azure

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

compute

"executing code" in the cloud

Binary Large Object (BLOB)

A collection of binary data. That binary data could be in the form of a file (stored in a storage account) or data stored in a database.

Azure Sphere

A company wants to build a new voting kiosk for sales to governments around the world. Which IoT technologies should the company choose to ensure the highest degree of security? IoT Hub IoT Central Azure Sphere

IoT Central

A company wants to quickly manage its individual IoT devices by using a web-based user interface. Which IoT technology should it choose? IoT Hub IoT Central Azure Sphere

Azure Resource Manager (ARM)

ARM meaning

Deploy extra instances of the same virtual machines across the different availability zones in the same Azure region.

Adding a third virtual machine reduces the composite SLA. How can Tailwind Traders offset this reduction? Increase the size of each virtual machine. Deploy extra instances of the same virtual machines across the different availability zones in the same Azure region. Do nothing. Using Azure Load Balancer increases the SLA for virtual machines.

Azure Resource Manager (ARM)

All actions that you take to manage your Azure resources goes through the ARM layer, meaning of ARM?

Azure DDoS Protection

An attacker can bring down your website by sending a large volume of network traffic to your servers. Which Azure service can help Tailwind Traders protect its App Service instance from this kind of attack? Azure Firewall Network security groups Azure DDoS Protection

The Azure CLI

As an administrator, you need to retrieve the IP address from a particular VM by using Bash. Which of the following tools should you use? ARM templates Azure PowerShell The Azure portal The Azure CLI

Tools in azure to support governance and compliance

Azure Blueprints Azure Policy Resource Locks Service Trust Portal

Azure Blueprints

Azure subscription templates with roles and policies are already defined

Binary Large Object

B L OB is a backronym for?

Resource Tags

Can add meta data to azure resources

Authentication

Confirms the identity of a person who wants access

Azure Policy

Creates rules across all of your azure resources Evaluate compliance to those rules

DNS Services

Domain name resolution

Azure Policy

Enforces standards and assess compliance across your organization

TCO calculator

Estimates the cost savings by comparing datacenter costs to running the same workload on Azure

High availability

Expressed as a percentage, it's the ability of a system to respond to users.

OpEx

For tax optimization, which type of expense is preferable? OpEx CapEx

Authorization

Grants the proper access to a legitimate user

Create a role assignment through Azure role-based access control (Azure RBAC).

How can Tailwind Traders allow some users to control the virtual machines in each environment but prevent them from modifying networking and other resources in the same resource group or Azure subscription? Create a role assignment through Azure role-based access control (Azure RBAC). Create a policy in Azure Policy that audits resource usage. Split the environment into separate resource groups.

Create an application control rule in Azure Security Center.

How can Tailwind Traders enforce having only certain applications run on its VMs? Connect your VMs to Azure Sentinel. Create an application control rule in Azure Security Center. Periodically run a script that lists the running processes on each VM. The IT manager can then shut down any applications that shouldn't be running.

Run the VMs on Azure Dedicated Host.

How can Tailwind Traders ensure that certain VM workloads are physically isolated from workloads being run by other Azure customers? Configure the network to ensure that VMs on the same physical host are isolated. This is not possible. These workloads need to be run on-premises. Run the VMs on Azure Dedicated Host.

Create a network security group rule that prevents access from another VM on the same network.

How can Tailwind Traders most easily implement a deny by default policy so that VMs can't connect to each other? Allocate each VM on its own virtual network. Create a network security group rule that prevents access from another VM on the same network. Configure Azure DDoS Protection to limit network access within the virtual network.

Conditional Access

How can the IT department ensure that employees at the company's retail stores can access company applications only from approved tablet devices? SSO Conditional Access Multifactor authentication

SSO

How can the IT department reduce the number of times users must authenticate to access multiple applications? SSO Conditional Access Multifactor authentication

Multifactor authentication

How can the IT department use biometric properties, such as facial recognition, to enable delivery drivers to prove their identities? SSO Conditional Access Multifactor authentication

It requires the user to have access to an additional device for identity verification

How does Multi-Factor Authentication make a system more secure? It is another password that a user has to memorize, making it more secure It allows the user to log in without a password because they have already previously been validated using a browser coookie It doesn't make it more secure It requires the user to have access to an additional device for identity verification

3

How many availability zones are there in each region (for regions that have them)? 3 Unlimited 1 2

60+

How many azure regions in the world

Hybrid cloud

Is a computing environment that combined a private cloud with a public cloud

Enables access to your data or application from outside the virtual network.

It can be said that most services in Azure have a public endpoint by default. What is a public endpoint? Provides you a static IP address from which your application always uses to communicate with the outside world. Blocks access to your applications and data from inside Azure. Enables access to your data or application from outside the virtual network. Provides you a static IP address for which the outside world can use to communicate with your application.

