AZ-900 Test Questions
What can you use Compliance Manager for?
This tool allows you to track your compliance to standards based on your business needs.
Which location ensure data-residency and compliance needs are met for customers who need to keep their data and applications close?
Geographies. Geographies allow customers with specific data-residency and compliance needs to keep their data and applications close.
Authorization
Grants the proper access to a legitimate user
What is HDInsight?
HDInsight is a big data storage and analytics system.
Cost management
Helps control, analyze, and optimize workload costs
What's the term that refers to making a service available with no downtime for an extended period of time?
High availability
What are the capabilities that Azure Advisor can provide recommendations for?
High availability, security, performance, operational excellence, and cost.
Which cloud service type requires the most user management?
Infrastructure as a Service. Infrastructure as a Service requires the most user management of cloud services.
Azure Resource Locks
Prevents resources from being accidentally deleted or changed
Software as a service (SaaS)
Provides a fully managed environment for developing, testing, delivering, and managing cloud-based applications
Platform as a service (PaaS)
Provides hosting and management of an application and its underlying infrastructure, as well as any maintenance, upgrades, and security patching
Infrastructure as a service (IaaS)
Provides servers and virtual machines, storage, networks, and operating systems on a pay-as-you-go basis
Azure Blueprints
Rapidly provisions and runs new environments with the knowledge that they are in line with the organization's compliance requirements
Deploying an app can be done directly to what level of physical granularity?
Region. Azure organizes infrastructure around regions, which include multiple datacenters. You can pick the region you want resources deployed into.
Microsoft Azure datacenters are organized and made available by what?
Regions
What can you use to grants users only the rights they need to perform their jobs?
Role-Based Access Control. RBAC grants users the specific rights they need to perform their jobs.
Which cloud services provides development collaboration tools including high-performance pipelines, free private Git repositories, and configurable Kanban boards?
Azure DevOps Services
Azure Policy
Enforces standards and assess compliance across your organization
Pricing calculator
Estimates workload costs
Which service is used to ensure availability during maintenance events?
Availability Set
What can you use to launch the Azure Cloud Shell? A. Azure Portal B. Azure PowerShell C. Azure Command Line Interface (CLI) D. Azure Resource Manager (ARM) template
A. Azure Portal
What is Azure Information Protection (AIP)?
AIP is a cloud-based solution that helps organizations classify and (optionally) protect its documents and emails by applying labels.
Which items would be good use of a resource lock?
An ExpressRoute circuit with connectivity back to the on-premises network
To use Azure datacenters that are made available with power, cooling, and networking capabilities independent from other datacenters in a region, choose a region that supports, what?
Availability Zones are datacenters set up to be an isolation boundary from others in the region, with their own power, cooling, and networking. If one zone in a region goes down, other Availability Zones in the region continue to work.
Which storage type is optimized for storing massive amounts of unstructured data, such as videos and images?
Azure Blob Storage
What can be used to define a repeatable set of Azure resources that implement organizational requirements?
Azure Blueprints
When managing Azure services remotely from an Android phone. Which management tools would best allow remote management from your Android phone with the least amount of administrative effort?
Azure CLI
What are the two ways to manage both Docker and Microsoft-based containers in Azure?
Azure Container Instances Azure Kubernetes Service
Which service provides a set of tools for monitoring, allocating, and optimizing your Azure costs?
Azure Cost Management
Which service is used when someone is only concerned about the code running the service, instead of the underlying platform or infrastructure?
Azure Functions. Azure Functions is ideal when someone is only concerned about the code running the service, but isn't worried about the underlying platform or infrastructure.
What can be used to help enforce resource tagging so the billing can be managed?
Azure Policy can be used to enforce tagging values and rules on resources.
Which Azure support plan is best for business-critical workloads?
Azure Professional Direct. The best way to ensure your solutions are running nearly all the time.
Which service is a logical unit of Azure services that links to an Azure account?
