azure
compute
"executing code" in the cloud
Binary Large Object (BLOB)
A collection of binary data. That binary data could be in the form of a file (stored in a storage account) or data stored in a database.
Azure Sphere
A company wants to build a new voting kiosk for sales to governments around the world. Which IoT technologies should the company choose to ensure the highest degree of security? IoT Hub IoT Central Azure Sphere
IoT Central
A company wants to quickly manage its individual IoT devices by using a web-based user interface. Which IoT technology should it choose? IoT Hub IoT Central Azure Sphere
Azure Resource Manager (ARM)
ARM meaning
Deploy extra instances of the same virtual machines across the different availability zones in the same Azure region.
Adding a third virtual machine reduces the composite SLA. How can Tailwind Traders offset this reduction? Increase the size of each virtual machine. Deploy extra instances of the same virtual machines across the different availability zones in the same Azure region. Do nothing. Using Azure Load Balancer increases the SLA for virtual machines.
Azure Resource Manager (ARM)
All actions that you take to manage your Azure resources goes through the ARM layer, meaning of ARM?
Azure DDoS Protection
An attacker can bring down your website by sending a large volume of network traffic to your servers. Which Azure service can help Tailwind Traders protect its App Service instance from this kind of attack? Azure Firewall Network security groups Azure DDoS Protection
The Azure CLI
As an administrator, you need to retrieve the IP address from a particular VM by using Bash. Which of the following tools should you use? ARM templates Azure PowerShell The Azure portal The Azure CLI
Tools in azure to support governance and compliance
Azure Blueprints Azure Policy Resource Locks Service Trust Portal
Azure Blueprints
Azure subscription templates with roles and policies are already defined
Binary Large Object
B L OB is a backronym for?
Resource Tags
Can add meta data to azure resources
Authentication
Confirms the identity of a person who wants access
Azure Policy
Creates rules across all of your azure resources Evaluate compliance to those rules
DNS Services
Domain name resolution
Azure Policy
Enforces standards and assess compliance across your organization
TCO calculator
Estimates the cost savings by comparing datacenter costs to running the same workload on Azure
High availability
Expressed as a percentage, it's the ability of a system to respond to users.
OpEx
For tax optimization, which type of expense is preferable? OpEx CapEx
Authorization
Grants the proper access to a legitimate user
Create a role assignment through Azure role-based access control (Azure RBAC).
How can Tailwind Traders allow some users to control the virtual machines in each environment but prevent them from modifying networking and other resources in the same resource group or Azure subscription? Create a role assignment through Azure role-based access control (Azure RBAC). Create a policy in Azure Policy that audits resource usage. Split the environment into separate resource groups.
Create an application control rule in Azure Security Center.
How can Tailwind Traders enforce having only certain applications run on its VMs? Connect your VMs to Azure Sentinel. Create an application control rule in Azure Security Center. Periodically run a script that lists the running processes on each VM. The IT manager can then shut down any applications that shouldn't be running.
Run the VMs on Azure Dedicated Host.
How can Tailwind Traders ensure that certain VM workloads are physically isolated from workloads being run by other Azure customers? Configure the network to ensure that VMs on the same physical host are isolated. This is not possible. These workloads need to be run on-premises. Run the VMs on Azure Dedicated Host.
Create a network security group rule that prevents access from another VM on the same network.
How can Tailwind Traders most easily implement a deny by default policy so that VMs can't connect to each other? Allocate each VM on its own virtual network. Create a network security group rule that prevents access from another VM on the same network. Configure Azure DDoS Protection to limit network access within the virtual network.
Conditional Access
How can the IT department ensure that employees at the company's retail stores can access company applications only from approved tablet devices? SSO Conditional Access Multifactor authentication
SSO
How can the IT department reduce the number of times users must authenticate to access multiple applications? SSO Conditional Access Multifactor authentication
Multifactor authentication
How can the IT department use biometric properties, such as facial recognition, to enable delivery drivers to prove their identities? SSO Conditional Access Multifactor authentication
It requires the user to have access to an additional device for identity verification
How does Multi-Factor Authentication make a system more secure? It is another password that a user has to memorize, making it more secure It allows the user to log in without a password because they have already previously been validated using a browser coookie It doesn't make it more secure It requires the user to have access to an additional device for identity verification
3
How many availability zones are there in each region (for regions that have them)? 3 Unlimited 1 2
60+
How many azure regions in the world
Hybrid cloud
Is a computing environment that combined a private cloud with a public cloud
Enables access to your data or application from outside the virtual network.
It can be said that most services in Azure have a public endpoint by default. What is a public endpoint? Provides you a static IP address from which your application always uses to communicate with the outside world. Blocks access to your applications and data from inside Azure. Enables access to your data or application from outside the virtual network. Provides you a static IP address for which the outside world can use to communicate with your application.
Just Enough Access (JEA)
JEA meaning
Just In Time (JIT)
JIT meaning
Azure Resource Manager (ARM)
Management layer that allows you to create, update and delete resources called deployments
Azure Resource Lock
Prevents resources from being accidentally deleted or changed
Platform as a service (PaaS)
Provides a fully managed environment for developing, testing, delivering, and managing cloud-based applications
Software as a service (SaaS)
Provides hosting and management of an application and its underlying infrastructure, as well as any maintenance, upgrades, and security patching
Infrastructure as a service (IaaS)
Provides servers and virtual machines, storage, networks, and operating systems on a pay-as-you-go basis
Azure Blueprints
Rapidly provisions and runs new environments with the knowledge that they are in line with the organization's compliance requirements
not all accessible by everyone
Regions-
Azure Multi-Factor Authentication
Require 2 or more pieces of evidence(factors) in order to log in
Apply a tag to each virtual machine that identifies the appropriate billing department.
Resources in the Dev and Test environments are each paid for by different departments. What's the best way to categorize costs by department? Apply a tag to each virtual machine that identifies the appropriate billing department. Split the cost evenly between departments. Keep a spreadsheet that lists each team's resources.
Total Cost of Ownership (TCO)
TCO calculator meaning
Azure Synapse Analytics
Tailwind Traders has millions of log entries that it wants to analyze. Which option would be ideal for analysis? Azure Cosmos DB Azure SQL Database Azure Database for PostgreSQL Azure Synapse Analytics
Azure Database for MySQL
Tailwind Traders uses the LAMP stack for several of its websites. Which option would be ideal for migration? Azure Cosmos DB Azure Database for MySQL Azure Database for PostgreSQL
Implicit FTP over SSL
Tailwind Traders wants to create a secure communication tunnel between its branch offices. Which of the following technologies can't be used? Point-to-site virtual private network Implicit FTP over SSL Azure ExpressRoute Site-to-site virtual private network
CloudExchange colocation, Point-to-point Ethernet connection, Any-to-any-connection
The three models that ExpressRoute supports are?
FALSE
True of false: Azure Powershell scripts and Command Line Interface (CLI) scripts are entirely compatible with each other?
TRUE
True or False: An Azure Storage Account can have both a public endpoint and a private endpoint at the same time.
FALSE
True or False: Azure is a public cloud, and has no private cloud offerings
TRUE
True or False: Under the Infrastructure as a Service model, Azure is responsible for managing the physical host, physical network, and physical datacenter.
TRUE
True or False: With Azure public cloud, anyone with a valid credit card can sign up and get services immediately
TRUE
True or False: With Azure public cloud, anyone with a valid credit card can sign up and get services immediately (subject to the usual country restrictions of course)
FALSE
True or false: Azure Active Directory is a network gateway that load balances user logins using a CDN (Content Delivery Network).
TRUE
True or false: Azure Cloud Shell allows access to the CLI and Powershell consoles in the Azure Portal
False
True or false: Azure charges for bandwidth used "inbound" to Azure
FALSE
True or false: You cannot have more than one Azure subscription per company
FALSE
True or false: You need to purchase an Azure account before you can use any Azure resources
TRUE
True or false: you can create your own policies if built-in Azure Policy is not sufficient to your needs
Load Balancer or Application Gateway
What Azure resource allows you to evenly split traffic coming in and direct it to several identical virtual machines to do the work and respond to the request? Azure App Services Azure Logic Apps Virtual Network Load Balancer or Application Gateway
Load Balancer or Application Gateway
What Azure resource allows you to evenly split traffic coming in and direct it to several identical virtual machines to do the work and respond to the request? Azure App Services Virtual Network Azure Logic Apps Load Balancer or Application Gateway
Management Groups
What Azure tool gives you the ability to manage multiple subscriptions into nested hierarchies? Resource Groups RBAC Azure Active Directory Management Groups
The storage account cannot have its properties altered but it doesn't affect the data itsel
What affect does using a "read only" resource lock on a Azure Storage Account have? A resource lock has no affect on a storage account. The data on the storage account cannot change. Only admin users can update the contents of the storage account. The storage account cannot have its properties altered but it doesn't affect the data itself.
The development team can create a prototype version of the app that includes the AR service that it tests out with select retail employees.
What approach might the company take in adding the augmented reality (AR) preview service to its architecture? The Special Orders app is already in production. The company shouldn't look into the AR service until the service reaches general availability (GA). The Special Orders app is mainly for use by retail employees. The company can integrate the AR service now because potential downtime or failures aren't an important factor. The development team can create a prototype version of the app that includes the AR service that it tests out with select retail employees.
A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.
