Azure Fundamentals Module Questions
How can the IT department ensure that employees at the company's retail stores can access company applications only from approved tablet devices? SSO Conditional Access Multifactor authentication
Conditional Access
Azure Bot Service
virtual agent that interfaces with humans via natural language
Azure DevOps
- more granular set of permissions that allow organizations to refine who is able to perform most operations across the entire toolset. - highly customizable project management
While configuring your environment, you need a way to repeatedly set up one or more resources and ensure that all the dependencies are created in the proper order. What do you use? Powershell ARM templates Azure CLI
ARM templates
Azure IoT Hub vs IoT Central vs Azure Sphere
Azure IoT Hub - provides metrics and reporting IoT Central - pre-built customizable user interface with which you can view and control your devices remotely - also has reporting Azure Sphere - secure two way channel of communication between the device and Azure by controlling everything from the hardware to the operating system and the authentication process - more secure
Azure Functions vs Azure Logic Apps
Azure Logic Apps - low code/ no code (declarative environment) - designed with orchestration in mind, from the web-based visual configurator to the pricing model. - excels at connecting a large array of disparate services via their APIs to pass and process data through many steps in a workflow Azure Functions - requires code (imperative environment) - allows for custom, complex algorithms or perform specialized data parsing and data lookups - better if you have existing automated tasks written in an imperative programming language
Which service is a platform that powers Application Insights, monitoring for VMs, containers, and Kubernetes? Azure Advisor Azure Monitor Azure Service Health
Azure Monitor Azure Monitor is the platform used by Application Insights.
Which of the following options isn't a benefit of ExpressRoute? A. Redundant connectivity B. Consistent network throughput C. Encrypted network communication D. Access to Microsoft cloud services
Encrypted network communication Correct. ExpressRoute does provide private connectivity, but it isn't encrypted.
Azure ExpressRoute
For environments where you need greater bandwidth and even higher levels of security, Azure ExpressRoute is the best approach. ExpressRoute provides dedicated private connectivity to Azure that doesn't travel over the internet. Not encrypted*
GitHub vs Azure DevOps
GitHub - preferred for building open-source software - works on a simple model of read/write permissions to every feature - basic work items/issues Azure DevOps - more granular set of permissions that allow organizations to refine who is able to perform most operations across the entire toolset. - highly customizable project management
When you're scripting, do you come from a Windows administration or Linux administration background? Would you prefer Azure CLI or Powershell?
Windows - Powershell Linux - Azure CLI
Azure Cognitive Services
a service that can understand the content and meaning of images, video, or audio, or that can translate text into a different language
Azure DevTest
automate and manage test-lab creation
Route-based VPNs
dynamic routing With route-based gateways, IPSec tunnels are modeled as a network interface or virtual tunnel interface. IP routing (either static routes or dynamic routing protocols) decides which one of these tunnel interfaces to use when sending each packet. Route-based VPNs are the preferred connection method for on-premises devices. They're more resilient to topology changes such as the creation of new subnets.
Azure App Service
enables you to build and host web apps, background jobs, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure. Supports Windows and Linux and enables automated deployments from GitHub, Azure DevOps, or any Git repo.
VM Scale Sets
let you create and manage a group of identical, load-balanced VMs that automatically scale in response to demand
Azure Machine Learning
predict future outcomes based on private historical data or build a model by using your own data
Azure Cognitive Services Personalizer
predict user behavior or provide users with personalized recommendations
Policy-based VPNs
static routing specify statically the IP address of packets that should be encrypted through each tunnel
Tailwind Traders has millions of log entries that it wants to analyze. Which option would be ideal for analysis? A. Azure Cosmos DB B. Azure SQL Database C. Azure Database for PostgreSQL D. Azure Synapse Analytics
D. Azure Synapse Analytics Azure Synapse Analytics is the logical choice for analyzing large volumes of data.
Where can the legal team access information around how the Microsoft cloud helps them secure sensitive data and comply with applicable laws and regulations? Microsoft Privacy Statement Trust Center Online Services Terms
Trust Center The Trust Center is a great resource for people in your organization who might play a role in security, privacy, and compliance.
