AZ-204 Private Flashcards

1
Q

You are planning on using the Azure container registry service. You want to ensure that your application or service can use it for headless authentication. You also want to allow role-based access to the registry.

You decide to use the Admin account associated with the container registry

Would this fulfil the requirement?

A

No.

Why not:

This is only used for single user access to the registry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Azure Container Registry - Admin account

A

Each container registry includes an admin user account, which is disabled by default. You can enable the admin user and manage its credentials in the Azure portal, or by using the Azure CLI or other Azure tools. The admin account has full permissions to the registry.

The admin account is currently required for some scenarios to deploy an image from a container registry to certain Azure services. For example, the admin account is needed when you deploy a container image in the portal from a registry directly to Azure Container Instances or Azure Web Apps for Containers.

Important

The admin account is designed for a single user to access the registry, mainly for testing purposes. We do not recommend sharing the admin account credentials among multiple users. All users authenticating with the admin account appear as a single user with push and pull access to the registry. Changing or disabling this account disables registry access for all users who use its credentials. Individual identity is recommended for users and service principals for headless scenarios.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You are planning on using the Azure container registry service. You want to ensure that your application or service can use it for headless authentication. You also want to allow role-based access to the registry.

You decide to perform an individual login to the registry

Would this fulfil the requirement?

A

Yes.

Why:

This will allow you to assign role-based access control or even allow for headless authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Azure Container Registry/Individual Login/Azure AD

A

When working with your registry directly, such as pulling images to and pushing images from a development workstation to a registry you created, authenticate by using your individual Azure identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You are planning on using the Azure container registry service. You want to ensure that your application or service can use it for headless authentication. You also want to allow role-based access to the registry.

You decide to assign a service principal to the registry

Would this fulfil the requirement?

A

Yes.

Why:

If you assign a service principal to your registry, your application or service can use it for headless authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Azure Container Registry/Service Principal/AD

A

If you assign a service principal to your registry, your application or service can use it for headless authentication. Service principals allow Azure role-based access control (Azure RBAC) to a registry, and you can assign multiple service principals to a registry. Multiple service principals allow you to define different access for different applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

az webapp cors add

A
  • Add allowed origins.

Code:

az webapp cors add --allowed-origins
                   [--ids]
                   [--name]
                   [--resource-group]
                   [--slot]
                   [--subscription]

Ex:
az webapp cors add -g {myRG} -n {myAppName} –allowed-origins https://myapps.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

az webapp commands

A

az webapp cors remove -g {myRG} -n {myAppName} –allowed-origins https://myapps.com

az webapp cors show –name MyWebApp –resource-group MyResourceGroup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Azure Database Migration Service

A

You can use Azure Database Migration Service to perform an online (minimal downtime) migration of databases from an on-premises or cloud instance of MongoDB to Azure Cosmos DB’s API for MongoDB.

Using Azure Database Migration Service to perform an online migration requires creating an instance based on the Premium pricing tier.

For an optimal migration experience, Microsoft recommends creating an instance of Azure Database Migration Service in the same Azure region as the target database. Moving data across regions or geographies can slow down the migration process.

When you migrate databases to Azure by using Azure Database Migration Service, you can do an offline or an online migration. With an offline migration, application downtime starts when the migration starts. With an online migration, downtime is limited to the time to cut over at the end of migration. We suggest that you test an offline migration to determine whether the downtime is acceptable; if not, do an online migration.

The service uses the Data Migration Assistant to generate assessment reports that provide recommendations to guide you through the changes required prior to performing a migration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Azure Migrate

A

Azure Migrate provides a centralized hub to assess and migrate to Azure on-premises servers, infrastructure, applications, and data. It provides the following:

Unified migration platform: A single portal to start, run, and track your migration to Azure.

Range of tools: A range of tools for assessment and migration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data Migration Assistant

A

Data Migration Assistant helps pinpoint potential problems blocking migration. It identifies unsupported features, new features that can benefit you after migration, and the right path for database migration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Azure Cosmos DB Data Migration Tool

A

The Azure Cosmos DB Data Migration tool is an open source tool designed for small migrations.

This tutorial provides instructions on using the Azure Cosmos DB Data Migration tool, which can import data from various sources into Azure Cosmos containers and tables. You can import from JSON files, CSV files, SQL, MongoDB, Azure Table storage, Amazon DynamoDB, and even Azure Cosmos DB SQL API collections. You migrate that data to collections and tables for use with Azure Cosmos DB. The Data Migration tool can also be used when migrating from a single partition collection to a multi-partition collection for the SQL API.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Integration Service Environment

A

Sometimes, your logic apps need access to secured resources, such as virtual machines (VMs) and other systems or services, that are inside or connected to an Azure virtual network. To set up this access, you can create an integration service environment (ISE).

If your logic apps need access to virtual networks that use private endpoints, you must create, deploy, and run those logic apps inside an ISE.

When you create an ISE, Azure injects or deploys that ISE into your Azure virtual network. You can then use this ISE as the location for the logic apps and integration accounts that need access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Azure App Service Environment

A

The Azure App Service Environment is an Azure App Service feature that provides a fully isolated and dedicated environment for securely running App Service apps at high scale.

App Service environments (ASEs) are appropriate for application workloads that require:

Very high scale.
Isolation and secure network access.
High memory utilization.

Customers can create multiple ASEs within a single Azure region or across multiple Azure regions. This flexibility makes ASEs ideal for horizontally scaling stateless application tiers in support of high requests per second (RPS) workloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Azure AD B2B Integration

A

Azure Active Directory (Azure AD) business-to-business (B2B) collaboration is a feature within External Identities that lets you invite guest users to collaborate with your organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

VNet Service Endpoint

A

Virtual Network (VNet) service endpoint provides secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Service Endpoints enables private IP addresses in the VNet to reach the endpoint of an Azure service without needing a public IP address on the VNet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

You are developing an ASP.Net Core application. This application would need to be deployed to the Azure Web App service from a GitHub repository. The web application contains static content that is generated by a script.

You are planning on using the Azure Web App continuous deployment feature. The script which is used to generate static content needs to run first before the web site can start serving traffic.

Which of the following are options that can be used for this fulfilling this requirement?

A

Customize the deployment by creating a .deployment file at the root of the repository. Ensure the deployment file calls the script which generates the static content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

.deployment file

A

Deployment configuration files let you override the default heuristics of deployment by allowing you to specify a project or folder to be deployed. It has to be at the root of the repository and it’s in .ini format.

Code:
[config]
command = deploy.cmd

Powershell:
command = powershell -NoProfile -NoLogo -ExecutionPolicy Unrestricted -Command “& “$pwd\deploy.ps1” 2>&1 | echo”
\

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Deploying a specific ASP.NET or ASP.NET Core project file

A

You can specify the path to the project file, relative to the root of your repo. Note that this is not a path to the solution file (.sln), but to the project file (.csproj/.vbproj). The reason for this is that Kudu only builds the minimal dependency tree for this project, and avoids building unrelated projects in the solution that are not needed by the web project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Azure Function authLevels

A

Determines what keys, if any, need to be present on the request in order to invoke the function. The authorization level can be one of the following values:

anonymous—No API key is required.
function—A function-specific API key is required. This is the default value if none is provided.
admin—The master key is required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Azure Functions Blob storage binding

A

Integrating with Blob storage allows you to build functions that react to changes in blob data as well as read and write values.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Azure Functions HTTP triggers

A

Azure Functions may be invoked via HTTP requests to build serverless APIs and respond to webhooks.

Run a function from an HTTP request
Return an HTTP response from a function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Azure Functions Queue storage trigger

A

Azure Functions can run as new Azure Queue storage messages are created and can write queue messages within a function.

