AZ-900 Practice Test Questions Flashcards
What type of documents does the Microsoft Service Trust Portal provide?
A list of standards that Microsoft follows, pen test results, security assessments, white papers, FAQs, and other documents that can be used to show Microsoft’s compliance efforts
What feature of a system makes it elastic?
The ability of it to add and reduce capacity based on actual demand
What Azure tool gives you the ability to manage multiple subscriptions into nested hierarchies?
Management Groups
Microsoft Entra ID
Enterprise identity service that provides SSO and MFA
Azure’s preferred Identity/Authentication service
Azure Policy
Can add restrictions on storage account SKUs, virtual machine instance types, and rules relating to tagging of resources and groups
True or False: Azure PowerShell scripts and CLI scripts are entirely compatible with each other
FALSE- these are different languages
Resource Locks
Affect your ability to make changes to a resource within Azure but do not affect the resource itself.
A resource lock on a VM still allows it to operate, but prevents someone from restarting it.
What affect does using a “read only” resource lock on an Azure Storage Account have?
The storage account cannot have its properties altered but it doesn’t affect the data itself.
Cloud Shell
Allows access to the CLI and PowerShell consoles in the Azure Portal
True or False: Azure is a public cloud, and has no private cloud offerings
FALSE- Azure Government and DoD services are private
True or False: you can create your own policies if built-in Azure Policy is not sufficient to your needs
TRUE, can create policies using JSON
Azure charges for ____ bandwidth
Egress/Outbound
Azure Monitor
Collects all of the logs from various resources into a central dashboard, where you can run queries, view graphs, and create alerts on certain events
Azure Service Health
Lets you know about any Azure-related service issues including region-wide downtime
AzCopy
Allows you to copy files between two Azure Storage accounts without having to download the files to your local machine
What is Single Sign-On?
The ability to log in once and use the existing userid and password to sign in to other applications, and not have to create/memorize a new one
ARM
Azure Resource Manager
Common resource deployment model that underlies all resource creation or modification
No matter whether you use the portal, PowerShell or the SDK, ARM takes those commands and executes them
Resource Groups
A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource
Why would someone prefer a consumption-based pricing model as opposed to a time-based (fixed) pricing model?
You can save a lot of money if you don’t use the resource often as opposed to having it available for use 24/7
Azure Availability Zones
A feature of Azure that allows you to manually specify into which data center your virtual machines are placed, which allows you to achieve higher availability than any other option
Microsoft Entra ID provides what licenses?
Free
P1
P2
Governance
What Azure Resources are required in order to have a virtual machine?
Virtual Network
Storage Account
Network Interface Card (NIC)
How many availability zones are there in each region (for regions that have them)?
3
What Azure resource allows you to evenly split traffic coming in and direct it to several identical virtual machines to do the work and respond to the request?
Load Balancer or Application Gateway
LRS
Locally Redundant Storage
Copies your data synchronously three times within a single physical location in the primary region
Least expensive replication option, but isn’t recommended for applications requiring high availability or durability
ZRS
Zone-Redundant Storage
Copies your data synchronously across three Azure availability zones in the primary region
For applications requiring high availability, Microsoft recommends using ZRS in the primary region and also replicating to a secondary region
What OS does Microsoft supply Azure Virtual Machine images for?
Windows and Linux
Which Azure technology allows you to login to Microsoft Entra ID device or application using your face, PIN, or a gesture instead of typing a password?
Passwordless
Which Azure technology allows you to manage virtual machines running in Azure, your own environment, and other environments like AWS?
Azure Arc
Availability Sets
Allow you to tell Azure which virtual machines are identical, so that Azure will keep them apart physically inside the datacenter to ensure availability
True or False: An Azure Storage Account can have both a public endpoint and a private endpoint at the same time
TRUE- public endpoint can be enabled, restricted to certain networks or disabled. Multiple private endpoints can be created. No restriction preventing you from having both a public endpoint accessible from the internet and one or more private endpoints as well
Total Cost of Ownership
Includes cost of hardware, software, hosting, electricity, real estate, internet, salaries of employees
Azure Scalesets
Can manage groups of virtual machines as one unit
Azure Blueprints
Allows you to create a “template” on which new subscriptions can be made. This way, new subscriptions can come with a pre-defined list of policies, ARM templates, and custom RBAC roles.
Azure Sovereign Regions
Dedicated to specific sovereign entities
Azure US Government
Azure China
Express Route
Private connection from your data center to a Microsoft Azure partner, which has a direct fiberoptic connection into Azure
Public Endpoint
Effectively a URL that you can use to access data and applications from outside a virtual network
Compute Services
Resources that perform some type of task that requires CPU cycles to perform the work
Azure Advisor
A tool that will analyze your use of Azure and make you specific recommendations based on your usage across availability, security, performance, and cost categories