What is the first step that you would take in order to share an image file as a blob in Azure Storage? Create an Azure Storage container to store the image. Create an Azure Storage account. Upload the image file and create a container. Use a Shared Access Signature (SAS) token to restrict access to the image.
Create an Azure Storage account. You must create an Azure Storage account before you can use any Azure Storage features.
Tailwind Traders wants to use Azure ExpressRoute to connect its on-premises network to the Microsoft cloud. Which of the following choices isn't an ExpressRoute model that Tailwind Traders can use? A. Any-to-any connection B. Site-to-site virtual private network C. Point-to-point Ethernet connection D. CloudExchange colocation
Site-to-site virtual private network B. A site-to-site virtual private network isn't an ExpressRoute model.
Azure IoT Central
builds on top of IoT Hub by adding a dashboard that allows you to connect, monitor, and manage your IoT devices
Azure Batch
enables large-scale parallel and high-performance computing (HPC) batch jobs with the ability to scale to tens, hundreds, or thousands of VMs.
Azure Container Instances
fastest and simplest way to run a container in Azure without having to manage any virtual machines or adopt any additional services. It's a platform as a service (PaaS) offering that allows you to upload your containers, which it runs for you.
Azure IoT Hub
managed service that's hosted in the cloud and that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages
Azure Service Health
monitor services or usage for Azure view the current status of the Azure services you rely on, upcoming planned outages, and services that will be sunset. You can set up alerts that help you stay on top of incidents and upcoming downtime without having to visit the dashboard regularly.
Azure Data Lake Analytics
on-demand analytics job service that simplifies big data You only pay for your job when it's running, making it more cost-effective.
Resource locking
prevents resources from being accidentally deleted or changed
Azure Database for MySQL
relational database service in the cloud that delivers: -Built-in high availability with no additional cost. -Predictable performance and inclusive, pay-as-you-go pricing. -Scale as needed, within seconds. -Ability to protect sensitive data at-rest and in-motion. -Automatic backups. -Enterprise-grade security and compliance.
Azure Synapse Analytics
(formerly Azure SQL Data Warehouse) is a limitless analytics service that brings together enterprise data warehousing and big data analytics.
Azure Databricks
- helps you unlock insights from all your data and build artificial intelligence solutions. - supports Python, Scala, R, Java, and SQL, as well as data science frameworks and libraries including TensorFlow, PyTorch, and scikit-learn.
What are network security groups?
A network security group enables you to filter network traffic to and from Azure resources within an Azure virtual network. You can think of NSGs like an internal firewall. An NSG can contain multiple inbound and outbound security rules that enable you to filter traffic to and from resources by source and destination IP address, port, and protocol.
Your team is interested in writing Graph-based applications that take advantage of the Gremlin API. Which option would be ideal for that scenario? A. Azure Cosmos DB B. Azure SQL Database C. Azure Databricks D. Azure Database for PostreSQL
A. Azure Cosmos DB It supports SQL, MongoDB, Cassandra, Tables, and Gremlin APIs.
Which is likely the best way for Tailwind Traders to identify which billing department each Azure resource belongs to? Track resource usage in a spreadsheet. Split the deployment into separate Azure subscriptions, where each subscription belongs to its own billing department. Apply a tag to each resource that includes the associated billing department.
Apply a tag to each resource that includes the associated billing department. Tags provide extra information, or metadata, about your resources. The team might create a tag that's named BillingDept whose value would be the name of the billing department. You can use Azure Policy to ensure that the proper tags are assigned when resources are provisioned.
Resources in the Dev and Test environments are each paid for by different departments. What's the best way to categorize costs by department? Apply a tag to each virtual machine that identifies the appropriate billing department. Split the cost evenly between departments. Keep a spreadsheet that lists each team's resources.
Apply a tag to each virtual machine that identifies the appropriate billing department. You can apply tags to groups of Azure resources to organize billing data.
You want to be alerted when new recommendations to improve your cloud environment are available. Which service will do this? Azure Advisor Azure Monitor Azure Service Health
Azure Advisor Azure Advisor can alert you when new recommendations are available.
Which Azure Storage option is better for storing data for backup and restore, disaster recovery, and archiving? Azure Files Storage Azure Disk Storage Azure Blob Storage
Azure Blob Storage Azure Blob Storage is your best option for storing disaster recovery files and archives.
Which of the following choices would not be used to automate a CI/CD process? Azure Pipelines GitHub Actions Azure Boards
Azure Boards Azure Boards is an agile project-management tool. It would not be used to automate a CI/CD process.
ou need to create a human-computer interface that uses natural language to answer customer questions. Which product option should you select as a candidate? Azure Machine Learning Azure Cognitive Services Azure Bot Service
Azure Bot Service Azure Bot Service creates virtual agent solutions that utilize natural language. It should not be eliminated as a candidate.
You need to predict future behavior based on previous actions. Which product option should you select as a candidate? Azure Machine Learning Azure Bot Service Azure Cognitive Services
Azure Machine Learning Azure Machine Learning enables you to build models to predict the likelihood of a future result. It should not be eliminated as a candidate.
An attacker can bring down your website by sending a large volume of network traffic to your servers. Which Azure service can help Tailwind Traders protect its App Service instance from this kind of attack? Azure Firewall Network security groups Azure DDoS Protection
Azure DDoS Protection DDoS Protection helps protect your Azure resources from DDoS attacks. A DDoS attack attempts to overwhelm and exhaust an application's resources, making the application slow or unresponsive to legitimate users.
You need to process messages from a queue, parse them by using some existing imperative logic written in Java, and then send them to a third-party API. Which serverless option should you choose? Azure Functions Azure Logic Apps
Azure Functions Azure Functions is the correct choice because you can use existing Java code with minimal modification.
Azure Powershell
Azure PowerShell is a shell with which developers and DevOps and IT professionals can execute commands called cmdlets (pronounced command-lets). These commands call the Azure Rest API to perform every possible management task in Azure. Cmdlets can be executed independently or combined into a script file and executed together to orchestrate: The routine setup, teardown, and maintenance of a single resource or multiple connected resources. The deployment of an entire infrastructure, which might contain dozens or hundreds of resources, from imperative code. Capturing the commands in a script makes the process repeatable and automatable. Azure PowerShell is available for Windows, Linux, and Mac, and you can access it in a web browser via Azure Cloud Shell.
Azure Firewall
provides: Inbound protection for non-HTTP/S protocols (for example, RDP, SSH, and FTP). Outbound network-level protection for all ports and protocols. Application-level protection for outbound HTTP/S.
Azure Monitor
when you want to measure custom events alongside other collected telemetry data. Custom events, such as those added in the source code of your software applications, could help identify and diagnose why your application is behaving a certain way. if you want to keep track of the performance or issues related to your specific VM or container instances, databases, your applications, and so on, you want to visit Azure Monitor and create reports and notifications to help you understand how your services are performing or diagnose issues related to your Azure usage. Also lets you set up alerts for outages or new instances
What's the easiest way for Tailwind Traders to combine security data from all of its monitoring tools into a single report that it can take action on? A. Collect security data in Azure Sentinel. B. Build a custom tool that collects security data and displays a report through a web application. C. Look through each security log daily and email a summary to your team.
A. Collect security data in Azure Sentinel. Azure Sentinel is Microsoft's cloud-based SIEM. A SIEM aggregates security data from many different sources to provide additional capabilities for threat detection and responding to threats.
Which of the following features doesn't apply to resource groups? A. Resources can be in only one resource group. B. Role-based access control can be applied to the resource group. C. Resource groups can be nested.
C. Resource groups can be nested.
How can Tailwind Traders ensure that certain VM workloads are physically isolated from workloads being run by other Azure customers? A. Configure the network to ensure that VMs on the same physical host are isolated. B. This is not possible. These workloads need to be run on-premises. C. Run the VMs on Azure Dedicated Host.
C. Run the VMs on Azure Dedicated Host. Azure Dedicated Host provides dedicated physical servers to host your Azure VMs for Windows and Linux.
Azure Policy
a service in Azure that enables you to create, assign, and manage policies that control or audit your resources. These policies enforce different rules and effects over your resource configurations so that those configurations stay compliant with corporate standards.
Azure Portal
a web-based user interface, you can access virtually every feature of Azure. The Azure portal provides a friendly, graphical UI to view all the services you're using, create new services, configure your services, and view reports.
Azure Boards
an agile project management suite that includes Kanban boards, reporting, and tracking ideas and work from high-level epics to work items and issues.
Azure Test Plans
an automated test tool that can be used in a CI/CD pipeline to ensure quality before a software release.
Azure Functions
can host a single method or function by using a popular programming language in the cloud that runs in response to an event. The Azure Functions solution is ideal when you're concerned only with the code that's running your service and not the underlying platform or infrastructure.
Azure Sphere
creates an end-to-end, highly secure IoT solution for customers that encompasses everything from the hardware and operating system on the device to the secure method of sending messages from the device to the message hub. Azure Sphere has built-in communication and security features for internet-connected devices.
Azure Database for PostgreSQL
relational database service in the cloud
Which of the following services should be used when the primary concern is to perform work in response to an event (often via a REST command) that needs a response in a few seconds? A. Azure Functions B. Azure App Service C. Azure Container Instances
A. Azure Functions That's correct. Azure Functions is used when you need to perform work in response to an event (often via a REST request), timer, or message from another Azure service, and when that work can be completed quickly, within seconds or less.
Virtual Machines virtualize A. ________, while containers virtualize B. ___________.
A. Hardware B. Operating System
What's the best way to ensure that the development team doesn't provision too many virtual machines at the same time? Do nothing. Let the development team use what they need. Apply spending limits to the development team's Azure subscription. Verbally give the development lead a budget and hold them accountable for overages.
Apply spending limits to the development team's Azure subscription. If you exceed your spending limit, active resources are deallocated. You can then decide whether to increase your limit or provision fewer resources.
Which of the following statements is a valid statement about an Azure subscription? A. Using Azure doesn't require a subscription. B. An Azure subscription is a logical unit of Azure services. C. You can't have more than one subscription.
B. An Azure subscription is a logical unit of Azure services. That's correct. A subscription is a set of Azure services bundled together for tracking and billing purposes.
Azure SQL Database
-(PaaS) relational database based on the latest stable version of the Microsoft SQL Server database engine -can use it to build data-driven applications and websites in the programming language of your choice, without needing to manage infrastructure - enables you to process both relational data and non-relational structures, such as graphs, JSON, spatial, and XML
How can Tailwind Traders allow some users to control the virtual machines in each environment but prevent them from modifying networking and other resources in the same resource group or Azure subscription? Create a role assignment through Azure role-based access control (Azure RBAC). Create a policy in Azure Policy that audits resource usage. Split the environment into separate resource groups.
Create a role assignment through Azure role-based access control (Azure RBAC). Azure RBAC enables you to create roles that define access permissions. You might create one role that limits access only to virtual machines and a second role that provides administrators with access to everything.
A company wants to quickly manage its individual IoT devices by using a web-based user interface. Which IoT technology should it choose? IoT Hub IoT Central Azure Sphere
IoT Central IoT Central quickly creates a web-based management portal to enable reporting and communication with IoT devices.
Azure CLI
The Azure CLI command-line interface is an executable program with which a developer, DevOps professional, or IT professional can execute commands in Bash. The commands call the Azure Rest API to perform every possible management task in Azure. You can run the commands independently or combined into a script and executed together for the routine setup, teardown, and maintenance of a single resource or an entire environment. In many respects, the Azure CLI is almost identical to Azure PowerShell in what you can do with it. Both run on Windows, Linux, and Mac, and can be accessed in a web browser via Cloud Shell. The primary difference is the syntax you use. If you're already proficient in PowerShell or Bash, you can use the tool you prefer.
Azure Logic Apps
a low-code/no-code development platform hosted as a cloud service.
Azure Security Center
a monitoring service that provides visibility of your security posture across all of your services, both on Azure and on-premises
Azure Artifacts
a repository for hosting artifacts, such as compiled source code, which can be fed into testing or deployment pipeline steps.
Azure Key Vault
a centralized cloud service for storing an application's secrets in a single, central location.
ou need to identify the content of product images to automatically create alt tags for images formatted properly. Which product option is the best candidate? Azure Machine Learning Azure Cognitive Services Azure Bot Service
Azure Cognitive Services Azure Cognitive Services includes Vision services that can identify the content of an image. Azure Cognitive Services is the best candidate.
