AZ-900 Missed Questions
Which Azure Monitor feature send an email to an administrator when a VM is about to exceed it's usage quota for the month? - Service Health - Application Insights - Metrics - Alerts
- Service Health
Which five features are provided by Azure Advisor? 1. Helps you reduce spending 2. Notifies you when to perform updates 3. Ensures fault tolerance 4. Speeds up your applications 5. Protects data from accidental deletion 6. Detects threats and vulnerabilities 7. Monitors on-prem services
1, 3, 4, 5, 6
Which two options can you use to connect Virtual Networks (VNets) to each other? 1. Azure Front Door 2. Azure ExpressRoute 3. Azure Traffic Manager 4. VPN gateways 5. VNet peering
4. VPN gateways 5. VNet peering
A company wants to host data disks on Azure cloud. The data disks must be available to other on-premises machines running Windows, Linux, and MacOS using network sharing via Server Message Block (SMB) protocol. Data must be both at rest and in-transit. Which storage product should you choose? A) File storage B) Archive storage C) Disk storage D) Blob storage
A) File storage
Which ways does the Azure Resource Manager model provide to deploy resources? Select all that apply: - CLI - Azure Portal - REST API / SDK - Powershell
All of those ways can be used to deploy or manage resources using ARM
The terms for how you can use subscribed, public, and generally available Microsoft online service are fined in the _______ document. A) Microsoft Azure Marketplace Terms B) Online Services Terms (OST) C) Microsoft Azure Government Terms D) PST
B) Online Services Terms (OST)
Match the Azure Cloud Adoption Framework (CAF) methodology with it's description. Prepare the cloud environment for the planned changes. A) Innovate B) Plan C) Ready D) Strategy
C) Ready
You want to create a rule that restricts traffic across subscriptions. A) Network Security Group (NSG) B) DDoS Protection C) Application Gateway D) Azure Firewall E) Traffic Manager
D) Azure Firewall
Deployment tool that lets you create continuous delivery pipelines into an interdependent delivery stage or your production environment. A) Azure Boards B) Azure Blueprints C) Azure DevTest Tabs D) Azure Pipelines
D) Azure Pipelines
T or F (about Azure Dedicated Hosts): You are charged per number of virtual machines (VMs) deployed.
False
T or F (about Azure Dedicated Hosts): You can share a provided physicals server across multiple Azure subscriptions.
False
T or F: A user can be given access to only one subscription, and resource can belong to only one subscription.
False
Azure AD Free or Premium feature: You want to use on-prem directory synchronization.
Free
A company needs to deploy a Ubuntu Linux virtual machine (VM) to run a resource-intensive data analysis app. What's the most appropriate cloud service model? - IaaS - PaaS - SaaS
IaaS
A company needs to transition an on-premises data center to the cloud with minimal impact to users. What's the most appropriate cloud service model? - IaaS - PaaS - SaaS
IaaS
Azure AD Free or Premium feature: You want to publish on-prem web apps using Azure AD.
Premium
T or F: To view current information on previews, you can visit azure.microsoft.com/en-us/updates/.
T
T or F (about Azure Dedicated Hosts): A provided physical server is dedicated to your organization's workload only.
True
T or F: A lock applies to all resources contained in a scope and any new resources added to the scope.
True
T or F: Azure PowerShell can be run in a browser in the Azure Cloud Shell.
True
T or F: Azure PowerShell can be used to create scripts to automate Azure management tasks.
True
T or F: Windows Virtual Desktop (WVD) users should exist in the same Windows Server Active Directory (AD) that is linked to Azure AD.
True
T or F: You can set the maximum price that you agree to pay.
True
T or F: Regions specify the location of resources.
True Although you cannot choose the exact datacenter for a deployed resource, you can choose its region.
Which feature of Azure Monitor allows you to visually analyze telemetry data? a) Alerts b) Application Insights c) Service Health d) Metrics
b) Application Insights
Which monitoring feature should you use for each scenario? You want to allow developers to send telemetry data to Azure a) Alerts b) Application Insights c) Resource Health d) Metrics
b) Application Insights
What is the best Azure product for a solution for building scalable solutions for app integration, data integration, system integration, enterprise app integration, and B2B communication? a) IoT Central b) Event Grid c) Azure Functions d) Logic Apps e) HDInsights
d) Logic Apps
Which of the following elements is considered part of the "network" layer of network security? a) Use a firewall b) Locks on the data center doors c) Keep operating systems up to date with patches d) separate servers into distinct subnets by role
d) separate servers into distinct subnets by role Subnets is part of network security
A private cloud requires - data to be stored in an on-premises datacenter - the user of custom developed software - the infrastructure to be on a private network - each tenant to access apps and data through a different URL
the infrastructure to be on a private network
You create an Azure subscription. What is the appropriate tool for the scenario. You need to log in to Azure with the following command from your laptop without manually opening a web browser: az login A) Azure CLI B) Azure Cloud Shell C) Azure PowerShell
A) Azure CLI
T or F: All Azure resources support tags.
False
T or F: Tags applied to a resource group are inherited by its resources.
False
T or F: When a blueprint is updated and the updated version is published, any assignments of the blueprint are updated automatically.
False
T or F: You must use your personal email account when you create a Microsoft account.
False
T or F: You use Azure Functions to implement serverless computing through a GUI.
