Section-Based – Deploy and Manage Azure Compute Resources (AZ-104) Flashcards
You need to use an existing Azure Resource Manager (ARM) template to provision ten Azure virtual machines.
You should retrieve the password using the ARM template. The password must not be stored in plain text.
Which of the following options can help you accomplish this?
A. Configure Microsoft Entra Password Protection.
B. Configure label protection.
C. Create a storage account and configure data protection.
D. Create a key vault and configure an access policy.
D. Create a key vault and configure an access policy.
Explanation:
Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. Key Vault service supports two types of containers: vaults and managed HSM pools. Vaults support storing software and HSM-backed keys, secrets, and certificates. While Managed HSM pools only support HSM-backed keys.
In this scenario, you can use the ARM template to retrieve the password in Azure Key Vault. Instead of putting a secure value (like a password) directly in your template or parameter file, you can retrieve the value from an Azure Key Vault during deployment. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID.
Hence, the correct answer is: Create a key vault and configure an access policy.
The option that says: Create a storage account and configure data protection is incorrect because you can’t store a secret in a storage account. You must use a key vault to store and use several types of secret/key data. Also, data protection in the storage account is primarily used for the recovery and tracking of blobs.
The option that says: Configure label protection is incorrect. This option is a feature of Azure Information Protection. Label protection is used for protecting sensitive documents and emails by using the Rights Management service. You can’t use label protection to store secret values in Azure Key Vault.
The option that says: Configure Microsoft Entra Password Protection is incorrect because this option only detects and blocks known weak passwords in your organization. Take note that the requirement in the scenario is to store the password as a secret that is not in plaintext. Therefore, you must use the Azure Key Vault.
You are managing a business-critical application hosted in a virtual machine that is associated with your Azure subscription. The virtual machine has a managed disk and a network interface.
You are planning to make the following changes:
Create and attach a new disk. Change the VM size. Detach a network interface. Move the VM to a new resource group. Add a Desired State Configuration (DSC) extension.
Which of the following changes would cause system downtime?
A. Changing the VM size.
B. Creating and attaching a new disk.
C. Detaching a network interface.
D. Moving the VM to a new resource group.
A. Changing the VM size.
Explanation:
Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that Azure offers. Typically, you choose a VM when you need more control over the computing environment. An Azure VM gives you the flexibility of virtualization without having to buy and maintain the physical hardware that runs it. However, you still need to maintain the VM by performing tasks, such as configuring, patching, and installing the software that runs on it.
Based on the given scenario, the VM is currently running a business-critical application. There are two ways to change the size of a VM, the first option is to stop the VM, change the size of the VM in the size settings, and start the VM again. The second option is to resize the VM when the VM is in a running state. Take note that if the virtual machine is currently running, changing its size will cause it to be restarted and will result in system downtime.
Hence, the correct answer is: Changing the VM size.
The option that says: Creating and attaching a new disk is incorrect because adding a new disk to your virtual machine won’t cause system downtime. Take note that you can attach multiple disks while the virtual machine is running.
The option that says: Detaching a network interface is incorrect because if the virtual machine is in a running state, the detach network interface option in the networking settings is greyed out. You need to stop the virtual machine first before you can detach/attach a network interface.
The option that says: Move the VM to a new resource group is incorrect because this option also won’t cause downtime in your application. A resource group is simply a logical grouping of your VMs.
You are planning to host several web applications in Azure App Service with the following runtime stack.
Application1 | ASP.NET V4.8
Application2 | Node 16 LTS
Application3 | PHP 8.2
Application4 | Python 3.10
Application5 | Java 11
How many App Service plan should you create at the minimum to properly deploy all applications?
A. Zero
B. Five
C. Two
D. One
C. Two
Explanation:
Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. You can develop in your favorite language, be it .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python. Applications run and scale with ease on both Windows and Linux-based environments. App Service not only adds the power of Microsoft Azure to your application, such as security, load balancing, autoscaling, and automated management. You can also take advantage of its DevOps capabilities, such as continuous deployment from Azure DevOps, GitHub, Docker Hub, other sources, package management, staging environments, custom domain, and TLS/SSL certificates.
Before you launch a web app in Azure App Service, you must create an App Service plan. You must also select the Operating System that will be used in the App Service plan. Take note that some runtime stacks will only work on Windows such as ASP.NET while Ruby will only work with Linux.