Which of the following is a logical unit of Azure services that links to an Azure account? A. Azure subscription B. Management group C. Resource group
Azure subscription That's correct. An Azure subscription is a logical unit of Azure services that links to an Azure account.
Tailwind Traders uses the LAMP stack for several of its websites. Which option would be ideal for migration? A. Azure Cosmos DB B. Azure Database for MySQL C. Azure SQL Database D. Azure Database for PostgreSQL
B. Azure Database for MySQL Azure Database for MySQL is the logical choice for existing LAMP stack applications.
Tailwind Traders wants to create a secure communication tunnel between its branch offices. Which of the following technologies can't be used? A. Point-to-site virtual private network B. Implicit FTP over SSL C. Azure ExpressRoute D. Site-to-site virtual private network
B. Implicit FTP over SSL FTP over SSL can't be used to create a secure communication tunnel.
Azure Resource Manager Templates
By using Azure Resource Manager templates (ARM templates), you can describe the resources you want to use in a declarative JSON format. The benefit is that the entire ARM template is verified before any code is executed to ensure that the resources will be created and connected correctly. The template then orchestrates the creation of those resources in parallel. That is, if you need 50 instances of the same resource, all 50 instances are created at the same time.
Which is the best way for Tailwind Traders to ensure that the team deploys only cost-effective virtual machine SKU sizes? Create a policy in Azure Policy that specifies the allowed SKU sizes. Periodically inspect the deployment manually to see which SKU sizes are used. Create an Azure RBAC role that defines the allowed virtual machine SKU sizes.
Create a policy in Azure Policy that specifies the allowed SKU sizes. After you enable this policy, that policy is applied when you create new virtual machines or resize existing ones. Azure Policy also evaluates any current virtual machines in your environment.
What's the best way for Tailwind Traders to limit all outbound traffic from VMs to known hosts? Configure Azure DDoS Protection to limit network access to trusted ports and hosts. Create application rules in Azure Firewall. Ensure that all running applications communicate with only trusted ports and hosts.
Create application rules in Azure Firewall. Azure Firewall enables you to limit outbound HTTP/S traffic to a specified list of fully qualified domain names (FQDNs).
Which is the most efficient way for the testing team to save costs on virtual machines on weekends, when testers are not at work? Delete the virtual machines before the weekend and create a new set the following week. Deallocate virtual machines when they're not in use. Just let everything run. Azure bills you only for the CPU time that you use.
Deallocate virtual machines when they're not in use. When you deallocate virtual machines, the associated hard disks and data are still kept in Azure. But you don't pay for CPU or network consumption, which can help save costs.
Azure Kubernetes Service
a complete orchestration service for containers with distributed architectures and large volumes of containers. Orchestration is the task of automating and managing a large number of containers and how they interact.
AzureHDInsight
Open-source analytics service to analyze streaming or historical data
How can the IT department reduce the number of times users must authenticate to access multiple applications? SSO Conditional Access Multifactor authentication
SSO
Azure Dedicated Host
provides dedicated physical servers to host your Azure VMs for Windows and Linux
Azure SQL Managed Instance
-(PaaS) database engine -provides several options that might not be available to Azure SQL Database -for example, supports different languages/alphabets (i.e. cyrillic characters)
Trust Center
-In-depth information about security, privacy, compliance offerings, policies, features, and practices across Microsoft cloud products. -Additional resources for each topic. -Links to the security, privacy, and compliance blogs and upcoming events.
Azure HDInsight
-fully managed, open-source analytics service for enterprises. - can run popular open-source frameworks and create cluster types such as Apache Spark, Apache Hadoop, Apache Kafka, Apache HBase, Apache Storm, and Machine Learning Services.
Azure Cosmos DB
-globally distributed, multi-model database service -supports schema-less data, which lets you build highly responsive and "Always On" applications to support constantly changing data -stores data in atom-record-sequence (ARS) format -supports SQL, MongoDB, Cassandra, Tables, and Gremlin
Which Azure compute resource can be deployed to manage a set of identical virtual machines? A. Virtual machine availability sets B. Virtual machine availability zones C. Virtual machine scale sets
C. Virtual machine scale sets That's correct. Virtual machine scale sets let you deploy and manage a set of identical virtual machines.
Azure Pipelines
CI/CD pipeline automation tool.
Which of the following options isn't a type of cloud computing? A. Distributed cloud B. Hybrid cloud C. Private cloud D. Public cloud
A. Distributed cloud A distributed cloud isn't a valid type of cloud computing.
What is the best infrastructure-as-code option for quickly and reliably setting up your entire cloud infrastructure declaratively? ARM templates Azure PowerShell The Azure portal The Azure CLI
ARM templates ARM templates are the best infrastructure-as-code option for quickly and reliably setting up your entire cloud infrastructure declaratively.
Which service could help you manage the VMs that your developers and testers need to ensure that your new app works across various operating systems? Azure DevTest Labs Azure Test Labs Azure Repos
Azure DevTest Labs Azure DevTest Labs is used to manage VMs for testing, including configuration, provisioning, and automatic de-provisioning.
Your team has limited experience with writing custom code, but it sees tremendous value in automating several important business processes. Which of the following options is your team's best option? Azure Functions Azure Logic Apps
Azure Logic Apps Azure Logic Apps is best suited for users who are more comfortable in a visual environment that allows them to automate their business processes. Logic Apps is the best option in this scenario.
You want to orchestrate a workflow by using APIs from several well-known services. Which is the best option for this scenario? Azure Functions Azure Logic Apps
Azure Logic Apps Azure Logic Apps makes it easy to create a workflow across well-known services with less effort than writing code and manually orchestrating all the steps yourself.
Which service lacks features to assign individual developers tasks to work on? Azure Boards GitHub Azure Pipelines
Azure Pipelines Azure Pipelines is a CI/CD tool for building an automated toolchain. It lacks features to assign tasks for individual developers to work on. However, it can automate other tools to assign tasks to users.
Which service provides official outage root cause analyses (RCAs) for Azure incidents? Azure Advisor Azure Monitor Azure Service Health
Azure Service Health Azure Service Health provides incident history and RCAs to share with your stakeholders.
A company wants to build a new voting kiosk for sales to governments around the world. Which IoT technologies should the company choose to ensure the highest degree of security? IoT Hub IoT Central Azure Sphere
Azure Sphere Azure Sphere provides the highest degree of security to ensure the device has not been tampered with.
Where can the IT department find reference blueprints that it can apply directly to its Azure subscriptions? Online Services Terms Azure compliance documentation Microsoft Privacy Statement
Azure compliance documentation The compliance documentation provides reference blueprints, or policy definitions, for common standards that you can apply to your Azure subscription.
How can Tailwind Traders enforce having only certain applications run on its VMs? A. Connect your VMs to Azure Sentinel. B. Create an application control rule in Azure Security Center. C. Periodically run a script that lists the running processes on each VM. The IT manager can then shut down any applications that shouldn't be running.
B. Create an application control rule in Azure Security Center. With Azure Security Center, you can define a list of allowed applications to ensure that only applications you allow can run. Azure Security Center can also detect and block malware from being installed on your VMs.
Your company has a team of remote workers that need to use Windows-based software to develop your company's applications, but your team members are using various operating systems like MacOS, Linux, and Windows. Which Azure compute service would help resolve this scenario? A. Azure App Service B. Windows Virtual Desktop C. Azure Container Instances
B. Windows Virtual Desktop That's correct. Windows Virtual Desktop enables your team members to run Windows in the cloud, with access to the required applications for your company's needs.
Which of the following statements is true? A. With Operating Expenses (OpEx), you are responsible for purchasing and maintaining your computing resources. B. With Operating Expenses (OpEx), you are only responsible for the computing resources that you use. C. With Capital Expenses (CapEx), you are only responsible for the computing resources that you use.
B. With Operating Expenses (OpEx), you are only responsible for the computing resources that you use.
Which is the best way for Tailwind Traders to safely store its certificates so that they're accessible to cloud VMs? A. Place the certificates on a network share. B. Store them on a VM that's protected by a password. C. Store the certificates in Azure Key Vault.
