AZ-900 Practice Exams

Ace your homework & exams now with Quizwiz!

What is the minimum configuration necessary to provide SLA guarantees for a vm instance? - Single VM instance with premium storage - Single vm with standard storage - Two or more instances across two or more availability zones in the same azure region - Two or more instances in the same availability set.

- A single VM instance with premium storage

You need to use Azure Cloud shell to manage LInux VMs that already deployed and in use. What tools can you use to manage Linux V,s in cloud shell? AZ CLI AZ Power Shell Azure Portal

AZ CLI and AXZ Powershell

What is the SLA availability for Azure DNS

100%

What is percentage of a ability is stated by the SLA for two or more instances in the same availability set? 99.9% 99.99% 99.999% 99.95%

99.5%

What is the SLA availability for MFA?

99.9%

What is the SLA availability for Security Standard Tier?

99.9%

What percentage of availability is the SLA for a VM instance with premium storage 99.9% 99.99% 99.999% 99.95%

99.9%

What is percentage of a ability is stated by the SLA for two or more instance across two or more availability zones in the same azure region? 99.9% 99.99% 99.999% 99.95%

99.99%

What is ACI (Azure Container Instances)

A great solution for any scenario that can operate in isolated containers, including task automation, and build jobs.

What enables an organization to organize documents and emails through the use of labels. Labels can be applied manually by users or automatically through administrator-defined rules. The classifications make the data identifiable no matter where the data is stored. Security Center Key Vault Azure Information Protection (AIP) ATP (Advanced Threat protection)

AIP

Which Azure Security Solution Uses Labels to apply classifications to documents and emails? Security Center Key Vault Azure Information Protection (AIP) ATP (Advanced Threat protection)

AIP (Azure Information Protection)

Which statement best describes Azure Information Protection AIP

AIP classifies documents and emails by applying labels to them.

What Cloud Based security solutions was designed to id, detect, and help identify advanced threats and helps to protect hybrid computing environments? Also detects suspicious activities. Security Center Key Vault Azure Information Protection (AIP) ATP (Advanced Threat protection)

ATP

Which Azure monitor feature allows an admin to configure actions that should occur when a specific conditions are met. For example; sending an alert when a CPU for the VM exceeds a certain threshold? - Service Health - metrics -Application Insights - Alerts

Alerts

You deploy tow Azure VMs running Windows SVR 2016 and one VM running Ubuntu. All three Vms and their resources are added to the same resource group. The Vms and the resource groups are all located in the same region of Azure. What would happen if you deleted the resource group when the initial test cycle is complete? -Resource metadata is only deleted and access to the VMs is disabled - All vms contained in the resource group are deleted -Resource metadata only is deleted and the vms are shut down Resource metadata only is deleted with no impact on the vms?

All vms contained in the resource group are deleted. Every single resource in that group would be deleted as well.

Which Application Performance Management (APM) service that detects performance in real time and allows cloud and on-premises applications to send telemetry data. - Service Health - metrics -Application Insights - Alerts

Application Insights

What is the customer responsible for managing in a PaaS environment?

Applications and Data

Whart does ReadOnly Lock mean?

Authorized users can read a resource but they cannot delete or update the resource. Applying this lock is similar to restricting all users to the permissions granted by the "Reader Role"

What does the CanNotDelete lock mean?

Authorized users can still read and modify a resource, but they cannot delete the resource.

What service integrates with Azure Security Center to provide a consolidated view of recommendations for all Azure resources to help improve cost effectiveness, performance, HA, and security of Azure resources. It does not provide for monitoring and evaluating compliance -Azure Policies - RBAC -Azure Monitor -Azure Advisor

Azure Advisor

What is a collection of Azure policies iOS targeted toward reaching a single overall goal by simplifying managing and assigning policy definitions by grouping a set of policies as a single item?

Azure Initiatives

What lets a company reinforce rules that apply to resources to help ensure compliance with company standards. They can also be used to ensure that resources meet SLA requirements. -Azure Policies - RBAC -Azure Monitor -Azure Advisor

Azure Policies

Your company wants to ensure that it meets its internal compliance goals and that Azure resources are compliant with company standards. this will include ongoing evaluation for compliance and identification of non-compliant resources. What should you use? -Azure Policies - RBAC -Azure Monitor -Azure Advisor

Azure Policies

What azure solution provides a solution for building highly scalable and secure serverless apps that support multiple programming languages. Since they scale to meet demand it enables you to focus on building apps without concern for server resources?

Azure functions

How does azure leverage economies of scale when a company uses Azure virtual machines instead of on-premises servers.

Azure lowers the total cost of Using Vms in relation of the cost of purchasing servers because the Microsoft purchases large amounts of hardware at lower prices.

True or False: When running Azure Powershell with cloud shell, both Linux specific and Windows specific functionality is available?

False: only Linux is

True or False: Azure China is available to governmental agencies only?

False: only for organizations doing business in china.

True or False: an initiative is limited only being assigned to on scope?

False: the same initiative can be assigned to multiple scopes to include multiple resources, resource groups, subscriptions, or management groups.

True or False: You can directly migrate an exiting Azure account to Azure China with minimal changes?

False: you cannot, and china requires a separate account and has a distinct pricing structure

What can locks be applied as?

CanNotDelete and Read-Only

What lock levels can you set and what are there names in the portal?

CanNotDelete. | Delete ReadOnly | read-only

Which statement he's describes the regulatory compliance in an Azure cloud-based deployment? -Compliance is the sole responsibility of the subscriber - Compliance is the responsibility of applicable third parties - Compliance is a shred responsibility of Microsoft and the subscriber - Compliance is the sole responsibility of Microsoft.

Compliance is the responsibility of Microsoft and the subscriber. This is called the shared responsibility model.

True or False; resource group can contain resources from the same region as the resource group only.

False; a resource group can contain resources from any region

A company deploys an AZ VM running windows. The VM hosts data files that must be available to other VMS running Windows, Linux, and MacOS. Data must be secure both at rest an in transit. Which storage product should you use? Disk Storage Archive Storage Blob Storage File Storage

File Storage

You need to give users in a group the ability to create and manage all types of Azure resources in a subscription. Rights grantees to the user should be kept to a minimum. Which RBAC role should you assign to the group? Reader User Access Administrator Owner Contributor

Contributor: you cannot grant access to others in this role.

What does the TCO (Total cost of ownership calculator) do?

It allows you to compare the costs between your current on premises infrastructure and your predictive cloud infrastructure. Then compares your needs to your current resources in Azure.

Which statement or feature for prospective customers that is unique to Azure China?

It's data centers are completely disconnected from other Azure Data Centers.

What type of AZ networking service can be used to filter network traffic to and from AZ resources in an Azure Vnet. It also contains security rules that allow or deny inbound traffic, or outbound traffic from several types of Azure Resources

NSG (Network Security Groups)

What Azure service enables you to develop a serverless solution that responds to events. It supports a wide variety of event sources and event handlers. Service Bus Event Grid Queue Storage Event Hubs

Event Grid

What azure solution provides a solution for building event architectures that subscribe to azure resources and route events to different endpoints?

Event Grid

Your company is deploying an application with an event based architecture. The application will deploy as a serverless application. The application should: - respond to discrete events from blob storage - pass events to az function to respond - filter events so only relevant events are forwarded. Which AZ service should you use to deliver event messages? Service Bus Event Grid Queue Storage Event Hubs

Event Grid

What AZ service is used to support big data pipelines and supports event streaming for a series of events. It is used to facilitate capture, retention, and replay telemetry and event stream data. Service Bus Event Grid Queue Storage Event Hubs

Event Hubs

True or false: Cloud shell provides a way to run Azure Command Line interface and Azure Powershell on iOS and android mobile devices?

False (It is accessed from the Azure Mobile App)

True or False? RBAC roles take precedence over locks?

False they do not.

True or False: Locks can be applied in the context of specific users and roles?

False: Locks are only applied to resources. When they are applied to resources it applies to all users and roles.

True or False: When a blueprint is updated the updated version is published, any assignments of the blueprint are updated automatically?

False: They are not you must update the blueprint assignment with the new updated version of the assignment.

What best statement best describes General Availability (GA).

GA refers to a fully tested evaluated azure feature that is made available to all Azure Subscribers as a part of the azure product set.

What open source enterprise level analytics service provides for fast processing of massive amounts of data and can be used to analyze streaming or historic data.

HDInsight

What should you use when you want to Java to process batches in a Hadoop Cluster. It also allows you to process batches by using R, Python, SQL, Scalia, and Java

HDInsight

YOu need to analyze large volumes of dtreaming data being collected from IoT devices. What should you use? Application Insights Data Lake Analytics Machine Learning Service HDInsight

HDInsight

What cloud service is designed to help you automate and orchestrate tasks workflows, and business process. It is a serverless solution that lets you connect and coordinate systems and applications.

Logic Apps

What is a solution for building scalable solutions for app integration, data integration, system integration, enterprise application, integration (EAI) and B2B communications?

