Configure and manage virtual networks for Azure administrators & Monitor and back up Azure resources
What happens if a health probe isn't configured and a VM fails?
Azure Load Balancer won't notice the failure and continues to route traffic to the failed VM. This issue causes requests to time out.
What data does Azure Monitor collect?
Data from a variety of sources, such as the application event log, the operating system (Windows and Linux), Azure resources, and custom data sources
An SLA is important to define for your service because:
It helps you determine the availability of your service that you will commit to for your customers.
What are some of the typical components involved in a network design?
A VM, subnet, firewall, and load balancer
What is an ExpressRoute circuit?
A circuit provides a physical connection for transmitting data through the ExpressRoute provider's edge routers to the Microsoft edge routers.
Which protocol provides dynamic routing for Azure ExpressRoute?
Border Gateway Protocol (BGP)
What type of DNS record should you create to map one or more IP addresses against a single domain?
A or AAAA
Which of the following is not used in a highly available architecture?
A recovery service vault
What is the schema?
A series of tables logically grouped together, which allow for an easy understanding behind how Log Analytics stores logs
Which of the following resources can you assign a public IP address to?
A virtual machine
You want to make sure that admins know as soon as a web app becomes overloaded. Which feature of Application Insights should you use?
Alerts
What do you have to install or create to store simple boot diagnostics in Azure?
An Azure storage account.
Which connection type supports connectivity to Office 365?
An ExpressRoute connection.
Which load balancing strategy does Application Gateway implement?
Application Gateway follows a round-robin approach, distributing requests to each available server in a backend pool in turn.
You want to add an extra layer of security to Azure Bastion. Where can you start?
Apply role-based access control (RBAC) and the least privilege to use and manage Azure Bastion
How are smart groups created?
Automatically, using machine learning algorithms.
Which Azure capability offers operations teams a pre-defined monitoring experience across multiple resources?
Azure Monitor Insights
How does Azure Monitor organize log data for queries?
Azure Monitor organizes log data into tables.
Where can IT Operations teams find a topology view with network connection details of their VMs and scale sets?
Azure Monitor virtual machine insights
You have a Linux-based web app that runs in the Azure App Service. You want to display basic performance data in an Application Insights dashboard. Which method should you use to instrument your app?
Build-time instrumentation
Which peering configuration would you use for your Express route circuit where you need to allow direct connections to Azure compute resources?
Azure private peering
To resolve latency issues on the network, which Azure Network Watcher features can you use?
Connection troubleshoot
How do you set up Azure Sentinel on Azure?
Create a workspace, and then add that workspace to Azure Sentinel.
Which four ways does Site Recovery protect virtual machine infrastructure?
Creates snapshots and recovery points, replicates VMs to a secondary region, supports DR drills, and enables flexible failover/failback.
Where should DevOps teams implement application monitoring to improve application health and performance?
During development and while in production
Which of the following is not a benefit of ExpressRoute?
Encrypted network communication
What is the main advantage of an availability set?
It allows virtual machines to be available across physical server failures.
What is Microsoft peering?
It enables you to connect your on-premises network to Office 365 services and Dynamics 365.
What security benefits does Azure ExpressRoute provide?
ExpressRoute uses a dedicated, private network to connect to the Microsoft cloud. Traffic doesn't traverse the public internet, so it's difficult to intercept.
Which of the following is NOT a state of a smart group alert?
Failed
True or false: all Azure data storage options include automatic backup of data?
False
True or false: data replication and data backup are the same thing.
False
What is the default distribution type for traffic through a load balancer?
Five-tuple hash
When should you use Azure ExpressRoute instead of Azure site-to-site connectivity?
For handling enterprise-class and mission-critical workloads
For a point-to-site Azure VPN gateway, what are the key parameters that you must specify when you create it?
Gateway type is Vpn, vpn type is RouteBased, and you need to specify a gateway sku.
Which of the following is an example of a log data type?
HTTP response records
You closed a port in a network security group used by a virtual network that hosts the VMs in the Load Balancer pool. How might this affect load balancing?
If the port is used to send traffic to the VMs in the pool, then this traffic is blocked. All requests time out and eventually fail. If this port was a probe port, the VM is removed from rotation
You've enabled Application Insights for your web app. In which of the following Azure resources will telemetry data be stored for the app?
In the Application Insights resource.
What is the Azure ExpressRoute service?
It's a service that provides a direct connection from your on-premises datacenter to the Microsoft cloud.
What does Azure DNS allow you to do?
Manage and host your registered domain and associated records.
What two fundamental types of data does Azure Monitor collect?
Metrics and logs
To capture traffic on a VM, Azure Network Watcher requires:
Network Watcher Agent VM Extension
What must a virtual machine have to communicate with the other resources in the same virtual network?
Network interface
Which of the following can be excluded from your recovery steps in your recovery plan?
None of the above should be excluded in a recovery plan.
You're monitoring the average packet count metric for a load balancer. The average packet count suddenly increases by a significant amount, although the number of clients doesn't appear to have changed. What is the most probable cause?
One or more virtual machines in the back-end pool are no longer responding to health probe requests and are no longer participating in load balancing
What does Azure Monitor for VMs provide?
Provides access to log data without exposing the user to underlying queries.
You create a custom chart and pin it to an Application Insights dashboard. Other users of the dashboard can't see the new chart. What should you do to resolve the problem?
Re-publish the Application Insights dashboard.
How does Site Recovery support grouping of machines and workloads?
Recovery plans.
Which restore type should you select if you want to replace a disk on an existing virtual machine?
Replace existing
What's the composition of an alert rule?
Resource, condition, actions, alert details
You start out by talking to individual business units about monitoring wants and needs at the start of your assignment. You determine each business unit only needs to query logs generated from their resources. Which access model would you select for your Log Analytics deployment?
Resource-context
What security features does Azure DNS provide?
Role-based access control, activity logs, and resource locking
How are storage accounts used by Site Recovery to store data backups?
Site Recovery creates recovery services vaults.
You decide to deploy Azure Bastion to an existing virtual network by using the Azure CLI. What resources do you need to create?
Subnet named AzureBastionSubnet, public IP, and Azure Bastion
You want to replace a disk on an existing VM but receive an error. What's the possible reason?
The existing VM has been deleted and is no longer available
Which criteria does Application Gateway use to route requests to a web server?
The hostname, port, and path in the URL of the request
An organization has set up virtual machines (VMs) to act as jumpboxes in each of its six virtual networks. Why should the organization consider using Azure Bastion?
The organization can simplify the management of its VMs.
What does the average Health Probe Status metric indicate?
The percentage of virtual machines in the back-end pool that are responding to health probe requests.
Several of your peers are having trouble connecting to VMs by using Azure Bastion. What isn't likely to cause the problem?
The public IP address of the destination VM
Which of the following statement about external load balancers is correct?
They have a public IP address.
Why might you use virtual network peering?
To connect virtual networks together in the same region or across regions
Why would you use a custom route in a virtual network?
To control the flow of traffic within your Azure virtual network.
How can you continuously monitor your applications from different geographic locations?
Use availability tests to continuously monitor your application from different geographic locations.
How can you prevent persistent access to your virtual machines by using Azure Security Center?
Use just-in-time access to prevent persistent access.
Which tool allows you to automate your responses to alerts?
Use playbooks to automate your response to alerts.
Sentinel has raised an incident. How can you investigate which users have been affected?
Use the investigation map, drill down into the incident, and look for user entities affected by the alert
What aspect of application performance can be monitored by DevOps teams when using Azure Monitor Application Insights?
User behavior and usage patterns for your application
You want to track the average CPU usage of your Azure virtual machine over the last seven days. What is the most straightforward way to do this?
View the metrics for the virtual machine on the Overview page and set the range to the last seven days
Which configuration is required to configure an internal load balancer?
Virtual machines should be in the same virtual network
At what resource level or scope does an Azure Bastion connection apply to?
Virtual network or peered virtual networks
You need to connect Azure resources like Azure virtual machines across geographical regions. Which Azure networking option should you use?
Virtual network peering
Why would you use Azure Sentinel?
You want a detailed overview of your enterprise, potentially across multiple clouds, and on-premises locations.
Why would you use Azure Application Insights?
You want to analyze and address problems that affect your application's health.
Why would you use Azure Security Center?
You want to secure an infrastructure that consists of on-premises and cloud resources.
