ESI Flashcards
RG1
-VM1 (Linux)
You need to automate the deployment of 20 additional VMs (identical config to VM1)
a) From VM1’s Export Template settings blade, click deploy and the edit the parameters?
b) Store the Linux VM properties in a template and deploy additional VMs by editing the template parameter values?
c) From RG1’s policies blade, assign a policy
a) yes, once you export the template you can deploy multiple instances by editing template parameters
b) yes
c) no
You want to install an internet facing web application name WebApp1 on multiple VMs. The VMs must run Windows Server 2019. Connections to WebApp1 must be spread across all VMs. The VMs must be located in separate datacenters in the same regions. The SLA must be the highest possible.
a) Create 3 VMs (each in a different availability zone) and create and configure a standard load balancer.
b) Create an availability set with three VMs, three fault domains, three update domains and create a basic load balancer.
c) Create three VMs in a single VNet, each in a different Availability Zone and use Azure Front Door
d) Create 3 Vms, set the Availability Zone to 1, create a zone-redundant load balancer.
a) yes. You 2 or more VMs in different availability zones in the smae region to acquire an SLA 99.99
b) no
c) no, Azure Front Door
d) no. Only 1 Availability Zone!
VNet1
- Subnet1 (10.0.0.0/24)
- -VM1
- -VM2
- -VM3
- -VM4
- Subnet2 (10.0.1.0/24)
- -VM5
- -VM6
- Subnet3 (10.0.4.0/24)
- -Container Group MyCon01
Deploy a new container group that must be able to communicate with VM5 and VM6.
a) Deploy container group to subnet 2?
b) Deploy container group to subnet 3?
c) Create a new subnet to host the container group?
a) No. You cannot deploy a container group on a subnet that already has resources (that are not container groups)!
b) Yes. You can deploy a container group to a subnet that already hosts a container group.
c) Yes. You can deploy a container group to a subnet that does not contain any other resources.
You deploy a web app named MYApp on Free pricing tier App Service named MyPlan. You discover tha MyApp stops after 60 minutes and it cannot be restarted until the next day.
You need to ensure that MyApp can run eight hours each day during the testing period and keep additional costs to a minimum.
a) Change the pricing tier for My Plan to Shared D1
b) Change the pricing tier for My Plan to Basic B1
c) Change the pricing tier for My Plan to Standard S1
a) No, this plan does not allow for eight hours of CPU time.
b) Yes, This is the least expensive plan that supports 24hour CPU time.
c) No. It is more expensive than needed to run eight hours of CPU time.
Company1 wants to deploy ASP.net application on Azure that will connect to databases located in on-premises datacenters.
- All traffic between on-prem and Azure should be encrypted
- Traffic should not flow over the internet
- connection should provide predictable performance for applications accessing the databases.
a) Create a site-to-site VPNM connection that uses encryption in transit
b) Create an ExpressRoute Circuit between your internet service provider and Azure
c) Provide a public HTTPS endpoint to your databases that the apps connect to
a) No. Traffic will flow via the internet and speed will be dictated by internet speeds.
b) Yes. ExpressRoute does not go over the internet, provides encryption options.
c) No. exposing a database endpoint over the internet is a security risk.
VM1
VM2
RSV Vault1
-Both VMs back up to Vault1 but you need to delete it to re-organize the configuration for Azure Backup.
What three actions must be performed?
Delete VM1 and VM2
Disable the soft delete and delete all the data
Delete the backup policy
Permanently remove any items in the soft delete state
Stop the backup of VM1 and VM2
Disable the soft delete and delete all the data.
Permanently remove any items in the soft delete state.
Stop the backup of VM1 and VM2.
You deploy an Azure Application Gateway to host multiple instances of an application. User session state is saved locally on a server for a user session.
You need to ensure that the Application Gateway is configured to support this requirement.
Which feature do you need to configure?
a) session affinity
b) SSL/TLS termination
c) redirection
d) URL-based routing
a) session affinity uses cookie-based session to ensure that a user session is continued on the same server.
You need to create an App Service Plan that will allows an Web App to autoscale and support up to 20 instances of the web app.
Which pricing tier should you choose?
Premium
Standard
Shared
Basic
Premium.
Your company has several applications deployed in Azure in different types of resources. Your company’s main office is connected to its Azure subscription by a single site-to-site Azure VPN.
Your company requires the connection with the Azure subscription to be highly available. You need to provide the most reliable and cost effective solution.
What three actions should you perform?
a) two new Azure VPN Gateways with one public IP address each.
b) two VPN tunnels between one on-prem VPN device and one VPN public IP address
c) VPN tunnel between each on-prem VPN device and an Azure Gateway
d) new VPN Gateway with two public IP addresses
e) add a public IP address and gateway IP address configuration to the existing gateway
f) Purchase a new on-prem VPN device
g) Create a VPN tunnel between each on-prem device and each VPN public ip address
e) adding a public IP and gateway allows you to configure your VPN Gateway in active-active mode to take advantage of additional internet connection.
f) an additional VPN device is required to make the connection highly available
g) by creating a VPN tunnel between each on-prem device and exah VPN public ip address, traffic can be redirected in case of failure.
True of False.
a) Multi-container groups support Linux containers only?
b) You can deploy a multi-container group form Resource Manager template or a YAML file?
c) Container groups can scale up as necessary to create additional container instances as necessary?
a) true.
b) true.
c) false.
Several VMs are located in a VNet named prod-vnet. These VMs are used internally and are accessible by the internet.
You need to provide development staff with secure access to object and table data to support their Azure-based applications. Storage account data must reside in Azure but must not be exposed to the internet
Which two action should be performed?
a) Configure a Point-to-site vp2
b) configure an Azure Content Delivery Network profile
c) Deploy an Azure File Sync Group
d) Configure a service endpoint
e) Deploy a general purpose storage account
f) deploy a blob storage account
d) and e).
A a general purpose storage account provides both blob object and table storage.
VNet01
- Subnet1
- -VM1
- -VM2
- -VM3
- Subnet2
- -VM4
- -VM5
- Subnet3
- -VM6
- -VM7
Use NGSs to manage network traffic security to:
- Allow all connections to VM4, VM5, VM6, VM7
- Allow all connections between VM1, VM2, VM3
- Block all external remote Desktop connections with VM1
What is the minimum number of ngs you should create?
1, 3, 4, or 7 ?
an NSG assigned to Subnet2 and Subnet3 to allow connections from the internet and deny any other connections.
an NSG assigned to subnet1 to allow connections between VMs and deny any other connections
an NSG assigned to VM1 to block Remote Desktop Connections.
An Azure web app named MyApp runs as two instances hosted in a Basic App Service plan named MyPlan.
Users complain about app performance during peak periods. It is determined that the instances do not have sufficient CPU resources during peak use.
You must ensure that additional CPU resources are made available only when required because of use levels.
What should you do first?
a) Create a scale rule
b) Scale up the pricing tier
c) stop MyApp
d) enable Autoscale.
b) you need to scal upo the pricing tier first. Standard S1 is the lowest pricing tier that supports Autoscale!!
VMs in prod-vnet should only run between 7am and 7pm.
Which Azure feature can be used to automate the shutdown and startup of the VMs to reduce costs.
a) Azure Change Tracking
b) Azure Automation runbook
c) Azure Auto-shutdown
d) Azure Automation Desired State Configuration (DSC)
b) Azure Automation runbook. Allows you to publish PowerShell or Python scripts in Azure and optionally schedule Azure to run them automatically.
A Ubuntu Linux server linux1 was deployed to a VNet.
Emergency remote management of linux1 from a Windows 10 Enterprise Edition workstation is required. What should you do to minimize both setup time and admin costs?
Connect to the VM by using:
a) Remote Desktop Protocol (RDP) and Remote Desktop Connection
b) RDP and PowerShell Core 6.0
c) Secure Shell (SSH) and Windows Subsystem for Linux
d) (SSH) and Azure Cloud Shell
d) SSH is the default protocol for remote Linux server management. Azure Cloud Shell is a browser-based command shell (not installation required)
NOT c) WSL needs to be installed first.