big group

Question 1

Which cloud model should be used in this instance?
A company wants to deploy multiple servers to host web applications but wants to keep hardware cost and manageable cost to a minimum. The solution should be highly scaleable

Answer 1

public model

Question 2

Which cloud model should be used in this instance?
A company needs to implement a solution where it maintains management control over hardware and infrastructure. The solution can be physically deployed offsite

Answer 2

Private model

Question 3

Which cloud model should be used in this instance?
A company plans to use a custom software as a service application and wants to minimize cost. The company is legally required to maintain and secure all data onsite.

Answer 3

Hybrid model

Question 4

Which cloud model should be used in this instance?
Your company wants to create a virtual network with 10 virtual machines and no capital expenditure costs

Answer 4

public

Question 5

Which cloud model should be used in this instance?
Your company wants to control the methods used to have a high level of security for its resources

Answer 5

private

Question 6

Which cloud model should be used in this instance?
Your company does not have IT experts or the money to purchase its own servers

Answer 6

Public

Question 7

A private cloud requires

Answer 7

the infrastructure to be on a private network

Question 8

Your company plans to migrate applications and services to the cloud. You recommend for a hybrid cloud to be deployed. Why would you make this recommendation?

Answer 8

To augment on-premise resources by providing overflow capacity.

Question 9

Your company deploys resources in Azure. According to the shared responsibility model, which task will you be required to perform?

Answer 9

Install critical updates on virtual machines

Question 10

Benefits of moving the infrastructure to the cloud
(T/F) You can use horizontal scaling for the web server

Answer 10

True

Question 11

Benefits of moving the infrastructure to the cloud
(T/F) You can resize the disk on demand on mail server if email messages increase

Answer 11

True

Question 12

What is an advantage of using public cloud over a private cloud?

Answer 12

Costs are lower and spread among multiple tenants

Question 13

Manually increasing or decreasing resources to meet a predictable workload is called

Answer 13

scalability

Question 14

Automatically increasing or decreasing resources to meet spikes and drops in demand is called

Answer 14

Elasticity

Question 15

Speed and flexibility in allocation and deallocation of required resources is called

Answer 15

Agility

Question 16

(T/F) Azure active directory is used to manage API cryptographic keys

Answer 16

False

Question 17

(T/F) Azure Storage encryption is enabled by default and cant be disabled

Answer 17

True

Question 18

(T/F) Azure ExpressRo7ute is used to secure traffic between virtual networks

Answer 18

False

Question 19

In infrastructure as a service cloud model, the subscriber is responsible for the management of what?

Answer 19

operating system
application
runtime
middleware
data

Question 20

In Iaas the service provider is responsible for

Answer 20

virtualization
servers
storage
physical networking

Question 21

(T/F) The service provider is responsible for all infrastructure hardware in SaaS, PaaS, and IaaS

Answer 21

True

Question 22

(T/F) Creating a virtual machine running Windows server 2016 is a example of PaaS

Answer 22

False

Question 23

(T/F) SaaS gives you a way to give users access to sophisticated applications in a pay-as-you-go enviornment

Answer 23

True

Question 24

(T/F) IaaS allows you to rent hardware and have control over the operating system

Answer 24

True

Question 25

(T/F) PaaS allows you to manage applications without controlling the underlying OS

Answer 25

True

Question 26

(T/F) SaaS allows you to subscribe to software

Answer 26

True

Question 27

In a Platform as a Service, the customer service is in responsible for

Answer 27

Data, application

Question 28

In Platform as Service, the provider is responsible for

Answer 28

Operating system, storage, virtualization

Question 29

Which cloud service model should be used in this instance?
A company needs to deploy an Ubuntu Linux virtual machine to run a resource-intensive data analysis application

Answer 29

IaaS

Question 30

Which cloud service model should be used in this instance?
A company needs to make productivity applications available to all employees, including those that work from home, on a pay-as- you-go basis

Answer 30

SaaS

Question 31

Which cloud service model should be used in this instance?
A company needs to develop a web app designed to ruin on both computers and mobile devices and manage the application lifecycle

Answer 31

PaaS

Question 32

Which cloud service model should be used in this instance?
A company needs to transition an on-premise data center to the cloud with minimal impact on users

Answer 32

IaaS

Question 33

(T/F) about shared responsibility in the cloud
the customer always retain responsiblity for the data

Answer 33

True

Question 34

(T/F) about shared responsibility in the cloud
The responsibility for the management of accounts is transferred to the cloud provider

Answer 34

False

Question 35

(T/F) about shared responsibility in the cloud
The responsibility for the operating system in Platform as a service is retained by the customer

Answer 35

False

Question 36

You need to deploy serverless solution that meets the following requirements
-executution is triggered through an https request
-you pay only for the time that the code runs
-you do not have to manage the application infrastructure

Answer 36

Azure functions

Question 37

with __________ developers deploy code and pay for its runtime only, without worrying about the provisioning configuration and management of the underlying infrastructure

Answer 37

serverless computing

Question 38

(T/F) Azure IaaS provides and manages container orchestrators

Answer 38

False

Question 39

(T/F) Resources can be allocated on a pay as you go basis whenever needed in IaaS

Answer 39

True

Question 40

(T/F) you are responsible for managing application and middleware while azure manages operating system in Iaas

Answer 40

False

Question 41

Which cloud service model should be used in this instance?
Use provider managed hardware to run a customized database

Answer 41

IaaS

Question 42

Which cloud service model should be used in this instance? use a provider managed calender to schedule appointments and meetings

Answer 42

Software as a Service

Question 43

Which cloud service model should be used in this instance? User provider managed business intelligence services to analyze marketing trends

Answer 43

Paas

Question 44

Which cloud service model should be used in this instance?
You need to find a cloud solution that allows the highly customized web application to run without requiring management of operating system settings or services. However, the company’s web developers must be able to maintain customizations

Answer 44

Deploy the web app functionality using PaaS

Question 45

A company is deploying a critical business application on two virtual machines. The deployment needs to support:
-highly available access
-separate fault and update zones
-minimal latency between instances
most users who needs to access the application are in Azure East US2 region

Answer 45

Separate availability zones

Question 46

(T/F) Locking a resource group as read-only locks all resources contained in the group

Answer 46

True

Question 47

(T/F) A resource group contain resources from the same region as the resource group only

Answer 47

false

Question 48

(T/F) You can add a resource to remove a resource group from a resource from a resources group as long as the resource group is not locked

Answer 48

True

Question 49

(T/F) Resources can interact with other resources in a different resource group

Answer 49

True

Question 50

A company wants to expand its cloud presance by deploying additional resources to Azure. The company plans to use templates based on existing resources to automate the deployment process. Ensuring consistent deployment is critical. What should the company use?

Answer 50

Azure Resource manager

Question 51

What describes regions

Answer 51

-regions are always paired with other regions
-regions contain one or more datacenters
-regions specify the location of resources

Question 52

Description of containers

Answer 52

-container can be accessed over the internet by IP address or domain name
-a container can run on windows or linux
-a container can scale out as needed
-a container represents a single app and its dependencies

Question 53

What is the purpose of a resource group?

Answer 53

it serves as a container for azure resources like virtual machines and web apps

Question 54

(T/F) You can transfer an existing subscription to a new Azure active directory tenant

Answer 54

True

Question 55

(T/F)Quotas for resource in Azure resource group are per region rather than per subscription

Answer 55

True

Question 56

(T/F) All users and groups with role-based acces to manage the subscription lose their accesss

Answer 56

True

Question 57

(T/F) System-assigned managed identities are re=enabled automatically

Answer 57

False

Question 58

(T/F) moving a subscription that owns an azure kubernetes services cluster causes the cluster to lose functionality

Answer 58

True

Question 59

You need to ensure that your resources are replicated and hosted 200 miles away within the same geographic area, to minimize impact on your solutions’ avaiability in case of disaster

Answer 59

Region pairs

Question 60

Management groups let you organize mutiple

Answer 60

subscriptions as a single management entity to facilitate easier management

Question 61

You want to allow inbound traffic to an azure virtual machine from only specific ip address

Answer 61

network security group

Question 62

you want to prevent a malicious flood of http traffic to a vm that host internet information services

Answer 62

distributed denial of service protection

Question 63

you want to create a rule that restricts network traffic across subscriptions

Answer 63

azure firewall

Question 64

(T/F) Azure virtual desktop supports remote desktop clients on MacOS and iOS

Answer 64

True

Question 65

(T/F) you are in charge for the use of azure virtual desktop for a monthly basis according to active users

Answer 65

false

Question 66

(T/F) azure virtual desktop users should exisit in the same windows server active directory that is linked to azure ad

Answer 66

true

Question 67

Which azure resource fits this scenario
migrate a workload from an on-premise hyper v host to azure, still retaining full control over the operating system

Answer 67

azure virtual machine

Question 68

Which azure resource fits this scenario
deploy a web application using platform as a service for scalability and security

Answer 68

azure app services

Question 69

Which azure resource fits this scenario
build an event driven solution and pay only for the time you spent running your code

Answer 69

azure funcitons

Question 70

Which two options can you use to connect azure virtual networks to each other?

Answer 70

VPN Gateways
VNet Peering

Question 71

_____ is a service that enables private connectivity between your on-premise network and microsoft azure or microsoft 365

Answer 71

Azure expressroute

Question 72

_________ is a global endpoint that works at layer 7(https/’http) to enable fast, secure, and widely scalable web applications

Answer 72

azure front door

Question 73

___________ azure traffic manager is a DNS based traffic load balancer that allows optimal distribution of traffic to azure services spread across global azure region

Answer 73

azure traffic manger

Question 74

(T/F) Expressroute traffic is routed through a private connection

Answer 74

True

Question 75

(T/F) Traffic between peered virtual network is routed over the public internet

Answer 75

False

Question 76

(T/F) A vnet is created within the scope of the region

Answer 76

True

Question 77

________ enables you to perform automated deployment from azure devops

Answer 77

Azures App service

Question 78

________is a cloud-based set of tools and services for software developers

Answer 78

Azure Devops

Question 79

_______is a data management tool that enables you to connect to and quert data stores, build visually stunning reports, and custom analytics solutions

Answer 79

Azure Data Studio

Question 80

_______is a family of cloud based relational database services built on microsoft sql server technology

Answer 80

Azure sQL

Question 81

Creating highly portable, scalable app instances that includes the binaries and libraries required to run can be done using ______

Answer 81

containers

Question 82

(T/F) Virutal network peering can be sued to connect virtual networks across azure regions

Answer 82

True

Question 83

(T/F) Virtual netwrok peering can be used to transfer data between azure active directory tenants

Answer 83

True

Question 84

(T/F) Configuring peering requires a short downtime for the peered virtual network

Answer 84

False

Question 85

You manage a developed team that needs to focus all its efforts on creating and maintaining application code. Your team does not have the resources to provision and scale the infrastructure your applications required to run. What should you do?

Answer 85

Create an azure function subscription and upload your code

Question 86

_____typically contain only the binaries and libraries to run a single app or service

Answer 86

containers

Question 87

_____is a stored virtual machine machine configuration. used to speed up deployment of frequently used operating system configurations

Answer 87

template

Question 88

_____provides an automated way to control and automate many of the same tasks that can be performed through azure portal such as creating and managing machines, networking, storage, and more. can also be used to manage multiple azure subscriptions and save time by avoiding the manual entry of repetitive commands

Answer 88

Azure command line interface

Question 89

you need to bring azure storage into your virutal network with a dedicated ip address what do you do?

Answer 89

create a private endpoint with azure private link

Question 90

a company wants to host data disks in the azure cloud. The data disk must be available to other on-premise machines running windows, linux, and mac os using network sharing via server message block protocol . data must be secure both at rest and in transit. Which storage product solution?

Answer 90

File storage

Question 91

___ stores data as a virtual hard disk that is available to the vm to which the disk is attached. does not provide any outside access

Answer 91

disk storage

Question 92

_____ designed for storing large quantities of unstructured data.

Answer 92

blob storage

Question 93

____ provides storage to retrieve and persist state

Answer 93

Azure files

Question 94

planning to deploy and need to meet the following requirements:
-up to 10 tb of storage
-azure premium storage
-point in time restore for up to 35 days
need to select deployment and pricing tier

Answer 94

Azure database for Postgres SQL SIngle Server General purpose tier( supports up to 16tb and uses azure premium storage. point in time is met by all azure database for postgres SQL deployments

Question 95

you need to ensure that your database can scale horizontally and suport the query parallelization for faster response on a large dataset, without your teams involvement in database or operating system. which deployment option of postgres should you use?”

