AZ-900 Flashcards
Your company intends to subscribe to an Azure support plan.
The support plan must allow for new support requests to be opened.
Which of the following are support plans that will allow this? Answer by dragging the correct option from the list to the answer area.
BASIC
DEVELOPER
STANDARD
PROFESSIONAL DIRECT
Your company is planning to migrate all their virtual machines to an Azure pay-as-you-go subscription. The virtual machines are currently hosted on the Hyper-V hosts in a data center.
You are required make sure that the intended Azure solution uses the correct expenditure model.
Solution: You should recommend the use of the elastic expenditure model.
Does the solution meet the goal?
A.
Yes
B.
No
No
An Azure subscription can be associated to multiple Azure Active Directory (Azure AD) tenants?
No
You can change the Azure Active Directory (Azure AD) tenant to which an Azure subscription is associated?
Yes
This process is known as transferring a subscription to a different Azure AD tenant.
When an Azure subscription expires, the associated Azure Active Directory (Azure AD) tenant is deleted automatically?
No
Resource groups provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
Management groups
C.
Azure policies
D.
Azure App Service plans
Management groups
Your company plans to migrate to Azure.
The company has several departments. All the Azure resources used by each department will be managed by a department administrator.
What are two possible techniques to segment Azure for the departments? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
multiple subscriptions
B.
multiple Azure Active Directory (Azure AD) directories
C.
multiple regions
D.
multiple resource groups
multiple subscriptions
multiple resource groups
A single Microsoft account can be used to manage multiple Azure subscriptions?
Yes
Two Azure subscriptions can be merged into a single subscription?
No
A company can use resources from multiple subscriptions?
Yes
You have several virtual machines in an Azure subscription.
You create a new subscription.
The virtual machines cannot be moved to the new subscription.
The virtual machines can be moved to the new subscription.
The virtual machines can be moved to the new subscription only if they are
all in the same resource group.
The virtual machines can be moved to the new subscription only if they run
Windows Server 2016.
The virtual machines can be moved to the new subscription.
You have an Azure environment that contains multiple Azure virtual machines.
You plan to implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines.
You need to recommend which Azure resources must be created for the planned solution.
Which two Azure resources should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.
a virtual network gateway
B.
a load balancer
C.
an application gateway
D.
a virtual network
E.
a gateway subnet
a virtual network gateway
a virtual network
You attempt to create several managed Microsoft SQL Server instances in an Azure environment and receive a message that you must increase your Azure subscription limits.
What should you do to increase the limits?
A.
Create a service health alert
B.
Upgrade your support plan
C.
Modify an Azure policy
D.
Create a new support request
Create a new support request
Each Azure subscription can contain multiple account administrators?
No
Each Azure subscription can be managed by using a Microsoft account only?
No
An Azure resource group contains multiple Azure subscriptions?
No
Availability zones can be implemented in all Azure regions?
No
Only virtual machines that run Windows Server can be created in availability zones?
No
Availability zones are used to replicate data and applications to multiple regions?
No
You plan to create an Azure virtual machine.
You need to identify which storage service must be used to store the unmanaged data disks of the virtual machine.
What should you identify? To answer, select the appropriate service in the answer area.
Hot Area:
Containers
Your company is planning to migrate all their virtual machines to an Azure pay-as-you-go subscription. The virtual machines are currently hosted on the Hyper-V hosts in a data center.
You are required make sure that the intended Azure solution uses the correct expenditure model.
Solution: You should recommend the use of the scalable expenditure model.
Does the solution meet the goal?
A.
Yes
B.
No
No
Your company plans to move several servers to Azure.
The company’s compliance policy states that a server named FinServer must be on a separate network segment.
You are evaluating which Azure services can be used to meet the compliance policy requirements.
Which Azure solution should you recommend?
A.
a resource group for FinServer and another resource group for all the other servers
B.
a virtual network for FinServer and another virtual network for all the other servers
C.
a VPN for FinServer and a virtual network gateway for each other server
D.
one resource group for all the servers and a resource lock for FinServer
a virtual network for FinServer and another virtual network for all the other servers
You plan to map a network drive from several computers that run Windows 10 to Azure Storage.
You need to create a storage solution in Azure for the planned mapped drive.
What should you create?
A.
an Azure SQL database
B.
a virtual machine data disk
C.
a File service in a storage account
D.
a Blob service in a storage account
a File service in a storage account
You plan to implement an Azure database solution.
You need to implement a database solution that meets the following requirements:
✑ Can add data concurrently from multiple regions
✑ Can store JSON documents
Which database service should you deploy? To answer, select the appropriate service in the answer area.
Azure Cosmos DB
Your company plans to start using Azure and will migrate all its network resources to Azure.
You need to start the planning process by exploring Azure.
What should you create first?
A.
a subscription
B.
a resource group
C.
a virtual network
D.
a management group
a subscription
All the Azure resources deployed to a resource group must use the same Azure region?
No
If you assign a tag to a resource group, all the Azure resources in that resource group are assigned to the same tag?
No
If you assign permissions for a user to manage resource group, the user can manage all the Azure resources in that resource group?
Yes
Data that is stored in the Archive access tier of an Azure Storage account:
can be accessed at any time by using azcopy.exe.
can only be read by using Azure Backup.
must be restored before the data can be accessed.
must be rehydrated before the data can be accessed.
must be rehydrated before the data can be accessed.
You plan to deploy a critical line-of-business application to Azure.
The application will run on an Azure virtual machine.
You need to recommend a deployment solution for the application. The solution must provide a guaranteed availability of 99.99 percent.
What is the minimum number of virtual machines and the minimum number of availability zones you should recommend for the deployment? To answer, select the appropriate options in the answer area.
2
2
Which Azure service should you use to collect events from multiple resources into a centralized repository?
A.
Azure Event Hubs
B.
Azure Analysis Services
C.
Azure Monitor
D.
Azure Stream Analytics
Azure Event Hubs
An Availability Zone in Azure has physically separate locations:
across two continents.
within a single Azure region.
within multiple Azure regions.
within a single Azure datacenter.
within a single Azure region.
Data that is stored in an Azure Storage account automatically has at least three copies?
Yes
All data that is copied to an Azure Storage account is backed up automatically to another Azure data center?
No
An Azure Storage account can contain up to 2 TB of data and up to one million files?
No
Your company is planning to migrate all their virtual machines to an Azure pay-as-you-go subscription. The virtual machines are currently hosted on the Hyper-V hosts in a data center.
You are required make sure that the intended Azure solution uses the correct expenditure model.
Solution: You should recommend the use of the operational expenditure model.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
If you have Azure resources deployed to every region, you can implement availability zones in all the regions?
No
Only virtual machines that run Windows Server can be created in availability zones?
No
Availability zones are used to replicate data and applications to multiple regions?
No
North America is represented by a single Azure region?
No
Every Azure region has multiple datacenters?
Yes
Data transfers between Azure services located in different Azure regions are always free?
No
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more scale sets.
Does this meet the goal?
A.
Yes
B.
No
No
You need to be notified when Microsoft plans to perform maintenance that can affect the resources deployed to an Azure subscription.
What should you use?
A.
Azure Monitor
B.
Azure Service Health
C.
Azure Advisor
D.
Microsoft Trust Center
Azure Service Health
Match the Azure Services service to the correct description.
Instructions: To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
IoT Hub
IoT Central
Azure Sphere
A Windows Virtual Desktop session host can run Windows 10 only?
No
A Windows Virtual Desktop host pool that includes 20 session hosts supports a maximum of 20 simultaneous user connections?
No
Windows Virtual Desktop supports desktop and app virtualization?
Yes
_____ can calculate cost savings due to reduced electricity consumption as a result of migrating on-premises Microsoft SQL servers to Azure.
The Azure Migrate: Server Assessment tool
The Azure Total Cost of Ownership (TCO) calculator
The Database Migration Assistant
The pricing calculator in Azure
The Azure Total Cost of Ownership (TCO) calculator
An Azure subscription can have multiple account administrators?
No
An Azure subscription can be managed by using a Microsoft account only?
No
An Azure resource group can contain multiple Azure subscriptions?
No
A cloud service that supports a maximum of 20 instances is more _____ than a service that supports a maximum of five instances
distributed
scalable
secure
scalable
You are required to deploy an Artificial Intelligence (AI) solution in Azure.
You want to make sure that you are able to build, test, and deploy predictive analytics for the solution.
Solution: You should make use of Azure Cosmos DB.
Does the solution meet the goal?
A.
Yes
B.
No
No
To use Azure Active Directory (Azure AD) credentials to sign in to a computer that
runs Windows 10, the computer must be joined to Azure AD?
Yes
Users in Azure Active Directory (Azure AD) are organized by using resource groups?
No
Azure Active Directory (Azure AD) groups support dynamic membership rules?
Yes
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines remain available if a single data center fails.
What are two possible solutions? Each correct answer presents a complete solution.
A.
Deploy the virtual machines to two or more availability zones.
B.
Deploy the virtual machines to two or more resource groups.
C.
Deploy the virtual machines to a scale set.
D.
Deploy the virtual machines to two or more regions.
Deploy the virtual machines to two or more availability zones.
Deploy the virtual machines to two or more regions.
You plan to deploy 20 virtual machines to an Azure environment. To ensure that a virtual machine named VMI cannot connect to the other virtual machines, VM1 must:
be deployed to a separate virtual network.
run a different operating system than the other virtual machines.
be deployed to a separate resource group.
have two network interfaces.
be deployed to a separate virtual network.
Match the Azure service to the appropriate description.
To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
azure synapse analytics
Azure cosmos
Azure HDInsight
The Archive access tier is set at the storage account level?
No
The Archive access tier is set at the individual blob level. While the Hot and Cool access tiers can be set at the storage account level.
The Hot access tier is recommended for data that is accessed and modified frequently?
Yes
The Cool access tier is recommended for long term backups?
No
What is the most severe failure from which an Azure Availability Zone can be used to protect access to Azure service?
A.
a physical server failure
B.
an Azure region failure
C.
a storage failure
D.
an Azure data center failure
an Azure data center failure
You need to purchase a third-party virtual security appliance that you will deploy to an Azure subscription.
What should you use?
A.
Azure subscriptions
B.
Azure Security Center
C.
Azure Marketplace
D.
Microsoft Store
Azure Marketplace
Match the serverless solution to the correct characteristic.
To answer, drag the appropriate serverless solution from the column on the left to its characteristic on the right. Each serverless solution may be used once, more than once, or not at all.
Azure Functions
Logic Apps
Logic Apps
Match the Azure governance feature to the correct description.
Policy = Restrict
Tag = Identify
BP = Deploy
An Availability Zone in Azure has
physically separate locations:
across two continents
within a single Azure region
within multiple Azure regions
within a single Azure datacenter
within a single Azure region
Your company’s Active Directory forest includes thousands of user accounts.
You have been informed that all network resources will be migrated to Azure. Thereafter, the on-premises data center will be retired.
You are required to employ a strategy that reduces the effect on users, once the planned migration has been completed.
Solution: You plan to sync all the Active Directory user accounts to Azure Active Directory (Azure AD).
Does the solution meet the goal?
A.
Yes
B.
No
Yes
Match the Azure services to the correct descriptions.
- Azure VM
- Azure Container Instances: Provide portable environment for virtualized applications
- Azure App Service: Used to build, deploy, and scale web apps.
- Azure Functions: Provide a platform for serverless code.
You have several virtual machines in an Azure subscription. You create a new subscription.
The virtual machines cannot be moved to the new subscription.
The virtual machines can be moved to the new subscription.
The virtual machines can be moved to the new subscription only if they are all in the same resource group.
The virtual machines can be moved to the new subscription only if they run Windows Server 2019
The virtual machines can be moved to the new subscription.
You need to purchase a third-party virtual security appliance that you will deploy to an Azure subscription.
What should you use?
A.
Azure subscriptions
B.
Microsoft Defender for Cloud
C.
Azure Marketplace
D.
Microsoft Store
Azure Marketplace
You plan to deploy a service to Azure virtual machines.
You need to ensure that the service will be available if a datacenter fails.
What should you use as part of the virtual machine deployment?
A.
availability sets
B.
proximity placement groups
C.
host groups
D.
availability zones
availability zones
_____ is a highly secure loT solution that includes a microcontroller unit (MCU) and a customized Linux operating system.
Azure Arc
Azure loT Central
Azure loT Hub
Azure Sphere
Azure Sphere
Your company has an Azure subscription that contains resources in several regions.
You need to ensure that administrators can only create resources in those regions.
What should you use?
A.
a read-only lock
B.
an Azure policy
C.
a management group
D.
a reservation
an Azure policy
An Azure region:
contains one or more data centers that are connected by using a low-latency network.
is found in each country where Microsoft has a subsidiary office.
can be found in every country in Europe and the Americas only.
contains one or more data centers that are
connected by using a high-latency network.
contains one or more data centers that are connected by using a low-latency network.
You can use the Azure File Sync agent to sync on-premises data to an Azure:
blob container.
Data Lake Storage container.
file share.
queue.
file share
What is the function of a Site-to-Site VPN?
A.
provides a secure connection between a computer on a public network and the corporate network
B.
provides a dedicated private connection to Azure that does NOT travel over the internet
C.
provides a connection from an on-premises VPN device to an Azure VPN gateway
provides a connection from an on-premises VPN device to an Azure VPN gateway
Match the cloud service models to the appropriate offerings.
PaaS
IaaS
SaaS
You are required to deploy an Artificial Intelligence (AI) solution in Azure.
You want to make sure that you are able to build, test, and deploy predictive analytics for the solution.
Solution: You should make use of Azure Machine Learning Studio.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
Match the cloud service models to the appropriate solutions.
IaaS
SaaS
PaaS
You need to manage containers.
Which two services can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Azure Virtual Desktop
B.
Azure virtual machines
C.
Azure Functions
D.
Azure Container Instances
E.
Azure Kubernetes Service (AKS)
Azure Container Instances
Azure Kubernetes Service (AKS)
When you need to delegate permissions to several Azure virtual machines simultaneously, you must deploy the Azure virtual machines _____:
to the same Azure region.
by using the same Azure Resource Manager template.
to the same resource group.
to the same availability zone.
to the same resource group.
In Azure, a resource group is a container that holds related resources for an Azure solution. By deploying virtual machines to the same resource group, you can manage permissions and access control policies efficiently across all those VMs. This allows you to apply Role-Based Access Control (RBAC) at the resource group level, simplifying the management of permissions for multiple resources.
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more availability zones.
Does this meet the goal?
A.
Yes
B.
No
Yes
This question requires that you evaluate the underlined text to determine if it is correct.
One of the benefits of Azure SQL Data Warehouse is that high availability is built into the platform.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
automatic scaling
C.
data compression
D.
versioning
No change is needed
You plan to deploy several Azure virtual machines.
You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more regions.
Does this meet the goal?
A.
Yes
B.
No
Yes
An Azure container instance is an example of an Azure _____:
compute service.
identity service.
networking service.
storage service.
compute service.
At which OSI layer does ExpressRoute operate?
A.
Layer 2
B.
Layer 3
C.
Layer 5
D.
Layer 7
Layer 3
Application Insights is a feature of:
Azure Advisor.
Azure Application Gateway.
Azure Arc.
Azure Monitor.
Azure Monitor
Azure resources can only access other resources in the same resource group?
No
If you delete a resource group, all the resources in the resource group will be deleted?
Yes
A resource group can contain resources from multiple Azure regions?
Yes
Your company’s infrastructure includes a number of business units that each need a large number of various Azure resources for everyday operation.
The resources required by each business unit are identical.
You are required to sanction a strategy to create Azure resources automatically.
Solution: You recommend that the Azure API Management service be included in the strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
You plan to store 20 TB of data in Azure. The data will be accessed infrequently and visualized by using Microsoft Power BI.
You need to recommend a storage solution for the data.
Which two solutions should you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Azure Data Lake
B.
Azure Cosmos DB
C.
Azure SQL Data Warehouse
D.
Azure SQL Database
E.
Azure Database for PostgreSQL
Azure Data Lake
Azure SQL Data Warehouse/Synapse
You have an Azure environment that contains 10 web apps. To which URL should you connect to manage all the Azure resources? To answer, select the appropriate options in the answer area.
portal.azure
Arrange the storage account redundancy options from the least redundant to the most redundant. To answer, move all options from the list of options to the answer area and arrange them in the correct order.
Locally-redundant storage (LRS)
Zone-redundant storage (ZRS)
Geo-redundant storage (GRS)
Azure Blob Storage is a _____
data store for queuing and reliably delivering messages between applications.
file share that can be mapped as a network drive.
key/attribute store for non-relational, structured data.
storage service optimized for very large objects, such as video files and bitmaps.
storage service optimized for very large objects, such as video files and bitmaps.
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs Linux and has the Azure CLI tools installed.
Does this meet the goal?
A.
Yes
B.
No
No
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs Chrome OS and uses Azure Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
From Azure Service Health, an administrator can view the health of all the services in an Azure environment?
Yes
From Azure Service Health, an administrator can create a rule to be alerted if an Azure service fails?
Yes
From Azure Service Health, an administrator can prevent a service failure?
No
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs macOS and has PowerShell Core 6.0 installed.
Does this meet the goal?
A.
Yes
B.
No
No
You need to view a list of planned maintenance events that can affect the availability of an Azure subscription.
Which blade should you use from the Azure portal? To answer, select the appropriate blade in the answer area.
In the left-hand navigation menu, search for and select “Service Health.”
In the Service Health blade, you can view “Planned Maintenance” events, along with other notifications related to the status of Azure services.
Match the Azure service to the correct definition.
DevOps = code deploy
Advisor = guidance
Cognitive = Intelligence
Insight = Monitor
Your company’s infrastructure includes a number of business units that each need a large number of various Azure resources for everyday operation.
The resources required by each business unit are identical.
You are required to sanction a strategy to create Azure resources automatically.
Solution: You recommend that management groups be included in the strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
Match the Azure service to the correct description.
Azure SQL Database
Azure SQL Synapse Analytics
Azure Data Lake Analytics
Azure HDInsight.
You need to identify which blades in the Azure portal must be used to perform the following tasks:
✑ View security recommendations.
✑ Monitor the health of Azure services.
✑ Browse available virtual machine images.
Which blade should you identify for each task? To answer, select the appropriate options in the answer area.
Monitor
Marketplace
Advisor
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use Bash in Azure Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an on-premises application that sends email notifications automatically based on a rule.
You plan to migrate the application to Azure.
You need to recommend a serverless computing solution for the application.
What should you include in the recommendation?
A.
a web app
B.
a server image in Azure Marketplace
C.
a logic app
D.
an API app
a logic app
You plan to deploy a website to Azure. The website will be accessed by users worldwide and will host large video files.
You need to recommend which Azure feature must be used to provide the best video playback experience.
What should you recommend?
A.
an application gateway
B.
an Azure ExpressRoute circuit
C.
a content delivery network (CDN)
D.
an Azure Traffic Manager profile
a content delivery network (CDN)
Your company plans to deploy several million sensors that will upload data to Azure.
You need to identify which Azure resources must be created to support the planned solution.
Which two Azure resources should you identify? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.
Azure Data Lake
B.
Azure Queue storage
C.
Azure File Storage
D.
Azure IoT Hub
E.
Azure Notification Hubs
Azure Data Lake
Azure IoT Hub
You have an Azure web app.
You need to manage the settings of the web app from an iPhone.
What are two Azure management tools that you can use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Azure CLI
B.
the Azure portal
C.
Azure Cloud Shell
D.
Windows PowerShell
E.
Azure Storage Explorer
the Azure portal
Azure Cloud Shell
Your company plans to deploy an Artificial Intelligence (AI) solution in Azure.
What should the company use to build, test, and deploy predictive analytics solutions?
A.
Azure Logic Apps
B.
Azure Machine Learning Designer
C.
Azure Batch
D.
Azure Cosmos DB
Azure Machine Learning Designer
Azure Advisor can generate a list of Azure virtual machines that are protected by
Azure Backup?
No
If you implement the security recommendations provided by Azure Advisor, your company’s secure score will decrease?
No
To maintain Microsoft support, you must implement the security recommendations
provided by Azure Advisor within a period of 30 days?
No
What can you use to automatically send an alert if an administrator stops an Azure virtual machine?
A.
Azure Advisor
B.
Azure Service Health
C.
Azure Monitor
D.
Azure Network Watcher
Azure Monitor
Your company’s infrastructure includes a number of business units that each need a large number of various Azure resources for everyday operation.
The resources required by each business unit are identical.
You are required to sanction a strategy to create Azure resources automatically.
Solution: You recommend that the Azure Resource Manager templates be included in the strategy.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
Match the Azure services to the correct descriptions.
Azure SQL Synapse Analytics
Azure Machine Learning
Azure Functions
IoT Hub
You have an Azure environment.
You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
What are three possible solutions? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Use Bash in Azure Cloud Shell.
B.
Use PowerShell in Azure Cloud Shell.
C.
Use the PowerApps portal.
D.
Use the Security & Compliance admin center.
E.
Use the Azure portal.
Use Bash in Azure Cloud Shell.
Use PowerShell in Azure Cloud Shell.
Use the Azure portal.
A team of developers at your company plans to deploy, and then remove, 50 virtual machines each week. All the virtual machines are configured by using Azure
Resource Manager templates.
You need to recommend which Azure service will minimize the administrative effort required to deploy and remove the virtual machines.
What should you recommend?
A.
Azure Reserved Virtual Machine (VM) Instances
B.
Azure DevTest Labs
C.
Azure virtual machine scale sets
D.
Azure Virtual Desktop
Azure DevTest Labs
Azure Advisor provides recommendations on how to improve the security of an Azure Active Directory (Azure AD) environment?
Yes
Azure Advisor provides recommendations on how to reduce the cost of running Azure virtual machines?
Yes
Azure Advisor provides recommendations on how to configure the network settings on Azure virtual machines?
Yes
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From the Azure portal, launch Azure Cloud Shell and select PowerShell. Run the command in Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS
–generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From a computer that runs Windows 10, install Azure CLI. From PowerShell, sign in to Azure and then run the command.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS
–generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From a computer that runs Windows 10, install Azure CLI. From a command prompt, sign in to Azure and then run the command.
Does this meet the goal?
A.
Yes
B.
No
Yes
Azure CLI, Azure Portal, Azure Powershell for all
You can access Compliance Manager
from the ______
Azure Active Directory admin center
Azure portal
Microsoft 365 admin center
Microsoft Service Trust Portal
Azure portal
_____ a common platform for deploying objects to a cloud infrastructure and for implementing consistency across the Azure environment.
Azure policies provide
Resource groups provide
Azure Resource Manager templates provide
Management groups provide
Azure Resource Manager templates provide
You are tasked with deploying a critical LOB application, which will be installed on a virtual machine, to Azure.
You are informed that the application deployment strategy should allow for a guaranteed availability of 99.99 percent. You need to make sure that the strategy requires as little virtual machines and availability zones as possible.
Solution: You include two virtual machines and one availability zone in your strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
Azure Bot
Azure ML
Azure Functions
Azure IoT Hub
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs Windows 10 and has the Azure PowerShell module installed.
Does this meet the goal?
A.
Yes
B.
No
Yes
Azure VM
Azure Container
Azure App
Azure Functions
Which service provides serverless computing in Azure?
A.
Azure Virtual Machines
B.
Azure Functions
C.
Azure storage account
D.
Azure dedicated hosts
Azure Functions
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Which three computers can run the script? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
a computer that runs macOS and has PowerShell Core 6.0 installed.
B.
a computer that runs Windows 10 and has the Azure PowerShell module installed.
C.
a computer that runs Linux and has the Azure PowerShell module installed.
D.
a computer that runs Linux and has the Azure CLI tools installed.
E.
a computer that runs Chrome OS and uses Azure Cloud Shell.
A. a computer that runs macOS and has PowerShell Core 6.0 installed.
B. a computer that runs Windows 10 and has the Azure PowerShell module installed.
C. a computer that runs Linux and has the Azure PowerShell module installed.
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create –resource-group RG1 –name VM1 –image UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From the Azure portal, launch Azure Cloud Shell and select Bash. Run the command in Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
Your company has several business units.
Each business unit requires 20 different Azure resources for daily operation. All the business units require the same type of Azure resources.
You need to recommend a solution to automate the creation of the Azure resources.
What should you include in the recommendations?
A.
Azure Resource Manager templates
B.
virtual machine scale sets
C.
the Azure API Management service
D.
management groups
Azure Resource Manager templates
You can use Azure Cost Management to view costs associated to management groups?
Yes
You can use Azure Cost Management to view costs associated to resource groups?
Yes
You can use Azure Cost Management to view the usage of virtual machines during the last three months?
Yes
What can you use to identify underutilized or unused Azure virtual machines?
A.
Azure Advisor
B.
Azure Cost Management + Billing
C.
Azure reservations
D.
Azure Policy
Azure Advisor
Your company has datacenters in Los Angeles and New York. The company has a Microsoft Azure subscription.
You are configuring the two datacenters as geo-clustered sites for site resiliency.
You need to recommend an Azure storage redundancy option.
You have the following data storage requirements:
✑ Data must be stored on multiple nodes.
✑ Data must be stored on nodes in separate geographic locations.
✑ Data can be read from the secondary location as well as from the primary location
Which of the following Azure stored redundancy options should you recommend?
A.
Geo-redundant storage
B.
Read-only geo-redundant storage
C.
Zone-redundant storage
D.
Locally redundant storage
Read-only geo-redundant storage
You are tasked with deploying a critical LOB application, which will be installed on a virtual machine, to Azure.
You are informed that the application deployment strategy should allow for a guaranteed availability of 99.99 percent. You need to make sure that the strategy requires as little virtual machines and availability zones as possible.
Solution: You include one virtual machine and two availability zones in your strategy.
Does the solution meet the goal?
A.
Yes
B.
No
No
_____ is an Apache Spark-based analytics service:
Azure Databricks
Azure Data Factory
Azure DevOps
Azure Synapse Analytics
Azure Databricks
You must have internet connectivity to manage cloud services?
Yes
You must install a management app to manage cloud services?
No
You can manage cloud services from any modern web browser?
Yes
Serverless —> Functions
big data analysis —> databricks
anomalies —> Insights
Host —> App Service
A team of developers at your company plans to deploy, and then remove, 50 customized virtual machines each week. Thirty of the virtual machines run Windows
Server 2016 and 20 of the virtual machines run Ubuntu Linux.
You need to recommend which Azure service will minimize the administrative effort required to deploy and remove the virtual machines.
What should you recommend?
A.
Azure Reserved Virtual Machines (VM) Instances
B.
Azure virtual machine scale sets
C.
Azure DevTest Labs
D.
Microsoft Managed Desktop
Azure DevTest Labs
Azure PowerShell modules can be installed on macOS?
Yes
Azure Cloud Shell can be accessed from a web browser on a Linux computer?
Yes
The Azure portal can only be accessed from a Windows device?
No
A support engineer plans to perform several Azure management tasks by using the Azure CLI.
You install the CLI on a computer.
You need to tell the support engineer which tools to use to run the CLI.
Which two tools should you instruct the support engineer to use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Command Prompt
B.
Azure Resource Explorer
C.
Windows PowerShell
D.
Windows Defender Firewall
E.
Network and Sharing Center
Command Prompt
Windows PowerShell
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use PowerShell in Azure Cloud Shell.
Does this meet the goal?
A.
Yes
B.
No
Yes
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use the PowerApps portal.
Does this meet the goal?
A.
Yes
B.
No
No
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use the Azure portal.
Does this meet the goal?
A.
Yes
B.
No
Yes
_____ provides in-depth information about security, privacy, compliance offerings, policies, and features across:
The Microsoft 365 Compliance admin center
The Microsoft 365 Defender portal
Microsoft cloud products.
Microsoft Defender for Cloud in the Azure portal
Microsoft Trust Center
Microsoft Trust Center
You can manage an on-premises Windows server as an Azure resource by using:
Azure AD Connect.
Azure Arc.
an Azure Pipelines agent.
Azure VPN Gateway.
Azure Arc.
You can only manage cloud services from Windows devices?
No
You can manage cloud services from the command line?
Yes
You can manage cloud services by using a web browser?
Yes
_____ is an Apache Spark-based analytics service:
Azure Databricks
Azure Data Factory
Azure DevOps
Azure Synapse Analytics
Azure Databricks
Azure Monitor can monitor the performance of on-premises
computers?
Yes
Azure Monitor can send alerts to Azure Active Directory security groups?
No
Azure Monitor can trigger alerts based on data in an Azure Log Analytics?
Yes
Which Azure service provides a set of version control tools to manage code?
A.
Azure Repos
B.
Azure DevTest Labs
C.
Azure Storage
D.
Azure Cosmos DB
Azure Repos
You need to manage Azure by using Azure Cloud Shell.
Which Azure portal icon should you select? To answer, select the appropriate icon in the answer area.
Select the button on top right side which is similar to “>-“ signed.
You have a virtual machine named VM1 that runs Windows Server 2016. VM1 is in the East US Azure region.
Which Azure service should you use from the Azure portal to view service failure notifications that can affect the availability of VM1?
A.
Azure Service Fabric
B.
Azure Monitor
C.
Azure virtual machines
D.
Azure Advisor
Azure Monitor
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify an Azure Traffic Manager profile.
Does this meet the goal?
A.
Yes
B.
No
No
Your company plans to deploy several web servers and several database servers to Azure.
You need to recommend an Azure solution to limit the types of connections from the web servers to the database servers.
What should you include in the recommendation?
A.
network security groups (NSGs)
B.
Azure Service Bus
C.
a local network gateway
D.
a route filter
network security groups (NSGs)
From ______ you can view which user turned off a specific Azure Access Control IAM virtual machine during the last 14 days:
Azure Event Hubs
Azure Activity Log
Azure Service Health
Azure Activity Log
Your company’s developers intend to deploy a large number of custom virtual machines on a weekly basis. They will also be removing these virtual machines during the same week it was deployed. Sixty percent of the virtual machines have Windows Server 2016 installed, while the other forty percent has Ubuntu Linux installed.
You are required to make sure that the administrative effort, needed for this process, is reduced by employing a suitable Azure service.
Solution: You recommend the use of Microsoft Managed Desktop.
Does the solution meet the goal?
A.
Yes
B.
No
No
Which service provides network traffic filtering across multiple Azure subscriptions and virtual networks?
A.
Azure Firewall
B.
an application security group
C.
Azure DDoS protection
D.
a network security group (NSG)
Azure Firewall
Which Azure service should you use to store certificates?
A.
Azure Security Center
B.
an Azure Storage account
C.
Azure Key Vault
D.
Azure Information Protection
Azure Key Vault
Which Azure service can you use as a security information and event management (SIEM) solution?
A.
Azure Analysis Services
B.
Azure Sentinel
C.
Azure Information Protection
D.
Azure Cognitive Services
Azure Sentinel
Azure Sentinel stores collected events in an Azure Storage account?
Yes
Azure Sentinel can remediate incidents
automatically?
Yes
Azure Sentinel can collect Windows Defender Firewall logs from Azure virtual machines?
Yes
Azure Sentinel, Azure Security Center, Azure Key Vault
Azure Firewall will encrypt all the network traffic sent from Azure to the Internet?
No
A network security group (NSG) will encrypt all the network traffic sent
from Azure to the Internet?
No
Azure virtual machines that run Windows Server 2016 can encrypt network traffic sent to the Internet?
No
Azure Security Center can monitor Azure resources and on-premises resources?
Yes
All Azure Security Center features are free?
No
From Azure Security Center, you can download a Regulatory Compliance report?
Yes
You need to complete the defense-in-depth strategy used in a datacenter.
Physical Security (Top)
Perimeter
Application
You have an Azure virtual machine named VM1.
You plan to encrypt VM1 by using Azure Disk Encryption.
Which Azure resource must you create first?
A.
an Azure Storage account
B.
an Azure Key Vault
C.
an Azure Information Protection policy
D.
an Encryption key
an Azure Key Vault
Which resources can be used as a source for a Network security group inbound security rule?
A.
Service Tags only
B.
IP Addresses, Service tags and Application security groups
C.
Application security groups only
D.
IP Addresses only
IP Addresses, Service tags and Application security groups
Your company’s developers intend to deploy a large number of custom virtual machines on a weekly basis. They will also be removing these virtual machines during the same week it was deployed. Sixty percent of the virtual machines have Windows Server 2016 installed, while the other forty percent has Ubuntu Linux installed.
You are required to make sure that the administrative effort, needed for this process, is reduced by employing a suitable Azure service.
Solution: You recommend the use of Azure Reserved Virtual Machines (VM) Instances.
Does the solution meet the goal?
A.
Yes
B.
No
No
Azure Sentinel uses playbooks to:
automatically respond to threats.
collect data from Azure services.
specify how long data is retained.
store passwords and certificates.
automatically respond to threats.
Azure distributed denial of service (DDOS) protection is an example of protection that is implemented at the:
application layer.
compute layer.
networking layer.
perimeter layer.
networking layer.
You have an Azure Sentinel workspace.
You need to automate responses to threats detected by Azure Sentinel.
What should you use?
A.
adaptive network hardening in Azure Security Center
B.
Azure Service Health
C.
Azure Monitor workbooks
D.
adaptive application controls in Azure Security Center
Azure Monitor workbooks.
- Microsoft Sentinel
- Microsoft Defender for Cloud
- Azure Key Vault
Which Azure service can you use as a security information and event management (SIEM) solution?
A.
Azure Analysis Services
B.
Microsoft Sentinel
C.
Azure Information Protection
D.
Azure Cognitive Services
Microsoft Sentinel
An Azure Policy initiative definition is a:
collection of policy definitions.
collection of Azure Policy definition assignments.
group of Azure Blueprints definitions
group of role-based access control (RBAC) role assignments.
collection of policy definitions.
You have an Azure subscription.
You need to review your secure score.
What should you use?
A.
Azure Monitor
B.
Azure Advisor
C.
Help + support
D.
Microsoft Defender for Cloud
Microsoft Defender for Cloud
You can enable just in time (JIT) VM access by using:
Azure Bastion
Azure Firewall
Azure Front Door
Microsoft Defender for Cloud
Microsoft Defender for Cloud
You can view your company’s regulatory compliance report from:
Azure Advisor
Azure Analysis Services
Azure Monitor
Microsoft Defender for Cloud
Microsoft Defender for Cloud
Your company’s developers intend to deploy a large number of custom virtual machines on a weekly basis. They will also be removing these virtual machines during the same week it was deployed. Sixty percent of the virtual machines have Windows Server 2016 installed, while the other forty percent has Ubuntu Linux installed.
You are required to make sure that the administrative effort, needed for this process, is reduced by employing a suitable Azure service.
Solution: You recommend the use of Azure DevTest Labs.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
You need to collect and automatically analyze security events from Azure Active Directory (Azure AD).
What should you use?
A.
Microsoft Sentinel
B.
Azure Synapse Analytics
C.
Azure AD Connect
D.
Azure Key Vault
Microsoft Sentinel
_____ enables users to authenticate to multiple applications:
by using single sign-on (SSO).
Application security groups in Azure
Azure Active Directory (Azure AD)
Azure Key Vault
Microsoft Defender for Cloud
Azure Active Directory (Azure AD)/Microsoft Entra ID
A network security group (NSG) will block all network traffic by default?
No
Application security groups can be specified as part of network security group (NSG) rules?
Yes
Network security groups (NSGs) always include inbound security rules and outbound security rules?
Yes
Your company plans to automate the deployment of servers to Azure.
Your manager is concerned that you may expose administrative credentials during the deployment.
You need to recommend an Azure solution that encrypts the administrative credentials during the deployment.
What should you include in the recommendation?
A.
Azure Key Vault
B.
Azure Information Protection
C.
Microsoft Defender for Cloud
D.
Azure Multi-Factor Authentication (MFA)
Azure Key Vault
- single sign-on (SSO)
- authorisation
- MFA
After you create a virtual machine, you need to modify the to allow connections to TCP port 8080 on the virtual machine:
network security group (NSG)
virtual network gateway
virtual network
route table
network Security group (NSG)
Microsoft Sentinel uses playbooks to:
automatically respond to threats
visualize data collected by connectors
specify how long data is retained
store passwords and certificates
automatically respond to threats
You need to configure an Azure solution that meets the following requirements:
✑ Secures websites from attacks
✑ Generates reports that contain details of attempted attacks
What should you include in the solution?
A.
Azure Firewall
B.
a network security group (NSG)
C.
Azure Information Protection
D.
DDoS protection
DDoS protection
You plan to implement several security services for an Azure environment. You need to identify which Azure services must be used to meet the following security requirements:
✑ Monitor threats by using sensors
✑ Enforce Azure Multi-Factor Authentication (MFA) based on a condition
Which Azure service should you identify for each requirement? To answer, select the appropriate options in the answer area.
Azure Advanced Threat Protection (ATP).
Azure Active Directory Identity Protection.
Your company has virtual machines (VMs) hosted in Microsoft Azure. The VMs are located in a single Azure virtual network named VNet1.
The company has users that work remotely. The remote workers require access to the VMs on VNet1.
You need to provide access for the remote workers.
What should you do?
A.
Configure a Site-to-Site (S2S) VPN.
B.
Configure a VNet-toVNet VPN.
C.
Configure a Point-to-Site (P2S) VPN.
D.
Configure DirectAccess on a Windows Server 2012 server VM.
E.
Configure a Multi-Site VPN
Configure a Point-to-Site (P2S) VPN.
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
What are two possible solutions? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
Modify an Azure Traffic Manager profile
B.
Modify a network security group (NSG)
C.
Modify a DDoS protection plan
D.
Modify an Azure firewall
Modify a network security group (NSG):
Modify an Azure firewall:
You can associate a network security group (NSG) to a virtual network subnet?
Yes
You can associate a network security group (NSG) to a virtual network?
No
You can associate a network security group (NSG) to a network interface?
Yes
You have an Azure environment that contains 10 virtual networks and 100 virtual machines.
You need to limit the amount of inbound traffic to all the Azure virtual networks.
What should you create?
A.
one application security group (ASG)
B.
10 virtual network gateways
C.
10 Azure ExpressRoute circuits
D.
one Azure firewall
one Azure firewall
This question requires that you evaluate the underlined text to determine if it is correct.
Azure Key Vault is used to store secrets for Azure Active Directory (Azure AD) user accounts.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
No change is needed
B.
Azure Active Directory (Azure AD) administrative accounts
C.
Personally Identifiable Information (PII)
D.
server applications
server applications
Your company plans to automate the deployment of servers to Azure.
Your manager is concerned that you may expose administrative credentials during the deployment.
You need to recommend an Azure solution that encrypts the administrative credentials during the deployment.
What should you include in the recommendation?
A.
Azure Key Vault
B.
Azure Information Protection
C.
Azure Security Center
D.
Azure Multi-Factor Authentication (MFA)
Azure Key Vault
You plan to deploy several Azure virtual machines.
You need to control the ports that devices on the Internet can use to access the virtual machines.
What should you use?
A.
a network security group (NSG)
B.
an Azure Active Directory (Azure AD) role
C.
an Azure Active Directory group
D.
an Azure key vault
a network security group (NSG)
After you create a virtual machine, you need to modify the _______ to allow connections to TCP port 8080 on the virtual machine.
network security group (NSG)
virtual network gateway
virtual network
route table
NSG
You can create custom Azure roles to control access to resources?
Yes
A user account can be assigned to multiple Azure roles?
Yes
A resource group can have the Owner role assigned to multiple users?
No
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a network security group (NSG).
Does this meet the goal?
A.
Yes
B.
No
Yes
You have been informed by your superiors of the company’s intentions to automate server deployment to Azure. There is, however, some concern that administrative credentials could be uncovered during this process.
You are required to make sure that during the deployment, the administrative credentials are encrypted using a suitable Azure solution.
Solution: You recommend the use of Azure Information Protection.
Does the solution meet the goal?
A.
Yes
B.
No
No
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a DDoS protection plan.
Does this meet the goal?
A.
Yes
B.
No
No
You need to collect and automatically analyze security events from Azure Active Directory (Azure AD).
What should you use?
A.
Azure Sentinel
B.
Azure Synapse Analytics
C.
Azure AD Connect
D.
Azure Key Vault
Azure Sentinel
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify an Azure firewall.
Does this meet the goal?
A.
Yes
B.
No
Yes
This question requires that you evaluate the underlined text to determine if it is correct.
Azure Germany can be used by legal residents of Germany only.
Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.
A.
no change is needed
B.
only enterprises that are registered in Germany
C.
only enterprises that purchase their azure licenses from a partner based in Germany
D.
any user or enterprise that requires its data to reside in Germany
any user or enterprise that requires its data to reside in Germany
Identities stored in an on-premises Active Directory can be synchronized to Azure Active Directory (Azure AD)?
Yes
Identities stored in Azure Active Directory (Azure AD), third-party cloud services, and on-premises Active Directory can be used to access Azure resources?
Yes
Azure has built-in authentication and authorization services that provide secure
access to Azure resources?
Yes
You can view your company’s regulatory compliance report from:
Azure Advisor
Azure Analysis Services
Azure Monitor
Azure Security Center
Azure Security Center
What should you use to evaluate whether your company’s Azure environment meets regulatory requirements?
A.
Azure Service Health
B.
Azure Knowledge Center
C.
Azure Security Center
D.
Azure Advisor
Azure Security Center
Your company implements _____ to automatically add a watermark to Microsoft Word documents that contain credit card information:
Azure policies
DDOS protection
Azure Information Protection
Azure Active Directory (Azure AD) Identity Protection
Azure Information Protection
Azure Active Directory (Azure AD) requires the implementation of domain controllers on Azure virtual machines?
No
Azure Active Directory (Azure AD) provides authentication services for resources hosted in Azure and Microsoft 365?
Yes
Each user account in Azure Active Directory (Azure AD) can be assigned only
one license?
No
Which two types of customers are eligible to use Azure Government to develop a cloud solution? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
a Canadian government contractor
B.
a European government contractor
C.
a United States government entity
D.
a United States government contractor
E.
a European government entity
a United States government entity
a United States government contractor
You have been informed by your superiors of the company’s intentions to automate server deployment to Azure. There is, however, some concern that administrative credentials could be uncovered during this process.
You are required to make sure that during the deployment, the administrative credentials are encrypted using a suitable Azure solution.
Solution: You recommend the use of Azure Multi-Factor Authentication (MFA).
Does the solution meet the goal?
A.
Yes
B.
No
No
To implement an Azure Multi-Factor Authentication (MFA) solution, you must sync on-premises identities to the cloud?
No
Two valid methods for Azure Multi-Factor Authentication (MFA) are picture identification and a passport number?
No
Azure Multi-Factor Authentication (MFA) can be required for administrative and non-administrative user accounts?
Yes
You need to ensure that when Azure Active Directory (Azure AD) users connect to Azure AD from the Internet by using an anonymous IP address, the users are prompted automatically to change their password.
Which Azure service should you use?
A.
Azure AD Connect Health
B.
Azure AD Privileged Identity Management
C.
Azure Advanced Threat Protection (ATP)
D.
Azure AD Identity Protection
Azure AD Identity Protection
ISO
NIST
GDPR
Azure Government
To what should an application connect to retrieve security tokens?
A.
an Azure Storage account
B.
Azure Active Directory (Azure AD)
C.
a certificate store
D.
an Azure key vault
an Azure key vault
Your network contains an Active Directory forest. The forest contains 5,000 user accounts.
Your company plans to migrate all network resources to Azure and to decommission the on-premises data center.
You need to recommend a solution to minimize the impact on users after the planned migration.
What should you recommend?
A.
Implement Azure Multi-Factor Authentication (MFA)
B.
Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
C.
Instruct all users to change their password
D.
Create a guest user account in Azure Active Directory (Azure AD) for each user
Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
You can configure the Azure Active Directory (Azure AD) activity logs to appear in Azure Monitor?
Yes
From Azure Monitor, you can monitor resources across multiple Azure subscriptions?
Yes
From Azure Monitor, you can create alerts?
Yes
You create a resource group named RG1 in Azure Resource Manager.
You need to prevent the accidental deletion of the resources in RG1.
Which setting should you use? To answer, select the appropriate setting in the answer area.
Locks
The company would like to develop a cloud solution by making use of Azure Government. Azure Government can only be used by certain types of clients to develop cloud solutions.
Which of the following are the types of customers that can make use of Azure Government in this situation? Answer by dragging the correct option from the list to the answer area.
A US government contractor
A US government entity
continues to function normally
Microsoft Privacy Statement
Online Services Terms
Data Protection Addendum
The product of both SLAs
Budget alerts
0.999 * 0.9999 = 0.9989001 = 99.89001%
Maximum Available Minutes
Downtime
Monthly Uptime Percentage
High Availability
Geo-distribution
Scalability
ExpressRoute
Virtual Network Peering
VPN Gateway
Azure Queue Storage
Azure Files
Azure Blob storage
Azure Active Directory.
Software Assurance
Elasticity
Disaster Recovery
Agility
Software updates and patches
MFA
Surveillance Camera
Azure Container Instances
Azure Virtual Machines(scale Set)
IaaS
PaaS
Fault tolerance
Disaster recovery
Dynamic scalability
Latency
PaaS
IaaS
