AZ-900 Flashcards
Your company intends to subscribe to an Azure support plan.
The support plan must allow for new support requests to be opened.
Which of the following are support plans that will allow this? Answer by dragging the correct option from the list to the answer area.
BASIC
DEVELOPER
STANDARD
PROFESSIONAL DIRECT
Your company is planning to migrate all their virtual machines to an Azure pay-as-you-go subscription. The virtual machines are currently hosted on the Hyper-V hosts in a data center.
You are required make sure that the intended Azure solution uses the correct expenditure model.
Solution: You should recommend the use of the elastic expenditure model.
Does the solution meet the goal?
A.
Yes
B.
No
No
An Azure subscription can be associated to multiple Azure Active Directory (Azure AD) tenants?
No
You can change the Azure Active Directory (Azure AD) tenant to which an Azure subscription is associated?
Yes
This process is known as transferring a subscription to a different Azure AD tenant.
When an Azure subscription expires, the associated Azure Active Directory (Azure AD) tenant is deleted automatically?
No
Resource groups provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
Management groups
C.
Azure policies
D.
Azure App Service plans
Management groups
Your company plans to migrate to Azure.
The company has several departments. All the Azure resources used by each department will be managed by a department administrator.
What are two possible techniques to segment Azure for the departments? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
multiple subscriptions
B.
multiple Azure Active Directory (Azure AD) directories
C.
multiple regions
D.
multiple resource groups
multiple subscriptions
multiple resource groups
A single Microsoft account can be used to manage multiple Azure subscriptions?
Yes
Two Azure subscriptions can be merged into a single subscription?
No
A company can use resources from multiple subscriptions?
Yes
You have several virtual machines in an Azure subscription.
You create a new subscription.
The virtual machines cannot be moved to the new subscription.
The virtual machines can be moved to the new subscription.
The virtual machines can be moved to the new subscription only if they are
all in the same resource group.
The virtual machines can be moved to the new subscription only if they run
Windows Server 2016.
The virtual machines can be moved to the new subscription.
You have an Azure environment that contains multiple Azure virtual machines.
You plan to implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines.
You need to recommend which Azure resources must be created for the planned solution.
Which two Azure resources should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.
a virtual network gateway
B.
a load balancer
C.
an application gateway
D.
a virtual network
E.
a gateway subnet
a virtual network gateway
a virtual network
You attempt to create several managed Microsoft SQL Server instances in an Azure environment and receive a message that you must increase your Azure subscription limits.
What should you do to increase the limits?
A.
Create a service health alert
B.
Upgrade your support plan
C.
Modify an Azure policy
D.
Create a new support request
Create a new support request
Each Azure subscription can contain multiple account administrators?
No
Each Azure subscription can be managed by using a Microsoft account only?
No
An Azure resource group contains multiple Azure subscriptions?
No
Availability zones can be implemented in all Azure regions?
No
Only virtual machines that run Windows Server can be created in availability zones?
No
Availability zones are used to replicate data and applications to multiple regions?
No
You plan to create an Azure virtual machine.
You need to identify which storage service must be used to store the unmanaged data disks of the virtual machine.
What should you identify? To answer, select the appropriate service in the answer area.
Hot Area:
Containers
Your company is planning to migrate all their virtual machines to an Azure pay-as-you-go subscription. The virtual machines are currently hosted on the Hyper-V hosts in a data center.
You are required make sure that the intended Azure solution uses the correct expenditure model.
Solution: You should recommend the use of the scalable expenditure model.
Does the solution meet the goal?
A.
Yes
B.
No
No
Your company plans to move several servers to Azure.
The company’s compliance policy states that a server named FinServer must be on a separate network segment.
You are evaluating which Azure services can be used to meet the compliance policy requirements.
Which Azure solution should you recommend?
A.
a resource group for FinServer and another resource group for all the other servers
B.
a virtual network for FinServer and another virtual network for all the other servers
C.
a VPN for FinServer and a virtual network gateway for each other server
D.
one resource group for all the servers and a resource lock for FinServer
a virtual network for FinServer and another virtual network for all the other servers
You plan to map a network drive from several computers that run Windows 10 to Azure Storage.
You need to create a storage solution in Azure for the planned mapped drive.
What should you create?
A.
an Azure SQL database
B.
a virtual machine data disk
C.
a File service in a storage account
D.
a Blob service in a storage account
a File service in a storage account
You plan to implement an Azure database solution.
You need to implement a database solution that meets the following requirements:
✑ Can add data concurrently from multiple regions
✑ Can store JSON documents
Which database service should you deploy? To answer, select the appropriate service in the answer area.
Azure Cosmos DB
Your company plans to start using Azure and will migrate all its network resources to Azure.
You need to start the planning process by exploring Azure.
What should you create first?
A.
a subscription
B.
a resource group
C.
a virtual network
D.
a management group
a subscription
All the Azure resources deployed to a resource group must use the same Azure region?
No
If you assign a tag to a resource group, all the Azure resources in that resource group are assigned to the same tag?
No
If you assign permissions for a user to manage resource group, the user can manage all the Azure resources in that resource group?
Yes
Data that is stored in the Archive access tier of an Azure Storage account:
can be accessed at any time by using azcopy.exe.
can only be read by using Azure Backup.
must be restored before the data can be accessed.
must be rehydrated before the data can be accessed.
must be rehydrated before the data can be accessed.
You plan to deploy a critical line-of-business application to Azure.
The application will run on an Azure virtual machine.
You need to recommend a deployment solution for the application. The solution must provide a guaranteed availability of 99.99 percent.
What is the minimum number of virtual machines and the minimum number of availability zones you should recommend for the deployment? To answer, select the appropriate options in the answer area.
2
2
Which Azure service should you use to collect events from multiple resources into a centralized repository?
A.
Azure Event Hubs
B.
Azure Analysis Services
C.
Azure Monitor
D.
Azure Stream Analytics
Azure Event Hubs
An Availability Zone in Azure has physically separate locations:
across two continents.
within a single Azure region.
within multiple Azure regions.
within a single Azure datacenter.
within a single Azure region.
Data that is stored in an Azure Storage account automatically has at least three copies?
Yes
All data that is copied to an Azure Storage account is backed up automatically to another Azure data center?
No
An Azure Storage account can contain up to 2 TB of data and up to one million files?
No
Your company is planning to migrate all their virtual machines to an Azure pay-as-you-go subscription. The virtual machines are currently hosted on the Hyper-V hosts in a data center.
You are required make sure that the intended Azure solution uses the correct expenditure model.
Solution: You should recommend the use of the operational expenditure model.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
If you have Azure resources deployed to every region, you can implement availability zones in all the regions?
No
Only virtual machines that run Windows Server can be created in availability zones?
No
Availability zones are used to replicate data and applications to multiple regions?
No
North America is represented by a single Azure region?
No
Every Azure region has multiple datacenters?
Yes
Data transfers between Azure services located in different Azure regions are always free?
No
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more scale sets.
Does this meet the goal?
A.
Yes
B.
No
No
You need to be notified when Microsoft plans to perform maintenance that can affect the resources deployed to an Azure subscription.
What should you use?
A.
Azure Monitor
B.
Azure Service Health
C.
Azure Advisor
D.
Microsoft Trust Center
Azure Service Health
Match the Azure Services service to the correct description.
Instructions: To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
IoT Hub
IoT Central
Azure Sphere
A Windows Virtual Desktop session host can run Windows 10 only?
No
A Windows Virtual Desktop host pool that includes 20 session hosts supports a maximum of 20 simultaneous user connections?
No
Windows Virtual Desktop supports desktop and app virtualization?
Yes
_____ can calculate cost savings due to reduced electricity consumption as a result of migrating on-premises Microsoft SQL servers to Azure.
The Azure Migrate: Server Assessment tool
The Azure Total Cost of Ownership (TCO) calculator
The Database Migration Assistant
The pricing calculator in Azure
The Azure Total Cost of Ownership (TCO) calculator
An Azure subscription can have multiple account administrators?
No
An Azure subscription can be managed by using a Microsoft account only?
No
An Azure resource group can contain multiple Azure subscriptions?
No
A cloud service that supports a maximum of 20 instances is more _____ than a service that supports a maximum of five instances
distributed
scalable
secure
scalable
You are required to deploy an Artificial Intelligence (AI) solution in Azure.
You want to make sure that you are able to build, test, and deploy predictive analytics for the solution.
Solution: You should make use of Azure Cosmos DB.
Does the solution meet the goal?
A.
Yes
B.
No
No
To use Azure Active Directory (Azure AD) credentials to sign in to a computer that
runs Windows 10, the computer must be joined to Azure AD?
Yes
Users in Azure Active Directory (Azure AD) are organized by using resource groups?
No
Azure Active Directory (Azure AD) groups support dynamic membership rules?
Yes
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines remain available if a single data center fails.
What are two possible solutions? Each correct answer presents a complete solution.
A.
Deploy the virtual machines to two or more availability zones.
B.
Deploy the virtual machines to two or more resource groups.
C.
Deploy the virtual machines to a scale set.
D.
Deploy the virtual machines to two or more regions.
Deploy the virtual machines to two or more availability zones.
Deploy the virtual machines to two or more regions.
You plan to deploy 20 virtual machines to an Azure environment. To ensure that a virtual machine named VMI cannot connect to the other virtual machines, VM1 must:
be deployed to a separate virtual network.
run a different operating system than the other virtual machines.
be deployed to a separate resource group.
have two network interfaces.
be deployed to a separate virtual network.
Match the Azure service to the appropriate description.
To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
azure synapse analytics
Azure cosmos
Azure HDInsight
The Archive access tier is set at the storage account level?
No
The Archive access tier is set at the individual blob level. While the Hot and Cool access tiers can be set at the storage account level.
The Hot access tier is recommended for data that is accessed and modified frequently?
Yes
The Cool access tier is recommended for long term backups?
No
What is the most severe failure from which an Azure Availability Zone can be used to protect access to Azure service?
A.
a physical server failure
B.
an Azure region failure
C.
a storage failure
D.
an Azure data center failure
an Azure data center failure
You need to purchase a third-party virtual security appliance that you will deploy to an Azure subscription.
What should you use?
A.
Azure subscriptions
B.
Azure Security Center
C.
Azure Marketplace
D.
Microsoft Store
Azure Marketplace
Match the serverless solution to the correct characteristic.
To answer, drag the appropriate serverless solution from the column on the left to its characteristic on the right. Each serverless solution may be used once, more than once, or not at all.
Azure Functions
Logic Apps
Logic Apps
Match the Azure governance feature to the correct description.
Policy = Restrict
Tag = Identify
BP = Deploy
An Availability Zone in Azure has
physically separate locations:
across two continents
within a single Azure region
within multiple Azure regions
within a single Azure datacenter
within a single Azure region
Your company’s Active Directory forest includes thousands of user accounts.
You have been informed that all network resources will be migrated to Azure. Thereafter, the on-premises data center will be retired.
You are required to employ a strategy that reduces the effect on users, once the planned migration has been completed.
Solution: You plan to sync all the Active Directory user accounts to Azure Active Directory (Azure AD).
Does the solution meet the goal?
A.
Yes
B.
No
Yes
Match the Azure services to the correct descriptions.
- Azure VM
- Azure Container Instances: Provide portable environment for virtualized applications
- Azure App Service: Used to build, deploy, and scale web apps.
- Azure Functions: Provide a platform for serverless code.
You have several virtual machines in an Azure subscription. You create a new subscription.
The virtual machines cannot be moved to the new subscription.
The virtual machines can be moved to the new subscription.
The virtual machines can be moved to the new subscription only if they are all in the same resource group.
The virtual machines can be moved to the new subscription only if they run Windows Server 2019
The virtual machines can be moved to the new subscription.
You need to purchase a third-party virtual security appliance that you will deploy to an Azure subscription.
What should you use?
A.
Azure subscriptions
B.
Microsoft Defender for Cloud
C.
Azure Marketplace
D.
Microsoft Store
Azure Marketplace
You plan to deploy a service to Azure virtual machines.
You need to ensure that the service will be available if a datacenter fails.
What should you use as part of the virtual machine deployment?
A.
availability sets
B.
proximity placement groups
C.
host groups
D.
availability zones
availability zones
_____ is a highly secure loT solution that includes a microcontroller unit (MCU) and a customized Linux operating system.
Azure Arc
Azure loT Central
Azure loT Hub
Azure Sphere
Azure Sphere
Your company has an Azure subscription that contains resources in several regions.
You need to ensure that administrators can only create resources in those regions.
What should you use?
