AZ-900 Practice Exam Revamped Lets see if this works

Ace your homework & exams now with Quizwiz!

Which management layer accepts requests from any Azure tool or API and enables you to create, update, and delete resources in an Azure account?Only select one answer. 1) Azure Resource Manager (ARM) 2) Azure management groups 3) Azure CLI 4) Azure Sphere

1) Azure Resource Manager (ARM) (ARM is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in an Azure account.)

What is the customer responsible for in a software as a service (SaaS) model? Only select one answer. 1) storage 2) data and access 3) virtual machines 4) runtime

2) data and access

In which cloud service model is the customer responsible for managing the operating system? A. IaaS B. PaaS C. SaaS D. QaaS

A. (IaaS consists of virtual machines and networking provided by the cloud provider. The customer is responsible for the OS and applications. The cloud provider is responsible for the OS in PaaS and SaaS.)

What can you use to automatically detect performance anomalies for web apps? a. Azure DevOps b. Azure application insights

Azure Application Insights (Application Insights is a feature of Azure Monitor that allows you to monitor running applications, automatically detect performance anomalies, and use built-in analytics tools to see what users do on an app.)

Which storage service offers fully managed file shares in the cloud that are accessible by using Server Message Block (SMB) protocol? a. Azure Disk Storage b. Azure Table storage c. Azure Queue Storage d. Azure Files

Azure Files (AF offers fully managed file shares in the cloud with shares that are accessible by using Server Message Block (SMB) protocol. Mounting Azure files shares is just like connecting to shares on a local network.)

What can you use to get notification about an outage in a specific Azure region? a. Azure Monitor b. Azure Service Health

Azure Service Health (Service Health notifies you of Azure-related service issues, such as region-wide downtime.)

Select the answer that correctly completes the sentence. In a region pair, a region is paired with another region in the same [answer choice]. A. Datacenter B. Geography

B. (Geography Each Azure region is always paired with another region within the same geography, such as US, Europe, or Asia, at least 300 miles away.)

What can you use to restrict the deployment of a virtual machine to specific location? a. Azure AD b. resource locks c. Azure Policy d. resource groups

C (Azure Policy can help to create a policy for allowed regions, which enables you to restrict the deployment of virtual machinesa to a specific location.)

Your company plans to deploy several custom applications to Azure. The applications will provide invoicing services to the customers of the company. Each application will have several prerequisite applications and services installed. You need to recommend a cloud deployment solution for all the applications. What should you recommend? a. Software as a Service (SaaS) b. Platform as a Service (PaaS) c. Infrastructure as a Service (IaaS)

C (Infrastructure as a Service is an instant computing infrastructure, provisioned and managed over the internet. The IaaS service provider manages the infrastructure, while you purchase, install, configure and manage your own software.)

Which two Azure resources can make use of availability zones? Each correct answer presents a complete solution. A. Azure subscriptions. B. resource groups C. Azure SQL databases D. virtual machines

C, D; Azure SQL databases and virtual machines (Availability zones are primarily for virtual machines, managed disks, load balancers, and SQL databases.)

Which cloud service model is used by Microsoft Office 365? A. IaaS B. PaaS C. SaaS D. QaaS

C. (SaaS allows users to connect to and use cloud-based apps over the internet. Common examples are email, calendaring, and Office tools, such as Office 365.)

True or False: A platform as a service (PaaS) solution that hosts web apps in Azure provides full control of the operating systems that host applications.

False (The Azure Web Apps service provides an environment for you to host your web applications. Behind the scenes, the web apps are hosted on virtual machines running Internet Information Service. However, you have no direct access to the virtual machine, the OS or IIS.)

Your company plans to migrate all its data and resources to Azure. The company's migration plan statues that only Platform as a Service (PaaS) solutions must be used in Azure. You need to deploy an Azure environment that meets the company migration plan. You create Azure virtual machines, Azure SQL databases, and Azure Storage accounts. Does this meet the goal?

No, virtual machines are examples of Infrastructure as a Service (IaaS).

Platform as a Service (PaaS) solution that hosts web apps in Azure can be configured to automatically scale the number of instances based on demand.

True (PaaS provides the ability to scale automatically - known as autoscaling.)

True of False Leasing software is an example of an operational expenditure.