Logic Apps

Which three services have a financially backed SLA? Azure Policy MFA Container Registry Azure DNS Azure Advisor Security Standard Tier

MFA Azure DNS Security Center Standard Tier

What should you use when you create machine learning algorithms by using Python?

Machine Learning Service

What is the Azure information site that contains broad ranging security information. SUch as security, privacy, compliance, transparency, and products and services?

Microsoft Trust Center

Which United States regulation addresses protecting unclassified information created by the government and store in non-governmental systems? Payment card industry data standards (PCI DSS) General Data Protection Regulation (GDPR) National Institute of Standards and Technology (NIST) 800-171 Health Information Trust Alliance (HITRUST)

NIST

You need to filter traffic between two subsets in Azure Deployment. Filtering should be based on : - Source IP address and port number - Destination Is and port number - TCP/IP protocol in use Solution: You Deploy and configure Web Application Firewall (WAF) as the traffic filter. Does the solution meet the goal? Y/N

NO

A Company deploys an Azure (VM) United the north central US region. The company adds the VM and its resources to a resource group in the same region. As a part of reorganization, the company needs to move the VM and it data to a different region. This must be accomplished with as little down time as possible. Solution: The company moves the VM to a different resource group in a different region. Does this solution meet the goal? Yes or No?

No

A Company deploys an Azure (VM) United the north central US region. The company adds the VM and its resources to a resource group in the same region. As a part of reorganization, the company needs to move the VM and it data to a different region. This must be accomplished with as little down time as possible. Solution: The company backs up the VM, deletes the original VM, and recreates the VM in a different region. Does this Solution meet the goal?

No ( Backing up and deleting the original, and then moving it would take up too much time.)

A company is looking for an application deployment solution for managed container orchestration service that included each of the following requirements; - Integration with an existing Azure virtual network (VNet) - Security Integration with AAD - Support for deploying docker container apps -Support for Azure Disk Premium Storage Coordinated Applications upgrades. You need to recommend a solution to meet these requirements . Solution: Recommend using Azure Container Instances (ACI) to deploy the application? Does this solution work (Y /N)

No (ACI) Is used in scenarios that can operate in isolated containers, without event-driven applications

A company is looking for an application deployment solution for managed container orchestration service that included each of the following requirements; - Integration with an existing Azure virtual network (VNet) - Security Integration with AAD - Support for deploying docker container apps -Support for Azure Disk Premium Storage Coordinated Applications upgrades. You need to recommend a solution to meet these requirements . Solution: Using Azure virtual Machine scale sets to deploy the application

No (Using scale sets just allows you to rapidly create a vm based on a baseline VM it doesn't do anything else.)

Can you use Azure functions to implement serverless computing through a GUI? Y/N

No, you must use code such as C# or JavaScript

Can you use logic apps to implement serverless computing through code? Y/N

No, you need a GUI to design workflows.

Your company is using a PaaS environment. Which Components would be the responsibility of the provider, which would be the responsibility of the customer OS Data Storage Virtualization Applications

OS : Provider Data : Customer Storage : Provider Virtualization : Provider Applications : Customer

In the IaaS cloud service model, the subscriber is responsible for management of which two components.

OS and applications

Which statement accurately describes preview feature support service?

Previews are subject to reduced or different service terms than generally released features.

What does the Azure Web Application Filter do?

Provides centralized protection of your web applications from common exploits and vulnerabilities.

What allows you to assign permissions to users so that they can create resources in Azure. THis allows you to control which users are allowed to create resources.

RBAC

Which of the following allows you yo assign permissions to user so that they can create resources in Azure? Resource Groups Policies Initiatives RBAC

RBAC

What statement describes a benefit that is unique to Azure Government?

Resources in AZ Government are deployed too data centers that are separate from non-government resources.

What azure service provides tools to help strengthen your organizations security posture, protect against threats, and quickly secure your computing environment. It makes it easier to manage your organizations security policies and compliance. Security Center Key Vault Azure Information Protection (AIP) ATP (Advanced Threat protection)

Security Center

What is designed to protect Azure Cloud, non-Azure cloud, and hybrid computing resources through a set of security tools. These include tools for monitoring the network to prevent, detect, and respond to potential Security threats. Security Center Key Vault Azure Information Protection (AIP) ATP (Advanced Threat protection)

Security Center

What service is used for high-value enterprise messaging service such as order processing and financial transactions. It provides asynchronous message delivery and prevents the loss or duplication of messages. Service Bus Event Grid Queue Storage Event Hubs

Service Bus

What Azure monitor feature keeps track of Azure Services and allows admins to be notified of events a like planned maintenance, service outage, or resource usage quotas. For example it can send an email whenever a VM usage exceeds its Quota? - Service Health - metrics -Application Insights - Alerts

Service Health

Which Azure Monitor Feature sends an administrator an email when a virtual machine is about to exceed its usage quota for the month? - Service Health - metrics -Application Insights - Alerts

Service Health

Your company is considering moving its on-premises infrastructure to AZ. Before doing so you want to compare the costs of savings if any. Which is the most appropriate tool to use? Cost management Azure Pricing Calculator Total Cost fo Ownership Calculator (TCO) Azure Advisor?

TCO

What resource is required to use Azure Cloud Shell?

Storage Account

Where can locks be applied at? (Choose 3) Subscription Resource Group Resource Scope RBAC

Subscription Resource Group Resource Scope

A private cloud requires that ____

The infrastructure be on a private network.

What do Initiatives do?

They allow you to group policies together.

According to Microsofts supplemental terms, what is the primary purpose for releasing Azure Feature in public preview?

To obtain customer feedback

Why do you lock resources?

To prevent people in your organization form accidentally deleting or modifying critical resources,

An initiative can only contain policies that are located in the same subscription?

True

True or False. Cloud shell times out with 20 minutes of activity?

True

True or False: An Azure Multi-Factor Authentication (MFA) server is required for authentication when supporting users located on- premises AD only?

True

True or False: When an initiative is evaluated all policies in that initiative are evaluated.

True

True or False? A lock applies to all resources in a scope and nay new resources added to the scope?

True

True or False? When multiple locks are applied at different scopes, the most restrictive inherited lock applies?

True

True or false. Locking a resource group as read-only locks all the resources in the group.

True

True or False: When a blueprint is unassigned, all resources assigned by the blueprint remain in places, but the blueprint resource locking is removed?

True: This also results in the deletion of the blueprint assignment object

True or False: Azure China is a physically isolated instance of Microsoft AZ?

True: all data and related systems physically reside in China and controlled by a chines data trustee.

True or False; when you delete a core blueprint, any assigned versions of the blueprint will remain in place?

True: they must be unassigned before they can be deleted.

A comapny has an AAD premium P1 subscription. The company has a hybrid environment that uses both Azure AD and on premises federated AD using Active Directory Federation Services (ADFS) The company is upgrading its security and must configure AAD self service password reset (SSPR) and MFA. You need to identify the authentication types that support both SSPR and MFA. Which three authentication types support both SSPR and MFA? (Choose 3) Voice Call App Password Email Address Password Security Questions SMS

Voice Call Password SMS

A Company deploys an Azure (VM) United the north central US region. The company adds the VM and its resources to a resource group in the same region. As a part of reorganization, the company needs to move the VM and it data to a different region. This must be accomplished with as little down time as possible. Solution: The Comapny configures site recovery with another region in the same geographic cluster. Does this solution meet the goal? Yes or No?

Yes

A company is looking for an application deployment solution for managed container orchestration service that included each of the following requirements; - Integration with an existing Azure virtual network (VNet) - Security Integration with AAD - Support for deploying docker container apps -Support for Azure Disk Premium Storage Coordinated Applications upgrades. You need to recommend a solution to meet these requirements . Solution: Using AKS (Azure Kubernetes) to deploy the application? (Y/N)

Yes ( this is a scenario where you would need full container orchestration, including service delivery across multiple containers, automatic scaling, and coordinated applications upgrade.

You need to filter traffic between two subsets in Azure Deployment. Filtering should be based on : - Source IP address and port number - Destination Is and port number - TCP/IP protocol in use Solution: You Deploy and configure a Network Security Group as the traffic filter. Does the solution meet the goal? Y/N

Yes (NSGs can be used to filter network traffic to and from AZ resources in an Azure Vnet. It also contains security rules that allow or deny inbound traffic, or outbound traffic from several types of Azure Resources)

Can Azure Functions and Logic Apps run on a schedule? If So What is the scheduled called?

Yes, a time trigger

Can Az Functions and Logic Apps act as a webhook?

Yes, this is referred to as an HTTP trigger,

You need to filter traffic between two subsets in Azure Deployment. Filtering should be based on : - Source IP address and port number - Destination Is and port number - TCP/IP protocol in use Solution: You Deploy and configure Azure Firewall as the traffic filter. Does the solution meet the goal? Y/N

Yes:


Related study sets

5.11.T - Quiz: Latin America & the Caribbean

View Set

ACCT 2700 - Final Exam - Cochran

View Set

Intro to Nursing Exam Review III

View Set