A.
a read-only lock
B.
an Azure policy
C.
a management group
D.
a reservation
an Azure policy
An Azure region:
contains one or more data centers that are connected by using a low-latency network.
is found in each country where Microsoft has a subsidiary office.
can be found in every country in Europe and the Americas only.
contains one or more data centers that are
connected by using a high-latency network.
contains one or more data centers that are connected by using a low-latency network.
You can use the Azure File Sync agent to sync on-premises data to an Azure:
blob container.
Data Lake Storage container.
file share.
queue.
file share
What is the function of a Site-to-Site VPN?
A.
provides a secure connection between a computer on a public network and the corporate network
B.
provides a dedicated private connection to Azure that does NOT travel over the internet
C.
provides a connection from an on-premises VPN device to an Azure VPN gateway
provides a connection from an on-premises VPN device to an Azure VPN gateway
Match the cloud service models to the appropriate offerings.
PaaS
IaaS
SaaS
You are required to deploy an Artificial Intelligence (AI) solution in Azure.
You want to make sure that you are able to build, test, and deploy predictive analytics for the solution.
Solution: You should make use of Azure Machine Learning Studio.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
Match the cloud service models to the appropriate solutions.
IaaS
SaaS
PaaS
You need to manage containers.
Which two services can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Azure Virtual Desktop
B.
Azure virtual machines
C.
Azure Functions
D.
Azure Container Instances
E.
Azure Kubernetes Service (AKS)
Azure Container Instances
Azure Kubernetes Service (AKS)
When you need to delegate permissions to several Azure virtual machines simultaneously, you must deploy the Azure virtual machines _____:
to the same Azure region.
by using the same Azure Resource Manager template.
to the same resource group.
to the same availability zone.
to the same resource group.
In Azure, a resource group is a container that holds related resources for an Azure solution. By deploying virtual machines to the same resource group, you can manage permissions and access control policies efficiently across all those VMs. This allows you to apply Role-Based Access Control (RBAC) at the resource group level, simplifying the management of permissions for multiple resources.
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more availability zones.
Does this meet the goal?
A.
Yes
B.
No
Yes
This question requires that you evaluate the underlined text to determine if it is correct.
One of the benefits of Azure SQL Data Warehouse is that high availability is built into the platform.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
automatic scaling
C.
data compression
D.
versioning
No change is needed
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more regions.
Does this meet the goal?
A.
Yes
B.
No
Yes
An Azure container instance is an example of an Azure _____:
compute service.
identity service.
networking service.
storage service.
compute service.
At which OSI layer does ExpressRoute operate?
A.
Layer 2
B.
Layer 3
C.
Layer 5
D.
Layer 7
Layer 3
Application Insights is a feature of:
Azure Advisor.
Azure Application Gateway.
Azure Arc.
Azure Monitor.
Azure Monitor
Azure resources can only access other resources in the same resource group?
No
If you delete a resource group, all the resources in the resource group will be deleted?
Yes
A resource group can contain resources from multiple Azure regions?
Yes
Your company’s infrastructure includes a number of business units that each need a large number of various Azure resources for everyday operation.
The resources required by each business unit are identical.
You are required to sanction a strategy to create Azure resources automatically.
Solution: You recommend that the Azure API Management service be included in the strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
You plan to store 20 TB of data in Azure. The data will be accessed infrequently and visualized by using Microsoft Power BI.
You need to recommend a storage solution for the data.
Which two solutions should you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Azure Data Lake
B.
Azure Cosmos DB
C.
Azure SQL Data Warehouse
D.
Azure SQL Database
E.
Azure Database for PostgreSQL
Azure Data Lake
Azure SQL Data Warehouse/Synapse
You have an Azure environment that contains 10 web apps. To which URL should you connect to manage all the Azure resources? To answer, select the appropriate options in the answer area.
portal.azure
Arrange the storage account redundancy options from the least redundant to the most redundant. To answer, move all options from the list of options to the answer area and arrange them in the correct order.
Locally-redundant storage (LRS)
Zone-redundant storage (ZRS)
Geo-redundant storage (GRS)
Azure Blob Storage is a _____
data store for queuing and reliably delivering messages between applications.
file share that can be mapped as a network drive.
key/attribute store for non-relational, structured data.
storage service optimized for very large objects, such as video files and bitmaps.
storage service optimized for very large objects, such as video files and bitmaps.
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs Linux and has the Azure CLI tools installed.
Does this meet the goal?
A.
Yes
B.
No
No
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs Chrome OS and uses Azure Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
From Azure Service Health, an administrator can view the health of all the services in an Azure environment?
Yes
From Azure Service Health, an administrator can create a rule to be alerted if an Azure service fails?
Yes
From Azure Service Health, an administrator can prevent a service failure?
No
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs macOS and has PowerShell Core 6.0 installed.
Does this meet the goal?
A.
Yes
B.
No
No
You need to view a list of planned maintenance events that can affect the availability of an Azure subscription.
Which blade should you use from the Azure portal? To answer, select the appropriate blade in the answer area.
In the left-hand navigation menu, search for and select “Service Health.”
In the Service Health blade, you can view “Planned Maintenance” events, along with other notifications related to the status of Azure services.
Match the Azure service to the correct definition.
DevOps = code deploy
Advisor = guidance
Cognitive = Intelligence
Insight = Monitor
Your company’s infrastructure includes a number of business units that each need a large number of various Azure resources for everyday operation.
The resources required by each business unit are identical.
You are required to sanction a strategy to create Azure resources automatically.
Solution: You recommend that management groups be included in the strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
Match the Azure service to the correct description.
Azure SQL Database
Azure SQL Synapse Analytics
Azure Data Lake Analytics
Azure HDInsight.
You need to identify which blades in the Azure portal must be used to perform the following tasks:
✑ View security recommendations.
✑ Monitor the health of Azure services.
✑ Browse available virtual machine images.
Which blade should you identify for each task? To answer, select the appropriate options in the answer area.
Monitor
Marketplace
Advisor
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use Bash in Azure Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an on-premises application that sends email notifications automatically based on a rule.
You plan to migrate the application to Azure.
You need to recommend a serverless computing solution for the application.
What should you include in the recommendation?
A.
a web app
B.
a server image in Azure Marketplace
C.
a logic app
D.
an API app
a logic app
You plan to deploy a website to Azure. The website will be accessed by users worldwide and will host large video files.
You need to recommend which Azure feature must be used to provide the best video playback experience.
What should you recommend?
A.
an application gateway
B.
an Azure ExpressRoute circuit
C.
a content delivery network (CDN)
D.
an Azure Traffic Manager profile
a content delivery network (CDN)
Your company plans to deploy several million sensors that will upload data to Azure.
You need to identify which Azure resources must be created to support the planned solution.
Which two Azure resources should you identify? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.
Azure Data Lake
B.
Azure Queue storage
C.
Azure File Storage
D.
Azure IoT Hub
E.
Azure Notification Hubs
Azure Data Lake
Azure IoT Hub
You have an Azure web app.
You need to manage the settings of the web app from an iPhone.
What are two Azure management tools that you can use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Azure CLI
B.
the Azure portal
C.
Azure Cloud Shell
D.
Windows PowerShell
E.
Azure Storage Explorer
the Azure portal
Azure Cloud Shell
Your company plans to deploy an Artificial Intelligence (AI) solution in Azure.
What should the company use to build, test, and deploy predictive analytics solutions?
A.
Azure Logic Apps
B.
Azure Machine Learning Designer
C.
Azure Batch
D.
Azure Cosmos DB
Azure Machine Learning Designer
Azure Advisor can generate a list of Azure virtual machines that are protected by
Azure Backup?
No
If you implement the security recommendations provided by Azure Advisor, your company’s secure score will decrease?
No
To maintain Microsoft support, you must implement the security recommendations
provided by Azure Advisor within a period of 30 days?
No
What can you use to automatically send an alert if an administrator stops an Azure virtual machine?
A.
Azure Advisor
B.
Azure Service Health
C.
Azure Monitor
D.
Azure Network Watcher
Azure Monitor
Your company’s infrastructure includes a number of business units that each need a large number of various Azure resources for everyday operation.
The resources required by each business unit are identical.
You are required to sanction a strategy to create Azure resources automatically.
Solution: You recommend that the Azure Resource Manager templates be included in the strategy.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
Match the Azure services to the correct descriptions.
Azure SQL Synapse Analytics
Azure Machine Learning
Azure Functions
IoT Hub
You have an Azure environment.
You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
What are three possible solutions? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Use Bash in Azure Cloud Shell.
B.
Use PowerShell in Azure Cloud Shell.
C.
Use the PowerApps portal.
D.
Use the Security & Compliance admin center.
E.
Use the Azure portal.
Use Bash in Azure Cloud Shell.
Use PowerShell in Azure Cloud Shell.
Use the Azure portal.
A team of developers at your company plans to deploy, and then remove, 50 virtual machines each week. All the virtual machines are configured by using Azure
Resource Manager templates.
You need to recommend which Azure service will minimize the administrative effort required to deploy and remove the virtual machines.
What should you recommend?
A.
Azure Reserved Virtual Machine (VM) Instances
B.
Azure DevTest Labs
C.
Azure virtual machine scale sets
D.
Azure Virtual Desktop
Azure DevTest Labs
Azure Advisor provides recommendations on how to improve the security of an Azure Active Directory (Azure AD) environment?
Yes
Azure Advisor provides recommendations on how to reduce the cost of running Azure virtual machines?
Yes
Azure Advisor provides recommendations on how to configure the network settings on Azure virtual machines?
Yes
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From the Azure portal, launch Azure Cloud Shell and select PowerShell. Run the command in Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS
–generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From a computer that runs Windows 10, install Azure CLI. From PowerShell, sign in to Azure and then run the command.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS
–generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From a computer that runs Windows 10, install Azure CLI. From a command prompt, sign in to Azure and then run the command.
Does this meet the goal?
A.
Yes
B.
No
Yes
Azure CLI, Azure Portal, Azure Powershell for all
You can access Compliance Manager
from the ______
Azure Active Directory admin center
Azure portal
Microsoft 365 admin center
Microsoft Service Trust Portal
Azure portal
_____ a common platform for deploying objects to a cloud infrastructure and for implementing consistency across the Azure environment.
Azure policies provide
Resource groups provide
Azure Resource Manager templates provide
Management groups provide
Azure Resource Manager templates provide
You are tasked with deploying a critical LOB application, which will be installed on a virtual machine, to Azure.
You are informed that the application deployment strategy should allow for a guaranteed availability of 99.99 percent. You need to make sure that the strategy requires as little virtual machines and availability zones as possible.
Solution: You include two virtual machines and one availability zone in your strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
Azure Bot
Azure ML
Azure Functions
Azure IoT Hub
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs Windows 10 and has the Azure PowerShell module installed.
Does this meet the goal?
A.
Yes
B.
No
Yes
Azure VM
Azure Container
Azure App
Azure Functions
Which service provides serverless computing in Azure?
A.
Azure Virtual Machines
B.
Azure Functions
C.
Azure storage account
D.
Azure dedicated hosts
Azure Functions
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Which three computers can run the script? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
a computer that runs macOS and has PowerShell Core 6.0 installed.
B.
a computer that runs Windows 10 and has the Azure PowerShell module installed.
C.
a computer that runs Linux and has the Azure PowerShell module installed.
D.
a computer that runs Linux and has the Azure CLI tools installed.
E.
a computer that runs Chrome OS and uses Azure Cloud Shell.
A. a computer that runs macOS and has PowerShell Core 6.0 installed.
B. a computer that runs Windows 10 and has the Azure PowerShell module installed.
C. a computer that runs Linux and has the Azure PowerShell module installed.
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From the Azure portal, launch Azure Cloud Shell and select Bash. Run the command in Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
Your company has several business units.
Each business unit requires 20 different Azure resources for daily operation. All the business units require the same type of Azure resources.
You need to recommend a solution to automate the creation of the Azure resources.
What should you include in the recommendations?
A.
Azure Resource Manager templates
B.
virtual machine scale sets
C.
the Azure API Management service
D.
management groups
Azure Resource Manager templates
You can use Azure Cost Management to view costs associated to management groups?
Yes
You can use Azure Cost Management to view costs associated to resource groups?
Yes
You can use Azure Cost Management to view the usage of virtual machines during the last three months?
Yes
What can you use to identify underutilized or unused Azure virtual machines?
A.
Azure Advisor
B.
Azure Cost Management + Billing
C.
Azure reservations
D.
Azure Policy
Azure Advisor
Your company has datacenters in Los Angeles and New York. The company has a Microsoft Azure subscription.
You are configuring the two datacenters as geo-clustered sites for site resiliency.
You need to recommend an Azure storage redundancy option.
You have the following data storage requirements:
✑ Data must be stored on multiple nodes.
✑ Data must be stored on nodes in separate geographic locations.
✑ Data can be read from the secondary location as well as from the primary location
Which of the following Azure stored redundancy options should you recommend?
A.
Geo-redundant storage
B.
Read-only geo-redundant storage
C.
Zone-redundant storage
D.
Locally redundant storage
Read-only geo-redundant storage
You are tasked with deploying a critical LOB application, which will be installed on a virtual machine, to Azure.
You are informed that the application deployment strategy should allow for a guaranteed availability of 99.99 percent. You need to make sure that the strategy requires as little virtual machines and availability zones as possible.
Solution: You include one virtual machine and two availability zones in your strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
_____ is an Apache Spark-based analytics service:
Azure Databricks
Azure Data Factory
Azure DevOps
Azure Synapse Analytics
Azure Databricks
You must have internet connectivity to manage cloud services?
Yes
You must install a management app to manage cloud services?
No
You can manage cloud services from any modern web browser?
Yes
Serverless —> Functions
big data analysis —> databricks
anomalies —> Insights
Host —> App Service
A team of developers at your company plans to deploy, and then remove, 50 customized virtual machines each week. Thirty of the virtual machines run Windows
Server 2016 and 20 of the virtual machines run Ubuntu Linux.
You need to recommend which Azure service will minimize the administrative effort required to deploy and remove the virtual machines.
What should you recommend?
A.
Azure Reserved Virtual Machines (VM) Instances
B.
Azure virtual machine scale sets
C.
Azure DevTest Labs
D.
Microsoft Managed Desktop
Azure DevTest Labs
Azure PowerShell modules can be installed on macOS?
Yes
Azure Cloud Shell can be accessed from a web browser on a Linux computer?
Yes
The Azure portal can only be accessed from a Windows device?
No
A support engineer plans to perform several Azure management tasks by using the Azure CLI.
You install the CLI on a computer.
You need to tell the support engineer which tools to use to run the CLI.
Which two tools should you instruct the support engineer to use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Command Prompt
B.
Azure Resource Explorer
C.
Windows PowerShell
D.
Windows Defender Firewall
E.
Network and Sharing Center
Command Prompt
Windows PowerShell
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use PowerShell in Azure Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use the PowerApps portal.
Does this meet the goal?
A.
Yes
B.
No
No
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use the Azure portal.
Does this meet the goal?
A.
Yes
B.
No
Yes
_____ provides in-depth information about security, privacy, compliance offerings, policies, and features across:
The Microsoft 365 Compliance admin center
The Microsoft 365 Defender portal
Microsoft cloud products.
Microsoft Defender for Cloud in the Azure portal
Microsoft Trust Center
Microsoft Trust Center
You can manage an on-premises Windows server as an Azure resource by using:
Azure AD Connect.
Azure Arc.
an Azure Pipelines agent.
Azure VPN Gateway.
Azure Arc.
You can only manage cloud services from Windows devices?
No
You can manage cloud services from the command line?
Yes
You can manage cloud services by using a web browser?
Yes
_____ is an Apache Spark-based analytics service:
Azure Databricks
Azure Data Factory
Azure DevOps
Azure Synapse Analytics
Azure Databricks
Azure Monitor can monitor the performance of on-premises
computers?
Yes
Azure Monitor can send alerts to Azure Active Directory security groups?
No
Azure Monitor can trigger alerts based on data in an Azure Log Analytics?
Yes
Which Azure service provides a set of version control tools to manage code?
A.
Azure Repos
B.
Azure DevTest Labs
C.
Azure Storage
D.
Azure Cosmos DB
Azure Repos
You need to manage Azure by using Azure Cloud Shell.
Which Azure portal icon should you select? To answer, select the appropriate icon in the answer area.
Select the button on top right side which is similar to “>-“ signed.
You have a virtual machine named VM1 that runs Windows Server 2016. VM1 is in the East US Azure region.
Which Azure service should you use from the Azure portal to view service failure notifications that can affect the availability of VM1?
A.
Azure Service Fabric
B.
Azure Monitor
C.
Azure virtual machines
D.
Azure Advisor
Azure Monitor
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify an Azure Traffic Manager profile.
Does this meet the goal?
A.
Yes
B.
No
No
Your company plans to deploy several web servers and several database servers to Azure.
You need to recommend an Azure solution to limit the types of connections from the web servers to the database servers.
What should you include in the recommendation?
A.
network security groups (NSGs)
B.
Azure Service Bus
C.
a local network gateway
D.
a route filter
network security groups (NSGs)
From ______ you can view which user turned off a specific Azure Access Control IAM virtual machine during the last 14 days:
Azure Event Hubs
Azure Activity Log
Azure Service Health
Azure Activity Log
Your company’s developers intend to deploy a large number of custom virtual machines on a weekly basis. They will also be removing these virtual machines during the same week it was deployed. Sixty percent of the virtual machines have Windows Server 2016 installed, while the other forty percent has Ubuntu Linux installed.
You are required to make sure that the administrative effort, needed for this process, is reduced by employing a suitable Azure service.
Solution: You recommend the use of Microsoft Managed Desktop.
Does the solution meet the goal?
A.
Yes
B.
No
No
Which service provides network traffic filtering across multiple Azure subscriptions and virtual networks?
A.
Azure Firewall
B.
an application security group
C.
Azure DDoS protection
D.
a network security group (NSG)
Azure Firewall
Which Azure service should you use to store certificates?
A.
Azure Security Center
B.
an Azure Storage account
C.
Azure Key Vault
D.
Azure Information Protection
Azure Key Vault
Which Azure service can you use as a security information and event management (SIEM) solution?
A.
Azure Analysis Services
B.
Azure Sentinel
C.
Azure Information Protection
D.
Azure Cognitive Services
Azure Sentinel
Azure Sentinel stores collected events in an Azure Storage account?
Yes
Azure Sentinel can remediate incidents
automatically?
Yes
Azure Sentinel can collect Windows Defender Firewall logs from Azure virtual machines?
Yes
Azure Sentinel, Azure Security Center, Azure Key Vault
Azure Firewall will encrypt all the network traffic sent from Azure to the Internet?
No
A network security group (NSG) will encrypt all the network traffic sent
from Azure to the Internet?
No
Azure virtual machines that run Windows Server 2016 can encrypt network traffic sent to the Internet?
No
Azure Security Center can monitor Azure resources and on-premises resources?
Yes
All Azure Security Center features are free?
No
From Azure Security Center, you can download a Regulatory Compliance report?
Yes
You need to complete the defense-in-depth strategy used in a datacenter.
Physical Security (Top)
Perimeter
Application
You have an Azure virtual machine named VM1.
You plan to encrypt VM1 by using Azure Disk Encryption.
Which Azure resource must you create first?
A.
an Azure Storage account
B.
an Azure Key Vault
C.
an Azure Information Protection policy
D.
an Encryption key
an Azure Key Vault
Which resources can be used as a source for a Network security group inbound security rule?
A.
Service Tags only
B.
IP Addresses, Service tags and Application security groups
C.
Application security groups only
D.
IP Addresses only
IP Addresses, Service tags and Application security groups
Your company’s developers intend to deploy a large number of custom virtual machines on a weekly basis. They will also be removing these virtual machines during the same week it was deployed. Sixty percent of the virtual machines have Windows Server 2016 installed, while the other forty percent has Ubuntu Linux installed.
You are required to make sure that the administrative effort, needed for this process, is reduced by employing a suitable Azure service.
Solution: You recommend the use of Azure Reserved Virtual Machines (VM) Instances.
Does the solution meet the goal?
A.
Yes
B.
No
No
Azure Sentinel uses playbooks to:
automatically respond to threats.
collect data from Azure services.
specify how long data is retained.
store passwords and certificates.
automatically respond to threats.
Azure distributed denial of service (DDOS) protection is an example of protection that is implemented at the:
application layer.
compute layer.
networking layer.
perimeter layer.
networking layer.
You have an Azure Sentinel workspace.
You need to automate responses to threats detected by Azure Sentinel.
What should you use?
A.
adaptive network hardening in Azure Security Center
B.
Azure Service Health
C.
Azure Monitor workbooks
D.
adaptive application controls in Azure Security Center
Azure Monitor workbooks.
- Microsoft Sentinel
- Microsoft Defender for Cloud
- Azure Key Vault
Which Azure service can you use as a security information and event management (SIEM) solution?
A.
Azure Analysis Services
B.
Microsoft Sentinel
C.
Azure Information Protection
D.
Azure Cognitive Services
Microsoft Sentinel
An Azure Policy initiative definition is a:
collection of policy definitions.
collection of Azure Policy definition assignments.
group of Azure Blueprints definitions
group of role-based access control (RBAC) role assignments.
collection of policy definitions.
You have an Azure subscription.
You need to review your secure score.
What should you use?
A.
Azure Monitor
B.
Azure Advisor
C.
Help + support
D.
Microsoft Defender for Cloud
Microsoft Defender for Cloud
You can enable just in time (JIT) VM access by using:
Azure Bastion
Azure Firewall
Azure Front Door
Microsoft Defender for Cloud
Microsoft Defender for Cloud
You can view your company’s regulatory compliance report from:
Azure Advisor
Azure Analysis Services
Azure Monitor
Microsoft Defender for Cloud
Microsoft Defender for Cloud
Your company’s developers intend to deploy a large number of custom virtual machines on a weekly basis. They will also be removing these virtual machines during the same week it was deployed. Sixty percent of the virtual machines have Windows Server 2016 installed, while the other forty percent has Ubuntu Linux installed.
You are required to make sure that the administrative effort, needed for this process, is reduced by employing a suitable Azure service.
Solution: You recommend the use of Azure DevTest Labs.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
You need to collect and automatically analyze security events from Azure Active Directory (Azure AD).
What should you use?
A.
Microsoft Sentinel
B.
Azure Synapse Analytics
C.
Azure AD Connect
D.
Azure Key Vault
Microsoft Sentinel
_____ enables users to authenticate to multiple applications:
by using single sign-on (SSO).
Application security groups in Azure
Azure Active Directory (Azure AD)
Azure Key Vault
Microsoft Defender for Cloud
Azure Active Directory (Azure AD)/Microsoft Entra ID
A network security group (NSG) will block all network traffic by default?
No
Application security groups can be specified as part of network security group (NSG) rules?
Yes
Network security groups (NSGs) always include inbound security rules and outbound security rules?
Yes
Your company plans to automate the deployment of servers to Azure.
Your manager is concerned that you may expose administrative credentials during the deployment.
You need to recommend an Azure solution that encrypts the administrative credentials during the deployment.
What should you include in the recommendation?
A.
Azure Key Vault
B.
Azure Information Protection
C.
Microsoft Defender for Cloud
D.
Azure Multi-Factor Authentication (MFA)
Azure Key Vault
- single sign-on (SSO)
- authorisation
- MFA
After you create a virtual machine, you need to modify the to allow connections to TCP port 8080 on the virtual machine:
network security group (NSG)
virtual network gateway
virtual network
route table
network Security group (NSG)
Microsoft Sentinel uses playbooks to:
automatically respond to threats
visualize data collected by connectors
specify how long data is retained
store passwords and certificates
automatically respond to threats
You need to configure an Azure solution that meets the following requirements:
✑ Secures websites from attacks
✑ Generates reports that contain details of attempted attacks
What should you include in the solution?
A.
Azure Firewall
B.
a network security group (NSG)
C.
Azure Information Protection
D.
DDoS protection
DDoS protection
You plan to implement several security services for an Azure environment. You need to identify which Azure services must be used to meet the following security requirements:
✑ Monitor threats by using sensors
✑ Enforce Azure Multi-Factor Authentication (MFA) based on a condition
Which Azure service should you identify for each requirement? To answer, select the appropriate options in the answer area.
Azure Advanced Threat Protection (ATP).
Azure Active Directory Identity Protection.
Your company has virtual machines (VMs) hosted in Microsoft Azure. The VMs are located in a single Azure virtual network named VNet1.
The company has users that work remotely. The remote workers require access to the VMs on VNet1.
You need to provide access for the remote workers.
What should you do?
A.
Configure a Site-to-Site (S2S) VPN.
B.
Configure a VNet-toVNet VPN.
C.
Configure a Point-to-Site (P2S) VPN.
D.
Configure DirectAccess on a Windows Server 2012 server VM.
E.
Configure a Multi-Site VPN
Configure a Point-to-Site (P2S) VPN.
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
What are two possible solutions? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Modify an Azure Traffic Manager profile
B.
Modify a network security group (NSG)
C.
Modify a DDoS protection plan
D.
Modify an Azure firewall
Modify a network security group (NSG):
Modify an Azure firewall:
You can associate a network security group (NSG) to a virtual network subnet?
Yes
You can associate a network security group (NSG) to a virtual network?
No
You can associate a network security group (NSG) to a network interface?
Yes
You have an Azure environment that contains 10 virtual networks and 100 virtual machines.
You need to limit the amount of inbound traffic to all the Azure virtual networks.
What should you create?
A.
one application security group (ASG)
B.
10 virtual network gateways
C.
10 Azure ExpressRoute circuits
D.
one Azure firewall
one Azure firewall
This question requires that you evaluate the underlined text to determine if it is correct.
Azure Key Vault is used to store secrets for Azure Active Directory (Azure AD) user accounts.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
Azure Active Directory (Azure AD) administrative accounts
C.
Personally Identifiable Information (PII)
D.
server applications
server applications
Your company plans to automate the deployment of servers to Azure.
Your manager is concerned that you may expose administrative credentials during the deployment.
You need to recommend an Azure solution that encrypts the administrative credentials during the deployment.
What should you include in the recommendation?
A.
Azure Key Vault
B.
Azure Information Protection
C.
Azure Security Center
D.
Azure Multi-Factor Authentication (MFA)
Azure Key Vault
You plan to deploy several Azure virtual machines.
You need to control the ports that devices on the Internet can use to access the virtual machines.
What should you use?
A.
a network security group (NSG)
B.
an Azure Active Directory (Azure AD) role
C.
an Azure Active Directory group
D.
an Azure key vault
a network security group (NSG)
After you create a virtual machine, you need to modify the _______ to allow connections to TCP port 8080 on the virtual machine.
network security group (NSG)
virtual network gateway
virtual network
route table
NSG
You can create custom Azure roles to control access to resources?
Yes
A user account can be assigned to multiple Azure roles?
Yes
A resource group can have the Owner role assigned to multiple users?
No
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a network security group (NSG).
Does this meet the goal?
A.
Yes
B.
No
Yes
You have been informed by your superiors of the company’s intentions to automate server deployment to Azure. There is, however, some concern that administrative credentials could be uncovered during this process.
You are required to make sure that during the deployment, the administrative credentials are encrypted using a suitable Azure solution.
Solution: You recommend the use of Azure Information Protection.
Does the solution meet the goal?
A.
Yes
B.
No
No
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a DDoS protection plan.
Does this meet the goal?
A.
Yes
B.
No
No
You need to collect and automatically analyze security events from Azure Active Directory (Azure AD).
What should you use?
A.
Azure Sentinel
B.
Azure Synapse Analytics
C.
Azure AD Connect
D.
Azure Key Vault
Azure Sentinel
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify an Azure firewall.
Does this meet the goal?
A.
Yes
B.
No
Yes
This question requires that you evaluate the underlined text to determine if it is correct.
Azure Germany can be used by legal residents of Germany only.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
no change is needed
B.
only enterprises that are registered in Germany
C.
only enterprises that purchase their azure licenses from a partner based in Germany
D.
any user or enterprise that requires its data to reside in Germany
any user or enterprise that requires its data to reside in Germany
Identities stored in an on-premises Active Directory can be synchronized to Azure Active Directory (Azure AD)?
Yes
Identities stored in Azure Active Directory (Azure AD), third-party cloud services, and on-premises Active Directory can be used to access Azure resources?
Yes
Azure has built-in authentication and authorization services that provide secure
access to Azure resources?
Yes
You can view your company’s regulatory compliance report from:
Azure Advisor
Azure Analysis Services
Azure Monitor
Azure Security Center
Azure Security Center
What should you use to evaluate whether your company’s Azure environment meets regulatory requirements?
A.
Azure Service Health
B.
Azure Knowledge Center
C.
Azure Security Center
D.
Azure Advisor
Azure Security Center
Your company implements _____ to automatically add a watermark to Microsoft Word documents that contain credit card information:
Azure policies
DDOS protection
Azure Information Protection
Azure Active Directory (Azure AD) Identity Protection
Azure Information Protection
Azure Active Directory (Azure AD) requires the implementation of domain controllers on Azure virtual machines?
No
Azure Active Directory (Azure AD) provides authentication services for resources hosted in Azure and Microsoft 365?
Yes
Each user account in Azure Active Directory (Azure AD) can be assigned only
one license?
No
Which two types of customers are eligible to use Azure Government to develop a cloud solution? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
a Canadian government contractor
B.
a European government contractor
C.
a United States government entity
D.
a United States government contractor
E.
a European government entity
a United States government entity
a United States government contractor
You have been informed by your superiors of the company’s intentions to automate server deployment to Azure. There is, however, some concern that administrative credentials could be uncovered during this process.
You are required to make sure that during the deployment, the administrative credentials are encrypted using a suitable Azure solution.
Solution: You recommend the use of Azure Multi-Factor Authentication (MFA).
Does the solution meet the goal?
A.
Yes
B.
No
No
To implement an Azure Multi-Factor Authentication (MFA) solution, you must sync on-premises identities to the cloud?
No
Two valid methods for Azure Multi-Factor Authentication (MFA) are picture identification and a passport number?
No
Azure Multi-Factor Authentication (MFA) can be required for administrative and non-administrative user accounts?
Yes
You need to ensure that when Azure Active Directory (Azure AD) users connect to Azure AD from the Internet by using an anonymous IP address, the users are prompted automatically to change their password.
Which Azure service should you use?
A.
Azure AD Connect Health
B.
Azure AD Privileged Identity Management
C.
Azure Advanced Threat Protection (ATP)
D.
Azure AD Identity Protection
Azure AD Identity Protection
ISO
NIST
GDPR
Azure Government
To what should an application connect to retrieve security tokens?
A.
an Azure Storage account
B.
Azure Active Directory (Azure AD)
C.
a certificate store
D.
an Azure key vault
an Azure key vault
Your network contains an Active Directory forest. The forest contains 5,000 user accounts.
Your company plans to migrate all network resources to Azure and to decommission the on-premises data center.
You need to recommend a solution to minimize the impact on users after the planned migration.
What should you recommend?
A.
Implement Azure Multi-Factor Authentication (MFA)
B.
Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
C.
Instruct all users to change their password
D.
Create a guest user account in Azure Active Directory (Azure AD) for each user
Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
You can configure the Azure Active Directory (Azure AD) activity logs to appear in Azure Monitor?
Yes
From Azure Monitor, you can monitor resources across multiple Azure subscriptions?
Yes
From Azure Monitor, you can create alerts?
Yes
You create a resource group named RG1 in Azure Resource Manager.
You need to prevent the accidental deletion of the resources in RG1.
Which setting should you use? To answer, select the appropriate setting in the answer area.
Locks
You have a resource group named RG1.
You need to prevent the creation of virtual machines in RG1. The solution must ensure that other objects can be created in RG1.
What should you use?
A.
a lock
B.
an Azure role
C.
a tag
D.
an Azure policy
an Azure policy
You have an Azure subscription and 100 Windows 10 devices.
You need to ensure that only users whose devices have the latest security patches installed can access Azure Active Directory (Azure AD)-integrated applications.
What should you implement?
A.
a conditional access policy
B.
Azure Bastion
C.
Azure Firewall
D.
Azure Policy
a conditional access policy
What can Azure Information Protection encrypt?
A.
network traffic
B.
documents and email messages
C.
an Azure Storage account
D.
an Azure SQL database
documents and email messages
The company would like to develop a cloud solution by making use of Azure Government. Azure Government can only be used by certain types of clients to develop cloud solutions.
Which of the following are the types of customers that can make use of Azure Government in this situation? Answer by dragging the correct option from the list to the answer area.
A US government contractor
A US government entity
What should you use to evaluate whether your company’s Azure environment meets regulatory requirements?
A.
the Knowledge Center website
B.
the Advisor blade from the Azure portal
C.
Compliance Manager from the Service Trust Portal
D.
the Solutions blade from the Azure portal
Compliance Manager from the Service Trust Portal
_____ enables users to authenticate to multiple applications by using single sign-on (SSO):
Application security groups in Azure
Azure Active Directory (Azure AD)
Azure Key Vault
Azure Security Center
Azure Active Directory (Azure AD)
You have an Azure subscription.
Where will you find details on the personal data collected by Microsoft, how Microsoft uses the data, and what the data is used for?
A.
the Data Protection Addendum
B.
the Microsoft Online Services Terms
C.
the Microsoft Privacy Statement
D.
Azure Security Center
the Microsoft Privacy Statement
Azure Active Directory (Azure AD) can be used to manage access to on-premises applications?
Yes
Azure Active Directory (Azure AD) provides single sign-on (SSO)?
Yes
iOS devices can be registered in Azure Active Directory (Azure AD)?
Yes
continues to function normally
Trust Center is part of the Azure Security Center?
No
It’s a standalone service
Trust Center can only be accessed by users that have an Azure subscription?
No
Trust Center provides information about the Azure compliance offerings?
Yes
You can add multiple tags to the same Azure resource?
Yes
You can use Azure Policy to apply tags to resources?
Yes
An Azure resource inherits tags from the resource group to which the resource is deployed?
No
Microsoft Privacy Statement
Online Services Terms
Data Protection Addendum
Requiring a user to enter a password and answer a security question when signing-in to Azure Active Directory (Azure AD) is an example of:
business-to-customer (B2C) identity services.
managed identities.
multi-factor authentication (MFA)
role-based access control (RBAC).
multi-factor authentication (MFA)
Azure China:
is operated by Microsoft.
has feature parity with Azure global.
services can be accessed from China only.
is a distinct separate instance of Microsoft Azure.
distinct separate instance of Microsoft Azure.
Your company has an Azure Active Directory (Azure AD) environment. Users occasionally connect to Azure AD via the Internet.
You have been tasked with making sure that users who connect to Azure AD via the internet from an unidentified IP address, are automatically encouraged to change passwords.
Solution: You configure the use of Azure AD Identity Protection.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
What should you use to evaluate whether your company’s Azure environment meets regulatory requirements?
A.
Azure Service Health
B.
Azure Knowledge Center
C.
Microsoft Defender for Cloud
D.
Azure Advisor
Microsoft Defender for Cloud
You can review audit reports and compliance-related information for Azure services from:
Microsoft Defender for Cloud.
the Microsoft Defender for Identity admin center.
the Microsoft 365 Compliance center.
the Microsoft Service Trust Portal.
the Microsoft Service Trust Portal.
The Microsoft Service Trust Portal can be accessed by using a Microsoft cloud services account?
Yes
Compliance Manager can be used to track your company’s regulatory compliance activities related to Microsoft cloud services?
Yes
The My Library feature can be used to save Microsoft Service Trust Portal documents and resources in a single location?
Yes
Your company has an Azure subscription that contains resources in several regions.
You need to create the Azure resource that must be used to meet the policy requirement.
What should you create?
A.
a read-only lock
B.
an Azure policy
C.
a management group
D.
a reservation
an Azure policy
From Azure Cloud Shell, you can track your company’s regulatory standards and regulations, such as ISO 27001.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed.
B.
the Microsoft Cloud Partner Portal
C.
Compliance Manager
D.
the Trust Center
Compliance Manager
You can create Group Polices in Azure Active Directory (Azure AD)?
No that’s that’s normal AD
You can join Windows 10 devices to Azure Active Directory (Azure AD)?
Yes
You can join Android devices to Azure Active Directory (Azure AD)?
No
The _____ explains what data Microsoft processes, how Microsoft processes the data, and the purpose of processing the data:
Microsoft Online Services Privacy Statement
Microsoft Product Terms
Microsoft Online Service Level Agreement
Online Subscription Agreement for Microsoft Azure
Microsoft Privacy Statement
_____ is the process of verifying a user’s credentials.
Authorization
Authentication
Federation
Ticketing
Authentication
An Azure Policy initiative definition is:
acollection of policy definitions
collection of Azure Policy definition assignments
group of Azure Blueprints definitions
group of role-based access control (RBAC) role assignments
collection of policy definitions
provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions:
Resource groups
Management groups
Azure policies
Azure App Service plans
Management groups
Your company’s Azure subscription includes a Basic support plan.
They would like to request an assessment of an Azure environment’s design from Microsoft. This is, however, not supported by the existing plan.
You want to make sure that the company subscribes to a support plan that allows this functionality, while keeping expenses to a minimum.
Solution: You recommend that the company subscribes to the Professional Direct support plan.
Does the solution meet the goal?
A.
Yes
B.
