Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Data Engineer/SQL Developer/SQL DBA Study Topics > Azure Cloud > Flashcards

Azure Cloud Flashcards

Prepare for AZ900 Azure Fundamentals Certification

1
Q

Which tool is used by Azure Active Directory to provide access to resources based on organizational policies?

A. multi-factor authentication (MFA)
B. single sign-on (SSO)
C. administrative units
D. Conditional Access

A

D. Conditional Access

Conditional Access is the tool used by Azure Active Directory to allow (or deny) access to resources based on identity signals. Conditional access ia a more refined MFA (multifactor authentication method.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Single Sign On (SSO) is a ______________ method that enables users to sign in the first time and access various applications and resource by using the same password.

A. a validation
B. an authentication
C. a configuration
D. an authorization

A

B. an authentication.

Single Sign-On is an authentication method that allows users to sign in using one set of credentials to login across applications. Single sign-on makes it easier to manage passwords and increases security capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe the Azure Pricing Calculator Service.

  1. Estimates workload costs
  2. Estimates the cost savings by comparing datacenter costs to running the same workload on Azure.
  3. Helps control, analyze and optimize workload costs.
A

Pricing Calculator

  1. Helps you estimate workload costs.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe the Azure TCO Calculator Service.

  1. Estimates workload costs
  2. Estimates the cost savings by comparing datacenter costs to running the same workload on Azure.
  3. Helps control, analyze and optimize workload costs.
A

Total Cost of Ownership.

  1. Estimates the cost savings by comparing datacenter costs to running the same workload on Azure.

Provided approximate cost savings of operating similar workload on Azure to on premise datacenter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe the Azure Cost Management Service.

  1. Estimates workload costs
  2. Estimates the cost savings by comparing datacenter costs to running the same workload on Azure.
  3. Helps control, analyze and optimize workload costs.
A

Cost Management

  1. Helps to control, analyze and optimize workload costs.

Azure Cost Management helps to understand Azure bill, managed account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

____________ is a repeatable set of governance tools that helps development teams quickly build out and create new environments while adhering to organizational compliance to speed up development and deployment.

A. Azure DevOps
B. A Continuous Integration / Continuous Deployment (CI/CD) pipeline configuration.
C. Azure Blueprints
D. Azure Policy

A

Azure Blueprints

Sometimes cloud environment grows beyond just one subscription. In that case Azure Blueprints help to scale the configuration. Azure Blueprints help with repeatable tasks so that development teams rapidly build and deploy new environments and speed the overall development and deployment phases.

Blueprints are a declarative way to orchestrate the deployment of various resource templates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Infrastructure as a Service (IAAS) is described as:

  1. Provides hosting and management of an application and its underlying infrastructure, as well as any maintenance, upgrades and security patching.
  2. Provides a fully managed environment for developing, testing, delivering and managing cloud based applications.
  3. Provides servers and virtual machines, storage, networks and operating systems on a pay-as-you-go basis.
A
  1. IAAS offers necessary compute, storage and networking assets on demand on a pay-as-you-go basis.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Platform as a Service (PAAS) is described as:

  1. Provides hosting and management of an application and its underlying infrastructure, as well as any maintenance, upgrades and security patching.
  2. Provides a fully managed environment for developing, testing, delivering and managing cloud based applications.
  3. Provides servers and virtual machines, storage, networks and operating systems on a pay-as-you-go basis.
A
  1. PAAS provides complete development and deployment environment in the cloud, with assets that enable to deliver simple cloud-based apps to cloud-enabled enterprise applications.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Software as a Service (SAAS) is described as:

  1. Provides hosting and management of an application and its underlying infrastructure, as well as any maintenance, upgrades and security patching.
  2. Provides a fully managed environment for developing, testing, delivering and managing cloud based applications.
  3. Provides servers and virtual machines, storage, networks and operating systems on a pay-as-you-go basis.
A
  1. SAAS - Host and manage the software application and underlying infrastructure.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which cloud approach is used by organizations to take full advantage of on-premise technology investments and allows data and applications to be shared between two environments?

A. public cloud
B. private cloud
C. hybrid cloud
D. on-premise datacenter

A

C. hybrid cloud

Public clouds, such as MS Azure, owned and operated by third party cloud service providers, to deliver their computing resources such as servers and storage over the internet. Cloud providers manage all hardware, software and other supporting infrastructure.

A Private Cloud refers to cloud computing resources used exclusively by an individual business. A private cloud can be located on the company’s on site datacenter.

A Hybrid Cloud is a type of cloud computing that combines on premise infrastructure or a private cloud with a public cloud. Hybrid clouds allow data and apps to move between the two environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

_______________ copies data to a secondary region from the primary region across multiple datacenters that are located many miles apart.

A. Read-access geo-redundant storage (RA_GRS)
B. Zone Redundant Storage (ZRS)
C. Geo-Redundant Storage (GRS)
D. Locally Redundant Storage (LRS)

A

C. Geo-Redundant Storage Replicates your data to a secondary region that is in different geographic locations from the primary region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What option is used to set the communication between an on premise VPN device and an Azure VPN gateway through an encrypted tunnel over the internet?

A. ExpressRoute
B. Point to Site (P25) VPN
C. Site to Site VPN

A

C. Site to Site VPN. Established between on premise VPN device and an Azure VPN Gateway that is deployed in a virtual network. This connection type allows communication between any on premise authorize resource to access a virtual network through an encrypted tunnel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

____________ enables the secure communication of messages between millions of IOT devices and a cloud based solution.

A. Azure IoT Hub
B. Azure Digital Twins
C. Azure IoT Edge
D. Azure IoT Central

A

A. Azure IoT Hub

The Azure IoT Hub service enables reliable two way message communications between IoT devices and a cloud based solution. These capabilities enable customers to provision millions of devices in a secure and scalable manner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which Azure service protects against attacks in which an attacker sends multiple requests to a web resource to exceed a website’s capacity and prevent the web resource from functioning correctly?

A. Azure Defender
B. Azure DDOS Protection
C. Azure Sentinel
D. Azure Firewall

A

B. DDOS Protection

Distributed denial of service, or DDOS, is a type of attack where an attacker sends multiple requests to an application. This results into the resources becoming exhausted, impacting the application’s availability. DDOS attacks can be targeted at any endpoint that is publicly reachable through the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What serverless computing technology provides the ability to execute workflows to automate business scenarios by using triggers without writing any code?