True OpEx is ongoing costs such as leasing software. A one-time purchase of software, for example, would be capital expenditure (CapEx).

Which scenario is a use case for a VPN gateway? a. connecting an on-premises datacenter to an Azure virtual network b. partitioning a virtual network's address space c. communicating between Azure resources d. filtering outbound network traffic

a (A VPN gateway is a type of virtual network gateway. Azure VPN Gateway instances are deployed to a dedicated subnet of virtual network. You can use them to connect on-premises datacenters to virtual networks through a Site-to-Site (S2S) VPN connection.)

Which type of strategy uses a series of mechanisms to slow the advancement of an attack that aims to gain unauthorized access to data. a. defense in depth b. least privileged access c. distributed denial-of-service (DDos) d. perimeter

a (A defense in depth strategy uses a series of mechanisms to slow the advancement of an attack that aims to gain unauthorized access to data.)

What can you use to create resources in Azure and includes a validation step to ensure all resources are created in a specific order based on dependencies, in parallel and idempotent? a. Azure Resource Manager b. Azure CLI c. Azure PowerShell d. Azure REST API

a (ARM templates define an application's infrastructure requirements for a repeatable deployment that is done in a consistent manner. A validation step ensures that all resources can be created in the proper order based on dependencies, in parallel and idempotent.)

You need to review the root cause analysis (RCA) report for a service outage that occurred last week. Where should you look for the report? a. Azure Service Health b. Azure Advisor c. Azure Monitor d. Log Analytics

a (After an outage, Service Health provides official incident reports called root cause analysis (RCA), which you can share with stake)

Deploying and configuring cloud-based resources quickly as business requirements change is called...? a. agility b. scalability c. elasticity d. high availability

a (Agility - deploy/configure cloud-based resources quickly. Scalability - add CPU or RAM to a configuration Elasticity - autoscale to handle high/low volume of traffic High Availability - continuous user experience with no downtime.)

What provides recommendations to reduce the cost of Azure resouces? a. Azure Advisor b. Microsoft Defender for Cloud c. Azure Dashboard d. Azure Service Health

a (Azure Advisor analyzes the account usage and makes recommendations based on its set and configured rules.)

Which Azure Storage service should you use to store unstructured files, such as images, that will be served on webpages? a. Azure Blob storage b. Azure Queue storage c. Azure Disk storage d. Azure Table storage

a (Azure Blob storage is an object storage solution that you can use to store massive amounts of unstructured data, such as text or binary data.)

Which storage service should you use to store thousands of files containing text and images? a. Azure Blob Storage b. Azure Queue Storage c. Azure Disk Storage d. Azure Table Storage

a (Azure Blob storage is an object storage solution that you can use to store massive amounts of unstructured data, such as text or binary data.)

What allows you to orchestrate the deployment of resource templates, Azure Policy assignments and resource groups? a. Azure Blueprints b. Azure Functions c. Azure App Services d. Azure Cognitive Services

a (Azure Blueprints simplifies large scale Azure deployments by packaging key environment artifacts, such as Azure Resource Manager (ARM) templates, role-based access controls (RBAC), and policies, into a single blueprint definition. You can easily apply the blueprint to new subscriptions and environments.)

What can you use to ensure that new and existing Azure resources stay in compliance with corporate standards? a. Azure Policy b. resource locks c. resource tags d. Azure Advisor

a (Azure Policy is a service in Azure that enables you to create, assign and manage policies that control or audit resources. These policies enforce different rules across all resource configurations so that the configurations stay compliant with corporate standards.)

What can you use to allow a user to manage all the resources in a resource group? a. Azure role-based control (RBAC) b. resource tags c. resource locks d. Azure Key Vault

a (Azure RBAC allows you to assign a set of permissions to a user or group. Resource tags are used to locate and act on resources associated with specific workloads, environments, business units, and owners. Resource locks prevent the accidental change or deletion of a resource. Key Vault is a centralized cloud service for storing an application secrets in a single, central location. Control access to cloud resources by using Azure role-based access control - Training | Microsoft Learn)

Why is cloud computing often less expensive than on-premises datacenters? a. you are only billed for what you use b. network bandwidth is free c. cloud service offerings have limited functionality d. services are only offered in a single geographical location

a (Charges can be incurred depending on network bandwidth, cloud services are flexible and the providers offer service globally.)

