in an Azure subscription. You use management features, such as access control, resource locks, and resource tags, to secure and organize resources after deployment.
What can you use to describe the resources you want to provision in a declarative JSON format? - Azure PowerShell - Azure CLI - Azure Resource Manager (ARM) templates - Azure Repos
Azure Resource Manager (ARM) templates By using ARM templates, you can describe the resources you want to use in a declarative JSON format.
You need to review the root cause analysis (RCA) report for a service outage that occurred last week. Where should you look for the report? - Azure Service Health - Azure Advisor - Azure Monitor - Log Analytics
Azure Service Health After an outage, Service Health provides official incident reports called root cause analysis (RCA), which you can share with stakeholders.
Your company suddenly has a bunch of new remote employees, who all need a Windows environment to work from. Which is the best Azure solution to get them up and running quickly? - Azure Kubernetes Service (AKS) - Preconfigured laptop devices that connect directly to Azure VMs - Virtual machine with Windows 10 - Azure Virtual Desktop (formerly Windows Virtual Desktop)
Azure Virtual Desktop (formerly Windows Virtual Desktop) Azure Virtual Desktop (formerly Windows Virtual Desktop) helps you quickly set up an environment, and even lets you reuse any existing Windows 10 licenses you have
Which Azure compute service can you use to deploy and manage a set of identical virtual machines? - availability sets - availability zones - Azure Container Instances - Azure Virtual Machine Scale Sets
Azure Virtual Machine Scale Sets Virtual Machine Scale Sets are an Azure compute resource that you can use to deploy and manage and scale a set of identical virtual machines.
How do resources on Azure use a virtual network? - Azure Virtual Network enables Azure resources to securely communicate with each other, the internet, and on-premises networks. - All resources must be connected to a virtual network to use the Azure platform. - All Azure resources that communicate with the public internet must be on a virtual network. - Resources on a free account don't have to be on a virtual network to use Azure.
Azure Virtual Network enables Azure resources to securely communicate with each other, the internet, and on-premises networks. Azure Virtual Network enables Azure resources to securely communicate with each other, the internet, and on-premises networks. Key scenarios that you can accomplish a virtual network include: communication of Azure resources with the internet, communication between Azure resources, communication with on-premises resources, filtering network traffic, routing network traffic, and integration with Azure services.
You need to recommend a solution for Azure virtual machine deployments. The solution must enforce company standards on the virtual machines. What should you include in the recommendation? - Azure Cost Management - Azure Lock - Azure Policy - Azure Blueprints
Azure policy allow you to enforce company standards on new virtual machines when combined with Azure VM Image Builder and Azure Compute Gallery. By using Azure Policy and role-based access control (RBAC) assignments, enterprises can enforce standards on Azure resources. But on virtual machines, these mechanisms only affect the control plane or the route to the virtual machine.
What uses the infrastructure as a service (IaaS) cloud service model? - Azure virtual machines - Azure App Services - Microsoft Office 365 - Azure Cosmos DB
Azure virtual machines Azure Virtual Machines is an IaaS offering. The customer is responsible for the configuration of the virtual machine as well as all operating system configurations. Azure App Services and Azure Cosmos DB are PaaS offerings. Microsoft Office 365 is a SaaS offering.
Why would you use the Azure Cloud Shell? - The Cloud Shell gets new features first. - The Cloud Shell is free for 12 months. - You can update the Cloud Shell independently of Azure CLI and Azure PowerShell. - Cloud Shell enables access to a browser-based command-line experience built with Azure management tasks in mind.
Cloud Shell enables access to a browser-based command-line experience built with Azure management tasks in mind. Cloud Shell is 100% browser based and provides a complete environment where you can choose between Bash or PowerShell.
What can you use to ensure that users authenticate by using multi-factor authentication (MFA) when they attempt to sign in from a specific location? - Conditional Access - Azure role-based access control (RBAC) - single sign-on (SSO) - administrative units
Conditional Access Conditional Access can use signals to determine information about authentication attempts, and then determine whether to block access or require additional verifications, such as MFA.
What is consumption-based pricing on Azure? - Some core services on Azure are consumed constantly to keep your applications running. You pay for this consumption. - Any service you use on Azure has a consumption component as part of the pricing. - Consumption-based pricing is the model for paying for any services on a free Azure account. - Consumption-based pricing is when you are charged for only what you use (pay-as-you-go rate).
Consumption-based pricing is when you are charged for only what you use (pay-as-you-go rate). Consumption-based pricing is indeed when you are charged for only what you use (pay-as-you-go rate). Consumption-based pricing is not limited to free accounts, and the services are not necessarily consumed all the time.
You have an Azure virtual machine that is accessed only between 9:00 and 17:00 each day. What should you do to minimize costs but preserve the associated hard disks and data? - Deallocate the virtual machine. - Delete the virtual machine. - Scale down the virtual machine. - Resize the virtual machine.
Deallocate the virtual machine. If you have virtual machine workloads that are used only during certain periods, but you run them every hour of every day, then you are wasting money. These virtual machines are great candidates to deallocate when not in use and start back when required to save compute costs while the virtual machines are deallocated.
What does reliability describe for cloud computing? - Ensuring services and applications remain available in the event of a failure - A managed service within Azure that uses cloud computing resources to quickly mitigate faults - Knowing that your application will always perform as expected regardless of user load - The ability for an Azure service to automatically add additional resources as needed
Ensuring services and applications remain available in the event of a failure Reliability means a failure can occur on Azure services and applications, but it will not affect its availability.
Which Azure Blob storage service tier has the highest storage costs and the fastest access times for reading and writing data? - Hot - Cool - Archive
Hot The Hot tier is optimized for storing data that is accessed frequently. The Cool access tier has a slightly lower availability SLA and higher access costs compared to hot data, which are acceptable trade-offs for lower storage costs. Archive storage stores data offline and offers the lowest storage costs, but also the highest costs to rehydrate and access data.
Which cloud deployment model are you using if you have servers physically located at your organization's on-site datacenter, and you migrate a few of the servers to the cloud? - private cloud - public cloud - hybrid cloud
Hybrid cloud a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.
What is high availability in cloud computing? - Microsoft guarantees you will always have access to the resources on Azure. - High availability refers to the availability of the Azure portal. You can always get access to an overview of what your Azure services are doing. - Azure will provide an infinite number of resources to your application to make sure it always runs optimally. - If one resource on Azure dies unexpectedly, another resource will almost instantly take over the workload.
If one resource on Azure dies unexpectedly, another resource will almost instantly take over the workload. High availability is one of the core benefits of using cloud computing. It ensures backup resources are ready to take over any workload.
What are some of the limitations with a free Azure account? - You can only create a free Azure account with a US address. - A free account only allows access to all services for 30 days, after which only free services are available. - Included Azure credits will expire after 30 days, and included free popular services expire after 12 months. - Azure free accounts are only valid in certain promotional periods, such as when new services are launched.
Included Azure credits will expire after 30 days, and included free popular services expire after 12 months. When you start using Azure with a free account, you get USD200 credit to spend in the first 30 days after you sign up. In addition, you get free monthly amounts of two groups of services: popular services (which are free for 12 months), and more than 25 other services (which are free always).
Which cloud service model do virtual machines belong to? - Software as a Service - Platform as a Service - Infrastructure as a Service - Serverless
Infrastructure as a Service Infrastructure as a Service includes services that emulate hardware, such as virtual machines, networks, and storage.
What is a benefit of a hybrid cloud approach? - It enables companies to use a mix of private and public cloud components. - Using alternative energy sources for powering some services can create tax benefits in some regions. - It requires no changes to existing code or applications, allowing companies to scale their infrastructure into the cloud. - All maintenance is handled by Microsoft Azure, so it reduces support costs.
It enables companies to use a mix of private and public cloud components. A hybrid cloud model is the best of private and public cloud that can be used to avoid disruptions and outages, adhere to regulation and governance, span solutions across both public and private cloud, and alleviate CapEx investments.
You need to identify which Azure services are compliant with ISO 27001 Information Security Management Standards. Where should you go to locate the information? - Microsoft Trust Center - Microsoft Privacy Statement - the Data Protection Addendum of Microsoft - Microsoft Online Services Terms
Microsoft Trust Center The Trust Center showcases the Microsoft principles for maintaining data integrity in the cloud and how Microsoft implements and supports security, privacy, compliance, and transparency in all Microsoft cloud products and services.
What are some benefits of using a Virtual Machine on Azure, compared to using your own on-site physical server? - Always much cheaper than running your own servers - No maintenance of hardware and only paying for what you use - Applications have much better performance running on comparable virtual machines. - Owning the hardware but Azure maintains it
No maintenance of hardware and only paying for what you use Virtual machines on Azure abstract away the physical hardware layer, so you don't need to worry about maintaining physical hardware. Microsoft handles this instead.
What is the difference between OpEx and CapEx? - OpEx is better return on investment in the short term. CapEx is better return on investment in the long term. - OpEx is costs for acquiring assets. CapEx is an ongoing cost for running a business. - OpEx is an ongoing cost for running a business. CapEx is the cost of acquiring and maintaining assets. - OpEx is a cost on services you don't own, such as cloud computing. CapEx is a cost of ownership.
OpEx is an ongoing cost for running a business. CapEx is the cost of acquiring and maintaining assets. Capital expenditures (CapEx) generally result in the acquisition and maintenance of assets, such as server hardware. Operating expenditures (OpEx) are the ongoing costs of running a business, such as paying for cloud services on a recurring basis. By moving costs to OpEx, businesses can plan for ongoing costs rather than large investments.
Which Azure component allows you to replicate resources across a geography to ensure business continuity during a natural disaster at the primary site? - region pairs - availability zones - availability sets - Azure Virtual Machine Scale Sets
Region pairs allow the replication of Azure resources across geographies to help ensure that a secondary region is available in case of any disaster at the primary region.
What is a suitable use case for the Azure Files storage service? - Provide temporary file storage for a web application. - Replace or supplement on-premises file servers. - Store files larger than 2 GB. - Archive large amounts of data.
Replace or supplement on-premises file servers. Azure Files can be used to completely replace or supplement traditional on-premises file servers or NAS devices. Popular operating systems such as Windows, macOS, and Linux can directly mount Azure file shares wherever they are in the world. SMB Azure file shares can also be replicated with Azure File Sync to Windows Servers, either on-premises or in the cloud, for performance and distributed caching of the data where it's being used
Which statement is true of resource groups in Azure? - Resource groups are containers that hold related resources for an Azure solution. - Resource groups are transferrable between regions. - Resource groups don't contain any data and are assigned rather than created. - Resource groups can only hold foundational resource types.
Resource groups are containers that hold related resources for an Azure solution. Resources belong to a resource group, which can be a geographical, logical, customer-specific, or any other type of grouping.
You need to associate the costs of resources to different groups within an organization without changing the location of the resources. What should you use? - resource tags - resource groups - subscriptions - administrative units
Resource tags can be used to group billing data and categorize costs by runtime environment, such as billing usage for virtual machines running in a production environment.
What's the best definition for scalability on Azure? - If an account has more than one Azure region active, resources can be copied between these regions. - Scaling of resources on Azure is currently not possible. - Scalability is the ability to quickly expand or decrease computer processing, memory, and storage resources to meet changing demands without worrying about capacity planning and engineering for peak usage. - Scalability is the ability of a system to handle increased load. Services covered by Azure Autoscale can scale automatically to match demand to accommodate workload.
Scalability is the ability of a system to handle increased load. Services covered by Azure Autoscale can scale automatically to match demand to accommodate workload. Scalability is a core benefit of cloud computing and allows any application to add resources almost instantly as demand increases
What are the two types of scaling on Azure? - Scaling up/down and scaling out - Scale sets and high availability - Scaling out and scaling across - There is only one type of scaling: scaling up/down
Scaling up/down and scaling out Scaling up/down is making a resource, such as a VM, larger or smaller. This is also known as scaling vertically. Scaling out is adding more resources of the same type, known as scaling horizontally
What is a fully managed platform on Azure? - A fully managed platform on Azure is a specific subscription that provides extra support for your Azure services. - Servers, network, storage, and more are all managed by Azure. You focus on your business value and logic. - You can pay a monthly fee to have Microsoft look after the maintenance of your applications and services on Azure. - Every part of your Azure services are looked after by Microsoft. This means you don't have to worry about your application development.
Servers, network, storage, and more are all managed by Azure. You focus on your business value and logic. A fully managed platform means the provider manages the infrastructure layer, such as VMs, disks, networks, and more. You only have to focus on the core functionality of your application. Fully managed services on Azure are available on all subscription types and come at no extra cost.
What significance does the name for your Azure storage account have? - Each storage account name is linked to a set of users that can access it. - The name you give the storage account becomes the main web address for accessing the files in it. It must be unique within your Azure subscription. - No significance. You can name a storage account what you want. - The combination of the storage account name and the Azure Storage service endpoint forms the endpoints for your storage account. Your storage account name must be unique within Azure.
The combination of the storage account name and the Azure Storage service endpoint forms the endpoints for your storage account. Your storage account name must be unique within Azure. A storage account provides a unique namespace in Azure for your data. Every object you store in Azure Storage has an address that includes your unique account name. The combination of the account name and the Azure Storage service endpoint forms the endpoints for your storage account. Your storage account name must be unique within Azure. No two storage accounts can have the same name
What is the MINIMUM number of data copies created with any Azure Storage redundancy option? - Three - One - Two - Zero
Three
What is the primary use for disk storage? - Archive large amounts of data. - Attach to a load balancer to increase performance and throughput. - Backup facility for virtual machines - Store files larger than 2 GB - To attach to a Virtual Machine to act as a Virtual hard drive.
To attach to a Virtual Machine to act as a Virtual hard drive. Disk storage is a full Virtual hard disk that you can access. It is ideal as the disk for a Virtual machine. In fact, when you create a Virtual machine, disk storage is created too.
Why is cloud governance important for businesses? - To enable creation of standardized environments and audit those environments for compliance - To ensure your application is resilient in case of disaster - To increase the return on investment from using cloud elasticity - To be able to quickly scale resources when needed at short notice
To enable creation of standardized environments and audit those environments for compliance Governance is all about standardization and compliance, which is especially useful for meeting corporate standards and/or meeting government regulations.
Which of the following is a function of an Azure VPN Gateway? - To manage the IP addresses for an Azure Subscription and ensure only secure traffic is allowed - To handle any suspicious activity trying to access your Azure subscription - To make sure the connection from a virtual network to the internet is secure - To balance data coming into your Azure services from an external private network - To send encrypted traffic between an Azure Virtual Network and an on-premises location over the public internet
To send encrypted traffic between an Azure Virtual Network and an on-premises location over the public internet A VPN gateway is an important part of a hybrid Azure infrastructure. It allows encrypted traffic to flow between on-premises services and Azure services.
Why is cloud computing often less expensive than on-premises datacenters? Each correct answer presents a complete solution. - You are only billed for what you use. - Network bandwidth is free. - Cloud service offerings have limited functionality. - Services are only offered in a single geographic location.
You are only billed for what you use. Renting compute and storage services and being billed for only what you use often lowers operating expenses. Depending on the service and the type of network bandwidth, charges can be incurred. Cloud service offerings often provide functionality that can be difficult or cost-prohibitive to deploy on-premises, especially for smaller organizations. Major cloud providers offer services around the world. Making it easy and relatively inexpensive to deploy services close to where your users reside.
What is an advantage of cloud computing compared to on-premises deployments? - You can scale more quickly. - You own your CPUs. - You have full access in case of internet outage. - You can work from multiple workstations.
You can scale more quickly. Cloud computing allows you to scale more quickly. Owning your own CPUs and having full access in the event of an internet outage are not features of cloud computing. Working from multiple workstations is not specific to cloud computing compared to an on-premises deployment.
What are cloud-based backup services, data replication, and geo-distribution features of? - a disaster recovery plan - an elastic application configuration - a cost reduction plan - a hybrid cloud deployment
a disaster recovery plan Disaster recovery uses services, such as cloud-based backup, data replication, and geo-distribution, to keep data and code safe in the event of a disaster.
Select the answer that correctly completes the sentence. [Answer choice] is the logical container used to combine and organize Azure resources. - a resource group - Azure Resource Manager (ARM) - a management group - an Azure region
a resource group Resources are combined into resource groups, which act as a logical container into which Azure resources like web apps, databases, and storage accounts, are deployed and managed.
Which Azure resource is a software emulation of a physical computer that includes a virtual processor, memory, storage, and networking resources? - a virtual machine - an App Service - a function - a container
a virtual machine Virtual machines are software emulations of physical computers. They include a virtual processor, memory, storage, and networking resources. Virtual machines host an operating system, and you can install and run software just like on a physical computer.
Which scenario is a use case for a VPN gateway? - connecting an on-premises datacenter to an Azure virtual network - partitioning a virtual network's address space - communicating between Azure resources - filtering outbound network traffic
connecting an on-premises datacenter to an Azure virtual network A VPN gateway is a type of virtual network gateway. Azure VPN Gateway instances are deployed to a dedicated subnet of a virtual network. You can use them to connect on-premises datacenters to virtual networks through a Site-to-Site (S2S) VPN connection.
Which type of strategy uses a series of mechanisms to slow the advancement of an attack that aims to gain unauthorized access to data? - defense in depth - least privileged access - distributed denial-of-service (DDoS) - perimeter
defense in depth A defense in depth strategy uses a series of mechanisms to slow the advancement of an attack that aims to gain unauthorized access to data. The principle of least privilege means restricting access to information to only the level that users need to perform their work. A DDoS attack attempts to overwhelm and exhaust an application's resources. The perimeter layer is about protecting an organization's resources from network-based attacks.
An example of [answer choice] is automatically scaling an application to ensure that the application has the resources needed to meet customer demands. - agility - high availability - geo-distribution - elasticity
elasticity Elasticity refers to the ability to scale resources as needed, such as during business hours, to ensure that an application can keep up with demand, and then reducing the available resources during off-peak hours. Agility refers to the ability to deploy new applications and services quickly. High availability refers to the ability to ensure that a service or application remains available in the event of a failure. Geo-distribution makes a service or application available in multiple geographic locations that are typically close to your users.
