Exam Questions Flashcards
Q1
Your company has serval departments. Each department has a number of virtual machines (VMs).
The company has an Azure subscription that contains a resource group named RG1.
All VMs are located in RG1.
You want to associate each VM with its respective department.
What should you do?
A Create Azure Management Groups for each department.
B Create a resource group for each department.
C Assign tags to the virtual machines.
D Modify the settings of the virtual machines.
Correct Answer C
Q2
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the multi-factor authentication page to alter the user settings.
Does the solution meet the goal?
A Yes
B No
Correct Answer: B
The correct approach for ensuring that members of the Global Administrators group use Multi-Factor Authentication and an Azure AD-joined device from untrusted locations is through a Conditional Access policy. Adjusting the multi-factor authentication settings alone, as the proposed solution suggests, does not address the requirement for the device state or the specific user group conditions. Conditional Access policies enable granular control to enforce MFA and check if the device is Azure AD-joined, crucially meeting all the conditions set in the scenario. Hence, altering the conditional access policy within Azure AD is the right method.
Q3
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the Azure portal to alter the session control of the Azure AD conditional access policy.
Does the solution meet the goal?
A Yes
B No
Correct Answer: B
The provided solution does not meet the requirement because it incorrectly focuses on altering session control rather than grant control. To correctly configure the Azure AD conditional access policy as required, one must adjust the grant control settings. This involves ensuring that the policy mandates Multi-Factor Authentication and the use of an Azure AD-joined device for Global Administrators accessing Azure AD from untrusted locations. Hence, changing the grant control is necessary to enforce these specific conditions effectively.
Q4
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the Azure portal to alter the grant control of the Azure AD conditional access policy.
Does the solution meet the goal?
A Yes
B No
Correct Answer: A
Yes, the solution provided is indeed suitable for meeting the specified goal. When configuring Azure AD conditional access policies, altering the grant control settings through the Azure portal is the correct approach. This method allows administrators to enforce requirements for Multi-Factor Authentication and the use of Azure AD-joined devices for members of the Global Administrators group when accessing from untrusted locations. This ensures that both authentication factors are in place, enhancing security protocols effectively.
Q5
You are planning to deploy an Ubuntu Server virtual machine to your company’s Azure subscription.
You are required to implement a custom deployment that includes adding a particular trusted root certification authority (CA).
Which of the following should you use to create the virtual machine?
A The New-AzureRmVm cmdlet.
B The New-AzVM cmdlet.
C The Create-AzVM cmdlet.
D The az vm create command.
Correct Answer: D
The az vm create command. you need to create an Ubuntu Linux VM using a cloud-init script for configuration.
For example,
az vm create -g MyResourceGroup -n MyVm --image debian --custom-data MyCloudInitScript.yml
Q6
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.
After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.
To achieve this, the Per Enabled User setting must be set for the usage model.
Solution: You reconfigure the existing usage model via the Azure portal.
Does the solution meet the goal?
A Yes
B No
Correct Answer: B
Since it is not possible to change the usage model of an existing provider as it is right now, you have to create a new one and reactivate your existing server with activation credentials from the new provider.
Q7
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company’s Azure solution makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.
After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.
To achieve this, the Per Enabled User setting must be set for the usage model.
Solution: You reconfigure the existing usage model via the Azure CLI.
Does the solution meet the goal?
A Yes
B No
Correct Answer: B
Since it is not possible to change the usage model of an existing provider as it is right now, you have to create a new one and reactivate your existing server with activation credentials from the new provider.
The usage model for Multi-Factor Authentication (MFA) in Azure AD is a crucial factor to consider when implementing MFA for your organization.
Once an MFA provider is created, the usage model cannot be changed.
Carefully evaluate your organization’s needs and future plans before selecting a usage model (per enabled user or per authentication).
Incorrectly choosing a usage model can lead to unexpected costs or limitations.
Therefore, it’s essential to plan ahead and potentially create multiple MFA providers if you anticipate changes in your MFA requirements.
Q8
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company’s Azure solution makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.
After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.
To achieve this, the Per Enabled User setting must be set for the usage model.
Solution: You create a new Multi-Factor Authentication provider with a backup from the existing Multi-Factor Authentication provider data.
Does the solution meet the goal?
A Yes
B No
Correct Answer: A
Since it is not possible to change the usage model of an existing provider as it is right now, you have to create a new one and reactivate your existing server with activation credentials from the new provider.
Q9
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) tenant named weyland.com that is configured for hybrid coexistence with the on-premises Active
Directory domain.
You have a server named DirSync1 that is configured as a DirSync server.
You create a new user account in the on-premise Active Directory. You now need to replicate the user information to Azure AD immediately.
Solution: You run the Start-ADSyncSyncCycle -PolicyType Initial PowerShell cmdlet.
Does the solution meet the goal?
A Yes
B No
Correct Answer: B
B. No
The Start-ADSyncSyncCycle -PolicyType Initial
PowerShell cmdlet will force an initial synchronization of your on-premises Active Directory with Azure AD. This will sync all objects, including the newly added users, to Azure AD.
However, this cmdlet does not change the MFA configuration or enforce MFA for the new users. It only synchronizes the user objects to Azure AD.
To enforce MFA for the new users, you would need to:
- Enable MFA for the new users: This can be done through the Azure AD portal or using PowerShell cmdlets.
- Configure the MFA policy: Ensure the correct MFA policy (per enabled user) is applied to the users.
Therefore, while the cmdlet is useful for synchronizing user objects, it does not address the core issue of enforcing MFA for the new users.
Q10
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) tenant named weyland.com that is configured for hybrid coexistence with the on-premises Active
Directory domain.
You have a server named DirSync1 that is configured as a DirSync server.
You create a new user account in the on-premise Active Directory. You now need to replicate the user information to Azure AD immediately.
Solution: You use Active Directory Sites and Services to force replication of the Global Catalog on a domain controller.
Does the solution meet the goal?
A Yes
B No
B. No
Using Active Directory Sites and Services to force replication of the Global Catalog on a domain controller will not enforce Multi-Factor Authentication (MFA) for new users.
While it’s essential to have a healthy Active Directory environment, including proper Global Catalog replication, this action does not directly address the MFA requirement.
To enforce MFA for new users, you need to:
1. Enable MFA for the specific users in Azure AD.
2. Configure the correct MFA policy (per enabled user) to apply to these users.
These steps are focused on the authentication and authorization aspect, which is directly related to MFA enforcement.
Q11
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) tenant named weyland.com that is configured for hybrid coexistence with the on-premises Active
Directory domain.
You have a server named DirSync1 that is configured as a DirSync server.
You create a new user account in the on-premise Active Directory. You now need to replicate the user information to Azure AD immediately.
Solution: You restart the NetLogon service on a domain controller.
Does the solution meet the goal?
A Yes
B No
No.
As described here
If you need to manually run a sync cycle, then from PowerShell run Start-ADSyncSyncCycle -PolicyType Delta
.
To initiate a full sync cycle, run Start-ADSyncSyncCycle -PolicyType Initial
from a PowerShell prompt.
Running a full sync cycle can be very time consuming, so if you need to replicate the user information to Azure AD immediately then run Start-ADSyncSyncCycle -PolicyType Delta
.
Q12
Your company has a Microsoft Azure subscription.
The company has datacenters in Los Angeles and New York.
You are configuring the two datacenters as geo-clustered sites for site resiliency.
You need to recommend an Azure storage redundancy option.
You have the following data storage requirements:
✑ Data must be stored on multiple nodes.
✑ Data must be stored on nodes in separate geographic locations.
✑ Data can be read from the secondary location as well as from the primary location.
Which of the following Azure stored redundancy options should you recommend?
A Geo-redundant storage
B Read-only geo-redundant storage
C Zone-redundant storage
D Locally redundant storage
Correct Answer: B
RA-GRS allows you to have higher read availability for your storage account by providing read only access to the data replicated to the secondary location. Once you enable this feature, the secondary location may be used to achieve higher availability in the event the data is not available in the primary region. This is an
opt-in feature which requires the storage account be geo-replicated.
Q13
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an azure subscription that includes a storage account, a resource group, a blob container and a file share.
A colleague named Jon Ross makes use of a solitary Azure Resource Manager (ARM) template to deploy a virtual machine and an additional Azure Storage account.
You want to review the ARM template that was used by Jon Ross.
Solution: You access the Virtual Machine blade.
Does the solution meet the goal?
A Yes
B No
Q14
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an azure subscription that includes a storage account, a resource group, a blob container and a file share.
A colleague named Jon Ross makes use of a solitary Azure Resource Manager (ARM) template to deploy a virtual machine and an additional Azure Storage account.
You want to review the ARM template that was used by Jon Ross.
Solution: You access the Resource Group blade.
Does the solution meet the goal?
A Yes
B No
Correct Answer: A (Yes)
To view a template from deployment history:
1. Go to the resource group for your new resource group. Notice that the portal shows the result of the last deployment. Select this link
2. You see a history of deployments for the group. In your case, the portal probably lists only one deployment. Select this deployment
3. The portal displays a summary of the deployment. The summary includes the status of the deployment and its operations and the values that you provided for parameters. To see the template that you used for the deployment, select View template
Q15
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an azure subscription that includes a storage account, a resource group, a blob container and a file share.
A colleague named Jon Ross makes use of a solitary Azure Resource Manager (ARM) template to deploy a virtual machine and an additional Azure Storage account.
You want to review the ARM template that was used by Jon Ross.
Solution: You access the Container blade.
Does the solution meet the goal?
A Yes
B No
Q16
Your company has three virtual machines (VMs) that are included in an availability set.
You try to resize one of the VMs, which returns an allocation failure message.
It is imperative that the VM is resized.
Which of the following actions should you take?
A You should only stop one of the VMs.
B You should stop two of the VMs.
C You should stop all three VMs.
D You should remove the necessary VM from the availability set.
Correct Answer: C
If the VM you wish to resize is part of an availability set, then you must stop all VMs in the availability set before changing the size of any VM in the availability set.
The reason all VMs in the availability set must be stopped before performing the resize operation to a size that requires different hardware is that all running VMs in the availability set must be using the same physical hardware cluster. Therefore, if a change of physical hardware cluster is required to change the VM size then all VMs must be first stopped and then restarted one-by-one to a different physical hardware clusters.
Q17
You have an Azure virtual machine (VM) that has a single data disk. You have been tasked with attaching this data disk to another Azure VM.
You need to make sure that your strategy allows for the virtual machines to be offline for the least amount of time possible.
Which of the following is the action you should take FIRST?
A Stop the VM that includes the data disk.
B Stop the VM that the data disk must be attached to.
C Detach the data disk.
D Delete the VM that includes the data disk.
C. Detach the data disk.
Here’s why:
- Detaching the data disk is the first step to moving it to another VM. This process can be done while the VM is running, minimizing downtime.
- Stopping the VMs is unnecessary at this stage and would increase downtime.
- Deleting the VM is not required and would result in data loss.
By detaching the disk first, you can then proceed to attach it to the target VM with minimal interruption to both systems.
Q18
Your company has an Azure subscription.
You need to deploy a number of Azure virtual machines (VMs) using Azure Resource Manager (ARM) templates. You have been informed that the VMs will be included in a single availability set.
You are required to make sure that the ARM template you configure allows for as many VMs as possible to remain accessible in the event of fabric failure or maintenance.
Which of the following is the value that you should configure for the platformFaultDomainCount property?
A 10
B 30
C Min Value
D Max Value
Correct Answer: D
The number of fault domains for managed availability sets varies by region - either two or three per region.
Q19
Your company has an Azure subscription.
You need to deploy a number of Azure virtual machines (VMs) using Azure Resource Manager (ARM) templates. You have been informed that the VMs will be included in a single availability set.
You are required to make sure that the ARM template you configure allows for as many VMs as possible to remain accessible in the event of fabric failure or maintenance.
Which of the following is the value that you should configure for the platformUpdateDomainCount property?
A 10
B 20
C 30
D 40
Correct Answer: B
Each virtual machine in your availability set is assigned an update domain and a fault domain by the underlying Azure platform. For a given availability set, five non-user-configurable update domains are assigned by default (Resource Manager deployments can then be increased to provide up to 20 update domains) to indicate groups of virtual machines and underlying physical hardware that can be rebooted at the same time.
Q18
Your company has an Azure subscription.
You need to deploy a number of Azure virtual machines (VMs) using Azure Resource Manager (ARM) templates. You have been informed that the VMs will be included in a single availability set.
You are required to make sure that the ARM template you configure allows for as many VMs as possible to remain accessible in the event of fabric failure or maintenance.
Which of the following is the value that you should configure for the platformFaultDomainCount property?
A 10
B 30
C Min Value
D Max Value
Correct Answer: D
The number of fault domains for managed availability sets varies by region - either two or three per region.
Q20
You have downloaded an Azure Resource Manager (ARM) template to deploy numerous virtual machines (VMs). The ARM template is based on a current VM, but must be adapted to reference an administrative password.
You need to make sure that the password cannot be stored in plain text.
You are preparing to create the necessary components to achieve your goal.
Which of the following should you create to achieve your goal? Answer by dragging the correct option from the list to the answer area.
You can use a template that allows you to deploy a simple Windows VM by retrieving the password that is stored in a Key Vault. Therefore, the password is never put in plain text in the template parameter file.
key vault + access policy
But please note that now the access policy is considered a legacy way to provide access to the key vault. Now you can use RBAC.
Q21
Your company has an Azure Active Directory (Azure AD) tenant that is configured for hybrid coexistence with the on-premises Active Directory domain.
The on-premise virtual environment consists of virtual machines (VMs) running on Windows Server 2012 R2 Hyper-V host servers.
You have created some PowerShell scripts to automate the configuration of newly created VMs. You plan to create several new VMs.
You need a solution that ensures the scripts are run on the new VMs.
Which of the following is the best solution?
A Configure a SetupComplete.cmd batch file in the %windir%\setup\scripts directory.
B Configure a Group Policy Object (GPO) to run the scripts as logon scripts.
C Configure a Group Policy Object (GPO) to run the scripts as startup scripts.
D Place the scripts in a new virtual hard disk (VHD).
C. Configure a Group Policy Object (GPO) to run the scripts as startup scripts.
Explanation:
* Group Policy Objects (GPOs) are the most effective way to manage configuration settings for multiple computers in an Active Directory environment.
* By configuring the scripts to run as startup scripts, they will execute automatically on each new VM when it boots up, ensuring consistent configuration.
Why not other options:
* A. SetupComplete.cmd: This method is unreliable as it depends on the setup process and might not always execute.
* B. Logon scripts: While they run on user logon, they are not ideal for system-level configuration tasks.
* D. VHD: This option is complex to manage and doesn’t provide the same level of control as a GPO.
By using a GPO to execute the scripts as startup scripts, you ensure that the new VMs are consistently configured according to your requirements.
Q22
Your company has an Azure Active Directory (Azure AD) tenant that is configured for hybrid coexistence with the on-premises Active Directory domain.
You plan to deploy several new virtual machines (VMs) in Azure. The VMs will have the same operating system and custom software requirements.
You configure a reference VM in the on-premise virtual environment. You then generalize the VM to create an image.
You need to upload the image to Azure to ensure that it is available for selection when you create the new Azure VMs.
Which PowerShell cmdlets should you use?
A Add-AzVM
B Add-AzVhd
C Add-AzImage
D Add-AzImageDataDisk
Correct Answer: B
The Add-AzVhd cmdlet uploads on-premises virtual hard disks, in .vhd file format, to a blob storage account as fixed virtual hard disks.
“New-AzVM” is for creating new VMs, not uploading images.
“Add-AzImage” does not exist. the correct command is “New-AzImage”.
“Add-AzImageDataDisk” Adds a data disk to an image object.
“Add-AzVhd” seems to be the correct option, sing the it “Uploads a virtual hard disk from an on-premises machine to Azure (managed disk or blob).”
Q23
Your company has an Azure subscription that includes a number of Azure virtual machines (VMs), which are all part of the same virtual network.
Your company also has an on-premises Hyper-V server that hosts a VM, named VM1, which must be replicated to Azure.
Which of the following objects that must be created to achieve this goal? Answer by dragging the correct option from the list to the answer area.
For physical servers
- Storage Account
- Azure Recovery Services Vault
- Replication policy
For Hyper-v server
- Hyper-V site
- Azure Recovery Services Vault
- Replication policy
Q24
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company’s Azure subscription includes two Azure networks named VirtualNetworkA and VirtualNetworkB.
VirtualNetworkA includes a VPN gateway that is configured to make use of static routing. Also, a site-to-site VPN connection exists between your company’s on- premises network and VirtualNetworkA.
You have configured a point-to-site VPN connection to VirtualNetworkA from a workstation running Windows 10. After configuring virtual network peering between
VirtualNetworkA and VirtualNetworkB, you confirm that you are able to access VirtualNetworkB from the company’s on-premises network. However, you find that you cannot establish a connection to VirtualNetworkB from the Windows 10 workstation.
You have to make sure that a connection to VirtualNetworkB can be established from the Windows 10 workstation.
Solution: You choose the Allow gateway transit setting on VirtualNetworkA.
Does the solution meet the goal?
A Yes
B No
Answer: B. No
“After configuring virtual network peering between
VirtualNetworkA and VirtualNetworkB, you confirm that you are able to access VirtualNetworkB from the company’s on-premises network.” This indicates the Allow/Use gateway transit is set up working. The next step will be restart/reinstall the VPN-Client config at the windows 10 WS.
Q25
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company’s Azure subscription includes two Azure networks named VirtualNetworkA and VirtualNetworkB.
VirtualNetworkA includes a VPN gateway that is configured to make use of static routing. Also, a site-to-site VPN connection exists between your company’s on- premises network and VirtualNetworkA.
You have configured a point-to-site VPN connection to VirtualNetworkA from a workstation running Windows 10. After configuring virtual network peering between
VirtualNetworkA and VirtualNetworkB, you confirm that you are able to access VirtualNetworkB from the company’s on-premises network. However, you find that you cannot establish a connection to VirtualNetworkB from the Windows 10 workstation.
You have to make sure that a connection to VirtualNetworkB can be established from the Windows 10 workstation.
Solution: You choose the Allow gateway transit setting on VirtualNetworkB.
Does the solution meet the goal?
A Yes
B No
Answer: B. No
After reconfiguring \ creating peering existing point-to-site VPN connections need to be recreated
Q26
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company’s Azure subscription includes two Azure networks named VirtualNetworkA and VirtualNetworkB.
VirtualNetworkA includes a VPN gateway that is configured to make use of static routing. Also, a site-to-site VPN connection exists between your company’s on- premises network and VirtualNetworkA.
You have configured a point-to-site VPN connection to VirtualNetworkA from a workstation running Windows 10. After configuring virtual network peering between
VirtualNetworkA and VirtualNetworkB, you confirm that you are able to access VirtualNetworkB from the company’s on-premises network. However, you find that you cannot establish a connection to VirtualNetworkB from the Windows 10 workstation.
You have to make sure that a connection to VirtualNetworkB can be established from the Windows 10 workstation.
Solution: You download and re-install the VPN client configuration package on the Windows 10 workstation.
Does the solution meet the goal?
A Yes
B No
Answer: B. Yes
If you make a change to the topology of your network and have Windows VPN clients, the VPN client package for Windows clients must be downloaded and installed again in order for the changes to be applied to the client.
Q27
Your company has virtual machines (VMs) hosted in Microsoft Azure. The VMs are located in a single Azure virtual network named VNet1.
The company has users that work remotely. The remote workers require access to the VMs on VNet1.
You need to provide access for the remote workers.
What should you do?
A Configure a Site-to-Site (S2S) VPN.
B Configure a VNet-toVNet VPN.
C Configure a Point-to-Site (P2S) VPN.
D Configure DirectAccess on a Windows Server 2012 server VM.
E Configure a Multi-Site VPN
Correct Answer: C
A Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer.
Q28
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has a Microsoft SQL Server Always On availability group configured on their Azure virtual machines (VMs).
You need to configure an Azure internal load balancer as a listener for the availability group.
Solution: You create an HTTP health probe on port 1433.
Does the solution meet the goal?
A Yes
B No
No, creating an HTTP health probe on port 1433 does not meet the goal of configuring an Azure internal load balancer as a listener for the SQL Server Always On availability group.
In order to configure an Azure internal load balancer as a listener for the availability group, you need to create a TCP health probe on port 1433. SQL Server uses TCP to communicate on port 1433, so a TCP health probe is the appropriate choice to ensure the availability and health of the SQL Server instances in the availability group.
Q29
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has a Microsoft SQL Server Always On availability group configured on their Azure virtual machines (VMs).
You need to configure an Azure internal load balancer as a listener for the availability group.
Solution: You set Session persistence to Client IP.
Does the solution meet the goal?
A Yes
B No
No, Session persistence ensures that a client will remain connected to the same server throughout a session or period of time. Because load balancing may, by default, send users to unique servers each time they connect, this can mean that complicated or repeated requests are slowed down.