Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Azure Fundamentals Practice Exam > AZ-900 Exam > Flashcards

AZ-900 Exam Flashcards

1
Q

Your company intends to automate server deployments to Azure. However there is concern that administrative credentials could be uncovered during the process. During deployment you have to ensure that credentials are encrypted.

Will Multi Factor Authentication accomplish this?

A

No

  • Multi-Factor Authentication is when users are prompted for an additional form of authentication during the sign in process (i.e. through a cell phone or second device to confirm it is them).
  • A better solution would be Azure Key Vault
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Users ocassionally connect to Azure AD via Internet. You need to ensure that users who connect to Azure AD with an unidentified IP address are prompted to change their password.

Will Azure Active Directory Identity Protection accomplish this?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Azure Active Directory Identity Protection identifies risks of many types. Define which type of risks it identifies and protects against.

A
  • Anonymous IP Address
  • Atypical travel
  • Malware Linked IP Address
  • Unfamiliar sign-in properties
  • Leaked credentials
  • Password spray
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Users ocassionally connect to Azure AD via Internet. You need to ensure that users who connect to Azure AD with an unidentified IP address are prompted to change their password.

Will Azure Active Directory Privileged Identity Management accomplish this?

A

No

Azure AD Privileged Identity Management that allows you to manage, control, and monitor access to important resources in your organization. This is useful in preventing malicious users from getting access or an authorized user compromising sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Availability Zones can be implemented in all Azure regions.

True or False?

A

False

Regions that do not have support for Availability Zones are known as Alternate Regions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Only Virtual Machines that run Windows can be created in Availability Zones

True or False?

A

False

You can run either Windows or Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Availability Zones are used to replicate data and applications to multiple regions.
True or False?

A

False

Availibility Zones are used to replicate data and applications in the same region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Each Azure subscription can contain multiple account Administrators.
True or False?

A

False

There is only one account Administrator per Azure account (or subscription).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Each Azure subscription can be managed by using a Microsoft account only.
True or False?

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An Azure resource group contains multiple subscriptions.
True or False?

A

False

An Azure subscription can contain multiple resource groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Microsoft SQL Server 2019 installed on Azure Virtual Machine is an example of PAAS
True or False?

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Azure SQL database is an example of PAAS
True or False?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Azure Cosmos database is an example of SAAS
True or False?

A

False

Azure Cosmos Database is an example of PAAS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the first stage in the Microsoft Cloud Adoption Framework for Azure?

  1. Adopt the cloud
  2. Make a plan
  3. Ready your organization
  4. Define your strategy
A

Define your strategy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You plan to deploy several Azure Virtual Machines. You need to ensure that the services running on the Virtual Machines remain available if a single data center fails.

Can you accomplish this by deploying 2 or more availability zones?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When you need to delete permissions to several Azure machines simultaneously, you must deploy the Azure Virtual Machines ____________________________

  1. to same region
  2. by using same Azure resource manager template
  3. to same resource group
  4. to same availability zone
A

to same resource group

Permissions will descend on all the resources in the resource group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What does a customer provide in a SAAS model?

  1. Application Data
  2. Data Storage
  3. Computer resources
  4. Application software
A

Application Data

In SAAS, you just use the service. Think of Gmail or Microsoft 365

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Your company plans to migrate all its data and resources to Azure. The migration plan only intends to use PAAS solutions. What may you use according to the migration plan?

  1. Azure Virtual Machine, Azure SQL Database, Azure storage accounts
  2. Azure App Service and Azure Virtual Machines that have Microsoft SQL Server installed
  3. Azure App Service and Azure SQL Database
  4. Azure stoage accounts and web servers in Azure Virtual Machines
A

Azure App Service and Azure SQL Database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A Microsoft SQL Database hosted on Azure and software updates managed by Azure is an example of:

  1. Disaster Recovery as a Service
  2. IAAS
  3. PAAS
  4. SAAS
A

PAAS

If you install Microsoft SQL Database on an Azure VM and manage software updates yourself then it is IAAS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

You need to create a new Azure Virtual Machine on a tablet that runs Android OS. Can you use Bash in Azure Cloud Shell to accomplish this goal?

A

Yes

Azure Cloud Shell runs in the Azure Portal that you can access via the browser and can run Bash or Powershell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Your company has data centers in NY and LA. Your company has an Azure subscription. You are configuring two data centers as geo clustered sites for site resiliency. What would you recommend as an Azure storage redundancy option considering the following:

  • Data must be stored on multiple nodes
  • Data must be stored on nodes in seperate geographic locations.
  • Data can be read from primary and seconday locations
  1. Geo-redundant storage
  2. Read-only geo-redundant storage
  3. Zone-redundant storage
  4. Locally-redundant storage
A

Read-only geo-redundant storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Your company intends to subscribe to an Azure support plan. The support plan must allow for new support requests to be opened. Which support plans allow for this? (Can select multiple options)

  1. Basic
  2. Developer
  3. Standard
  4. Professional Direct
  5. Premium
A

Basic, Developer, Standard, Professional Direct

All support plans support this feature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Your company’s developers plan to deploy a large number of Virtual Machines on a weekly basis. They will be removing the virtual machines the same week. 60% of the Virtual Machines will be running Windows, and the remaining will be running Linux.
Would Microsoft Managed Desktop be a suitable Azure service for this effort?

A

No

Azure DevTest Labs would be better suited because you are deploying a large number of Virtual Machines fast and do not need it for long periods of time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Company ABC uses management groups to manage resources in your Azure tenant more efficiently. They want Useralpha to be able to manage user access to Azure resources. You need to determine which role based access control (RBAC) Useralpha should be added to.

Your solution should follow the principle of least privilege. To which role should you add Useralpha?

  1. User Access Administrator
  2. Owner
  3. Management Group Contributor
  4. Contributor
A

User Access Administrator

  • Owner has full access to all resources and can delegate access to others. (Service Admin and Co-Admin are assigned as owner role at the subscription scope).
  • Contributor creates and manage all types of Azure resources, creates new tenant in Azure AD, and cannot grant access to others.
  • Reader can view all Azure resources
  • User Access Administrator can manage user access to Azure resources.
  • You could have also selected Owner since they also have access to this but since the question mentions least privilege, the answer is not Owner.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Which Azure service should you use to store certificates? 1. Azure Security Center 2. Azure Storage account 3. Azure Key Vault 4. Azure Information Protection
Azure Key Vault ## Footnote * Azure Key Vault is a cloud service that is used for securely storing and accessing secrets, anything that you want to tightly control access to, (i.e. passwords, API keys, certificates, and cryptographic keys). * Azure Security Center is a set of tools used for managing and monitoring security for VMs and other cloud computing resources. * Azure storage account contains azure storage objects (i.e. blobs, files, shares, queues, tables, disks, etc.) * Azure Information Protection is a solution that enables organizations to discover, classify, and protect documents or emails by applying labels to the content
26
Which service provides severless computing in Azure?
Azure Functions ## Footnote Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. You just focus on the code that matters to you.
27
An Azure service is available to customer when it is in 1. private preview 2. public preview 3. development 4. enterprise agreement (EA) subscription
Public Preview
28
Data that is stored in an Azure Storage account automatically has at least three copies. True or False?
True ## Footnote There are many data replication options in Azure Storage (LRS, ZRS, GRS, and GA-RS). LRS (locally redundant storage) is the minimum of all of them and allows for data replication three times synchronously in the primary region.
29
All data that is copied to an Azure storage account is backed up automatically to another Azure data center True or False?
False ## Footnote It is not automatically configured but you can configure it manually to backup to another Azure data center
30
An Azure Storage Account can contain up two 2TB of data and up to one million files. True or False?
False ## Footnote Limits are much higher
31
If you have Azure resources deployed to every region, you can implement availability zones in all the regions. True or False?
False ## Footnote Not all Azure regions support availability zones (Alternate vs Recommended Regions)
32
Availability zones are used to replicate data and applications to multiple regions. True or False?
False
33
You plan to deploy a critical application to Azure that will run on an Azure virtual machine. You need to recommend a deployment solution for the application. The solution must provide a guaranteed availability of 99.99 percent. What is the minimum number of VMs and availability zones you need for this deployment.
2 Virtual Machines and 2 Availability Zones
34
Your company hosts an accounting application named App1. App1 has low usage during the first three weeks of each month and very high usage during the last week of each month. Which Azure Cloud Service supports cost management for this type of usage pattern?
Elasticity
35
Which blade in Azure should you use to view security recommendations? 1. Monitor 2. Subscription 3. Market Place 4. Advisor
Advisor
36
Which blade in Azure should you use to monitor the health of Azure Services? 1. Monitor 2. Subscription 3. Market Place 4. Advisor
Monitor
37
Which blade in Azure should you use to browse availabile VM images? 1. Monitor 2. Subscription 3. Market Place 4. Advisor
Market Place
38
Azure Monitor can monitor the performance of on prem computers. True or False?
True ## Footnote Azure Monitor helps you maximize the availability and performance of your applications and services. You may collect, analyze, and act on telemetry from your cloud or on-premise environments.
39
Azure Monitor can send alerts to Azure AD security groups. True or False?
False ## Footnote While Azure Monitor can be used to create alerts, it cannot send alerts related to Azure AD security groups.
40
Azure Monitor can trigger alerts based on data in an Azure Log Analytics workspace. True or False?
True
41
Azure DevOps Services allows developers to deploy or update applications to Azure using CI/CD pipelines. True or False?
True
42
Azue DevOps services include a Git Repository for developers to store code. True or False?
True ## Footnote Azure Repos accomplishes this
43
Azure DevOps Services can be used to build and host web apps. True or False?
False
44
Define Azure DevOps
An integrated solution for deployment of code.
45
Define Azure Advisor
A tool that provides guidance and recommendations to improve an Azure environment.
46
Define Azure Cognitive Services
A simplified tool to build Artifical Intelligence applications
47
Define Azure Application Insights
Monitors web applications
48
You need to implement a database solution that meets the following requirements: * Can add data concurrently from multiple regions * Can store JSON documents Which database service should you deploy?
Azure Cosmos DB ## Footnote Azure Cosmos DB is a globally distributed multi model database service. It is a great way to store unstructured data such as JSON files
49
You have an Azure environment that contains multiple Azure virtual machines. You plan to implement a solution that enables client computers on your on prem network to communicate to the Azure virtual machines. Which two Azure resources should you include in the recommendation to create this? 1. Virtual Network Gateway 2. Load Balancer 3. Application Gateway 4. Virtual network 5. Gateway subnet
Virtual Network Gateway and Gateway Subnet
50
Recommend a tool to automatically send an alert if an admin stops an Azure Virtual Machine 1. Azure Logic Apps 2. Azure Machine Learning Designer 3. Azure Monitor 4. Azure Advisor
Azure Monitor ## Footnote * Azure Logic Apps is used for creating and running automatic workflows that integrate your app, data, service, and system. Allows you to build automated workflows * Azure Machine Learning Designer is a drag and drop interface that you use to train or deploy model in Azure Machine Learning * Azure Advisor is a recommendation service that analyzes your configuration and usage and then it helps you to follow best Microsoft Azure practices. You can get recommendations based on cost, security, reliability, operational excellence, performance, etc.
51
Azure billing is attached on what level? 1. Resource Group 2. Azure AD 3. Azure Subcription
Azure Subscription
52
A common platform for deploying objects to a cloud infrastructure and for implementing consistency across the Azure environment. 1. Azure policies 2. Resource groups 3. Azure Resource Manager templates 4. Management Groups
Azure Resource Manager Templates ## Footnote * ARM templates are good for using code to deploy infrastructure and produce repeatable results * Azure Policies helps you to enforce the standards or access the compliance at a scale. So this is more related to compliance * Azure Management group is used to manage multiple subscriptions. Also related to access
53
From Azure Service Health, an admin can view the health of all the services in an Azure environment. True or False?
True
54
From Azure Service Health, an admin can create a rule to be alerted if an Azure service fails. True or False?
True
55
From Azure Service Health, an admin can prevent a service failure. True or False?
False
56
Azure advisor can generate a list of Azure VMs that are not backed up. True or False?
True
57
If you implement the security recommendations provided by Azure Advisor, your company's secure score will increase. True or False?
True
58
To maintain Microsoft support you must implement the security recommendations provided by Azure Advisor within a period of 30 days. True or False?
False ## Footnote These are only recommendations (optional)
59
Your company plans to deploy an Artificial Intelligence (AI) solution in Azure. What should the company use to train and deploy models in Azure Machine Learning? 1. Azure Logic Apps 2. Azure Machine Learning Designer 3. Azure Batch 4. Azure Cosmos DB
Azure Machine Learning Designer ## Footnote * Azure Machine Learning designer is a drag and drop interface used to train and deploy models in Azure Machine Learning.
60
You have an Azure web app. You need to manage the settings of the web app from an IPhone. What tool can you use? 1. Linux 2. Azure Portal 3. Windows Powershell 4. Azure Storage Explorer
Azure Portal
61
What analyzes security log files from Azure Virtual Machines
Azure Senitnel
62
What displays the secure score for an Azure subscription
Azure Security Center
63
What stores passwords for use by Azure Function applications.
Azure Key Vault
64
Which Azure Service is a managed relational cloud database service?
Azure SQL Database
65
What service is a cloud based service that leverages on massively parallel processing (MPP) to quickly run complex queries across petabytes of data in a relational database.
Azure SQL Synapse Analytics ## Footnote * If the question mentions MPP (massively parallel processing) and PB of data (large amount of data) then you can safely assume it is talking about Azure SQL Synapse Analytics
66
What service can run massively parallel data transformations and processing programs across PB of data
Azure Data Lake Analytics
67
What Azure service is an open source framework for the distributed processing and analysis of big data sets in clusters
Azure HDInsight
68
Which tool enables users to authenticate to multiple applications by using single sign-on (SSO) 1. Azure resource group 2. Azure AD 3. Azure Advisor 4. Azure Monitor
Azure AD ## Footnote * Azure AD enterprise identity service provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks
69
You can delete all related Azure resources in a resource group by deleting the resource group only. True or False?
True
70
All resources in Azure must reside under a resource group. True or False?
True
71
One Azure resource can only be inside only one resource group. You can move resource from one resource group to another, but resource can not be in two resource groups at the same time. True or False?
True
72
Define Azure Monitor
Helps you maximize the availability and performance of your application and services. It delivers a comprehensive solution for collecting, analyzing, and acting on telemetry from your on premise and cloud environment.
73
Azure Sentinel use playbook to 1. Monitor Azure Service 2. Maintain Security Certificates 3. Run Powershell scripts 4. Automatically respond to threats
Automatically respond to threats
74
Who can use the Azure Total Cost of Ownership calculator? 1. Billing readers for an Azure subscription only 2. Azure account administrator 3. Anyone 4. Users who have an account in Azure AD
Anyone ## Footnote * The TCO calculator helps you estimate the cost of operating your solution on Azure over time instead of running that solution on premise. * Useful when you want to switch your entire solution from on premise to the cloud
75
You have on-premise application that sends email notifications automatically based on a rule. You plan to migrate the application to Azure You need to recommend a serverless computing solution for the application. What should you include in the recommendation? 1. A web app 2. A server image in Azure marketplace 3. A logic app 4. An API app
Logic App ## Footnote * Whenever you see serverless computing in the question, you should keep in mind two services - Logic App and Azure function
76
You plan to deploy a website to Azure. The website will be accessed by users worldwide and will host large video files. You need to recommend which Azure feature must be used to provide the best video playback experience. What should you recommend? 1. An application gateway 2. An Azure ExpressRoute circuit 3. Content Delivery Network (CDN) 4. Azure Traffic manager
Content Delivery Network (CDN) ## Footnote * CDN is a distributed network of servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in point of presence locations that are close to end users to minimize latency * Web Application gateway helps you manage traffic to your web application * Azure ExpressRoute circuit helps you connect your on-premise data center to your cloud solution through a connectivity provider * Azure Traffic Manager is a DNS based traffic load balancer. Allows you to distribute traffic to your public facing web application across the globe. With public endpoints and high availability and quick responsiveness.
77
You have an application that is comprised of an Azure web app that has a SLA of 99.95 percent and an Azure SQL database that has an SLA of 99.99 percent. The composite SLA for the app is the product of both SLAs, which equals 99.94 percent. Is the last statement true?
True
78
Cost of Azure resource can vary between regions. True or False?
True
79
An Azure reservation is used to reserve server capacity at a a specific data center. True or False?
False ## Footnote * It is false because you cannot make a reservation at the data center level, only at the region level. * Azure Reservation helps you save money by committing a one year or three year plan for multiple products. Can help you reduce cost by up to 72 percent compared to pay-as-you-go
80
You can stop an Azure SQL Database instance to decrease costs. True or False?
False ## Footnote * Azure does not give you access to the underlying SQL Server that is hosting the Azure SQL database, and as such you cannot stop it.
81
What provides the platform for serverless code?
Azure Functions
82
What is a big data analysis service for machine learning? 1. Azure Databricks 2. Azure functions 3. Azure App Service
Azure Databricks
83
What detects and diagnoses anomalies in web apps? 1. Azure Application Insights 2. Azure Functions 3. Azure App Service
Azure Application Insights
84
What hosts web apps?
Azure App Service
85
The ability to use the same credentials to access multiple resources and applications. 1. Authorization 2. MFA 3. Azure AD 4. Single Sign On
Single Sign On
86
The process of identifying the access level of a user or service. 1. Authorization 2. MFA 3. Azure AD 4. Single Sign On
Authorization ## Footnote * Sometimes people confuse authorization with authentication. Authentication is when you put in your credentials at login and once you are able to login, you are authenticated. Authorization is related to access and permissions.
87
What should you use in Microsoft Sentinel to see visualization of an incident with related to alert and entities? 1. A workbook 2. Analytic rule 3. connector 4. investigation graph
Investigation Graph ## Footnote * After you connected your data sources to Microsoft Sentinel, you want to be notified when something suspicious happens. To enable you to do this, Microsoft Sentinel lets you create advaned alert rules, that generate incidents that you can assign and investigate
88
Which IOT solution is high security microcontroller and Linux based application in Azure? 1. IOT Hub 2. IOT central 3. Azure Sphere
Azure Sphere ## Footnote * Azure Sphere is a secured, high level application platform with built in communicaton and security features for internet connected devices. It comprises of a microcontroller unit MCU, custom high level Linux based OS, and a cloud based security service that provides continuous renewable security.
89
A VM can be deployed to multiple resource groups. True or False?
False ## Footnote * You can move one virtual machine to another (and all other resources in Azure) resource group but it cannot exist in multiple resource groups.
90
Most Azure services are introduced in private preview before being introduced in public preview and then in general availability. True or False?
True ## Footnote * Once an Azure service completes its development phase, it is released to the public (public preview phase). After the service has been validated. andtested, it ready as. aProduction ready service (aka general availability)
91
Azure services in public preview can be managed only by using Azure CLI. True or False?
False ## Footnote * It can be managed via Azure portal, powershell, API, etc.
92
The cost of an Azure service in private preview decreases when the service becomes generally available. True or False?
False
93
Trust Center is part of the Azure Security Center. True or False?
False ## Footnote Azure Trust Center provides support and resources for the legal and compliance community
94
Trust Center can only be accessed by users that have an Azure subscription. True or False?
False ## Footnote * Trust Center is open site documentation available to anyone
95
Trust Center provides information about the Azure compliance offerings. True. or False?
True
96
General Data Protection Regulation (GDPR) defines data protection and privacy rules. True or False?
True
97
General Data Protection Regulation applies to companies that offer goods and services to individuals in the EU. True or False?
True
98
Azure can be used to build a General Data Protection Regulation compliant infrastructure. True or False?
True
99
From Azure Monitor you can view which user turned off a specific virtual machine during the last 14 days. True or False.
False ## Footnote * Correct answer is Azure Activity Log.
100
Azure Key Vault is used to store user secrets. True or False?
False ## Footnote * Azure Key Vault can be used to store app secrets.

Azure Fundamentals Practice Exam (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions