Exam AZ-900: Microsoft Azure Fundamentals

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

If you need any of the following types of connectivity: Connections between virtual networks Point-to-site connections Multisite connections Coexistence with an Azure ExpressRoute gateway You should use ___.

a route-based VPN gateway

Resources can only be associated with ___.

a single subscription

Which Azure resource is a software emulation of a physical computer that includes a virtual processor, memory, storage, and networking resources?

a virtual machine

Usage meters, such as CPU time, disk size, and write operations, are used to calculate your bill for ___. Deleting or deallocating a resource means that you will no longer be billed for it. Different regions can have different associated prices. Resources cost the same no matter the time of day or the day of the week.

an Azure resource

Low storage costs and unlimited file formats make ___ a good location to store backups and archives. ___ can be reached from anywhere by using an internet connection.

blob storage

In Azure, ___ use a pre-shared key as the only method of authentication.

both types of VPN gateways

All cloud providers provide

compute and storage services

Which scenario is a use case for a VPN gateway?

connecting an on-premises datacenter to an Azure virtual network.

Subscriptions may be grouped into ___.

management groups

Which resource can you use to manage access, policies, and compliance across multiple subscriptions?

management groups

Point-to-site virtual private network connections, Site-to-site virtual private networks, and Azure ExpressRoute are ___.

mechanisms to link resources together in your on-premises environment and within your Azure subscription

An account may be associated with ___.

multiple subscriptions.

Resizing underutilized virtual machines is a good cost saving measure and provisioning resources in lower cost regions is a good practice, but ___ do not help with this.

resource tags

What can you use to connect Azure resources, such as Azure SQL databases, to an Azure virtual network?

service endpoints

___ are used to expose Azure services to a virtual network, providing communication between the two.

service endpoints

For which resource does Azure generate separate billing reports and invoices by default so that you can organize and manage costs?

subscriptions

What is high availability in a public cloud environment dependent on?

the service-level agreement (SLA) that you choose

Policy-based and In Route-based are ___.

types of VPN gateways

A VPN gateway is a type of ___.

virtual network gateway

What are two services that allow you to run applications in containers?

- Azure Container Instances - Azure Kubernetes Service (AKS)

Which two services can you use to establish network connectivity between an on-premises network and Azure resources?

- ExpressRoute - Azure VPN Gateway

With shared responsibility model, you'll always be responsible for:

- The information and data stored in the cloud - Devices that are allowed to connect to your cloud (cell phones, computers, and so on) - The accounts and identities of the people, services, and devices within your organization

The cloud provider is always responsible for:

- The physical datacenter - The physical network - The physical hosts

Which two scenarios are common billing use cases for resource tags?

- categorizing costs by department, such as human resources, marketing, or finance - associating costs with different environments, such as test or production

What are two characteristics of a consumption-based model?

- no upfront costs - the ability to stop paying for resources that are no longer needed

Which two factors affect Azure costs?

- resource usage - resource location

Which two components are created in an Azure subscription?

- resources - resources groups

Which two scenarios are common use cases for Azure Blob storage?

- storing data for backup and restore - serving images or documents directly to a browser

___ are used to provide access to resources.

Accounts

___ are used to delegate the administration of Azure AD resources, such as users and groups.

Administrative units

Refers to the ability to deploy new applications and services quickly. It means that you can deploy and configure cloud-based resources quickly as app/business requirements change.

Agility

___ is a feature of Azure Monitor that allows you to monitor running applications, automatically detect performance anomalies, and use built-in analytics tools to see what users do on an app.

Application Insights

___ is the responsibility of the customer and is typically done either in-house or through a third party.

Application development

What provides recommendations to reduce the cost of Azure resources?

Azure Advisor

Which Azure service evaluates Azure resources and makes recommendations to help improve reliability, security, performance, achieve operational excellence, and cost reduction?

Azure Advisor

___ analyzes the account usage and makes recommendations based on its set and configured rules.

Azure Advisor

What can you use to automatically detect performance anomalies for web apps?

Azure Application Insights

What can you use to manage servers across cloud platforms and on-premises environments?

Azure Arc

___ simplifies governance and management by delivering a consistent multi-cloud and on-premises management platform.

Azure Arc

___ provides a web interface to remotely administer Azure virtual machines by using SSH/RDP.

Azure Bastion

___ provides disks for Azure virtual machines.

Azure Disk Storage

___ provides a dedicated private connectivity to Azure that doesn't travel over the internet. ExpressRoute is useful for environments where you need greater bandwidth and even higher levels of security.

Azure ExpressRoute

___ supports mounting files storage shares.

Azure Files

___ is a stateful firewall service used to protect virtual networks.

Azure Firewall

You need to create a custom solution that uses thresholds to trigger autoscaling functionality to scale an app up or down to meet user demand. What should you include in the solution?

Azure Monitor

___ is a platform that collects metric and logging data, such as CPU percentages. The data can be used to trigger autoscaling.

Azure Monitor

What can you use to ensure the new and existing Azure resources stay in compliance with corporate standards?

Azure Policy

___ is a service in Azure that enables you to create, assign, and manage policies that control or audit resources. These policies enforce different rules across all resource configurations so that the configurations stay compliant with corporate standards.

Azure Policy

By using ___, enterprises can enforce standards on Azure resources. But on virtual machines, these mechanisms only affect the control plane or the route to the virtual machine.

Azure Policy and role-based access control (RBAC) assignments

You plan to build a new solution in Azure that will use PaaS products. What should you use to estimate the monthly costs?

Azure Pricing calculator (It allows you to estimate and configure according to your specific requirements. You'll then receive a consolidated estimated price and a detailed breakdown of the costs associated with each resource you added to your solution.)

Your organization plans to deploy several production virtual machines that will have consistent resource usage throughout the year. What can you use to minimize the costs of the virtual machines without reducing the functionality of the virtual machines?

Azure Reservations

___ offers discounted prices on certain Azure services. It can save you up to 72 percent compared to pay-as-you-go prices. To receive a discount, you can reserve services and resources by paying in advance. Spending limits can suspend a subscription when the spend limit is reached.

Azure Reservations

___ is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in an Azure subscription. You use management features, such as access control, resource locks, and resource tags, to secure and organize resources after deployment.

Azure Resource Manager (ARM)

What can you use to find information about planned maintenance for Azure services that are critical to your organization?

Azure Service Health

You can drill down to the affected services, regions, and details to show how an event will affect you and what you must do. Most of these events occur without any impact to you and will not be shown. In a rare case that a reboot is required, ___ allows you to choose when to perform the maintenance to minimize the downtime.

Azure Service Health

___ instances are deployed to a dedicated subnet of a virtual network. You can use them to connect on-premises datacenters to virtual networks through a Site-to-Site (S2S) VPM connection.

Azure VPN Gateway

What can you use to provide Mac and Android users with access to a Windows environment that will run Windows-based applications?

Azure Virtual Desktop

___ is a desktop and application virtualization service that runs in the cloud. It enables your users to use a cloud-hosted version of Windows from any location.

Azure Virtual Desktop

___ works across devices such as Windows, Mac, iOS, Android, and Linux. It works with apps that you can use to access Remote Desktops and apps. You can also use most modern browsers to access ___-hosted experiences.

Azure Virtual Desktop

___ will allow you to enforce company standards on new virtual machines when combined with Azure VM Image Builder and Azure Compute Gallery.

Azure policies

What uses the infrastructure as a service (IaaS) cloud service model?

Azure virtual machines

___ enable you to link resources together in your on-premises environment and within your Azure subscription. In effect, you can create a network that spans both your local and cloud environments.

Azure virtual networks

___ is when a business rents space in a shared physical datacenter.

Colocation

___ are a virtualization environment. Much like running multiple virtual machines on a single physical host, you can run multiple ___ on a single physical or virtual host. Unlike virtual machines, you do not manage the operating system for a ___.

Containers

___ can be used in environments that have multiple subscriptions to streamline the application of governance conditions.

Management groups

___ allow you to configure inbound and outbound rules for virtual networks and virtual machines.

NSGs

___ is focused on increasing or decreasing the capabilities of resources like adding RAM or CPUs to a virtual machine.

Vertical scaling

___ host an operating system, and you can install and run software just like on a physical computer.

Virtual machines

Azure App Services and Azure Cosmos DB are ___ offerings.

PaaS

Users do not control the operating system and do not configure the underlying servers in ___.

PaaS

With ____, users can focus on application development because the cloud provider handles all the platform management.

PaaS

The operating systems are not accessible in ____ and ____ deployments.

PaaS and SaaS

___ allows you to connect virtual networks together.

Peering

Your organization is building a custom application. You need to focus on application development rather than configuration and management of servers. Which cloud service model should you use?