What should you use to access Azure Cloud Shell? a. a web browser b. Azure Resource Manager (ARM) c. Microsoft Visual Studio Code d. the command-line on a local computer

a (Cloud Shell is an interactive, browser-accessible shell for managing Azure resources.)

What is an advantage of cloud computing compared to on-premises deployments? a. You can scale more quickly. b. You own your CPUs. c. You have full access in case of internet outage. d. You can work from multiple workstations.

a (Cloud computing allows you to scale more quickly. Owning your own CPU and having full access in the event of an internet outage are not features of cloud computing at all. Working from multiple workstations is not specific to cloud computing compared to an on-premises deployment.)

What can you use to ensure that users authenticate by using multi-factor authentication (MFA) when they attempt to sign in from a specific location? a. Conditional Access b. Azure role-based access control (RBAC) c. single sign-on (SSO) d. administrative units

a (Conditional Access can use signals to determine information about authentication attempts, and the determine whether to block access or require additional verifications, such as MFA.)

What is high availability in a public cloud environment dependent on? a. the service level agreement (SLA) that you choose b. the vertical scalability of an app c. cloud-based backup retention limits d. capital expenditures

a (Different services have different SLAs. Sometimes different tiers of the same service will offer different SLAs, which can increase or decrease the promised availability.)

What are cloud-based backup services, data replication and geo-distribution features of? a. disaster recovery plan b. elastic application configuration c. cost reduction plan d. hybrid cloud deployment

a (Disaster recovery uses the services mentioned to keep data and code safe in the event of a disaster.)

What should you proactively review and act on to avoid service interruptions, such as service retirements and breaking charges? a. health advisories b. service issues c. application insights d. Azure monitor

a (Health advisories are issues that require that you take proactive action to avoid service interruptions, such as service retirements and breaking charges. Services issues are problems such as outages that require immediate actions.)

Which type of cloud service are virtual networks? a. infrastructure as a service (IaaS) b. platform as a service (PaaS) c. software as a service (SaaS)

a (IaaS helps you reduce the cost and complexity of maintaining a physical server and its datacenter infrastructure. Virtual networks are part of the IaaS cloud service.)

Which cloud service model provides you with the most control over the hardware that runs applications? a. infrastructure as a service (IaaS) b. platform as a service (PaaS) c. software as a service (SaaS)

a (IaaS is the most flexible category of cloud services. It aims to give you complete control over the hardware that runs applications. Users do not control the OS and do not configure the underlying servers in PaaS. With SaaS, you are using as-is software hosted in the cloud, instead of creating a platform to host a software yourself.)

You have an Azure virtual machine that is accessed between 9AM and 5PM daily. What should you do to minimize costs but preserve the associated hard disks and data? a. deallocate the virtual machine b. delete the virtual machine c. resize the virtual machine d. implement Privileged Identity Management

a (If you have virtual machine workloads that are only used during certain periods, but you run them every hour of every day, then you are wasting money. These virtual machines are great candidates to deallocate when not in use and start back up when required to save on compute costs.)

Which resource can you use to manage access, policies, and compliance across multiple subscriptions? a. management groups b. resource groups c. administrative units

a (Management groups can be used in environments that have multiple subscriptions to streamline the application of governance conditions.)

What Azure component allows you to replicate resources across a geography to ensure business continuity during a natural disaster at the primary site? a. region pairs b. availability zones c. availability sets d. Azure Virtual Machine Scale Sets

a (Region pairs allow the replication of Azure resources across geographies to help ensure that a secondary region is available in case of any disaster at the primary region.)

What is an Azure Storage account named storage001 an example of? a. resource b. resource group c. subscription d. resource manager

a (Resource is a manageable item that is available through Azure. Virtual machines, storage accounts, web apps, databases, and virtual networks are examples of resources.)

You need to associate the costs of resources to different groups within an organization without changing the location of the resources. What should you use? a. resource tags b. resource groups c. subscriptions d. administrative units

a (Resource tags can be used to group billing data and categorize costs by runtime environment, such as billing usage for virtual machines running in a production environment.)

[Answer choice] is the logical container used to combine and organize Azure resources. a. resource group b. Azure Resource Manager (ARM) c. management group d. Azure region

a (Resources are combined into resource groups, which act as a logical container into which Azure resources like web apps, databases, and storage accounts are deployed and managed.)

What enables a user to sign in one time and use that credential to access multiple resources and applications from different providers? a. single sign-on (SSO) b. multi-factor authentication (MFA) c. Conditional Access d. device management

a (SSO enables a user to sign in one time and use that credential to access multiple resources and application from different providers. MFA is a process whereby a user is prompted during the sign-in process for an additional form of identification. Conditional Access is a tool that Azure AD uses to allow or deny access to resources based on identity signals. Azure AD supports the registration of devices.)

Which Azure Blob storage tier stores data offline and offers the lowest storage costs and the highest costs to access data? a. Archive b. Hot c. Cool

a (The Archive storage tier stores data offline and offers the lowest storage costs, but also the highest costs to rehydrate and access data. The Hot storage tier is optimized for storing data that is accessed frequently. Data in the Cool access tier can tolerate slightly lower availability, but still requires high durability, retrieval latency and throughput characteristics similar to hot data.)

Which Azure Blob storage service tier has the highest storage costs and the fastest access times for reading and writing data? a. Hot b. Cool c. Archive

a (The Hot tier is optimized for storing data that is accessed frequently. The Cool access tier has a slightly lower availability SLA and higher access costs compared to hot data, which are acceptable trade-offs for lower storage costs. Archive storage stores data offline and offers the lowest storage costs, but also the highest costs to rehydrate and access data.)

You need to identify which Azure services are compliant with ISO 27001 Information Security Management Standards. Where should you go to locate the information? a. Microsoft Trust Center b. Microsoft Privacy Statement c. the Data Protection Addendum of Microsoft d. Microsoft Online Services Terms

a (The Trust Center showcases the Microsoft principles for maintaining data integrity in the cloud and how Microsoft implements and supports security, privacy, compliance and transparency in all Microsoft cloud products and services.)

Which Azure resource is a software emulation of a physical computer that includes a virtual processor, memory, storage and networking resources? a. virtual machine b. App service c. function d. container

a (Virtual machines are software emulations of physical computers. They include a virtual processor, memory, storage, and networking resources. Virtual machines host an operating system and you can install and run software just like on a physical computer.)

Increasing compute capacity for an app by adding RAM or CPUs to a virtual machine is called ....? a. vertical scaling b. horizontal scaling c. disaster recovery d. high availability

a (You scale vertically to increase compute capacity by adding RAM or CPUs to a virtual machine. Scaling horizontally increases compute capacity by adding instances of resources, such as adding virtual machines to the configuration. Disaster recovery keeps data and other assets safe in the event of a disaster. High availability minimized downtime when things go wrong.)

Which 2 attributes are characteristics of private cloud deployment model? a. Hardware must be purchased b Company has complete control over physical resources and security c. Apps provisioned/deprovisioned quickly d. Pay-as-you-go

a, b (Private clouds require that hardware must be purchased for start-up and maintenance - organizations also control all resources and security in this case. Quick provisioning and pay-as-you-go models are public cloud traits.)

What are 2 services that allow you to run applications in containers? a. Azure Container Instances b. Azure Kubernetes Services c. Azure Logic Apps d. Azure Functions

a, b; Azure Container Instances and Azure Kubernetes Services (Containers are a virtualization environment. Much like running multiple virtual machines on a single physical host, you can run multiple containers on a single physical or virtual host. Unlike virtual machines, you do not manage the operating system for a container.)

Which 2 Azure resources can make use of availability zones? a. Azure SQL databases b. virtual machines c. Azure subscriptions d. resource groups

a, b; Azure SQL databases and virtual machines (Availability Zones are primarily for virtual machines, managed disks, load balancers and SQL databases.)

Which 2 features are available by using Azure Cost Management + Billing? a. Create and manage budgets b. Generate historical reports and forecast future usage c. Provide discounted prices when you pay in advance d. Estimate the total cost of ownership before resources are deployed

a, b; Create and manage budgets & Generate historical reports and forecast future usage (Azure Cost Management allows you to create and manage cost and usage budgets by monitoring resource demand trends, consumption rates, and cost patterns. It also allows you to use historical data to generate reports and forecast future usage and expenditures.)

Which 2 scenarios are common billing use cases for resource tags? a. categorizing costs by department b. associating costs with different environments c. resizing underutilized virtual machines d. identifying lower cost regions

a, b; categorizing costs by department and associating costs with different environments (You can use tags to categorize costs by department, such as human resources, marketing or finance, or by environment, such as test or production.)

Which 2 actions can be performed by using the graphical user interface (GUI) in the Azure portal? a. create new resources b. review a graphical view of all the services you are using c. change the availability zone of a virtual machine d. repeatedly set up one or more resources and ensure that all the dependencies are created in the proper order.

a, b; create new resources and review a graphical view of all the services you are using (The Azure portal provides a GUI to view all the services you are using, create new services, configure your services and view reports.)

In a platform as a service (PaaS) model, which 2 components are the responsibility of the cloud service provider? a. operating system b. physical network c. user access d. information and data

a, b; operating system and physical network (In PaaS, the cloud provider is responsible for the OS, physical datacenter, physical hosts and physical network. In PaaS, the customer is responsible for accounts and identities.)

Which 2 components are created in an Azure subscription? a. resources b. resource groups c. management groups d. Azure AD user accounts

a, b; resources and resource groups (Resources can only be associated with a single subscription. Subscriptions may be grouped into management groups. An account may be associated with multiple subscriptions.)

What are two characteristics of the public cloud deployment model? a. Services are offered over the internet and are available to anyone who wants to purchase them. b. Computing resources are used exclusively by users from one organization. c. Servers and storage are owned and operated by a third-party cloud service provider. d. Hardware is physically located in an organization's on-site datacenter.

a, c; Services are offered over the internet and are available to anyone who wants to purchase them. and Servers and storage are owned and operated by a third-party cloud service provider. (In a public cloud, services are offered online and they are available to the public. Servers and storage is owned and operated by a 3rd party cloud service provider.)

What are 2 characteristics of consumption-based model? a. no upfront costs b. requires the purchase and management of the physical infrastructure c. the ability to stop paying for resources that are no longer needed d. high capital expenditure

a, c; no upfront costs and the ability to stop paying for resources that are no longer needed (In a consumption-based model, you do not pay for anything until you start using resources, and you only pay for what you use. If you stop using a resource, you stop paying for it. High expenditures are usually associated with the purchase of a physical infrastructure, which is not needed in a consumption-based model.)

Which 2 tools are accessible via Azure Cloud Shell and allows you to write Bash scripts to manage an Azure environment? a. Azure PowerShell b. Azure Resource Manager (ARM) templates c. Azure Repos d. Azure CLI

a, d; Azure PowerShell and Azure CLI (Azure CLI is an executable program with which a user can execute commands in Bash that call the Azure REST API. Azure Cloud Shell also supports Azure PowerShell as an executable program.)

Which 2 services are provided by Azure AD? a. authentication b. data encryption c. name resolution d. single sign-on (SSO)

a, d; authentication and SSO (Azure AD provides services for verifying identity and access to applications and resources. SSO enables you to remember a single username and password to access multiple applications and is available in Azure AD.)

Which 2 scenarios are common use cases for Azure Blob storage? a. storing data for backup and restore b. hosting ASPX files for a webiste c. mounting a file storage share to be accessed as a virtual drive on multiple virtual machines d. serving images or documents directly to a browser

a, d; storing data for backup and restore & serving images or documents directly to a browser (Low storage costs and unlimited file formats make blob storage a good location to store backups and archives. Blob storage can be reached from anywhere by using an internet connection. Azure Disk Storage provides disks for Azure virtual machines. Azure Files supports mounting file storage shares.)

Which 2 tools can you use to create a new Azure virtual machine from a mobile device that runs Android? a. the Azure portal b. SSH c. Remote Desktop d. PowerShell in Azure Cloud Shell

a, d; the Azure portal and PowerShell in Azure Cloud Shell (The Azure portal can run on devices that have the Android operating system installed. The browser can be any type such as Internet Explorer 11, Chrome, Firefox, or Safari (all the latest versions). When you visit the portal, you will see Cloud Shell. Users can access Bash and PowerShell from within Cloud Shell. You can use Bash and PowerShell to create Azure virtual machines.)

What uses the infrastructure as a service (IaaS) cloud service model? a. Azure virtual machines b. Azure App Services c. Microsoft Office 365 d. Azure Cosmos DB

a. Azure virtual machines

Which of the following would your service model not determine responsibility for? a. Operating Systems b. Devices that are allowed to connect to your cloud c. Applications d. Indentity and infrastructure

b

You need to be notified when there are new recommendations for reducing Azure costs. Which tool should you use? a. Azure Service Health b. Azure Advisor c. Azure Monitor d. Log Analytics

b (Azure Advisor evaluates Azure resources and makes recommendations to help improve reliability, security, and performance, achieve operational excellence and reduce costs.)

What can you use to manage servers across cloud platforms and on-premises environments? a. Azure Monitor b. Azure Arc

b (Azure Arc simplifies governance and management by delivering a consistent multi-cloud and on-premises management platform.)

You have a team of Linux administrators that need to manage the resources in Azure. The team wants to use Bash shell to perform the administration. What should you recommend? a. Azure Blueprint b. Azure CLI c. Azure PowerShell d. Azure Resource Manager (ARM)

b (Azure CLI allows you to use the Bash shell to perform administrative tasks. Bash is used in Linux environments, so a Linux administrator will probably be more comfortable performing command-line administration from Azure CLI.)

To which object or level is an Azure role-based access control (RBAC) role applied? a. resource lock b. scope c. resource tag d. policy

b (Azure RBAC roles are applied to scope, which is a resource or set of resources that the access applies to.)

Your organization plans to deploy several production virtual machines that will have consistent resource usage throughout the year. What can you use to minimize the costs of the virtual machines without reducing the functionality of the virtual machines? a. Azure Monitor alerts b. Azure Reservations c. spending limits

b (Azure Reservations offers discounted prices on certain Azure services. Azure Reservations can save you up to 72 percent compared to pay-as-you-go prices. To receive a discount, you can reserve services and resources by paying in advanced. Spending limits can suspend a subscription when the spend limit is reached.)

What can you use to define the resources you want to provision in a declarative JSON format? a. Azure PowerShell b. Azure Resource Manager (ARM) templates

b (By using ARM templates, you can describe the resources you want to use in a declarative JSON format.)

[Answer choice] refers to upfront costs incurred one time, such as hardware purchases. a. Operational expenditures b. Capital expenditures c. Elasticity d. consumption-based model

b (Capital expenditures are one-time expenses that can be deducted over time. Operational expenditures are billed as you use services and do not have upfront costs.)

Increasing compute capacity for an app by adding instances of resources such as virtual machines is called...? a. vertical scaling b. horizontal scaling c. elasticity d. high availability

b (Horizontal scaling is the act of adding more instances of resources.)

Increasing the capacity of an application by adding additional virtual machines is called...? a. vertical scaling b. horizontal scaling c. high availability d. agility

b (Scaling horizontally increases compute capacity by adding instances of resources, such as adding virtual machines to configuration. You scale vertically to increase compute capacity by adding RAM or CPUs to a virtual machine. Agility refers to the ability to deploy new applications and services quickly. High availability minimizes downtime when things go wrong.)

You plan to build a new solution in Azure that will use platform as a service (PaaS) products. What should you use to estimate the monthly costs? a. Total Cost of Ownership (TOC) Calculator b. Azure Pricing calculator c. Azure Advisor d. Azure Cost Management

b (The Azure Pricing calculator allows you to estimate and configure according to your specific requirements. You will then receive a consolidated estimated price and a detailed breakdown of the costs associated with each resource you added to your solution.)

Your organization is building a custom application. You need to focus on application development rather than configuration and management of servers. Which cloud service model should you use? a. infrastructure as a service (IaaS) b. platform as a service (PaaS) c. software as a service (SaaS)

b (With PaaS, users can focus on application development because the cloud provider handles all the platform management. In SaaS, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage and applications. IaaS is the closest service model to managing physical servers.)

