AZ900-Udemy6tests

Question 1

when do u need Azure Functions

Answer 1

Azure Functions are used when you need to perform work in response to an event (often via a REST request), timer, or message from another Azure service, and when that work can be completed quickly, within seconds or less. Function is a serverless implementation, provides a runtime environment to execute code, written in any language the user is comfortable.

Question 2

what does Azure App Service enable/used for?

Answer 2

Azure App Service enables you to quickly and easily build web and mobile apps for any platform or device. It’s good to build fully functional apps, but to implement RESTful APIs to respond in few seconds, Functions is a better choice, as it’s faster and cheaper to build functions, and easy to manage.

Question 3

What is Azure Logic Apps?

Answer 3

Logic Apps is a cloud service that helps you automate and orchestrate tasks, business processes, and workflows.

Question 4

what is a joint responsibility between Azure and the Client company not only in the PAAS offering but SAAS too?

Answer 4

identity and directory infrastructure.

Question 5

What doess The Microsoft privacy statement explain?

Answer 5

The Microsoft privacy statement explains what personal data Microsoft processes, how Microsoft processes it, and for what purposes.

Question 6

What is Compliance Manager?

Answer 6

Compliance Manager is a risk assessment dashboard that provides ongoing risk assessments with a risk-based score reference displayed in a dashboard view for regulations and standards.

Question 7

What is Azure Sentinel?

Answer 7

Azure Sentinel is Microsoft’s cloud-based cloud-native security information and event management (SIEM) system, which aggregates security data from many different sources to provide additional capabilities for threat detection and responding to threats.
Reference: https://azure.microsoft.com/services/azure-sentinel/

Question 8

What is Azure Synapse?

Answer 8

Azure Synapse is incorrect - Azure Synapse Analytics is a limitless analytics service that brings together enterprise data warehousing and big data analytics. It gives you the freedom to query data on your terms, using either serverless on-demand or provisioned resources at scale.

Question 9

What does CosmosDB support?

Answer 9

CosmosDB is a PAAS, it supports schema-less data that lets you build highly responsive and always On applications to support constantly changing data.

Question 10

What is Cache for Redis?

Answer 10

Cache for Redis used as an in-memory data structure store, a distributed non-relational database, and a message broker.

Question 11

Logic apps, Functions, and Service Fabric are all examples of what model of computing is within Azure?

Answer 11

Serverless model (and not SAAS as i answered first)

Question 12

What can you say about Transferring data between Azure Storage accounts in different Azure regions?

Answer 12

Transferring data between Azure Storage accounts in different Azure regions is not free

Question 13

What is Azure Resource Manager ?

Answer 13

Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.

Question 14

What is Management groups?

Answer 14

Management groups are containers that help you manage access, policy, and compliance for multiple subscriptions. All subscriptions in a management group automatically inherit the conditions applied to the management group.

Question 15

Can Azure VM be associated with multiple resource groups?

Answer 15

NO! A resource (eg. Virtual machine) can be associated with one Resource group at a time, though you can move a virtual machine from one resource group to another.

Question 16

AZs are used to avoid outages at what level?

Answer 16

Availability Zones are physically separate locations within an Azure region that use availability sets to provide additional fault tolerance. AZs are used to avoid outages at the data center level.

Question 17

What is structure and gaurantees of AZs?

Answer 17

Each Availability Zone contains data centers. You can use Availability Sets in a data center to ensure your application remains online if a high-impact maintenance event is required, or if a hardware failure occurs with 99.95% Azure SLA. Availability sets are made up of Update domains (UD) and Fault Domains (FD).

Question 18

Data that is stored in the archive access tier of an Azure Storage account must be what in order to be accessed?

Answer 18

Correct answer is option must be rehydrated before the data can be accessed

While a blob is in the Archive access tier, it’s considered offline and can’t be read or modified. There are two options to retrieve and access data stored in the Archive access tier.

Rehydrate an archived blob to an online tier - Rehydrate an archive blob to hot or cool by changing its tier using the Set Blob Tier operation.

Copy an archived blob to an online tier - Create a new copy of an archive blob by using the Copy Blob operation. Specify a different blob name and a destination tier of hot or cool.

Question 19

You can enable just in time (JIT) VM access by using what?

Answer 19

Azure Security Center

The just-in-time (JIT) virtual machine (VM) access feature in Azure Security Center allows you to lock down inbound traffic to your Azure Virtual Machines. This reduces exposure to attacks while providing easy access when you need to connect to a VM.

Question 20

To enforce resource tagging, so the billing can be managed, you will use what?

Answer 20

Azure Policy can be used to enforce tagging on resources. You can create a policy for tagging, and apply this policy either on Subscription or Resource group so that any resource created under the resource group will follow the policy for tagging.
Reference: https://docs.microsoft.com/en-us/azure/governance/policy/overview

Question 21

Is the Azure AD tenant deleted by default when the Azure subscription expires?

Answer 21

NO, its not

Question 22

Can you modify Azure AD tenant to which Azure subscription is associated?

Answer 22

yes, you can

Question 23

What does Azure Machine Learning achieve?

Answer 23

Azure Machine Learning - Uses past training to provide predictions that have a high probability

Question 24

Difference between Azure IoT Hub and Azure AI bot?

Answer 24

Azure IoT Hub - Process data from millions of sensors
Azure AI bot - Provides a digital online assistant that provides speech support

Question 25

You can use Availability Zones in Azure to protect Azure what from what failure?

Answer 25

1. You can use Availability Zones in Azure to protect Azure Virtual Machines from a data center failure
2. You can use Availability Zones in Azure to protect Azure-managed disks from a data center failure

Question 26

what NSG association is possible?

Answer 26

You can associate a Network Security Group (NSG) to a Virtual Network Subnet is correct - You can associate zero, or one, network security group (NSG) to each virtual network subnet and network interface in a virtual machine.

Question 27

what NSG association is NOT possible?

Answer 27

You can associate a Network Security Group (NSG) to a Virtual Network is incorrect - A Network Security Group (NSG) can not be associated with a Virtual Network, alternatively, NSG can be associated with a Subnet in a Virtual network.

Question 28

What is Azure Cost Management ?

Answer 28

Azure Cost Management provides a set of tools for monitoring, allocating, and optimizing your Azure costs. Cost management can be used once you started using the Azure cloud, to evaluate the cost of resources/services you are using.
Reference: https://docs.microsoft.com/en-us/azure/cost-management-billing/cost-management-billing-overview

Question 29

What is Azure Privacy Page?

Answer 29

Azure Privacy Page is incorrect - The Microsoft privacy statement explains what personal data Microsoft processes, how Microsoft processes it, and for what purposes.

Question 30

What is Trust Center ?

Answer 30

Azure Trust Center is a website resource containing information and details about how Microsoft implements and supports security, privacy, compliance, and transparency in all Microsoft cloud products and services.

Question 31

What is Azure Synapse Analytics ?

Answer 31

Azure Synapse Analytics is a limitless analytics service that brings together enterprise data warehousing and big data analytics. It gives you the freedom to query data on your terms, using either serverless on-demand or provisioned resources at scale.

Question 32

What is High Availability?

Answer 32

High Availability - is the ability to keep services up and running for long periods of time, with very little downtime.

Question 33

What is Azure Sphere ?

Answer 33

Azure Sphere is hardware with an operating system, which has built-in communication and security features for internet-connected devices. It does not provide a graphical user interface for device management.

Question 34

What is IoT Central ?

Answer 34

IoT Central quickly creates a web-based management portal to enable reporting and communication with IoT devices. The visual user interface (UI) makes it easy to quickly connect new devices and watch as they begin sending telemetry or error messages.

Question 35

What is IoT Hub ?

Answer 35

IoT Hub is incorrect - An IoT hub allows bi-directional communication between IoT applications and the devices it manages. It does not provide a graphical user interface for device management.

Question 36

How would u reason when asked which of different types of locations ensure data-residency and compliance needs are met for customers who need to keep their data and applications close?

Answer 36

The biggest location - geography.
Geographies allow customers with specific data-residency and compliance needs to keep their data and applications close. Azure divides the world into geographies that are defined by geopolitical boundaries or country borders. Geographies are broken up into the Americas, Europe, Asia Pacific, Middle East, and Africa.

Question 37

Which service provides network traffic filtering across multiple Azure subscriptions and virtual networks?

Answer 37

Azure Firewall

You can restrict traffic to multiple virtual networks in multiple subscriptions with a single Azure firewall.

Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It’s a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. You can centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. Azure Firewall uses a static public IP address for your virtual network resources allowing outside firewalls to identify traffic originating from your virtual network.

Not correct - NSG !!! Network Security Groups (NSG) allow you to filter network traffic to and from Azure resources (and not web traffic) in an Azure virtual network.

Question 38

You can use _____ in Azure to send email alerts when the cost of the current billing period for an Azure subscription exceeds a specified limit?

Answer 38

Budget alerts

You can configure alerts based on your actual cost or forecasted cost to ensure that your spending is within your organizational spend limit. When the budget thresholds you’ve created are exceeded, only notifications are triggered. Cost Management budgets are created using the Azure portal or the Azure Consumption API.

Question 39

What does Azure DevOps Services provide?

Answer 39

Azure DevOps Services provides development collaboration tools including high-performance pipelines, private Git repositories, configurable Kanban boards, and extensive automated and cloud-based load testing.

Question 40

Whats Azure Event Grid?

Answer 40

Azure Event Grid allows you to easily build applications with event-based architectures. It’s a fully managed, intelligent event routing service that uses a publish-subscribe model for uniform event consumption. Event Grid can be used to support your own non-Azure-based events in near-real time, using custom topics.

Question 41

You plan to use Azure Function to implement some business logic in Azure cloud infrastructure. Name as many triggers as u remember?

Answer 41

Queue, Blob, CosmosDB, queue storage, rabbitmq, service bus, timer

Obs! but not webapp!

Question 42

You have an Azure environment that contains 10 virtual networks and 100 virtual machines. You need to limit the amount of inbound traffic to all the Azure virtual networks.What solution you will recommend, which is cost-effective and require less administrative effort?

Answer 42

Azure firewall!
The Azure Firewall grants server access based on the originating IP address of each request. You create firewall rules that specify ranges of IP addresses. Only clients from these granted IP addresses will be allowed to access the server. Azure Firewall provides many features, including:

Built-in high availability.

Unrestricted cloud scalability.

Inbound and outbound filtering rules.

Azure Monitor logging.

Obs! Option NSG is incorrect - Network Security Group (NSG) can perform this function but in this scenario, 10 virtual networks are involved. You can use one NSG for a single Virtual network. You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group.

Question 43

_____ provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.

Answer 43

Management groups are containers that help you manage access, policy, and compliance for multiple subscriptions. All subscriptions in a management group automatically inherit the conditions applied to the management group.

10,000 management groups can be supported in a single directory.

A management group tree can support up to six levels of depth.

This limit doesn’t include the Root level or the subscription level.

Each management group and subscription can only support one parent.

Each management group can have many children.

Question 44

Which are some limitation regarding Azure SQL geo-replication are correct?

Answer 44

1. Only master is writable. Master replicate data to other replicas, which can also be used for read-only access queries.
2. A maximum of four secondary replicas can be deployed is correct - Azure SQL Server Database is a relational database as a service (DaaS) based on the latest stable version of Microsoft SQL Server database engine. SQL Database is a high-performance, reliable, fully managed, and secure database that you can use to build data-driven applications and websites in the programming language of your choice without needing to manage infrastructure.

Question 45

Microsoft Azure datacenters are organized and made available by what?

Answer 45

Microsoft Azure datacenters are organized and made available by Region. The region is a geographical area on the planet containing at least one, but potentially multiple datacenters that are in close proximity and networked together with a low-latency network.
Reference: https://docs.microsoft.com/en-us/azure/availability-zones/az-overview

Question 46

You’re developing an application and want to focus on building, testing, and deploying. You don’t want to worry about managing the underlying hardware or software.

Which cloud service type is best for you?

Answer 46

Platform as a service (PaaS) allows you to avoid the expense and complexity of buying and managing underlying application infrastructure. You manage the applications and services you develop, and the cloud service provider typically manages everything else.
Reference: https://azure.microsoft.com/en-us/overview/what-is-paas/

Question 47

Whats Application security groups (ASG) ?

Answer 47

Application security groups (ASG) enable you to group virtual machines and define network security policies based on those groups. This feature allows you to reuse your security policy at scale without manual maintenance of explicit IP addresses. You can not apply traffic restriction on ASG, rather NSG will apply restriction on ASG.

Question 48

You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages?

Answer 48

An IoT hub communicates to IoT devices by sending and receiving messages. Azure IoT hub is a managed IoT service which is hosted in the cloud. It allows bi-directional communication between IoT applications and the devices it manages. This cloud-to-device connectivity means that you can receive data from your devices, but you can also send commands and policies back to the devices.

Question 49

You can use the Azure blueprint to grant permissions to a what but not what?

Answer 49

You can use the Azure blueprint to grant permissions to a resource is correct - The blueprint definition permissions must be granted or inherited on the management group or subscription scope where it is saved, meaning this would grant permissions to the resources.

P.s. Statement You can assign an Azure blueprint to a resource group is incorrect - You cannot assign a blueprint to a Resource Group. You can however assign a blueprint to a Management Group.

Question 49

Which of the following options isn’t a benefit of ExpressRoute? Alternatives: consistency, accessability, encrypted communication

Answer 49

encrypted communication is NOT a benefit of it.

Question 50

Which Azure Storage option is better for storing data for backup and restoring disaster recovery, and archiving?

Answer 50

Azure Blob Storage is your best option for storing disaster recovery files and archives.

Question 51

Azure X can send alerts but Azure Y can notify you, help you understand the impact of issues, and keep you updated as the issue is resolved.

Answer 51

Azure Monitor can send alerts. Azure Service Health can do the other part.

Question 52

What should you use to make sure whether your company’s Azure environment meets regulatory requirements?

Answer 52

The advanced monitoring capabilities in Security Center lets you track and manage compliance and governance over time. The overall compliance provides you with a measure of how much your subscriptions are compliant with policies associated with your workload.

Reference: https://docs.microsoft.com/en-us/azure/security-center/security-center-intro

Question 53

Which European nation has its own Azure Region that is specifically set for strict adherence to data privacy standards, unlike any other region? France, germany, UK or Norway?

Answer 53

Microsoft Azure Germany is a cloud platform built on the foundational principles of security, privacy, compliance, and transparency. Azure Germany is a physically isolated instance of Microsoft Azure. It uses world-class security and compliance services that are critical to German data privacy regulations for all systems and applications built on its architecture.
Reference: https://docs.microsoft.com/en-us/azure/germany/germany-welcome

Question 54

Does Azure Cloud shell provide options when it comes to performin admin tasks?

Answer 54

Yes:
Using the Azure Cloud Shell using Bash.

Using the Azure Cloud Shell using PowerShell.

Question 55

Your company has an on-premises network that contains multiple servers and plans to reduce the administrative responsibilities of network administrators by migrating several servers to Azure virtual machines.

Identify which two administrative responsibilities will be reduced after the planned migration.

Answer 55

Physical goes away before OS goes away!

Question 56

is it right or wrong?: “All Azure resources that are part of a single resource group must be deployed in the same Azure region.”

Answer 56

wrong!!!

Question 57

Azure resources inherit X configured at the resource group level but not Y applied at the resource group level!

Answer 57

Permissions yes, but Tags NO no no

Question 58

Where can the IT department find reference blueprints for common standards, that can apply directly to its Azure subscriptions?

Answer 58

Azure compliance documentation