AZ-900

Question 1

______ are physically separate datacenters within an azure region

Availability zones
Geographies
Region pairs

Answer 1

*Availability zones

Availability zones are physically separate datacenters within an azure region. Each availability zone is made up one or more datacenters equipped with independent power, cooling and networking.

Question 2

In a region pair, a region is paired with another region in the same _____

Availability Zone
Datacenter
Geography

Answer 2

*Geography

Each Azure region is always paired with another region within the same geography, such as US, Europe or Asia at least 300 miles away.

Question 3

Which two components are created in an Azure subscription? Each correct answer presents a completed solution

Microsoft Entra user accounts
Management groups
Resource groups
Resources

Answer 3

*Resource groups
*Resources

Resources can only be associated with a single subscription. Subscriptions may be grouped into management groups. An account may be associated with multiple subscriptions.

Question 4

What is an azure storage account named storage001 an example of?
A resource
A resource group
A resource manager

Answer 4

*A resource

A resource is manageable item that is available through azure. Virtual machines, storage accounts, web apps, databases and virtual networks are examples of resources.

Question 5

For which resource does azure generate separate billing reports and invoices by default?

Accounts
Management groups
Resource groups
Subscriptions

Answer 5

*Subscriptions

Azure generates separate billing reports and invoices for each subscription so that you can organize and manage costs. Resource groups can be used to group costs, but you will not receive a separate invoice for each resource group. Management groups are used to efficiently manage access, policies, and compliance for subscriptions. You can set up billing profiles to roll up subscriptions into invoice sections.

Question 6

Which azure component allows you to replicate resources across a geography to ensure business continuity during a natural disaster at the primary site?

Availability sets
Availability zones
Azure virtual machine scale sets
Region pairs

Answer 6

*Region pairs

Region pairs allow the replication of Azure resources across geographies to help ensure that a secondary region is available in case of any disaster at the primary region

Question 7

What can you use to connect azure resources such as Azure SQL databases, to an azure virtual network?

ExpressRoute
Network security groups
Peering
Service endpoints

Answer 7

*Service endpoints

Service endpoints are used to expose azure services to a virtual network providing communication between the two. Express Route is used to connect an on-premises network to azure. NSGs allow you to configure inbound and outbound rules for virtual networks and virtual machines. Peering allows you to connect virtual networks together.

Question 8

How often should the Hot storage tier be accessed?

frequently
occasionally/ stored for at least 30 days
every 30 days
Rarely accessed

Answer 8

Accessed frequently

Hot tier is optimized for storing data that is accessed frequently

Question 9

How often should the Cool storage tier be accessed?

Everyday
Every 90 days
frequently
infrequently accessed/ stored for at least 30 days

Answer 9

Infrequently accessed and stored for at least 30 days

Question 10

How often should the Cold storage tier be accessed?

Frequently
Occasionally
Infrequently/stored for at least 30 days
Infrequently/stored for at least 90 days

Answer 10

Infrequently/stored for at least 90 days

Question 11

How often should the Archive storage tier be accessed?

Frequently
Never
Infrequently/Stored for at least 90 days
Infrequently/Stored for at least 180 days with flexible latency req.

Answer 11

Infrequently/Stored for at least 180 days with flexible latency req.

Question 12

Which two characteristics are common advantages of cloud computing
elimination of horizontal scaling

geo-distribution
high availability
Physical access to servers
SaaS

Answer 12

*geo-distribution
*high availability

Question 13

Which two services can you use to establish network connectivity between an on-premises network and azure resources?

Azure bastion
Azure firewall
Azure vpn gateway
Expressroute

Answer 13

*Azure vpn gateway
*Expressroute

Expressroute connections and azure vpn gateway are two services that you can use to connect an on prem network to azure. Bastion provides a web interface to remote administer azure vms by using ssh/rdp. Azure firewall is a stateful firewall services used to protect vms

Question 14

What two service allow you to run applications in containers? Each correct answer presents a complete solution

Azure container instances
Azure functions
Azure logic apps
Azure Kubernetes services

Answer 14

*Azure container instances
*Azure Kubernetes services

Containers are a virtualization environment. Much like running multiple vms on a single physical host, you can run multiple containers on a single physical or virtual host. Unlike virtual machines you do not manage the operating system for a container.

Question 15

Which storage service should you use to store thousands of files containing text and images?

Azure blob storage
Azure disk storage
Azure queue storage
Azure table storage

Answer 15

*Azure blob storage

Azure blob storage is an object storage solution that you can use to store massive amounts of unstructured data such as text or binary

Question 16

Which azure blob storage tier stores data offline and offers the lowest storage costs and the highest costs to access data?

Archive
Cool
Hot

Answer 16

*Archive

Archive storage tier stores data offline and offers the lowest storage costs, but also the highest costs to rehydrate and access data. The host storage tier is optimized for storing data that is access frequently. Data in the cool access tier can tolerate slightly lower availability, but still requires high durability, retravel latency and throughput characteristics similar to hot data.

Question 17

Which two scenarios are common use cases for azure blob storage?

Hosting aspx files for a website
Mounting a file storage share to be accessed as a virtual drive on multiple virtual machines
Serving images or documents directly to a browser
Storing data for backup and restore

Answer 17

*Serving images or documents directly to a browser
*Storing data for backup and restore

Low storage costs and unlimited file formats make blob storage a good location to store backups and archives. Blob storage can be reached from anywhere by using an internet connection. Azure disk storage provides disks for azure virtual machines.

Question 18

Which Azure Blob storage service tier has the highest storage costs and the fastest access times for reading and writing data?

Archive
Cool
Hot
Cold

Answer 18

*Hot

The Hot tier is optimized for storing data that is accessed frequently. The Cool access tier has a slightly lower availability SLA and higher access costs compared to hot data, which are acceptable trade-offs for lower storage costs. Archive storage stores data offline and offers the lowest storage costs, but also the highest costs to rehydrate and access data.

Question 19

What can you use to ensure that a user can only access applications from compliant devices?

Conditional access
Hybrid identity
Mfa
Sso

Answer 19

*Conditional access

Conditional Access is a feature that Microsoft Entra uses to allow or deny access to resources based on identity signals, such as the device being used. SSO enables a user to sign in one time and use that credential to access multiple resources and applications from different providers

Question 20

Which type of strategy uses a series of mechanisms to slow the advancement of an attack that aims to gain unauthorized access to data?
Defense in depth
Distributed denial of service
Least privileged access

Answer 20

*Defense in depth

A defense in depth strategy uses a series of mechanisms to slow the advancement of an attack that aims to gain unauthorized access to data.

Question 21

Which two services are provided by Microsoft Entra?

Authentication
Data encryption
Name resolution
Single sign on

Answer 21

*Authentication
*Single sign on

Azure AD provides services for verifying identity and access to applications and resources

Question 22

What are two basic services provided by all cloud providers?

Application development
Colocation
Compute
Storage

Answer 22

*Compute
*storage

All cloud providers provide compute and storage services. Colocation is when a business rents space in a shared physical datacenter. Application development is the responsibility of the customer and is typically done either in-house or through a third party.

Question 23

Why is cloud computing often less expensive than on-premises datacenters?

Cloud service offerings have limited functionality.
Network bandwidth is free.
Services are only offered in a single geographic location.
You are only billed for what you use

Answer 23

*You are only billed for what you use

Question 24

What is an advantage of cloud computing compared to on-premises deployments?
You can scale more quickly
You can work from multiple workstations
You have full access in case of internet outage
You own your CPUs

Answer 24

*You can scale more quickly

Question 25

Increasing compute capacity for an app by adding RAM or CPUs to a virtual machine is called

Disaster recovery
High availability
Horizontal scaling
Vertical Scaling

Answer 25

*Vertical Scaling

Question 26

Deploying and configuring cloud-based resources quickly as business requirements change is called

Agility
Elasticity
High availability
Scalability

Answer 26

*Agility

Agility means that you can deploy and configure cloud-based resources quickly as app requirements change.

Question 27

Increasing compute capacity for an app by adding instances of resources such as virtual machines is called

Disaster recovery
High availability
Horizonal scaling
Vertical scaling

Answer 27

*Horizonal scaling

Scaling horizontally increases compute capacity by adding instances of resources such as adding virtual machines to the configuration.

Question 28

What are cloud-based backup services, data replication, and geo-distribution features of?

A cost reduction plan
A disaster recovery plan
A hybrid cloud deployment
An elastic application configuration

Answer 28

*A disaster recovery plan

Question 29

An example of [____] is automatically scaling an application to ensure that the application has the resources needed to meet customer demands.

Agility
Elasticity
Geo-distribution
High availability

Answer 29

*Elasticity

Elasticity refers to the ability to scale resources as needed, such as during business hours, to ensure that an application can keep up with demand, and then reducing the available resources during off-peak hours.

Question 30

In cloud computing, [_______] allows you to deploy applications to regional datacenters around the world.

Disaster recovery
Elasticity
Geo-location
High availability

Answer 30

*Geo-location

You can deploy apps and data to regional datacenters around the globe, thereby ensuring that your customers always have the nest performance in their region. This is referred to as geo-distribution

Question 31

Which type of cloud service model is typically licensed through a monthly or annual subscription?

IaaS
PaaS
SaaS

Answer 31

*SaaS

SaaS is software that is centrally hosted and managed for you and your users or customers. Usually, one version of the application is used for all customers, and it is licensed through a monthly or annual subscription. PaaS and IaaS use a consumption-base model, so you only pay for what you use.

Question 32

In which cloud service model is the customer responsible for managing the operating system?

IaaS
PaaS
SaaS

Answer 32

*IaaS

IaaS consists of virtual machines and networking provided by the cloud provider.

Question 33

Which cloud service model is used by Azure SQL Database?

IaaS
PaaS
SaaS

Answer 33

*PaaS

Azure SQL Database is a PaaS database engine

Question 34

Which type of cloud service are virtual networks?

IaaS
PaaS
SaaS

Answer 34

*IaaS

IaaS helps you reduce the cost and complexity of maintaining a physical server and its datacenter infrastructure. Virtual networks are part of the IaaS cloud service

Question 35

You need to compare the costs of running an application in an on-premises datacenter with the costs of running the application in Azure. What should you use to assist you?

Azure advisor
Azure cost management
Azure pricing calculator
Total Cost of Ownership (TCO) Calculator

Answer 35

*Total Cost of Ownership (TCO) Calculator

Question 36

Which are two common scenarios for using resource tags?

Associating costs with different environments
Categorizing costs by department
Identifying lower cost regions
Resizing underutilized virtual machines

Answer 36

*Associating costs with different environments
*Categorizing costs by department

You can use tags to categorize costs by department , such as HR, IT, or by environment such as test or production.

Question 37

You plan to build a new solution in Azure that will use platform as a service (PaaS) products. What should you use to estimate the monthly costs?

Azure Advisor
Azure Cost Management
Azure pricing calculator
TOC calculator

Question 38

Which two features are available by using Azure Cost Management + Billing? Each correct answer presents a complete solution.

Create and manage budgets
Estimate the total cost of ownership before resources are deployed
Generate historical reports and forecast future usage
Provide discounted prices when you pay in advance

Answer 38

*Create and manage budgets
*Generate historical reports and forecast future usage

Azure Cost management allows you to create and manage cost and usage budgets by monitoring resource demand rends, consumption rates, and cost patterns.

Question 39

You have an Azure virtual machine that is accessed only between 9:00 and 17:00 each day. What should you do to minimize costs but preserve the associated hard disks and data?

Deallocate the virtual machine when it is not needed.
Delete the virtual machine when it is not needed.
Implement Privileged Identity Management.
Resize the virtual machine to smaller size.

Answer 39

*Deallocate the virtual machine when it is not needed.

If you have virtual machine workloads that are used only during certain periods, but you run them every hour of every day, then you are wasting money. These virtual machines are great candidates to deallocate when not in use and start back when required to save compute costs while the virtual machines are deallocated.

Question 40

You need to associate the costs of resources to different groups within an organization without changing the location of the resources.

Administrative units
Resource groups
Resource tags
Subscriptions

Answer 40

*Resource tags

Resource tags can be used to group billing data and categorize costs by runtime environment, such as billing usage for virtual machines running in a production environment.

Question 41

You need to recommend a solution for Azure virtual machine deployments. The solution must enforce company standards on the virtual machines.

Microsoft Intune compliance policy
Azure Cost Management
Azure Lock
Azure Policy

Answer 41

*Azure Policy

Azure policies will allow you to enforce company standards on new virtual machines when combined with Azure VM Image Builder and Azure Compute Gallery. By using Azure Policy and role-based access control (RBAC) assignments, enterprises can enforce standards on Azure resources. But on virtual machines, these mechanisms only affect the control plane or the route to the virtual machine.

Question 42

You need to ensure that multi-factor authentication (MFA) is enabled on accounts with write permissions in an Azure subscription. What should you implement?

Azure policy
Resource locks
Resource tags
Cloud adoption framework

Question 43

What can you use to ensure that a development team can only create virtual machines of a certain size?

Azure policy
Azure Blueprint
Cloud adoption framework

Answer 43

*Azure policy

Azure Policy enables you to define both individual policies and groups of related policies called initiatives. Azure Policy evaluates your resources and highlights resources that are not compliant with the policies you created. Azure Policy can also prevent noncompliant resources from being created.

Question 44

Which two actions can be performed by using Azure portal? Each correct answer presents a complete solution.
Create new resources
Create Microsoft entra user
Change availability zone
Assign deny permissions on a resource group

Question 45

What can you use to define the resources you want to provision in a declarative JSON forma

Azure CLI
Azure PowerShell
Azure Repos
Azure Resource Manager (ARM) templates

Answer 45

*Azure Resource Manager (ARM) templates

Question 46

What should you use to access Azure Cloud Shell? Select only one answer.

a web browser
CLI
Powershell

Answer 46

a web browser

Question 47

What can you use to create resources in Azure and includes a validation step to ensure all resources are created in a specific order based on dependencies, in parallel and idempotent?

Azure CLI
Azure PowerShell
Azure Resource Manager (ARM) templates
Azure REST API

Answer 47

*Azure Resource Manager (ARM) templates

Question 48

What provides recommendations to reduce the cost of Azure resources?

Azure Advisor
Azure Health Monitor
Azure Resources

Answer 48

*Azure Advisor

Question 49

Which Azure service evaluates Azure resources and makes recommendations to help improve reliability, security, performance, and cost reduction?

Azure Advisor
Log analytics
Azure Service Health

Answer 49

*Azure Advisor

Question 50

What can you use to get notification about an outage in a specific Azure region?
Select only one answer.

Azure Advisor
Azure Monitor
Azure Security Center
Azure Service Health

Answer 50

*Azure Service Health

Question 51

Which Azure service can generate an alert if virtual machine utilization is over 80% for five minutes?

Azure Advisor
Azure Monitor
Azure service health

Answer 51

*Azure Monitor

Azure Monitor is a platform for collecting, analyzing, visualizing, and alerting based on metrics. Azure Monitor can log data from an entire Azure and on-premises environment.