Core Azure services Flashcards
“Which solution is recommended to protect against a hardware failure within a data center?
a) Availability Set
b) Availability Zone (AZ)
c) Region pair
d) Proximity placement group”
(a)
Answer (b) is recommended to protect against a single data center outage in a region;
Answer (c) is recommended to protect against an entire region failure;
Answer (d) is recommended where low latency is required between infrastructure components.
“At which management scope can role-based access control (RBAC) and Azure Policy be targeted?
a) Management group
b) Subscription”
“c) Resource group
d) Resource
e) Tag”
(a), (b), (c), (d)
Answer (e) is not a management scope; it is a governance control.
“Which limitations apply to management groups?
a) The scope is per tenant.
b) Only one parent management group is supported and cannot be deleted or moved.
c) Management groups can include resource groups or resources.”
(a), (b)
Management groups can only contain subscriptions, not resources or resource groups.
“A management group acts as a billing mechanism.
a) True
b) False”
False—a subscription acts as a billing mechanism.
“Which are mandatory to specify when creating a resource?
a) Management group
b) Subscription
c) Resource group”
(b), (c)
“A subscription can have multiple owners.
a) True
b) False”
True
“An Azure Active Directory (Azure AD)-assigned role gives access to Azure roles.
a) True
b) False”
False
Azure AD-assigned roles do not span Azure roles; access must be explicitly given to access Azure resources.
“The Azure AD Global Administrator role has default access to Azure resources.
a) True
b) False”
False
The Azure Global Administrator does not have default access to Azure resources.
“The Contributor role has full access to all Azure resources in a subscription and can create access to others.
a) True
b) False”
False
Only the Owner role can create access to others.
“Only internal members of the Azure AD tenant can be given access to Azure resources.
a) True
b) False”
False
Only external business-to-business (B2B) and guest-invited users can be given access to Azure resources.
“Which of the following does not provide a core Azure platform architecture component functionality provided by Azure Resource Manager (ARM)?
a) Creation of resources and dependencies; applying governance and compliance controls
b) Repeatable life cycle deployments; uses template files through JavaScript Object Notation (JSON) to define deployment of resources
c) Identity and Access Management (IAM)
d) Security posture management”
(c)
Security Posture Management
“Which of the following characteristics relate to resource groups?
a) Resources must belong in a resource group and can only exist in one resource group, but can be moved between resource groups.
b) Resource groups contain metadata about the resources they include.
c) Deleting a resource group will remove all resources within that resource group but not delete the subscription or tenant.”
(a), (b), (c)
“The Azure Marketplace can be used to find details of third-party services and software that have been validated to run in Azure and also create those resources.
a) True
b) False”
True
“Which of the following requirements will determine using a VM as a compute service?
a) There is a need to provide control and direct access to the compute layer.
b) There are customization requirements, such as customizing the operating system, any software/applications, and runtimes.
c) There is a need to extend on-premises computing capacity, maybe for development and testing, DR, and business-continuity scenarios.”
(a), (b), (c)
“Which of the following VM types would it be appropriate to select when the workload is memory-intensive and requires a high memory-to-central processing unit (CPU) ratio?
a) D series
b) E series
c) F series
d) N series
(b)
Answer (a) is for general-purpose workloads with a balanced CPU-to-memory ratio;
Answer (c) is for CPU-intensive workloads with a high CPU-to-memory ratio;
Answer (d) is for graphical workloads where a GPU is required.”