Run a function as queue storage data changes
Write queue storage messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Azure Functions Timer Trigger

A

A timer trigger lets you run a function on a schedule.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Your company has the requirement to deploy a web application to an Azure Windows virtual machine. You have to configure remote access to RDP into the machine.

You decide to create an Inbound Network Security Group rule to allow traffic on port 3389

Would this fulfil the requirement?

A

Yes.

Why:
In order to connect to a Windows virtual machine in Azure, you have to create an Inbound port rule in the Network Security Group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Azure Notification Hubs

A

The Notification Hub is used for sending notifications to devices

Azure Notification Hubs provide an easy-to-use and scaled-out push engine that enables you to send notifications to any platform (iOS, Android, Windows, etc.) from any back-end (cloud or on-premises). Notification Hubs works great for both enterprise and consumer scenarios. Here are a few example scenarios:

Send breaking news notifications to millions with low latency.
Send location-based coupons to interested user segments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

You have to create an Azure Virtual Machine using a PowerShell script.

Which of the following command can be used to create the new virtual machine?

A

New-AzVm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

write a new row to Azure Table storage whenever a new message appears in Azure Queue storage

A
{
  "bindings": [
    {
      "type": "queueTrigger",
      "direction": "in",
      "name": "order",
      "queueName": "myqueue-items",
      "connection": "MY_STORAGE_ACCT_APP_SETTING"
    },
    {
      "type": "table",
      "direction": "out",
      "name": "$return",
      "tableName": "outTable",
      "connection": "MY_TABLE_STORAGE_ACCT_APP_SETTING"
    }
  ]
}
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

You have to setup a data store using Azure Cosmos DB. The documents that would be stored in Cosmos DB would contain hundreds of properties. The Azure Cosmos DB account would be using the SQL API.

The issue currently is that in the design stage it has been noticed that there are no distinct values in the documents that can be used for partitioning.

You need to choose a partition key that would ensure workloads are spread evenly over the partitions.

Which of the following are strategies that can be implemented?

Choose 2 answers from the options given below:

A

Employing a strategy of concatenation of multiple property values with a random suffix appended

Using a hash suffix that is appended to a property value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

SQL API/Partition Key

A

It’s the best practice to have a partition key with many distinct values, such as hundreds or thousands.

The goal is to distribute your data and workload evenly across the items associated with these partition key values.

If such a property doesn’t exist in your data, you can construct a synthetic partition key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Concatenate multiple properties of an item

A

You can form a partition key by concatenating multiple property values into a single artificial partitionKey property. These keys are referred to as synthetic keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

partition key with a random suffix

A

Another possible strategy to distribute the workload more evenly is to append a random number at the end of the partition key value. When you distribute items in this way, you can perform parallel write operations across partitions.

An example is if a partition key represents a date. You might choose a random number between 1 and 400 and concatenate it as a suffix to the date. This method results in partition key values like 2018-08-09.1,2018-08-09.2, and so on, through 2018-08-09.400.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Use a partition key with pre-calculated suffixes

A

The random suffix strategy can greatly improve write throughput, but it’s difficult to read a specific item. You don’t know the suffix value that was used when you wrote the item. To make it easier to read individual items, use the pre-calculated suffixes strategy. Instead of using a random number to distribute the items among the partitions, use a number that is calculated based on something that you want to query.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Azure Active Directory app manifest

A

The application manifest contains a definition of all the attributes of an application object in the Microsoft identity platform. It also serves as a mechanism for updating the application object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Manifest reference/id attribute

A

The unique identifier for the app in the directory. This ID is not the identifier used to identify the app in any protocol transaction. It’s used for the referencing the object in directory queries.

code:
“id”: “f7f9acfc-ae0c-4d6c-b489-0a81dc1652dd”,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Manifest reference/accessTokenAcceptedVersion attribute

A

Specifies the access token version expected by the resource. This parameter changes the version and format of the JWT produced independent of the endpoint or client used to request the access token.

code:
“accessTokenAcceptedVersion”: 2,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Manifest reference/addIns attribute

A

Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its “FileHandler” functionality. This parameter will let services like Microsoft 365 call the application in the context of a document the user is working on.

code:
"addIns": [
       {
        "id": "968A844F-7A47-430C-9163-07AE7C31D407",
        "type":" FileHandler",
        "properties": [
           {
              "key": "version",
              "value": "2"
           }
        ]
       }
    ],
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Manifest reference/oauth2AllowImplicitFlow attribute

A

Specifies whether this web app can request OAuth2.0 implicit flow access tokens. The default is false. This flag is used for browser-based apps, like JavaScript single-page apps.

code:
“oauth2AllowImplicitFlow”: false,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Configure group claims for applications with Azure Active Directory

A

Azure Active Directory can provide a users group membership information in tokens for use within applications. Two main patterns are supported:

  • Groups identified by their Azure Active Directory object identifier (OID) attribute
  • Groups identified by sAMAccountName or GroupSID attributes for Active Directory (AD) synchronized groups and users
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Group claims for applications migrating from AD FS and other identity providers

A

Many applications configured to authenticate with AD FS rely on group membership information in the form of Windows AD group attributes. These attributes are the group sAMAccountName, which may be qualified by-domain name, or the Windows Group Security Identifier (GroupSID). When the application is federated with AD FS, AD FS uses the TokenGroups function to retrieve the group memberships for the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Options for applications to consume group information

A

Applications can call the MS Graph groups endpoint to obtain group information for the authenticated user. This call ensures that all the groups a user is a member of are available even when there are a large number of groups involved. Group enumeration is then independent of token size limitations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Prerequisites for using Group attributes synchronized from Active Directory

A

Group membership claims can be emitted in tokens for any group if you use the ObjectId format. To use group claims in formats other than the group ObjectId, the groups must be synchronized from Active Directory using Azure AD Connect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

groupMembershipClaims attribute

A

Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. To set this attribute, use one of the following valid string values:

code:
“groupMembershipClaims”: “SecurityGroup”,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Acquire a token from Azure AD for authorizing requests from a client application

A

A key advantage of using Azure Active Directory (Azure AD) with Azure Blob storage or Queue storage is that your credentials no longer need to be stored in your code. Instead, you can request an OAuth 2.0 access token from the Microsoft identity platform. Azure AD authenticates the security principal (a user, group, or service principal) running the application. If authentication succeeds, Azure AD returns the access token to the application, and the application can then use the access token to authorize requests to Azure Blob storage or Queue storage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Grant your registered app permissions to Azure Storage

Azure Storage API

A

This step enables your application to authorize requests to Azure Storage with Azure AD.

observe that the available permission type is Delegated permissions. This option is selected for you by default.

Under Permissions, select the checkbox next to user_impersonation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

az webapp log commands

A

az webapp log config
Configure logging for a web app.

az webapp log deployment
Manage web app deployment logs.

az webapp log deployment list
List deployments associated with web app.

az webapp log deployment show
Show deployment logs of the latest deployment, or a specific deployment if deployment-id is specified.

az webapp log download
Download a web app’s log history as a zip file.

az webapp log show
Get the details of a web app’s logging configuration.

az webapp log tail
Start live log tracing for a web app.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

az webapp log config

A

az webapp log config –name MyWebapp –resource-group MyResourceGroup –web-server-logging off

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

az webapp log download

A

az webapp log download –name MyWebApp –resource-group MyResourceGroup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Microsoft Graph API/Permission

A

Delegated/User.Read

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Azure Event Grid

A
  • Azure Event Grid allows you to easily build applications with event-based architectures.
  • First, select the Azure resource you would like to subscribe to, and then give the event handler or WebHook endpoint to send the event to.
  • Event Grid has built-in support for events coming from Azure services, like storage blobs and resource groups. Event Grid also has support for your own events, using custom topics.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Azure Event Hubs

A
  • Azure Event Hubs is a big data streaming platform and event ingestion service. It can receive and process millions of events per second.
  • Data sent to an event hub can be transformed and stored by using any real-time analytics provider or batching/storage adapters.
  • The following scenarios are some of the scenarios where you can use Event Hubs:

Anomaly detection (fraud/outliers)

Application logging

Analytics pipelines, such as clickstreams

Live dashboarding

Archiving data

Transaction processing

User telemetry processing

Device telemetry streaming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Azure Service Bus

A
  • fully managed enterprise message broker with message queues and public-subscribe topics.
  • Service Bus is used to decouple applications and services from each other, for load balancing work across competing workers, for safely routing and transferring data and control across service and application boundaries, and for coordinating transactional work that requires a high-degree of reliability.
  • Data is transferred between different applications and services using messages. A message is a container decorated with metadata, and can contain any kind of information, including structured data encoded with common formats such as JSON, XML, Apache Avro, or Plain Text.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Which notebook format is used in Azure Databricks?

A
DBC
HTML
IPython notebook
RMarkdown
https://docs.microsoft.com/en-us/azure/databricks/notebooks/notebooks-manage
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Tags applied at a resource group level are propagated to resources within the resource group

A

Incorrect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Which of the following is not a feature of resource groups?

A

Resource groups can be nested

56
Q
A development team needs to develop an application module that needs to interact with an Azure service bus queue.
Example code?
A

montanaqueueClient = new QueueClient(ServiceBusConnectionString, QueueName);

57
Q

Can you use SSH to connect to an Azure web app on a Linux app container from your local development environment?

A

Yes. You can connect to the app container directly from your local development machine using SSH, SFTP, or Visual Studio Code (for live debugging Node.js apps)

58
Q

A team is deploying an app to Azure App Service and needs to configure the deployment user.
Which Azure CLI command should the team run to accomplish this?

A

az webapp deploy user set

59
Q

What command should a developer run to build a docker image?

A

docker build

60
Q

What powershell command should a developer run to restore a deleted Azure App Service app?

A

Restore-AzDeletedWebApp

61
Q

Developer, configuring autoscale for Azure Web App:

What are 3 scaling options?

A

CPU, Specific dates, schedule condition

62
Q

Team, Azure Container Registry, The team’s requirements call for building, tagging, and pushing one or more container images, in series or in parallel.
Which ACR task type would be best for this?

A

multi-step task

63
Q

Team, issues with Azure App Service Web App.
The app temporarily stops running and occasionally fails to write to the logs.
What can cause this?

A

App memory quota exceeded

Filesystem quota exceeded

64
Q

Upgrading a general purpose v1 or Blob storage account to a general purpose v2 is a permanent change?
True/False

A

True

65
Q

What type of value should a developer use to store a secret value in the Azure Resource Manager template?

A

secureString

66
Q

Which languages does Azure Durable Functions currently support?

A

C#, F#, JavaScript

67
Q

You are creating a high availability application with a recovery time objective of less than 15 minutes and a recovery point of greater than 0 minutes.
Which consistency level would you choose?

A

Strong
Recovery point objective: 0 minutes
Recovery time objective: Less than 15 minutes

68
Q

Which method is used in Python cells to display the results as a formatted table or chart visualization?

A

display(df)

69
Q

Which DataFrame method do you use to create a temporary view?

A

createOrReplaceTempView()

70
Q

How do you create a DataFrame object?

A

introduce a variable name and equate it to something like myDataFrameDF =

71
Q

What is the DataFrame equivalent of the SQL statement SELECT count(*) AS total?

A

.agg(count(“*”).alias(“total”))

72
Q

What is the Python syntax for definining a DataFrame in Spark from an existing Parquet file in DBFS?

A

IPGeocodeDF = spark.read.parquet(dbfs:/mnt/training/ip-geocode.parquet”)

73
Q

Which Python statement will yield a Spark DataFrame from the query?

A

df=spark.sql(“SELECT * FROM usedcars”)

74
Q

True/False:

Machine learning algorithms only understand vectors (arrays of numbers), not text

A

True

75
Q

Cause of a supervised model making predictions perfectly against all training data, but failing against new data?

A

Overfitting

76
Q

What’s used to guide the improvement of the model during model training?

A

Minimizing the error

77
Q

Azure Service Bus, Boolean Filter - False Filter

A

No messages allowed to arrive in the subscription

78
Q

Methods to secure connection between the API Management gateway and a back-end service

A

Connecting the API instance to an Azure virtual network
Using HTTP Basic Authentication
TLS Mutual authentication
IP whitelisting on the back-end service

79
Q

What are the two types of Azure Logic App triggers to start a workflow?

A

Polling trigger

Push trigger

80
Q

Two template objects used to create an Azure Logic App template

A

parameters

resources

81
Q

Which pricing tier of Azure API Management (APIM)( supports multi-region deployment?

A

Premium

82
Q

Event Grid does not support

A

Microsoft.EventGrid/*/edit

83
Q

What development language currently supports inline code?

A

JavaScript

84
Q

What types of connectors are available in Azure Logic Apps?

A

Built-in

Managed

85
Q

APIM, caching, policy type,

Example policy: A find-and-replace policy to update the response body with the user profile information

A

Inbound policy type

86
Q

What is an Azure SQL logical server?

A

An administrative container for your databases

87
Q

We secured our function against unknown HTTP callers by requiring a function-specific API key be passed with each call.
Which of the following fields is the name header in the HTTP requests that needs to contain this key?

A

x-functions-key

88
Q

What blob trigger path value would you use when you want an associated Azure Function blob trigger to execute an upload an image?

A

samples-workitems/{name}.png

89
Q

True/False:

An Azure Function can have multiple triggers associated with it?

A

False

90
Q

What is the name of the file that contains function configuration data?

A

function.json

91
Q

By default, how many partitions will a new Event Hub have?

A

4

92
Q

True/False:

You can add a message to an Azure Service Bus queue that is 2mb in size.

A

False
Standard tier: 256kb max message size
Premium tier: 1 mb max message size

93
Q

Why does the Human Interaction application pattern benefit from Durable Functions?

A

A manual process within an automated process is tricky because people aren’t as highly available and as responsive as computers.

94
Q

What is the most efficient way to secure a database to allow only access from a VNet while restricting access from the internet?

A

A server-level virtual network rule

95
Q

True/False

Encrypted communication is turned on automatically when connecting to an Azure SQL Server

A

True

96
Q

What is Durable Functions?

A

an extension of Azure Functions, that allows you to simplify complex stateful executions in a serverless-environment

97
Q

What’s a NoSQL database?

A

A database that does not require data to be structured in a pre-defined way

98
Q

What is a good reason to use MEAN as the development stack?

A

Everyone on your development team is an expert with JavaScript

99
Q

What is the final rule that is applied in every Network Security Group?

A

Deny All

100
Q

True/False

For security reasons, an image from the official Azure Marketplace must be used when creating a virtual machine

A

False

101
Q

APIM, cache, policies

cache-store

A

Outbound

102
Q

APIM, cache, policies

cache-lookup

A

Inbound

103
Q

You are writing an application and want to sign in users in your own organization. This is an example of which Microsoft identity platform account type?

A

Single-tenant

104
Q

In order to disable a system-assigned managed identity from an Azure VM, your account needs which role assignment?

A

Virtual Machine Contributor

105
Q

True/False

A user has inadvertently deleted an Azure Key Vault object. Can this object be recovered?

A

True

106
Q

Can you scale a Premium cache to a Basic cache?

A

No. You cannot scale from Premium to Basic

107
Q

You need to configure data persistence in Azure Cache for Redis. Which Redis Cache tier supports this?

A

Premium

108
Q

If you do not define a TTL (time-to-live) on a cached file, what is the default TTL that Azure CDN automatically applies for web delivery optimizations?

A

7 days

109
Q

When purgin an Azure CDN, how do you force a downstream client to request the latest file version?

A

Use query string caching

Give the file a unique name each time you update it

110
Q

A developer creates a CDN profile and an endpoint. The content is not available, and users are receiving an HTTP 40 error when accessing the CDN URL. What is a possible cause?

A

The endpoint has not had time to propagate thorughout the CDN

111
Q

You are developing a CDN that requires asset preloading. Which of the following Azure CDN products support this requirement?

A

Premium Verizon

Standard Verizon

112
Q

True/False:
A team is creating resources using ARM templates. The team needs to order the resources in the order it wants them deployed

A

False

113
Q

To create a container with a large partition key using the .NET SDK, which property should you specify?

A

PartitionKeyDefinitionVersion.V2

114
Q

Based on the Azure Portal navigation pane shown here, where would a developer navigate to create autoscale rules for Azure App Service?

A

Monitor

115
Q

A developer is creating an Azure Logic Apps customer connector that will require authentication. What authentication types are currently supported by Azure Logic Apps?

A

OAuth 2.0

API key-based authentication

116
Q

A team is deploying a new Linux app to Azure App Service. Which of the following is not a viable deployment source?

A

Dropbox folder

117
Q

What methods can a developer use to create an Azure API Management service instance?

A

Powershell

Azure Portal

118
Q

True/False

When sessions are enabled on a Service Bus queue, the client application can still send and receive regular messages

A

False

119
Q

True/False

Azure Notification Hub can be configured to send text messages and emails

A

False

120
Q

You are creating an Azure logic app. Which attribute is required in the workflow definition structure?

A

Definition

121
Q

True/False:

An existing VM can be added to an availability set.

A

False

122
Q

You are a developer working for X7Z Corp. and need to get a list of VM publishers that are using PowerShell. What command should you run?

A

Get-AzVMImagePublisher

123
Q

The marketing department wants to create a product recommendation engine on your e-commerce site.
Which Comos DB API would you reommend for use in this case?

A

Gremlin (graph)

124
Q

A team wants to take advantage of Azure Cosmos DB’s global distribution. Which of the following is the optional parameter the team would set to specify the preferred location list when initializing a connection using the SQL SDK?

A

PreferredLocations

125
Q

To get the details of an Azure web app’s settings, which Azure CLI command should a developer execute?

A

az webapp config appsettings list

126
Q

A team needs a VM for a daily batch processing job. This workload runs overnight and can be interrupted. Which VM type would you recommend for this use case?

A

Spot instances

127
Q

True/False:

Azure CDN Resource Health can be used to monitor the health of individual Azure CDN endpoints.

A

False

128
Q

You are creating a content delivery network in Azure. What determines what resources can be cached?

A

HTTP response

129
Q

You are enabling Application Insights. If both agent-based monitoring and manual SDK-based instrumentation are detected, which will be honored?

A

Manual SDK-based instrumentation

130
Q

A team is implementing Azure Redis Cache. Two of the requirements are that the cache be geo-replicated and that it provide encryption in transit.
Which tier of Azure Redis Cache should the team select?

A

Premium

131
Q

True/False

Azure CDN Resource Health verifies individual CDN endpoints

A

False

132
Q

What types of shared access signatures (SASs) does Azure Storage support?

A

User-delegation SAS

Account-level SAS

133
Q

What does thee AddSignIn method do?

A

Adds the authentication service
Validates the issuer of the token
Configures options to read the configuration file
Ensures that the claims corresponding to name are mapped from the preferred_username claim in the ID token

134
Q

In the television advert company, which technology would you use for the feedback collection process?

A

Azure App Service WebJobs

135
Q

In the merged camera company, which technology would you use for the lens quality control procedure?

A

Azure Logic Apps

136
Q

The container that groups functions into a logical unit for easier management, deployment, and sharing of resources is:

A

Function App