Storage

Question 1

What does the storage firewall in Azure allow you to do?

Answer 1

Limit access to specific IP addresses or an IP address range for all storage account services.

Question 2

How can you restrict access to specific subnets within an Azure VNet using the storage firewall?

Answer 2

By using service endpoints.

Question 3

What option in the storage firewall allows access for Azure Backup, Azure Site Recovery, and Azure Networking?

Answer 3

Allow Trusted Microsoft Services To Access This Account.

Question 4

What are the three access levels for Azure Blob Storage?

Answer 4

Private, Blob, Container.

Question 5

What does the ‘Private’ access level in Azure Blob Storage mean?

Answer 5

Only the storage account owner can access the container and its blobs.

Question 6

What is the purpose of a Shared Access Signature (SAS) token in Azure?

Answer 6

To grant access to specific containers, blobs, queues, and tables for a specified period of time with specified permissions.

Question 7

What protocol must be used when dealing with SAS tokens in Azure?

Answer 7

HTTPS.

Question 8

What are the five separate storage services provided by Azure?

Answer 8

Blobs, Tables, Queues, Files, Disks.

Question 9

What are the two storage performance tiers in Azure?

Answer 9

Standard and Premium.

Question 10

What replication options does the Premium tier support for general-purpose storage accounts?

Answer 10

LRS.

Question 11

What are the supported services for General-Purpose v2 storage accounts in Azure?

Answer 11

Blob, File, Queue, Table.

Question 12

What is the maximum size for a Block Blob in Azure?

Answer 12

Slightly more than 4.75 TB.

Question 13

What replication option in Azure Storage makes three synchronous copies of data within a single data center?

Answer 13

Locally redundant storage (LRS).

Question 14

What replication option in Azure Storage makes three synchronous copies across multiple availability zones?

Answer 14

Zone redundant storage (ZRS).

Question 15

What is required for a storage account to use Azure AD authorization?

Answer 15

The storage account must be created with the Azure Resource Manager deployment model.

Question 16

What are the three RBAC roles for blobs in Azure?

Answer 16

Storage Blob Data Owner, Storage Blob Data Contributor, Storage Blob Data Reader.

Question 17

What are the three RBAC roles for queues in Azure?

Answer 17

Storage Queue Data Contributor, Storage Queue Data Reader, Storage Queue Data Message Processor.

Question 18

What command registers a storage account with your active directory environment using PowerShell?

Answer 18

Join-AzStorageAccountForAuth.

Question 19

What command in AzCopy performs large-scale bulk transfer of data to and from Azure Storage?

Answer 19

azcopy copy.

Question 20

What command in AzCopy synchronizes the contents of a destination container with a source container?

Answer 20

azcopy sync.

Question 21

What are the limitations of blob object replication in Azure?

Answer 21

Doesn’t work with the Archive tier, snapshots, immutable snapshots, and accounts with a hierarchical namespace.

Question 22

What are the three types of blobs in Azure Blob Storage?

Answer 22

Block Blobs, Page Blobs, Append Blobs.

Question 23

What is the maximum size of a Page Blob in Azure?

Answer 23

8 TB.

Question 24

What access tiers are supported by Blob Storage in Azure?

Answer 24

Hot, Cool, Archive.

Question 25

What are the three kinds of storage accounts in Azure?

Answer 25

General-Purpose v1, General-Purpose v2, Blob Storage.

Question 26

What Azure tool is used to transition data to lower-access tiers based on preconfigured rules?

Answer 26

Azure Storage lifecycle-management.

Question 27

What is required for object replication in Azure Blob Storage?

Answer 27

Blob versioning and blob change feed must be enabled for both source and destination storage accounts.

Question 28

What does a CanNotDelete resource lock in Azure do?

Answer 28

Prevents the deletion of a resource but allows modification.

Question 29

What does a ReadOnly resource lock in Azure do?

Answer 29

Prevents modification or deletion of a resource but allows read access.

Question 30

What is the maximum number of custom roles per directory in Azure AD?

Answer 30

5,000 custom roles.

Question 31

What role is required to create a custom role in Azure AD?

Answer 31

Microsoft.Authorization/roleDefinitions/write permission on all AssignableScopes.

Question 32

What happens to resources during a move operation in Azure?

Answer 32

They are locked, blocking write and delete operations, but the underlying service continues to function.

Question 33

What is the maximum number of role assignments per subscription in Azure AD?

Answer 33

2,000 role assignments.

Question 34

What is the purpose of the Deny Assignments tab in the IAM blade?

Answer 34

It cannot be used to make or alter deny assignments; these are set and controlled by applying a resource lock for resources created through Azure Blueprints.

Question 35

What happens if you try to move resources between subscriptions that are not associated with the same Azure AD tenant?

Answer 35

You must update the target subscription to use the source Azure AD tenant by transferring ownership of the subscription to another account.

Question 36

What is the role of Azure Key Vault in securing storage accounts?

Answer 36

Manages encryption keys and secrets used for securing storage account data.

Question 37

What is the maximum size of an append blob in Azure?

Answer 37

195 GB.

Question 38

What Azure service provides a highly scalable service for storing arbitrary data objects?

Answer 38

Azure Blob Storage.

Question 39

What Azure service provides a NoSQL-style store for structured data?

Answer 39

Azure Table Storage.

Question 40

What Azure service provides reliable message queueing between application components?

Answer 40

Azure Queue Storage.

Question 41

What are the replication options for General-Purpose v2 storage accounts in Azure?

Answer 41

LRS, ZRS, GRS, RA-GRS, GZRS, RA-GZRS.

Question 42

What is the maximum number of diagnostic settings per resource in Azure Monitor?

Answer 42

10 diagnostic settings.

Question 43

What is the maximum number of metric alerts per subscription in Azure Monitor?

Answer 43

5,000 metric alerts.

Question 44

What is the maximum size of an ARM template in Azure?

Answer 44

4 MB.

Question 45

What is the maximum number of public IP addresses per subscription in Azure?

Answer 45

1,000 public IP addresses.

Question 46

What is the maximum number of route tables per subscription in Azure?

Answer 46

400 route tables.

Question 47

What is the maximum number of virtual network gateways per subscription in Azure?

Answer 47

50 virtual network gateways.

Question 48

What is the maximum number of VPN connections per virtual network gateway in Azure?

Answer 48

30 VPN connections.

Question 49

What are the requirements for using Azure Site Recovery for VM backups?

Answer 49

Azure VM must be in a supported region, and the Recovery Services vault must be in the same region.

Question 50

What is the maximum number of tags per resource in Azure?

Answer 50

50 tags.

Question 51

What is the role of Azure AD Connect Sync?

Answer 51

Synchronizes on-premises directory objects to Azure AD.

Question 52

What are the maximum retention periods for logs in Azure Monitor?

Answer 52

From 30 days up to 730 days, depending on the pricing tier.

Question 53

What is the maximum number of virtual networks (VNets) per region per subscription in Azure?

Answer 53

500 VNets.

Question 54

What Azure tool provides a graphical interface to manage and access Azure Storage resources?

Answer 54

Azure Storage Explorer.

Question 55

What are the three access levels for Azure File shares?

Answer 55

Transaction optimized, Hot, Cool.

Question 56

What are the three access tiers for Azure Blob Storage?

Answer 56

Hot, Cool, Archive.

Question 57

What is the default retention period for Azure VM backups?

Answer 57

30 days.

Question 58

What is the maximum number of custom roles for Azure Germany and Azure China 21Vianet?

Answer 58

2,000 custom roles.

Question 59

What permission is required to enable and disable devices in Azure AD?

Answer 59

Global Administrator.

Question 60

What is the maximum number of objects that can be synchronized using Azure AD Connect?

Answer 60

50,000 objects by default.

Question 61

What is required to invite a guest user in Azure AD?

Answer 61

The guest must accept the invitation along with the multi-factor consent process.

Question 62

What is the role of Azure Traffic Manager?

Answer 62

Uses DNS to distribute traffic to different endpoints globally.

Question 63

What is required to create a dynamic group in Azure AD?

Answer 63

A Premium AD license.

Question 64

What is the maximum number of user access administrators per resource in Azure AD?

Answer 64

100 user access administrators.

Question 65

What does the 'Container' access level in Azure Blob Storage mean?

Answer 65

Blobs and their containers can be accessed anonymously.

Question 66

What is the maximum number of keys per Azure Key Vault?

Answer 66

4,096 keys.

Question 67

What is the role of Azure Site Recovery?

Answer 67

Supports site-to-site recovery for Azure VMs, on-premises VMs, and physical servers.

Question 68

What does the 'Hot' access tier in Azure Blob Storage mean?

Answer 68

Used to store frequently accessed objects with low data access costs and higher storage costs.

Question 69

What is the maximum size of a file in Azure Files?

Answer 69

1 TiB.

Question 70

What is the purpose of Azure Resource Manager (ARM) templates?

Answer 70

Enable infrastructure as code for deploying and managing Azure resources.

Question 71

What Azure service provides managed file shares that can be used by Azure VMs or on-premises servers?

Answer 71

Azure Files.

Question 72

What is the maximum size of a block blob in Azure?

Answer 72

Slightly more than 4.75 TB.

Question 73

What is the purpose of Azure Key Vault?

Answer 73

Manages encryption keys and secrets used for securing storage account data.

Question 74

What is the maximum size of a Page Blob in Azure?

Answer 74

8 TB.

Question 75

What replication option in Azure Storage provides read-only access to the data in the secondary data center?

Answer 75

Read access geographically redundant storage (RA-GRS).

Question 76

What command in AzCopy synchronizes the contents of a destination container with a source container?

Answer 76

azcopy sync.

Question 77

What Azure service provides reliable message queueing between application components?

Answer 77

Azure Queue Storage.

Question 78

What are the replication options for General-Purpose v2 storage accounts in Azure?

Answer 78

LRS, ZRS, GRS, RA-GRS, GZRS, RA-GZRS.

Question 79

What is the maximum number of metric alerts per subscription in Azure Monitor?

Answer 79

5,000 metric alerts.

Question 80

What is the maximum number of diagnostic settings per resource in Azure Monitor?

Answer 80

10 diagnostic settings.