What are Azure Availability Zones? A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option. This is the same as a region Within each individual data center, certain racks of servers have been architected by Azure to have higher uptime than the others. If you place your apps onto this rack, you'll get higher uptime than if you let Azure do it.
A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.
What are Azure Availability Zones? A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option. Within each individual data center, certain racks of servers have been architected by Azure to have higher uptime than the others. If you place your apps onto this rack, you'll get higher uptime than if you let Azure do it. This is the same as a region
A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.
What are Azure Availability Zones? This is the same as a region A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource Within each individual data center, certain racks of servers have been architected by Azure to have higher uptime than the others. If you place your apps onto this rack, you'll get higher uptime than if you let Azure do it. A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.
Application management Authentication
What are the two features that Azure AD provides? Choose two. Authentication Application management Functions Azure DDoS Protection Logs Analytics Logic Apps
Application management, Authentication
What are the two features that Azure AD provides? Choose two. Logic Apps Application management Authentication Functions Logs Analytics Azure DDoS Protection
Physically and logically separates virtual machines so that if one goes down, the others do not go down.
What benefit does Availability Sets provide when it comes to virtual machines in Azure? Keeps virtual machines close together, for the fastest communication between them. Physically and logically separates virtual machines so that if one goes down, the others do not go down. Allows you to monitor VM capacity and send alerts to the operations team. Can manage groups of virtual machines as one unit.
Can manage groups of virtual machines as one unit.
What benefit does Azure Scalesets provide when it comes to virtual machines in Azure? Allows you to monitor VM capacity and send alerts to the operations team. Can manage groups of virtual machines as one unit. Keeps virtual machines close together, for the fastest communication between them. Physically separates virtual machines so that if one goes down, the others do not go down.
Can manage groups of virtual machines as one unit.
What benefit does Azure Scalesets provide when it comes to virtual machines in Azure? Allows you to monitor VM capacity and send alerts to the operations team. Keeps virtual machines close together, for the fastest communication between them. Physically separates virtual machines so that if one goes down, the others do not go down. Can manage groups of virtual machines as one unit.
Allows you to reduce the traffic coming into a web server for static, unchanging files such as images, videos, and PDFs
What benefit does a Content Delivery Network (CDN) provide its users? For a small fee, Azure will take over management of your virtual machine, perform OS updates and ensure it's running well Allows you to reduce the traffic coming into a web server for static, unchanging files such as images, videos, and PDFs Allows you to store data that can be retrieved later in an extremely fast and inexpensive manner Allows you to keep temporarily session information on the web visitor such as their login ID or their name
Azure Resource Manager
What does ARM an abbreviation for in Azure? Advanced RISC Machine Account Resource Manager Azure Resource Manager Availability, Reliability, Maintainability
A discount will be applied to the customer's Azure bill (as a service credit), which is a compensation for an under-performing Azure product or service
What happens if Azure does not meet its own Service Level Agreement guarantee (SLA)? The service will be free that month It's not possible. Azure will always meet it's SLA? A discount will be applied to the customer's Azure bill (as a service credit), which is a compensation for an under-performing Azure product or service The resource that did not meet the SLA will be free for the remaining month and the next.
Azure Active Directory
What is Azure's preferred Identity/authentication service? Azure Active Directory Live Connect Facebook Connect Network Security Group
The ability to log in once and use the existing user id and password to sign in other applications, and not have to create/memorize a new one.
What is Single Sign-On? When you sign into an application, it remembers who you are the next time you go there. When an application outsources (federates) it's identity service to a third-party platform The ability to log in once and use the existing user id and password to sign in other applications, and not have to create/memorize a new one.
A denial of service attack that sends so much traffic to a network that it cannot respond fast enough; legitimate users become unable to use the service
What is a DDoS attack? An attempt to guess a user's password through brute force methods An attempt to read the contents of a web page from another website, thereby stealing the user's private information A denial of service attack that sends so much traffic to a network that it cannot respond fast enough; legitimate users become unable to use the service An attempt to send SQL commands to the server in a way that it will execute them against the database
Assume your network has been breached already
What is a core principle of Zero Trust? Require users to change their passwords frequently Require users to log in every session Don't store credit cards and other critical data in the cloud Assume your network has been breached already
Delivery of computing services over the internet
What is meant by cloud computing Delivery of computing services over the internet Setting up your own datacenter Using the internet
ARM templates
What is the best infrastructure-as-code option for quickly and reliably setting up your entire cloud infrastructure declaratively? ARM templates Azure PowerShell The Azure portal The Azure CLI
Create an Azure Storage account.
What is the first step that you would take in order to share an image file as a blob in Azure Storage? Create an Azure Storage container to store the image. Create an Azure Storage account. Upload the image file and create a container. Use a Shared Access Signature (SAS) token to restrict access to the image.
Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates.
What is the purpose of Azure Blueprints? Allows you to manage a group of existing subscriptions in a nested fashion. Allows you to create new resources based on a pre-defined template for consistency and fewer errors. Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates. A standard created specifically for building architects and the housing industry working within the cloud.
Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates.
What is the purpose of Azure Blueprints? Allows you to manage a group of existing subscriptions in a nested fashion. Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates. Allows you to create new resources based on a pre-defined template for consistency and fewer errors. A standard created specifically for building architects and the housing industry working within the cloud.
Azure Key Vault
What is the recommended way within Azure to store secrets such as private cryptographic keys? Azure Key Vault Azure Advanced Threat Protection (ATP) Within the application code In an Azure Storage account private blob container
Resources that perform some type of task that requires CPU cycles to perform the work
What types of resources are defined as <b>compute resources</b>? All resources that are listed in the Azure Marketplace Resources that perform some type of task that requires CPU cycles to perform the work Only Virtual Machines
Create application rules in Azure Firewall.
What's the best way for Tailwind Traders to limit all outbound traffic from VMs to known hosts? Configure Azure DDoS Protection to limit network access to trusted ports and hosts. Create application rules in Azure Firewall. Ensure that all running applications communicate with only trusted ports and hosts.
Apply spending limits to the development team's Azure subscription.
What's the best way to ensure that the development team doesn't provision too many virtual machines at the same time? Do nothing. Let the development team use what they need. Apply spending limits to the development team's Azure subscription. Verbally give the development lead a budget and hold them accountable for overages.
Collect security data in Azure Sentinel.
What's the easiest way for Tailwind Traders to combine security data from all of its monitoring tools into a single report that it can take action on? Collect security data in Azure Sentinel. Build a custom tool that collects security data, and displays a report through a web application. Look through each security log daily and email a summary to your team.
Azure compliance documentation
Where can the IT department find reference blueprints that it can apply directly to its Azure subscriptions? Online Services Terms Azure compliance documentation Microsoft Privacy Statement
Trust Center
Where can the legal team access information around how the Microsoft cloud helps them secure sensitive data and comply with applicable laws and regulations? Microsoft Privacy Statement Trust Center Online Services Terms
Microsoft Privacy Statement
Where can the team access details about the personal data Microsoft processes and how the company processes it, including for Cortana? Microsoft Privacy Statement The Azure compliance documentation Microsoft compliance offerings
Azure Active Directory Free, Office 365
Which Azure AD licenses (select two) are made available through Azure? Azure Active Directory Free Office 365 Business Tier 1 Enterprise Tier 2 Basic
Azure Virtual Desktop
Which Azure Service gives you access to your own personalized Windows 10 or 11 desktop machine in the cloud, so that you can access your work files and applications whereever you go from any device? Private Link Azure App Services Virtual Private Network Azure Virtual Desktop
Azure Blob Storage
Which Azure Storage option is better for storing data for backup and restore, disaster recovery, and archiving? Azure Files Storage Azure Disk Storage Azure Blob Storage
Virtual machine scale sets
Which Azure compute resource can be deployed to manage a set of identical virtual machines? Virtual machine scale sets Virtual machine availability sets Virtual machine availability zones
Passwordless
Which Azure technology allows you to log in to Azure Active Directory device or application using your face, a PIN code, or a gesture instead of having to type a password? Passwordless Microsoft Defender for Cloud AD Conditional Access Multi-Factor Authentication
Azure Arc
Which Azure technology allows you to manage virtual machines running in Azure, in your own environment, and in other environments such as AWS? Azure Kubernetes Service Azure Arc Azure Virtual Desktop Azure Monitor
Azure Monitor
Which feature within Azure collects all of the logs from various resources into a central dashboard, where you can run queries, view graphs, and create alerts on certain events? Azure Monitor Azure Portal Dashboard Azure Security Center Storage Account or Event Hub
Apply a tag to each resource that includes the associated billing department.
Which is likely the best way for Tailwind Traders to identify which billing department each Azure resource belongs to? Track resource usage in a spreadsheet. Split the deployment into separate Azure subscriptions, where each subscription belongs to its own billing department. Apply a tag to each resource that includes the associated billing department.
Run the Total Cost of Ownership Calculator.
Which is the best first step the team should take to compare the cost of running these environments on Azure versus in their datacenter? They're just test environments. Spin them up and check the bill at the end of the month. Assume that running in the cloud costs about the same as running in the datacenter. Run the Total Cost of Ownership Calculator.
Create a policy in Azure Policy that specifies the allowed SKU sizes.
Which is the best way for Tailwind Traders to ensure that the team deploys only cost-effective virtual machine SKU sizes? Create a policy in Azure Policy that specifies the allowed SKU sizes. Periodically inspect the deployment manually to see which SKU sizes are used. Create an Azure RBAC role that defines the allowed virtual machine SKU sizes.
Store the certificates in Azure Key Vault.
Which is the best way for Tailwind Traders to safely store its certificates so that they're accessible to cloud VMs? Place the certificates on a network share. Store them on a VM that's protected by a password. Store the certificates in Azure Key Vault.
Deallocate virtual machines when they're not in use.
Which is the most efficient way for the testing team to save costs on virtual machines on weekends, when testers are not at work? Delete the virtual machines before the weekend and create a new set the following week. Deallocate virtual machines when they're not in use. Just let everything run. Azure bills you only for the CPU time that you use.
Network Interface Card (NIC), Storage Account, Virtual Network
Which of the following Azure Resources are required in order to have a virtual machine? Only choose services that are required, not ones that are optional. Public IP Address Network Interface Card (NIC) Storage Account Virtual Network
Azure US Government, Azure China
Which of the following are examples of Azure Sovereign Regions? Azure US Government Azure China Azure South Africa Azure Brazil
Salary costs of employees managing the servers, Cost of electricity, Cost to access the Internet, Real estate costs
Which of the following are factors in Total Cost of Ownership? Choose all that apply. Salary costs of employees managing the servers Cost of electricity Cost to access the Internet Real estate costs
Geographic isolation
Which of the following choices isn't a benefit of using cloud services? Scalability Disaster recovery High availability Geographic isolation
Networking-as-a-Service (NaaS)
Which of the following choices isn't a cloud computing category? Networking-as-a-Service (NaaS) Platform-as-a-Service (PaaS) Infrastructure-as-a-Service (IaaS) Software-as-a-Service (SaaS)
Azure Boards
Which of the following choices would not be used to automate a CI/CD process? Azure Pipelines GitHub Actions Azure Boards
Separate servers into distinct subnets by role
Which of the following elements is considered part of the "network" layer of network security? Locks on the data center doors Keep operating systems up to date with patches Use a firewall Separate servers into distinct subnets by role
Separate servers into distinct subnets by role
Which of the following elements is considered part of the <b>network</b> layer of network security? Locks on the data center doors Use a firewall Keep operating systems up to date with patches Separate servers into distinct subnets by role
Separate servers into distinct subnets by role
Which of the following elements is considered part of the <b>network</b> layer of network security? Separate servers into distinct subnets by role Use a firewall Keep operating systems up to date with patches Locks on the data center doors
Use a firewall
Which of the following elements is considered part of the <b>perimeter</b> layer of security? Separate servers into distinct subnets by role Keep operating systems up to date with patches Use a firewall Locks on the data center doors
Resource groups can be nested.
Which of the following features does not apply to resource groups? Resources can be in only one resource group. Role-based access control can be applied to the resource group. Resource groups can be nested.
Azure subscription
Which of the following is a logical unit of Azure services that links to an Azure account? Azure subscription Management group Resource group Public cloud
A limited pool of services
Which of the following is not a feature of Cloud computing? Faster innovation A limited pool of services Speech recognition and other cognitive services
All of these! Azure can do it all!
Which of the following is something that Azure Cognitive Services API can currently do? Speak text in an extremely realistic way Recognize faces in a picture Recognize text in an image All of these! Azure can do it all! Create text from audio Translate text from one language to another
AzCopy
Which of the following is the best approach when you need to copy large amount of files between two Azure Storage accounts? Use Azure API programmatically Storage Explorer AzCopy Download the files to your local machine and upload them to the new account
Distributed cloud
Which of the following options isn't a type of cloud computing? Distributed cloud Hybrid cloud Private cloud Public cloud
Prevent certain Azure Virtual Machine instance types from being used in a resource group
Which of the following scenarios would Azure Policy be a recommended method for enforcement? Allow only one specific roles of users to have access to a resource group Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue? Require a virtual machine to always update to the latest security patches Prevent certain Azure Virtual Machine instance types from being used in a resource group
Prevent certain Azure Virtual Machine instance types from being used in a resource group
Which of the following scenarios would Azure Policy be a recommended method for enforcement? Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue? Allow only one specific roles of users to have access to a resource group Prevent certain Azure Virtual Machine instance types from being used in a resource group Require a virtual machine to always update to the latest security patches
Prevent certain Azure Virtual Machine instance types from being used in a resource group
Which of the following scenarios would Azure Policy be a recommended method for enforcement? Allow only one specific roles of users to have access to a resource group Prevent certain Azure Virtual Machine instance types from being used in a resource group Require a virtual machine to always update to the latest security patches Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue?
Azure Functions
Which of the following services should be used when the primary concern is to perform work in response to an event (often via a REST command) that needs a response in a few seconds? Azure Functions Azure App Service Azure Container Instances
Azure Functions App
Which of the following services would NOT be considered Infrastructure as a Service? Virtual Network Azure Functions App Virtual Network Interface Card (NIC) Virtual Machine
Azure Functions App
Which of the following services would NOT be considered Infrastructure as a Service? Virtual Network Virtual Machine Virtual Network Interface Card (NIC) Azure Functions App
An Azure subscription is a logical unit of Azure services.
Which of the following statements is a valid statement about an Azure subscription? Using Azure doesn't require a subscription. An Azure subscription is a logical unit of Azure services.
With Operating Expenses (OpEx), you are only responsible for the computing resources that you use.
Which of the following statements is true? With Operating Expenses (OpEx), you are responsible for purchasing and maintaining your computing resources. With Operating Expenses (OpEx), you are only responsible for the computing resources that you use. With Capital Expenses (CapEx), you are only responsible for the computing resources that you use.
Azure DevTest Labs
Which service could help you manage the VMs that your developers and testers need to ensure that your new app works across various operating systems? Azure DevTest Labs Azure Test Labs Azure Repos
Azure Monitor
Which service is a platform that powers Application Insights, monitoring for VMs, containers, and Kubernetes? Azure Advisor Azure Monitor Azure Service Health
Azure Pipelines
Which service lacks features to assign individual developers tasks to work on? Azure Boards GitHub Azure Pipelines
Azure Service Health
Which service provides official outage root cause analyses (RCAs) for Azure incidents? Azure Advisor Azure Monitor Azure Service Health
LRS
Which storage redundancy option is the cheapest? LRS ZRS RA-GRS GRS
Azure Advisor
Which tool within the Azure Portal will make specific recommendations based on your actual usage for how you can improve your use of Azure? Azure Monitor Azure Service Health Azure Dashboard Azure Advisor
International Organization for Standardization
Within the context of privacy and compliance, what does the acronym ISO stand for, in English? Intelligence and Security Office Instead of International Organization for Standardization Information Systems Officer
Azure portal, Direct link, Code snippets
You can access the Azure Cloud Shell in three ways, what are they?
Azure Bot Service
You need to create a human-computer interface that uses natural language to answer customer questions. Which product option should you select as a candidate? Azure Machine Learning Azure Cognitive Services Azure Bot Service
Azure Cognitive Services
You need to identify the content of product images to automatically create alt tags for images formatted properly. Which product option is the best candidate? Azure Machine Learning Azure Cognitive Services Azure Bot Service
Azure Machine Learning
You need to predict future behavior based on previous actions. Which product option should you select as a candidate? Azure Machine Learning Azure Bot Service Azure Cognitive Services
Azure Functions
You need to process messages from a queue, parse them by using some existing imperative logic written in Java, and then send them to a third-party API. Which serverless option should you choose? Azure Functions Azure Logic Apps
Azure Advisor
You want to be alerted when new recommendations to improve your cloud environment are available. Which service will do this? Azure Advisor Azure Monitor Azure Service Health
Azure Logic Apps
You want to orchestrate a workflow by using APIs from several well-known services. Which is the best option for this scenario? Azure Functions Azure Logic Apps
IoT Hub
You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages? IoT Hub IoT Central Azure Sphere
The Azure portal
You're a developer who needs to set up your first VM to host a process that runs nightly. Which of the following tools is your best choice? ARM templates Azure PowerShell The Azure portal The Azure CLI
Azure Virtual Desktop
Your company has a team of remote workers that need to use Windows-based software to develop your company's applications, but your team members are using various operating systems like macOS, Linux, and Windows. Which Azure compute service would help resolve this scenario? Azure App Service Azure Virtual Desktop Azure Container Instances
Azure Cosmos DB
Your development team is interested in writing Graph-based applications that take advantage of the Gremlin API. Which option would be ideal for that scenario? Azure Cosmos DB Azure SQL Database Azure Databricks Azure Database for PostgreSQL
Azure Logic Apps
Your team has limited experience with writing custom code, but it sees tremendous value in automating several important business processes. Which of the following options is your team's best option? Azure Functions Azure Logic Apps
Virtual Private Network (VPN)
connecting two networks as if they were on the same network, uses a Network Gateway
Azure Cost Management
a tool inside azure to analyze spending
virtual network
emulating a physical network
Pricing calculator
helps you to estimate workload cost.
Storage
one of the foundational technologies on which much is built
Azure AD
provides "identity as a service"
Resource Locks
read only cannot delete
Azure Kubernetes Service (AKS)
runs on a cluster of servers, enterprise-grade
Azure Container Instance (ACI)
single instance, quickest way to deploy a container
Was 54, now 60+
Approximately how many regions does Azure have around the world? Was 54, now 60+ 10 100 25
Governance
The leaders in your company might have certain IT rules that they want to implement
B
Single sign-on (SSO) is __________ method that enables users to sign in the first time and access various applications and resource by using same password. A. a validation B. an authentication C. a configuration D. an authorization
Elasticity
The ability of a system to automatically grow and shrink based on application demand
Scalability
The ability of a system to handle growth of users or work.
Azure Resource Manager (ARM)
The deployment management service for Azure
Management Groups
What Azure tool gives you the ability to manage multiple subscriptions into nested hierarchies? Management Groups Azure Active Directory Resource Groups RBAC
A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource
What are Resource Groups in Azure? Within the Azure security model, users are organized into groups, and those groups are granted permissions to resources A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource Automatically assigned groups of resources that all have the same type (virtual machine, app service, etc) Based on the tag assigned to a resource by the deployment script, it is assigned to a group
A
What can you use to launch the Azure Cloud Shell? A. Azure portal B. Azure PowerShell C. Azure Command Line Interface (CLI) D. Azure Resource Manager (ARM) template
Anyone can use the service for any reason
What does it mean if a service is in General Availability (GA) mode? You have to apply to get selected in order to use that service The service is available for use by some, and Microsoft will provide support for it Anyone can use the service but it must not be for production use Anyone can use the service for any reason
You have to apply to get selected in order to use that service
What does it mean if a service is in Private Preview mode? The service is generally available for use, and Microsoft will provide support for it Anyone can use the service for any reason You have to apply to get selected in order to use that service Anyone can use the service but it must not be for production use
Anyone can use the service but normal service level agreements do not apply
What does it mean if a service is in Public Preview mode? Anyone can use the service for any reason You have to apply to get selected in order to use that service The service is generally available for use, and Microsoft will provide support for it Anyone can use the service but normal service level agreements do not apply
The ability of it to add and reduce capacity based on actual demand
What feature of a system makes it elastic? The ability of it to stay up (available) while updates are being made to the system The ability to withstand denial of service attacks The ability to heal itself after a crash The ability of it to add and reduce capacity based on actual demand
Network Security Group
What is the basic way of protecting an Azure Virtual Network subnet? Application Gateway with WAF Azure Firewall Azure DDos Standard protection Network Security Group
The more you buy of something, the cheaper it is for you
What is the benefit of economies of scale? The more you buy of something, the cheaper it is for you Big companies don't need to make a profit on every sale Prices of cloud servers and services are always going down. It'll be cheaper next year than it is this year. Big companies don't need to make a profit on the first product they sell you, because they will on the second
there is no cloud, only someone else's computer
What is the cloud?
An extremely large set of data that you want to ingest and do analysis on; traditional software like SQL Server cannot handle Big Data as efficiently as specialized products
What is the concept of Big Data? A set of Azure services that allow you to use execute code in the cloud but don't require (or even allow) you to manage the underlying server An extremely large set of data that you want to ingest and do analysis on; traditional software like SQL Server cannot handle Big Data as efficiently as specialized products A small sensor or a similar device that constantly sends its status and other data to the cloud A form of artificial intelligence (AI) that allows systems to automatically learn and improve from experience without being explicitly programmed
$200
What is the default amount of credits that you are given when you first create an Azure Free account?
