AZ-900

Question 1

What is the Azure Resource Manager?

Answer 1

A manager layer that is able to create, update, and delete resources accepting requests from Azure resources or APIs

Question 2

What is Azure Service Health?

Answer 2

Helps keep track of Azure resources by offering Azure status, Service Health, and Resource Health
- provides RCA reports after an outage

Question 3

What is Service Health?

Answer 3

A service that provides information about services and regions you are using
- notifies of Azure related service issues
- contains information about planned outages

Question 4

What is Resource Health

Answer 4

A service that provides a view of your individual resources

Question 5

What are factors that affect costs in Azure?

Answer 5

• resource type
• consumption
• maintenance
• geography
• subscription type
• Azure marketplace

Question 6

What is Application Insights?

Answer 6

A service that monitors web applications

Question 7

What is the SLA of a VM

Answer 7

99.9%

Question 8

What is the SLA of a VM Availability scale set?

Answer 8

99.95%

Question 9

What is the SLA of an Availability Zone

Answer 9

99.99%

Question 10

What is the SLA of geo-redundant storage

Answer 10

99.99…99% (sixteen 9s)

Question 11

What is Azure virtual networking?

Answer 11

A service that enables VMs, web apps, and DBs to communicate with each other

Question 12

What is Azure ExpressRoute?

Answer 12

A service that provides private connectivity that is not over the internet
- can extend on-prem network into the cloud over a private connection

Question 13

What is a Network Security Group?

Answer 13

A service that provides inbound and outbound security rules to filter traffic

Question 14

What is Locally Redundant Storage (LRS)?

Answer 14

replicates data 3x within a single availability zone

Question 15

What is Zone Redundant Storage (ZRS)?

Answer 15

replicates data across 3 availability zones in a primary region

Question 16

What is Geo-Redundant Storage?

Answer 16

replicates data 3x in a single availability zone in primary region (LRS) AND replicates data 3x in a single availability zone in secondary region (LRS)

Question 17

What is Geo-Zone-Redundant Storage?

Answer 17

replicates data across 3 availability zones in a primary region (ZRS) AND replicates data 3x in a single availability zone in secondary region (LRS)

Question 18

What are the dependent resources a VM must have?

Answer 18

• Azure Virtual Network
• NIC card
• OS disks
• resource group

Question 19

Up to how many levels can management groups support?

Answer 19

6 levels of depth

Question 20

Does Azure Cloud Shell provide a way to run Azure CLI and Azure PowerShell on IOS and Android devices?

Answer 20

Yes

Question 21

When a resource group is deleted, are the resources deleted?

Answer 21

Yes

Question 22

What resource is required to use Azure Cloud Shell?

Answer 22

Azure storage account

Question 23

What are characteristics of Azure DNS?

Answer 23

• Uses anycast networking
• You cannot buy the domain in Azure DNS
• supports private DNS domains

Question 24

What is Microsoft Entra External ID

Answer 24

refers to all the ways you can securely interact with users outside of your organization

Question 25

What are User Defined Routes

Answer 25

allows you to control the routing tables between subnets within a virtual network or between virtual networks

Question 26

Business to business (B2B) collaboration

Answer 26

Collaborate with external users by letting them use their preferred identity to sign-in to your Microsoft applications or other enterprise applications, guest users in AD

Question 27

B2B direct connect

Answer 27

Establish a mutual, two-way trust with another Microsoft Entra organization for seamless collaboration

Question 28

Microsoft Entra business to customer (B2C)

Answer 28

Publish modern SaaS apps or custom-developed apps (excluding Microsoft apps) to consumers and customers

Question 29

What are the benefits of Azure Virtual Networking?

Answer 29

• isolation and separation
• internet communications
• communicate between Azure resources
• communicate with on-prem resources
• route network traffic
• filter network traffic
• connect virtual networks

Question 30

virtual private network

Answer 30

uses encrypted tunnel within another network

Question 31

VPN gateway

Answer 31

deployed in a dedicated subnet of the virtual network to enable connection to:
- on-prem to virtual networks
- individual devices to virtual network
- virtual network to another

Question 32

What are the types of VPN

Answer 32

policy based and route based

Question 33

policy based VPN

Answer 33

specify statically the IP address of packets that should be encrypted

Question 34

route based VPN

Answer 34

decides which tunnel interface to use when sending each packet

Question 35

Is the archive access tier set at the storage account level?

Answer 35

No, it needs to be set at the blob level

Question 36

Does Azure Advisor give security recommendations to Azure AD?

Answer 36

No

Question 37

Microsoft Defender for Identity

Answer 37

helps secure your identity monitoring across your organization

Question 38

Microsoft Entra Connect

Answer 38

on-premises Microsoft application that’s designed to meet and accomplish your hybrid identity goals

Question 39

Azure File Sync

Answer 39

enables centralizing your organization’s file shares in Azure Files, while keeping the flexibility, performance, and compatibility of a Windows file server

Question 40

Virtual network peering

Answer 40

enables you to seamlessly connect two or more Virtual Networks in Azure

Question 41

Site-to-Site VPN Connection

Answer 41

used to connect your on-premises network to an Azure virtual network over an IPsec/IKE (IKEv1 or IKEv2) VPN tunnel

Question 42

point-to-site connection

Answer 42

connect individual devices to virtual network

Question 43

RBAC Contributor role

Answer 43

all access to manage resources, cannot assign roles

Question 44

RBAC Reader role

Answer 44

read only access to resources

Question 45

RBAC Owner role

Answer 45

all access to manage resources and ability to assign roles

Question 46

RBAC VM Contributor role

Answer 46

manage VM, cannot access them

Question 47

elasticity vs. scalability

Answer 47

elasticity: dynamic adjust to meet demand fluctuations
scalability: expand capacity to meet growing demands

Question 48

What is the minimum amount of availability zones a region must have if it is zone enabled?

Answer 48

3

Question 49

How many regions does a region pair have?

Answer 49

1

Question 50

Do all Azure regions have a pair?

Answer 50

Yes

Question 51

Is a resource group required when creating a resource?

Answer 51

Yes

Question 52

What are the use cases for VMs?

Answer 52

• testing/development
• running apps in cloud
• extend datacenter to cloud during disaster recovery

Question 53

Iaas use cases

Answer 53

• lift and shift
• testing/development

Question 54

PaaS use cases

Answer 54

• development framework
• analytics/business intelligence

Question 55

SaaS use cases

Answer 55

• email/messaging
• business productivity apps
• finance and expense tracking

Question 56

What are container instances?

Answer 56

Portable environment for virtualized applications

Question 57

Which services allow for even distribution of traffic across multiple servers?

Answer 57

Azure Application Gateway, Azure Load Balancer

Question 58

In a SaaS solution, what are you responsible for?

Answer 58

Configuring the solution

Question 59

Do resources inherit tags from subscriptions and resource groups?

Answer 59

No

Question 60

Are Azure policies inherited?

Answer 60

Yes

Question 61

What is the storage space amount for basic service tier?

Answer 61

10GB

Question 62

Azure IoT Hub

Answer 62

Enable highly secure and reliable communication between your Internet of Things (IoT) application and the devices it manages

Question 63

Azure data lake

Answer 63

a scalable data storage and analytics service

Question 64

Azure Synapse Analytics

Answer 64

a limitless analytics service that brings together enterprise data warehousing and Big Data analytics

Question 65

What is the structure of Azure Cosmos DB?

Answer 65

NoSQL, items are stored as JSON

Question 66

If Microsoft plans to end support for a service, they will provide a notification __________ before

Answer 66

12 months

Question 67

Azure AD Identity Protection

Answer 67

calculates a risk score based on previous logon behavior by the user

Question 68

Microsoft Entra Privileged Identity Management

Answer 68

a service in Microsoft Entra ID that enables you to manage, control, and monitor access to important resources in your organization

Question 69

Azure AD Connect Health

Answer 69

monitors your on-premises identity infrastructure in real time

Question 70

Trust Center

Answer 70

used to show Azure’s compliance

Question 71

Azure Logic App

Answer 71

create and run automated workflows with little to no code

Question 72

Azure Queue

Answer 72

storing large number of messages

Question 73

Azure disks

Answer 73

block level storage volumes

Question 74

How is the data accessed from archive tiers of storage accounts?

Answer 74

must be rehydrated before the data can be accessed

Question 75

Can you create group policies in AD?

Answer 75

No

Question 76

Azure DevTest Labs

Answer 76

helps developers and testers quickly create and delete environments to deploy and test

Question 77

Can an Azure subscription only be managed using a Microsoft Account?

Answer 77

No

Question 78

Does Azure AD let you set dynamic membership rules?

Answer 78

Yes

Question 79

Hot tier

Answer 79

data that is accessed or modified frequently

Question 80

Cool tier

Answer 80

storing data that is infrequently accessed or modified ~ 30

Question 81

Archive tier

Answer 81

storing data that is rarely accessed ~ 180

Question 82

DDoS Protection plan

Answer 82

used to protect against DDoS attacks

Question 83

Azure Firewall

Answer 83

provides threat protect for cloud workloads

Question 84

Azure Traffic Manager

Answer 84

DNS load balancing solution

Question 85

Can you create multiple domains for a single Azure AD directory?

Answer 85

False

Question 86

Azure Active Directory Domain Services

Answer 86

part of Microsoft Entra that enables you to use managed domain services

Question 87

Are locks inherited?

Answer 87

Yes

Question 88

Do can multiple locks be applied to a resource?

Answer 88

Yes

Question 89

cold tier

Answer 89

storing data that is infrequently accessed or modified ~ 90

Question 90

What version of storage accounts supports GZRS?

Answer 90

general purpose v2 storage

Question 91

What Azure storage services supports GZRS?

Answer 91

all Azure storage services

Question 92

Is data copied to an Azure storage account automatically backed up to another data center?

Answer 92

No, depends on storage replication option

Question 93

How much data and files can a storage account contain?

Answer 93

limit ~2PB of data

Question 94

Does Windows PowerShell support Bash CLI or Azure CLI?

Answer 94

Both

Question 95

Does every Azure region have multiple data centers?

Answer 95

Yes, an Azure region is made up of data centers

Question 96

Availability zones

Answer 96

areas in a region with a physical separation of ~75 miles and is used to protect your apps and data from datacenter failures

Question 97

regional pairs

Answer 97

tie regions that have a physical separation of at least 300 miles

Question 98

Which performance option (premium or standard) should you choose for low latency scenarios while creating Azure Storage account?

Answer 98

Premium

Question 99

Microsoft Defender for Cloud

Answer 99

streamlines the process for meeting regulatory compliance requirements
- monitors Azure resources and on-prem resources

Question 100

For general purpose v2 Azure storage accounts, are you charged for read and write operations?

Answer 100

Yes, the amount of data is stored is also charged

Question 101

Does copying data from on-prem network over VPN generate additional data transfer costs?

Answer 101

No, traffic coming into the cloud is not charged. Traffic out of the cloud is charged

Question 102

VM

Answer 102

provide OS virtualization

Question 103

blob storage

Answer 103

storage service for large objects (video files and bitmaps)

Question 104

What layer is ExpressRoute at in the OSI Layer?

Answer 104

3

Question 105

What are the length of terms for Azure Reserved VMs?

Answer 105

1 and 3 years

Question 106

What is the longest term you can purchase Azure Reserved VM instances?

Answer 106

3 years

Question 107

What resources can be used as a source for a NSG inbound security rule?

Answer 107

IP address, Service Tags, and Application service groups

Question 108

Azure Arc

Answer 108

set of technologies that helps manage cloud environment, specifically by extending Azure compliance and monitoring to hybrid and multi cloud configurations

Question 109

Azure Kubernetes Service (AKS)

Answer 109

manages the lifecycle of containers

Question 110

AzCopy

Answer 110

used to copy blobs or files to or from storage account

Question 111

What levels can policies be set at?

Answer 111

Any

Question 112

Microsoft Purview

Answer 112

family of data governance, risk, and compliance solutions that helps get single view of data

Question 113

What is a use case for a VPN gateway?

Answer 113

connecting an on-premises datacenter to an Azure virtual network

Question 114

VM availability sets?

Answer 114

ensures staggered updates and varied power and network connectivity

Question 115

VM update domain

Answer 115

VMs that update at the same time

Question 116

VM fault domain

Answer 116

VMs with the same power source and network switch

Question 117

Azure CLI

Answer 117

CLI installable on Windows, macOS, Linux
- runs in Windows PowerShell, Cmd, Bash, other Unix Shells
- commands are like bash

Question 118

Azure PowerShell

Answer 118

PowerShell module installable on Windows, macOS, Linux
- runs in Windows PowerShell or PowerShell
- commands are verbs