AZ-900 Exam Prep

Ace your homework & exams now with Quizwiz!

You need to be notified when there are new recommendations for reducing Azure costs. Which tool should you use?

Azure Advisor

What provides recommendations to reduce the cost of Azure resources?

Azure Advisor

Azure Service Health

After an outage, Service Health provides official incident reports called root cause analysis (RCA), which you can share with stakeholders. You can drill down to the affected services, regions, and details to show how an event will affect you and what you must do. Most of these events occur without any impact to you and will not be shown. In a rare case that a reboot is required, Service Health allows you to choose when to perform the maintenance to minimize the downtime

What can you use to sync identities from an on-premises Active Directory Domain Services (AD DS) domain to Azure AD?

Azure AD Connect syncs user identities from an on-premises Active Directory Domain Services (AD DS) domain to Azure AD. Azure AD Connect allows you to use features such as single sign-on (SSO), MFA, and self-service password reset (SSPR) in both systems. SSPR prevents users from using known compromised passwords.

Which two services are provided by Azure AD? Each correct answer presents a complete solution.

Azure AD provides services for verifying identity and access to applications and resources. SSO enables you to remember a single username and password to access multiple applications and is available in Azure AD.

Select the answer that correctly completes the sentence. [Answer choice] are physically separate datacenters within an Azure region.

Availability zones Availability zones are physically separate datacenters within an Azure region. Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking. Availability zones are primarily for virtual machines, managed disks, load balancers, and SQL databases.

A company wants to set up resources in Azure. They want a way to manage identities in Azure. Which of the following is used as an Identity Management solution in Azure?

Azure AD

Which Azure Storage service should you use to store unstructured files, such as images, that will be served on webpages?

Azure Blob storage Azure Blob storage is an object storage solution that you can use to store massive amounts of unstructured data, such as text or binary data.

What allows you to orchestrate the deployment of resource templates, Azure Policy assignments, and resource groups?

Azure Blueprints

You have a team of Linux administrators that need to manage the resources in Azure. The team wants to use the Bash shell to perform the administration. What should you recommend?

Azure CLI

Azure CLI

Azure CLI allows you to use the Bash shell to perform administrative tasks. Bash is used in Linux environments, so a Linux administrator will probably be more comfortable performing command-line administration from Azure CLI.

What are two services that allow you to run applications in containers? Each correct answer presents a complete solution.

Azure Container Instances & Azure Kubernetes Service (AKS) Containers are a virtualization environment. Much like running multiple virtual machines on a single physical host, you can run multiple containers on a single physical or virtual host. Unlike virtual machines, you do not manage the operating system for a container.

A company needs to implement a solution in Azure. Below are the key requirements for this solution. No need for schema or Index management Ensure low latency access to data from around the world. Which of the following data solution would you consider for this requirement?

Azure CosmosDB

Which storage service offers fully managed file shares in the cloud that are accessible by using Server Message Block (SMB) protocol?

Azure Files Azure Files offers fully managed file shares in the cloud with shares that are accessible by using Server Message Block (SMB) protocol. Mounting Azure file shares is just like connecting to shares on a local network.

What can you use to ensure that a development team can only create virtual machines of a certain size?

Azure Policy

What can you use to ensure that new and existing Azure resources stay in compliance with corporate standards?

Azure Policy

You need to recommend a solution for Azure virtual machine deployments. The solution must enforce company standards on the virtual machines. What should you include in the recommendation?

Azure Policy

Which two tools are accessible via Azure Cloud Shell and allows you to write Bash scripts to manage an Azure environment?

Azure PowerShell & Azure CLI

What can you use to define the resources you want to provision in a declarative JSON format?

Azure Resource Manager (ARM) templates

Which two Azure resources can make use of availability zones? Each correct answer presents a complete solution.

Azure SQL databases & virtual machines Availability zones are primarily for virtual machines, managed disks, load balancers, and SQL databases.