A. Azure Functions
B. Azure Logic Apps
C. Azure Front Door
D. Azure DevOps

A

B. Azure Logic Apps

Logic Apps are designed in a web based designer and can execute logic triggered by Azure services without writing any code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A team is developing a new cloud based application that leverages the Gremlin API. Which Azure database option is the most suitable for the new application?

A. Azure Cosmos DB
B. Azure SQL Managed Instance
C. Azure Database for PostgreSQL
D. Azure Database for MySQL

A

A. Azure Cosmos DB

Azure Cosmos DB is the best colution. It supports Gremlin API as well as SQL, Cassandra, MongoDB and Tables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

_____________ enables you to scale to thousands of virtual machines for high performance computing and large scale parallel jobs.

A. An Azure virtual machine scale set
B. An availability set
C. Azure Batch
D. An availability zone

A

C. Azure Batch

Azure Batch allows you to scale to thousands of virtual machines for high performance computing (HPC) and large scale parallel jobs. Other functionalities allow you to scale multiple VMs but only Azure Batch will allow for thousands of VMs for HPC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Azure IoT Central is described as:

  1. Used to quickly create a web based dashboard to enable reporting and communication with IoT devices.
  2. Used to communicate to IoT devices by sending and receiving messages.
  3. Used to provide the highest degree of security to ensure that the device was not tempered with.
A
  1. Azure IoT Central

To quickly create a web based dashboard to enable reporting and communication with IoT devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Azure IoT Hub is described as:

  1. Used to quickly create a web based dashboard to enable reporting and communication with IoT devices.
  2. Used to communicate to IoT devices by sending and receiving messages.
  3. Used to provide the highest degree of security to ensure that the device was not tempered with.
A
  1. Azure IoT Hub

To communicate with IoT devices by sending and receiving messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Azure Sphere is described as:

  1. Used to quickly create a web based dashboard to enable reporting and communication with IoT devices.
  2. Used to communicate to IoT devices by sending and receiving messages.
  3. Used to provide the highest degree of security to ensure that the device was not tempered with.
A
  1. Azure Sphere

Used to provide the highest degree of security to ensure that the device was not tempered with.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

____________ enables you to provision a group of matching and load balanced virtual machines in Azure.

A. Azure Logic Apps
B. An Availability set
C. An Azure virtual machine scale set
D. Azure Load Balancer

A

C. Azure virtual machine scale set

Enables you to provision a group of matching and load balanced virtual machines in Azure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Azure Machine Learning is described as:

  1. Used to predict future results by using historical data and training models.
  2. Used to implement a virtual agent that can respond to human inquiries by using natural language.
  3. Used to identify content based on images.
A
  1. Azure Machine Learning

To predict future results by using historical data and training models.

Azure machine learning allows you to connect to data to train and test models to find one that will most accurately predict a future result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Azure bot Service is described as:

  1. Used to predict future results by using historical data and training models.
  2. Used to implement a virtual agent that can respond to human inquiries by using natural language.
  3. Used to identify content based on images.
A
  1. Azure bot Service

To implement a virtual agent that can respond to human inquiries by using natural language.

Azure bot service allows you to create a virtual agent solution that uses natural language to respond to customer inquiries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Azure Cognitive Services are described as:

  1. Used to predict future results by using historical data and training models.
  2. Used to implement a virtual agent that can respond to human inquiries by using natural language.
  3. Used to identify content based on images.
A
  1. Azure Cognitive Services

To identify content based on images.