False
T or F: You use Logic Apps to implement serverless computing through code.
False
T or F: Azure Security Center support is limited to Windows operating systems only.
False It also supports Windows Server and multiple versions of Linus OS distributions.
T or F: Tags are name/value pairs.
True
You work for a small college with no more than 250 active students. You consider moving the college's infra to the cloud. Which subscription do choose? You want to evaluate Azure virtual machines for 18 months. a) Enterprise b) Free c) Pay-As-You-Go d) Student
c) Pay-As-You-Go
You want to access Azure resources from a datacenter that is nearest to them by using a DNS. A) Network Security Group (NSG) B) DDoS Protection C) Application Gateway D) Azure Firewall E) Traffic Manager
E) Traffic Manager
T or F: Containers requires you to configure the host virtual machine.
False
T or F: Containers requires you to manually install dependencies.
False
T or F: Locks can be applied in the context of specific users and roles
False
Can you use Azure portal to manage Linux VMs in Cloud Shell?
No
Your company wants to create a virtual network with 10 VMs and no CapEx costs. Which cloud deployment model would work for them? - Public - Private - Hybrid
Public
T or F: Containers can be accessed over the internet by IP address or domain name.
True
T or F: Containers can run on Windows or Linux.
True
T or F: Containers can scale out as needed.
True
T or F: Containers represents a single app and its dependencies.
True
T or F: Machine Learning Studio provides a collaborate drag-and-drop visual workspace to work with machine learning solutions.
True
T or F: Regions are always paired with other regions
True
T or F: Regions contain one or more datacenters.
True
T or F: Some Microsoft products require personal information or the product cannot be used.
True
Which monitoring feature should you use for each scenario? You want to receive an e-mail whenever the number of requests to a web app exceeds 10,000 within an hour. a) Alerts b) Application Insights c) Resource Health d) Metrics
a) Alerts
Which tool in the Service Trust Portal allows you to determine how compliant Azure is with regards to GDPR? a) Audit reports b) Compliance manager
a) Audit reports
Cost-effective, serverless data base with an intermittent usage pattern and a low compute utilization over time a) Azure SQL Database b) Azure SQL Managed Instance c) SQL Server on Azure VMs d) Azure Database for PostgreSQL
a) Azure SQL Database
What type of container is used to collect log and metric data from various Azure Resources? a) Append Blob Storage b) Managed Storage c) Azure Monitor Account d) Log Analytics Workspace
d) Log Analytics Workspace is required to collect logs and metrics
A data science solution that enables users to build and deploy a machine learning solution without the need to write a code. A) Functions B) HDInsight C) Machine Learning Service D) Machine Learning Studio E) IoT Central F) Logic Apps
D) Machine Learning Studio
T or F: Microsoft may share personal information with vendors working on Microsoft's behalf.
True
T or F: Spot pricing provides access to discounted Azure compute resources.
True
Which monitoring feature should you use fir each scenario? You want to view the number of virtual machines (VMs) that are currently down. a) Alerts b) Application Insights c) Resource Health d) Metrics
c) Resource Health
Which resource is required to use Azure Cloud Shell? a) App Services web app b) Virtual machine (VM) c) Storage account d) Container
c) Storage account
You create an Azure subscription. What is the appropriate tool for the scenario. You want to run the following cmdlet in a scripting environment inside the browser: New-AzVm. A) Azure CLI B) Azure Cloud Shell C) Azure PowerShell
B) Azure Cloud Shell
You want to prevent a malicious flood of HTTP traffic to a VM that hosts Internet Information Services (IIS). A) Network Security Group (NSG) B) DDoS Protection C) Application Gateway D) Azure Firewall E) Traffic Manager
B) DDoS Protection
An open-source enterprise-level analytics service that provides fast and cost-effective processing of massive amounts of data. A) Functions B) HDInsight C) Machine Learning Service D) Machine Learning Studio E) IoT Central F) Logic Apps
B) HDInsight
Your company's development team is developing and testing a new application. Development requires them to deploy and periodically remove and redeploy up to 100 virtual machines. VMs include machines running Windows Server 2016 and Ubuntu Linux. You need to recommend the Azure DevOps tools that facilitates this activity. Which DevOps tool should you choose.. A) Azure Boards B) Azure Blueprints C) Azure DevTest Tabs D) Azure Pipelines
C) Azure DevTest Tabs
Your company is considering using Linux-based Azure Container Instances (ACIs) to deploy a single application. The application runs in a stateful application. You need to provide storage to retrieve and persist state. What type of storage should you use? A) Azure Disk B) Azure Blob C) Azure Files D) Azure Archive
C) Azure Files
You create an Azure subscription. What is the appropriate tool for the scenario. You need to log in to Azure with the following cmdlet from your laptop without manually opening a web browser: Connect-AzAccount A) Azure CLI B) Azure Cloud Shell C) Azure PowerShell
C) Azure PowerShell
T or F: You are charged for the use of Windows Virtual Desktop (WVD) on a monthly basis.
False Windows Virtual Desktop (WVD) is a free service and does not require additional licenses.
T or F: Both Azure Functions and Logic Apps can run on a schedule.