Azure Subscription
__________ is supported by ExpressRoute for connecting an on-premises network to Azure. A. A Point-to-Site VPN B. A point-to-point Ethernet connection C. A Site-to-Site VPN D. Azure Peering service
B. A point-to-point Ethernet connection
Which Azure serverless computing technology provides the ability to execute workflows to automate business scenarios by using triggers without writing any code? A. Azure Functions B. Azure Logic Apps C. Azure Front Door D. Azure DevOps
B. Azure Logic Apps
Which Azure feature enables you to organize multiple subscriptions in hierarchies for unified policies and compliance? A. Resource groups B. Management groups C. Azure Active Directory (Azure AD) D. Azure Container Instances
B. Management groups
Which defense in depth layer uses distributed denial of service (DDoS) protection? A. Physical security layer B. Perimeter layer C. Network layer D. Application layer
B. Perimeter layer
You use __________ to organize resources in an Azure subscription. A. Azure regions B. Resource groups C. Management groups D. Administrative units
B. Resource groups
Single sign-on (SSO) is __________ method that enables users to sign in the first time and access various applications and resource by using same password. A. a validation B. an authentication C. a configuration D. an authorization
B. an authentication
What's a Billing profile?
Billing profiles are a way of organizing your Azure expenses
__________ enables you to provision a group of matching and load-balanced virtual machines in Azure. A. Azure Logic Apps B. An availability set C. An Azure virtual machine scale set D. Azure Load Balancer
C. An Azure virtual machine scale set
__________ enables you to scale to thousands of virtual machines for high-performance computing and large-scale parallel jobs. A. An Azure virtual machine scale set B. An availability set C. Azure Batch D. An availability zone
C. Azure Batch
__________ is a repeatable set of governance tools that helps development teams quickly build and create new environments while adhering to organizational compliance to speed up development and deployment. A. Azure DevOps B. A Continuous Integration/Continuous Deployment (CI/CD) pipeline configuration C. Azure Blueprints D. Azure Policy
C. Azure Blueprints
__________ alerts you when service issues occur in an Azure environment, such as a regional Azure outage that affects all Azure customers. A. Azure Monitor B. Azure Advisor C. Azure Service Health D. Azure Application Insights
C. Azure Service Health
_________in Azure enables you to deploy Azure resources close to the users. A. Elasticity B. Scalability C. Geo-distribution D. High availability
C. Geo-distribution
__________ copies data to a secondary region from the primary region across multiple datacenters that are located many miles apart. A. Premium storage B. Zone redundant storage (ZRS) C. Geo-redundant storage (GRS) D. Locally-redundant storage (LRS)
C. Geo-redundant storage (GRS)
Which option is used to set the communication between an on-premises VPN device and an Azure VPN gateway through an encrypted tunnel over the internet? A. ExpressRoute B. Point-to-Site (P2S) VPN C. Site-to-Site VPN
C. Site-to-Site VPN
Which cloud approach is used by organizations to take full advantage of on-premises technology investments and allows data and applications to be shared between two environments? A. public cloud B. private cloud C. hybrid cloud D. on-premises datacenter
C. hybrid cloud
What's the term that refers to spending money upfront and then deducting that expense over time?
Capital Expenditure
Authentication
Confirms the identity of a person who wants access
Which approach would be the most efficient way to ensure a naming convention was followed across a subscription?
Create a policy with the naming requirements and assign it to the scope of the subscription
Which Azure Active Directory (Azure AD) feature is used to provide access to resources based on organizational policies? A. multi-factor authentication (MFA) B. single sign-on (SSO) C. administrative units D. Conditional Access
D. Conditional Access
TCO calculator
Estimates the cost savings by comparing data center costs to running the same workload on Azure
What is Azure Event Grid?
Event grid lets you track and respond to events your applications produce.
Which format does the Azure Resource Manager templates use?
JSON
Which service can be used to manage governance across multiple Azure subscriptions?
Management Groups
What site explains details about the personal data Microsoft processes, how Microsoft processes it, and for what purposes?
Microsoft Privacy Statement.
Your billing is based on your usage of Azure resources and is invoiced at what frequency?
Monthly
You have two services with different SLAs. The composite SLA is determined by?
Multiplying the SLAs percentages together
Which services would filter internet traffic in an Azure virtual network?
NSGs allow you to filter network traffic to and from Azure resources in an Azure virtual network.
What tool or service allows download of published audit reports and how Microsoft builds and operates its cloud services?
Service Trust Portal is the Microsoft public site for publishing audit reports and other compliance-related information relevant to Microsoft's cloud services.
You are running a virtual machine in a public cloud using IaaS. Which model correctly reflects how that resource is managed?
Shared responsibility model. Under the shared responsibility model, management of the resource is shared between the cloud provider and the end user. The cloud provider being responsible for the cloud services infrastructure and the end user being responsible for the service being configured and managed correctly.
What's a Billing account?
The Billing Account is a person that can set limits on the amount of resources used and track their usage over time.
What does SLA defines?
The SLA defines performance targets for an Azure product or service.SLA is a process to ensure how much up time is guaranteed for your app once deployed.
advantage of moving infrastructure to Azure
The move reduces Capital Expenditures. (CapEx). Public Cloud deployments reduce Capital Expenditures because there is far less infrastructure to buy; you effectively rent only what you use as you use it.
Application availability refers to what?
The overall time that a system is functional and working. The time that a system is working is referred to as the application availability.
What is Azure Advanced Threat Protection?
This is a service to help monitor and diagnose threats to your Azure solutions.
Which service can be used to estimate cost savings when migrating to Azure?
Total Cost of Ownership calculator (TCO)
What does Usage Meters do?
Usage meters track the amount of consumption, so you can estimate and control costs.
Which Azure compute resource can be used to deploy to manage a set of identical virtual machines?
Virtual machine scale sets
What is an Azure zone?
Zones are specific connections of geographies to allow for fail-over support and backup of mission critical data.
Your company plans to deploy several million sensors that will upload data to Azure. You need to identify which Azure resources must be created to support the planned solution. Which two Azure resources should you identify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. a) Azure Data Lake b) Azure Queue storage c) Azure IoT Hub d) Azure File Storage e) Azure Notification Hubs
a) Azure Data Lake c) Azure IoT Hub
A team has an Azure CosmosDB account. A solution needs to be in place to generate an alert from Azure Log Analytics when a query request charge exceeds 40 units more than 10 times during a 10-minute window. Which of the following would you recommend? (Choose two) a) Create a search query to identify when the requestCharge_s exceeds 40. b) Create a search query to identify when the requestCharge_s exceeds 10. c) Create a search query to identify when the duration_s exceeds 10. d) Configure a period of 10 and a frequency of 10.
a) Create a search query to identify when the requestCharge_s exceeds 40. d) Configure a period of 10 and a frequency of 10.
A company is planning on deploying a stateless-based application based on microservices using the Azure Service Fabric service. You need to design the infrastructure that would be required in the Azure Service Fabric service. Which of the following should you consider? (Choose two) a) The number of node types in the cluster b) The properties for each node type c) The network connectivity d) The service tier
a) The number of node types in the cluster b) The properties for each node type
Your company uses management groups to manage resources in your Azure tenant more efficiently. User1 should be able to assign access and assign policies to management groups. You need to determine to which role-based access control (RBAC) role User1 should be added. Your solution should follow the principle of least privilege. To which role should you add User1? a) User Access Administrator b) Owner c) Management Group Contributor d) Contributor
a) User Access Administrator
Which service provides serverless computing in Azure? a) Azure Virtual Machines b) Azure Functions c) Azure storage account d) Azure Container Instances
b) Azure Functions
Which Azure service should you use to store certificates? a) Azure Security Center b) an Azure Storage account c) Azure Key Vault d) Azure Information Protection
c) Azure Key Vault
You have a virtual machine named VM1 that runs Windows Server 2016. VM1 is in the East US Azure region. Which Azure service should you use from the Azure portal to view service failure notifications that can affect the availability of VM1? a) Azure Service Fabric b) Azure Monitor c) Azure virtual machines d) Azure Advisor
c) Azure virtual machines
Your company is planning a deployment using Azure Database for PostgreSQL. The deployment should meet the following requirements: - Up to 10 TB storage - Azure Premium Storage - Point-in-time-restore for up to 35 days You need to select the appropriate deployment and pricing tier to meet these requirements and minimize costs. What should you select? a) Azure Database for PostgreSQL Single Server Basic tier b) Azure Database for PostgreSQL Single Server Memory Optimized tier c) Azure Database for PostgreSQL Hyperscale (Citus) d) Azure Database for PostgreSQL Single Server General Purpose tier
d) Azure Database for PostgreSQL Single Server General Purpose tier
In which Azure support plans can you open a new support request? a) Premier and Professional Direct only b) Premier, Professional Direct, and Standard only c) Premier, Professional Direct, Standard, and Developer only d) Premier, Professional Direct, Standard, Developer, and Basic
d) Premier, Professional Direct, Standard, Developer, and Basic
What are two characteristics of the public cloud? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. a) dedicated hardware b) unsecured connections c) limited storage d) metered pricing e) self-service management
d) metered pricing e) self-service management
What is fault tolerance?
the ability to have an interruption or fault in your service without your application going offline.
What does Azure Service Health do?
tracks the health/planned maintenance of the Azure services, so you know if an Azure service is not working.