Just Enough Access (JEA)

JEA meaning

Just In Time (JIT)

JIT meaning

Azure Resource Manager (ARM)

Management layer that allows you to create, update and delete resources called deployments

Azure Resource Lock

Prevents resources from being accidentally deleted or changed

Platform as a service (PaaS)

Provides a fully managed environment for developing, testing, delivering, and managing cloud-based applications

Software as a service (SaaS)

Provides hosting and management of an application and its underlying infrastructure, as well as any maintenance, upgrades, and security patching

Infrastructure as a service (IaaS)

Provides servers and virtual machines, storage, networks, and operating systems on a pay-as-you-go basis

Azure Blueprints

Rapidly provisions and runs new environments with the knowledge that they are in line with the organization's compliance requirements

not all accessible by everyone

Regions-

Azure Multi-Factor Authentication

Require 2 or more pieces of evidence(factors) in order to log in

Apply a tag to each virtual machine that identifies the appropriate billing department.

Resources in the Dev and Test environments are each paid for by different departments. What's the best way to categorize costs by department? Apply a tag to each virtual machine that identifies the appropriate billing department. Split the cost evenly between departments. Keep a spreadsheet that lists each team's resources.

Total Cost of Ownership (TCO)

TCO calculator meaning

Azure Synapse Analytics

Tailwind Traders has millions of log entries that it wants to analyze. Which option would be ideal for analysis? Azure Cosmos DB Azure SQL Database Azure Database for PostgreSQL Azure Synapse Analytics

Azure Database for MySQL

Tailwind Traders uses the LAMP stack for several of its websites. Which option would be ideal for migration? Azure Cosmos DB Azure Database for MySQL Azure Database for PostgreSQL

Implicit FTP over SSL

Tailwind Traders wants to create a secure communication tunnel between its branch offices. Which of the following technologies can't be used? Point-to-site virtual private network Implicit FTP over SSL Azure ExpressRoute Site-to-site virtual private network

CloudExchange colocation, Point-to-point Ethernet connection, Any-to-any-connection

The three models that ExpressRoute supports are?

FALSE

True of false: Azure Powershell scripts and Command Line Interface (CLI) scripts are entirely compatible with each other?

TRUE

True or False: An Azure Storage Account can have both a public endpoint and a private endpoint at the same time.

FALSE

True or False: Azure is a public cloud, and has no private cloud offerings

TRUE

True or False: Under the Infrastructure as a Service model, Azure is responsible for managing the physical host, physical network, and physical datacenter.

TRUE

True or False: With Azure public cloud, anyone with a valid credit card can sign up and get services immediately

TRUE

True or False: With Azure public cloud, anyone with a valid credit card can sign up and get services immediately (subject to the usual country restrictions of course)

FALSE

True or false: Azure Active Directory is a network gateway that load balances user logins using a CDN (Content Delivery Network).

TRUE

True or false: Azure Cloud Shell allows access to the CLI and Powershell consoles in the Azure Portal

False

True or false: Azure charges for bandwidth used "inbound" to Azure

FALSE

True or false: You cannot have more than one Azure subscription per company

FALSE

True or false: You need to purchase an Azure account before you can use any Azure resources

TRUE

True or false: you can create your own policies if built-in Azure Policy is not sufficient to your needs

Load Balancer or Application Gateway

What Azure resource allows you to evenly split traffic coming in and direct it to several identical virtual machines to do the work and respond to the request? Azure App Services Azure Logic Apps Virtual Network Load Balancer or Application Gateway

Load Balancer or Application Gateway

What Azure resource allows you to evenly split traffic coming in and direct it to several identical virtual machines to do the work and respond to the request? Azure App Services Virtual Network Azure Logic Apps Load Balancer or Application Gateway

Management Groups

What Azure tool gives you the ability to manage multiple subscriptions into nested hierarchies? Resource Groups RBAC Azure Active Directory Management Groups

The storage account cannot have its properties altered but it doesn't affect the data itsel

What affect does using a "read only" resource lock on a Azure Storage Account have? A resource lock has no affect on a storage account. The data on the storage account cannot change. Only admin users can update the contents of the storage account. The storage account cannot have its properties altered but it doesn't affect the data itself.

The development team can create a prototype version of the app that includes the AR service that it tests out with select retail employees.

What approach might the company take in adding the augmented reality (AR) preview service to its architecture? The Special Orders app is already in production. The company shouldn't look into the AR service until the service reaches general availability (GA). The Special Orders app is mainly for use by retail employees. The company can integrate the AR service now because potential downtime or failures aren't an important factor. The development team can create a prototype version of the app that includes the AR service that it tests out with select retail employees.

A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.

What are Azure Availability Zones? A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option. This is the same as a region Within each individual data center, certain racks of servers have been architected by Azure to have higher uptime than the others. If you place your apps onto this rack, you'll get higher uptime than if you let Azure do it.

A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.

What are Azure Availability Zones? A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option. Within each individual data center, certain racks of servers have been architected by Azure to have higher uptime than the others. If you place your apps onto this rack, you'll get higher uptime than if you let Azure do it. This is the same as a region

A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.

What are Azure Availability Zones? This is the same as a region A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource Within each individual data center, certain racks of servers have been architected by Azure to have higher uptime than the others. If you place your apps onto this rack, you'll get higher uptime than if you let Azure do it. A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option.

Application management Authentication

What are the two features that Azure AD provides? Choose two. Authentication Application management Functions Azure DDoS Protection Logs Analytics Logic Apps

Application management, Authentication

What are the two features that Azure AD provides? Choose two. Logic Apps Application management Authentication Functions Logs Analytics Azure DDoS Protection

Physically and logically separates virtual machines so that if one goes down, the others do not go down.

What benefit does Availability Sets provide when it comes to virtual machines in Azure? Keeps virtual machines close together, for the fastest communication between them. Physically and logically separates virtual machines so that if one goes down, the others do not go down. Allows you to monitor VM capacity and send alerts to the operations team. Can manage groups of virtual machines as one unit.

Can manage groups of virtual machines as one unit.

What benefit does Azure Scalesets provide when it comes to virtual machines in Azure? Allows you to monitor VM capacity and send alerts to the operations team. Can manage groups of virtual machines as one unit. Keeps virtual machines close together, for the fastest communication between them. Physically separates virtual machines so that if one goes down, the others do not go down.

Can manage groups of virtual machines as one unit.

What benefit does Azure Scalesets provide when it comes to virtual machines in Azure? Allows you to monitor VM capacity and send alerts to the operations team. Keeps virtual machines close together, for the fastest communication between them. Physically separates virtual machines so that if one goes down, the others do not go down. Can manage groups of virtual machines as one unit.

Allows you to reduce the traffic coming into a web server for static, unchanging files such as images, videos, and PDFs

What benefit does a Content Delivery Network (CDN) provide its users? For a small fee, Azure will take over management of your virtual machine, perform OS updates and ensure it's running well Allows you to reduce the traffic coming into a web server for static, unchanging files such as images, videos, and PDFs Allows you to store data that can be retrieved later in an extremely fast and inexpensive manner Allows you to keep temporarily session information on the web visitor such as their login ID or their name

Azure Resource Manager

What does ARM an abbreviation for in Azure? Advanced RISC Machine Account Resource Manager Azure Resource Manager Availability, Reliability, Maintainability

A discount will be applied to the customer's Azure bill (as a service credit), which is a compensation for an under-performing Azure product or service

What happens if Azure does not meet its own Service Level Agreement guarantee (SLA)? The service will be free that month It's not possible. Azure will always meet it's SLA? A discount will be applied to the customer's Azure bill (as a service credit), which is a compensation for an under-performing Azure product or service The resource that did not meet the SLA will be free for the remaining month and the next.

Azure Active Directory

What is Azure's preferred Identity/authentication service? Azure Active Directory Live Connect Facebook Connect Network Security Group

The ability to log in once and use the existing user id and password to sign in other applications, and not have to create/memorize a new one.

What is Single Sign-On? When you sign into an application, it remembers who you are the next time you go there. When an application outsources (federates) it's identity service to a third-party platform The ability to log in once and use the existing user id and password to sign in other applications, and not have to create/memorize a new one.

A denial of service attack that sends so much traffic to a network that it cannot respond fast enough; legitimate users become unable to use the service

What is a DDoS attack? An attempt to guess a user's password through brute force methods An attempt to read the contents of a web page from another website, thereby stealing the user's private information A denial of service attack that sends so much traffic to a network that it cannot respond fast enough; legitimate users become unable to use the service An attempt to send SQL commands to the server in a way that it will execute them against the database

Assume your network has been breached already

What is a core principle of Zero Trust? Require users to change their passwords frequently Require users to log in every session Don't store credit cards and other critical data in the cloud Assume your network has been breached already

Delivery of computing services over the internet

What is meant by cloud computing Delivery of computing services over the internet Setting up your own datacenter Using the internet

ARM templates

What is the best infrastructure-as-code option for quickly and reliably setting up your entire cloud infrastructure declaratively? ARM templates Azure PowerShell The Azure portal The Azure CLI

Create an Azure Storage account.

What is the first step that you would take in order to share an image file as a blob in Azure Storage? Create an Azure Storage container to store the image. Create an Azure Storage account. Upload the image file and create a container. Use a Shared Access Signature (SAS) token to restrict access to the image.

Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates.

What is the purpose of Azure Blueprints? Allows you to manage a group of existing subscriptions in a nested fashion. Allows you to create new resources based on a pre-defined template for consistency and fewer errors. Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates. A standard created specifically for building architects and the housing industry working within the cloud.

Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates.

What is the purpose of Azure Blueprints? Allows you to manage a group of existing subscriptions in a nested fashion. Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates. Allows you to create new resources based on a pre-defined template for consistency and fewer errors. A standard created specifically for building architects and the housing industry working within the cloud.

Azure Key Vault

What is the recommended way within Azure to store secrets such as private cryptographic keys? Azure Key Vault Azure Advanced Threat Protection (ATP) Within the application code In an Azure Storage account private blob container

Resources that perform some type of task that requires CPU cycles to perform the work

What types of resources are defined as <b>compute resources</b>? All resources that are listed in the Azure Marketplace Resources that perform some type of task that requires CPU cycles to perform the work Only Virtual Machines

Create application rules in Azure Firewall.

What's the best way for Tailwind Traders to limit all outbound traffic from VMs to known hosts? Configure Azure DDoS Protection to limit network access to trusted ports and hosts. Create application rules in Azure Firewall. Ensure that all running applications communicate with only trusted ports and hosts.

Apply spending limits to the development team's Azure subscription.

What's the best way to ensure that the development team doesn't provision too many virtual machines at the same time? Do nothing. Let the development team use what they need. Apply spending limits to the development team's Azure subscription. Verbally give the development lead a budget and hold them accountable for overages.

Collect security data in Azure Sentinel.

What's the easiest way for Tailwind Traders to combine security data from all of its monitoring tools into a single report that it can take action on? Collect security data in Azure Sentinel. Build a custom tool that collects security data, and displays a report through a web application. Look through each security log daily and email a summary to your team.

Azure compliance documentation

Where can the IT department find reference blueprints that it can apply directly to its Azure subscriptions? Online Services Terms Azure compliance documentation Microsoft Privacy Statement

Trust Center

Where can the legal team access information around how the Microsoft cloud helps them secure sensitive data and comply with applicable laws and regulations? Microsoft Privacy Statement Trust Center Online Services Terms

Microsoft Privacy Statement

Where can the team access details about the personal data Microsoft processes and how the company processes it, including for Cortana? Microsoft Privacy Statement The Azure compliance documentation Microsoft compliance offerings

Azure Active Directory Free, Office 365

Which Azure AD licenses (select two) are made available through Azure? Azure Active Directory Free Office 365 Business Tier 1 Enterprise Tier 2 Basic

Azure Virtual Desktop

Which Azure Service gives you access to your own personalized Windows 10 or 11 desktop machine in the cloud, so that you can access your work files and applications whereever you go from any device? Private Link Azure App Services Virtual Private Network Azure Virtual Desktop

Azure Blob Storage

Which Azure Storage option is better for storing data for backup and restore, disaster recovery, and archiving? Azure Files Storage Azure Disk Storage Azure Blob Storage

Virtual machine scale sets

Which Azure compute resource can be deployed to manage a set of identical virtual machines? Virtual machine scale sets Virtual machine availability sets Virtual machine availability zones

Passwordless

Which Azure technology allows you to log in to Azure Active Directory device or application using your face, a PIN code, or a gesture instead of having to type a password? Passwordless Microsoft Defender for Cloud AD Conditional Access Multi-Factor Authentication

Azure Arc

Which Azure technology allows you to manage virtual machines running in Azure, in your own environment, and in other environments such as AWS? Azure Kubernetes Service Azure Arc Azure Virtual Desktop Azure Monitor

Azure Monitor

Which feature within Azure collects all of the logs from various resources into a central dashboard, where you can run queries, view graphs, and create alerts on certain events? Azure Monitor Azure Portal Dashboard Azure Security Center Storage Account or Event Hub

Apply a tag to each resource that includes the associated billing department.

Which is likely the best way for Tailwind Traders to identify which billing department each Azure resource belongs to? Track resource usage in a spreadsheet. Split the deployment into separate Azure subscriptions, where each subscription belongs to its own billing department. Apply a tag to each resource that includes the associated billing department.

Run the Total Cost of Ownership Calculator.

Which is the best first step the team should take to compare the cost of running these environments on Azure versus in their datacenter? They're just test environments. Spin them up and check the bill at the end of the month. Assume that running in the cloud costs about the same as running in the datacenter. Run the Total Cost of Ownership Calculator.

Create a policy in Azure Policy that specifies the allowed SKU sizes.

Which is the best way for Tailwind Traders to ensure that the team deploys only cost-effective virtual machine SKU sizes? Create a policy in Azure Policy that specifies the allowed SKU sizes. Periodically inspect the deployment manually to see which SKU sizes are used. Create an Azure RBAC role that defines the allowed virtual machine SKU sizes.

Store the certificates in Azure Key Vault.

Which is the best way for Tailwind Traders to safely store its certificates so that they're accessible to cloud VMs? Place the certificates on a network share. Store them on a VM that's protected by a password. Store the certificates in Azure Key Vault.

Deallocate virtual machines when they're not in use.

Which is the most efficient way for the testing team to save costs on virtual machines on weekends, when testers are not at work? Delete the virtual machines before the weekend and create a new set the following week. Deallocate virtual machines when they're not in use. Just let everything run. Azure bills you only for the CPU time that you use.

Network Interface Card (NIC), Storage Account, Virtual Network

Which of the following Azure Resources are required in order to have a virtual machine? Only choose services that are required, not ones that are optional. Public IP Address Network Interface Card (NIC) Storage Account Virtual Network

Azure US Government, Azure China

Which of the following are examples of Azure Sovereign Regions? Azure US Government Azure China Azure South Africa Azure Brazil

Salary costs of employees managing the servers, Cost of electricity, Cost to access the Internet, Real estate costs

Which of the following are factors in Total Cost of Ownership? Choose all that apply. Salary costs of employees managing the servers Cost of electricity Cost to access the Internet Real estate costs

Geographic isolation

Which of the following choices isn't a benefit of using cloud services? Scalability Disaster recovery High availability Geographic isolation

Networking-as-a-Service (NaaS)

Which of the following choices isn't a cloud computing category? Networking-as-a-Service (NaaS) Platform-as-a-Service (PaaS) Infrastructure-as-a-Service (IaaS) Software-as-a-Service (SaaS)

Azure Boards

Which of the following choices would not be used to automate a CI/CD process? Azure Pipelines GitHub Actions Azure Boards

Separate servers into distinct subnets by role

Which of the following elements is considered part of the "network" layer of network security? Locks on the data center doors Keep operating systems up to date with patches Use a firewall Separate servers into distinct subnets by role

Separate servers into distinct subnets by role

Which of the following elements is considered part of the <b>network</b> layer of network security? Locks on the data center doors Use a firewall Keep operating systems up to date with patches Separate servers into distinct subnets by role

Separate servers into distinct subnets by role

Which of the following elements is considered part of the <b>network</b> layer of network security? Separate servers into distinct subnets by role Use a firewall Keep operating systems up to date with patches Locks on the data center doors

Use a firewall

Which of the following elements is considered part of the <b>perimeter</b> layer of security? Separate servers into distinct subnets by role Keep operating systems up to date with patches Use a firewall Locks on the data center doors

Resource groups can be nested.

Which of the following features does not apply to resource groups? Resources can be in only one resource group. Role-based access control can be applied to the resource group. Resource groups can be nested.

Azure subscription

Which of the following is a logical unit of Azure services that links to an Azure account? Azure subscription Management group Resource group Public cloud

A limited pool of services

Which of the following is not a feature of Cloud computing? Faster innovation A limited pool of services Speech recognition and other cognitive services

All of these! Azure can do it all!

Which of the following is something that Azure Cognitive Services API can currently do? Speak text in an extremely realistic way Recognize faces in a picture Recognize text in an image All of these! Azure can do it all! Create text from audio Translate text from one language to another

AzCopy

Which of the following is the best approach when you need to copy large amount of files between two Azure Storage accounts? Use Azure API programmatically Storage Explorer AzCopy Download the files to your local machine and upload them to the new account

Distributed cloud

Which of the following options isn't a type of cloud computing? Distributed cloud Hybrid cloud Private cloud Public cloud

Prevent certain Azure Virtual Machine instance types from being used in a resource group

Which of the following scenarios would Azure Policy be a recommended method for enforcement? Allow only one specific roles of users to have access to a resource group Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue? Require a virtual machine to always update to the latest security patches Prevent certain Azure Virtual Machine instance types from being used in a resource group

Prevent certain Azure Virtual Machine instance types from being used in a resource group

Which of the following scenarios would Azure Policy be a recommended method for enforcement? Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue? Allow only one specific roles of users to have access to a resource group Prevent certain Azure Virtual Machine instance types from being used in a resource group Require a virtual machine to always update to the latest security patches

Prevent certain Azure Virtual Machine instance types from being used in a resource group

Which of the following scenarios would Azure Policy be a recommended method for enforcement? Allow only one specific roles of users to have access to a resource group Prevent certain Azure Virtual Machine instance types from being used in a resource group Require a virtual machine to always update to the latest security patches Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue?

Azure Functions

Which of the following services should be used when the primary concern is to perform work in response to an event (often via a REST command) that needs a response in a few seconds? Azure Functions Azure App Service Azure Container Instances

Azure Functions App

Which of the following services would NOT be considered Infrastructure as a Service? Virtual Network Azure Functions App Virtual Network Interface Card (NIC) Virtual Machine

Azure Functions App

Which of the following services would NOT be considered Infrastructure as a Service? Virtual Network Virtual Machine Virtual Network Interface Card (NIC) Azure Functions App

An Azure subscription is a logical unit of Azure services.

Which of the following statements is a valid statement about an Azure subscription? Using Azure doesn't require a subscription. An Azure subscription is a logical unit of Azure services.

With Operating Expenses (OpEx), you are only responsible for the computing resources that you use.

Which of the following statements is true? With Operating Expenses (OpEx), you are responsible for purchasing and maintaining your computing resources. With Operating Expenses (OpEx), you are only responsible for the computing resources that you use. With Capital Expenses (CapEx), you are only responsible for the computing resources that you use.

Azure DevTest Labs

Which service could help you manage the VMs that your developers and testers need to ensure that your new app works across various operating systems? Azure DevTest Labs Azure Test Labs Azure Repos

Azure Monitor

Which service is a platform that powers Application Insights, monitoring for VMs, containers, and Kubernetes? Azure Advisor Azure Monitor Azure Service Health

Azure Pipelines

Which service lacks features to assign individual developers tasks to work on? Azure Boards GitHub Azure Pipelines

Azure Service Health

Which service provides official outage root cause analyses (RCAs) for Azure incidents? Azure Advisor Azure Monitor Azure Service Health

LRS

Which storage redundancy option is the cheapest? LRS ZRS RA-GRS GRS

Azure Advisor

Which tool within the Azure Portal will make specific recommendations based on your actual usage for how you can improve your use of Azure? Azure Monitor Azure Service Health Azure Dashboard Azure Advisor

International Organization for Standardization

Within the context of privacy and compliance, what does the acronym ISO stand for, in English? Intelligence and Security Office Instead of International Organization for Standardization Information Systems Officer

Azure portal, Direct link, Code snippets

You can access the Azure Cloud Shell in three ways, what are they?

Azure Bot Service

You need to create a human-computer interface that uses natural language to answer customer questions. Which product option should you select as a candidate? Azure Machine Learning Azure Cognitive Services Azure Bot Service

Azure Cognitive Services

You need to identify the content of product images to automatically create alt tags for images formatted properly. Which product option is the best candidate? Azure Machine Learning Azure Cognitive Services Azure Bot Service

Azure Machine Learning

You need to predict future behavior based on previous actions. Which product option should you select as a candidate? Azure Machine Learning Azure Bot Service Azure Cognitive Services

Azure Functions

You need to process messages from a queue, parse them by using some existing imperative logic written in Java, and then send them to a third-party API. Which serverless option should you choose? Azure Functions Azure Logic Apps

Azure Advisor

You want to be alerted when new recommendations to improve your cloud environment are available. Which service will do this? Azure Advisor Azure Monitor Azure Service Health

Azure Logic Apps

You want to orchestrate a workflow by using APIs from several well-known services. Which is the best option for this scenario? Azure Functions Azure Logic Apps

IoT Hub

You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages? IoT Hub IoT Central Azure Sphere

The Azure portal

You're a developer who needs to set up your first VM to host a process that runs nightly. Which of the following tools is your best choice? ARM templates Azure PowerShell The Azure portal The Azure CLI

Azure Virtual Desktop

Your company has a team of remote workers that need to use Windows-based software to develop your company's applications, but your team members are using various operating systems like macOS, Linux, and Windows. Which Azure compute service would help resolve this scenario? Azure App Service Azure Virtual Desktop Azure Container Instances

Azure Cosmos DB

Your development team is interested in writing Graph-based applications that take advantage of the Gremlin API. Which option would be ideal for that scenario? Azure Cosmos DB Azure SQL Database Azure Databricks Azure Database for PostgreSQL

Azure Logic Apps

Your team has limited experience with writing custom code, but it sees tremendous value in automating several important business processes. Which of the following options is your team's best option? Azure Functions Azure Logic Apps

Virtual Private Network (VPN)

connecting two networks as if they were on the same network, uses a Network Gateway

Azure Cost Management

a tool inside azure to analyze spending

virtual network

emulating a physical network

Pricing calculator

helps you to estimate workload cost.

Storage

one of the foundational technologies on which much is built

Azure AD

provides "identity as a service"

Resource Locks

read only cannot delete

Azure Kubernetes Service (AKS)

runs on a cluster of servers, enterprise-grade

Azure Container Instance (ACI)

single instance, quickest way to deploy a container

Was 54, now 60+

Approximately how many regions does Azure have around the world? Was 54, now 60+ 10 100 25

Governance

The leaders in your company might have certain IT rules that they want to implement

B

Single sign-on (SSO) is __________ method that enables users to sign in the first time and access various applications and resource by using same password. A. a validation B. an authentication C. a configuration D. an authorization

Elasticity

The ability of a system to automatically grow and shrink based on application demand

Scalability

The ability of a system to handle growth of users or work.