Answer 95

Azure database for postgres sql hyperscale (citus)

Question 96

Which resource fit this scenario?
fast migration of sql server from on-premise to azure with retention of operating system access

Answer 96

sql server on azure vms

Question 97

Which resource fit this scenario?
cost-effective, serverless database with an intermittent usage pattern and a low compute utilization over time

Answer 97

azure sql databricks

Question 98

Which resource fit this scenario?
live=and shift of on premise sql server with minimal changes to an azure platform as a service solution

Answer 98

azure sql managed instances

Question 99

which two solutions should you use to transfer an on-premise virtual hard disk to azure?

Answer 99

Azure storage explorer
azCopy

Question 100

match azure storage blob with associated desc
incurs penalties for data deleted within days

Answer 100

cool

Question 101

match azure storage blob with associated desc
is not available at account level

Answer 101

archive

Question 102

match azure storage blob with associated desc
incurs highest rehydration cost

Answer 102

archive

Question 103

blob storage:
____ offers highest performance and lowest access latencies but is more expensive storage tier. intend to hold data that is accessed frequently

Answer 103

hot

Question 104

blob storage:
____ tier is designed to hold data that only requires infrequent access. must be stored for at least 30 days

Answer 104

cool

Question 105

blob storage:
___designed to hold data that is rarely requires access. not available at account level

Answer 105

archive

Question 106

_________ storage account supports blob, queue, and table storage services

Answer 106

standard general-purpose v2

Question 107

(T/F) azure file can be access using the server mesasge block protocol

Answer 107

True

Question 108

(T/F) azure files can be accessed using the network file system protocol

Answer 108

True

Question 109

(T/F) a share access signature is required to access azure files

Answer 109

False

Question 110

as part of a cloud migration, your azure cloud implementation has been initially seeded with 100tb of data. as the migration cointinues you need to periodically migrate data to azure using server message block. what two solutions meet this requirement?

Answer 110

Azure files
azure data box gateway

Question 111

(T/F) virtual network from multiple subscriptions in your organization can link to the same azure ddos protection plan

Answer 111

True

Question 112

which license should you use?
you want to publish on premise web apps using azure ad

Answer 112

premium

Question 113

Which license should you use?
you want to use an on premise directory synchronization

Answer 113

free

Question 114

Which license should you use?
you want on premise users to be able to reset their own passwrods

Answer 114

premium

Question 115

(T/F) azure ad authentication and authorization support required integration with an on premise ad

Answer 115

false

Question 116

(T/F) web apps must be registered with azure ad to support authentication and authorization services

Answer 116

True

Question 117

(T/F) azure ad supports authorization through the use of role based access control

Answer 117

True

Question 118

What does Azure ad premium p1 edition support?

Answer 118

Rolebased access control and conditional access

Question 119

Included in azure ad p2 license

Answer 119

identity protection, service entitlement management, and privileged identity management, just in time access

Question 120

authentication types supported by both sspr and mfa are

Answer 120

password
sms
voicecall

Question 121

sspr authentication supports

Answer 121

passwrod, sms, voicecall, security question, email address

Question 122

you need a security solution that helps provision, manage, and deploy secure socket layer/ transport layer security certificates. what should you use?

Answer 122

key vault

Question 123

key vault features

Answer 123

-store cryptographic keys
-secure storage and controlled access to token ,password, certificates, api keys
-created and controlling encryption keys used to encrypt data
-provisioning, managing and deploying both public and private ssl/tls certificates
-secrets and keys protected by software or federal information processing standard

Question 124

microsoft defender for identity helps

Answer 124

-advance threats and protect hybrid computing enviornment
-monitor users, entity behavior and credentials stored in active directory
-provide clear incident information

Question 125

(T/F) microsoft defender for cloud supports monitoring, security recommendations, and advanced threat protection for cloud and on-premise virtual machine resources

Answer 125

True

Question 126

(T/F) Microsoft defender for cloud provides native integration with microsoft defender antivirus in windows

Answer 126

True

Question 127

(T/F) microsoft defender for cloud support is limited to windows operating system only

Answer 127

false

Question 128

(T/F) microsoft defender for cloud can automatically discover and assess security for new azure resources as they are deployed

Answer 128

True

Question 129

your azure tenaants include several internet facing web services. the web servers reply on data stored on azure sql database servers. the web servers are located in different virtual network subnets. the database servers have their endpoints exposed to subnets. you need to implement detailed controls over the type of connections supported between teh web servers and databse serves. you want to minimize the efforts and cost necessary to implement and paintain your solution

Answer 129

application security groups
network security groups

Question 130

which azure security solution provides general security recommendation and suggest remidies to better secure your resoruces?

Answer 130

microsoft defender for cloud

Question 131

is it true about azure dedicated host? a provided physical server is dedicated to your organizations workload only

Answer 131

true

Question 132

is it true about azure dedicated host? you can share a provided physical server across you rmutiple azure subscriptions

Answer 132

false

Question 133

is it true about azure dedicated host? you are charged per number of virtual machines deployed

Answer 133

false

Question 134

which two organiztion-level insights can you derive from the regulatory compliance dashboard of microsoft defender for cloud?

Answer 134

number of passing and failing assignments
overall compliance score

Question 135

azure intergrates with ____ to help prevent, detect , and respond to threats to azure resources

Answer 135

microsoft defender for cloud

Question 136

application security groups lets you

Answer 136

organize simialr services so you can easily define and implement security policies based on those groups

Question 137

factors that affect cost of an app service

Answer 137

instance type
number of instances
operating system
region
tier

Question 138

select appropiate cost control mechanism:
your company plans to commit to a three year plan for virtual machines and storage resources to recieve a reduction in pay as you go prices

Answer 138

azure reservations

Question 139

select appropiate cost control mechanism
your company plans ot make use of a free saas solution that lets your company monitor, allocate and optimize cloud spend in multi cloud enviornment

Answer 139

azure cost management

Question 140

select appropiate cost control mechanism
your company wants to increase defauly limit on how many select resources of each type can be provisioned per azure region

Answer 140

azure resource manager

Question 141

(t/f) spot pricing provides access to discounted azure compute resources

Answer 141

false

Question 142

(t/f) spot virtual machines use the standard service level agreement for azure vms

Answer 142

true

Question 143

(t/f) you can set the maximum price that you agree to pay

Answer 143

True

Question 144

billing zone is a geographical grouping of azure regions used to determine billing based on _______

Answer 144

data transfers

Question 145

(t/f) azure advisor makes shutdown recommendation based on cpu and memory utilization over the last seven days

Answer 145

false

Question 146

(t/f) you can use azure advisor to reduce cost by resizing underutilized virtual machines

Answer 146

true

Question 147

(t/f) tags can aid in cost management for your subscription, and each tag consist of a name, location, and value

Answer 147

false

Question 148

you need to compare the cost of running an application workload in azure vs on premise. what should you do to ensure that you can use azure tco calculator to complete the task?

Answer 148

define server, database, storage, and networking workload

Question 149

what resource or features fit this scenario?
you want to ensure that only virtual machines of a specific size are deployed to a resource group

Answer 149

policy

Question 150

what resource or features fit this scenario?
you want to manage a collection of policy definitions

Answer 150

initiative

Question 151

what resource or features fit this scenario?
you want to prevent virtual machines from being deleted by anyone after they are deployed

Answer 151

lock

Question 152

what resource or features fit this scenario?
you want to prevent virtual machines from being deployed in a subscription

Answer 152

policy

Question 153

what resource or features fit this scenario?
you want to review security recommendations related to deploying your resources

Answer 153

advisor

Question 154

what resource or features fit this scenario?
you want to control the users who are allowed to create virtual network

Answer 154

rbac

Question 155

what resource or features fit this scenario?
you want to ensure that only sql database instances can be added to a resourced named database-rg

Answer 155

policy

Question 156

what resource or features fit this scenario? you want to ensure that only members of the sales group can access virtual machines in the sales-rg resource group

Answer 156

rbac

Question 157

(T/F) locks can be applied in the context of specific users and roles

Answer 157

false

Question 158

(T/F) when multiple locks are applied at different scopes, the most restrictive inherited lock applies

Answer 158

true

Question 159

(T/F) a lock applies to all the resource contained in a scope and any new resources added to the scope

Answer 159

True

Question 160

(T/F) role based access control roles takes precedence over locks

Answer 160

false

Question 161

your company wants to ensure that it meets its internal compliance goals and that azure resource are compliant with company standards. this will include ongoing evaluation for compliance and the identification of non-compliant resources. what should you use?

Answer 161

azure policy

Question 162

What should you use in this scenario?
you need to use information from azure security center to develop best practices recommendation for optimization

Answer 162

azure advisor

Question 163

What should you use in this scenario?
you need to define a set of policies to help ensure compliance for resources contained in a resource group

Answer 163

initiative

Question 164

your company uses azure blueprints to assist with its migration to azure. should be able to assign and publish blueprints what role should they be assigned?

Answer 164

blueprint operator

Question 165

(T/F) when a blueprint is updated and the updated version is published, any assignment of the blueprints are updated automatically

Answer 165

false

Question 166

(T/F) when a blueprint is unassigned, all of the resources assigned by the blueprint remains in place, but blueprint resource locking is removed

Answer 166

true

Question 167

(T/F) when you delete a core blueprint, any assigned versions of the blueprint remains in place

Answer 167

true

Question 168

(T/F) an initative is limited to being assigned to resource group or subscription only

Answer 168

false

Question 169

(T/F) when an ititiative assignment is evaluated, all of the policies in that initiative are evaluated

Answer 169

true

Question 170

(T/F) an initiative can only contain policies that are located in the same subscription

Answer 170

true

Question 171

an azure initiative

Answer 171

is a collection of azure policies targeted toward reaching a single overall goal

Question 172

which azure management tool provides a graphic interface for deploying, managing, and monitoring azure reosurces?

Answer 172

azure protal

Question 173

(T/F)azure powershell can be used to create scripts to automate azure management tasks

Answer 173

true

Question 174

(T/F) azure powershell virtual machine management is limtied to windows vm only

Answer 174

false

Question 175

(T/F) azure powershell can be run in a browser in the azure cloud shell

Answer 175

true

Question 176

(T/F) azure resource manager templates use azure powershell syntax

Answer 176

false

Question 177

which ui elements best match the descriptions
a collection of customizable tiles that are displayed in the portal

Answer 177

dashboard

Question 178

which ui elements best match the descriptions
a panel that slides out in a navigation sequesnce

Answer 178

blade

Question 179

which ui elements best match the descriptions
a service that provides recommendation on high availability

Answer 179

azure advisor

Question 180

(T/F) when running azure powershell with cloud shell, both linux specific and windows specific functionality is available

Answer 180

false

Question 181

(T/F) cloud shell times out after 20 min of inactivity

Answer 181

true

Question 182

(T/F) cloud shell provides a way to run azure command line interface and azure powershell on ios and android mobile devices

Answer 182

True

Question 183

you deploy a new linux virtual machine and then manually adjust its configuration in azure portal to meet the requirements of your department vms configuration after the original deployment, so that you can reuse it as a template in the deployment of test an production vms
which two actions can you perform to achieve your goal?

Answer 183

export the azure resource manager templates from a resource
export the azure resource manager template from a resource group

Question 184

what cases is service health beneficial?

Answer 184

-you want to be notified if your app service usage exceeds the usage quota
-you want to respond to planned service outage in virginia
-you want to implement a webhook on you website to display health incidents

Question 185

which feature of azure monitor allows you to visually analyze telemetry data

Answer 185

application isnights

Question 186

which monitoring features should you use for each scenario?
you want you and your team members to receive a text message when azure maintenance is planned

Answer 186

health alerts

Question 187

which monitoring features should you use for each scenario?
you want to view the azure features that are planned to be deprecated

Answer 187

health advisories

Question 188

which azure service can use autoscale to add or remove resources as appropriate to minimize cost and ensure optimum performance levels

Answer 188

azure monitor

Question 189

which azure component provides information about planned maintenance and advisories such as deprecated offerings?

Answer 189

azure service health

Question 190

a coworker informs you of a planned azure maintenance window. you attempt to verify this information using the tools shown. You are still uncertain if the maintenance will impact the services you use. What should you do to determine how this maintenance might impact your organization?

Answer 190

verify any planned maintenance via the service health dashboard