True
You deploy two Azure VMS running Windows Server 2016 and one VM running Ubuntu Linux. All three VMs and their resources are added to the same resource group. The VMs and the resource group are located in the same Azure region. The test plan direct that you need to delete the resource group when the initial test cycle is completed. What is the result of this action? A) only resource metadata is deleted and access to the VMs is disabled b) only resource metadata is deleted and the VMs are shut down c) only resource metadata is deleted with no impact to the VMs d) All VMs contained in the group are deleted
d) All VMs contained in the group are deleted
You want to allow inbound traffic to Azure Virtual Machine (VM) from only specific IP addresses. A) Network Security Group (NSG) B) DDoS Protection C) Application Gateway D) Azure Firewall E) Traffic Manager
A) Network Security Group (NSG)
Which two ways can NSG rules be used? 1. To ensure that VMs are accessible over certain ports 2. To ensure that front-end VM hosts only web apps 3. To ensure that only your account can use Remote Desktop Protocol (RDP) to access VMs 4. To ensure that only the front-end VM is publicly accessible over a certain port
1. To ensure that VMs are accessible over certain ports 4. To ensure that only the front-end VM is publicly accessible over a certain port
Which two are examples of conditional access policies? 1. Enable password writeback to on-prem 2. Require compliant devices 3. Block access by location 4. Create dynamic groups 5. Enable self-service password reset
2. Require compliant devices 3. Block access by location
A solution for building highly reliable and secure severless apps that support multiple programming languages. A) Functions B) HDInsight C) Machine Learning Service D) Machine Learning Studio E) IoT Central F) Logic Apps
A) Functions
Your company is planning an Azure cloud deployment that must meet the following requirements: - Improve the continuity of business-critical applications - Improve application performance - Detect threats and vulnerabilities - Reduce overall Azure costs You need to use a tool that will help you make these types of recommendations. Which tool should you use?
Azure Advisor
Can be used to prevent the use or change of certain resources to avoid dependencies on the deployed solution. Typically used on a subscription level and can be in place before you deploy a solution. A) Azure Boards B) Azure Blueprints C) Azure DevTest Tabs D) Azure Pipelines
B) Azure Blueprints
T or F: Regions represent physical datacenters.
False
You want to send HTTP traffic to a pool of backend instances. A) Network Security Group (NSG) B) DDoS Protection C) Application Gateway D) Azure Firewall E) Traffic Manager
C) Application Gateway Loan balancing solution that uses routing to send HTTP traffic to a pool of backend instances.
Your company is planning a deployment using Azure Database for PostgreSQL. The deployment should meet the following requirements: - Up to 10 TB storage Azure - Premium Storage - Point-in-time-restore for up to 35 days You need to select the appropriate deployment and pricing tier to meet these requirements and minimize costs. What should you select? A) Azure database for PostgreSQL Hyperscale (Citus) B) Azure database for PostgreSQL Single Server Basic Tier C) Azure database for PostgreSQL Single Server General Purpose Tier D) Azure database for PostgreSQL Single Server Memory Optimized Tier
C) Azure database for PostgreSQL Single Server General Purpose Tier
Stores data as a virtual hard disk (VHD) that is available to the VM to which the disk is attached. This storage product does not provide any outside access. A) File storage B) Archive storage C) Disk storage D) Blob storage
C) Disk storage
Data science solution that enables computers to predict outcomes and trends. It is a cloud service to train, deploy, automate, and manage machine learning models. It is designed to let you start straining on a local computer and then scale to the cloud. A) Functions B) HDInsight C) Machine Learning Service D) Machine Learning Studio E) IoT Central F) Logic Apps
C) Machine Learning Service
T or F: Spot virtual machines (VMs) use the standard service level agreement (SLA) for Azure VMs.
False
Designed for storing very large quantities of unstructured data. A) File storage B) Archive storage C) Disk storage D) Blob storage
D) Blob storage
Cloud service solution designed to help you automate and orchestrate tasks, workflows, and business processes. It is a serverless solution that lets you connect and coordinate systems and applications. A) Functions B) HDInsight C) Machine Learning Service D) Machine Learning Studio E) IoT Central F) Logic Apps
F) Logic Apps
T or F: Private preview allows you to test Azure features that are only available to everyone.
False
T or F: Public preview allows you to test Azure features that are only available to selected users.
False
T or F: Regions can span countries.
False
Azure AD Free or Premium feature: You want on-premises users to be able to reset their own passwords.
Premium self-service password reset is offered in O365 apps, Premium P1, Premium P2.
T or F: Both Azure Functions and Logic Apps can run on a web hook.
True
T or F: Machine Learning Studio publishes machine learning models as web services.
True
T or F: When a blueprint is unassigned, all resources assigned by the blueprint remain in place, but blueprint resource locking is removed
True
T or F: When you delete a core blueprint, any assigned versions of the blueprint remain in place.
True
T or F: Windows Virtual Desktop (WVD) supports Remote Desktop clients on MacOS and iOS.
True It also supports Windows Desktop, Web, Android, and Microsoft Store Client.
A zone is a geographical grouping of Azure regions used to determine billing based on a) Resource deployment b) Data transfers c) Hour of activity d) Peak usage periods
b) Data transfers
Choose the appropriate resource: Deploy a web application using PaaS for scalability and security. a) Azure App Service b) Azure Functions c) Azure Virtual Machine (VM) d) Azure Traffic Manager
a) Azure App Service
You work for a small college with no more than 250 active students. You consider moving the college's infra to the cloud. Which subscription do choose? You want to purchase Azure virtual machines and software licenses under one agreement. a) Enterprise b) Free c) Pay-As-You-Go d) Student
a) Enterprise
A virtual machine is called what type of hosting model? a) IaaS b) Paas c) SaaS
a) IaaS Virtual Machines are Infrastructure as a Service (IaaS)
What is the best Azure product for a solution for building event-driven architectures that subscribe to Azure resources and route events to different endpoints? a) IoT Central b) Event Grid c) Azure Functions d) Logic Apps e) HDInsights
b) Event Grid
Select the most appropriate Azure governance methodology: You need to use information from Azure Security Center to develop best practices recommendations for optimization. a) Azure Policy b) Azure Advisor c) Azure Locks d) Initiative e) RBAC
b) Azure Advisor
Choose the appropriate resource: Build an event-driven solution and pay only for the time spent running your code. a) Azure App Service b) Azure Functions c) Azure Virtual Machine (VM) d) Azure Traffic Manager
b) Azure Functions
Your company wants to ensure it meets its internal compliance goals and that Azure resources are compliant with company standards. This will include ongoing evaluation for compliance and identifications of non-compliant resources. You need to recommend a solution. Which should you choose? a) RBAC b) Azure Policy C) Azure Advisor D) Azure Monitor
b) Azure Policy
Lift-and-shift of on-prem SQL server with minimal changes to an Azure PaaS solution a) Azure SQL Database b) Azure SQL Managed Instance c) SQL Server on Azure VMs d) Azure Database for PostgreSQL
b) Azure SQL Managed Instance
You build a new operational analytics solution in Azure using PostgreSQL as a relational database. The estimated monthly growth of your database is 20 Gb. You need to ensure that your database can scale horizontally and support query parallelization for faster responses on a large dataset, without your team's involvement in database or operating system management. Which deployment option of PostgreSQL in Azure should you use? A) Azure database for PostgreSQL Single Server b) Azure database for PostgreSQL Hyperscale (Citus) c) PostgreSQL on Azure VMs d) Azure database for PostgreSQL Flexible Server
b) Azure database for PostgreSQL Hyperscale (Citus)
You work for a small college with no more than 250 active students. You consider moving the college's infra to the cloud. Which subscription do choose? You want to evaluate Azure App Services for six months. a) Enterprise b) Free c) Pay-As-You-Go d) Student
b) Free
What is unique about Azure Government? a) It offers physically isolated instance of Azure b) It is only available in the US
b) It is only available in the US
Which two organization-level insights can you derive from the Regulatory Compliance dashboard of Azure Security Center? Each correct answer presents part of the solution. Choose the correct answer. a) Mitigation steps for reported threats. b) Number of passing and failing assessments c) Overall security score d) Overall compliance score e) Security alerts ranked by severity
b) Number of passing and failing assessments d) Overall compliance score
Which of the following scenarios would Azure Policy be a recommended method for enforcement? a) Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue? b) Prevent certain Azure Virtual Machine instance types from being used in a resource group c) Require a virtual machine to always update to the latest security patches d) Allow only one specific roles of users to have access to a resource group
b) Prevent certain Azure Virtual Machine instance types from being used in a resource group Azure Policy can add restrictions on storage account SKUs, virtual machine instance types, and rules relating to tagging of resources and groups. It cannot prompt a user to ask them if they are sure.
Your company is considering moving its on-prem infra to Azure. Before doing so, you want to compare cost savings, if any. You need to choose the most appropriate cost savings estimation tool. Which tool would you choose? a) Azure Advisor b) TCO calculator c) Azure Pricing calculator d) Cost Management
b) TCO calculator
Your organization has implemented an Azure Policy that restricts the type of Virtual Machine instances you can use. How can you create a VM that is blocked by the policy? a) Use an account that has contributor or above permissions to the resource group b) Subscription owners (admins) can create resources regardless of what the policy restricts c) The only way to remove the policy, create the resource and add the policy back
c) You cannot perform a task that violates policy, so you have to remove the policy in order to perform the task.
Select the most appropriate Azure governance methodology: You need to prevent any users from deleting resources from a resource group with contents spanning multiple subscriptions. a) Azure Policy b) Azure Advisor c) Azure Locks d) Initiative e) RBAC
c) Azure Locks
Which feature within Azure collects all of the logs from various resources into a central dashboard, where you can run queries, view graphs, and create alerts on certain events? a) Azure Portal Dashboard b) Azure Security Center c) Azure Monitor d) Storage Account or Event Hub
c) Azure Monitor - a centralized dashboard that collects all the logs, metrics and events from your resources
Which Azure management tool is used to deploy resources based on templates and provides an easy way to deploy consistent instances of resources. a) Azure PowerShell b) Azure CLI c) Azure Resource Manager d) Azure portal
c) Azure Resource Manager
Choose the appropriate resource: Migrate a workload from an on-prem Hyper-V host to Azure, still retaining full control over the operating system. a) Azure App Service b) Azure Functions c) Azure Virtual Machine (VM) d) Azure Traffic Manager
c) Azure Virtual Machine (VM)
Compare using Azure PowerShell and Azure CLI for Azure management. Command execution supported in Azure Cloud Shell. a) Azure PowerShell only b) Azure CLI only c) Both d) Neither
c) Both
Compare using Azure PowerShell and Azure CLI for Azure management. Executes commands in an interactive environment. a) Azure PowerShell only b) Azure CLI only c) Both d) Neither
c) Both
Fast migration of SQL Server from on-prem to Azure with retention of operating system access a) Azure SQL Database b) Azure SQL Managed Instance c) SQL Server on Azure VMs d) Azure Database for PostgreSQL
c) SQL Server on Azure VMs
Which Azure management tool provides a graphic interface for deploying, managing, and monitoring Azure resources? Choose the correct answer a) Azure PowerShell b) Azure CLI c) Azure Resource Manager d) Azure portal
d) Azure portal
Select the most appropriate Azure governance methodology: You need to define a set of policies to help ensure compliance for resources contained in a resource group. a) Azure Policy b) Azure Advisor c) Azure Locks d) Initiative e) RBAC
d) Initiative An Azure initiative is a collection of Azure policies targeted toward reaching a single overall goal.