Azure Resource Manager (ARM)

The deployment management service for Azure

Management Groups

What Azure tool gives you the ability to manage multiple subscriptions into nested hierarchies? Management Groups Azure Active Directory Resource Groups RBAC

A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource

What are Resource Groups in Azure? Within the Azure security model, users are organized into groups, and those groups are granted permissions to resources A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource Automatically assigned groups of resources that all have the same type (virtual machine, app service, etc) Based on the tag assigned to a resource by the deployment script, it is assigned to a group

A

What can you use to launch the Azure Cloud Shell? A. Azure portal B. Azure PowerShell C. Azure Command Line Interface (CLI) D. Azure Resource Manager (ARM) template

Anyone can use the service for any reason

What does it mean if a service is in General Availability (GA) mode? You have to apply to get selected in order to use that service The service is available for use by some, and Microsoft will provide support for it Anyone can use the service but it must not be for production use Anyone can use the service for any reason

You have to apply to get selected in order to use that service

What does it mean if a service is in Private Preview mode? The service is generally available for use, and Microsoft will provide support for it Anyone can use the service for any reason You have to apply to get selected in order to use that service Anyone can use the service but it must not be for production use

Anyone can use the service but normal service level agreements do not apply

What does it mean if a service is in Public Preview mode? Anyone can use the service for any reason You have to apply to get selected in order to use that service The service is generally available for use, and Microsoft will provide support for it Anyone can use the service but normal service level agreements do not apply

The ability of it to add and reduce capacity based on actual demand

What feature of a system makes it elastic? The ability of it to stay up (available) while updates are being made to the system The ability to withstand denial of service attacks The ability to heal itself after a crash The ability of it to add and reduce capacity based on actual demand

Network Security Group

What is the basic way of protecting an Azure Virtual Network subnet? Application Gateway with WAF Azure Firewall Azure DDos Standard protection Network Security Group

The more you buy of something, the cheaper it is for you

What is the benefit of economies of scale? The more you buy of something, the cheaper it is for you Big companies don't need to make a profit on every sale Prices of cloud servers and services are always going down. It'll be cheaper next year than it is this year. Big companies don't need to make a profit on the first product they sell you, because they will on the second

there is no cloud, only someone else's computer

What is the cloud?

An extremely large set of data that you want to ingest and do analysis on; traditional software like SQL Server cannot handle Big Data as efficiently as specialized products

What is the concept of Big Data? A set of Azure services that allow you to use execute code in the cloud but don't require (or even allow) you to manage the underlying server An extremely large set of data that you want to ingest and do analysis on; traditional software like SQL Server cannot handle Big Data as efficiently as specialized products A small sensor or a similar device that constantly sends its status and other data to the cloud A form of artificial intelligence (AI) that allows systems to automatically learn and improve from experience without being explicitly programmed

$200

What is the default amount of credits that you are given when you first create an Azure Free account?

Windows and Linux

What operating systems does Microsoft supply Azure Virtual Machine images for? macOS Windows and Linux Windows, Linux and macOS Windows Linux

Basic, Standard

What two types of DDoS protection services does Azure provide? Select two. Basic Advanced Standard Premium

A list of standards that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft's compliance efforts

What type of documents does the Microsoft Service Trust Portal provide? Specific recommendations about your usage of Azure and ways you can improve A list of standards that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft's compliance efforts Documentation on the individual Azure services and solutions A tool that helps you manage your compliance to various standards

Resources that perform some type of task that requires CPU cycles to perform the work

What types of resources are defined as "compute resources"? Resources that perform some type of task that requires CPU cycles to perform the work Only Virtual Machines All resources that are listed in the Azure Marketplace

Azure Marketplace

Where do you go within the Azure Portal to find all of the third-party virtual machines and other offers? Bing Azure Marketplace Azure mobile app Choose an image when creating a VM

D

Which Azure Active Directory (Azure AD) feature is used to provide access to resources based on organizational policies? A. multi-factor authentication (MFA) B. single sign-on (SSO) C. administrative units D. Conditional Access

B

Which Azure feature enables you to organize multiple subscriptions in hierarchies for unified policies and compliance? A. Resource groups B. Management groups C. Azure Active Directory (Azure AD) D. Azure Container Instances

B

Which Azure serverless computing technology provides the ability to execute workflows to automate business scenarios by using triggers without writing any code? A. Azure Functions B. Azure Logic Apps C. Azure Front Door D. Azure DevOps

C

Which cloud approach is used by organizations to take full advantage of on-premises technology investments and allows data and applications to be shared between two environments? A. public cloud B. private cloud C. hybrid cloud D. on-premises datacenter

B

Which defense in depth layer uses distributed denial of service (DDoS) protection? A. Physical security layer B. Perimeter layer C. Network layer D. Application layer

Azure Service Health

Which feature within Azure alerts you to service issues that happen in Azure itself, not specifically related to your own resources? Azure Security Center Azure Monitor Azure Service Health Azure Portal Dashboard

Use a firewall

Which of the following elements is considered part of the "perimeter" layer of security? Keep operating systems up to date with patches Separate servers into distinct subnets by role Use a firewall Locks on the data center doors

A refrigerator that monitors how much milk you have left and sends you a text message when you are running low

Which of the following would be an example of an Internet of Things (IoT) device? A web application that people use to perform their banking tasks A mobile application that is used to watch online video courses A video game, installed on Windows clients around the world, that keep user scores in the cloud. A refrigerator that monitors how much milk you have left and sends you a text message when you are running low

C

Which option is used to set the communication between an on-premises VPN device and an Azure VPN gateway through an encrypted tunnel over the internet? A. ExpressRoute B. Point-to-Site (P2S) VPN C. Site-to-Site VPN

Azure Advisor

Which tool within the Azure Portal will make specific recommendations based on your actual usage for how you can improve your use of Azure? Azure Service Health Azure Monitor Azure Advisor Azure Dashboard

You give Azure the code and the configuration, and you have no access to the underlying hardware

Why is Azure App Services considered Platform as a Service? You are responsible for keeping the operating system up to date with the latest patches You can decide on what type of virtual machine it runs - A-series, or D-series, or even H-series You give Azure the code and the configuration, and you have no access to the underlying hardware Azure App Services is not PaaS. It is Software as a Service.

You can save a lot of money if you don't use the resource often as opposed to having it available for use 24/7

Why would someone prefer a Consumption-based pricing model as opposed to a Time-based (Fixed) pricing model? You can easily predict the cost of the service into the future You can save a lot of money if you don't use the resource often as opposed to having it available for use 24/7 The pricing model is simpler and easier to understand It is always cheaper to pay for consumption than to pay by the hour

B

You use __________ to organize resources in an Azure subscription. A. Azure regions B. Resource groups C. Management group D. Administrative units

C

_________ in Azure enables you to deploy Azure resources close to the users. A. Elasticity B. Scalability C. Geo-distribution D. High availability

subnet

a subdivision of a virtual network, that you control, that has its own security rules

C

alerts you when service issues occur in an Azure environment, such as a regional Azure outage that affects all Azure customers. A. Azure Monitor B. Azure Advisor C. Azure Service Health D. Azure Application Insights

C

copies data to a secondary region from the primary region across multiple datacenters that are located many miles apart. A. Premium storage B. Zone redundant storage (ZRS) C. Geo-redundant storage (GRS) D. Locally-redundant storage (LRS)

C

enables you to provision a group of matching and load-balanced virtual machines in Azure. A. Azure Logic Apps B. An availability set C. An Azure virtual machine scale set D. Azure Load Balancer

C

enables you to scale to thousands of virtual machines for high-performance computing and large-scale parallel jobs. A. An Azure virtual machine scale set B. An availability set C. Azure Batch D. An availability zone

Azure Cost Management

helps to understand Azure bill, manage account.

Express Route

high speed private connection to Azure

Simple Storage Service (S3)

in AWS, a Storage Account is called?

subscription

is a billing unit

C

is a repeatable set of governance tools that helps development teams quickly build and create new environments while adhering to organizational compliance to speed up development and deployment A. Azure DevOps B. A Continuous Integration/Continuous Deployment (CI/CD) pipeline configuration C. Azure Blueprints D. Azure Policy

Identity

is a representation of a person, application or device

authentication

is a user proving who they are - user id and password

Public cloud

is defined as computing services offered by third party providers over the public internet, making them available to anyone who wants to use of purchase them.

Private cloud

is defined as computing services offered either over the Internet or a private internal network and only to select users instead of the general public.

authorization

is ensuring that a user is permitted to perform an action

B

is supported by ExpressRoute for connecting an on-premises network to Azure. A. A Point-to-Site VPN B. A point-to-point Ethernet connection C. A Site-to-Site VPN D. Azure Peering service

Conditional Access

is the tool used by Azure Active Directory to allow (or deny) access to resources based on identity signals. It is a more refined MFA (multifactor authentication) method.


Set pelajaran terkait

Genetics Chapter 25 (medical genetics)

View Set

AP Multiple Choice "Othello, Act I, Scene 3"

View Set