AZ-900

Question 1

What is cloud computing?

Answer 1

delivery of services over the internet

Question 2

What is a private cloud?

Answer 2

A cloud used by a single entity

Question 3

What is a public cloud?

Answer 3

a cloud that is built, controlled, and maintained by a third party provider

Question 4

What is a multi-cloud model?

Answer 4

Where you use multiple public cloud providers

Question 5

What is the set of technologies that helps to manage your environment called?

Answer 5

Azure Arc

Question 6

What is CapEx?

Answer 6

Capital Expenditures

Question 7

What is OpEx?

Answer 7

Operational Expenditures

Question 8

Which cloud model uses some datacenters focused on providing cloud services to anyone that wants them, and some data centers that are focused on a single customer?

Answer 8

Hybrid Cloud

Question 9

According to the shared responsibility model, which cloud service type places the most responsibility on the customer?

Answer 9

IaaS

Question 10

What is vertically scaling in a cloud environment?

Answer 10

Gaining new features

Question 11

What is horizontal scaling in a cloud environment?

Answer 11

Creating more of what you have deployed

Question 12

Which type of scaling involves adding or removing resources (such as virtual machines or containers) to meet demand?

Answer 12

Horizontal Scaling

Question 13

What is characterized as the ability of a system to recover from failures and continue to function?

Answer 13

Reliability

Question 14

In IaaS, what is the cloud provider responsible for?

Answer 14

physical security, networking, hardware

Question 15

What more does the cloud provider maintain in PaaS when compared to IaaS?

Answer 15

operating systems, middleware, development tools, and business intelligence services

Question 16

Which cloud service type is most suited to a lift and shift migration from an on-premises datacenter to a cloud deployment?

Answer 16

IaaS

Question 17

What type of cloud service type would a Finance and Expense tracking solution typically be in?

Answer 17

SaaS

Question 18

Can Bash be used to control Azure?

Answer 18

Yes

Question 19

Can PowerShell be used to control Azure?

Answer 19

Yes

Question 20

What is Azure CLI interactive mode?

Answer 20

a way to interact with CLI in a way that more resembles an IDE

Question 21

What is a region?

Answer 21

a geographical area that contains at least one datacenter

Question 22

What are availability zones?

Answer 22

physically separate datacenters within an Azure region

Question 23

Does each availability zone have independent cooling, power, and networking?

Answer 23

Yes

Question 24

What is a resource in Azure?

Answer 24

a basic building block of Azure. Anything you create is a resource

Question 25

Are all resources required to be in a resource group?

Answer 25

Yes

Question 26

How many resource groups can a resource be a part of?

Answer 26

1

Question 27

What is an Azure subscription?

Answer 27

a unit of management, billing, and scale

Question 28

Must every Azure account have a subscription?

Answer 28

Yes

Question 29

Can an account have multiple subscriptions?

Answer 29

Yes

Question 30

What are the two types of subscription boundaries?

Answer 30

Billing boundary and access control boundary

Question 31

What are resource groups grouped under?

Answer 31

subscriptions

Question 32

What can manage subscriptions?

Answer 32

Management groups

Question 33

What happens to the resources within a resource group when an action or setting at the Resource Group level is applied?

Answer 33

The setting is applied to current and future resources

Question 34

What Azure feature replicates resources across regions that are at least 300 miles away from each other?

Answer 34

Region Pairs

Question 35

Are VM’s IaaS, PaaS, or SaaS?

Answer 35

IaaS

Question 36

What are VM scale sets?

Answer 36

Allows you to create and manage a group of identical load balanced VM’s

Question 37

What are VM availability sets?

Answer 37

allows you to build a more resilient, highly available environment by staggering updates and having different power and network sources

Question 38

What are the two domains in an availability set

Answer 38

Update domain and fault domain

Question 39

What is Azure Virtual Desktop?

Answer 39

A type of virtual machine that is a desktop and application virtualization service

Question 40

What should you use if you want to run multiple instances of an application on a single host machine?

Answer 40

Containers

Question 41

What are containers?

Answer 41

A virtualization enviroment

Question 42

What is Azure’s container orchestration service?

Answer 42

Axure Kubernetes Service

Question 43

What is Azure’s container service that has load balancing and scaling?

Answer 43

Azure Container Apps

Question 44

What is Azure functions?

Answer 44

an event driven, serverless compute option that doesn’t require maintaining virtual machines or containers

Question 45

What does it mean for a Function to be stateless?

Answer 45

Every time it is triggered, it acts as if it is restarted

Question 46

What does it mean for a Function to be stateful?

Answer 46

Durable functions track prior activity

Question 47

What is Azure App Service?

Answer 47

enables you to build and host web apps, background jobs, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure

Question 48

What is Azure virtual networking?

Answer 48

enable Azure resources, such as VMs, web apps, and databases, to communicate with each other, with users on the internet, and with your on-prem client computers

Question 49

What does a VPN do?

Answer 49

creates an encrypted tunnel in an untrusted network for two or more trusted networks to commuincate

Question 50

What is a VPN gateway?

Answer 50

a type of virtual network gateway

Question 51

How many VPN gateways can you provision in a virtual network?

Answer 51

one

Question 52

What authentication type is employed for Azure VPN’s?

Answer 52

a pre-shared key

Question 53

What are the two types of VPN’s in Azure?

Answer 53

policy based and route based

Question 54

What is Azure ExpressRoute?

Answer 54

lets you extend your on-prem networks into the microsoft cloud over a private connection

Question 55

Does your data travel over the public internet with ExpressRoute?

Answer 55

No

Question 56

What is Azure DNS?

Answer 56

Azure DNS is a hosting service for DNS domains that provides name resolution by using MS Azure infrastructure

Question 57

Which Azure Virtual Machine feature staggers updates across VMs based on their update domain and fault domain?

Answer 57

Availability sets

Question 58

Which Azure service allows users to use a cloud hosted version of Windows from any location and connect from most modern browsers?

Answer 58

Azure Virtual Desktop

Question 59

What is Microsoft Entra ID?

Answer 59

a directory service that enables you to sign in and access both Microsoft cloud applications and cloud applications that you develop

Question 60

True or False: Azure always stores multiple copies of your data

Answer 60

True

Question 61

How many times is data replicated in the primary region?

Answer 61

three times

Question 62

What is LRS?

Answer 62

Locally redundant storage replicates your data three times in a single datacenter

Question 63

How many nines of durability is LRS?

Answer 63

11

Question 64

What is the lowest redundancy storage option?

Answer 64

LRS

Question 65

What is ZRS?

Answer 65

Zone redundant storage replicates your data across three different availability zones

Question 66

How many nines of durability does ZRS have?

Answer 66

12 nines

Question 67

What is GRS?

Answer 67

Geo-redudant storage is when there is a LRS in two regions

Question 68

How many nines of durability is GRS?

Answer 68

16 nines

Question 69

What is GZRS?

Answer 69

Geo-zone redundant storage is ZRS in the primary region and LRS in the secondary

Question 70

How many nines of durability is GZRS?

Answer 70

16 nines

Question 71

What is an Azure blob?

Answer 71

a massively scalable object store for text and binary data. Also includes support for big data analytics through Data Lake Storage Gen2

Question 72

What is Azure Files?

Answer 72

managed file share for cloud and on-prem

Question 73

What is Azure Queues?

Answer 73

A messaging store for reliable messaging between applications

Question 74

What is Azure Disks?

Answer 74

block level storage volumes for VMs

Question 75

What is Azure Tables?

Answer 75

A noSQL table option for structured, nonrelational data

Question 76

What are the 4 storage tiers of blob storage?

Answer 76

Hot, cool, cold, and archive

Question 77

What are services that can help you migrate your data to Azure?

Answer 77

Azure migrate or Azure Databox

Question 78

Which is a physical migration service: Azure migrate or Azure Databox?

Answer 78

Azure databox

Question 79

What is AzCopy?

Answer 79

a command line utility that you can use to copy blobs or files

Question 80

Which tool automatically keeps files between an on-premises Windows server and an Azure cloud environment updated?

Answer 80

Azure File Sync

Question 81

What provides a graphical user interface to manage storage solutions?

Answer 81

Azure storage explorer

Question 82

Which Azure Storage service supports big data analytics, as well as handling text and binary data types?

Answer 82

Azure Blob

Question 84

What is the on prem identity and access management service on Window servers?

Answer 84

Active Directory

Question 85

Can Active Directory and Entra ID connect?

Answer 85

Yes

Question 86

What is the service that provides managed domain services such as domain join, group policy lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication?

Answer 86

Entra Domain Service

Question 87

Define authentication

Answer 87

the process of establishing the identity of a person, service, or device

Question 88

What is an external identity?

Answer 88

a person, device, service, etc. that is outside of your organization

Question 89

What is the tool Entra ID can leverage to allow or deny access to resources based on identity signals?

Answer 89

Conditional access

Question 90

What is zero trust?

Answer 90

a security model that assumes the worst case scenario and protects resources with that expectation.

Question 91

What are the three guiding principles of Zero Trust?

Answer 91

Verify Explicitly, use least privilege access, assume breach

Question 92

What are all the layers of the Defense in Depth framework?

Answer 92

Physical Security, Identity Access, Perimeter, Network, Compute, Application, Data

Question 93

What is Microsoft Defender for Cloud?

Answer 93

a monitoring tool for security posture management and threat protection.

Question 94

True or False: Microsoft Defender for Cloud can monitor on-prem, hybrid, and multi-cloud environments as well as non-azure resources and resources in other Cloud environments

Answer 94

True

Question 95

Which Microsoft Entra tool can vary the credentials needed to log in based on signals, such as where the user is located?

Answer 95

Conditional Access

Question 96

Which security model assumes the worst-case security scenario, and protects resources accordingly?

Answer 96

Zero Trust

Question 97

A user is simultaneously assigned multiple roles that use role-based access control. What are their actual permissions? The role permissions are: Role 1 - read || Role 2 - write || Role 3 - read and write.

Answer 97

Read and Write

Question 98

What is the pricing calculator?

Answer 98

designed to give you an estimated cost for provisioning resources in Azure

Question 99

What is the Total Cost of Ownership (TCO) calculator?

Answer 99

designed to help you compare the costs for running an on-premises infrastructure compared to an Azure Cloud Infrastructure

Question 100

What is Cost Management?

Answer 100

a tool that provides the ability to quickly check Azure resource costs, create alerts based on resource spend, and create budgets that can be used to automate managent of resources

Question 101

What are the three types of cost alerts?

Answer 101

Budget alerts, credit alerts, and department spending quota alerts

Question 102

What are resource tags?

Answer 102

A way to organize resources

Question 103

What Azure feature can help stay organized and track usage based on metadata associated with resources?

Answer 103

Tags

Question 104

What’s the best method to estimate the cost of migrating to the cloud while incurring minimal costs?

Answer 104

Use the total cost of ownership calculator to estimate expected costs

Question 105

What is microsoft purview?

Answer 105

a family of data governance, risk, and compliance solutions that help you get a single, unified view into your data

Question 106

What service allows you to create, manage, and assign policies that control or audit your resources?

Answer 106

Azure Policy

Question 107

What is a something that will prevent resources from being altered or deleted?

Answer 107

Resource locks

Question 108

What portal provides access to various content, tools, and other resources about Microsoft security, privacy, and compliance practices?

Answer 108

Microsoft Service Trust Portal

Question 109

How can you prevent creation of non-compliant resources, without having to manually evaluate each resource?

Answer 109

Azure Policy

Question 110

What’s the best way to prevent inadvertent deletion of a resource?

Answer 110

Azure resource locks

Question 111

What allows you to extend your Azure compliance and monitoring to your hybrid and multi-cloud configurations?

Answer 111

Azure Arc

Question 112

What are ARM templates?

Answer 112

Azure resource manager templates allow you to create resources that are identical to other created from the same JSON template

Question 113

What service helps you manage your Azure, on-premises, and multicloud environments?

Answer 113

Azure Arc

Question 114

What two components could you use to implement a “infrastructure as code” deployment?

Answer 114

Bicep and ARM templates

Question 115

What service evaluates your Azure resources and makes recommendations to help improve reliability, security, performance, and reduce costs?

Answer 115

Azure advisor

Question 116

What is Azure Service Health?

Answer 116

gives you a complete view of your Azure environemnt

Question 117

What is Azure Monitor?

Answer 117

platform for collecting data on your resources, analyzing the data, visualizing the information, and acting on the results

Question 118

What five categories does Azure Advisor address?

Answer 118

reliability, security, performance, operational excellence, cost

Question 119

You receive an email notification that virtual machines (VMs) in an Azure region where you have VMs deployed is experiencing an outage. Which component of Azure Service Health will let you know if your application is impacted?

Answer 119

Resource Health

Question 120

What operating systems does Microsoft supply Azure Virtual Machine images for?

Answer 120

Windows and Linux

Question 121

What is a public endpoint?

Answer 121

Enables access to your data or application form outside the virtual network

Question 122

True or False: Azure PowerShell scripts and Command line Interface scripts are entirely compatible with each other

Answer 122

False

Question 123

True or False: An Azure Storage Account can have both a public endpoint and a private endpoint at the same time.

Answer 123

True

Question 124

What type of documents does the Microsoft Service Trust Portal provide?

Answer 124

A list of documents that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft compliance efforts

Question 125

What affect does using a “read only” resource lock on a Azure Storage Account have?

Answer 125

The storage account cannot have its properties altered but it doesnt affect the data itself

Question 126

What is the purpose of Azure Blueprints?

Answer 126

Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates