AZ-140

Question 1

What 3 actions should you perform to backup profiles using snapshots?

Answer 1

1. Register the Azure NetApp snapshot policy feature
2. Create a Snapshot policy
3. Apply a snapshot policy to a volume

Question 2

What Windows operating systems support the Remote Desktop Client?

Answer 2

1. Windows 11 Pro
   2.Windows 11 Enterprise
   3.Windows 10 Pro
   4.Windows 10 Enterprise
   5.Windows Server 2022
   6.Windows Server 2019
   7.Windows Server 2016

Question 3

What 4 actions should you perform before Publishing a new app?

Answer 3

1. Generate a signing certificate
2. Create a MSIX package
3. Create a MSIX Image
4. Upload the MSIX image to Share 1

Question 4

You need to back up the session host data disks.
What three steps should you take?

Answer 4

1. Create a backup vault
2. Configure a managed identity
3. Create a backup policy and configure a backup.

Question 5

You need to implement start/stop VMs during off-hours feature, how would you do this?

Answer 5

Configure the Diagnostic settings

Question 6

What CMD command would you run in PowerShell to disconnect users in AVD ?

Answer 6

Invoke-RdsUserSessionLogoff

Question 7

What is the usage of a Standard General Purpose V2 storage account?

Answer 7

Standard storage account type for blobs, file shares, queues, and tables. Recommended for most scenarios using Azure Storage. If you want support for network file system (NFS) in Azure Files, use the premium file shares account type.

Question 8

What is the usage of a premium block blob?

Answer 8

Premium storage account type for block blobs and append blobs. Recommended for scenarios with high transaction rates or that use smaller objects or require consistently low storage latency.

Question 9

What is the usage of a Premium file share?

Answer 9

Premium storage account type for file shares only. Recommended for enterprise or high-performance scale applications. Use this account type if you want a storage account that supports both Server Message Block (SMB) and NFS file shares.

Question 10

What is the usage for a premium page blob?

Answer 10

Premium storage account type for page blobs only.

Question 11

What type of storage account has a media tier of HDD?

Answer 11

File Storage + Storage V2

Question 12

What type of storage account has a media tier of SSD?

Answer 12

File Storage

Question 13

Which four action s do you perform to configure Azure Net App files to store User profile containers?

Answer 13

1. Create a Azure NetApp files account
2. Create a capacity pool
3. Configure an Active directory Connection to the Azure Ad Tenant
4. Create a New SMB volume

Question 14

What does VM N Series specialize in?

Answer 14

Graphic rendering and video editing

Question 15

What does VM E Series specialize in?

Answer 15

Memory optimized with a high memory to CPU ratio

Question 16

What does VM A series specialize in?

Answer 16

Entry level VMs for dev/test

Question 17

What does VM B series specialize in?

Answer 17

Economical Burstable VMs - Low cost - Low to moderate CPU usage.

Question 18

What does VM D series specialize in?

Answer 18

General Purpose Compute - Able to meet requirements of most production workloads

Question 19

What does VM F series specialize in?

Answer 19

Compute optimized virtual machines - Feature a higher CPU to memory usage

Question 20

You need to prevent users from accessing teh internet from AVD sessions. You change to RDP properties, does this meet the goal?

Answer 20

No - Correct answer is to modify the NSG.

Question 21

What is the path to configure to storage containers for session hosts using FSlogix?

Answer 21

\store1.file.core.windows.net\profiles

Question 22

What is stored in blob storage?

Answer 22

Blob Storage is optimized for storing massive amounts of unstructured data. In binary or TXT

Question 23

What is a personal Host pool?

Answer 23

Provides a dedicated desktop for each user as well as a dedicated session host.

Question 24

What is a pooled host pool?

Answer 24

Multiple users can share a group of virtual machines, and user sessions can be load balanced to any session host in the poo

Question 25

What command should you run to ensure modern apps can use language packs when you deploy session hosts by using the custom image?

Answer 25

Disable-SchdeuledTask
“Pre staged app cleanup”

Question 26

You need to add a new data disk, what 4 actions do u take?

Answer 26

1. Move the page file to Drive C
2. Change the drive letter of temporary storage (D)
3. Add the new disk and assign Drive D .
4. Move the page file to Temporary storage.

Question 27

What should you do before adding an image to the shared image gallery?

Answer 27

Run Sysprep in command prompt.

Question 28

What is a generalized image?

Answer 28

used as templates to create similar virtual machines - it is created by removing specific information from a VM, such as user accounts and unique machine identifiers, so that it can be reused for new VMs without duplicating that unique data.

Question 29

What is a specialized Image?

Answer 29

A specialized Azure image is a virtual machine (VM) image that retains all the unique, machine-specific data from the original VM, such as the machine’s name, IP configurations, user accounts, and other personalized settings. Unlike a generalized image, a specialized image is essentially a clone of an existing VM, preserving its exact configuration.

Question 30

Which is cheaper?
Office 365 E3 or Microsoft 365 E3?

Answer 30

Office 365 E3

Question 31

What does Office 365 E3 give you access to?

Answer 31

All standard office apps, Onedrive.

Question 32

What does Microsoft 365 E3 give you access to?

Answer 32

Everything in Office 365 E3 + Access to windows enterprise + Increased security and protection.

Question 33

What is RDP Shortpath?

Answer 33

RDP short path establishes a UDP base transport between a local windows app or the remote desktop app on supported platforms.

Question 34

You need to deploy Onedrive - What two actions do u take?

Answer 34

1.Implement application masking
2. Deploy a MSIX app attach package.

Question 35

Name the four Azure scope levels?

Answer 35

1. Management group
2. Subscription
3. Resource Group
4. Resource

Question 36

What can a Desktop Virtualization Contributor do?

Answer 36

Allows managing of all azure virtual desktop resources.

Question 37

What can a Desktop Virtualization reader do?

Answer 37

Allows viewing all the azure desktop resources but doesn’t allow changes to be made.

Question 38

What can a desktop virtualization user do?

Answer 38

Allows users to use an application on a session host from a app group as a non-admin user.

Question 39

What can a desktop virtualization host pool contributor do?

Answer 39

Allows managing all aspects of a Host Pool.

Question 40

What can a desktop virtualization Host Pool reader do?

Answer 40

Allows viewing all aspects of a host pool but doesnt allow changes

Question 41

Difference between contributor and reader role?

Answer 41

Contributor can make changes while a reader can only view.

Question 42

Difference between host pools and session hosts?

Answer 42

A host pool is a collection of virtual machines that are registered as session hosts.

Question 43

What is a registration token?

Answer 43

A registration token in Azure Stack Hub is a unique identifier that allows users to register Azure Stack Hub in a disconnected environment.

Question 44

You need to deploy a VPN Gateway, what should you do first?

Answer 44

Modify the address space of VNet1

Question 45

What is windows 10 multi session?

Answer 45

For users with identical compute requirements you can let more than 1 user log onto a single VM at once. Leading to cost saving.

Question 46

What are the four operating systems that a host pool can run?

Answer 46

1. Windows 10 enterprise and windows 11 enterprise.
2. Windows 10 enterprise multi-session
3. Windows server 2012 R2 and above
4. Custom Windows system images with pre-loaded apps, group policies, or other customizations

Question 47

What is VM series L good for?

Answer 47

Storage optimization

Question 48

While deploying Azure Virtual desktop, what is used to integrate Active Directory Domain Services (AD DS) with Microsoft Entra ID?

Answer 48

Microsoft Entra Connect

Question 49

Which of the following is used to connect remote users to Azure Virtual Desktop from any internet-connected device running an Azure Virtual Desktop client?

Answer 49

Remote Connection Gateway service

Question 50

What does remote connection gateway service do?

Answer 50

The Remote Connection Gateway service connects remote users to Azure Virtual Desktop apps and desktops from any internet-connected device that can run an Azure Virtual Desktop client.

Question 51

What does RD connection Broker do?

Answer 51

The Connection Broker service manages user connections to virtual desktops and remote apps. The Connection Broker provides load balancing and reconnection to existing sessions.

Question 52

What is the recommended bandwidth for these four workload types?
Light, medium, Heavy, Power

Answer 52

1.5 MBPS
3 MBPS
5 MBPS
15 MBPS

Question 53

What is the recommended bandwidth for these resolutions?

About 1024 × 768 px
About 1280 × 720 px
About 1920 × 1080 px
About 3840 × 2160 px (4K)

Answer 53

1.5 Mbps
3 Mbps
5 Mbps
15 Mbps

Question 54

What do you use to determine the connection round-trip time (RTT) from your current location, through the Azure Virtual Desktop service, to the Azure region where you deploy virtual machines.

Answer 54

Azure Virtual Desktop Experience estimator

Question 55

Where should FSlogix profiles be stored?

Answer 55

Azure Files

Question 56

Give some details regarding Azure Files?

Answer 56

General Purpose, Azure native, Available in all regions.
Azure Backup snapshot integration.

Question 57

Give some details regarding Azure NetApp Files?

Answer 57

Ultra performance or migration from netapp on prem.
Azure Native
Select regions not all
Azure netapp files snapshots

Question 58

Give some details regarding Storage spaces direct?

Answer 58

Cross platform, Self managed, all regions, Azure backup snapshot integration

Question 59

What is the per device installation command?

Answer 59

msiexec.exe /I <path> /qn ALLUSERS=1</path>

Question 60

What is the per user installation command line?

Answer 60

msiexec.exe /i <path to the MSI> /qn ALLUSERS=2 MSIINSTALLPERUSER=1

Question 61

What is federation integration?

Answer 61

Federation integration is an option in Microsoft Entra Connect used to configure a hybrid environment using on-premises Active Directory Federation Services (AD FS).

Question 62

What is a point-to-site VPN?

Answer 62

Established between a virtual network and a single computer in your network.

Question 63

What is a site to site VPN?

Answer 63

Established between your on-premises VPN device and an Azure VPN Gateway that is deployed in a virtual network.

Question 64

What is azure express route?

Answer 64

Established between your network and Azure, through an ExpressRoute partner.
Traffic doesn’t go over the internet

Question 65

What is a NSG?

Answer 65

Network security groups and application security groups can contain multiple inbound and outbound security rules that enable you to filter traffic to and from resources by source and destination IP address, port, and protocol.

Question 66

What is a BGP?

Answer 66

Border Gateway Protocol - If you connect your virtual network to your on-premises network using an Azure VPN Gateway or ExpressRoute connection, you can propagate your on-premises BGP routes to your virtual networks.

Question 67

What is a Azure private link solution?

Answer 67

creating a private endpoint, traffic between your virtual network and the service remains on the Microsoft network, so you no longer need to expose your service to the public internet.

Question 68

WHat should you use to connect to a VM?

Answer 68

Azure bastion

Question 69

What does Network Watcher do?

Answer 69

a suite of tools to monitor, diagnose, view metrics, and enable or disable logs for Azure IaaS (Infrastructure-as-a-Service) resources. Network Watcher enables you to monitor and repair the network health

Question 70

What are Flow Logs?

Answer 70

records of network traffic that can be used to monitor, analyze, and troubleshoot a network

Question 71

What are premium file shares?

Answer 71

Premium file shares are backed by solid-state drives (SSDs) and are deployed in the FileStorage storage account type

Question 72

What are standard file shares?

Answer 72

Standard file shares are backed by hard disk drives (HDDs) and are deployed in the general purpose version 2 (GPv2) storage account type.

Question 73

What workload type should use premium file shares?

Answer 73

Light (More than 200 users), Medium, Heavy,Power.

Question 74

What workload type should use standard file shares?

Answer 74

Light (Fewer than 200 users) + Light (More than 200 users)

Question 75

What does standard storage Net app files provide?

Answer 75

16 MiB/s of throughput per 1 TiB

Question 76

What does premium Storage net app files provide?

Answer 76

64 MiB/s of throughput per 1 TiB

Question 77

What does ultra storage net app files provide?

Answer 77

128 MiB/s of throughput per 1 TiB

Question 78

What is a general purpose version 2 (GPV2) storage account?

Answer 78

Standard GPv2 storage accounts allow you to deploy Azure file shares on standard/hard disk-based (HDD-based) hardware. In addition to storing Azure file shares, GPv2 storage accounts can store other storage resources such as blobs, queues, or tables.

Question 79

What is filestorage storage accounts?

Answer 79

FileStorage storage accounts allow you to deploy Azure file shares on premium/solid-state disk-based (SSD-based) hardware. FileStorage accounts can only be used to store Azure file shares

Question 80

What performance tier is recommended for a “heavy workload”?

Answer 80

Premium Tier

Question 81

What comes first, Host pool or session host?

Answer 81

Host pool

Question 82

What must user accounts be in to use AVD?

Answer 82

Microsoft Entra ID

Question 83

What licensing Gives you access to VDI with windows 10/11 enterprise?

Answer 83

Microsoft 365 E3, E5
Windows Enterprise E3, E5

Question 84

What licensing gives you access to VDI on servers with Windows server - 2016, 2019, 2022?

Answer 84

RDS CAL with software assurance.

Question 85

Which PowerShell cmdlet verifies the AVD licensing?

Answer 85

Get-AzVM ResourceGroupName resourceGroupName Name vmName

Question 86

What powershell command will apply a windows license?

Answer 86

$vm = Get-AzVM -ResourceGroup <resourceGroupName> -Name <vmName>
$vm.LicenseType = "Windows_Client"
Update-AzVM -ResourceGroupName <resourceGroupName> -VM $vm</resourceGroupName></vmName></resourceGroupName>

Question 87

What is the command for a new host pool?

Answer 87

New-AzWvdHostPool

Question 88

What is the first step of adding a session host to a host pool?

Answer 88

Generating a registration key

Question 89

What is the best VM Size for windows?

Answer 89

Standard_D2_V2 or greater.

Question 90

What is the azure compute gallery?

Answer 90

The Azure Compute Gallery lets you share your custom VM images with others in your organization, within or across regions, within a Microsoft Entra tenant

Question 91

What should be done to ensure users can select their preferred language in the Settings menu?

Answer 91

The administrator should run a PowerShell cmdlet to add the installed language packs to the Languages menu.

Question 92

What does infrastructure as Code do?

Answer 92

Infrastructure as Code (IaC) enables the automation and validation of the creation and teardown of environments to help deliver secure and stable application hosting platforms.

Question 93

What are the 3 separate authentication points?

Answer 93

1. Service authentication to Azure Virtual Desktop
2. Session host
3. In-session authentication

Question 94

What does the RBAC role “Desktop Virtualization User Session Operator” allow?

Answer 94

The Desktop Virtualization User Session Operator role allows sending messages, disconnecting sessions, and using the logoff function to sign users out of a session host.

Question 95

What does the RBAC role Desktop Virtualization Session Host Operator allow?

Answer 95

The Desktop Virtualization Session Host Operator role allows viewing and removing session hosts, and changing drain mode

Question 96

What 3 features do you need to assign a role to?

Answer 96

Autoscale.
Start VM on Connect.
App attach

Question 97

What is a conditional access policy?

Answer 97

an advanced feature of Azure AD that allows you to specify detailed policies that control who can access your resources

Question 98

What needs to be done To use a smart card to authenticate to Microsoft Entra ID?

Answer 98

the system administrator must either configure AD FS for user certificate authentication or configure Microsoft Entra certificate based authentication.

Question 99

How do you enable Defender for cloud?

Answer 99

Search “Microsoft defender for cloud” in the azure portal. Choose enable.

Question 100

How do you enable Defender for cloud on VDI?

Answer 100

1. Through local group policy
2. Domain group policy
3. On boarding using management tools

Question 101

What are the 4 benefits of deploying conditional access requests?

Answer 101

Increase productivity
Manage risk
Address compliance and governance
Manage cost

Question 102

What can help you improve your cloud security posture?

Answer 102

Secure Score in Microsoft defender for cloud

Question 103

What container is used for a FSlogix solution?

Answer 103

Profile Container

Question 104

What file type is FSLogix containers

Answer 104

VHDX - Virtual Hard disk

Question 105

What 4 types of rules can you setup for FSlogix? and what do they do

Answer 105

Hiding Rule - A hiding rule hides specific items from a user or group of users

Redirection rule - Redirection rules allow IT administrators to redirect non-profile or other specific data into the user profile container so it’s available on subsequent sign-ins regardless of which virtual machine they sign into.

app container (VHD) Rule - You can contain applications with a large amount of read-only data (for example, Clip Art galleries, Java applications, and so on) within a VHD and mount them to a virtual machine

Specify Value rule - The specify value rule will, at sign-in, set a registry value for a specific user or group of users

Question 106

They have installed a reference image of Windows 10 1607 version 10.0.1393 on a virtual machine. What should be their next step?

Answer 106

Adjust settings during installation in Customize settings - The system administrator can adjust these settings during installation in Customize settings or after installation with Group Policy Editor.

Question 107

What package type is used for Applications?

Answer 107

MSIX Packages

Question 108

How to deploy One Drive?