In a region pair, a region is paired with another region in the same [answer choice]. - geography - availability zone - resource group - datacenter
geography Each Azure region is always paired with another region within the same geography, such as US, Europe, or Asia, at least 300 miles away.
Which issues require that you take action to avoid service interruptions, such as service retirements and breaking changes? - health advisories - service issues - application insights - Kusto queries
health advisories Health advisories are issues that require that you take action to avoid service interruptions, such as service retirements and breaking changes.
Which type of cloud service are virtual networks? - infrastructure as a service (IaaS) - platform as a service (PaaS) - software as a service (SaaS)
infrastructure as a service (IaaS) IaaS helps you reduce the cost and complexity of maintaining a physical server and its datacenter infrastructure. Virtual networks are part of the IaaS cloud service.
Which cloud service model provides you with the most control over the hardware that runs applications? - infrastructure as a service (IaaS) - platform as a service (PaaS) - software as a service (SaaS)
infrastructure as a service (IaaS) IaaS is the most flexible category of cloud services. It aims to give you complete control over the hardware that runs applications. Users do not control the operating system and do not configure the underlying servers in PaaS. With SaaS, you are using as-is software hosted in the cloud, instead of creating a platform to host a software yourself
Which resource can you use to manage access, policies, and compliance across multiple subscriptions? - management groups - resource groups - administrative units
management groups Management groups can be used in environments that have multiple subscriptions to streamline the application of governance conditions. Resource groups can be used to organize Azure resources. Administrative units are used to delegate the administration of Azure AD resources, such as users and groups. Accounts are used to provide access to resources
What Azure AD feature can you use to configure security authentication that requires users to use their mobile phone to sign in? - Microsoft Defender for Cloud - Advanced Thread Protection (ATP) - Azure Information Protection (AIP) - multi-factor authentication (MFA)
multi-factor authentication (MFA) MFA is the concept of requiring something more than only a password to sign in to an application. You can use the mobile phone to receive a phone call, text, or a code to get authenticated.
You need to allow resources on two different Azure virtual networks to communicate with each other. What should you configure? - a network security group (NSG) - a point-to-site VPN - peering - service endpoints
peering You can link virtual networks together by using virtual network peering. Peering enables resources in each virtual network to communicate with each other.
Which cloud service model is used by Azure SQL Database? - infrastructure as a service (IaaS) - platform as a service (PaaS) - software as a service (SaaS)
platform as a service (PaaS) Azure SQL Database is a PaaS database engine.
Your organization is building a custom application. You need to focus on application development rather than configuration and management of servers. Which cloud service model should you use? - infrastructure as a service (IaaS) - platform as a service (PaaS) - software as a service (SaaS)
platform as a service (PaaS) With PaaS, users can focus on application development because the cloud provider handles all the platform management. In SaaS, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications. IaaS is the closest service model to managing physical servers.
To which object or level is an Azure role-based access control (RBAC) role applied? - resource lock - scope - resource tag - policy
scope An Azure RBAC role is applied to a scope, which is a resource or set of resources that the access applies to. Resource locks prevent the accidental change or deletion of a resource. Resource tags are used to locate and act on resources associated with specific workloads, environments, business units, and owners. Policies enforce different rules across resource configurations so that the configurations stay compliant with corporate standards.
Which type of cloud service model is typically licensed through a monthly or annual subscription? - Infrastructure as a service (IaaS) - platform as a service (PaaS) - software as a service (SaaS)
software as a service (SaaS) SaaS is software that is centrally hosted and managed for you and your users or customers. Usually, one version of the application is used for all customers, and it is licensed through a monthly or annual subscription. PaaS and IaaS use a consumption-based model, so you only pay for what you use.
What is high availability in a public cloud environment dependent on? - the service-level agreement (SLA) that you choose - the vertical scalability of an app - cloud-based backup retention limits - capital expenditures
the service-level agreement (SLA) that you choose Different services have different SLAs. Sometimes different tiers of the same service will offer different SLAs, which can increase or decrease the promised availability.
What is the purpose of defense in depth? - to enable you to locate and act on resources that are associated with specific workloads, environments, business units, and owners - to manage policies that control or audit resources so that the configurations stay compliant with corporate standards - to protect information and prevent it from being stolen by those who are unauthorized to access it - to evaluate resources and make recommendations to help improve reliability and performance
to protect information and prevent it from being stolen by those who are unauthorized to access it The objective of defense in depth is to protect information and prevent it from being stolen by those who are unauthorized to access it.