Windows and Linux
What operating systems does Microsoft supply Azure Virtual Machine images for? macOS Windows and Linux Windows, Linux and macOS Windows Linux
Basic, Standard
What two types of DDoS protection services does Azure provide? Select two. Basic Advanced Standard Premium
A list of standards that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft's compliance efforts
What type of documents does the Microsoft Service Trust Portal provide? Specific recommendations about your usage of Azure and ways you can improve A list of standards that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft's compliance efforts Documentation on the individual Azure services and solutions A tool that helps you manage your compliance to various standards
Resources that perform some type of task that requires CPU cycles to perform the work
What types of resources are defined as "compute resources"? Resources that perform some type of task that requires CPU cycles to perform the work Only Virtual Machines All resources that are listed in the Azure Marketplace
Azure Marketplace
Where do you go within the Azure Portal to find all of the third-party virtual machines and other offers? Bing Azure Marketplace Azure mobile app Choose an image when creating a VM
D
Which Azure Active Directory (Azure AD) feature is used to provide access to resources based on organizational policies? A. multi-factor authentication (MFA) B. single sign-on (SSO) C. administrative units D. Conditional Access
B
Which Azure feature enables you to organize multiple subscriptions in hierarchies for unified policies and compliance? A. Resource groups B. Management groups C. Azure Active Directory (Azure AD) D. Azure Container Instances
B
Which Azure serverless computing technology provides the ability to execute workflows to automate business scenarios by using triggers without writing any code? A. Azure Functions B. Azure Logic Apps C. Azure Front Door D. Azure DevOps
C
Which cloud approach is used by organizations to take full advantage of on-premises technology investments and allows data and applications to be shared between two environments? A. public cloud B. private cloud C. hybrid cloud D. on-premises datacenter
B
Which defense in depth layer uses distributed denial of service (DDoS) protection? A. Physical security layer B. Perimeter layer C. Network layer D. Application layer
Azure Service Health
Which feature within Azure alerts you to service issues that happen in Azure itself, not specifically related to your own resources? Azure Security Center Azure Monitor Azure Service Health Azure Portal Dashboard
Use a firewall
Which of the following elements is considered part of the "perimeter" layer of security? Keep operating systems up to date with patches Separate servers into distinct subnets by role Use a firewall Locks on the data center doors
A refrigerator that monitors how much milk you have left and sends you a text message when you are running low
Which of the following would be an example of an Internet of Things (IoT) device? A web application that people use to perform their banking tasks A mobile application that is used to watch online video courses A video game, installed on Windows clients around the world, that keep user scores in the cloud. A refrigerator that monitors how much milk you have left and sends you a text message when you are running low
C
Which option is used to set the communication between an on-premises VPN device and an Azure VPN gateway through an encrypted tunnel over the internet? A. ExpressRoute B. Point-to-Site (P2S) VPN C. Site-to-Site VPN
Azure Advisor
Which tool within the Azure Portal will make specific recommendations based on your actual usage for how you can improve your use of Azure? Azure Service Health Azure Monitor Azure Advisor Azure Dashboard
You give Azure the code and the configuration, and you have no access to the underlying hardware
Why is Azure App Services considered Platform as a Service? You are responsible for keeping the operating system up to date with the latest patches You can decide on what type of virtual machine it runs - A-series, or D-series, or even H-series You give Azure the code and the configuration, and you have no access to the underlying hardware Azure App Services is not PaaS. It is Software as a Service.
You can save a lot of money if you don't use the resource often as opposed to having it available for use 24/7
Why would someone prefer a Consumption-based pricing model as opposed to a Time-based (Fixed) pricing model? You can easily predict the cost of the service into the future You can save a lot of money if you don't use the resource often as opposed to having it available for use 24/7 The pricing model is simpler and easier to understand It is always cheaper to pay for consumption than to pay by the hour
B
You use __________ to organize resources in an Azure subscription. A. Azure regions B. Resource groups C. Management group D. Administrative units
C
_________ in Azure enables you to deploy Azure resources close to the users. A. Elasticity B. Scalability C. Geo-distribution D. High availability
subnet
a subdivision of a virtual network, that you control, that has its own security rules
C
alerts you when service issues occur in an Azure environment, such as a regional Azure outage that affects all Azure customers. A. Azure Monitor B. Azure Advisor C. Azure Service Health D. Azure Application Insights
C
copies data to a secondary region from the primary region across multiple datacenters that are located many miles apart. A. Premium storage B. Zone redundant storage (ZRS) C. Geo-redundant storage (GRS) D. Locally-redundant storage (LRS)
C
enables you to provision a group of matching and load-balanced virtual machines in Azure. A. Azure Logic Apps B. An availability set C. An Azure virtual machine scale set D. Azure Load Balancer
C
enables you to scale to thousands of virtual machines for high-performance computing and large-scale parallel jobs. A. An Azure virtual machine scale set B. An availability set C. Azure Batch D. An availability zone
Azure Cost Management
helps to understand Azure bill, manage account.
Express Route
high speed private connection to Azure
Simple Storage Service (S3)
in AWS, a Storage Account is called?
subscription
is a billing unit
C
is a repeatable set of governance tools that helps development teams quickly build and create new environments while adhering to organizational compliance to speed up development and deployment A. Azure DevOps B. A Continuous Integration/Continuous Deployment (CI/CD) pipeline configuration C. Azure Blueprints D. Azure Policy
Identity
is a representation of a person, application or device
authentication
is a user proving who they are - user id and password
Public cloud
is defined as computing services offered by third party providers over the public internet, making them available to anyone who wants to use of purchase them.
Private cloud
is defined as computing services offered either over the Internet or a private internal network and only to select users instead of the general public.
authorization
is ensuring that a user is permitted to perform an action
B
is supported by ExpressRoute for connecting an on-premises network to Azure. A. A Point-to-Site VPN B. A point-to-point Ethernet connection C. A Site-to-Site VPN D. Azure Peering service
Conditional Access
is the tool used by Azure Active Directory to allow (or deny) access to resources based on identity signals. It is a more refined MFA (multifactor authentication) method.