The vision services in Azure Cognitive services add recognition and identification capabilities when you are analyzing pictures and other visual content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
___________ is NOT supported by ExpressRoute for connecting an on premise network to Azure. A. A Point-to-Site VPN B. A Point-to-Point Ethernet Connection C. A Site-to-Site VPN D. Azure Peering Service
C. A Site-to_Site VPN The three models that ExpressRoute supports are: CloudExchange colocation Point-to-Point Ethernet Connection Any-to-Any Connection
25
Which Azure feature enables you to organize multiple subscriptions into hierarchies for unified policies and compliance? A. Resource Groups B. Management Groups C. Azure Active Directory (Azure AD) D. Azure Container Instances
B. Management Groups Management Groups help you manage access, policy and compliance for multiple subscriptions. All subscriptions in a management group automatically inherit the conditions applied to the management group.
26
Alerts you when service issues occur in an Azure environment, such as a regional Azure outage that affects all Azure customers. A. Azure Monitor B. Azure Advisor C. Azure Service Health D. Azure Application Insights
C. Azure Service Health Azure Service Health alerts you about service issues that happen in Azure itself such as a regional Azure outage.
27
Authorization is described as: 1. Confirms the identity of a person who wants access. 2. Grants the proper access to a legitimate user.
2. Grants the proper access to a legitimate user. Authorization is the process of understanding what level of access a legitimate user or service should have.
28
Authentication is described as: 1. Confirms the identity of a person who wants access. 2. Grants the proper access to a legitimate user.
1. Confirms the identity of a person who wants access. Authentication is the process of establishing the identity of a person or service that wants access to a resource.
29
Which of the following statements is NOT tue about Cloud Computing? 1. All cloud computing resources are usually limited to specific geographic regions. 2. IAAS, PAAS, SAAS are examples of cloud computing service models. 3. IAAS, PAAS, SAAS are common cloud computing service models and are respectively infrastructure as a service, platform as a service and software as a service.
1. All cloud computing resources are usually limited to specific geographic regions. Most cloud computing resources can be distributed to global datacenters.
30
True or False. You need to purchase an Azure Account before you can use any Azure resources.
False. You can use a free account or a Microsoft Learn Sandbox to create resources.
31
True or False. In an IAAS environment, the cloud tenant is responsible for routine hardware maintenance.
False. In a IAAS environment the cloud provider is responsible for any hardware maintenance.
32
Which of the following is NOT a cloud computing category? 1. Platform as a Service (PAAS) 2. Networking as a Service (NAAS) 3. Infrastructure as a Service (IAAS) 4. Software as a Service (SAAS)
2. Networking as a Service (NAAS) is not a cloud computing category.
33
Which of the following options is NOT a type cloud computing? 1. Hybrid Cloud 2. Private Cloud 3. Public Cloud 4. Distributed Cloud
4. Distributed Cloud is not a valid type of cloud computing.
34
Which of the following choices is NOT a benefit of using cloud services? 1. Scalability 2. Disaster Recovery 3. Geographic Isolation 4. High Availability
3. Geographic Isolation. You can choose to create resources in a single region; however, one of the primary advantages to cloud computing is geographic distribution.
35
Which of the following is a logical unit of Azure services that links to an Azure account? 1. Management Group 2. Resource Group 3. Azure Subscription
3. Azure Subscription is a logical unit of Azure services that links to an Azure account.
36
Which of the following statements is True? 1. With Operating Expenses (OpEx), you are only responsible for the computing resources that you use. 2. With Operating Expenses (OpEx), you are responsible for purchasing and maintaining your computing resources. 3. With Capital Expenses (CapEx), you are only responsible for the computing resources that you use.
1. With Operating Expenses (OpEx), you are only responsible for the computing resources that you use.
37
What is meant by LAMP Stack?
One of the oldest and most utilized software development methods, the LAMP stack allows web developers to build, deploy, and manage web applications. LAMP is an acronym that stands for Linux, Apache, MySQL, and PHP, and provides the components needed to host and manage web content
38
Tailwind Traders uses the LAMP Stack for several of its websites. Which option would be ideal for migration? 1. Azure Database for MySQL? 2. Azure Cosmos DB 3. Azure SQL Database 4. Azure Database for PostgreSQL
1. Azure Database for MySQL? Azure Database for MySQL is the logical choice for existing LAMP stack applications.
39
Which Azure compute resource can be deployed to manage a set of identical virtual machines? 1. Virtual machine availability sets 2. Virtual machine scale sets 3. Virtual machine availability zones.
2. Virtual machine scale sets lets you deploy and manage a set of identical virtual machines.
40
Which of the following services should be used when the primary concern is to perform work in response to an event (often vis a REST command) that needs a response in a few seconds? 1. Azure Functions 2. Azure App Service 3. Azure Container Instances
1. Azure Functions is used when you need to perform work in response to an event (often via a REST request), timer, or message from another Azure service, and when that work can be completed quickly, within seconds or less.
41
Your company has a team of remote workers that need to use Windows based software to develop your company's applications, but your team members are using various operating systems like MacOS, Linux and Windows. Which Azure compute service would help resolve this scenario? 1. Azure App Service 2. Windows Virtual Desktop 3. Azure Container Instance
2. Windows Virtual Desktop enables your team members to run Windows in the cloud, with access to the required applications for your company's needs.
42
What is the first step you would take in order to share an image file as a blob in Azure Storage? 1. Create an Azure Storage Container to store the image. 2. Upload the image file and create a container 3. Use a Shared Access Signature (SAS) token to restrict access to the image. 4. Create an Azure Storage account.
4. Create an Azure Storage account. You must create an Azure Storage account before you can use any Azure Storage features.
43
Which Azure Storage option is better for storing data for backup and restore, disaster recovery and archiving? 1. Azure Blob storage 2. Azure Files storage 3. Azure Disk Storage
1. Azure Blob storage is your best option for for storing disaster recovery files and archives.
44
Tailwind Traders wants to create a secure communication tunnel between its branch offices. Which of the following technologies CANNOT be used? 1. Point-to-Site virtual private network 2. Implicit FTP over SSL 3. Azure ExpressRoute 4. Site-to-Site virtual private network
2. Implicit FTP over SSL CANNOT be used to create a secure communication tunnel
45
Tailwinds Traders wants to use Azure ExpressRoute to connect to its on premise network to the Microsoft Cloud. Which of the following choices isn't an ExpressRoute model that Tailwind Traders can use? 1. Site-to-Site virtual private network 2. Any-to-Any connection 3. Point-to-Point Ethernet connection 4. CloudExchange colocation
1. Site-to-Site virtual private network is NOT an ExpressRoute model.
46
Which of the following options can you use to link virtual networks? 1. Network Address Translation 2. Multi-chassis link aggregation 3. Dynamic Host Control Protocol 4. Virtual Network Peering
4. Virtual Network Peering can be used to link virtual networks.
47
Which of the following is NOT a benefit of ExpressRoute? 1. Redundant Connectivity 2. Consistent network throughput 3. Encrypted network communication 4. Access to Microsoft Cloud Services