What can you use to find information about planned maintenance for Azure services that are critical to your organization? a. Azure Monitor b. Azure Service Health

b (You can drill down to the affected services, regions, and details to show how an event will affect you and what you must do. Most of these events occur without any impact to you and will not be shown. In a rare case that a reboot is required, Service Health allows you to choose when to perform the maintenance to minimize the downtime)

Which cloud service model is used by Azure SQL Database? a. infrastructure as a service (IaaS) b. platform as a service (PaaS) c. software as a service (SaaS)

b platform as a service (PaaS)

Which two services are provided by Azure AD? Each correct answer presents a complete solution. a. data encryption b. SSO c. Authentication

b, c SSO and authentication

Which two scenarios are common use cases for Azure Blob storage? Each correct answer presents a complete solution. a. hosting ASPX files for a website b. serving images or documents directly to a browser c. storing data for backup and restore d. mounting a file storage share to be accessed as a virtual drive on multiple virtual machines

b, c storing data for backup and restore, serving images or documents directly to a browser

Which two protocols are used to access Azure file shares? Each correct answer presents a complete solution. A. HTTP B. Server Message Block (SMB) C. Network File System (NFS)

b, c; SMB and NFS (Azure Files offers fully managed file shares in the cloud that are accessible via industry-standard SMB and NFS protocols.)

Which 2 factors affect Azure costs? a. availability zone selection b. resource usage c. resource location d. date and time of use

b, c; resource usage and resource location (In Azure, the cost of their cloud environment relies on how much the resource is used. Prices may vary, depending on location.)

What can you use to provide Mac and Android users with access to a Windows environment that will run Windows-based applications? a. Azure Logic Apps b. Azure Functions c. Azure Virtual Desktop d. Azure Container Instances

c (Azure Virtual Desktop is a desktop and application virtualization service that runs in the cloud. It enables your users to use a cloud-hosted version of Windows from any location. Azure Virtual Desktop works across devices such as Windows, Mac, iOS, Android and Linux. It works with apps that you can use to access Remote Desktops and apps. You can also use most modern browsers to access Azure Virtual Desktop-hosted experiences.)

For which resource does Azure generate separate billing reports and invoices by default? a. management groups b. resource groups c. subscriptions d. accounts

c (Azure generates separate billing reports and invoices for each subscription so that you can organize and manage costs. Resource groups can be used to group costs, but you will not receive a separate invoice for each resource group. Management groups are used to efficiently manage access, policies and compliance for subscriptions. You can set up billing profiles to roll up subscriptions into invoice sections, but this requires customization.)

You need to recommend a solution for Azure virtual machine deployments. The solution must enforce company standards on the virtual machines. What should you include in the recommendations? a. Azure Cost Management b. Azure Lock c. Azure Policy d. Azure Blueprints

c (Azure policies will allow you to enforce company standards on new virtual machines when combined with Azure VM Image Builder and Azure Compute Gallery. By using Azure Policy and role-based access control (RBAC) assignments, enterprises can enforce standards on Azure resources. But on virtual machines, these mechanisms only affect the control plane or the route to the virtual machine.)

What Azure AD feature can you use to ensure that users can only access Microsoft Office 365 applications from approved client applications? a. Azure role-based access control (RBAC) b. single-sign on (SSO) c. Conditional Access d. multi-factor authentication (MFA)

c (Conditional Access allows admins to control, allow or deny access to resources based on certain signals, You can require that access to certain applications only be allowed if the users are using an approved client application.)

Which cloud deployment model are you using if you have servers physically located at your organization's on-site datacenter and you migrate a few servers to the cloud? a. private cloud b. public cloud c. hybrid cloud

c (Hybrid cloud combines public and private by allowing data and apps to be shared between them.)

What is the purpose of defense in depth? a. to enable you to locate and act on resources that are associated with specific workloads, environments, business units and owners. b. to manage policies that control or audit resources so that the configurations stay compliant with corporate standards c. to use several layers of protection to prevent information from being accessed by unauthorized users d. to evaluate resources and make recommendations to help improve reliability and performance

c (The objective of defense in depth is to use several layers to prevent information from being accessed or stolen by unauthorized users.)

In cloud computing [answer choice] allows you to deploy applications to regional datacenters around the world. a. high availability b. disaster recovery c. geo-location d. elasticity

c (You can deploy apps and data to regional datacenters around the globe, thereby ensuring that your customers always have the best performance in their region. This is referred to as geo-location.)

Which 2 protocols are used to access Azure file shares? a. FTP b. HTTP c. Network File System (NFS) d. Server Message Block (SMB)

c, d Azure Files offers fully managed file shares in the cloud that are accessible via industry-standard SMB and NFS protocols.

What are 2 basic services provided by all cloud providers? a. Colocation b. Application development c. Compute d. Storage Services

c. Compute & d. Storage Services c, d (All cloud providers provide compute and storage services. Colocation is when a business rents space in a shared physical datacenter. Application development is the responsibility of the customer and is typically done either in-house or through 3rd party.)

Which of the following will the customer always be responsible for? a. Physical datacenter b. Operating Systems c. Physical hosts d. Information/data

d

[Answer choice] is the deployment and management service for Azure. a. Azure AD b. Azure API Management c. Azure Monitor d. Azure Resource Manager (ARM)

d (ARM is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in an Azure subscription. You use management features, such as access control, resource locks, and resource tags to secure and organize resources after deployment.)

[Answer choice] are physically separate datacenters within an Azure region. a. Geographies b. Region pairs c. Resource groups d. Availability zones

d (Availability zones are physically separate datacenters within an Azure region. Each availability zone is made up of one or more datacenters equipped with independent power, cooling and networking.)

You need to ensure that multi-factor authentication (MFA) is enabled on accounts with write permissions in an Azure subscription. What should you implement? a. resource tags b. Cloud Adoption Framework c. resource locks d. Azure Policy

d (Azure Policy is a service in Azure that enables you to create, assign and manage policies that control or audit resources.)

Which Azure compute service can you use to deploy and manage a set of identical virtual machines? a. availability sets b. availability zones c. Azure Container Instances d. Azure Virtual Machine Scale Sets

d (Azure Virtual Machine Scale Sets are an Azure compute resource that you can use to deploy and manage and scale a set of identical virtual machines.)

What can you use to ensure that a user can only access applications from compliant devices? a. single sign-on (SSO) b. multi-factor authentication (MFA) c. hybrid identity d. Conditional Access

d (Conditional Access is a tool that Azure AD uses to allow or deny access to resources based on identity signals, such as the device being used. SSO enables a user to sign in ont time and use that credential to access multiple resources and applications from different providers. MFA is a process whereby a user is prompted during the sign-in process for an additional form of identification. Hybrid identity solutions create a common user identity for authentication and authorization to all resources, regardless of location.)

An example of [answer choice] is automatically scaling an application to ensure that the application as the resources needed to meet customer demands. a. agility b. high availability c. geo-distribution d. elasticity

d (Elasticity refers to the ability to scale resources as needed, such as during business hours, to ensure that an application can keep up with demand, and then reducing the available resources during off-peak hours.)

What Azure AD feature can you use to configure security authentication that requires users to use their mobile phone to sign in? a. Microsoft Defender for Cloud b. Microsoft Entra Verified ID c. Azure Information Protection (AIP) d. multi-factor authentication (MFA)

d (MFA is the concept requiring something more than only a password to sign in to an application. You can use the mobile phone to receive a phone call, text or a code to get authenticated.)

What can you use to connect Azure resources, such as Azure SQL databases, to an Azure virtual network? a. ExpressRoute b. network security groups (NSGs) c. peering d. service endpoints

d (Service endpoints are used to expose Azure services to a virtual network, providing communication between the two. ExpressRoute is used to connect an on-premises network to Azure. NSGs allow you to configure inbound and outbound rules for virtual networks and virtual machines. Peering allows you to connect virtual networks together.)

You need to compare the costs of running an application in an on-premises datacenter with the costs of running the application in Azure. What should you use to assist you? a. Azure Pricing calculator b. Azure Advisor c. Azure Cost Management d. Total Cost of Ownership (TCO) Calculator

d (The TCO Calculator helps you estimate the cost savings over time of operating a solution in Azure compared to operating in an on-premises datacenter.)


Related study sets

9th Grade Honors Biology Unit 1 Characteristics of life

View Set

Google Analytics Academy: Beginners - Assessment 2

View Set

Chapter 18 Multiple Choice- Conceptual

View Set

CH 19 Administration of Medication

View Set

020 - Chapter 20 - Praxis 5039 (Chapter Test)

View Set

APES: Greatest Good & Tragedy of the Commons

View Set

Intro to Fitness Management Ch 9

View Set

PADI Open Water - Being a Diver I

View Set

SS Ch.7 The Flow of Food: Storage

View Set