Review Mode Set 3 Dojo Flashcards
You need to execute a command using Azure Cloud Shell.
Which Azure management tool will you use?
Azure PowerShell Azure Portal Azure Advisor Azure Command-Line Interface (CLI)
Azure Portal
Explanation:
You can configure and manage Azure using various tools and platforms. There are tools available for the command line, language-specific Software Development Kits (SDKs), developer tools, tools for migration, and many others.
Tools that are commonly used for day-to-day management and interaction include:
Azure Portal for interacting with Azure via a Graphical User Interface (GUI)
Azure PowerShell and Azure Command-Line Interface (CLI) for command line and automation-based interactions with Azure
Azure Cloud Shell is a browser-based shell tool that allows you to create, configure, and manage Azure resources using a shell. Azure Cloud Shell supports both Azure PowerShell and the Azure Command Line Interface (CLI), which is a Bash shell.
Azure mobile app for monitoring and managing your resources from your mobile device
The Azure portal is a web-based, unified console that provides an alternative to command-line tools. With the Azure portal, you can manage your Azure subscription using a graphical user interface. You can:
– Build, manage, and monitor everything from simple web apps to complex cloud deployments
– Create custom dashboards for an organized view of resources
– Configure accessibility options for an optimal experience.
Remember that you can only access Azure Cloud Shell via the Azure portal by selecting the Cloud Shell icon.
Hence, the correct answer is: Azure Portal.
Azure Command-Line Interface (CLI) and Azure PowerShell are incorrect because to use Cloud Shell, you must go to your respective Azure portal and click the Cloud Shell icon.
Azure Advisor is incorrect because this service analyzes your configurations and usage telemetry and offers personalized, actionable recommendations to help you optimize your Azure resources for reliability, security, operational excellence, performance, and cost.
Your company has an Azure subscription that contains multiple virtual machines.
You have been tasked to provide access to a colleague to the Azure portal.
Which Azure service should you use to create the user?
Azure Monitor Microsoft Entra ID Azure Subscriptions Azure Advisor
Microsoft Entra ID
Explanation:
Microsoft Entra ID is Microsoft’s cloud-based identity and access management service, which helps your employees sign in and access resources in:
– External resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications.
– Internal resources, such as apps on your corporate network and intranet, along with any cloud apps developed by your own organization.
Microsoft Online business services, such as Office 365 or Microsoft Azure, require Microsoft Entra ID for sign-in and to help with identity protection. If you subscribe to any Microsoft Online business service, you automatically get Microsoft Entra with access to all the free features.
Add new users or delete existing users from your Microsoft Entra ID tenant. To add or delete users, you must be a User Administrator or Global Administrator.
- Sign in to the Azure portal.
- In the left-hand navigation pane, select “Microsoft Entra ID.”
- In the Microsoft Entra ID, click on “Users.”
- In the Users pane, click on the “+ New user” button at the top of the screen.
- This will open the “New user” pane. Here, fill in the necessary details:
Once the user is created, don’t forget to pass the credentials to the user, especially if the password was auto-generated. The user will be required to change their password upon initial sign-in.
Hence, the correct answer is: Microsoft Entra ID.
Azure Subscriptions is incorrect because Azure RBAC is an authorization system built on Azure Resource Manager that provides fine-grained access management to Azure resources. Here, you can only assign permissions to a user once you have created the user using Microsoft Entra ID.
Azure Advisor is incorrect because this service is just a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry and then recommends solutions that can help you improve the cost-effectiveness, performance, Reliability, and security of your Azure resources.
Azure Monitor is incorrect because this is only a comprehensive monitoring solution for collecting, analyzing, and responding to monitoring data from your cloud and on-premises environments.
An organization’s patient management system migrated its application that handles patient records to Azure. Due to compliance requirements, you need to store terabytes worth of records for more than 10 years. The records are rarely accessed and can accommodate a delay in retrieval.
What storage solution would best fit the requirements?
Store the records to Azure Blob Storage – Cool Tier Store the records in a virtual machine Store the records to Azure Blob Storage – Archive Tier Store the records to Azure Blob Storage – Hot Tier
Store the records to Azure Blob Storage – Archive Tier
Explanation:
Azure storage offers different access tiers, which allow you to store blob object data in the most cost-effective manner. The available access tiers include:
Hot – Optimized for storing data that is accessed frequently.
Cool – Optimized for storing data that is infrequently accessed and stored for at least 30 days.
Archive – Optimized for storing data that is rarely accessed and stored for at least 180 days with flexible latency requirements (on the order of hours).
The following considerations apply to the different access tiers:
– Only the hot and cool access tiers can be set at the account level. The archive access tier isn’t available at the account level.
– Hot, cool, and archive tiers can be set at the blob level during upload or after upload.
– Data in the cool access tier can tolerate slightly lower availability, but still requires high durability, retrieval latency, and throughput characteristics similar to hot data. For cool data, a slightly lower availability service-level agreement (SLA) and higher access costs compared to hot data are acceptable trade-offs for lower storage costs.
– Archive storage stores data offline and offers the lowest storage costs but also the highest data rehydrate and access costs
Archive tier is optimized for data that can tolerate several hours of retrieval latency and that will remain in the archive tier for at least 180 days. The archive tier is the most cost-effective option for storing data. However, accessing that data is more expensive than accessing data in the hot or cool tiers. Rehydration is the term for retrieving files from the archive tier.
Hence, the correct answer is: Store the records to Azure Blob Storage – Archive Tier.
The option that says: Store the patient records to Azure Blob Storage – Cool tier is incorrect. Although this access tier is optimized for infrequent access and can store data for at least 30 days, this storage type still costs higher than the archive tier. Take note that as per the scenario, a delay in retrieval is not an issue.
The option that says: Store the records in a virtual machine is incorrect because data disks have a higher per GB costs compared to Azure Blobs. Also, you have to maintain your own virtual machine, perform backups, and OS patching which will add to the costs.
The option that says: Store the records to Azure Blob Storage – Hot Tier is incorrect because this access tier is optimized for frequent access and has higher storage costs compared with cool and archive tiers. As per the requirements of the scenario, you need a cost-effective solution to store infrequently accessed objects.
Your organization has resources in an Azure Subscription that contains the following unused resources:
20 Public IP addresses 15 route tables 5 network security groups 10 Virtual Networks
As part of cost-cutting activities, you need to determine what unused resources are incurring costs.
Solution: Delete the unused public IP addresses.
Does this meet the goal?
No Yes
Yes
Explanation:
Public IP addresses in Azure can vary based on the SKU chosen by the customer – Basic or Standard and the type of IP address – dynamic or static. All Instance level public IP addresses (ILPIP) are charged for a certain amount.
Public IP prefixes are charged per IP per hour. As soon as a prefix is created, you are charged. The limits imposed on IP addresses are indicated in the full set of limits for networking in Azure.
Azure Virtual Network, route tables, and network security groups are free of charge.
Therefore, the correct answer is: Yes.
References
https://azure.microsoft.com/en-us/pricing/details/ip-addresses/
https://azure.microsoft.com/en-us/pricing/details/virtual-network/
Azure Virtual Network (VNet) Cheat Sheet:
https://tutorialsdojo.com/azure-virtual-network-vnet/
How many copies of data will be maintained by the Azure storage account that uses geo-zone-redundant storage (GZRS) at the minimum?
3 copies 6 copies 2 copies 9 copies
6 copies
Explanation:
An Azure storage account contains all of your Azure Storage data objects: blobs, files, queues, tables, and disks. The storage account provides a unique namespace for your Azure Storage data that is accessible from anywhere in the world over HTTP or HTTPS. Data in your Azure storage account is durable and highly available, secure, and massively scalable.
Data in an Azure Storage account is always replicated three times in the primary region. Azure Storage offers four options for how your data is replicated:
Locally redundant storage (LRS) copies your data synchronously three times within a single physical location in the primary region. LRS is the least expensive replication option but is not recommended for applications requiring high availability. Zone-redundant storage (ZRS) copies your data synchronously across three Azure availability zones in the primary region. For applications requiring high availability. Geo-redundant storage (GRS) copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in a secondary region that is hundreds of miles away from the primary region. Geo-zone-redundant storage (GZRS) copies your data synchronously across three Azure availability zones in the primary region using ZRS. It then copies your data asynchronously to a single physical location in the secondary region.
Microsoft Azure will maintain 6 copies total because the replication setting is Geo-zone-redundant storage (GZRS). This storage option copies copied across three Azure availability zones in the primary region and is also replicated to a secondary geographic region for protection from regional disasters.
Hence, the correct answer is: 6 copies.
The option that says: 3 copies is incorrect because only Locally redundant storage (LRS) and Zone-redundant storage (ZRS) maintain a total of 3 copies of data.
The options that say: 2 copies and 9 copies are incorrect because there is no Azure Storage redundancy type that maintains 4 and 5 copies of data. Only 3 for LRS and GRS and 6 for GRS and GZRS.
A company has three subscriptions for each department named TDHR, TDIT, and TDAccounting.
You need to recommend a solution that will allow you to manage policies across multiple subscriptions.
What Azure solution would you recommend?
Azure policies Azure advisor Azure management groups Azure resource groups
Azure management groups
Explanation:
If your organization has many subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions. Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called “management groups” and apply your governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group.
For example, you can apply policies to a management group that limits the regions available for virtual machine (VM) creation. This policy would be applied to all management groups, subscriptions, and resources under that management group by only allowing VMs to be created in that region.
Another scenario where you would use management groups is to provide user access to multiple subscriptions. By moving multiple subscriptions under that management group, you can create one Azure role assignment on the management group, which will inherit that access to all the subscriptions. One assignment on the management group can enable users to have access to everything they need instead of scripting Azure RBAC over different subscriptions.
Hence, the correct answer is: Azure management groups.
Azure policies is incorrect because this service only allows you to evaluate Azure resources at or below subscription level and not across multiple subscriptions. Take note that the requirement in the scenario is that the solution must allow you to manage policies across multiple subscriptions.
Azure advisor is incorrect because this service just helps you improve the cost-effectiveness, performance, reliability (formerly called high availability), and security of your Azure resources.
Azure resource group is incorrect because this is simply a container for your resources. You must use Azure management groups if you want to manage policies across multiple subscriptions.
You have an application running in the cloud. What service should you use to make routing decisions based on additional attributes of an HTTP request such as its URI path or host headers?
Microsoft Entra Connect Azure Application Gateway Azure Application Insights Azure App Service
Azure Application Gateway
Explanation:
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 – TCP and UDP) and route traffic based on a source IP address and port to a destination IP address and port.
Application Gateway can make routing decisions based on additional attributes of an HTTP request, such as URI path or host headers. For example, you can route traffic based on the incoming URL. So if /images are in the incoming URL, you can route traffic to a specific set of servers (known as a pool) configured for images. If /video is in the URL, that traffic is routed to another pool that’s optimized for videos.
Azure Application Gateway can be used as an internal application load balancer or as an internet-facing application load balancer. An internet-facing application gateway uses public IP addresses. The DNS name of an internet-facing application gateway is publicly resolvable to its public IP address. As a result, internet-facing application gateways can route client requests to the internet.
Internal application gateways use only private IP addresses. If you are using a Custom or Private DNS zone, the domain name should be internally resolvable to the private IP address of the Application Gateway. Therefore, internal load-balancers can only route requests from clients with access to a virtual network for the application gateway.
Hence, the correct answer is: Azure Application Gateway.
Azure App Service is incorrect because this service just enables you to build and host web apps, mobile backends, and RESTful APIs in the programming language of your choice without managing infrastructure. It is not capable of routing the traffic based on additional attributes of an incoming HTTP request.
Azure Application Insights is incorrect because it is only an extensible Application Performance Management (APM) service for developers and DevOps professionals. You can use this to monitor your live applications to automatically detect performance anomalies. However, this can’t be used to route traffic, unlike Azure Application Gateway.
Microsoft Entra Connect is incorrect because this service is primarily for identity and access management, ensuring that users can access resources across various systems with a unified identity. It does not have any capabilities related to routing HTTP requests or managing web traffic. Its focus is entirely on directory services and identity management.
References:
You have an Azure subscription named Manila that contains an application hosted on a single virtual machine.
There is a requirement where you must automatically be able to add additional identical virtual machines in response to demand.
What Azure solution would you recommend?
Management groups Update domain Virtual machine scale sets Fault domain
Virtual machine scale sets
Explanation:
Azure virtual machine scale sets let you create and manage a group of load-balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide the following key benefits:
– Easy to create and manage multiple VMs
– Provides high availability and application resiliency by distributing VMs across availability zones or fault domains
– Allows your application to automatically scale as resource demand changes
Virtual machine scale sets let you create and manage a group of identical, load-balanced VMs. If you simply created multiple VMs with the same purpose, you need to ensure they were all configured identically and then set up network routing parameters to ensure efficiency. You also have to monitor the utilization to determine if you need to increase or decrease the number of VMs.
Instead, with virtual machine scale sets, Azure automates most of that work. Scale sets allow you to centrally manage, configure, and update a large number of VMs in minutes. The number of VM instances can automatically increase or decrease in response to demand, or you can set it to scale based on a defined schedule.
Therefore, the correct answer is: Virtual machine scale sets.
Fault domain is incorrect because this simply defines the group of virtual machines that share a common power source and network switch.
Update domain is incorrect because this only indicates groups of virtual machines and underlying physical hardware that can be rebooted at the same time.
Management groups is incorrect because this just gives you enterprise-grade management at a scale no matter what type of subscriptions you have.
Which of the following best describes a sovereign cloud region in Azure?
A region that provides services only to specific industries, such as healthcare or banking A region that is solely used for data backup and disaster recovery purposes. A region that is physically isolated and dedicated to a single customer. A region that operates under the regulatory and compliance requirements of a specific country.
A region that operates under the regulatory and compliance requirements of a specific country.
Explanation:
A Region is a set of data centers deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network. Azure gives you the flexibility to deploy applications where you need to, and can be done across multiple regions to deliver cross-region resiliency.
In addition to regular regions, Azure also has sovereign regions. Azure sovereign regions are Azure cloud regions that are designed to meet specific data regulatory requirements and compliance laws of a particular country or region. They operate independently of Azure’s public cloud, meaning that data in a sovereign region is physically and logically isolated from data in other regions.
Azure sovereign regions include:
-US DoD Central, US Gov Virginia, US Gov Iowa, and more: These regions are physical and logical network-isolated instances of Azure for U.S. government agencies and partners. These data centers are operated by screened U.S. personnel and include additional compliance certifications.
-China East, China North, and more: These regions are available through a unique partnership between Microsoft and 21Vianet, whereby Microsoft doesn’t directly maintain the data centers.
Hence, the correct answer is: A region that operates under the regulatory and compliance requirements of a specific country.
The statement that says: A region that is solely used for data backup and disaster recovery purposes is incorrect because all Azure regions offer a wide array of services beyond data backup and disaster recovery.
The statement that says: A region that is physically isolated and dedicated to a single customer is incorrect because Azure does not dedicate an entire region to a single customer. Azure services are shared among various customers.
The statement that says: A region that provides services only to specific industries, such as healthcare or banking is incorrect because Azure regions do not specialize in industry-specific services; all Azure services are available in all regions.
You plan on deploying servers to Azure for your development environment.
You need to create several virtual machines using a macOS device.
Solution: Use Azure Cloud Shell (Powershell).
Does this meet the goal?
No Yes
Yes
Explanation:
Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell.
PowerShell is a cross-platform task-based automation and configuration management framework, consisting of a command-line shell and scripting language that lets you manage computers from the command line. Unlike most shells, which accept and return text, PowerShell is built on top of the .NET Common Language Runtime (CLR) and accepts and returns .NET objects.
This fundamental change brings entirely new tools and methods for automation to enable system administrators and power-users rapidly automate tasks that manage operating systems (Linux, macOS, and Windows) and processes.
PowerShell providers let you access data stores, such as the registry and certificate store, as easily as you access the file system. PowerShell includes a rich expression parser and a fully developed scripting language.
Therefore, the correct answer is: Yes.
Which Azure service is application insights a feature of?
Azure Service Health Azure Advisor Azure Resource Manager templates Azure Monitor
Azure Monitor
Explanation:
Azure Monitor helps you maximize the availability and performance of your applications and services. It delivers a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. This information helps you understand how your applications are performing and proactively identify issues that affect them and the resources they depend on.
Application Insights is a feature of Azure Monitor that provides extensible application performance management (APM) and monitoring for live web apps. It also supports a wide variety of platforms, including .NET, Node.js, Java, Python and works for apps hosted on-premises, hybrid, or on any public cloud.
Application Insights provides other features including, but not limited to:
– Live Metrics: observe activity from your deployed application in real time with no effect on the host environment
– Availability: also known as Synthetic Transaction Monitoring, probe your application’s external endpoint(s) to test the overall availability and responsiveness over time
– GitHub or Azure DevOps integration: create GitHub or Azure DevOps work items in context of Application Insights data
– Usage: understand which features are popular with users and how users interact and use your application
– Smart Detection – automatic failure and anomaly detection through proactive telemetry analysis
Therefore, the correct answer is: Azure Monitor.
Azure Service Health, Azure Advisor and Azure Resource Manager templates are all incorrect because these are not features of Azure Monitor. They are standalone services by Microsoft Azure.
Which Azure service allows you to use just-in-time (JIT) VM access?
Azure Information Protection Azure Monitor Microsoft Defender for Cloud Microsoft Sentinel
Microsoft Defender for Cloud
Explanation:
Microsoft Defender for Cloud is a unified infrastructure security management system that strengthens the security posture of your data centers and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on-premises.
Keeping your resources safe is a joint effort between your cloud provider, Azure, and you, the customer. You have to make sure your workloads are secure as you move to the cloud, and at the same time, when you move to IaaS (infrastructure as a service) there is more customer responsibility than there was in PaaS (platform as a service), and SaaS (software as a service). Microsoft Defender for Cloud provides you the tools needed to harden your network, secure your services and make sure you’re on top of your security posture.
With Microsoft Defender for Cloud, you can do the following:
– Evaluate your regulatory compliance using the Regulatory compliance dashboard.
– Improve your compliance posture by taking action on recommendations.
The diagram below shows the logic that Defender for Cloud applies when deciding how to categorize your supported VMs:
Lockdown inbound traffic to your Azure Virtual Machines with Microsoft Defender for Cloud’s just-in-time (JIT) virtual machine (VM) access feature. This reduces exposure to attacks while providing easy access when you need to connect to a VM.
Hence, the correct answer is: Microsoft Defender for Cloud.
Azure Monitor is incorrect because this service simply delivers a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments.
Azure Information Center is incorrect because this is just a cloud-based solution that enables organizations to discover, classify, and protect documents and emails by applying labels to content.
Microsoft Sentinel is incorrect because this service just provides you with a birds-eye view across the enterprise. Sentinel provides a proactive and responsive cloud-native SIEM that will help customers simplify their security operations and scale as they grow.
A company needs to configure its Microsoft Entra ID to automatically prompt a user to change the password if the user signs in from an anonymous IP address.
Which Azure service should you use?
Azure Service Health Microsoft Defender for Identity Microsoft Entra Privileged Identity Management Microsoft Entra ID Protection
Microsoft Entra ID Protection
Explanation:
Identity Protection is a tool that allows organizations to accomplish three key tasks:
– Automate the detection and remediation of identity-based risks.
– Investigate risks using data in the portal.
– Export risk detection data to third-party utilities for further analysis.
Identity Protection uses the learnings Microsoft has acquired from its position in organizations with Microsoft Entra ID, the consumer space with Microsoft Accounts, and in gaming with Xbox to protect your users. Microsoft analyses 6.5 trillion signals per day to identify and protect customers from threats.
The signals generated by and fed to Identity Protection can be further fed into tools like Conditional Access to make access decisions or fed back to a security information and event management (SIEM) tool for further investigation based on your organization’s enforced policies.
You can detect sign-ins that are made via anonymous IP addresses using Microsoft Entra ID Protection. Signs in from an anonymous IP address could originate from a Tor browser or an anonymizer VPNs.
It can be exported to other tools for archive and further investigation and correlation. The Microsoft Graph-based APIs allow organizations to collect this data for further processing in a tool such as their SIEM.
Hence, the correct answer is: Microsoft Entra ID Protection.
Microsoft Defender for Identity is incorrect because this is only a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. This service doesn’t apply any metadata or visual markings to your documents or emails.
Microsoft Entra Privileged Identity Management is incorrect because this just provides a time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. This service doesn’t automate the detection and remediation of identity-based risks.
Azure Service Health is incorrect because this is simply a suite of experiences that provide personalized guidance and support when issues in Azure services affect you. It is not capable of detecting sign-ins that are made via anonymous IP addresses, unlike Microsoft Entra ID Protection.
Your company plans to migrate its application and MS SQL database servers to Microsoft Azure.
Your company needs to have the highest level of flexibility and management control over its Azure resources. Therefore, you need to recommend a migration plan to only use Infrastructure as a Service solution in your Azure deployment.
What migration plan should you recommend?
Solution: Deploy a Azure App Service for your application and Azure SQL databases for your database server.
Does this meet the goal?
Yes No
No
Explanation:
Infrastructure as a service (IaaS) is an instant computing infrastructure, provisioned and managed over the internet. It’s one of the types of cloud services, along with software as a service (SaaS), platform as a service (PaaS), and serverless.
Infrastructure as a service (IaaS) is the most flexible category of cloud services, as it provides you with the maximum amount of control for your cloud resources.
In an IaaS model, the cloud provider is responsible for maintaining the hardware, network connectivity (to the internet), and physical security. You’re responsible for everything else: operating system installation, configuration, and maintenance; network configuration; database and storage configuration; and so on.
With IaaS, you’re essentially renting the hardware in a cloud datacenter, but what you do with that hardware is up to you.
Azure App Service is a fully managed platform as a service (PaaS) offering for developers. It is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. You can develop in your favorite language, be it .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python.
Applications run and scale with ease on both Windows and Linux-based environments. App Service not only adds the power of Microsoft Azure to your application, such as security, load balancing, autoscaling, and automated management.
Azure SQL Database is a fully managed platform as a service (PaaS) database engine that handles most of the database management functions such as upgrading, patching, backups, and monitoring without user involvement.
Remember that the requirement states that you must only use Infrastructure as a service solution. The solution does not fully satisfy the requirement of using IaaS offerings of Microsoft Azure since Azure App Service and Azure SQL database are both PaaS offerings.
Therefore, the correct answer is: No.
Your company is planning to migrate its TDPortalApp to Azure. You need a solution that will maintain virtual machine connectivity to at least one instance with a 99.95% uptime.
Solution: Deploy one VM instance in one Availability Set.
Does this meet the goal?
No Yes
No
Explanation:
Azure Virtual Machines are image service instances that provide on-demand and scalable computing resources with usage-based pricing. More broadly, a virtual machine behaves like a server: it is a computer within a computer that provides the user with the same experience they would have on the host operating system itself.
In general, virtual machines are sandboxed from the rest of the system, meaning that the software inside a virtual machine can’t escape or tamper with the underlying server itself. Each virtual machine provides its own virtual hardware including CPUs, memory, hard drives, network interfaces, and other devices.
An Availability Set is a logical grouping of VMs within a data center that is automatically distributed across these fault domains. There is no cost for the Availability Set itself, you only pay for each VM instance that you create.
Fault domains define the group of virtual machines that share a common power source and network switch. By default, the virtual machines configured within your availability set are separated across up to three fault domains for Resource Manager deployments.
For all Virtual Machines that have two or more instances deployed in the same Availability Set, Azure guarantees that you will have Virtual Machine Connectivity to at least one instance at least 99.95% of the time.
Therefore, the correct answer is: No.