Your company is planning to build a solution for an automobile company. The solution should allow vehicles to send on-board diagnostic (ODB) sensory and vehicle telemetry data to the cloud for analysis. You need to be able to identify individual vehicles from the data that is sent. What would be the most appropriate Azure solution? a) Notification Hub b) Event Hub c) IoT Hub d) IoT Central
d) IoT Central
Match the Azure Cloud Adoption Framework (CAF) methodology with it's description. Develop new cloud-native or hybrid solutions. A) Innovate B) Plan C) Ready D) Strategy
A) Innovate
Which three authentication types are supported by both Azure AD self-service password reset (SSPR) and Multi-Factor Authentication (MFA)? 1. Password 2. SMS 3. Email address 4. Voice call 5. Security questions 6. App password
1. Password 2. SMS 4. Voice call
What is the basic way of protecting an Azure Virtual Network subnet? - Network Security Group - Azure Firewall - Azure DDoS Standard Protection - Application Gateway with WAF
Network Security Group Network Security Group (NSG) - a fairly basic set of rules that you can apply to both inbound traffic and outbound traffic that lets you specify what sources, destinations and ports are allowed to travel through from outside the virtual network to inside the virtual network
T or F: Azure Security Center automatically discovers and assesses security for new Azure resources as they are deployed.
True
Can you use Azure CLI to manage Linux VMs in Cloud Shell?
Yes
Can you use Azure PowerShell to manage Linux VMs in Cloud Shell?
Yes
You want to control the users who are allowed to create virtual networks. a) Policy b) RBAC c) Advisor d) Initiative e) Lock
b) RBAC
What is the best Azure product for a solution for building highly reliable and secure serverless apps that support multiple programming languages? a) IoT Central b) Event Grid c) Azure Functions d) Logic Apps e) HDInsights
c) Azure Functions
You deploy a new Linus virtual machine (VM) and then manually adjust its configuration in Azure portal to meet the requirements of your Development environment. You need to capture changes made to the Development VM's configuration after the original deployment, so that you can reuse it as a template in the deployment of test and production VMs. Which two actions can you perform to achieve your goal? a) Export the Azure Resource Manager (ARM) template before deployment b) Replace the Development VM with a VM scale set. c) Export the Azure Resource Manager (ARM) template from a resource group d) Azure Resource Manager (ARM) template from deployment history e) Azure Resource Manager (ARM) template from a resource
c) Export the Azure Resource Manager (ARM) template from a resource group e) Azure Resource Manager (ARM) template from a resource
Which Azure component provides information about planned maintenance and advisories such as deprecated offerings? a) Azure Security Center b) Azure Monitor c) Azure Advisor d) Azure Service Health
d) Azure Service Health
You want to estimate the cost of deploying four virtual machines (VM)s and two SQL Database instances to Azure A) Azure pricing calculator B) Cost management D) Total Cost of Ownership (TCO) calculator
A) Azure pricing calculator
What's the best tool to save money: Your company plans to commit to a three-year plan for VMs and storage resources to receive a reduction in pay-as-you go. A) Azure Reservations B) Azure Cost Management C) Azure Resource Manager (ARM) D) Azure Total Cost of Ownership calculator E) Azure spending limits
A) Azure Reservations
HOTSPOT -You plan to implement an Azure database solution.You need to implement a database solution that meets the following requirements:✑ Can add data concurrently from multiple regions✑ Can store JSON documentsWhich database service should you deploy? To answer, select the appropriate service in the answer area.Hot Area:
Azure Cosmos DB is Microsoft's globally distributed, multi-model database service. With a click of a button, Cosmos DB enables you to elastically and independently scale throughput and storage across any number of Azure regions worldwide.Azure Cosmos DB is a great way to store unstructured and JSON data. Combined with Azure Functions, Cosmos DB makes storing data quick and easy with much less code than required for storing data in a relational databas
What's the best tool to save money: Your company plans to make use of a free SaaS solution that lets your company monitor, allocate, and optimize cloud spend in a multi-cloud environment. A) Azure Reservations B) Azure Cost Management C) Azure Resource Manager (ARM) D) Azure Total Cost of Ownership calculator E) Azure spending limits
B) Azure Cost Management
You want to set up an alert to send you and your coworker text messages when your Azure Resources use 90 percent of your company's monthly Azure Budget. A) Azure pricing calculator B) Cost management D) Total Cost of Ownership (TCO) calculator
B) Cost management
Match the Azure Cloud Adoption Framework (CAF) methodology with it's description. Align actionable adoption plans with business outcomes. A) Innovate B) Plan C) Ready D) Strategy
B) Plan you also take digital estate and do an initial organization alignment
What's the best tool to save money: Your company wants to increase default limits on how many select resources of each type can be provisioned per Azure Region. A) Azure Reservations B) Azure Cost Management C) Azure Resource Manager (ARM) D) Azure Total Cost of Ownership calculator E) Azure spending limits
C) Azure Resource Manager (ARM)
You need to give all users in a group the ability to create and manage all types of Azure resources in a subscription. Rights granted to the users should be kept to a minimum. Which RBAC role should you assign the group? A) User Access Admin B) Owner C) Contributor D) Reader
C) Contributor
A company needs to develop a Web app designed to run on both computers and mobile devices and manage the application lifecycle. What's the most appropriate cloud service model? - IaaS - PaaS - SaaS
PaaS
Your org hosts its e-commerce solution on a computing infrastructure that is provided by a third-party service provider and shared with other orgs. You only pay for the compute power, storage, and networking resources you use. What type of cloud computing is this an example of? - Public cloud - Private cloud - Hybrid cloud - On-premises datacenter
Public cloud
Azure Monitor begins collecting data - only after you create the metrics and logs data stories - as soon as you add a resource to a new Azure subscription - after you enable diagnostics - after you launch Azure Management Portal
- as soon as you add a resource to a new Azure subscription
Management groups let you organize multiple - resources as a single management entity to facilitate easier management - resource groups as a single management entity to facilitate easier management - subscriptions as a single management entity to facilitate easier management - Azure AD tenants as a single management entity to facilitate easier management
- subscriptions as a single management entity to facilitate easier management
For each of the following statements, select Yes if the statement is true. Otherwise, select No. 1. All of the Azure resources deployed to a resource group must use the same Azure region. 2. If you assign a tag to a resource group, all of the Azure resources in that resource group are assigned to the same tag. 3. If you assign permissions for a user to manage a resource group, the user can manage all the Azure resources in that resource group.
1. No 2. No 3. Yes Box 1: No -Azure resources deployed to a single resource group can be located in different regions. The resource group only contains metadata about the resources it contains.When creating a resource group, you need to provide a location for that resource group. You may be wondering, "Why does a resource group need a location?And, if the resources can have different locations than the resource group, why does the resource group location matter at all?" The resource group stores metadata about the resources. When you specify a location for the resource group, you're specifying where that metadata is stored. For compliance reasons, you may need to ensure that your data is stored in a particular region.Box 2: No -Tags for Resources are not inherited by default from their Resource GroupBox 3: Yes -A resource group can be used to scope access control for administrative actions. By default, permissions set at the resource level are inherited by the resources in the resource group.Reference:
For each of the following statements, select Yes if the statement is true. Otherwise, select No. 1. Azure Advisor provides recommendations on how to improve the security of an Azure Active Directory (AD) environment. 2. Azure Advisor provides recommendations on how to reduce the cost of running Azure virtual machines. 3. Azure Advisor provides recommendations on how to configure the network settings on Azure virtual machines.
1. No 2. Yes 3. No Box 1: No -Azure Advisor provides you with a consistent, consolidated view of recommendations for all your Azure resources. It integrates with Azure Security Center to bring you security recommendations. You can get security recommendations from the Security tab on the Advisor dashboard. Examples of recommendations include restricting access to virtual machines by configuring Network Security Groups, enabling storage encryption, installing vulnerability assessment solutions. However, Azure Advisor does not provide recommendations on how to improve the security of an Azure AD environment. Box 2: Yes -Advisor helps you optimize and reduce your overall Azure spend by identifying idle and underutilized resources. You can get cost recommendations from the Cost tab on the Advisor dashboard. Box 3: No. Azure Advisor does not provide recommendations on how to configure network settings on Azure virtual machines.
For each of the following statements about shared responsibility in the cloud, select Yes if the statement is true. Otherwise, select No. 1. The customer always retains responsibility for the data. 2. The responsibility for accounts is transferred to the cloud provider. 3. The responsibility for operating system in PaaS is retained by the customer.
1. Yes 2. No 3. No
A web app has an 99.95% SLA and a DB has a 99.99% SLA. For each stmt, select yes if true, otherwise no. 1. The combined SL is lower than each individual SLA 2. You can increase the composite SLA by having the web app access a fallback queue. 3. The combined probability of failure is lower than each individual SLA value.
1. Yes 2. Yes 3. No
In which three use cases is Service Health beneficial? 1. You want to implement a webhook on your website to display health incidents. 2. You want to be notified if your App Service usage exceeds the usage quota. 3. You want to response to planned service outages. 4. You want to view App Service performance with Windows Task Manager. 5. You want to receive an email when an unauthorized user attempts to access a VM.
1. You want to implement a webhook on your website to display health incidents. 2. You want to be notified if your App Service usage exceeds the usage quota. 3. You want to response to planned service outages.
Which two features are supposed by Azure AD free edition? 1. Company branding 2. Self-service password change for cloud users 3. Group based access management 4. SLA guarantee 5. User and group management
2. Self-service password change for cloud users 5. User and group management
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.Solution: You use Bash in Azure Cloud Shell.Does this meet the goal? A. Yes B. No
Answer : A Explanation:With Azure Cloud Shell, you can create virtual machines using Bash or PowerShell.Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell.Reference:
Your company plans to deploy several million sensors that will upload data to Azure.You need to identify which Azure resources must be created to support the planned solution.Which two Azure resources should you identify? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point. A. Azure Data Lake B. Azure Queue storage C. Azure File Storage D. Azure IoT Hub E. Azure Notification Hubs
Answer : AD Explanation:IoT Hub (Internet of things Hub) provides data from millions of sensors.IoT Hub is a managed service, hosted in the cloud, that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages. You can use Azure IoT Hub to build IoT solutions with reliable and secure communications between millions of IoT devices and a cloud- hosted solution backend. You can connect virtually any device to IoT Hub.There are two storage services IoT Hub can route messages to -- Azure Blob Storage and Azure Data Lake Storage Gen2 (ADLS Gen2) accounts. Azure DataLake Storage accounts are hierarchical namespace-enabled storage accounts built on top of blob storage. Both of these use blobs for their storage.References:
You have an Azure web app.You need to manage the settings of the web app from an iPhone.What are two Azure management tools that you can use? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point. A. Azure CLI B. the Azure portal C. Azure Cloud Shell D. Windows PowerShell E. Azure Storage Explorer
Answer : BC Explanation:The Azure portal is the web-based portal for managing Azure. Being web-based, you can use the Azure portal on an iPhone.Azure Cloud Shell is a web-based command line for managing Azure. You access the Azure Cloud Shell from the Azure portal. Being web-based, you can use theAzure Cloud Shell on an iPhone.Incorrect Answers:A: Azure CLI can be installed on MacOS but it cannot be installed on an iPhone.D: Windows PowerShell can be installed on MacOS but it cannot be installed on an iPhone.E: Azure Storage Explorer is not used to manage Azure web apps.
You plan to map a network drive from several computers that run Windows 10 to Azure Storage.You need to create a storage solution in Azure for the planned mapped drive.What should you create? A. an Azure SQL database B. a virtual machine data disk C. a Files service in a storage account D. a Blobs service in a storage account
Answer : C Explanation:Azure Files is Microsoft's easy-to-use cloud file system. Azure file shares can be seamlessly used in Windows and Windows Server.To use an Azure file share with Windows, you must either mount it, which means assigning it a drive letter or mount point path, or access it via its UNC path.Unlike other SMB shares you may have interacted with, such as those hosted on a Windows Server, Linux Samba server, or NAS device, Azure file shares do not currently support Kerberos authentication with your Active Directory (AD) or Azure Active Directory (AAD) identity, although this is a feature we are working on.Instead, you must access your Azure file share with the storage account key for the storage account containing your Azure file share. A storage account key is an administrator key for a storage account, including administrator permissions to all files and folders within the file share you're accessing, and for all file shares and other storage resources (blobs, queues, tables, etc) contained within your storage account.
You plan to deploy a website to Azure. The website will be accessed by users worldwide and will host large video files.You need to recommend which Azure feature must be used to provide the best video playback experience.What should you recommend? A. an application gateway B. an Azure ExpressRoute circuit C. a content delivery network (CDN) D. an Azure Traffic Manager profile
Answer : C Explanation:The question states that users are located worldwide and will be downloading large video files. The video playback experience would be improved if they can download the video from servers in the same region as the users. We can achieve this by using a content deliver network.A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in point-of-presence (POP) locations that are close to end users, to minimize latency.Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes across the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs. For example, route optimization to bypass Border Gateway Protocol (BGP).The benefits of using Azure CDN to deliver web site assets include:✑ Better performance and improved user experience for end users, especially when using applications in which multiple round-trips are required to load content.✑ Large scaling to better handle instantaneous high loads, such as the start of a product launch event.✑ Distribution of user requests and serving of content directly from edge servers so that less traffic is sent to the origin server.
What are the two features that Azure AD provides? Choose two. - Functions - Application Management - Logic Apps - Authentication - Azure DDoS Protection
Application Management and Authentication Azure AD provides many features, but only the two are listed. Reference: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis
Match the Azure Cloud Adoption Framework (CAF) methodology with it's description. Define the business justification and expected outcomes of adoption. A) Innovate B) Plan C) Ready D) Strategy
D) Strategy you also understand motivations and prioritize the project here
Choose the appropriate tool for the scenario: You want to see how much you can save over five years by moving your company's infrastructure to Azure cloud. A) Azure pricing calculator B) Cost management D) Total Cost of Ownership (TCO) calculator
D) Total Cost of Ownership (TCO) calculator
True of false: Azure Powershell scripts and Command Line Interface (CLI) scripts are entirely compatible with each other?
FALSE No, PowerShell is it's own language, different than CLI
T or F: Machine Learning models created in Machine Learning Studio can be deployed and managed by Azure Learning service.
False
T or F: Azure PowerShell virtual machine (VM) management is limited to Windows WMs only.
False It's not limited to Windows, can also manage Linux and Mac OS VMs.
T or F: RBAC roles take precedence over locks.
False Locks always take precedence.
T or F: Azure Resource Manager templates use Azure PowerShell syntax.
False They use JSON
A company investigates moving on-premises datacenter in multiple locations to the cloud. The data is mission critical, and all offices need access to date resources at all times. Changes to resource requirements are projected to be incremental and relatively easy to predict. You need to ensure that the new cloud infrastructure will meet the company's data access requirements. Which two cloud features help ensure this? - Disaster Recovery - Agility - Fault tolerance - High availability - Elasticity
Fault tolerance and high availability
T or F: When multiple locks are applied at different scopes, the most restrictive inherited lock applies.
True
What two types of DDoS protection services does Azure provide? Select two. - Standard - Advanced - Basic - Premium
Standard and Basic Azure DDos Protection Basic is free, while you can upgrade to Standard for a fee. For more info: https://docs.microsoft.com/en-us/azure/virtual-network/ddos-protection-overview
T or F: You can transfer an existing subscription to a new Azure AD tenant.
True
T or F: Azure Security Center provides native integration with Windows Defender.
True
T or F: Azure Security Center supports monitoring, security recommendations, and advanced threat protection for cloud and on-prem virtual machine resources.
True
T or F: Quotas for resources in Azure Resource Groups are per region rather than per subscription.
True
Can you give someone else access to your Azure subscription without giving them your user name and password? a) Yes B) No
Yes, anyone can create their own Azure account and you can give them access to your subscription with granular control as to permissions
Azure Databricks is a a) An Apache Spark based analytics platform designed to provide a collaborative analytics workflow b) a non-relational storage solution that supports various data storage formats c) a way to implement small pieces of code to execute in response to triggering events without the need to deploy app infra d) a secure data storage environment that provides for the isolation storage of relational data
a) An Apache Spark based analytics platform designed to provide a collaborative analytics workflow
Which tool within the Azure Portal will make specific recommendations based on your actual usage for how you can improve your use of Azure? a) Azure Advisor b) Azure Monitor c) Azure Dashboard d) Azure Service Health
a) Azure Advisor Azure Advisor - a tool that will analyze your use of Azure and make you specific recommendations based on your usage across availability, security, performance and cost categories
Which of the following services would NOT be considered Infrastructure as a Service? a) Azure Functions App b) Virtual Network Interface Card (NIC) c) Virtual Network d) Virtual Machine
a) Azure Functions App Functions are small pieces of code that you give to Azure to run for you, and you have no access to the underlying infrastructure.
You want to prevent VMs from being deployed in a subscription. a) Policy b) RBAC c) Advisor d) Initiative e) Lock
a) Policy
You want to review security recommendations related to your deployed resources. a) Policy b) RBAC c) Advisor d) Initiative e) Lock
c) Advisor
Compare using Azure PowerShell and Azure CLI for Azure management. Commands work the same on Mac, Linux, and Windows. a) Azure PowerShell only b) Azure CLI only c) Both d) Neither
c) Both
If you wanted to simply use Azure as an extension of your own datacenter, not primarily hosting anything there but using it for extra storage or taking advantage of some services, what hosting model is that called? a) Private cloud b) Public cloud c) Hybrid cloud
c) Hybrid cloud The hybrid cloud is a mixture between private services (like your self-hosted applications) and public ones (like extra storage)
What is the basic way of protecting an Azure Virtual Network subnet? a) Application Gateway with WAF b) Azure DDos Standard protection c) Network Security Group (NSG) d) Azure Firewall
c) Network Security Group (NSG) - a fairly basic set of rules that you can apply to both inbound traffic and outbound traffic that lets you specify what sources, destinations, and ports are allowed to travel through from outside the virtual network to inside the virtual network
You deploy a business critical solution in Azure. You need to ensure that your resources are replicated and hosted at least 200 miles away within the same geographic area, to minimize impact on your solution's availability in case of disaster. Which configuration should you use? a) Availability sets b) Availability zones c) Region pairs d) Resource groups
c) Region pairs This option consists of two paired Azure datacenters in the same geographic area at least 300 miles away.
Compare using Azure PowerShell and Azure CLI for Azure management. Supports an optional GUI interface. a) Azure PowerShell only b) Azure CLI only c) Both d) Neither
d) Neither Neither supports a GUI interface. They are both command-line only environments.
To complete the sentence, select the appropriate option in the answer area. Data that is stored in the Archive access tier or an Azure Storage account a) can be accessed at any time by using azcopy.exe b) can only be read by using Azure Backup c) must be restored before the data can be accessed d) must be rehydrated before the data can be accessed
d) must be rehydrated before the data can be accessed Azure storage offers different access tiers: hot, cool and archive. The archive access tier has the lowest storage cost. But it has higher data retrieval costs compared to the hot and cool tiers. Data in the archive tier can take several hours to retrieve. While a blob is in archive storage, the blob data is offline and can't be read, overwritten, or modified. To read or download a blob in archive, you must first rehydrate it to an online tier. Example usage scenarios for the archive access tier include:✑ Long-term backup, secondary backup, and archival datasets✑ Original (raw) data that must be preserved, even after it has been processed into final usable form.✑ Compliance and archival data that needs to be stored for a long time and is hardly ever accessed.