What can you use to find information about planned maintenance for Azure services that are critical to your organization?

Azure Service Health

You need to review the root cause analysis (RCA) report for a service outage that occurred last week. Where should you look for the report?

Azure Service Health

Which Azure compute service can you use to deploy and manage a set of identical virtual machines?

Azure Virtual Machine Scale Sets Virtual Machine Scale Sets are an Azure compute resource that you can use to deploy and manage and scale a set of identical virtual machines.

Data Transfer between Azure Availability Zones

Azure data transfer within the same availability zone is free of charge, while data transfer between two different availability zones now incurs a cost of $0.01 per GB. The data transported across different availability zones incurs charges, even if you deploy them inside the same VNET. Besides, you will be charged for both ingress and egress data traffic in this scenario.

Azure Data Transfer

Azure does not charge for the inbound flow of data, i.e., incoming traffic from the internet. However, anything and everything that leaves your Azure's network incurs a data egress cost, charged on a per GB basis.

What Azure AD feature can you use to ensure that users can only access Microsoft Office 365 applications from approved client applications?

Conditional Access allows administrators to control, allow, or deny access to resources based on certain signals. You can require that access to certain applications only be allowed if the users are using an approved client application. MFA is a process whereby a user is prompted during the sign-in process for an additional form of identification. Examples include a code on their mobile phone or a fingerprint scan.

What can you use to ensure that a user can only access applications from compliant devices?

Conditional Access is a tool that Azure AD uses to allow or deny access to resources based on identity signals. Azure AD supports the registration of devices. Conditional Access allows administrators to control, allow, or deny access to resources based on certain signals. You can require that access to certain applications only be allowed if the users are using an approved client application. MFA is a process whereby a user is prompted during the sign-in process for an additional form of identification. Examples include a code on their mobile phone or a fingerprint scan.

Which two features are available by using Azure Cost Management + Billing? Each correct answer presents a complete solution.

Create and manage budgets & Generate historical reports and forecast future usage.

Which two actions can be performed by using the graphical user interface (GUI) in the Azure portal? Each correct answer presents a complete solution.

Create new resources. & Review a graphical view of all the services you are using.

You have an Azure virtual machine that is accessed only between 9:00 and 17:00 each day. What should you do to minimize costs but preserve the associated hard disks and data?

Deallocate the virtual machine.

Azure Disk Storage

Disk storage provides disks for virtual machines, applications, and other services to access and use as they need, similar to how they would in on-premises scenarios

A company is planning to deploy Azure resources to a resource group. The company is planning to assign tags to the resource groups. Would the resources in the resource group also inherit the same tags?

False

Archive Access tier is set at the storage account level (True or false)

False

public cloud deployment model

In a public cloud, services are offered over the internet and are available to anyone who wants to purchase them. A private cloud is limited to a single organization. Cloud resources, such as servers and storage, are owned and operated by a third-party cloud service provider and delivered over the internet. A private cloud consists of computing resources used exclusively by users from one business or organization. You do not get physical access to servers, as they are managed by the cloud provider.

In which cloud service model is the customer responsible for managing the operating system?

Infrastructure as a service (IaaS) IaaS consists of virtual machines and networking provided by the cloud provider. The customer is responsible for the OS and applications. The cloud provider is responsible for the OS in PaaS and SaaS.

Which resource can you use to manage access, policies, and compliance across multiple subscriptions?

Management groups are used to efficiently manage access, policies, and compliance for subscriptions Management groups can be used in environments that have multiple subscriptions to streamline the application of governance conditions

network security groups (NSGs)

NSGs allow you to configure inbound and outbound rules for virtual networks and virtual machines

Which two protocols are used to access Azure file shares? Each correct answer presents a complete solution.

Network File System (NFS) & Server Message Block (SMB)

A company is planning to deploy a web server and database server, as shown in the architecture diagram below. You have to ensure that traffic restrictions are in place so that the database server can only communicate with the web server.

Network Security Groups (NSGs)

Your company has datacenters in Los Angeles and New York. The company has a Microsoft Azure subscription. You are configuring the two datacenters as geo-clustered sites for site resiliency . You need to recommend an Azure storage redundancy option. You have the following data storage requirements:✑ Data must be stored on multiple nodes.✑ Data must be stored on nodes in separate geographic locations.✑ Data can be read from the secondary location as well as from the primary location Which of the following Azure stored redundancy options should you recommend?

Read-only geo-redundant storage

What are two characteristics of the public cloud deployment model? Each correct answer presents a complete solution.

Services are offered over the internet and are available to anyone who wants to purchase them. & Servers and storage are owned and operated by a third-party cloud service provider.

You need to compare the costs of running an application in an on-premises datacenter with the costs of running the application in Azure.

Total Cost of Ownership (TCO) Calculator

A company is planning to deploy Azure resources to a resource group. The company is planning to assign permissions to the resource groups. Would the resources in the resource group also inherit the same permissions?

True

Hot access tier is recommended for data that is accessed and modified frequently (True or False)

True

VNET Peering

Virtual Network Peering or VNET Peering establishes a connection between virtual networks that enables you to route traffic across these VNETs through private IPv4 addresses. Data ingress and egress are chargeable at both ends of VNETs peered together.

Data Transfer within Virtual Network (VNET)

When you move data or deploy resources within the same VNET, Azure doesn't charge you anything for data transfer. But, your data transfers are free only if the services (where data transmission occurs) are located in the same subnet, or the transfer happens from one subnet to another inside the same VNET.

You are tasked with deploying Azure virtual machines for your company. You need to make use of the appropriate cloud deployment solution. Solution: You should make use of Infrastructure as a Service (IaaS).Does the solution meet the goal?

Yes

What is an advantage of cloud computing compared to on-premises deployments?

You can scale more quickly. Cloud computing allows you to scale more quickly. Owning your own CPUs and having full access in the event of an internet outage are not features of cloud computing. Working from multiple workstations is not specific to cloud computing compared to an on-premises deployment.

Select the answer that correctly completes the sentence. Deploying and configuring cloud-based resources quickly as business requirements change is called [answer choice].

agility Agility means that you can deploy and configure cloud-based resources quickly as app requirements change.

Disaster recovery

keeps data and other assets safe in the event of a disaster

Peering

allows you to connect virtual networks together

Azure Advisor

analyzes the account usage and makes recommendations based on its set and configured rules Azure Advisor evaluates Azure resources and makes recommendations to help improve reliability, security, and performance, achieve operational excellence, and reduce costs.

Administrative units

are used to delegate the administration of Azure AD resources, such as users and groups

Accounts

are used to provide access to resources

Resource groups

can be used to group costs, but you will not receive a separate invoice for each resource group can be used to organize Azure resources

Which scenario is a use case for a VPN gateway?

connecting an on-premises datacenter to an Azure virtual network A VPN gateway is a type of virtual network gateway. Azure VPN Gateway instances are deployed to a dedicated subnet of a virtual network. You can use them to connect on-premises datacenters to virtual networks through a Site-to-Site (S2S) VPN connection.

What is the customer responsible for in a software as a service (SaaS) model?

data and access SaaS allows you to pay to use an existing application on hardware managed by a third party. You supply data and configure access. Customers are only responsible for storage in a private cloud. Customers are responsible for virtual machines and runtime in IaaS and the private cloud.

The cool access tier is recommended for long term backups (true or false)

false

Archive storage tier

for data that are rarely accessed and stored for at least 180 days with flexible latency requirements.

Select the answer that correctly completes the sentence. In cloud computing, [answer choice] allows you to deploy applications to regional datacenters around the world.

geo-location You can deploy apps and data to regional datacenters around the globe, thereby ensuring that your customers always have the best performance in their region. This is referred to as geo-distribution.

Select the answer that correctly completes the sentence. In a region pair, a region is paired with another region in the same [answer choice].

geography Each Azure region is always paired with another region within the same geography, such as US, Europe, or Asia, at least 300 miles away.

Which two characteristics are common advantages of cloud computing? Each correct answer presents a complete solution.

high availability & geo-distribution

Which cloud deployment model are you using if you have servers physically located at your organization's on-site datacenter, and you migrate a few of the servers to the cloud?

hybrid cloud A hybrid cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.

Scaling horizontally

increases compute capacity by adding instances of resources, such as adding virtual machines to the configuration

Which cloud service model provides you with the most control over the hardware that runs applications?

infrastructure as a service (IaaS) Customers are responsible for virtual machines and runtime in IaaS and the private cloud. IaaS is the most flexible category of cloud services. It aims to give you complete control over the hardware that runs applications. Users do not control the operating system and do not configure the underlying servers in PaaS. With SaaS, you are using as-is software hosted in the cloud, instead of creating a platform to host a software yourself.

ExpressRoute

is used to connect an on-premises network to Azure

Scalability

means that you can add RAM, CPU, or entire virtual machines to a configuration.

Elasticity

means that you can configure cloud-based apps to take advantage of autoscaling, so apps always have the resources they need

High availability

minimizes downtime when things go wrong. means that cloud-based apps can provide a continuous user experience with no apparent downtime, even when things go wrong.

In a platform as a service (PaaS) model, which two components are the responsibility of the cloud service provider? Each correct answer presents a complete solution.

operating system & physical network In PaaS, the cloud provider is responsible for the operating system, physical datacenter, physical hosts, and physical network. In PaaS, the customer is responsible for accounts and identities. Users do not control the operating system and do not configure the underlying servers in PaaS The customer is responsible for the OS and applications. The cloud provider is responsible for the OS in PaaS and SaaS.

Cold storage tier

optimized for data that are infrequently accessed and stored for at least 30 days

Hot storage tier

optimized for storing data that is accessed frequently.

Your organization is building a custom application. You need to focus on application development rather than configuration and management of servers. Which cloud service model should you use?

platform as a service (PaaS) With PaaS, users can focus on application development because the cloud provider handles all the platform management. In SaaS, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications. IaaS is the closest service model to managing physical servers.

Which two factors affect Azure costs? Each correct answer presents a complete solution.

resource usage & resource location

What can you use to connect Azure resources, such as Azure SQL databases, to an Azure virtual network?

service endpoints Service endpoints are used to expose Azure services to a virtual network, providing communication between the two

Which type of cloud service model is typically licensed through a monthly or annual subscription?

software as a service (SaaS) SaaS is software that is centrally hosted and managed for you and your users or customers. Usually, one version of the application is used for all customers, and it is licensed through a monthly or annual subscription. PaaS and IaaS use a consumption-based model, so you only pay for what you use.

For which resource does Azure generate separate billing reports and invoices by default?

subscriptions Azure generates separate billing reports and invoices for each subscription so that you can organize and manage costs

Which two tools can you use to create a new Azure virtual machine from a mobile device that runs Android? Each correct answer presents complete solution.

the Azure portal & PowerShell in Azure Cloud Shell

What is high availability in a public cloud environment dependent on?

the service-level agreement (SLA) that you choose Different services have different SLAs. Sometimes different tiers of the same service will offer different SLAs, which can increase or decrease the promised availability.

Select the answer that correctly completes the sentence. Increasing compute capacity for an app by adding RAM or CPUs to a virtual machine is called [answer choice].

vertical scaling


Related study sets

PSYCHOLOGY MIDTERM (6, 7, 10, 14, 12)

View Set

Health Methods Diverse Populations Test 1

View Set

Chapter 6: Texas Statues and Rules Pertinent to Life Insurance Only

View Set

Advanced Admin - Cloud Applications

View Set

Chapter. 4: Business Ethics and Social Responsibility

View Set

Funds week 4,5 &6 practice problems

View Set