Platform as a Service (PaaS)

___ are from a computer outside your organization back into your corporate network. In this case, the client computer initiates an encrypted VPN connection to connect to the Azure virtual network.

Point-to-site virtual private network connections

___ specify statically the IP address of packets that should be encrypted through each tunnel. This type of device evaluates every data packet against those sets of IP addresses to choose the tunnel where that packet is going to be sent through.

Policy-based VPN gateways

- Organizations have complete control over resources and security - Data is not collected with other organizations' data - Hardware must be purchased for startup and maintenance - Organizations are responsible for hardware maintenance and updates

Private cloud

- No capital expenditures to scale up - Applications can be quickly provisioned and deprovisioned - Organizations pay only for what they use - Organizations don't have complete control over resources and security

Public cloud

___ can be used to organize Azure resources.

Resource groups

___ can be used to group billing data and categorize costs by runtime environment, such as billing usage for virtual machines running in a production environment.

Resource tags

Azure billing

Resources groups can be used to group costs, but you will not receive a separate invoice for each resource group. Management groups are used to efficiently manage access, policies, and compliance for subscriptions. You can set up billing profiles to roll up subscriptions into invoice sections, but this requires customization.

___ are the preferred connection method for on-premises devices. They're more resilient to topology changes such as the creation of new subnets.

Route-based VPNs

In ____, the cloud provider manager all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications.

SaaS

Microsoft Office is a ____ offering.

SaaS

Shared Responsibility Model

SaaS - Responsibilities always retained by the customer: Information and data, Devices (Mobile and PCs), Accounts and identities, and 1/2 Identity and directory infrastructure. PaaS - Responsibilities always retained by the customer: Information and data, Devices (Mobile and PCs), Accounts and identities, 1/2 Identity and directory infrastructure, 1/2 Applications, and 1/2 Network controls. IaaS - Responsibilities always retained by the customer: Information and data, Devices (Mobile and PCs), Accounts and identities, Identity and directory infrastructure, Applications, Network controls, Operating system. On-premises - Responsibilities always retained by the customer: Information and data, Devices (Mobile and PCs), Accounts and identities, Identity and directory infrastructure, Applications, Network controls, Operating system, Physical hosts, Physical network, and Physical datacenter.

___ link your on-premises VPN device or gateway to the Azure VPN gateway in a virtual network. In effect, the devices in Azure can appear as being on the local network. The connection is encrypted and works over the internet.

Site-to-site virtual private networks

Different services have different SLAs

Sometimes different tiers of the same service will offer different SLAs, which can increase or decrease the promised availability.

Keeps data and other assets safe in the event of a disaster. It uses services, such as cloud-based backup, data replication, and geo-distribution, to keep data and code safe in the event of a disaster.

Disaster recovery

___ is used to connect an on-premises network to Azure.

ExpressRoute

Minimizes downtime when things go wrong. It means cloud-based apps can provide a continuous user experience with no apparent downtime.

High availability

___ is adding or subtracting the number of resources such as adding additional virtual machines to the configuration.

Horizontal scaling

Which Azure Blob storage service tier has the highest storage costs and the fastest access times for reading and writing data?

Hot

- Provides the most flexibility - Organizations determine where to run their applications - Organizations control security, compliance, or legal requirements

Hybrid cloud

Azure virtual machines is an ____ offering. The customer is responsible for the configuration of the virtual machine and all operating system configurations.

IaaS

Which cloud service model provides you with the most control over the hardware that runs applications?

IaaS

With ___, you are using as-is software hosted in the cloud, instead of creating a platform to host a software yourself.

IaaS

___ is the closest service model to managing physical servers.

IaaS

___ is the most flexible category of cloud services. It aims to give complete control over the hardware that runs applications.

IaaS

In which two deployment models are customers responsible for managing operating systems that host applications?

IaaS and on-premises

___, IPSec tunnels are modeled as a network interface or virtual tunnel interface. IP routing (either static routes or dynamic routing protocols) decides which one of these tunnel interfaces to use when sending each packet.

In Route-based gateways


Set pelajaran terkait

Unit 8- QBank Questions for Review

View Set

Physical Fitness - Unit 1: Lesson 7. Weight Control

View Set

Business 100: Chapter 11 Human Resource Management: Finding and Keeping The best Employees

View Set

TestOut Ethical Hacker Pro Final Review (Practice Questions)

View Set

Common Ions in the Human Body and Their Physiologic Significance (Chapter 2)

View Set