3. Encrypted network communication ExpressRoute does provide private communications but it is NOT encrypted.
48
You need to predict future behavior based on previous actions. Which product option should you eliminate as a candidate? 1. Azure Machine Learning 2. Azure Bot Service 3. Azure Cognitive Services
2. Azure Bot Service will not help with prediction. It should be eliminated as a candidate.
49
You need to create a computer-human interface that uses natural language to answer customer questions. Which product option should you eliminate as a candidate? 1. Azure Machine Learning 2. Azure Cognitive Services 3. Azure Bot Service
1. Azure Machine Learning Although Azure Machine Learning could be used to create a natural language model it would likely be cost and time prohibitive. It should be eliminated as a candidate.
50
You need to identify the content of product images to automatically create alt tags for images formatted properly. Which production option is the best candidate? 1. Azure Machine Learning 2. Azure Cognitive Services 3. Azure Bot Services
2. Azure Cognitive Services includes Vision services that can identify the content of an image. Azure Cognitive Services is the best candidate.
51
Which of the following choices would NOT be used to automate a (CI/CD) process? 1. Azure Pipelines 2. GitHub Actions 3. Azure Boards
3. Azure Boards is an Agile project management tool. It would not be used to automate a CI/CD process.
52
Which service could help you manage the VMs that your developers and testers need to ensure that your new app works across various operating systems? 1. Azure DevTest Labs 2. Azure Test Labs 3. Azure Repos
1. Azure DevTest Labs is used to manage VMs for testing, including configuration, provisioning, and automatic deprovisioning.
53
Which service lacks features to assign individual developers tasks to work on? 1. Azure Boards 2. GitHub 3. Azure Pipelines
3. Azure Pipelines is a CI/CD tool for building an automated tool chain. It lacks the features to assign tasks for individual developers to work on. However, it can automate other tools to assign tasks to users.
54
You want to be alerted when new recommendations to improve your cloud environment are available. Which service will do this? 1. Azure Advisor 2. Azure Monitor 3. Azure Service Health
1. Azure Advisor can alert you when new recommendations are available.
55
Which service provides official outage root cause analyses (RCAs) for Azure incidents? 1. Azure Advisor 2. Azure Monitor 3. Azure Service Health
3. Azure Service Health provides incident history and RCAs to share with your stakeholders.
56
Which service is a platform that powers Application insights, monitoring for VMs. containers and Kubernetes? 1. Azure Advisor 2. Azure Monitor 3. Azure Service Health
2. Azure Monitor is the platform used by Application Insights.
57
As an administrator you need to retrieve the IP address from a particular VM by using Bash. Which of the following tools should you use? 1. ARM Templates 2. Azure Powershell 3. The Azure Portal 4. The Azure CLI
4. The Azure CLI enables you to use Bash to run one-off tasks on Azure
58
You're a developer that needs to set up your first VM to host a process that runs nightly. Which of the following tools is your best choice? 1. ARM Templates 2. Azure Powershell 3. The Azure Portal 4. The Azure CLI
3. The Azure Portal is a great place for newcomers to learn about Azure and set up their first resources.
59
What is the best infrastructure-as-code option for quickly and reliably setting up your entire cloud infrastructure declaratively? 1. ARM Templates 2. Azure Powershell 3. The Azure Portal 4. The Azure CLI
1. ARM Templates are the best infrastructure-as-code option for quickly and reliably setting up your entire cloud infrastructure declaratively.
60
You need to process messages from a queue, parse them by using some existing imperative logic written in Java, and then send them to a third party API. Which serverless option should you choose? 1. Azure Functions 2. Azure Logic Apps
1. Azure Functions is the correct choice because you can use existing Java code with minimal modification.
61
You want to orchestrate a workflow by using APIs from several well-known services. Which is the best option for this scenario? 1. Azure Functions 2. Azure Logic Apps
2. Azure Logic Apps makes it easy to create a workflow across well know services with less effort than writing code and manually orchestrating all the steps yourself.
62
Your team has limited experience with writing custom code but it sees tremendous value in automating several important business processes. Which of the following options is your team's best option? 1. Azure Functions 2. Azure Logic Apps
2. Azure Logic Apps is best suited for users who are more comfortable in a visual environment that allows them to automate their business process. Logic Apps is the best option in this scenario.
63
A company wants to build a new voting kiosk for sale to governments around the world. Which IoT technologies should the company chose to ensure the highest degree of security? 1. IoT Hub 2. IoT Central 3. Azure Sphere
3. Azure Sphere provides the highest degree of security to ensure the device has not been tampered with.
64
A company wants to quickly manage its individual IoT devices by using a web based user interface. Which IoT technology should it choose? 1. IoT Hub 2. IoT Central 3. Azure Sphere
2. IoT Central quickly creates a web based management portal to enable reporting and communication with IoT devices.
65
You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages? 1. IoT Hub 2. IoT Central 3. Azure Sphere
1. IoT Hub communicates to IoT devices by sending and receiving messages.
66
How can Tailwind Traders enforce having only certain applications run on its VMs? 1. Connect your VMs to Microsoft Sentinel 2. Create an application control rule in Microsoft Defender for Cloud 3. Periodically run a script that lists the running processes on each VM. The IT Manager can then shut down any applications that shouldn't be running.
2. Create an application control rule in Microsoft Defender for Cloud With Microsoft Defender for Cloud you can define a list of allowed applications to ensure that only applications that you allow can run. Microsoft Defender for Cloud can also detect and block malware from being installed on your VMs.
67
What is the easiest way for Tailwind Traders to combine security data from all of its monitoring tools into a single report that it can take action on? 1. Collect security data in Microsoft Sentinel 2. Build a custom tool that collects data and displays a report through a web application 3. Look through each security log daily and email a summary to your team
1. Collect security data in Microsoft Sentinel Microsoft Sentinel is Microsoft's cloud based SIEM. A SIEM aggregates security data from many different sources to provide additional capabilities for threat detection and responding to threats.
68
What is the best way for Tailwind Traders to safely store its certificates so that they're accessible to cloud VMs? 1. Place the certificates on a network share 2. Store them on a VM that's protected by a password 3. Store the certificates in Azure Key Vault
3. Store the certificates in Azure Key Vault Azure Key Vault enables you to store your secrets in a single, secure location. Key Vault also makes it easier to enroll and renew certificates from public Certificate Authorities (CA's)
69
How can Tailwind Traders ensure that certain VM workloads are physically isolated from workloads being run by other Azure customers? 1. Configure the network to ensure that VMs on the same physical host are separated. 2. This is not possible. These workloads need to be run on premise. 3. Run the VMs on Azure Dedicated Host
3. Run the VMs on Azure Dedicated Host Azure Dedicated Host provides dedicated physical servers to host your Azure VMs for Windows and Linux.
70
An attacker can bring down your website by sending a large volume of network traffic to your servers. What Azure service can help companies protect its App Service instance from this kind of attack? 1. Azure Firewall 2. Network Security Groups 3. Azure DDOS Protection
3. Azure DDOS Protection DDOS protection helps protect your Azure resources from DDOS attacks. A DDOS attack attempts to overwhelm and exhaust an applications resources, making the application slow or unresponsive to legitimate users.
71
What is the best way for companies to limit all outbound traffic from VMs to known hosts? 1. Configure Azure DDOS protection to limit network access to trusted ports and hosts 2. Create application rules in Azure Firewall 3. Ensure that all running applications communicate with only trusted ports and hosts
2. Create application rules in Azure Firewall Azure Firewall enables you to limit outbound HTTP/S traffic to a specified list of fully qualified domain names (FQDN's)
72
How can companies most easily implement a deny by default policy so that VMs can't connect to each other? 1. Allocate each VM on its own virtual network 2. Create a network security group rule that prevents access from another VM on the same network 3. Configure Azure DDOS protection to limit network access within the virtual network.
2. Create a network security group rule that prevents access from another VM on the same network A network security group rule enables you to filter traffic to and from resources by source and destination IP address, port and protocol.
73
How can the IT Department ensure that employees at the company's retail store can access company applications only from approved tablet devices? 1. SSO 2. Conditional Access 3. Multifactor Authentication
2. Conditional Access Conditional Access enables you to require users to access your applications only from approved or managed devices.
74
How can the IT Department use biometric properties, such as facial recognition, to enable delivery drivers to prove their identities? 1. SSO 2. Conditional Access 3. Multifactor Authentication
3. Multifactor Authentication Authenticating through Multifactor Authentication can include something the user knows. something the user has and something the user is.
75
How can the IT Department reduce the number of times users must authenticate to access multiple applications? 1. SSO 2. Conditional Access 3. Multifactor Authentication
1. SSO SSO enables a user to remember only one ID and one Password to access multiple applications.
76
What is the best way for companies to ensure they can only deploy cost-effective virtual machine SKU sizes? 1. Create a policy in Azure Policy that specifies the allowed SKU sizes. 2. Periodically inspect the deployment manually to see which SKU sizes are used. 3. Create an Azure RBAC role that defines the allowed virtual machine SKU sizes.
1. Create a policy in Azure Policy that specifies the allowed SKU sizes. After you enable this policy, that policy is applied when you create new virtual machines or resize existing ones. Azure Policy also evaluates any current machines in your environment.
77
What is likely the best way for companies to identify which billing department each Azure resource belongs to? 1. Track resource usage in a spreadsheet? 2. Split the deployment into separate Azure subscriptions, where each subscription belongs to its own billing department. 3. Apply a tag to each resource that includes the associated billing department.
3. Apply a tag to each resource that includes the associated billing department. Tags provide extra information, or metadata, about your resources. They might create a tag that's named BillingDept whose value would be the name of the billing department. You can use Azure Policy to ensure that the proper tags are assigned when resources are provisioned.
78
Where can the company access details about the personal data Microsoft processes and how the company processes it, including for Cortana? 1. Microsoft Privacy Statement 2. The Azure Compliance Documentation 3. Microsoft compliance offerings.
1. Microsoft Privacy Statement The Microsoft Privacy Statement provides information that's relevant to specific services, including Cortana.
79
Where can the legal team access information around how the Microsoft cloud helps them secure sensitive data and comply with the applicable laws and regulations? 1. Microsoft Privacy Statement 2. Trust Center 3. Online Services Team
2. Trust Center The Trust Center is a great resource for people in your organization who might play a role in security, privacy and compliance.
80
Where can the IT department find reference blueprints that it can apply directly to its Azure subscriptions? 1. Online Services Terms 2. Azure compliance documentation 3. Microsoft Privacy Statement
2. Azure compliance documentation The compliance documentation provides reference blueprints, or policy definitions, for common standards that you can apply to your Azure subscription.
81
Which is the best first step a team should take to compare the cost of running these environments on Azure versus in their datacenter? 1. They're just test environments. Spin them up and check the bill at the end of the month. 2. Assume that running in the cloud costs about the same as running in the datacenter. 3. Run the Total Cost of Ownership Calculator
3. Run the Total Cost of Ownership Calculator Running the Total Cost of Ownership Calculator is a great first step because it can provide an accurate comparison of running workloads in the datacenter versus on Azure, certified by an independent research company.
82
What's the best way to ensure a development team doesn't provision too many virtual machines at the same time? 1. Do nothing, Let the development team use what they need. 2. Apply spending limit's to the development team's Azure subscription 3. Verbally give the development lead a budget and hold them accountable for their overages.
2. Apply spending limit's to the development team's Azure subscription If you exceed your spending limit active resources are deallocated. You can then decide whether to increase or limit your provision fewer resources.
83
What is the most efficient way for a testing team to save costs on virtual machines on weekends, when testers are not at work? 1. Delete the virtual machines before the weekend and create a new set the following week. 2. Deallocate virtual machines when they're not in use 3. Just let everything run. Azure bills you only for the CPU time that you use. .
2. Deallocate virtual machines when they're not in use. When you deallocate virtual machines the associated hard disks and data are still kept in Azure. But you don't pay for CPU or network consumption, which can help save costs.
84
Resources in the Dev and Test environments are each paid for by different departments. What's the best way to categorize costs by department? 1. Apply a tag to each virtual machine that identifies the appropriate billing department. 2. Split the cost evenly between departments. 3. Keep a spreadsheet that lists each team's resources.
1. Apply a tag to each virtual machine that identifies the appropriate billing department. You can apply tags to groups of Azure resources to organize billing data.
85
What's the SLA for Azure Maps in terms of guaranteed uptime? 1. 99 percent 2. 99.9 percent 3. 99.99 percent
2. 99.9 percent
86
What's the new composite SLA for Azure Maps? Remember the new SLA includes a third VM and Azure Maps. 1. 99.58 percent 2. 99.78 percent 3. 99.99 percent
1. 99.58 percent To compute the SLA for a set of services you multiply the SLA of each individual service.
87
Adding a third VM reduces the composite SLA. How can companies offset this reduction? 1. Increase the size of each VM. 2. Deploy extra instances of the same VM across the different availability zones in the same Azure region. 3. Do nothing. Using Load Balancer increases the SLA for virtual machines.
2. Deploy extra instances of the same VM across the different availability zones in the same Azure region. If one availability zone is affected, your virtual machine instance in the other availability zone should be unaffected.
88
What approach might the company take in adding the augmented reality (AR) preview service to its architecture? 1. The Special Orders app is already in Production. The company shouldn't look into the AR service until the service reaches general availability (GA). 2. The Special Orders app is mainly for use by retail employees. The company can integrate the AR service now because potential downtime or failures aren't an important factor. 3. The development team can create a prototype version of the app that includes the AR service that it tests out with select retail employees.
3. The development team can create a prototype version of the app that includes the AR service that it tests out with select retail employees. After the AR service reaches general availability (GA), the team can roll it out to production.
89
What is Serverless Computing?
Serverless computing provides INBUILT INFRASTRUCTURES and a RUNTIME ENVIRONMENT to develop applications rapidly. It is the next generation evolution of Platform as a Service. There is no need to worry about infrastructure, scaling, management, and provisioning at all. You can manage real life applications also and pay for the resources you consume. Whenever the application is in an idle state, you are not charged for it.
90
What is important about an Azure Function?
The Azure Function is a bit of INDEPENDENT CODE that is ready to get executed. It is cutting edge SERVERLESS design based on an EVENT DRIVEN approach. Independent of the infrastructure or the platform where the function is running. Users are only billed when the function is running and not billed when in an idle state. The Azure Function can begin with various triggers such as BLOB being embedded in a compartment or an HTTP demand. Outer administration can also trigger the Azure function. Developers can code in any language of their choice
91
Where do you find virtual machine images provided by third party companies within the Azure Portal?
In the Azure Marketplace
92
What types of attacks can a Web Application Firewall (WAF) protect from? 1. DDOS Denial of service attack 2. Cross Site Scripting (XSS) attacks 3. Throttling of requests based on the authentication key being used.
2. Cross Site Scripting (XSS) attacks
93
What is Microsoft's preferred solution for identity management in the cloud for application users? 1. Azure Active Directory 2. Identity Access Management (IAM) 3. Social media sites such as Facebook Connect, Microsoft Live, Google, Yahoo
1. Azure Active Directory
93
What benefit does Multi-Factor Authentication give to enhance user security? 1. It requires you to change your password every few days which enhances security. 2. It provides an alternative way to log in besides having to type your password every time. 3. It requires you to have your mobile phone with you to get the code, making it way more difficult for someone to impersonate you.
3. It requires you to have your mobile phone with you to get the code, making it way more difficult for someone to impersonate you.
94
How does Azure Advisor enhance security of your account? 1. Azure Advisor makes specific recommendations unique to you, based on their analysis of your account. 2. Azure Advisor makes generic best-practice recommendations, which you probably already follow but it's good to double check. 3. Azure Advisor automatically protects your account from common attack vectors.
1. Azure Advisor makes specific recommendations unique to you, based on their analysis of your account.
95
What Azure service is specifically designed for you to keep your application secrets such as API keys, signed certificates, and security key? 1. Azure Recovery Services 2. Azure Key Vault 3. Azure Active Directory 4. Azure Information Protection
2. Azure Key Vault
96
What would be a good reason to have multiple subscriptions? 1. To separate out billing of resources among several payers 2. As a way to clearly separate resources between different teams and departments 3. For an additional form of security to separate out development servers from production 4. All of these answers are true
4. All of these answers are true
97
Scenario: You have an application in the cloud that has 10 servers with various roles. Six servers are D2S machines, two servers are D4S, and two are D8S instance types. This application is expected to run for years, but the business has concerns about the cost. What is the one thing you can do almost immediately to reduce the cost of this solution by at least 50%? 1. See if you can consolidate some of the machines so that 10 servers can become 7 or 8 2. Implement an autoscaling function that will add and remove servers depending on actual user demand 3. Use Azure Reserved Instances with Hybrid benefit 4. Investigate your use of storage to implement cool tier and archive tier storage
3. Use Azure Reserved Instances with Hybrid benefit Yes, you can get 80% savings without a single change to your application at all
98
What is the concept of Total Cost of Ownership? 1. It's the total cost of owning and operating a machine including up front hardware costs, labor, electricity, internet access, real estate, security, cooling, etc... 2. It is the cost of buying the server up front, amortized over 10 years 3. It is the estimate of your future monthly cloud computing bills
1. It's the total cost of owning and operating a machine including up front hardware costs, labor, electricity, internet access, real estate, security, cooling, etc...
99
What is Microsoft's Service Level Agreement for single instance Virtual Machines running with premium OS disks and data disks? 1. 99.9% 2. 99.99% 3. 99.95% 4. 99.999%
1. 99.9%
100
Is it wise to use Azure "Preview Features" in Production? 1. Yes, why not? 2. No, don't do that
2. No, don't do that Correct. Preview Features can change and even go away without notice.
101
What two types of DDoS protection services does Azure provide? Select two. 1. Basic 2. Advanced 3. Premium 4. Standard
1. Basic 4. Standard Azure DDos Protection Basic is free, while you can upgrade to Standard for a fee.
102
Which of the following elements is considered part of the "network" layer of network security? 1. Locks on the data center doors 2. Separate servers into distinct subnets by role 3. Use a firewall 4. Keep operating systems up to date with patches
2. Separate servers into distinct subnets by role Subnets is part of network security
103
Where do you go within the Azure Portal to find all of the third-party virtual machines and other offers? 1. Azure Mobile App 2. Bing 3. Azure Marketplace 4. Choose an image when creating a VM
3. Azure Marketplace Azure Marketplace contains thousands of services you can rent within the cloud
104
Which of the following scenarios would Azure Policy be a recommended method for enforcement? 1. Require a virtual machine to always update to the latest security patches 2. Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue? 3. Allow only one specific roles of users to have access to a resource group 4. Prevent certain Azure Virtual Machine Instance types from being used in a resource group
4. Prevent certain Azure Virtual Machine Instance types from being used in a resource group Azure Policy can add restrictions on storage account SKUs, virtual machine instance types, and rules relating to tagging of resources and groups. It cannot prompt a user to ask them if they are sure.
105
How does Multi-Factor Authentication make a system more secure? 1. It doesn't make it more secure 2. It is another password the user has to remember, making it more secure 3. It requires the user to have access to an additional device for identity verification 4. It allows the user to log in without a password because they have already previously been validated using a browser cookie
3. It requires the user to have access to an additional device for identity verification Multi-Factor Authentication (MFA) - the concept of having something additional to a “password” that is required to log in; passwords are findable or guessable; but having your mobile phone on you to receive a phone call, text or run an app to get a code is harder for a unknown hacker to get
106
What is the recommended way within Azure to store secrets such as private cryptographic keys? 1. Azure Key Vault 2. In an Azure Storage Account private blob container 3. Azure Advanced Threat Protection (ATP) 4. Within the application code
1. Azure Key Vault Azure Key Vault - the modern way to store cryptographic keys, signed certificates and secrets in Azure
107
What types of resources are defined as "compute resources"? 1. Resources that perform some type of task that requires CPU cycles to perform the work 2. Only virtual machines 3. All resources that are listed in the Azure Marketplace
1. Resources that perform some type of task that requires CPU cycles to perform the work Compute Services - a category of services in Azure that provides CPU cycles for rent. Virtual Machines are only one type of compute resource. The Marketplace contains many types of resources, not just compute.
108
True or false: Azure Cloud Shell allows access to the CLI and Powershell consoles in the Azure Portal 1. False 2. True
2. True Cloud Shell - allows access to the CLI and Powershell consoles in the Azure Portal
109
With Azure public cloud, anyone with a valid credit card can sign up and get services immediately 1. False 2. True
2. True Yes, Azure public cloud is open to the public in all countries that Azure supports.
110
True or false: Azure charges for bandwidth used "inbound" to Azure 1. False 2. True
1. False Ingress bandwidth is free. You pay for egress (outbound).
111
What does ARM an abbreviation for in Azure? 1. Advances RISC Machine 2. Availability, Reliability, Maintainability 3. Account Resource Manager 4. Azure Resource Manager
4. Azure Resource Manager Azure Resource Manager (ARM) - this is the common resource deployment model that underlies all resource creation or modification; no matter whether you use the portal, PowerShell or the SDK, the Azure Resource Manager takes those commands and executes them
112
Which of the following is something that Azure Cognitive Services API can currently do? 1. Recognize faces in a picture 2. Translate text from one language to another 3. Recognize text in an image 4. All of these! Azure can do it all! 5. Speak text in an extremely realistic way 6. Create text from audio
4. All of these! Azure can do it all! Azure can do all of them, of course.
113
True or False: Azure is a public cloud, and has no private cloud offerings 1. True 2. False
2. False Some aspects of Azure are not open to the public and require a private agreement with Microsoft such as Azure Government and DoD services
114
Which tool within the Azure Portal will make specific recommendations based on your actual usage for how you can improve your use of Azure? 1. Azure Advisor 2. Azure Dashboard 3. Azure Service Health 4. Azure Monitor
1. Azure Advisor Azure Advisor - a tool that will analyze your use of Azure and make you specific recommendations based on your usage across availability, security, performance and cost categories
115
What are Azure Availability Zones? 1. A feature of Azure that allows you to manually specify into which datacenter your virtual machines are placed, which allows you to achieve higher availability than any other option. 2. A folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks or almost any resource 3. Within each individual datacenter, certain racks of servers have been architected by Azure to have higher uptime than others. If you place your apps into this rack, you'll get higher uptime than if you let Azure do it. 4. This is the same as region.
1. A feature of Azure that allows you to manually specify into which datacenter your virtual machines are placed, which allows you to achieve higher availability than any other option. Availability Zones - Unique physical locations within an Azure region, made up of one or more data centers; there is a minimum of three zones in each region; you can manually place your resources in an availability zone for highest availability
116
Which Azure AD licenses (select two) are made available through Azure? 1. Azure Active Directory Free 2. Enterprise Tier 2 3. Business Tier 1 4. Basic 5. Officer 365
1. Azure Active Directory Free 5. Officer 365 Azure Active Directory provides the following licenses: Free, Office 365, Premium P1, and Premium P2.
117
What is the concept of Big Data? 1. A small sensor or a similar device that constantly sends its status and other data to the cloud 2. A for of Artificial Intelligence (AI) that allows systems to automatically learn and improve from experience without being explicitly programmed. 3. A set of Azure services that allow you to use execute code in the cloud but don't require (or even allow) you yo manage the underlying server 4. An extremely large set of data that you want to ingest and do analysis on; traditional software like SQL Server cannot handle Big Data as efficiently as specialized products.
4. An extremely large set of data that you want to ingest and do analysis on; traditional software like SQL Server cannot handle Big Data as efficiently as specialized products. Big Data - a set of open-source (Apache Hadoop) products that can do analysis on millions and billions of rows of data; current tools like SQL Server are not good for this scale
118
What does it mean if a service is in Private Preview mode? 1. Anyone can use this service for any reason 2. Anyone can use the service but it must not be for production use 3. You have to apply to get selected in order to use that service 4. This service is generally available for use and Microsoft will provide support for it.
3. You have to apply to get selected in order to use that service Private Preview means you have to apply to use a service, and you may or may not be selected
119
Why would someone prefer a Consumption-based pricing model as opposed to a Time-based (Fixed) pricing model? 1. It is always cheaper to pay for consumption that to pay by the hour 2. The pricing model is simpler and easier to understand 3. You can save alot of money if you don't use the resource often as opposed to having it available for use 24/7 4. You can easily predict the cost of the service into the future.
3. You can save alot of money if you don't use the resource often as opposed to having it available for use 24/7 Consumption-Based Model - paying for something based on how much you used, as opposed to paying for something no matter if you use it or not.
120
Which of the following would be an example of an Internet of Things (IoT) device? 1. A video game, installed on Windows clients around the world, that keeps user scores in the cloud 2. A web application that people use to perform their banking tasks 3. A refrigeration that monitors how much milk you have left and sends you a message when you are running low 4. A mobile application that is used to watch online video games
3. A refrigeration that monitors how much milk you have left and sends you a message when you are running low An IoT device is not a standard computing device but connects to a network to report data on a regular basis. A web server, a personal computer, or a mobile app is not an IoT device.
121
What is Azure's preferred Identity/authentication service? 1. Network Security Group 2. Live Connect 3. Facebook Connect 4. Azure Active Directory
4. Azure Active Directory Azure Active Directory (Azure AD) - Microsoft’s preferred Identity as a Service solution
122
What happens if Azure does not meet its own Service Level Agreement guarantee (SLA)? 1. It's not possible, Azure will always meet it's SLA 2. The resource that did not meet the SLA will be free for the remaining month and the next 3. A discount will be applied to the customer's Azure bill (as a service credit), which is a compensation for an underperforming Azure product or service 4. The service will be free that month
3. A discount will be applied to the customer's Azure bill (as a service credit), which is a compensation for an underperforming Azure product or service Microsoft offers a service credit percentage depending on the missed SLA.
123
Why is Azure App Services considered Platform as a Service? 1. Azure App Service is not PAAS, It is a SAAS 2. You can decide on what type of virtual machine runs it - A series, D series or even H series 3. You are responsible for keeping the operating system up to date with the latest patches 4. You give Azure the code and the configuration and you have no access to the underlying hardware
4. You give Azure the code and the configuration and you have no access to the underlying hardware PaaS - You give Azure the code and the configuration, and you have no access to the underlying hardware
124
What is Single Sign-On? 1. When you sign in to an application it remembers who you are the next time you go there. 2. When an application outsources (federates) it's identity service to a third party platform 3. The ability to log in once and use the existing userid and password to sign in other applications, and not have to create/memorize a new one.
3. The ability to log in once and use the existing userid and password to sign in other applications, and not have to create/memorize a new one. Single-Sign On - the ability to use the same user id and password to log into every application that your company has; enabled by Azure AD
125
What does it mean if a service is in Public Preview mode? 1. You have to apply to get selected in order to use that service 2. Anyone can use the service but normal service level agreements do not apply 3. Anyone can use the service for any reason 4. The service is generally available for use and Microsoft will provide support for it.
2. Anyone can use the service but normal service level agreements do not apply Public Preview is for anyone to use, but it is not supported nor guaranteed to continue to be available
126
True or false: Azure Active Directory is a network gateway that load balances user logins using a CDN (Content Delivery Network). 1. False 2. True
1. False No, Azure Active Directory is an enterprise identity service that provides single sign-on and multi-factor authentication.
127
What is the basic way of protecting an Azure Virtual Network subnet? 1. Application Gateway with WAF 2. Azure Firewall 3. Azure DDOS Standard Protection 4. Network Security Group
4. Network Security Group Network Security Group (NSG) - a fairly basic set of rules that you can apply to both inbound traffic and outbound traffic that lets you specify what sources, destinations and ports are allowed to travel through from outside the virtual network to inside the virtual network
128
Within the context of privacy and compliance, what does the acronym ISO stand for, in English? 1. Instead of 2. Information Systems Officer 3. International Organization for Standardization 4. Intelligence and Security Office
3. International Organization for Standardization
129
What operating systems does Microsoft supply Azure Virtual Machine images for? 1. Windows, Linux, macOS 2. Linux 3. Windows and Linux 4. Windows 5. macOS
3. Windows and Linux
130
What type of documents does the Microsoft Service Trust Portal provide? 1. A tool that helps you manage your compliance to various standards 2. Specific recommendations about your usage of Azure and ways you can improve 3. Documentation on the Individual services and solutions 4. A list of standards that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft's compliance efforts.
4. A list of standards that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft's compliance efforts. A list of standards that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft's compliance efforts
131
Which of the following elements is considered part of the "perimeter" layer of security? 1. Keep operating systems up to date with patches 2. Separate servers into distinct subnets by role 3. Use a Firewall 4. Locks on the data center doors
3. Use a Firewall Firewall is part of the perimeter security
132
What benefit does a Content Delivery Network (CDN) provide its users? 1. Allows you to reduce the traffic coming into a web server for static, unchanging files such as images, videos and PDFs 2. For a small fee Azure will take over management of your virtual machine, perform OS updates and ensure its running well 3. Allows you to keep temporary session information on the web visitor such as their login ID or their name 4. Allows you to store data that can be retrieved later in an extremely fast and inexpensive manner
1. Allows you to reduce the traffic coming into a web server for static, unchanging files such as images, videos and PDFs Content Delivery Network - allows you to improve performance by removing the burden of serving static, unchanging files from the main server to a network of servers around the globe; a CDN can reduce traffic to a server by 50% or more, which means you can serve more users or serve the same users faster; SaaS
133
Which feature within Azure alerts you to service issues that happen in Azure itself, not specifically related to your own resources? 1. Azure Service Health 2. Azure Portal Dashboard 3. Azure Security Center 4. Azure Monitor
1. Azure Service Health Azure Service Health - lets you know about any Azure-related service issues including region-wide downtime
134
What feature of a system makes it elastic? 1. The ability of it to add and reduce capacity based on actual demand 2. The ability to heal itself after a crash 3. The ability to withstand denial of service attacks 4. The ability of it to stay up (available) while updates are being made to the system
1. The ability of it to add and reduce capacity based on actual demand Elasticity - the ability of a system to automatically grow when maximum capacity is reached, and automatically shrink to minimize waste
135
True of false: Azure Powershell scripts and Command Line Interface (CLI) scripts are entirely compatible with each other? 1. False 2. True
1. False No, PowerShell is it's own language, different than CLI
136
True or false: You cannot have more than one Azure subscription per company 1. False 2. True
1. False You can have multiple subscriptions, as a way to separate out resources between billing units, business groups, or for any reason you wish.
137
What are the two features that Azure AD provides? Choose two. 1. Azure DDOS Protection 2. Authentication 3. Functions 4. Application Management 5. Logic Apps 6. Logs Analytics
2. Authentication 4. Application Management Azure AD provides many features, but only the two are listed.
138
For tax optimization, which type of expense is preferable? 1. Capex 2. Opex
2. Opex Operating Expenditure is thought to be preferable because you can fully deduct expenses when they are incurred
139
True or false: you can create your own policies if built-in Azure Policy is not sufficient to your needs 1. False 2. True
2. True True, you can create custom policies using JSON
140
True or False: Under the Infrastructure as a Service model, Azure is responsible for managing the physical host, physical network, and physical datacenter. 1. True 2. False
1. True Yes, Azure still manages the hardware itself, the hypervisor and all of the physical elements behind the scenes
141
Which of the following services would NOT be considered Infrastructure as a Service? 1. Virtual Network 2. Azure Functions Apps 3. Virtual Network Interface Card (NIC) 4. Virtual Machine
2. Azure Functions Apps Functions are small pieces of code that you give to Azure to run for you, and you have no access to the underlying infrastructure.
142
Approximately how many regions does Azure have around the world? 1. was 54 now 60+ 2. 25 3. 10 4. 100
1. was 54 now 60+ They keep adding them all the time. There are now over 60 Azure regions, in 10 geographies
143
What does it mean if a service is in General Availability (GA) mode? 1. You have to apply to get selected in order to use that service. 2. The service is available for use by some and Microsoft will provide support for it 3. Anyone can use the service for any reason 4. Anyone can use the service but it must not be for production use
3. Anyone can use the service for any reason Anyone can use a GA service. It is fully supported and can be used for production.
144
What Azure tool gives you the ability to manage multiple subscriptions into nested hierarchies? 1. Resource Groups 2. Azure Active Directory 3. RBAC 4. Management Groups
4. Management Groups Management Groups - a hierarchy of subscriptions; can have many subscriptions, and group them, and put those groups into other groups
145
Which two options can you use to connect Azure Virtual Networks (VNets) to each other? 1. VNet Peering 2. Azure Front Door 3. VPN Gateways 4. Azure Traffic Manager 5. Azure Express Route
1. VNet Peering | 3. VPN Gateways

Data Engineer/SQL Developer/SQL DBA Study Topics (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions