Azure AZ-900 Practice Test #1

Question 1

What is a key broad theme applicable across many cloud benefits like scalability, high availability, reliability, and predictability?

a) Centralized control
b) Manual resource allocation
c) Automation plus instantly available resources
d) Limited flexibility

Answer 1

c) Automation plus instantly available resources

Question 2

What does high availability in the cloud primarily mean?

a) Low cost
b) Systems are always available, even automatically
c) Easy management
d) High performance

Answer 2

b) Systems are always available, even automatically

Question 3

Scalability in the cloud refers to what types of scaling and resource provision?

a) Only scaling up manually
b) Scaling out (horizontal) or scaling up (vertical), while automatically providing resources
c) Reducing resource usage
d) Fixed resource allocation

Answer 3

b) Scaling out (horizontal) or scaling up (vertical), while automatically providing resources

Question 4

Reliability in the cloud, as described, concerns the ability to tolerate what?

a) High costs
b) Failures or even total disasters
c) Security breaches
d) Slow performance

Answer 4

b) Failures or even total disasters

Question 5

Predictability in the cloud involves knowing what aspects of your application?

a) Only future costs
b) Only current performance
c) Always knowing expected minimum performance and cost (now and future)
d) Only security vulnerabilities

Answer 5

c) Always knowing expected minimum performance and cost (now and future)

Question 6

Which cloud service type is most easily thought of as managed infrastructure and is almost always synonymous with virtual machines (VMs)?

a) SaaS
b) PaaS
c) IaaS
d) Serverless

Answer 6

c) IaaS

Question 7

Compared to other cloud service models, which one offers the most amount of control and flexibility, but also the most customer responsibility?

a) Software as a Service (SaaS)
b) Platform as a Service (PaaS)
c) Infrastructure as a Service (IaaS)
d) Serverless

Answer 7

c) Infrastructure as a Service (IaaS

Question 8

Which cloud service type is defined as a fully managed cloud solution where the vendor handles the underlying infrastructure, freeing the customer to focus on application development?

a) Infrastructure as a Service (IaaS)
b) Software as a Service (SaaS)
c) Platform as a Service (PaaS)
d) Managed Infrastructure Service

Answer 8

c) Platform as a Service (PaaS)

Question 9

Serverless computing is described as an extreme version of which cloud service type?

a) IaaS
b) PaaS
c) SaaS
d) Hybrid Cloud

Answer 9

b) PaaS

Question 10

Which cloud service type is defined as ready-to-go cloud-based software, typically productivity applications, accessed over the internet with hosting and scaling handled?

a) Infrastructure as a Service (IaaS)
b) Platform as a Service (PaaS)
c) Software as a Service (SaaS)
d) Serverless

Answer 10

c) Software as a Service (SaaS)

Question 11

What is the definition of cloud computing?

a) Storing data off-site
b) Renting physical servers
c) The on-demand delivery of compute services over the internet
d) Building a private data center

Answer 11

c) The on-demand delivery of compute services over the internet

Question 12

In the shared responsibility model, what is the customer always responsible for?

a) Physical host, physical network, physical data center access
b) Information and data, device security, and accounts and identities c) Operating system updates
d) Physical security

Answer 12

b) Information and data, device security, and accounts and identities

Question 13

In the shared responsibility model, what is the cloud provider always responsible for?

a) Customer data
b) Device security
c) Accounts and identities
d) All the physical assets like physical host, physical network, and the physical data center access

Answer 13

d) All the physical assets like physical host, physical network, and the physical data center access

Question 14

Which cloud model is described as a cloud for one customer, similar to an on-premises data center, not available to the general public?

a) Public cloud
b) Hybrid cloud
c) Private cloud
d) Community cloud

Answer 14

c) Private cloud

Question 15

What is the key difference between Capital Expenditures (CapEx) and Operational Expenditures (OpEx)?

a) CapEx is pay-as-you-go, OpEx is upfront
b) OpEx is a pay-as-you-go structure versus the large upfront investments of CapEx
c) CapEx is operational cost, OpEx is capital investment
d) Both involve forecasting long-term needs

Answer 15

b) OpEx is a pay-as-you-go structure versus the large upfront investments of CapEx

Question 16

What is the unique identifier for any digital object, user, computer, or application in Azure?