Answer 108

Download OneDriveSetup.exe.
Run “OneDriveSetup.exe /allusers” from a command prompt window (this results in a User Account Control prompt) or by using Microsoft Endpoint Configuration Manager.

Question 109

What redirects calling and meeting functionality from teams?

Answer 109

WebRTC redirector service

Question 110

A system administrator needs to add an MSIX or Appx image as an app attach package using the Azure portal. What is the correct sequence of steps to accomplish this task?

Answer 110

Sign in to the Azure portal, search for Azure Virtual Desktop, select the matching service entry, select App attach, complete the Basics tab, select Next, complete the Image path tab, and finally assign the app attach package to host pools, users and groups.

Question 111

A team is assigned to manage an application group in the Azure Virtual Desktop. What is the correct procedure to assign users or user groups to this application group using the Azure portal?

Answer 111

From the Azure Virtual Desktop overview, select Application groups. Select the application group from the list. From the application group overview, select Assignments. Select Add, then search for and select the user account or user group to assign to this application group. Finish by selecting Select.

Question 112

An IT professional is tasked with setting up Azure Virtual Desktop Insights to monitor their Azure Virtual Desktop environments. What are the minimum Azure role based access control (RBAC) roles they need to have assigned?

Answer 112

Desktop Virtualization Reader and Log Analytics Reader

Question 113

What does Azure Backup do?

Answer 113

Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. Backups are stored in a Recovery Services vault with built-in management of recovery points. Configuration and scaling are simple, backups are optimized, and you can easily restore as needed.

Question 114

What does Azure site recovery do?

Answer 114

Azure Site Recovery is used to manage the replication of virtual machines to other Azure locations.

Question 116

What should you do to install Microsoft Anti malware on the session hosts?

Answer 116

Add an extension to each session host

Question 117

What storage account should you use whenever you can?

Answer 117

Standard general purpose v2 (GPv2)

Question 118

Which storage SOLUTION has the highest IOPS and the lowest Latency?

Answer 118

Azure NetApp Files

Question 119

What should you do before adding vm’s to a host pool?

Answer 119

Generate a Registration Key

Question 120

What does failover clustering do?

Answer 120

Increase availability in servers, host pools etc

Question 121

What should you never do inside the VM?

Answer 121

Configure Network settings

Question 122

What should you do before deploying a windows 10 enterprise session host to a pool?

Answer 122

Modify the DNS settings of VNET1

Question 123

What is used to establish a communication between an AVD infrastructure and on prem network resources?

Answer 123

Express Route and/or Site-to-Site VPN

Question 124

What is RDP short path used for?

Answer 124

Used to establish a UDP based transport between a supported windows Remote Desktop client and a session host.

Question 125

What can be used to prioritise network traffic?

Answer 125

Quality of service (QOS)

Question 126

What allows you to define the next hop for outgoing traffic in azure?

Answer 126

User-defined routes

Question 127

What is supported as cloud cache with FS LOGIX profile containers?

Answer 127

Page Blob Storage

Question 128

Does a direct assignment require its own session host?

Answer 128

Yes

Question 129

What is the first step for preparing a server for avd infrastructure?

Answer 129

Install the Remote Desktop session host role service

Question 130

What duration should you set for a registration token?

Answer 130

15 mins

Question 131

What is the max number of simultaneous image deployments?

Answer 131

Ideal number is 10 no more than 20

Question 132

What is used to automate the creation and distribution of images?

Answer 132

Azure VM image builder

Question 133

What is the cmdlet for creating a new compute gallery?

Answer 133

New-azgallery

Question 134

What command is used to find the session name on a session host?

Answer 134

QWINSTA

Question 135

You configure an azure page blob storage to store FS logix profiles, what registry should you use?

Answer 135

CDDLOcations

Question 136

What should you configure for session time limits on a pool that has 10 session hosts?

Answer 136

Registry settings on each session host

Question 137

Where do you configure start VM on connect?

Answer 137

Host Pool

Question 138

What should you configure for usb device redirection?

Answer 138

RDP properties of Pool1 and Group Policy settings on users devices

Question 139

What port and url maintain windows activation?

Answer 139

KMS.core.windows.Net
1688

Question 140

What are the three steps for capturing an image using the azure portal?

Answer 140

Create an azure compute gallery
Create an image definition
Create an version