If your runtime stack can be deployed to both Linux and Windows like Java, then you can only select one Operating System when creating a Web App.
– ASP.NET V4.8 = Windows
– Node 16 LTS = Windows & Linux
– PHP 8.2 = Linux
– Python 3.10 = Linux
– Java 11 = Windows & Linux
Based on the given runtime stack, you need to create two App Service plan (Linux and Windows).
Hence, the correct answer is: Two.
Zero is incorrect because you have to create an Azure App Service plan to properly deploy a Linux-based application. Therefore, you need to have at least one App Service plan to use it.
One is incorrect because one of the applications is running an ASP.NET V4.8 Windows runtime stack, while the other ones are using Linux runtime. Thus, you have to use at least two App Service plans.
Five is incorrect because you don’t need to create one App Service plan for each application. You only have to create one plan each for Windows and Linux OS.
You have an application that is hosted on an Azure App service named TDApp1.
You have a custom domain named tutorialsdojo.com that needs to be added to TDApp1.
What should you do first?
A. Create a Private Endpoint
B. Modify the app settings
C. Add a DNS record
D. Configure Vnet Integration
C. Add a DNS record
Explanation:
Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. You can develop in your favorite language, be it .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python. Applications run and scale with ease on both Windows and Linux-based environments. App Service not only adds the power of Microsoft Azure to your application, such as security, load balancing, autoscaling, and automated management. You can also take advantage of its DevOps capabilities, such as continuous deployment from Azure DevOps, GitHub, Docker Hub, other sources, package management, staging environments, custom domain, and TLS/SSL certificates.
You can configure Azure DNS to host a custom domain for your web apps. For example, you can create an Azure web app and have your users access it using either www.tutorialsdojo.com or tutorialsdojo.com as a fully qualified domain name (FQDN).
To do this, you have to create three records:
– A root “A” record pointing to your domain.
– A root “TXT” record for verification
– A “CNAME” record for any subdomain name that your domain has.
Keep in mind that if you create an A record for a web app in Azure, the A record must be manually updated if the underlying IP address for the web app changes.
Hence, the correct answer is: Add a DNS record.
The option that says: Modify the app settings is incorrect because these are simply configurations passed as environment variables to the application code.
The option that says: Create a Private Endpoint is incorrect because this only allows clients located in your private network to securely access the app over a Private Link which helps you eliminate exposure from the public Internet.
The option that says: Configure Vnet integration is incorrect because this is just a feature that enables your apps to access resources in or through a VNet. This type of integration doesn’t enable your apps to be accessed privately. You use this if you want to privately connect to the resources inside a virtual machine.
You plan to create a solution that automatically increases the number of VMs when there is high demand.
What should you implement?
A. Create Azure virtual machine scale sets.
B. Create an Azure ARM template to deploy a virtual machine.
C. Deploy the virtual machine in multiple Availability Zones.
D. Deploy the virtual machine in an Availability Set.
A. Create Azure virtual machine scale sets.
Explanation:
Azure virtual machine scale sets let you create and manage a group of load-balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide high availability to your applications and allow you to centrally manage, configure, and update a large number of VMs. With virtual machine scale sets, you can build large-scale services for areas such as compute, big data, and container workloads.
In this scenario, you can create a VM scale set to automatically increase the number of VMs when there is high demand. Take note that scale sets are built from virtual machines. With scale sets, the management and automation layers are provided to run and scale your applications.
Hence, the correct answer is: Create Azure virtual machine scale sets.
The option that says: Deploy the virtual machine in an Availability Set is incorrect because an Availability Set only allows you to deploy the virtual machine in a single data center. Therefore, this option does not meet the technical requirements of being scalable and highly available.
The option that says: Deploy the virtual machine in multiple Availability Zones is incorrect. Just like the option above, the virtual machine won’t scale as the traffic increases by default. You have to create Azure virtual machine scale sets instead.
The option that says: Create an Azure ARM template to deploy a virtual machine is incorrect because this template only deploys one virtual machine to Azure. If the template would create virtual machine scale sets then this option would satisfy the requirements in the scenario.
You deployed an Ubuntu Server VM named TDAzureVM1.
You created a template based on the configuration of the TDAzureVM1 virtual machine and uploaded it to the Azure Resource Manager (ARM) Library.
You need to provision a new virtual machine named TDAzureVM2 using the same template in ARM.
What can be configured in this custom deployment process?
A. Operating system
B. Availability options
C. Resource group
D. Size of the virtual machine
C. Resource group
Explanations:
Azure Resource Manager (ARM) templates are primarily used to implement infrastructure as code for your Azure solutions. The template is a JavaScript Object Notation (JSON) file that defines your project’s infrastructure and configuration. The template uses declarative syntax, which lets you state what you intend to deploy without writing the sequence of programming commands to create it. In the template, you specify the resources to deploy and the properties for those resources.
You can export the template of an existing virtual machine and save it in Azure Resource Manager. The exported template is composed of parameters and template JSON files. In custom deployment (as shown in the figure above), the only options that you can configure are Subscription, Resource Group, and Location.
Hence, the correct answer is: Resource group.
The following options are incorrect because you can only change the subscription, resource group, and location in the custom deployment process. Remember that the operating system, availability options, and size of VM are already configured in the ARM template.
– Operating system
– Availability options
– Size of the virtual machine
You plan to automate the deployment of Windows Servers using a virtual machine scale set.
You need to make sure that the web components are installed in the virtual machines.
Which two actions should you perform?
A. Create a policy.
B. Create a configuration script.
C. Create an automation account.
D. Configure the extensionProfile section of the ARM template.
E. Create a new scale set.
B. Create a configuration script.
D. Configure the extensionProfile section of the ARM template.
Explanation:
Azure virtual machine scale sets let you create and manage a group of load-balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide high availability to your applications and allow you to centrally manage, configure, and update a large number of VMs.
The Custom Script Extension downloads and executes scripts on Azure virtual machines. This extension is useful for post-deployment configuration, software installation, or any other configuration or management tasks.
Hence, the correct answers are:
– Create a configuration script.
– Configure the extensionProfile section of the ARM template.
The option that says: Create an automation account is incorrect because an automation account wouldn’t help you automatically install web components. You still need to create a configuration script and extensionProfile in the ARM template.
The option that says: Create a policy is incorrect because this option only evaluates resources in Azure. Take note that you don’t need to create a policy to install web components.
The option that says: Create a new scale set is incorrect because this wouldn’t install the required web components. Instead of creating a new scale set, you should use a custom script extension to install the web components in the VMs.
You plan to migrate your business-critical application to Azure virtual machines.
You need to make sure that at least two VMs are available during planned Azure maintenance.
What should you do?
A. Create an Availability Set that has two update domains and three fault domains.
B. Create an Availability Set that has three update domains and two fault domains.
C. Create an Availability Set that has one update domain and three fault domains.
D. Create an Availability Set that has three update domains and one fault domain.
B. Create an Availability Set that has three update domains and two fault domains.
Explanation:
Azure periodically updates its platform to improve the reliability, performance, and security of the host infrastructure for virtual machines. The purpose of these updates ranges from patching software components in the hosting environment to upgrading networking components or decommissioning hardware.
Updates rarely affect the hosted VMs. When updates do have an effect, Azure chooses the least impactful method for updates:
– If the update doesn’t require a reboot, the VM is paused while the host is updated, or the VM is live-migrated to an already updated host.
– If maintenance requires a reboot, you’re notified of the planned maintenance. Azure also provides a time window in which you can start the maintenance yourself, at a time that works for you. The self-maintenance window is typically 35 days unless the maintenance is urgent. Azure is investing in technologies to reduce the number of cases in which planned platform maintenance requires the VMs to be rebooted.
The main objective of the question is to test your understanding of update and fault domains. Since it’s a requirement in the scenario that at least two virtual machines must be available during planned maintenance, you should add three update domains in the Availability Set. Take note that each virtual machine in your availability set is assigned to an update domain and a fault domain.
During scheduled maintenance, only one update domain is updated at any given time. Update domains aren’t necessarily updated sequentially. A rebooted update domain is given 30 minutes to recover before maintenance is initiated on a different update domain. For fault domains, you can set a minimum number of fault domains in your Availability Set because the main requirement in the scenario is to prepare for planned maintenance.
Hence, the correct answer is: Create an Availability Set that has three update domains and two fault domains.
The option that says: Create an Availability Set that has three update domains and one fault domain is incorrect because if you set 3 update domains and 1 fault domain in an Availability Set, you will receive an error message: “The update domain count must be 1 when fault domain count is 1.” To resolve this error, you must have 2 fault domains instead of 1 fault domain.
The option that says: Create an Availability Set that has two update domains and three fault domains is incorrect because you need to have three update domains instead of two update domains.
The option that says: Create an Availability Set that has one update domain and three fault domains is incorrect because three fault domains are not needed in this scenario. Fault domains are mainly used for unplanned maintenance. Three update domains must be provisioned to adequately satisfy the requirements.
You deployed an Ubuntu server using Azure Virtual Machine.
You received an email notification that your resources will be affected by the planned maintenance.
You need to migrate the virtual machine to a new Azure host.
Solution: Move the virtual machine to a new resource group.
Does the solution meet the goal?
A. No
B. Yes
A. No
Explanation:
Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that Azure offers. Typically, you choose a VM when you need more control over the computing environment. An Azure VM gives you the flexibility of virtualization without having to buy and maintain the physical hardware that runs it. However, you still need to maintain the VM by performing tasks, such as configuring, patching, and installing the software that runs on it.
The requirement in this scenario is to migrate the VM to a new Azure host. Moving the VM to a new resource group doesn’t mean that it is also moved to a new host. A resource group is just a container that holds related resources. Instead of moving the virtual machine to a new resource group, you must select the redeploy button in the Support + Troubleshooting section.
Take note that when you redeploy a VM, it moves the VM to a new node within the Azure infrastructure and then powers it back on. This means that the virtual machine will be unavailable when the redeployment is in progress.
Hence, the correct answer is: No.
The container’s public IP address was provided to development teams in the East US region to allow users access to the dashboard. However, you received a report that users can’t access the application.
Which of the following options allows users to access Grafana with the least amount of configuration?
A. Move the container app to the East US Region.
B. Configure ingress to generate a new endpoint.
C. Add a custom domain and certificate.
D. Disable IP Restrictions.
B. Configure ingress to generate a new endpoint.
Explanation:
Azure Container Apps allows you to deploy containerized apps without managing complex infrastructure. You have the freedom to write code in your preferred language or framework, and create microservices that are fully supported by the Distributed Application Runtime (Dapr). The scaling of your application can be automatically adjusted based on either HTTP traffic or events, utilizing Kubernetes Event-Driven Autoscaling (KEDA).
With Azure Container Apps ingress, you can make your container application accessible to the public internet, VNET, or other container apps within your environment. This eliminates the need to create an Azure Load Balancer, public IP address, or any other Azure resources to handle incoming HTTPS requests. Each container app can have unique ingress configurations. For instance, one container app can be publicly accessible while another can only be reached within the Container Apps environment.
The problem with the given scenario is that users are accessing the public IP address even though the ingress setting is not enabled during the creation of the container app. When you configure the ingress and target port and then save it, the app will generate a new endpoint depending on the ingress traffic that you’ve selected. Now when you try to access the application URL, you will be redirected to the target port of the container image.
Hence, the correct answer is: Configure ingress to generate a new endpoint.
The option that says: Move the container app to the East US Region is incorrect because you can’t move a container app to a different Region.
The option that says: Disable IP Restrictions is incorrect because this won’t still help users access the Grafana app. Instead of denying traffic from source IPs, you only need to enable ingress and target port.
The option that says: Add a custom domain and certificate is incorrect because even though you added a custom domain name, you still won’t be able to access the application since additional configurations must be done to allow VNET-scope ingress. Therefore, the quickest way and least amount of configurations would be to enable ingress and get the application URL.
You plan to use an Azure Resource Manager (ARM) template to deploy 5 web apps in the same region.
You are required to launch the application in the most cost-effective way.
Which of the following options fulfills this requirement?
A. Create a CDN endpoint.
B. Create one App Service plan.
C. Create an Application Gateway
D. Create five App Service plans.
B. Create one App Service plan.
Explanation:
Azure Resource Manager (ARM) templates are primarily used to implement infrastructure as code for your Azure solutions. The template is a JavaScript Object Notation (JSON) file that defines your project’s infrastructure and configuration. The template uses declarative syntax, which lets you state what you intend to deploy without writing the sequence of programming commands to create it. In the template, you specify the resources to deploy and the properties for those resources.
The main requirement in this scenario is to deploy web apps in the most cost-effective way. To accomplish this requirement, you can create one App Service plan and use the plan to deploy five web apps. If you recall the Azure App Service concepts, you can configure one or more apps to run on the same computing resources (or in the same App Service plan). Therefore, if you deploy the five web apps in the same region, you can use one App Service plan for your resources.
Hence, the correct answer is: Create one App Service plan.
The option that says: Create five App Service plan is incorrect because the requirement in this scenario is to deploy the five web apps to the same region in the most cost-effective way. This approach is applicable if you need to deploy web apps in different regions.
The option that says: Create an Application Gateway is incorrect because you can’t deploy five web apps using Azure Application Gateway. This service is simply a web traffic load balancer and is not capable of hosting an application.
The option that says: Create a CDN endpoint is incorrect because a CDN endpoint only represents a specific configuration of content delivery behavior and access. You must create one App Service plan to fulfill the requirement in the scenario.
You plan to use an Azure Resource Manager (ARM) template to create a virtual machine scale set that will launch five Ubuntu servers.
You need to make sure that NGINX is installed in all the virtual machines.
What should you use?
A. Azure Blueprints
B. Azure Custom Script Extension
C. Azure Service Bus
D. Azure Policy
B. Azure Custom Script Extension
Explanation:
Azure Virtual Machine Scale Sets let you create and manage a group of load-balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide high availability to your applications and allow you to centrally manage, configure, and update a large number of VMs. With virtual machine scale sets, you can build large-scale services for areas such as compute, big data, and container workloads.
You can use Custom Script Extension to download and execute scripts on Azure VMs. This extension is useful for post-deployment configuration, software installation, or any other configuration/management task. Scripts can be downloaded from Azure storage or GitHub, or provided to the Azure portal at extension run-time. The Custom Script extension integrates with Azure Resource Manager templates, and can also be used with the Azure CLI, Azure PowerShell, Azure portal, or the REST API.
Hence, the correct answer is: Azure Custom Script Extension.
Azure Blueprints is incorrect because you can’t use Blueprints to execute scripts and install NGINX in virtual machines. The Azure Blueprints service simply enables you to define a repeatable set of Azure resources that implements and adheres to an organization’s standards, patterns, and requirements. This service doesn’t execute custom scripts.
Azure Policy is incorrect because this service is mainly used to create, assign, and manage policies across your organization.
Azure Service Bus is incorrect because this is just a fully managed enterprise message broker with message queues and public-subscribe topics. This service is not capable of installing NGINX in virtual machines.
You deployed an Ubuntu server using Azure Virtual Machine.
You received an email notification that your resources will be affected by the planned maintenance.
You need to migrate the virtual machine to a new Azure host.
Solution: Move the virtual machine to another subscription.
Does the solution meet the goal?
A. No
B. Yes
A. No
Explanation:
Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that Azure offers. Typically, you choose a VM when you need more control over the computing environment. An Azure VM gives you the flexibility of virtualization without having to buy and maintain the physical hardware that runs it. However, you still need to maintain the VM by performing tasks, such as configuring, patching, and installing the software that runs on it.
Changing the associated subscription of your Azure Virtual Machines won’t cause any internal changes. Take note that when you redeploy a VM, it moves the VM to a new node within the Azure infrastructure and then powers it back on. This means that the virtual machine will be unavailable when the redeployment is in progress.
Hence, the correct answer is: No.
You deployed ten web servers that are running in Windows Server 2019 virtual machines behind an Azure load balancer. The virtual machines host a stateless web application.
You need to ensure that successive requests from the same client IP address and protocol will be handled by the same virtual machine.
What should you configure in the load balancer?
A. Enable floating IP.
B. Set the session persistence to Client IP and protocol.
C. Set idle timeout to the maximum available limit.
D. Configure Client IP as the session persistence type.
B. Set the session persistence to Client IP and protocol.
Explanation:
Azure Load Balancer is a Layer-4 (TCP, UDP) load balancer that provides high availability by distributing incoming traffic among healthy VMs. A load balancer health probe monitors a given port on each VM and only distributes traffic to an operational VM. You define a front-end IP configuration that contains one or more public IP addresses. This front-end IP configuration allows your load balancer and applications to be accessible over the Internet.
To redirect the client request to the same virtual machine, you need to add a session persistence in the load balancing rule. Session persistence specifies that traffic from a client should be handled by the same virtual machine in the backend pool for the duration of a session.
There are three options in session persistence:
– None – specifies that successive requests from the same client may be handled by any virtual machine.
– Client IP – specifies that the same virtual machine will handle successive requests from the same client IP address.
– Client IP and protocol – specifies that the same virtual machine will handle successive requests from the same client IP address and protocol combination.
Since the requirement in the scenario is to handle the same client IP address and protocol, you need to set the Session Persistence to Client IP and protocol.
Hence, the correct answer is: Set the session persistence to Client IP and protocol.
The option that says: Configure Client IP as the session persistence type is incorrect because the requirement in the scenario is the same client IP address and protocol. This type of configuration is only applicable if you want to persist the same client IP address, excluding its protocol.
The option that says: Set idle timeout to the maximum available limit is incorrect because the maximum available limit in idle timeout is 30 minutes. Also, idle timeout is used to keep TCP or HTTP connections open without relying on clients to send keep-alive messages. You don’t need to set idle timeout because the only requirement is to redirect the same client IP address and protocol to the same virtual machine.
The option that says: Enable Floating IP is incorrect because this feature just changes the IP address mapping to the front-end IP of the load balancer. The Floating IP feature is not capable of handling sticky sessions.
You plan to provision ten virtual machines using the Azure VM scale sets.
The virtual machines must be optimized for large-scale stateless workloads.
Which of the following options allows you to deploy VMs as quickly as possible?
A. Create ten virtual machines in the Azure portal.
B. Create ten virtual machines in Azure CLI using the az vm create command.
C. Create a VM scale set and set the orchestration mode to Flexible.
D. Create a VM scale set and set the orchestration mode to Uniform.
D. Create a VM scale set and set the orchestration mode to Uniform.
Explanation:
Azure Virtual Machine Scale Sets provide a logical grouping of platform-managed virtual machines. With scale sets, you create a virtual machine configuration model, automatically add or remove additional instances based on CPU or memory load, and automatically upgrade to the latest OS version. Traditionally, scale sets allow you to create virtual machines using a VM configuration model provided at the time of scale set creation, and the scale set can only manage virtual machines that are implicitly created based on the configuration model.
Scale set orchestration modes give you more control over how virtual machine instances are managed by the scale set. The two types of orchestration modes are:
Uniform – uses a virtual machine profile or template to scale up to desired capacity. This orchestration mode is mainly used for large-scale stateless workloads that require identical VM instances. It also provides fault domain high availability (less than 100 VMs). Flexible – offers high availability with identical or multiple VM types (up to 1000 VMs) by spreading VMs across fault domains in a region or within an Availability Zone.
Orchestration mode also helps you design a highly available infrastructure since the virtual machines are deployed in fault domains and Availability Zones. In Flexible orchestration mode, you manually create and add the VM to the scale set. While in Uniform orchestration mode, you just need to define a VM model and Azure will automatically create identical instances based on that model. Remember that the orchestration mode is defined when you create the scale set and cannot be changed or updated later.
In this scenario, you must use the Azure virtual machine scale sets to provision ten virtual machines. Among the options given, you can select between the two orchestration modes: Uniform and Flexible. It is stated in the scenario that the virtual machines must be optimized for large-scale stateless workloads. Therefore, you must set the orchestration mode to Uniform in order to satisfy this requirement.
Hence, the correct answer is: Create a VM scale set and set the orchestration mode to Uniform.
The option that says: Create a VM scale set and set the orchestration mode to Flexible is incorrect because the requirement is to create virtual machines that are optimized for large-scale stateless workloads. Flexible orchestration mode is mainly used for quorum-based or stateful workloads.
The option that says: Create ten virtual machines in Azure CLI using the az vm create command is incorrect because you need to use Uniform orchestration scale set to provision ten virtual machines and not just using the Azure VM via the CLI. Also, the az vm create command will only create 1 virtual machine.
The option that says: Create ten virtual machines in the Azure portal is incorrect. Instead of creating one virtual machine at a time, you must use a VM scale set and set the orchestration mode to Uniform.