A. Authorization
B. Subscription
C. Authentication
D. Identity

Answer 16

D. Identity

Question 17

Which Azure service is identified as providing identity, authentication, and authorization in Azure?

A. Entra ID (formerly Azure AD)
B. Azure Resource Manager
C. Azure PowerShell
D. Azure CLI

Answer 17

A. Entra ID (formerly Azure AD)

Question 18

According to the Zero Trust principle, trust should be based on identity regardless of what?

A. User role
B. Resource sensitivity
C. Location
D. Time of day

Answer 18

C. Location

Question 19

Multi-factor authentication (MFA) provides layered security by requiring at least two components from which general categories?

A. Using a strong password only.
B. Requiring at least two verification factors from different categories (something you know, something you have, or something you are).
C. Relying solely on biometric scanning.
D. Verifying identity based only on network location.

Answer 19

B. Requiring at least two verification factors from different categories (something you know, something you have, or something you are).

Question 20

According to the sources, what is a primary advantage of Passwordless authentication methods?

A. It increases convenience while maintaining security.
B. It eliminates the need for multi-factor authentication.
C. It requires only something you know, like a PIN.
D. It makes identity verification less secure.

Answer 20

A. It increases convenience while maintaining security.

Question 21

What represents your organization as a dedicated instance of Entra ID in Azure?

A. A subscription
B. A resource group
C. A tenant
D. An ARM template

Answer 21

C. A tenant

Question 22

What is the maximum number of tenants a user can be a member or guest of?

A. 100
B. 250
C. 500
D. Unlimited

Answer 22

C. 500

Question 23

Which Azure service acts as the method by which resources are deployed and managed, serving as a bridge between the user and Azure resources?

A. Azure portal
B. Azure Resource Manager (ARM)
C. Azure PowerShell
D. Azure CLI

Answer 23

B. Azure Resource Manager (ARM)

Question 24

Which tool provides a convenient, web-based, visual interface for deploying, configuring, monitoring, and auditing resources in Azure?

A. Azure CLI
B. Azure PowerShell
C. Azure Cloud Shell
D. Azure portal

Answer 24

D. Azure portal

Question 25

Which management tool is described as using a Unix-style command language, being platform agnostic, and available in Azure Cloud Shell or installable locally? A. Azure PowerShell B. Azure portal C. Azure Resource Manager D. Azure CLI

Answer 25

D. Azure CLI

Question 26

Azure ARM templates are identified as a key tool for provisioning resources and are primarily used for what purpose? A. Managing user identities. B. Auditing security logs. C. Monitoring resource performance. D. Defining infrastructure configuration.

Answer 26

D. Defining infrastructure configuration.

Question 27

Which principle of Role-Based Access Control (RBAC) emphasizes giving users only the permissions necessary for their job for each specific point in time? A. Role segregation B. Least privilege C. Defense in depth D. Automatic authentication

Answer 27

B. Least privilege

Question 28

Which managed service provides legacy Active Directory features inside of Azure and integrates with Entra ID, being especially helpful for migrating older applications? A. Azure AD Connect B. Azure Active Directory Domain Services (AAD DS) C. Azure DNS D. Azure VPN Gateway

Answer 28

B. Azure Active Directory Domain Services (AAD DS)

Question 29

What is a key benefit of accessing Azure Cloud Shell mentioned in the sources? A. It only supports a graphical interface. B. It requires manual authentication every time. C. It has Azure PowerShell and Azure CLI built right in. D. It can only be accessed from a local machine.

Answer 29

C. It has Azure PowerShell and Azure CLI built right in.

Question 30

Conditional Access rules are essentially what type of conditional logic statements? A. If/then statements B. Do/while loops C. Switch cases D. For loops

Answer 30

A. If/then statements

Question 31

When choosing a region to deploy resources on Azure, which of the following is NOT listed as a key factor to consider? A) Available Features B) Location C) Price D) The number of resource groups in your subscription.