C. Store the certificates in Azure Key Vault. Azure Key Vault enables you to store your secrets in a single, central location. Key Vault also makes it easier to enroll and renew certificates from public certificate authorities (CAs).
How can Tailwind Traders most easily implement a deny by default policy so that VMs can't connect to each other? Allocate each VM on its own virtual network. Create a network security group rule that prevents access from another VM on the same network. Configure Azure DDoS Protection to limit network access within the virtual network. Check your answers
Create a network security group rule that prevents access from another VM on the same network. A network security group rule enables you to filter traffic to and from resources by source and destination IP address, port, and protocol.
Which of the following options can you use to link virtual networks? A. Network address translation B. Multi-chassis link aggregation C. Dynamic Host Configuration Protocol D. Virtual network peering
D. Virtual network peering Virtual network peering can be used to link virtual networks.
You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages? IoT Hub IoT Central Azure Sphere
IoT Hub An IoT hub communicates to IoT devices by sending and receiving messages.
Which of the following can be used to manage governance across multiple Azure subscriptions? A. Azure initiatives B. Management groups C. Resource groups
Management groups That's correct. Management groups facilitate the hierarchical ordering of Azure resources into collections, at a level of scope above subscriptions. Distinct governance conditions can be applied to each management group, with Azure Policy and Azure role-based access controls, to manage Azure subscriptions effectively. The resources and subscriptions assigned to a management group automatically inherit the conditions applied to the management group.
Where can the team access details about the personal data Microsoft processes and how the company processes it, including for Cortana? Microsoft Privacy Statement The Azure compliance documentation Microsoft compliance offerings
Microsoft Privacy Statement The Microsoft Privacy Statement provides information that's relevant to specific services, including Cortana.
Azure Sentinel
Microsoft's cloud-based SIEM system which can: Collect cloud data at scale Detect previously undetected threats Investigate threats with artificial intelligence Respond to incidents rapidly
How can the IT department use biometric properties, such as facial recognition, to enable delivery drivers to prove their identities? SSO Conditional Access Multifactor authentication
Multifactor authentication
Which is the best first step the team should take to compare the cost of running these environments on Azure versus in their datacenter? They're just test environments. Spin them up and check the bill at the end of the month. Assume that running in the cloud costs about the same as running in the datacenter. Run the Total Cost of Ownership Calculator.
Run the Total Cost of Ownership Calculator. Running the Total Cost of Ownership Calculator is a great first step because it can provide an accurate comparison of running workloads in the datacenter versus on Azure, certified by an independent research company.
As an administrator, you need to retrieve the IP address from a particular VM by using Bash. Which of the following tools should you use? ARM templates Azure PowerShell The Azure portal The Azure CLI
The Azure CLI The Azure CLI enables you to use Bash to run one-off tasks on Azure.
Azure Mobile App
The Azure mobile app provides iOS and Android access to your Azure resources when you're away from your computer. With it, you can: Monitor the health and status of your Azure resources. Check for alerts, quickly diagnose and fix issues, and restart a web app or virtual machine (VM). Run the Azure CLI or Azure PowerShell commands to manage your Azure resources.
You're a developer who needs to set up your first VM to host a process that runs nightly. Which of the following tools is your best choice? ARM templates Azure PowerShell The Azure portal The Azure CLI
The Azure portal The Azure portal is a great place for newcomers to learn about Azure and set up their first resources.
Azure Application Gateway
Web application firewall (WAF) is a feature of Azure Application Gateway that provides your web applications with centralized, inbound protection against common exploits and vulnerabilities.
What is the difference between Azure Functions and Azure Logic Apps?
You can call Azure Functions from Azure Logic Apps, and vice versa. The primary difference between the two services is their intent. Azure Functions is a serverless compute service, and Azure Logic Apps is intended to be a serverless orchestration service. Additionally, the two services are priced differently. Azure Functions pricing is based on the number of executions and the running time of each execution. Logic Apps pricing is based on the number of executions and the type of connectors that it utilizes.
Azure Repos
a centralized source-code repository where software development, DevOps engineering, and documentation professionals can publish their code for review and collaboration.
Azure Advisor
analyzes the configuration and usage of your resources and provides suggestions on how to optimize for reliability, security, performance, costs, and operations based on experts' best practices.