Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Azure Fundamentals > Practice Test 1: Practice Test - 1 > Flashcards

Practice Test 1: Practice Test - 1 Flashcards

1
Q

When computing and processing demand increases beyond an on-premises datacenter’s capabilities, businesses can easily use the ___________ cloud to instantly scale capacity up or down to handle excess capacity.

A. Public
B. Private

A

A. Public

Explanation:
When computing and processing demand increases beyond an on-premises datacenter’s capabilities, businesses can use the cloud to instantly scale capacity up or down to handle excess capacity. It also allows them to avoid the time and cost of purchasing, installing, and maintaining new servers that they may not always need.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You have managed an app that you developed and deployed On-Prem for a long time, but would now like to move it to Azure and be relieved of all the manual administration and maintenance. Which of the following buckets would be most suitable for your use case?

A. Software as a Service (SaaS)
B. Database as a Service (DaaS)
C. Platform as a Service (PaaS)
D. Infrastructure as a Service (IaaS)

A

C. Platform as a Service (PaaS)

Explanation:
Platform as a service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. You purchase the resources you need from a cloud service provider on a pay-as-you-go basis and access them over a secure Internet connection.

Like IaaS, PaaS includes infrastructure—servers, storage, and networking—but also middleware, development tools, business intelligence (BI) services, database management systems, and more. PaaS is designed to support the complete web application lifecycle: building, testing, deploying, managing, and updating.

PaaS allows you to avoid the expense and complexity of buying and managing software licenses, the underlying application infrastructure and middleware, container orchestrators such as Kubernetes, or the development tools and other resources. You manage the applications and services you develop, and the cloud service provider typically manages everything else.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You can significantly reduce costs (up-to 72%) as compared to pay-as-you-go pricing by _______________.

A. Not using a lot of resources
B. Using the free tier
C. Using Reserved Instances
D. Provisioning a lot of resources

A

C. Using Reserved Instances

Explanation:
You can significantly reduce costs — up to 72 percent compared to pay-as-you-go prices—with

one-year or three-year terms on Windows and Linux virtual machines (VMs). When you combine the cost savings gained from Azure RIs (reserved instances) with the added value of the Azure Hybrid Benefit, you can save up to 80 percent**.

It is possible to lower your total cost of ownership by combining Azure Reserved Instances with pay-as-you-go prices to manage costs across predictable and variable workloads. In many cases, you can further reduce your costs with reserved instance size flexibility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A resource group can contain resources from multiple Azure regions.

A. No
B. Yes

A

B. Yes

Explanation:
Resources from multiple different regions can be placed in a resource group. The resource group only contains metadata about the resources it contains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Select the characteristics of the Public Cloud from the following:

A. Hardware must be purchased for start up and maintenance
B. Metered Pricing
C. Applications can be quickly provisioned and deprovisioned
D. Organizations are responsible for hardware maintenance and updates
E. No capital expenditure to scale up
E. Unsecured Connections

A

B. Metered Pricing
C. Applications can be quickly provisioned and deprovisioned
E. No capital expenditure to scale up

Explanation:
With the public cloud, you get pay-as-you-go pricing and you pay only for what you use, no CapEx costs are involved.

With the public cloud, you have self-service management. You are responsible for the deployment and configuration of the cloud resources such as virtual machines or web sites. The underlying hardware that hosts the cloud resources is managed by the cloud provider.

Incorrect Answers:

Hardware must be purchased for start-up and maintenance - You don’t have to purchase any hardware on the public cloud. The underlying hardware is shared so you could have multiple customers using cloud resources hosted on the same physical hardware. Moreover, this is a characteristic of the private cloud.

Unsecured Connections - Connections to the public cloud are secure.

Organizations are responsible for hardware maintenance and updates - This is a characteristic of the Private Cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following displays personalized recommendations for all your subscriptions, and you can use filters to select recommendations for specific subscriptions, resource groups, or services?

A. Azure Service Health
B. Azure Arc
C. Azure Monitor
D. Azure Advisor

A

D. Azure Advisor

Explanation:
Azure Advisor evaluates your Azure resources and makes recommendations to help improve reliability, security, and performance, achieve operational excellence, and reduce costs. Advisor is designed to help you save time on cloud optimization. The recommendation service includes suggested actions you can take right away, postpone, or dismiss.

The recommendations are available via the Azure portal and the API, and you can set up notifications to alert you to new recommendations.

When you’re in the Azure portal, the Advisor dashboard displays personalized recommendations for all your subscriptions, and you can use filters to select recommendations for specific subscriptions, resource groups, or services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following can you use to implement strict governance and ensure that the right people have access to the right resources, and only when they need it.

A. Azure Bastion
B. Microsoft Sentinel
C. Microsoft Defender for Cloud
D. Azure Active Directory

A

D. Azure Active Directory

Explanation:
Azure Active Directory (Azure AD), part of Microsoft Entra, is an enterprise identity service that provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks.

Microsoft Defender for Cloud - is a solution for cloud security posture management (CSPM) and cloud workload protection (CWP) that finds weak spots across cloud configurations, helps strengthen the overall security posture of environments, and can protect workloads across multicloud and hybrid environments from evolving threats.