Answer 31

D) The number of resource groups in your subscription.

Question 32

What is the primary purpose of Availability Zones within an Azure Region? A) To provide a globally unique name for storage accounts. B) To act as the billing boundary for multiple subscriptions. C) To provide fault isolation by using multiple independent datacenters. D) To connect virtual networks across different regions.

Answer 32

C) To provide fault isolation by using multiple independent datacenters.

Question 33

Which layer in the Azure resource organization hierarchy acts as the billing boundary? A) Management Groups B) Resource Groups C) Resources D) Subscriptions

Answer 33

D) Subscriptions

Question 34

When comparing Azure compute options, which type generally offers more customization and control but requires managing more responsibilities? A) Infrastructure as a Service (IaaS) like Virtual Machines. B) Platform as a Service (PaaS) like Azure App Service. C) Serverless compute like Azure Functions. D) Container services like Azure Container Instances.

Answer 34

A) Infrastructure as a Service (IaaS) like Virtual Machines.

Question 35

Availability Sets provide high availability for which type of Virtual Machines? A) Groups of identical VMs managed centrally. B) Unique or non-identical VMs within a single zone. C) VMs deployed across multiple regions. D) VMs that automatically scale based on load.

Answer 35

B) Unique or non-identical VMs within a single zone.

Question 36

Which Azure Platform as a Service (PaaS) compute option is described as being ideal for short-life, event-driven applications triggered by external events? A) Azure App Service B) Azure Kubernetes Service (AKS) C) Azure Container Instances (ACI) D) Azure Functions

Answer 36

D) Azure Functions

Question 37

What acts as the privacy and isolation boundary for Virtual Machines (VMs) in Azure, and is required when creating a VM? A) Availability Zone B) Resource Group C) Virtual Network D) Management Group

Answer 37

C) Virtual Network

Question 38

Which of the following statements is true about Azure Network Peering? A) It uses an encrypted tunnel over the public internet. B) It is generally slower and more expensive than a VPN connection. C) Connections are not encrypted, but stay on Microsoft's private backbone. D) It is limited to connecting virtual networks within the same subscription.

Answer 38

C) Connections are not encrypted, but stay on Microsoft's private backbone.

Question 39

Which type of IP address assigned to a VM is released when the VM is stopped and deallocated, resulting in a new address upon restart? A) Dynamic IP address B) Static IP address C) Private IP address D) Public endpoint

Answer 39

A) Dynamic IP address

Question 40

Compared to a VPN connection, which of the following is a characteristic of ExpressRoute? A) It is less expensive and less permanent. B) It traverses the public internet using an encrypted tunnel. C) It is faster, more private, and substantially more expensive. D) It is primarily used for connecting individual devices to Azure.

Answer 40

C) It is faster, more private, and substantially more expensive.

Question 41

Why is an Azure Storage account required to have a globally unique name across all of Azure? A) It acts as the billing boundary for the account. B) It has a public-facing endpoint associated with everything inside it. C) It is the management layer for creating storage services. D) It holds different types of data in different formats.

Answer 41

B) It has a public-facing endpoint associated with everything inside it.

Question 42

Which Azure Blob Storage tier is described as being offline data that is not instantly available and requires a rehydration request to access? A) Hot B) Cool C) Cold D) Archive

Answer 42

D) Archive

Question 43

When attaching a managed disk to an Azure Virtual Machine (VM), what regional requirement must be met? A) The disk must be in a different region than the VM for redundancy. B) The disk and the VM must be in the same region. C) The disk must be in a region paired with the VM's region. D) There are no regional restrictions for managed disks and VMs.

Answer 43

B) The disk and the VM must be in the same region.

Question 44

Which storage redundancy option includes an additional three copies of data in a secondary or paired region, where the primary region uses LRS? A) ZRS (Zone-Redundant Storage) B) GRS (Geo-Redundant Storage) C) LRS (Locally Redundant Storage) D) GZRS (Geo-Zone-Redundant Storage)

Answer 44

B) GRS (Geo-Redundant Storage)

Question 45

Premium performance options like Premium Block Blobs and Premium File Shares are limited to which redundancy options? A) LRS and ZRS B) GRS and GZRS C) LRS and GRS D) ZRS and GZRS

Answer 45

A) LRS and ZRS

Question 46

What is a key concept for managing multiple Azure subscriptions effectively? a) Management Groups b) Resource Groups c) Azure Policies d) Virtual Networks

Answer 46

a) Management Groups

Question 47

Which Azure service is highlighted as a primary component for enforcing and implementing governance and compliance? a) Azure Advisor b) Azure Policy c) Azure Monitor d) Microsoft Defender for Cloud

Answer 47

b) Azure Policy

Question 48

Which type of Azure Resource Lock is recommended for resources where changes could be disruptive, such as a production database? a) Read-Only b) Delete c) Edit d) Archive

Answer 48

a) Read-Only

Question 49

Unmonitored cloud expenses can lead to what significant outcome? a) Improved performance b) Significant unplanned costs c) Reduced security risks d) Faster deployment times

Answer 49

b) Significant unplanned costs

Question 50

Which Azure tool is described as a "personal cloud consultant" offering guidance on best practices, cost optimization suggestions, and reliability concerns? a) Azure Advisor b) Azure Monitor c) Azure Cost Management and Billing d) Azure Automation

Answer 50

a) Azure Advisor

Question 51

Resources within a specific scope inherit governance settings applied at what level? a) Only the immediate parent level b) The lowest possible level c) Any level above them within the scope d) The subscription level only

Answer 51

c) Any level above them within the scope

Question 52

Which Azure service provides a personalized health dashboard with real-time and historical data on the health of Azure services and offers proactive incident and maintenance notifications? a) Azure Monitor b) Log Analytics c) Application Insights d) Azure Service Health

Answer 52

d) Azure Service Health

Question 53

Azure Automation is described as being designed for optimizing which aspect in the cloud, including automated patching, reporting, and security response? a) Network performance b) Cost management c) Security management d) Governance

Answer 53

d) Governance

Question 54

What calculator is used to estimate the cost of Azure resources and services, giving the ability to forecast by calculating estimates? a) Azure TCO Calculator b) Azure Pricing Calculator c) Azure Budget Calculator d) Azure Savings Calculator

Answer 54

b) Azure Pricing Calculator

Question 55

Microsoft Purview is described as a comprehensive solution for what purpose, extending across Azure, other cloud environments, and on-premises data sources? a) Resource monitoring and alerting b) Automated workflow management c) Threat detection and prevention d) Data governance

Answer 55

d) Data governance

Question 56

Tags are discussed as a best practice that helps with cost management by allowing integration with which specific Azure tools mentioned? a) Azure Service Health and Azure Arc b) Azure Policy and Azure Cost Management c) Azure Advisor and Microsoft Purview d) Azure Automation and Log Analytics

Answer 56

b) Azure Policy and Azure Cost Management

Question 57

Application Insights specifically collects telemetry data related to applications, such as page views, user sessions, and what other type of metrics? a) Network latency metrics b) Security vulnerability metrics c) Performance metrics d) Infrastructure utilization metrics

Answer 57

c) Performance metrics

Question 58

What is a primary definition of an Azure subscription? a) A tool for estimating the total cost of ownership b) A service for monitoring application performance c) An agreement with Microsoft enabling access to cloud services, also a boundary for resource usage, access, and billing d) A framework for enforcing organizational policies

Answer 58

c) An agreement with Microsoft enabling access to cloud services, also a boundary for resource usage, access, and billing

Question 59

Which Azure service is used for extending Azure management to multi-cloud, on-premises, hybrid, and Edge environments to provide unified management? a) Azure Monitor b) Azure Policy c) Azure Automation d) Azure Arc

Answer 59

d) Azure Arc

Question 60

What are reported as relevant types of reports for governance purposes? a) Financial statements and customer feedback b) Application performance metrics and user activity logs c) Security incident reports and network traffic analysis d) Compliance status, resource utilization, and audit logs

Answer 60

d) Compliance status, resource utilization, and audit logs