No
No
Your company has an Azure Active Directory (Azure AD) environment. Users occasionally connect to Azure AD via the Internet.
You have been tasked with making sure that users who connect to Azure AD via the internet from an unidentified IP address, are automatically encouraged to change passwords.
Solution: You configure the use of Azure AD Privileged Identity Management.
Does the solution meet the goal?
A.
Yes
B.
No
No
General Data Protection Regulation (GDPR) defines data protection and privacy rules?
Yes
General Data Protection Regulation (GDPR) applies to companies that offer goods or services to individuals in the EU?
Yes
Azure can be used to build a General Data Protection Regulation (GDPR)-compliant infrastructure?
Yes
You can add an Azure Resource Manager template to an Azure blueprint?
Yes
You can assign an Azure blueprint to a resource group?
Yes
You can use Azure Blueprints to grant permissions to a resource?
Yes
Azure China is operated by Microsoft?
No
Azure Government is operated by Microsoft?
Yes
Azure Government is available only to US
government agencies and their partners?
Yes
An Azure resource can have multiple Delete locks?
Yes
An Azure resource inherits locks from its resource group?
Yes
If an Azure resource has a Read-only lock, you can add a Delete lock to the resource?
Yes
Your company plans to migrate all on-premises data to Azure.
You need to identify whether Azure complies with the company’s regional requirements.
What should you use?
A.
the Knowledge Center
B.
Azure Marketplace
C.
the MyApps portal
D.
the Trust Center
the Trust Center
Authorization to access Azure resources can be provided only to Azure Active Directory (Azure AD) users?
No
Identities stored in Azure Active Directory (Azure AD), third-party cloud services, and on-premises Active Directory can be used to access Azure resources?
Yes
Azure has built-in authentication and authorization services that provide secure access to Azure resources?
Yes
If a resource group named RG1 has a delete lock, ______ can delete RG1.
only a member of the global administrators group
the delete lock must be removed before an administrator
an Azure policy must be modified before an administrator
an Azure tag must be added before an administrator
the delete lock must be removed before an administrator
_____ is the process of establishing the identity of a user or service that wants to access a resource.
Authentication:
Authorization
Conditional Access
Synchronization
Authentication
Single sign-on (SSO) requires that all users sign in by using the Microsoft Authenticator app?
No
Authentication is the process of establishing which level of access an authenticated user or service has?
No
Conditional Access uses signals collected from a user during the sign-in process to decide whether to allow or deny access requests?
Yes
What is guaranteed in an Azure Service Level Agreement (SLA) for virtual machines?
A.
uptime
B.
feature availability
C.
bandwidth
D.
performance
uptime
You are planning a strategy to deploy numerous web servers and database servers to Azure.
This strategy should allow for connection types between the web servers and database servers to be controlled.
Solution: You include network security groups (NSGs) in your strategy.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
An Azure service is available to all Azure customers when it is in:
public preview
private preview
development
an Enterprise Agreement (EA) subscription
Public Preview
Your company plans to purchase an Azure subscription.
The company’s support policy states that the Azure environment must provide an option to access support engineers by phone or email.
You need to recommend which support plan meets the support policy requirement.
Solution: Recommend a Basic support plan.
Does this meet the goal?
A.
Yes
B.
No
No
Your company plans to purchase an Azure subscription.
The company’s support policy states that the Azure environment must provide an option to access support engineers by phone or email.
You need to recommend which support plan meets the support policy requirement.
Solution: Recommend a Standard support plan.
Does this meet the goal?
A.
Yes
B.
No
Yes
Your company plans to purchase an Azure subscription.
The company’s support policy states that the Azure environment must provide an option to access support engineers by phone or email.
You need to recommend which support plan meets the support policy requirement.
Solution: Recommend a Premier support plan.
Does this meet the goal?
A.
Yes
B.
No
Yes
Your company plans to request an architectural review of an Azure environment from Microsoft.
The company currently has a Basic support plan.
You need to recommend a new support plan for the company. The solution must minimize costs.
Which support plan should you recommend?
A.
Premier
B.
Developer
C.
Professional Direct
D.
Standard
Standard
Most Azure services are introduced in private preview before being introduced in public preview, and then in general availability?
Yes
Azure services in public preview can be managed only by using the Azure CLI?
No
The cost of an Azure service in private preview decreases when the service becomes generally available?
No
What is required to use Azure Cost Management?
A.
a Dev/Test subscription
B.
Software Assurance
C.
an Enterprise Agreement (EA)
D.
a pay-as-you-go subscription
a pay-as-you-go subscription
Your Azure trial account expired last week.
You are now unable to:
Create additional Azure Active Directory (Azure AD) user accounts
start an existing Azure virtual machine
access your data stored in Azure
access the Azure portal
start an existing Azure virtual machine
Your company plans to purchase an Azure subscription.
The company’s support policy states that the Azure environment must provide an option to access support engineers by phone or email.
You need to recommend which support plan meets the support policy requirement.
Solution: Recommend a Professional Direct support plan.
Does this meet the goal?
A.
Yes
B.
No
Yes
Your company has a Software Assurance agreement that includes Microsoft SQL Server licenses.
You plan to deploy SQL Server on Azure virtual machines.
What should you do to minimize licensing costs for the deployment?
A.
Deallocate the virtual machines during off hours.
B.
Use Azure Hybrid Benefit.
C.
Configure Azure Cost Management budgets.
D.
Use Azure reservations.
Use Azure Hybrid Benefit.
You are planning a strategy to deploy numerous web servers and database servers to Azure.
This strategy should allow for connection types between the web servers and database servers to be controlled.
Solution: You include a local network gateway in your strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
Your company has 10 departments.
The company plans to implement an Azure environment.
You need to ensure that each department can use a different payment option for the Azure services it consumes.
What should you create for each department?
A.
a reservation
B.
a subscription
C.
a resource group
D.
a container instance
subscription
An Azure free account has a spending limit?
Yes
An Azure free account has a limit of 2TB of data that can be uploaded to Azure?
No
An Azure free account can contain an unlimited number of web apps?
No
An Azure service in private preview is released to all Azure customers?
No
An Azure service in public preview is released to all Azure customers?
Yes
An Azure service in general availability is released to a subset of Azure customers?
No
With a consumption-based plan, you pay a fixed rate for all data sent to or from virtual machines hosted in the cloud?
No
With a consumption-based plan, you reduce overall costs by paying only for extra capacity when it is required?
Yes
Serverless computing is an example of a consumption-based plan?
Yes
The cost of Azure resources can vary between regions?
Yes
An Azure reservation is used to reserve server capacity at a specific data center?
Yes
You can stop an Azure SQL Database instance to decrease costs?
No
The product of both SLAs
The Service Level Agreement (SLA) guaranteed uptime for paid Azure services is at least 99.9 percent?
Yes
Companies can increase the Service Level Agreement (SLA) guaranteed uptime by adding Azure resources to multiple regions?
Yes
Companies can increase the Service Level Agreement (SLA) guaranteed uptime by purchasing multiple subscriptions?
No
Which statement accurately describes the Modern Lifecycle Policy for Azure services?
A.
Microsoft provides mainstream support for a service for five years.
B.
Microsoft provides a minimum of 12 months’ notice before ending support for a service.
C.
After a service is made generally available, Microsoft provides support for the service for a minimum of four years.
D.
When a service is retired, you can purchase extended support for the service for up to five years.
Microsoft provides a minimum of 12 months’ notice before ending support for a service.
You need to request that Microsoft increase a subscription quota limit for your company.
Which blade should you use from the Azure portal? To answer, select the appropriate blade in the answer area.
Help + Support
Budget alerts
Your company’s Active Directory forest includes thousands of user accounts.
You have been informed that all network resources will be migrated to Azure. Thereafter, the on-premises data center will be retired.
You are required to employ a strategy that reduces the effect on users, once the planned migration has been completed.
Solution: You plan to require Azure Multi-Factor Authentication (MFA).
Does the solution meet the goal?
A.
Yes
B.
No
No
Your company has an Azure subscription that contains the following unused resources:
✑ 20 user accounts in Azure Active Directory (Azure AD)
✑ Five groups in Azure AD
✑ 10 public IP addresses
✑ 10 network interfaces
You need to reduce the Azure costs for the company.
Which unused resources should you remove?
A.
the network interfaces
B.
the public IP addresses
C.
the groups
D.
the user accounts
the public IP addresses
If an Azure virtual machine has a status of Stopped (deallocated), ______ you will continue to pay for:
compute capacity
V/O operations
networking
storage
storage
Who can use the Azure Total Cost of Ownership (TCO) calculator?
A.
billing readers for an Azure subscription only
B.
owners for an Azure subscription only
C.
anyone
D.
all users who have an account in Azure Active Directory (Azure AD) that is linked to an Azure subscription only
anyone
You deploy an Azure resource. The resource becomes unavailable for an extended period due to a service outage.
Microsoft will:
refund your bank account.
migrate the resource to another subscription.
credit your Azure account.
send you a coupon code that you can redeem for Azure credits.
Credit your Azure account
Which task can you perform by using Azure Advisor?
A.
Integrate Active Directory and Azure Active Directory (Azure AD).
B.
Estimate the costs of an Azure solution.
C.
Confirm that Azure subscription security follows best practices.
D.
Evaluate which on-premises resources can be migrated to Azure.
Confirm that Azure subscription security follows best practices.
0.999 * 0.9999 = 0.9989001 = 99.89001%
______ provide access to unused Azure compute capacity at deep discounts
Azure Container Instances
Azure Reserved Virtual Machine Instances
Azure Spot virtual machine instances
Azure virtual machine scale sets
Spot Virtual Machines
To save on the costs of an unused Azure virtual
machine that runs Windows 10, you should:
disconnect the virtual machine during a Remote Desktop session
put the virtual machine in sleep mode
from a Remote Desktop session
select Stop for the virtual machine from the Azure portal
shut down the virtual machine from a Remote Desktop session
select Stop for the virtual machine from the Azure portal.
All Azure services that are in public preview are:
provided without any documentation.
only configurable from Azure CLI.
excluded from the Service Level Agreements.
only configurable from the Azure portal.
excluded from SLA
You can access Compliance Manager from the:
Azure Active Directory admin center
Azure portal
Microsoft 365 admin center
Microsoft Service Trust Portal
Microsoft Service Trust Portal.
You have 1,000 virtual machines hosted on the Hyper-V hosts in a data center.
You plan to migrate all the virtual machines to an Azure pay-as-you-go subscription.
You need to identify which expenditure model to use for the planned Azure solution.
Which expenditure model should you identify?
A.
scalable
B.
operational
C.
elastic
D.
capital
operational
Which Service Level Agreement (SLA) is provided for Azure services in public preview?
A.
Each service defines its own SLA
B.
The SLA will be 99%
C.
The SLA will be 1% less than the general availability (GA) SLA
D.
The SLA will be 99.95%
Each service defines its own SLA
_____ in Azure Firewall enables users on the internet to access a server on a virtual network:
Application rules
Network Address Translation (NAT) rules
Network rules
Service tags
NAT
What is the longest term you can purchase for Azure Reserved VM instances?
A.
one year
B.
five years
C.
four years
D.
three years
three years
Your company has 10 offices. You plan to generate several billing reports from the Azure portal. Each report will contain the Azure resource utilization of each office.
Which Azure Resource Manager feature should you use before you generate the reports?
A.
tags
B.
templates
C.
locks
D.
policies
tags
If Microsoft plans to end support for an Azure service that does NOT have a successor service, Microsoft will provide notification at least 12 months before.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed.
B.
6 months
C.
90 days
D.
30 days
No change is needed
When you are implementing a Software as a Service (Saas) solution, you are responsible for:
configuring high availability.
defining scalability rules.
installing the SaaS solution.
configuring the SaaS solution.
configuring the SaaS solution
Your company has an Azure subscription that contains the following unused resources:
✑ 20 user accounts in Azure Active Directory (Azure AD)
✑ Five groups in Azure AD
✑ 10 public IP addresses
✑ 10 network interfaces
You need to reduce the Azure costs for the company.
Solution: You remove the unused network interfaces.
Does this meet the goal?
A.
Yes
B.
No
No
Your company has an Azure subscription that contains the following unused resources:
✑ 20 user accounts in Azure Active Directory (Azure AD)
Five groups in Azure AD -
Question
✑ 10 public IP addresses
✑ 10 network interfaces
You need to reduce the Azure costs for the company.
Solution: You remove the unused public IP addresses.
Does this meet the goal?
A.
Yes
B.
No
Yes
Your company has an Azure subscription that contains the following unused resources:
✑ 20 user accounts in Azure Active Directory (Azure AD)
✑ Five groups in Azure AD
✑ 10 public IP addresses
✑ 10 network interfaces
You need to reduce the Azure costs for the company.
Solution: You remove the unused user accounts.
Does this meet the goal?
A.
Yes
B.
No
No
Maximum Available Minutes
Downtime
Monthly Uptime Percentage
A support plan solution that gives you best practice information, health status and notifications, and 24/7 access to billing information at the lowest possible cost is a Standard support plan.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
Developer
C.
Basic
D.
Premier
Basic
In which Azure support plans can you open a new support request?
A.
Premier and Professional Direct only
B.
Premier, Professional Direct, and Standard only
C.
Premier, Professional Direct, Standard, and Developer only
D.
Premier, Professional Direct, Standard, Developer, and Basic
Premier, Professional Direct, Standard, Developer, and Basic
You can create an Azure support request from support.microsoft.com.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed.
B.
the Azure portal
C.
the Knowledge Center
D.
the Security & Compliance admin center
the Azure portal
You have an on-premises network that contains several servers.
You plan to migrate all the servers to Azure.
You need to recommend a solution to ensure that some of the servers are available if a single Azure data center goes offline for an extended period.
What should you include in the recommendation?
A.
fault tolerance
B.
elasticity
C.
scalability
D.
low latency
fault tolerance
Your company has an Azure subscription that contains the following unused resources:
✑ 20 user accounts in Azure Active Directory (Azure AD)
✑ Five groups in Azure AD
✑ 10 public IP addresses
✑ 10 network interfaces
You need to reduce the Azure costs for the company.
Solution: You remove the unused groups.
Does this meet the goal?
A.
Yes
B.
No
No
The Azure Standard support plan is the lowest cost option to receive 24x7 access to support engineers by phone.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
Developer
C.
Basic
D.
Professional Direct
No change is needed
All Azure services that are in public preview are:
provided without any documentation
only configurable from Azure CLI
excluded from the Service Level Agreements
only configurable from the Azure portal
excluded from the Service Level Agreements
_____ can calculate cost savings due to reduced electricity consumption as a result of migrating on-premises Microsoft SQL servers to Azure:
The Azure Migrate: Server Assessment tool
The Azure Total Cost of Ownership (TCO) calculator
The Database Migration Assistant
The pricing calculator in Azure
The Azure Total Cost of Ownership (TCO) calculator
You need to compare a company’s cloud usage to industry standard best practices.
What should you use?
A.
Azure Monitor
B.
Azure Service Health
C.
Application Insights in Azure Monitor
D.
Azure Advisor
Azure Advisor
You need to start Azure Cloud Shell.
What should you use?
A.
the Azure portal
B.
Azure Command-Line Interface (CLI)
C.
Azure PowerShell
D.
an Azure Resource Manager (ARM) template
the Azure portal
How many copies of data are maintained by an Azure Storage account that uses locally-redundant storage (LRS)?
A.
3
B.
4
C.
6
D.
9
3
What enables a cloud service to adapt quickly to changing requirements?
A.
high availability
B.
predictability
C.
manageability
D.
agility
agility
What is an example of vertical scaling in a cloud environment?
A.
adding an additional CPU to an existing Azure virtual machine
B.
adding an additional Azure virtual machine
C.
adding an additional Azure Virtual Desktop session host
D.
adding an additional Azure App Service instance automatically
adding an additional CPU to an existing Azure virtual machine
An organization that hosts its infrastructure ______
no longer requires a data center
in a private cloud
in a hybrid cloud
in the public cloud
on a Hyper-V host
in the public cloud
What additional resource is required by an Azure virtual machine?
A.
a virtual network
B.
a service endpoint
C.
Azure Firewall
D.
a public IP address
a virtual network
How many copies of data are maintained by an Azure Storage account that uses geo-redundant storage (GRS)?
A.
3
B.
4
C.
6
D.
9
3
What is used to grant permission to Azure Virtual Desktop resources?
A.
tags
B.
role-based access control (RBAC) roles
C.
resource groups
D.
application security groups
role-based access control (RBAC) roles
High Availability
Geo-distribution
Scalability
ExpressRoute
Virtual Network Peering
VPN Gateway
_____ ensures that you can calculate how much a cloud service will cost.
Agility
Elasticity
High availability
Predictability
Predictability
Which cloud service model minimizes the management responsibility of a customer?
A.
infrastructure as a service (IaaS)
B.
platform as a service (PaaS)
C.
software as a service (SaaS)
software as a service (SaaS)
What are two characteristics of the public cloud? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
dedicated hardware
B.
unsecured connections
C.
limited storage
D.
metered pricing
E.
self-service management
metered pricing
self-service management
When a cloud app can allocate and release resources, it has:
elasticity.
governance.
high availability.
predictability.
reliability.
elasticity
_____ runs application code in Azure without requiring a server:
An Azure DevOps pipeline
An Azure Resource Manager template
Azure Application Gateway
Azure Functions
Azure Functions
Azure Queue Storage
Azure Files
Azure Blob storage
Premium block blobs storage accounts only support _____ redundancy.
geo-redundant storage (GRS)
geo-zone-redundant storage (GZRS)
locally-redundant storage (LRS)
zone-redundant storage (ZRS)
zone-redundant storage (ZRS)
You have an Azure web app.
You need to manage the settings of the web app from an iPhone.
What are two Azure management tools that you can use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Windows PowerShell
B.
Azure Cloud Shell
C.
the Azure portal
D.
Azure Storage Explorer
Azure Cloud Shell
the Azure portal
You are tasked with deploying Azure virtual machines for your company.
You need to make use of the appropriate cloud deployment solution.
Solution: You should make use of Software as a Service (SaaS).
Does the solution meet the goal?
A.
Yes
B.
No
No
When planning to migrate a public website to Azure,
you must plan to:
deploy a VPN.
pay monthly usage costs.
pay to transfer all the website data to Azure.
reduce the number of connections to the website.
pay monthly usage costs.
What should you use to prevent traffic from an Azure virtual network from being routed to an Azure Storage account via the internet?
A.
a network security group (NSG)
B.
a public endpoint
C.
Azure VPN Gateway
D.
a service endpoint
a service endpoint
Which service can replace a resource lock automatically if the lock is removed?
A.
Azure Information Protection (AIP)
B.
Azure Blueprints
C.
Azure Backup
D.
Azure Advisor
Azure Blueprints
Azure Active Directory.
Azure Resource Manager (ARM) templates use the:
CSV format.
HTML format.
JSON format.
XML format.
JSON format.
You plan to collect and analyze event details for five Azure virtual machines.
You need to run queries to compare the event details collected from all the virtual machines.
Which two tools should you use? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.
Azure Service Health
B.
Azure Service Bus
C.
Azure Monitor
D.
Azure Advisor
E.
Log Analytics
Azure Monitor
Log Analytics
An Azure SLA is a formal agreement between Microsoft and a customer that
defines:
a commitment to deliver the features on a technology roadmap.
a commitment to performance standards.
the maximum scalability limits of an available infrastructure.
the minimum scalability limits of an available infrastructure.
A Commitment to Performance Standards
What should you use to track the costs of Azure resources?
A.
Azure Quickstart templates
B.
tags
C.
budgets
D.
usage and quotas
budgets
You have an Azure subscription.
You plan to create a virtual machine.
Where will the virtual machine be placed in Azure?
A.
In a storage account
B.
In a resource group
C.
In an administrative unit
D.
In an application group
In a resource group
When planning to migrate a public website to Azure,
you must plan to:
deploy a VPN.
pay monthly usage costs.
pay to transfer all the website data to Azure.
reduce the number of connections to the website.
pay monthly usage costs
Your company plans to migrate all its data and resources to Azure.
The company’s migration plan states that only Platform as a Service (PaaS) solutions must be used in Azure.
You need to deploy an Azure environment that meets the company migration plan.
Solution: You create an Azure App Service and Azure SQL databases.
Does this meet the goal?
A.
Yes
B.
No
Yes
_____ provides a global view of the status of Azure services, regions, and specific resources.
Application Insights
Azure Advisor
Azure Service Health
Azure Service Health
You plan to reduce ongoing Azure expenditures.
You need to identify which factors affect the costs of a resource.
Which three factors should you identify? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
the volume of outbound data
B.
the volume of inbound data
C.
the service tier
D.
the Azure region
E.
the type of processed data
the volume of outbound data
the service tier
the Azure region
Your company has an Azure subscription that contains several resources.
You need to identify which department is responsible for the cost of each resource.
What should you use?
A.
budgets
B.
alerts
C.
tags
tags
Azure Cosmos DB is an example of a
offering.
platform as a service (PaaS)
infrastructure as a service (laaS)
content as a service
software as a service (Saas)
platform as a service (PaaS)
Data that is stored in the Archive access tier of an Azure Storage account
can be accessed at any time by using:
azcopy.exe.
can only be read by using Azure Backup.
must be restored before the data can be accessed.
must be rehydrated before the data can be accessed.
must be rehydrated before the data can be accessed.
Your company plans to migrate all its data and resources to Azure.
The company’s migration plan states that only Platform as a Service (PaaS) solutions must be used in Azure.
You need to deploy an Azure environment that meets the company migration plan.
Solution: You create an Azure App Service and Azure virtual machines that have Microsoft SQL Server installed.
Does this meet the goal?
A.
Yes
B.
No
No
You have on-premises servers that run Windows Server.
What should you implement to manage the servers by using the Azure portal?
A.
Azure Kubernetes Service (AKS)
B.
Azure Arc
C.
Docker
D.
role-based access control (RBAC)
Azure Arc
You can use ______ in Azure to send email alerts when the cost of the current
billing period for an Azure subscription exceeds a specified limit.
Advisor recommendations
Access control (IAM)
Budget alerts
Compliance
Budget alerts
Software Assurance
You have a web app that runs in Azure.
You need to identify the amount of time it takes for web pages to load in a user’s browser.
What should you use?
A.
Azure Monitor alerts
B.
Application Insights in Azure Monitor
C.
Log Analytics
D.
Azure Network Watcher
Application Insights in Azure Monitor
______ ensures access to cloud resources in the event of a service failure.
High availability
Predictability
Reliability
Scalability
High availability
What should a desktop application use to interact with Azure and manage resources?
A.
APIs
B.
Azure Resource Manager (ARM) templates
C.
Azure Command-Line Interface (CLI)
D.
Azure Cloud Shell
APIs
Elasticity
Disaster Recovery
Agility
Software updates and patches
MFA
Surveillance Camera
The Hot access tier is available for blob data that uses standard storage?
Yes
The Cool access tier is available for file shares in premium storage?
No
The Cool access tier can be configured at the storage account level?
Yes
Which two features or services can be integrated with Azure Monitor? Each correct answer presents part of the solution.
NOTE: Each correct answer is worth one point.
A.
Azure status
B.
Application Insights
C.
Azure Advisor
D.
Log Analytics
E.
Azure Service Health
Application Insights
Log Analytics
Your company plans to migrate all its data and resources to Azure.
The company’s migration plan states that only Platform as a Service (PaaS) solutions must be used in Azure.
You need to deploy an Azure environment that meets the company migration plan.
Solution: You create an Azure App Service and Azure Storage accounts.
Does this meet the goal?
A.
Yes
B.
No
Yes
What provides a unified way to project and manage non-Azure resources in Azure Resource Manager (ARM)?
A.
Azure Migrate
B.
Azure AD Connect
C.
Azure Arc
D.
Azure Front Door
Azure Arc
AzCopy is a command-line utility used to copy blobs or files to or from a storage account?
Yes
Azure Storage Explorer is a cloud-hosted migration service used to transfer large amounts of data?
No
Azure File Sync syncs files and folders between Azure Files and Windows file servers?
Yes
______ Is a physical migration service used to transfer large amounts of data in a quick, inexpensive, and reliable way.
Azure Data Box
Azure Databricks
Azure File Sync
Azure Migrate
Azure Data Box
You plan to deploy new resources for each business unit.
You need to ensure that the new resources are deployed by using a repeatable and reliable method that applies the same configurations to each resource.
What should you use?
A.
Azure Policy
B.
Azure Arc
C.
a resource group
D.
Azure Resource Manager (ARM) templates
Azure Resource Manager (ARM) templates
ExpressRoute uses Border Gateway Protocol (BGP)?
Yes
ExpressRoute uses the internet to connect an on-premises network to Azure?
No
You can configure multiple ExpressRoute circuits to connect an on-premises datacenter to Azure?
Yes
Azure Arc can manage physical servers that run Linux?
Yes
Azure Arc can manage Azure Kubernetes Service (AKS) clusters at scale?
Yes
Azure Arc can manage a third-party database solution hosted outside of Azure?
Yes
_____ extends Azure compliance and monitoring to hybrid and multicloud configurations:
Azure AD Connect
Azure Arc
Azure Front Door
Azure Policy
Azure Arc
In the software as a service (SaaS) cloud service, which responsibility is shared between Microsoft and the customer?
A.
identity and directory infrastructure management
B.
application management
C.
information and data management
D.
operating system updates
identity and directory infrastructure management
Where does Azure Monitor store event data?
A.
an Azure Blob Storage account
B.
Azure Storage Queue
C.
Azure SQL Database
D.
a Log Analytics workspace
a Log Analytics workspace
You deploy an Azure resource. The resource becomes unavailable for an extended period due to a service outage.
Microsoft will:
refund your bank account.
migrate the resource to another subscription.
credit your Azure account.
send you a coupon code that you can redeem for Azure credits.
credit your Azure account.
Your company hosts an accounting application named App1 that is used by all the customers of the company.
App1 has low usage during the first three weeks of each month and very high usage during the last week of each month.
Which benefit of Azure Cloud Services supports cost management for this type of usage pattern?
A.
high availability
B.
high latency
C.
elasticity
D.
load balancing
elasticity
When planning to migrate a public website to Azure, you must plan to:
deploy a VPN.
pay monthly usage costs.
pay to transfer all the website data to Azure,
reduce the number of connections to the website.
pay monthly usage costs.
_____ a common platform for deploying objects to a cloud infrastructure and for implementing consistency across the Azure environment:
Azure policies provide
Resource groups provide
Azure Resource Manager templates provide
Management groups provide
Azure Resource Manager templates
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Which three computers can run the script? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
a computer that runs Windows 11 and has the Azure CLI tools installed
B.
a computer that runs Linux and has the Azure CLI tools installed
C.
a computer that runs macOS and has PowerShell Core 6.0 installed
D.
a computer that runs Chrome OS and uses Azure Cloud Shell
E.
a computer that runs Windows 10 and has the Azure PowerShell module installed
C. macOS with PowerShell Core 6.0 installed: PowerShell Core is cross-platform, which means it runs on macOS, Linux, and Windows. By installing PowerShell Core 6.0 or later on macOS, you can run PowerShell scripts to manage and create Azure resources.
• D. Chrome OS with Azure Cloud Shell: Chrome OS does not natively support PowerShell, but you can use Azure Cloud Shell in a web browser on Chrome OS. Azure Cloud Shell provides a browser-based environment that has both PowerShell and the Azure CLI pre-installed, allowing you to run Azure PowerShell scripts.
• E. Windows 10 with the Azure PowerShell module installed: A computer running Windows 10 with the Azure PowerShell module installed is a typical environment for running PowerShell scripts that create and manage Azure resources.
Azure AD requires domain controllers on Azure virtual machines?
No
Azure AD provides authentication services for Azure and Microsoft 365?
Yes
Each user account in Azure AD can be assigned only one Microsoft 365 license?
No
In the infrastructure as a service (IaaS) cloud service model, which two components are the responsibility of the cloud service provider? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
the configuration and maintenance of storage
B.
the installation and configuration of the operating system
C.
maintaining the hardware
D.
the network configuration
E.
physical security of the datacenter infrastructure
maintaining the hardware
physical security of the datacenter infrastructure
The Cool access tier is optimized:
for data that is accessed infrequently and stored for at least 30 days.
for data that is accessed rarely, is stored for at least 180 days, and
has flexible latency requirements.
for storing data that is accessed frequently.
for data that is accessed infrequently and stored for at least 30 days.
_____ provides a health overview of Azure services and regions:
Azure Monitor
Azure Resource Health
Azure Service Health
Azure status
Azure Service Health
When using _____ , you can group virtual machines into an update domain or a fault domain:
availability sets
availability zones
Azure Load Balancer
Azure Virtual Machine Scale Sets
availability sets
You plan to migrate a web application to Azure. The web application is accessed by external users.
You need to recommend a cloud deployment solution to minimize the amount of administrative effort used to manage the web application.
What should you include in the recommendation?
A.
Software as a Service (SaaS)
B.
Platform as a Service (PaaS)
C.
Infrastructure as a Service (IaaS)
D.
Database as a Service (DaaS)
Platform as a Service (PaaS)
You have an Azure Storage account named storage1.
You need to ensure that containers can be created in, but not deleted from, storage1.
What should you do?
A.
Create a ReadOnly lock for storage1.
B.
Create a delete lock for storage1.
C.
Enable container soft delete.
D.
Enable blob soft delete.
Create a delete lock for storage1.
You have an Azure subscription.
You need to use Azure Cloud Shell to run a deployment script.
What should you use to access Cloud Shell?
A.
Azure Resource Manager (ARM)
B.
Microsoft Visual Studio
C.
a Windows command prompt
D.
a web browser
a web browser.
Adding more RAM to a virtual machine is an example of Horizontal scaling?
No
Adding an additional virtual machine based upon demand is an example of Vertical scaling?
No
Horizontal scaling can occur automatically or manually?
Yes
You need to migrate an on-premises server by using a lift-and-shift migration.
To which type of cloud service should you migrate?
A.
infrastructure as a service (IaaS)
B.
software as a service (SaaS)
C.
platform as a service (PaaS)
infrastructure as a service (IaaS)
Only one tag can be assigned to an Azure resource?
No
Tags can be assigned to Azure resources by using Azure Resource Manager (ARM) templates?
Yes
Tags can be used to enforce naming standards for Azure resources?
No
_____ evaluates signals to allow or deny
sign-ins to Azure AD.
A managed identity
Conditional Access
Microsoft Intune
Conditional Access
Azure Container Instances
Azure Virtual Machines(scale Set)
Azure Advisor supports alerts?
Yes
Azure Advisor recommendations can be filtered by Administrative unit?
No
Azure Advisor provides recommendations on improving the performance of resources?
Yes
IaaS
PaaS
The Total Cost of Ownership (TCO) Calculator displays the cost of running workloads in a datacenter?
Yes
The Total Cost of Ownership (TCO) Calculator displays the cost of running workloads in Azure?
Yes
The Total Cost of Ownership (TCO) Calculator generates graphical reports?
Yes
Network security groups (NSGs) can contain multiple inbound and outbound security rules?
Yes
A VM that performs a particular function such as running a firewall is also called a Network virtual appliance?
Yes
A user-defined route (UDR) can only control network traffic between subnets of a single virtual network?
No
Microsoft 365 is an example of which cloud service model?
A.
infrastructure as a service (IaaS)
B.
platform as a service (PaaS)
C.
software as a service (SaaS)
software as a service (SaaS)
To achieve a hybrid cloud model, a company must always migrate from a private cloud model?
No
You have an on-premises network that contains 100 servers.
You need to recommend a solution that provides additional resources to your users. The solution must minimize capital and operational expenditure costs.
What should you include in the recommendation?
A.
a complete migration to the public cloud
B.
an additional data center
C.
a private cloud
D.
a hybrid cloud
a hybrid cloud
A company can extend the capacity of its internal network by using the public cloud?
Yes
In a public cloud model, only guest users at your company can access the resources in the cloud?
No
You plan to migrate several servers from an on-premises network to Azure.
What is an advantage of using a public cloud service for the servers over an on-premises network?
A.
The public cloud is owned by the public, NOT a private corporation
B.
The public cloud is a crowd-sourcing solution that provides corporations with the ability to enhance the cloud
C.
All public cloud resources can be freely accessed by every member of the public
D.
The public cloud is a shared entity whereby multiple corporations each use a portion of the resources in the cloud
The public cloud is a shared entity whereby multiple corporations each use a portion of the resources in the cloud
You are tasked with deploying Azure virtual machines for your company.
You need to make use of the appropriate cloud deployment solution.
Solution: You should make use of Platform as a Service (PaaS).
Does the solution meet the goal?
A.
Yes
B.
No
No
Azure Site Recovery provides ______
for virtual machines.
fault tolerance
disaster recovery
elasticity
high availability
Disaster Recovery
In which type of cloud model are all the hardware resources owned by a third-party and shared between multiple tenants?
A.
private
B.
hybrid
C.
public
public
_____ is a desktop and application virtualization service that enables the use of a cloud-hosted version of Windows from any location
An availability set
Azure Spot Virtual Machines
Azure Virtual Desktop
Azure Virtual Machine Scale Sets
Azure Virtual Desktop
You have 1,000 virtual machines hosted on the Hyper-V hosts in a data center.
You plan to migrate all the virtual machines to an Azure pay-as-you-go subscription.
You need to identify which expenditure model to use for the planned Azure solution.
Which expenditure model should you identify?
A.
operational
B.
elastic
C.
capital
D.
scalable
operational
Fault tolerance
Disaster recovery
Dynamic scalability
Latency
Your company has an on-premises network that contains multiple servers.
The company plans to reduce the following administrative responsibilities:
✑ Backing up application data
✑ Replacing failed server hardware
✑ Managing physical server security
✑ Updating server operating systems
✑ Managing permissions to shared documents
The company plans to migrate servers to Azure virtual machines.
You need to identify which administrative responsibilities will be eliminated after the planned migration.
Which two responsibilities should you identify? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Replacing failed server hardware
B.
Backing up application data
C.
Managing physical server security
D.
Updating server operating systems
E.
Managing permissions to shared documents
Replacing failed server hardware
Managing physical server security
Azure Pay-As-You-Go pricing is an example of CapEx?
No
Paying electricity for your datacenter is an example of OpEx?
Yes
Deploying your own datacenter is an example of CapEx?
Yes
You plan to provision Infrastructure as a Service (IaaS) resources in Azure.
Which resource is an example of IaaS?
A.
an Azure web app
B.
an Azure virtual machine
C.
an Azure logic app
D.
an Azure SQL database
an Azure virtual machine
You are tasked with deploying Azure virtual machines for your company.
You need to make use of the appropriate cloud deployment solution.
Solution: You should make use of Infrastructure as a Service (IaaS).
Does the solution meet the goal?
A.
Yes
B.
No
Yes
To which cloud models can you deploy physical servers?
A.
private cloud and hybrid cloud only
B.
private cloud only
C.
private cloud, hybrid cloud and public cloud
D.
hybrid cloud only
private cloud and hybrid cloud only
You have 50 virtual machines hosted on-premises and 50 virtual machines hosted in Azure. The on-premises virtual machines and the Azure virtual machines connect to each other.
Which type of cloud model is this?
A.
hybrid
B.
private
C.
public
hybrid
Your company plans to migrate all its data and resources to Azure.
The company’s migration plan states that only Platform as a Service (PaaS) solutions must be used in Azure.
You need to deploy an Azure environment that meets the company migration plan.
Solution: You create Azure virtual machines, Azure SQL databases, and Azure Storage accounts.
Does this meet the goal?
A.
Yes
B.
No
No
Your company plans to deploy several custom applications to Azure. The applications will provide invoicing services to the customers of the company. Each application will have several prerequisite applications and services installed.
You need to recommend a cloud deployment solution for all the applications.
What should you recommend?
A.
Software as a Service (SaaS)
B.
Platform as a Service (PaaS)
C.
Infrastructure as a Service (laaS)
Infrastructure as a Service (laaS)
Azure Backup is an example of platform as a service (PaaS)?
Yes
Your developers have created 10 web applications that must be host on Azure.
You need to determine which Azure web tier plan to host the web apps. The web tier plan must meet the following requirements:
✑ The web apps will use custom domains.
✑ The web apps each require 10 GB of storage.
✑ The web apps must each run in dedicated compute instances.
✑ Load balancing between instances must be included.
✑ Costs must be minimized.
Which web tier plan should you use?
A.
Standard
B.
Basic
C.
Free
D.
Shared
Standard
You can create a resource group inside of another resource group?
No
An Azure virtual machine can be in multiple resource groups?
No
A resource group can contain resources from multiple Azure regions?
Yes
You can assign a _____
to every Azure resource.
blueprint
lock
policy
service endpoint
lock
Your company plans to migrate all its data and resources to Azure.
The company’s migration plan states that only Platform as a Service (PaaS) solutions must be used in Azure.
You need to deploy an Azure environment that meets the company’s migration plan.
What should you create?
A.
Azure virtual machines, Azure SQL databases, and Azure Storage accounts.
B.
an Azure App Service and Azure virtual machines that have Microsoft SQL Server installed.
C.
an Azure App Service and Azure SQL databases.
D.
Azure storage accounts and web server in Azure virtual machines.
an Azure App Service and Azure SQL databases.
What does a customer provide in a software as a service (SaaS) model?
A.
application data
B.
data storage
C.
compute resources
D.
application software
application data
What is the first stage in the Microsoft Cloud Adoption Framework for Azure?
A.
Adopt the cloud.
B.
Make a plan.
C.
Ready your organization.
D.
Define your strategy.
Define your strategy.
You are planning to migrate a company to Azure. Each of the company’s numerous divisions will have an administrator in place to manage the Azure resources used by their respective division.
You want to make sure that the Azure deployment you employ allows for Azure to be segmented for the divisions, while keeping administrative effort to a minimum.
Solution: You plan to make use of several Azure Active Directory (Azure AD) directories.
Does the solution meet the goal?
A.
Yes
B.
No
No
PaaS
IaaS
When you are implementing a Software as a Service (Saas) solution you are responsible for:
configuring high availability
defining scalability rules
installing the SaaS solution
configuring the SaaS solution
configuring the SaaS solution
Your developers have created a portal web app for users in the Miami branch office. The web app will be publicly accessible and used by the Miami users to retrieve customer and product information. The web app is currently running in an on-premises test environment.
You plan to host the web app on Azure.
You need to determine which Azure web tier plan to host the web app. The web tier plan must meet the following requirements:
✑ The website will use the miami.weyland.com URL.
✑ The website will be deployed to two instances.
✑ SSL support must be included.
✑ The website requires 12 GB of storage.
✑ Costs must be minimized.
Which web tier plan should you use?
A.
Standard
B.
Basic
C.
Free
D.
Shared
Standard
Which term represents the ability to increase the computing capacity of a virtual machine by adding memory or CPUs?
A.
agility
B.
vertical scaling
C.
horizontal scaling
D.
elasticity
vertical scaling
What are two benefits of cloud computing? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
enables the rapid provisioning of resources
B.
has increased administrative complexity
C.
has the same configuration options as on-premises
D.
shifts capital expenditures (CAPEX) to operating expenditures (OPEX)
enables the rapid provisioning of resources
shifts capital expenditures (CAPEX) to operating expenditures (OPEX)
What is a feature of an Azure virtual network?
A.
resource cost analysis
B.
packet inspection
C.
geo-redundancy
D.
isolation and segmentation
isolation and segmentation
You need to identify the type of failure for which an Azure Availability Zone can be used to protect access to Azure services.
What should you identify?
A.
a physical server failure
B.
an Azure region failure
C.
a storage failure
D.
an Azure data center failure
an Azure data center failure
You plan to extend your company’s network to Azure.
The network contains a VPN appliance that uses an IP address of 131.107.200.1.
You need to create an Azure resource that defines the VPN appliance in Azure.
Which Azure resource should you create? To answer, select the appropriate resource in the answer area.
Services
NAT gateways
Application gateways
Local network gateways
Virtual network gateways
On-premises Data Gateways
Azure Data Box Gateway
Azure Stack Edge / Data Box Gateway
Web Application Firewall policies
Local network gateways
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more resource groups.
Does this meet the goal?
A.
Yes
B.
No
No
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to a scale set.
Does this meet the goal?
A.
Yes
B.
No
No
Azure Advisor provides personalized recommendations?
Yes
Azure Advisor can provide cost recommendations for virtual machines?
Yes
Azure Advisor can provide recommendations across multiple Azure subscriptions?
Yes
You must have physical servers to use cloud computing?
No
You must have internet connectivity to use cloud computing?
Yes
The costs to increase cloud computing capacity are less than the costs to increase the computing capacity of an on-premises datacenter?
Yes
A company can extend an internal network by adding its own physical servers to the public cloud?
No
A private cloud must be disconnected from the internet?
No
Part of a hybrid cloud is the public cloud?
Yes
Cloud computing provides elastic scalability?
Yes
Customers can minimize capital expenditure (CapEx) by using a public cloud?
Yes
Cloud computing leverages virtualization to provide services to multiple customers simultaneously?
Yes
Azure Files is an example of infrastructure as a service (laaS)?
No
A DNS server that runs on an Azure virtual machine is an example of platform as a service (PaaS)?
No
Microsoft Intune is an example of software as a service (Saas)?
Yes
Microsoft SQL Server 2019 installed on an Azure virtual machine is an example of platform as a service (PaaS)?
No
Azure SQL Database is an example of platform as a service (PaaS)?
Yes
Azure Cosmos DB is an example of software as a service (Saas)?
No
A platform as a service (PaaS) solution that hosts web apps in Azure provides full control of the operating systems that host applications?
No
A Platform as a Service (PaaS) solution that hosts web apps in Azure can be provided with additional memory by changing the pricing tier?
Yes
A Platform as a Service (PaaS) solution that hosts web apps in Azure can be configured to automatically scale the number of instances based on demand?
Yes
From the Azure portal, you can distinguish between services that are generally available and services that are in public preview?
Yes
After an Azure service becomes generally available, the service is no longer updated with new features?
No
When you create Azure resources for a service in public preview, you must recreate the resources once the service becomes generally available?
No
When using an Azure ExpressRoute connection, inbound data traffic from an on-premises network to Azure is always free?
Yes
Outbound data traffic from Azure to an on-premises network is always free?
No
Data traffic between Azure services within the same Azure region is always free?
Yes
Storing 1 TB of data in Azure Blob storage will always cost the same, regardless of the Azure region in which the data is located?
No
When you use a general-purpose v2 Azure Storage account, you are only charged for the amount of data that is stored. All read and write operations are free?
No
Transferring data between Azure Storage accounts in different Azure regions is free?
No
In Azure Active Directory Premium P2, at least 99.9 percent availability is guaranteed?
Yes
The Service Level Agreement (SLA) for Azure Active Directory Premium P2 is the same as the SLA for Azure Active Directory Free?
No
All paying Azure customers receive a credit if their monthly uptime percentage is below the guaranteed amount in the Service Level Agreement (SLA)?
Yes
Adding resource groups in an Azure subscription generates additional costs?
No
Copying 10 GB of data to Azure from an on- premises network over a VPN generates additional Azure data transfer costs?
No
Copying 10 GB of data from Azure to an on-premises network over a VPN generates additional Azure data transfer costs?
Yes
A platform as a service (PaaS) solution that hosts web apps in Azure provides full control of the operating systems that host applications?
No
A platform as a service (PaaS) solution that hosts web apps in Azure provides the ability to scale the platform automatically ?
Yes
A platform as a service (PaaS) solution that hosts web apps in Azure provides professional development services to continuously add features to custom applications?
Yes
To implement a hybrid cloud model, a company must have an internal network?
Yes
A company can extend the computing resources of its internal network by using a hybrid cloud?
Yes
In a public cloud model, only guest users at your company can access the resources in the cloud?
No
A Platform as a Service (PaaS) solution provides full control of operating systems that host applications?
No
A Platform as a Service (PaaS) solution provides additional memory to apps by changing pricing tiers?
Yes
A Platform as a Service (PaaS) solution can automatically scale the number of instances?
Yes
A company can extend a private cloud by adding its own physical servers to the public cloud?
No
To build a hybrid cloud, you must deploy resources to the public cloud?
Yes
A private cloud must be disconnected from the internet?
No
The Archive access tier for Azure Storage can be set at the account level?
No
The Cool access tier offers the lowest costs for storing blobs in Azure Storage?
No
After blobs are uploaded to an Azure Storage container, the access tier of the storage account can be changed?
Yes
Premium storage accounts can be configured as Azure file shares?
Yes
Premium storage accounts can be configured as block blobs storage?
Yes
Premium storage accounts can be configured as StorageV2 storage?
No
You can deploy Azure Resource Manager (ARM) templates by using the Azure portal?
Yes
Azure Resource Manager (ARM) templates can define infrastructure by using code?
Yes
Each Azure resource to be deployed requires a separate Azure Resource Manager (ARM) template?
No
An Azure Virtual Desktop session host can run Windows 10 or Windows 11 only?
No
An Azure Virtual Desktop host pool that includes 20 session hosts supports maximum of 20 simultaneous user connections?
No
Azure Virtual Desktop supports desktop and app virtualization?
Yes
In an Azure virtual machine scale set, the virtual machines are configured identically?
Yes
The number of Azure virtual machines in a virtual machine scale set can increase automatically?
Yes
The number of Azure virtual machines in a virtual machine scale set can decrease automatically?
Yes
You can have two Azure Storage accounts that have the same name in the same Azure subscription?
No
You can have two Azure Storage accounts that have the same name in different Azure regions?
No
You can have two Azure Storage accounts that have the same name in two different Azure subscriptions?
No
You can assign an Azure policy to a virtual machine?
Yes
If an Azure policy is assigned to a resource group, noncompliant resources are removed from the group?
No
If an Azure policy is assigned to a resource group, only compliant resources can be deployed to the group?
Yes
For the platform as a service (PaaS) cloud service, updating the operating system is the responsibility of the customer?
No
For the infrastructure as a service (laaS) cloud service, network control is the responsibility of Microsoft?
No
For the software as a service (Saas) cloud service, identity management is a shared responsibility between the customer and Microsoft?
Yes
Creating and configuring a virtual network is part of the platform as a service (PaaS) cloud service model?
No
In the platform as a service (PaaS) cloud service model, updating code for an Azure
web app is the customer’s responsibility?
Yes
Configuring user access to a platform as a service (PaaS) cloud service model is the customer’s responsibility?
Yes
If your company uses an Azure free account, you will only be able to use a subset of Azure services?
No
All Azure free accounts expire after a specific period?
Yes
You can create up to 10 Azure free accounts by using the same Microsoft account?
No
Azure provides flexibility between capital expenditure (CapEx) and operational expenditure (OpEx)?
Yes
If you create two Azure virtual machines that use the B2S size, each virtual machine will
always generate the same monthly costs?
No
When an Azure virtual machine is stopped, you continue to pay storage costs associated to the virtual machine?
Yes
A company has complete control of the resources and security for its private cloud?
Yes
A hybrid cloud solution enables a company to control whether its applications run on-premises or in the cloud?
Yes
Companies are responsible for capital expenditure when they scale up a virtual machine hosted in a public cloud?
No
The cost of outbound traffic from Azure is the same for all Azure regions?
No
Purchasing Azure services through an Enterprise Agreement (EA) requires you to spend a predetermined amount?
Yes
Microsoft defines the pricing structure of all third-party services sold through Azure Marketplace?
No
Pay-As-You-Go (PAYG) is a consumption-based model?
Yes
Payments to cloud service providers are considered capital expenditures (CapEx)?
No
The services provided through a consumption-based modelare considered operational expenditures (OpEx)?
Yes
All Azure services in private preview must be accessed by using a separate Azure portal?
No
Azure services in public preview can be used in production environments?
Yes
Azure services in public preview are subject to a Service Level Agreement (SLA)?
No
A Standard support plan is included in an Azure free account?
No
A Premier support plan can only be purchased by companies that have an Enterprise Agreement (EA)?
Yes
Support from MSDN forums is only provided to companies that have a pay-as-you-go subscription?
No
Support from MSDN forums is only provided to companies that have a pay-as-you-go subscription?
No
You can convert the Azure subscription of your company from Free Trial to Pay-As-You-Go?
Yes
The Azure spending limit is fixed and cannot be increased or decreased?
No
With Azure Reservations, you pay less for virtual machines than with pay-as-you-go pricing?
Yes
Two Azure virtual machines that use the B2S size have the same monthly costs?
No
When an Azure virtual machine is stopped, you continue to pay storage costs for the virtual machine?
Yes
By creating additional resource groups in an Azure subscription, additional costs are incurred?
No
By copying several gigabits of data to Azure from an on-premises network over a VPN, additional data transfer costs are incurred?
No
By copying several GB of data from Azure to an on-premises network over a VPN, additional data transfer costs are incurred?
Yes
Microsoft Defender for Cloud can monitor Azure resources and on-premises resources?
No
All Microsoft Defender for Cloud features are free?
Yes
For Microsoft Defender for Cloud, you can download a Regulatory Compliance report?
Yes
Cloud computing offers lower capital expenditure (CAPEX) costs than on-premises deployments?
Yes
Cloud computing provides the same configuration options as on-premises deployments?
Yes
Cloud computing can scale when a business requires change?
Yes
Azure Functions is an example of a platform as a service (PaaS) cloud service model?
No
Microsoft 365 is an example of a software as a service (Saas) cloud service model?
Yes
An Azure virtual machine is an example of an infrastructure as a service (laaS) cloud service model?
Yes
Azure virtual networks deployed to the same Azure region are connected by default?
No
Virtual networks created in the same resource group must have unique names?
Yes
The Azure virtual network’s address space must be unique within a subscription?
Yes