Azure Bastion - is a fully managed service that provides more secure and seamless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to virtual machines (VMs) without any exposure through public IP addresses.

Microsoft Sentinel - is a birds-eye view across the enterprise. It puts the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following services provides information about Azure service incidents, planned maintenance and can notify you of issues via Email, SMS and push notifications?

A. Azure Intitiatives
B. Azure Monitor
C. Azure Service Health
D. Azure Trust Portal

A

C. Azure Service Health

Explanation:
Azure Service Health notifies you about Azure service incidents and planned maintenance so you can take action to mitigate downtime. We can configure customizable cloud alerts and use your personalized dashboard to analyze health issues, monitor the impact to your cloud resources, get guidance and support, and share details and updates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

If you assign permissions to a resource group, all the resources inside it inherit these permissions

A. Yes
B. No

A

A. Yes

Explanation:
Yes, it is true that if you assign certain permissions to a resource group, then all the resources inside it inherit those permissions.

See below (VERY IMPORTANT TO UNDERSTAND AND REMEMBER THIS DIAGRAM):

A resource group is a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You have dozens of Virtual Machines (VM) hosted in Azure. The lead architect has asked for your suggestions to migrate all the VMs to an Azure pay-as-you-go subscription. Which expenditure model would apply to the stated requirement?

A. Scalable
B. Fault Tolerant
C. Operational
D. Capital

A

C. Operational

Explanation:
Fault Tolerant and Scalable are wrong answers because such payment models don’t exist. Capital expenditure is also incorrect since we aren’t going to be paying anything up front. Operational makes most sense since it means ‘pay as you go’ , i.e paying only for what you consume and nothing else.

Pay-As-You-Go

This offer is billed at the standard Pay-As-You-Go rates, except as otherwise specified.

You will be notified through email at least 30 days in advance of any changes to the Pay-As-You-Go rates. New services may be added periodically to the Azure platform. Azure will notify you in advance of these new services and any fees that might be charged for using them. However, you would only be charged if you elect to use the new services.

Any taxes which may result from receiving services at no charge are the sole responsibility of the recipient.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Yes or No:

Deleting a resource groups deletes all the resources inside it as well.

A. No
B. Yes

A

B. Yes

Explanation:
Deleting the resource group will remove the resource group as well as all the resources in that resource group. This can be useful for the management of resources. For example, a virtual machine has several components (the VM itself, virtual disks, network adapter etc.).

By placing the VM in its own resource group, you can delete the VM along with all its associated components by deleting the resource group.

Another example is when creating a test environment. You could place the entire test environment (Network components, virtual machines etc.) in one resource group. You can then delete the entire test environment by deleting the resource group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following services can help you:

Assign time-bound access to resources using start and end dates

Enforce multi-factor authentication to activate any role

A. Azure Privileged Identity Management
B. Azure Advanced Threat Protection (ATP)
C. Azure DDoS Protection
D. Azure Security Center

A

A. Azure Privileged Identity Management

Explanation:
From the official docs:

Azure Active Directory (Azure AD) Privileged Identity Management (PIM) is a service that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other Microsoft Online Services like Office 365 or Microsoft Intune.

Reasons to use:

Organizations want to minimize the number of people who have access to secure information or resources, because that reduces the chance of a malicious actor getting that access, or an authorized user inadvertently impacting a sensitive resource. However, users still need to carry out privileged operations in Azure AD, Azure, Office 365, or SaaS apps. Organizations can give users just-in-time (JIT) privileged access to Azure resources and Azure AD. There is a need for oversight for what those users are doing with their administrator privileges.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following services provides a personalized view of the health of the Azure services, regions, and resources you rely on?

A. Azure Service Health
B. Azure Resource Health
C. Azure Monitor
D. Azure Advisor

A

A. Azure Service Health

Explanation:
Azure Service Health provides a personalized view of the health of the Azure services, regions, and resources you rely on. The status.azure.com website, which displays only major issues that broadly affect Azure customers, doesn’t provide the full picture. But Azure Service Health displays both major and smaller, localized issues that affect you. Service issues are rare, but it’s important to be prepared for the unexpected. You can set up alerts that help you triage outages and planned maintenance. After an outage, Service Health provides official incident reports, called root cause analyses (RCAs), which you can share with stakeholders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Your organization has an on-premise infrastructure. The requirement from senior management is to migrate everything to the cloud.

What would you as an advisor recommend to deal with an unexpected Azure outage in a data center / Availability Zone?

A. Fault Tolerance
B. Using cheap resources to lose lesser money
C. Scalability
D. Elasticity

A

A. Fault Tolerance

Explanation:
There are several mechanisms built into Microsoft Azure to ensure services and applications remain available in the event of a failure. Such failures can include hardware failures, such as hard-disk crashes, or temporary availability issues of dependent services, such as storage or networking services. Azure and its software-controlled infrastructure are written in a way to anticipate and manage such failures.

In the event of a failure, the Azure infrastructure (the Fabric Controller) reacts immediately to restore services and infrastructure. For example, if a virtual machine (VM) fails due to a hardware failure on the physical host, the Fabric Controller moves that VM to another physical node based on the same hard disk stored in Azure storage. Azure is similarly capable of coordinating upgrades and updates in such a way as to avoid service downtime.

For computing resources (such as cloud services, traditional IaaS VMs, VM scale sets), the most important and fundamental concepts for enabling high availability are fault domains and upgrade domains. These have been part of Azure since its inception

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following Azure storage solutions meets ALL the following requirements:

1) The ability to handle unstructured data (document, graph, key-value)

2) Automatically index all data, regardless of the data model.

3) Multi-region writes and data distribution to any Azure region.

A. Azure Database for MariaDB
B. Azure Cosmos DB
C. Azure Cache for Redis
D. Azure SQL Databases

A

B. Azure Cosmos DB

Explanation:
Today’s applications are required to be highly responsive and always online. To achieve low latency and high availability, instances of these applications need to be deployed in datacenters that are close to their users. Applications need to respond in real time to large changes in usage at peak hours, store ever increasing volumes of data, and make this data available to users in milliseconds.

Azure Cosmos DB is Microsoft’s globally distributed, multi-model database service. With the click of a button, Cosmos DB enables you to elastically and independently scale throughput and storage across any number of Azure regions worldwide. You can elastically scale throughput and storage, and take advantage of fast, single-digit-millisecond data access using your favorite API including: SQL, MongoDB, Cassandra, Tables, or Gremlin. Cosmos DB provides comprehensive service level agreements (SLAs) for throughput, latency, availability, and consistency guarantees, something no other database service offers.

Azure Cosmos DB is a great way to store unstructured and JSON data. Combined with Azure Functions, Cosmos DB makes storing data quick and easy with much less code than required for storing data in a relational database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is a distributed network of servers that can efficiently deliver web content to users?

A. Azure Logic Apps
B. Azure Application Gateway
C. Azure CDN
D. Azure Virtual Network

A

C. Azure CDN

Explanation:
According to the official docs, a Content Delivery Network (CDN) is a distributed network of servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in point-of-presence (POP) locations that are close to end users, to minimize latency.

Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes across the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs. For example, route optimization to bypass Border Gateway Protocol (BGP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Yes or No:

Inter-Region transfer of data is always free of cost.

A. No
B. Yes

A

A. No

Explanation:
It is important to note that data inbound (ingress) is FREE, but data outbound (egress) is NOT FREE.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the present maximum capacity for storage accounts?

A. 750TB
B. 5PB
C. 500 TB
D. 2PB

A

B. 5PB

Explanation:
The maximum storage account capacity currently is : 5PB

*These might change with time so if you feel it has changed, inform me through message or in the Q/A section, I’ll highly appreciate it :)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

During live telecasts of football matches, streaming platforms sometimes experience massive spikes in viewerships and users visiting their websites when a goal is scored. Which of the following would be beneficial to deal with such expected demand of resources?

A. Serverless Computing
B. Kubernetes
C. Containers
D. Virtual Machines

A

A. Serverless Computing

Explanation:
Serverless computing enables developers to build applications faster by eliminating the need for them to manage infrastructure. With serverless applications, the cloud service provider automatically provisions, scales, and manages the infrastructure required to run the code.

While understanding the definition of serverless computing, it’s important to note that servers are still running the code. The serverless name comes from the fact that the tasks associated with infrastructure provisioning and management are invisible to the developer. This approach enables developers to increase their focus on the business logic and deliver more value to the core of the business (IMPORTANT). Serverless computing helps teams increase their productivity and bring products to market faster, and it allows organizations to better optimize resources and stay focused on innovation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following affect costs in Azure? (Choose 2)

A. Availability Zone
B. Knowledge Center Usage
C. Instance Size
D. Location

A

C. Instance Size
D. Location

Explanation:
The instance size and the location (eg -US or Europe etc ) affect the prices. The knowledge center is completely free to use, and you aren’t charged for an Availability Zone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

It is possible to deploy Azure resources through a Tablet by using Bash in the Azure Cloud Shell.

A. Yes
B. No

A

A. Yes

Explanation:
Azure Cloud Shell is an interactive, authenticated, browser-accessible (the key to everything since all you need is a browser and the OS doesn’t matter) shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell.

All you need is a browser on your Tablet, and then:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

____________ is an agreement with Microsoft to use one or more Microsoft cloud platforms or services, for which charges accrue based on either a per-user license fee or on cloud-based resource consumption.

A. A Subscription
B. A User Account
C. A License
D. A Resource Group

A

A. A Subscription

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

________________ is the mission-critical cloud, delivering breakthrough innovation to US government customers and their partners. Only US federal, state, local, and tribal governments and their partners have access to this dedicated instance, with operations controlled by screened US citizens.

A. Azure United States
B. Azure US
C. Azure Nation
D. Azure Government

A

D. Azure Government

Explanation:
Azure Government - It is the mission-critical cloud, delivering breakthrough innovation to US government customers and their partners. Only US federal, state, local, and tribal governments and their partners have access to this dedicated instance, with operations controlled by screened US citizens.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

The ___________________ is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area.

A. Center for Internet Security (CIS)
B. American National Standards Institute (ANSI)
C. International Organization for Standardization (ISO)
D. General Data Protection Regulation (GDPR)

A

D. General Data Protection Regulation (GDPR)

Explanation:
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. The GDPR is an important component of EU privacy law and of human rights law, in particular Article 8 of the Charter of Fundamental Rights of the European Union.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Azure virtual machines (VM) are classified as which of the following offerings?

A. PaaS
B. DaaS
C. SaaS
D. IaaS

A

D. IaaS

Explanation:

26
Q

Your company has explored some of the services in Azure Public preview. One of the architects working in your team has advised to deploy mission critical services/applications to these services. Do you agree?

A. No
B. Yes

A

A. No

Explanation:
According to the official documentation, it is important to note that the services offered in public preview are excluded from the Service Level Agreements (SLAs) . It is therefore not a good idea to deploy production environments on resources / services that are in preview (public or private).

27
Q

Which of the following is a server-less solution that allows you to write less code, maintain less infrastructure, and save on costs.?

A. Azure DevOps
B. Azure Logic Apps
C. Azure Functions
D. Azure App Service

A

C. Azure Functions

Explanation:
Azure Functions allows you to run small pieces of code (called “functions”) without worrying about application infrastructure. With Azure Functions, the cloud infrastructure provides all the up-to-date servers you need to keep your application running at scale.

A function is “triggered” by a specific type of event. Supported triggers include responding to changes in data, responding to messages, running on a schedule, or as the result of an HTTP request.

28
Q

All resource types support Tags in Azure.

A. No
B. Yes

A

A. No

29
Q

You plan to create a Netflix like streaming service and would like to serve video content to users worldwide. Which of the following would help you deliver the best possible service with least latency?

A. An Azure Virtual Network NAT
B. A CDN
C. An Azure ExpressRoute circuit
D. An Azure Load Balancer

A

B. A CDN

Explanation:
The question states that users are located worldwide and need the least possible latency. The video playback experience would be improved if they can download the video from servers in the same region as the users. We can achieve this by using a Content Delivery Network.

A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in point-of-presence (POP) locations that are close to end users, to minimize latency.

Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes across the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs. For example, route optimization to bypass Border Gateway Protocol (BGP).

The benefits of using Azure CDN to deliver website assets include:

-> Better performance and improved user experience for end users, especially when using applications in which multiple round-trips are required to load content.

-> Large scaling to better handle instantaneous high loads, such as the start of a product launch event.

-> Distribution of user requests and serving of content directly from edge servers so that less traffic is sent to the origin server.

30
Q

One of the primary benefits of using an Azure Key Vault is ____________.

A. To see and stop threats before they cause harm
B. Key Management
C. Automatically masking sensitive information
D. Enforcing organizational standards and to assess compliance at scale

A

B. Key Management

Explanation:
Enforcing organizational standards and to assess compliance at-scale - This is done by Azure Policy.

To see and stop threats before they cause harm - This is done by Azure Sentinel.

From the official documentation:

Key Management - Azure Key Vault can be used as a Key Management solution. Azure Key Vault makes it easy to create and control the encryption keys used to encrypt your data.

31
Q

Which of the following Azure Support Plans grants access to:

1) 24x7 Access to Support Engineers via email and phone

2) Training in the form of webinars from Azure experts

3) Access to the Support AP

A. Standard
B. Developer
C. Basic
D. Professional Direct

A

D. Professional Direct

Explanation:

32
Q

You are a tech startup owner and would like to migrate your self hosted apps and services to Azure.

Which of the following is an advantage of the Public Cloud that you’ll realize thanks to the migration?

A. Peace of mind that Azure will send over hardware for you to store in your warehouse
B. Your organization can customize its cloud environment to meet specific business needs
C. Resources are not shared with others, so higher levels of control and privacy are possible
D. Near unlimited scalability as on demand resources are available to meet your business needs

A

D. Near unlimited scalability as on demand resources are available to meet your business needs

Explanation:
From the official docs:

The public cloud is a shared entity whereby multiple corporations each use a portion of the resources in the cloud. The hardware resources (servers, infrastructure etc.) are managed by the cloud provider. Multiple companies create resources such as virtual machines and virtual networks on the hardware resources.

Incorrect Answers:

Resources are not shared with others, so higher levels of control and privacy are possible - This is a characteristic of a Private Cloud.

Your organization can customize its cloud environment to meet specific business needs - This is also a characteristic of a Private Cloud.

Peace of mind that Azure will send over hardware for you to store in your warehouse - Azure stores all infrastructure on their end. You’d be storing hardware that you purchased and incur CapEx in a Private cloud setup.

33
Q

You’ve been asked by senior management to prepare a presentation describing not only the benefits, but also the estimated cost savings you can realize by migrating your workloads to Azure. As the lead architect, which service would you use for these calculations?

A. Azure Cost Management
B. Azure Monitor
C. Azure Advisor
D. Azure TCO Calculator

A

D. Azure TCO Calculator

Explanation:
For users wishing to adopt cloud services, Azure provides a web-based TCO Calculator. You can use this calculator to estimate the costs of migrating your data and applications to Azure and predict potential savings.

34
Q

A hacker group recently attacked your video streaming website and all your resources were exhausted and unavailable to your users. What can you do to prevent this type of attack in the future?

A. Use Azure DDoS protection
B. Use an Azure Firewall
C. Use Azure Virtual Networks
D. Use a Network Security Group

A

A. Use Azure DDoS protection

Explanation:
Azure has two DDoS service offerings that provide protection from network attacks (Layer 3 and 4): DDoS Protection Basic and DDoS Protection Standard.

DDoS Protection Basic

Basic protection is integrated into the Azure by default at no additional cost. The scale and capacity of the globally deployed Azure network provides defense against common network-layer attacks through always-on traffic monitoring and real-time mitigation. DDoS Protection Basic requires no user configuration or application changes. DDoS Protection Basic helps protect all Azure services, including PaaS services like Azure DNS.

Basic DDoS protection in Azure consists of both software and hardware components. A software control plane decides when, where, and what type of traffic should be steered through hardware appliances that analyze and remove attack traffic. The control plane makes this decision based on an infrastructure-wide DDoS Protection policy. This policy is statically set and universally applied to all Azure customers.

For example, the DDoS Protection policy specifies at what traffic volume the protection should be triggered. (That is, the tenant’s traffic should be routed through scrubbing appliances.) The policy then specifies how the scrubbing appliances should mitigate the attack.

The Azure DDoS Protection Basic service is targeted at protection of the infrastructure and protection of the Azure platform. It mitigates traffic when it exceeds a rate that is so significant that it might affect multiple customers in a multitenant environment. It doesn’t provide alerting or per-customer customized policies.

DDoS Protection Standard

Standard protection provides enhanced DDoS mitigation features. It’s automatically tuned to help protect your specific Azure resources in a virtual network. Protection is simple to enable on any new or existing virtual network, and it requires no application or resource changes. It has several advantages over the basic service, including logging, alerting, and telemetry. The following sections outline the key features of the Azure DDoS Protection Standard service.

35
Q

_________________ offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) protocol or Network File System (NFS) protocol. This means it can be used to completely replace or supplement traditional on-premises file servers or NAS devices.

A. Azure Data Lake Storage
B. Azure SQL Database
C. Azure Files
D. Azure Blob Storage

A

C. Azure Files

Explanation:
Azure Files is Microsoft’s easy-to-use cloud file system. Azure file shares can be seamlessly used in Windows and Windows Server. To use an Azure file share with Windows, you must either mount it, which means assigning it a drive letter or mount point path, or access it via its UNC path.

Unlike other SMB shares you may have interacted with, such as those hosted on a Windows Server, Linux Samba server, or NAS device, Azure file shares do not currently support Kerberos authentication with your Active Directory (AD) or Azure Active Directory (AAD) identity.

Instead, you must access your Azure file share with the storage account key for the storage account containing your Azure file share. A storage account key is an administrator key for a storage account, including administrator permissions to all files and folders within the file share you’re accessing, and for all file shares and other storage resources (blobs, queues, tables, etc) contained within your storage account.

36
Q

Suppose the lead architect in your company has asked your team to implement a PaaS based solution in Azure for a quick Proof-of-Concept (POC) to senior management. One of your colleagues goes ahead and creates an Azure App Service and 3 Azure Virtual machines.

Would you agree with this implementation?

A. Yes
B. No

A

B. No

Explanation:
An Azure App Service is a PaaS (Platform as a Service) service so this is not an issue.

However, Azure virtual machines fall under the category of IaaS (Infrastructure as a Service) service since you’re renting infrastructure. Therefore, we would disagree with this decision.

37
Q

One of the definitions of the Hybrid cloud model is to use multiple Public Clouds in conjunction with a Private Cloud.

A. No
B. Yes

A

B. Yes

Explanation:
A hybrid cloud—sometimes called a cloud hybrid—is a computing environment that combines an on-premises datacenter (also called a private cloud) with a public cloud, allowing data and applications to be shared between them. Some people define hybrid cloud to include “multicloud” configurations where an organization uses more than one public cloud in addition to their on-premises datacenter.

38
Q

When should you scale out your deployment?

A. When you need to reduce your cost of operation
B. When you need a stronger CPU to make your application run faster
C. When you need additional VMs/computers to speed up your application
D. When you want to reduce the unused capacity of your system

A

C. When you need additional VMs/computers to speed up your application

Explanation:
A scale out operation is the equivalent of creating multiple copies of your web site and adding a load balancer to distribute the demand between them. When you scale out a web site in Azure, there is no need to configure load balancing separately since this is already provided by the platform

39
Q

When you as a consumer are implementing a Software as a Service (SaaS) solution, you are responsible for configuring high availability.

Instructions : Review the bolded text. If the statement is already correct, select

“No change is needed”. If the statement is incorrect, choose the option below that

would make the statement correct.

A. Installing the SaaS solution
B. No change is needed
C. Creating a resource group
D. Configuring the SaaS solution

A

D. Configuring the SaaS solution

Explanation:
Software as a service (SaaS) allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools (such as Microsoft Office 365).

SaaS provides a complete software solution that you purchase on a pay-as-you-go basis from a cloud service provider. You rent the use of an app for your organization, and your users connect to it over the Internet, usually with a web browser. All of the underlying infrastructure, middleware, app software, and app data are located in the service provider’s data center. The service provider manages the hardware and software, and with the appropriate service agreement, will ensure the availability and the security of the app and your data as well. SaaS allows your organization to get quickly up and running with an app at minimal upfront cost.

If you’ve used a web-based email service such as Outlook, Hotmail, or Yahoo! Mail, then you’ve already used a form of SaaS. With these services, you log into your account over the Internet, often from a web browser. The email software is located on the service provider’s network, and your messages are stored there as well. You can access your email and stored messages from a web browser on any computer or Internet-connected device.

The previous examples are free services for personal use. For organizational use, you can rent productivity apps, such as email, collaboration, and calendaring; and sophisticated business applications such as customer relationship management (CRM), enterprise resource planning (ERP), and document management. You pay for the use of these apps by subscription or according to the level of use.

40
Q

Which of the following statements is True?

You have a mission critical deployment on the Azure cloud consisting of an Azure SQL Database that has a Service Level Agreement (SLA) of 99.99 percent and a Web App that has an SLA of 99.95 percent.

The composite SLA for the application is the product of both SLAs, which equals 99.94 percent.

A. The composite SLA for the application is the lowest SLA associated to the application, which is 99.95 percent
B. The given statement is correct without any changes needed
C. The composite SLA for the application is the highest SLA associated to the application, which is 99.99 percent
D. The composite SLA for the application is the difference between the two SLAs, which is 0.0.5 percent

A

B. The given statement is correct without any changes needed

Explanation:
Composite SLAs involve multiple services supporting an application, each with differing levels of availability.

For example, consider an App Service web app that writes to Azure SQL Database. At the time of writing this answer, these Azure services have the following SLAs:

-> App Service web apps = 99.95%

-> SQL Database = 99.99%

What is the maximum downtime you would expect for this application? If either service fails, the WHOLE application fails. The probability of each service failing is independent, so the composite SLA for this application is 0.9995% * 0.9999% = 99.94%. That’s lower than the individual SLAs, which isn’t surprising because an application that relies on multiple services has more potential failure points.

41
Q

Resources don’t inherit the tags you apply to a resource group or a subscription.

A. True
B. False

A

A. True

Explanation:
Yes, this is true. Resources don’t inherit the tags you apply to a resource group or a subscription. To apply tags from a subscription or resource group to the resources, see Azure Policies - tags.

42
Q

Permissions are by default inherited by all resources residing in a resource group.

A. Yes
B. No

A

A. Yes

Explanation:
A resource group can be used to scope access control for administrative actions. By default, permissions set at the resource level are inherited by the resources in the resource group.

43
Q

Data in an Azure storage account is replicated 3 times in the primary region.

A. Yes
B. No

A

A. Yes

Explanation:
Azure Storage always stores multiple copies of your data so that it is protected from planned and unplanned events, including transient hardware failures, network or power outages, and massive natural disasters. Redundancy ensures that your storage account meets the Service-Level Agreement (SLA) for Azure Storage even in the face of failures.

44
Q

Power BI can access infrequently used data from which of the following?

A. Azure DataLake
B. Azure PostgreSQL
C. Azure Cosmos DB
D. Azure SQL Data Warehouse

A

D. Azure SQL Data Warehouse

Explanation:
Azure DataLake and Azure SQL Data Warehouse are the correct options:

45
Q

For industries that work with highly sensitive data, such as banking, finance, government, and healthcare, ___________ cloud may be their best cloud option.

A. Hybrid
B. Private
C. Public

A

A. Hybrid

Explanation:
For industries that work with highly sensitive data, such as banking, finance, government, and healthcare, hybrid may be their best cloud option. For example, some regulated industries require certain types of data to be stored on-premises while allowing less sensitive data to be stored on the cloud. In this kind of hybrid cloud architecture, organizations gain the flexibility of the public cloud for less regulated computing tasks, while still meeting their industry requirements.

46
Q

An organization would like to create a web app to allow its employees to enter their vacation / time-off details and then store that information in a backend storage solution. They have noted that Python is their preferred language.

As the lead consultant, which service would you recommend?

A. Azure Kubernetes
B. Azure Cosmos DB
C. Azure App Service
D. Azure Functions

A

C. Azure App Service

Explanation:
Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. You can develop in your favorite language, be it .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python. Applications run and scale with ease on both Windows and Linux-based environments.

It is also possible to scale apps on an enterprise grade platform:

Reference : https://docs.microsoft.com/en-us/azure/app-service/overview

47
Q

A resource can belong to more than one resource group

A. Yes
B. No

A

B. No

Explanation:
No! 1 resource = 1 resource group (very simply logic)

48
Q

You are the senior architect of XYZ organization and the senior management has requested to migrate all on-prem resources to the cloud.

The requirement is that only Platform as a Service (PaaS) solutions must be used in Azure.

Solution: To begin with, you create an Azure App Service and Azure SQL databases.

Would this meet the goal?

A. No
B. Yes

A

B. Yes

Explanation:
Please always remember - Azure App Service and Azure SQL Databases are both PaaS services!

Azure App Service - Allows us to quickly build, deploy, and scale web apps created with popular frameworks such as .NET, .NET Core, Node.js, Java, PHP, Ruby, or Python, in containers or running on any operating system. It offers rigorous, enterprise-grade performance, security, and compliance requirements by using the fully managed platform for your operational and monitoring tasks.

Reference: https://azure.microsoft.com/en-in/services/app-service/

Azure SQL Database - Microsoft Azure SQL Database is a managed cloud database provided as a part of Microsoft Azure. A cloud database is a database that runs on a cloud computing platform, and access to it is provided as a service. Managed database services take care of scalability, backup, and high availability of the database.

49
Q

Which of the following can be used to manage your Azure Resources from an iPhone?

A. Azure Mobile App
B. Azure Cloud Shell
C. Azure CLI
D. Windows PowerShell
E. Azure Portal

A

A. Azure Mobile App
B. Azure Cloud Shell
E. Azure Portal

Explanation:
The Azure portal is the web-based portal for managing Azure. Being web-based, you can use the Azure portal on an iPhone.

Azure Cloud Shell is a web-based command line for managing Azure. You access the Azure Cloud Shell from the Azure portal. Being web-based, you can use the Azure Cloud Shell on an iPhone.

Incorrect Answers:

A: Azure CLI can be installed on MacOS but it cannot be installed on an iPhone.

D: Windows PowerShell can be installed on MacOS but it cannot be installed on an iPhone.

50
Q

Which of the following statements is accurate?

If you want to migrate a website that is hosted On-Prem at the moment to Azure, one of the clear benefits is the Pay-As-You-Go Pricing that comes with Azure.

A. This is not true, a website hosted on Azure will be costlier as its charged by the second
B. This is not true, we first need to pay to transfer all the website data to Azure
C. The given statement is correct
D. This is not true. You need a VPN to complete the migration which will cost a lot

A

C. The given statement is correct

Explanation:
When planning to migrate a website to Azure, the Pay As you Go pricing model is a big advantage. You can even use Azure Websites to accomplish this.

Azure Websites is offered in four tiers: Free, Shared (Preview), Basic and Standard.

Websites Shared (Preview): The price for the Shared tier during preview is $0.013 per hour per website instance (~$10/month). This price reflects a 33% preview discount.

Websites Basic and Standard: The Basic and Standard tiers offer multiple instance sizes as well as scaling to meet changing capacity needs starting from $56 for a Basic (Single Small instance) and $75 for a Standard ( Single small instance)

For more details on features per price tier , click here.

Incorrect Answers:

  • You do not need a VPN for Azure web sites.
  • You do not pay to transfer data into Azure web sites.
  • You are not charged by the second.
51
Q

Your company plans to deploy multiple Virtual Machines in Azure. As the lead architect, you must ensure that all these virtual machines are available if a single data center fails.

Solution: You deploy the virtual machines to two or more Availability Zones.

Would this solution meet the goal?

A. Yes
B. No

A

A. Yes

Explanation:
Absolutely! The answer is in the question itself. If one data center goes down, we can make sure our VM is still running in another data center! This is the entire concept of fault tolerance - Make sure you have enough backups to prevent downtime.

Availability Zones -

An Availability Zone is a high-availability offering that protects your applications and data from datacenter failures. Availability Zones are unique physical locations within an Azure region. Each zone is made up of one or more datacenters equipped with independent power, cooling, and networking (VERY IMPORTANT PLEASE NOTE).

To ensure resiliency, there’s a minimum of three separate zones in all enabled regions. The physical separation of Availability Zones within a region protects applications and data from datacenter failures. Zone-redundant services replicate your applications and data across Availability Zones to protect from single-points-of-failure. With Availability Zones, Azure offers industry best 99.99% VM uptime SLA.

Azure services that support Availability Zones fall into two categories:

1) Zonal services – where a resource is pinned to a specific zone (for example, virtual machines, managed disks, Standard IP addresses), or

2) Zone-redundant services – when the Azure platform replicates automatically across zones (for example, zone-redundant storage, SQL Database).

To achieve comprehensive business continuity on Azure, build your application architecture using the combination of Availability Zones with Azure region pairs. You can synchronously replicate your applications and data using Availability Zones within an Azure region for high-availability and asynchronously replicate across Azure regions for disaster recovery protection.

52
Q

Which of the following services would you help achieve the following:

1) Create and manage a group of load balanced VMs.

2) Provide high availability and application resiliency by distributing VMs across availability zones

3) Allows your application to automatically scale as resource demand changes

A. Azure Region Pairs
B. Azure Subscriptions
C. Azure Scale Sets
D. Azure Resource Groups

A

C. Azure Scale Sets

Explanation:

53
Q

Which set of security standards in Azure relates to cardholder data?

A. ISO
B. FedRAMP
C. HIPPA
D. PCI DSS

A

D. PCI DSS

Explanation:
Azure adheres to security controls for ISO 27001, ISO 27018, SOC 1, SOC 2, SOC3, FedRAMP, HITRUST, MTCS, IRAP and ENS.

1) The security standard relating to cardholder data is - PCI DSS (Payment Card Industry Data Security Standard)

Reference: https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard

https://azure.microsoft.com/en-ca/blog/payment-processing-blueprint-for-pci-dss-compliant-environments/

2) HIPPA - The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.

Reference: https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act

3) FedRAMP - The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services

Reference: https://en.wikipedia.org/wiki/FedRAMP

4) ISO - The International Organization for Standardization is an international standard-setting body composed of representatives from various national standards organizations. Founded on 23 February 1947, the organization promotes worldwide proprietary, industrial, and commercial standards

Reference: https://en.wikipedia.org/wiki/International_Organization_for_Standardization

54
Q

Which of the following services can automatically sign users in when they are on their corporate devices & connected to your corporate network?

A. Azure Sentinel
B. Single Sign On (SSO)
C. Password Auth
D. MFA

A

B. Single Sign On (SSO)

Explanation:
From the official documentation: Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don’t need to type in their passwords to sign in to Azure AD, and usually, even type in their usernames. This feature provides your users easy access to your cloud-based applications without needing any additional on-premises components.

With single sign-on, users sign in once with one account to access domain-joined devices, company resources, software as a service (SaaS) applications, and web applications. After signing in, the user can launch applications from the Office 365 portal or the Azure AD MyApps access panel. Administrators can centralize user account management, and automatically add or remove user access to applications based on group membership.

55
Q

One of the teams in your company is looking for a solution for collecting, analyzing, and potentially taking action based on the metric and logging data from your entire Azure and on-premises environment.

Which of the following would you recommend?

A. Azure Logs
B. Azure Advisor
C. Azure Monitor
D. Azure Insights

A

C. Azure Monitor

Explanation:
Azure Monitor is a platform for collecting, analyzing, visualizing, and potentially taking action based on the metric and logging data from your entire Azure and on-premises environment.

The following diagram illustrates just how comprehensive Azure Monitor is.

On the left is a list of the sources of logging and metric data that can be collected at every layer in your application architecture, from application to operating system and network.

In the center, you can see how the logging and metric data is stored in central repositories.

On the right, the data is used in a number of ways. You can view real-time and historical performance across each layer of your architecture, or aggregated and detailed information. The data is displayed at different levels for different audiences. You can view high-level reports on the Azure Monitor Dashboard or create custom views by using Power BI and Kusto queries.

Additionally, you can use the data to help you react to critical events in real time, through alerts delivered to teams via SMS, email, and so on. Or you can use thresholds to trigger autoscaling functionality to scale up or down to meet the demand.

56
Q

We get total control of the underlying Operating System when working with Platform As a Service (PaaS) solutions.

A. Yes
B. No

A

B. No

Explanation:
Platform as a service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. You purchase the resources you need from a cloud service provider on a pay-as-you-go basis and access them over a secure Internet connection.

Like IaaS, PaaS includes infrastructure—servers, storage, and networking—but also middleware, development tools, business intelligence (BI) services, database management systems, and more. PaaS is designed to support the complete web application lifecycle: building, testing, deploying, managing, and updating.

PaaS allows you to avoid the expense and complexity of buying and managing software licenses, the underlying application infrastructure and middleware, container orchestrators such as Kubernetes, or the development tools and other resources. You manage the applications and services you develop, and the cloud service provider typically manages everything else.

A great image to reference for such concepts - https://www.redhat.com/en/topics/cloud-computing/iaas-vs-paas-vs-saas (Important)

57
Q

When you create a resource group, you need to provide a location for that resource group.

A. No
B. Yes

A

B. Yes

Explanation:
When you create a resource group, you need to provide a location for that resource group.

You may be wondering, “Why does a resource group need a location? And, if the resources can have different locations than the resource group, why does the resource group location matter at all?”

The resource group stores metadata about the resources. When you specify a location for the resource group, you’re specifying where that metadata is stored. For compliance reasons, you may need to ensure that your data is stored in a particular region.

More info from the docs -

Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/manage-resource-groups-portal

58
Q

A client of yours is a content creator and would like to be notified via Email whenever their course is purchased. Which of the following solutions would be best suited for this automation?

A. A Web App
B. An API App
C. A Logic App
D. A Server image in Azure Marketplace

A

C. A Logic App

Explanation:
Explanation

From the official Azure docs:

Azure Logic Apps is a cloud service that helps you schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on premises, or both.

For example, here are just a few workloads you can automate with logic apps:

-> Process and route orders across on-premises systems and cloud services.

-> Send email notifications with Office 365 when events happen in various systems, apps, and services.

-> Move uploaded files from an SFTP or FTP server to Azure Storage.

-> Monitor tweets for a specific subject, analyze the sentiment, and create alerts or tasks for items that need review.

An example of a flow:

References: https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview

59
Q

Which of the following services allows you to send events generated from Azure resources to applications?

A. Azure Cognitive Services
B. Azure Event Grid
C. Azure App Servcie
D. Azure Event Hub

A

B. Azure Event Grid

Explanation:
A summary from the official Azure documentation:

60
Q

Suppose the lead architect in your company has asked your team to implement a PaaS based solution in Azure for a quick Proof-of-Concept (POC) to senior management. One of your colleagues goes ahead and creates an Azure Logic App and an Azure Data Factory deployment .
e
Would you agree with this implementation?

A. No
B. Yes

A

B. Yes

Explanation:
Azure Logic App and Azure Data Factory both fall under the PaaS (Platform as a Service) category.

Azure Fundamentals (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions