big group Flashcards
(190 cards)
1
Q
Which cloud model should be used in this instance?
A company wants to deploy multiple servers to host web applications but wants to keep hardware cost and manageable cost to a minimum. The solution should be highly scaleable
A
public model
2
Q
Which cloud model should be used in this instance?
A company needs to implement a solution where it maintains management control over hardware and infrastructure. The solution can be physically deployed offsite
A
Private model
3
Q
Which cloud model should be used in this instance?
A company plans to use a custom software as a service application and wants to minimize cost. The company is legally required to maintain and secure all data onsite.
A
Hybrid model
4
Q
Which cloud model should be used in this instance?
Your company wants to create a virtual network with 10 virtual machines and no capital expenditure costs
A
public
5
Q
Which cloud model should be used in this instance?
Your company wants to control the methods used to have a high level of security for its resources
A
private
6
Q
Which cloud model should be used in this instance?
Your company does not have IT experts or the money to purchase its own servers
A
Public
7
Q
A private cloud requires
A
the infrastructure to be on a private network
8
Q
Your company plans to migrate applications and services to the cloud. You recommend for a hybrid cloud to be deployed. Why would you make this recommendation?
A
To augment on-premise resources by providing overflow capacity.
9
Q
Your company deploys resources in Azure. According to the shared responsibility model, which task will you be required to perform?
A
Install critical updates on virtual machines
10
Q
Benefits of moving the infrastructure to the cloud
(T/F) You can use horizontal scaling for the web server
A
True
11
Q
Benefits of moving the infrastructure to the cloud
(T/F) You can resize the disk on demand on mail server if email messages increase
A
True
12
Q
What is an advantage of using public cloud over a private cloud?
A
Costs are lower and spread among multiple tenants
13
Q
Manually increasing or decreasing resources to meet a predictable workload is called
A
scalability
14
Q
Automatically increasing or decreasing resources to meet spikes and drops in demand is called
A
Elasticity
15
Q
Speed and flexibility in allocation and deallocation of required resources is called
A
Agility
16
Q
(T/F) Azure active directory is used to manage API cryptographic keys
A
False
17
Q
(T/F) Azure Storage encryption is enabled by default and cant be disabled
A
True
18
Q
(T/F) Azure ExpressRo7ute is used to secure traffic between virtual networks
A
False
19
Q
In infrastructure as a service cloud model, the subscriber is responsible for the management of what?
A
operating system
application
runtime
middleware
data
20
Q
In Iaas the service provider is responsible for
A
virtualization
servers
storage
physical networking
21
Q
(T/F) The service provider is responsible for all infrastructure hardware in SaaS, PaaS, and IaaS
A
True
22
Q
(T/F) Creating a virtual machine running Windows server 2016 is a example of PaaS
A
False
23
Q
(T/F) SaaS gives you a way to give users access to sophisticated applications in a pay-as-you-go enviornment
A
True
24
Q
(T/F) IaaS allows you to rent hardware and have control over the operating system
A
True
25
(T/F) PaaS allows you to manage applications without controlling the underlying OS
True
26
(T/F) SaaS allows you to subscribe to software
True
27
In a Platform as a Service, the customer service is in responsible for
Data, application
28
In Platform as Service, the provider is responsible for
Operating system, storage, virtualization
29
Which cloud service model should be used in this instance?
A company needs to deploy an Ubuntu Linux virtual machine to run a resource-intensive data analysis application
IaaS
30
Which cloud service model should be used in this instance?
A company needs to make productivity applications available to all employees, including those that work from home, on a pay-as- you-go basis
SaaS
31
Which cloud service model should be used in this instance?
A company needs to develop a web app designed to ruin on both computers and mobile devices and manage the application lifecycle
PaaS
32
Which cloud service model should be used in this instance?
A company needs to transition an on-premise data center to the cloud with minimal impact on users
IaaS
33
(T/F) about shared responsibility in the cloud
the customer always retain responsiblity for the data
True
34
(T/F) about shared responsibility in the cloud
The responsibility for the management of accounts is transferred to the cloud provider
False
35
(T/F) about shared responsibility in the cloud
The responsibility for the operating system in Platform as a service is retained by the customer
False
36
You need to deploy serverless solution that meets the following requirements
-executution is triggered through an https request
-you pay only for the time that the code runs
-you do not have to manage the application infrastructure
Azure functions
37
with __________ developers deploy code and pay for its runtime only, without worrying about the provisioning configuration and management of the underlying infrastructure
serverless computing
38
(T/F) Azure IaaS provides and manages container orchestrators
False
39
(T/F) Resources can be allocated on a pay as you go basis whenever needed in IaaS
True
40
(T/F) you are responsible for managing application and middleware while azure manages operating system in Iaas
False
41
Which cloud service model should be used in this instance?
Use provider managed hardware to run a customized database
IaaS
42
Which cloud service model should be used in this instance? use a provider managed calender to schedule appointments and meetings
Software as a Service
43
Which cloud service model should be used in this instance? User provider managed business intelligence services to analyze marketing trends
Paas
44
Which cloud service model should be used in this instance?
You need to find a cloud solution that allows the highly customized web application to run without requiring management of operating system settings or services. However, the company's web developers must be able to maintain customizations
Deploy the web app functionality using PaaS
45
A company is deploying a critical business application on two virtual machines. The deployment needs to support:
-highly available access
-separate fault and update zones
-minimal latency between instances
most users who needs to access the application are in Azure East US2 region
Separate availability zones
46
(T/F) Locking a resource group as read-only locks all resources contained in the group
True
47
(T/F) A resource group contain resources from the same region as the resource group only
false
48
(T/F) You can add a resource to remove a resource group from a resource from a resources group as long as the resource group is not locked
True
49
(T/F) Resources can interact with other resources in a different resource group
True
50
A company wants to expand its cloud presance by deploying additional resources to Azure. The company plans to use templates based on existing resources to automate the deployment process. Ensuring consistent deployment is critical. What should the company use?
Azure Resource manager
51
What describes regions
-regions are always paired with other regions
-regions contain one or more datacenters
-regions specify the location of resources
52
Description of containers
-container can be accessed over the internet by IP address or domain name
-a container can run on windows or linux
-a container can scale out as needed
-a container represents a single app and its dependencies
53
What is the purpose of a resource group?
it serves as a container for azure resources like virtual machines and web apps
54
(T/F) You can transfer an existing subscription to a new Azure active directory tenant
True
55
(T/F)Quotas for resource in Azure resource group are per region rather than per subscription
True
56
(T/F) All users and groups with role-based acces to manage the subscription lose their accesss
True
57
(T/F) System-assigned managed identities are re=enabled automatically
False
58
(T/F) moving a subscription that owns an azure kubernetes services cluster causes the cluster to lose functionality
True
59
You need to ensure that your resources are replicated and hosted 200 miles away within the same geographic area, to minimize impact on your solutions' avaiability in case of disaster
Region pairs
60
Management groups let you organize mutiple
subscriptions as a single management entity to facilitate easier management
61
You want to allow inbound traffic to an azure virtual machine from only specific ip address
network security group
62
you want to prevent a malicious flood of http traffic to a vm that host internet information services
distributed denial of service protection
63
you want to create a rule that restricts network traffic across subscriptions
azure firewall
64
(T/F) Azure virtual desktop supports remote desktop clients on MacOS and iOS
True
65
(T/F) you are in charge for the use of azure virtual desktop for a monthly basis according to active users
false
66
(T/F) azure virtual desktop users should exisit in the same windows server active directory that is linked to azure ad
true
67
Which azure resource fits this scenario
migrate a workload from an on-premise hyper v host to azure, still retaining full control over the operating system
azure virtual machine
68
Which azure resource fits this scenario
deploy a web application using platform as a service for scalability and security
azure app services
69
Which azure resource fits this scenario
build an event driven solution and pay only for the time you spent running your code
azure funcitons
70
Which two options can you use to connect azure virtual networks to each other?
VPN Gateways
VNet Peering
71
_____ is a service that enables private connectivity between your on-premise network and microsoft azure or microsoft 365
Azure expressroute
72
_________ is a global endpoint that works at layer 7(https/'http) to enable fast, secure, and widely scalable web applications
azure front door
73
___________ azure traffic manager is a DNS based traffic load balancer that allows optimal distribution of traffic to azure services spread across global azure region
azure traffic manger
74
(T/F) Expressroute traffic is routed through a private connection
True
75
(T/F) Traffic between peered virtual network is routed over the public internet
False
76
(T/F) A vnet is created within the scope of the region
True
77
________ enables you to perform automated deployment from azure devops
Azures App service
78
________is a cloud-based set of tools and services for software developers
Azure Devops
79
_______is a data management tool that enables you to connect to and quert data stores, build visually stunning reports, and custom analytics solutions
Azure Data Studio
80
_______is a family of cloud based relational database services built on microsoft sql server technology
Azure sQL
81
Creating highly portable, scalable app instances that includes the binaries and libraries required to run can be done using ______
containers
82
(T/F) Virutal network peering can be sued to connect virtual networks across azure regions
True
83
(T/F) Virtual netwrok peering can be used to transfer data between azure active directory tenants
True
84
(T/F) Configuring peering requires a short downtime for the peered virtual network
False
85
You manage a developed team that needs to focus all its efforts on creating and maintaining application code. Your team does not have the resources to provision and scale the infrastructure your applications required to run. What should you do?
Create an azure function subscription and upload your code
86
_____typically contain only the binaries and libraries to run a single app or service
containers
87
_____is a stored virtual machine machine configuration. used to speed up deployment of frequently used operating system configurations
template
88
_____provides an automated way to control and automate many of the same tasks that can be performed through azure portal such as creating and managing machines, networking, storage, and more. can also be used to manage multiple azure subscriptions and save time by avoiding the manual entry of repetitive commands
Azure command line interface
89
you need to bring azure storage into your virutal network with a dedicated ip address what do you do?
create a private endpoint with azure private link
90
a company wants to host data disks in the azure cloud. The data disk must be available to other on-premise machines running windows, linux, and mac os using network sharing via server message block protocol . data must be secure both at rest and in transit. Which storage product solution?
File storage
91
___ stores data as a virtual hard disk that is available to the vm to which the disk is attached. does not provide any outside access
disk storage
92
_____ designed for storing large quantities of unstructured data.
blob storage
93
____ provides storage to retrieve and persist state
Azure files
94
planning to deploy and need to meet the following requirements:
-up to 10 tb of storage
-azure premium storage
-point in time restore for up to 35 days
need to select deployment and pricing tier
Azure database for Postgres SQL SIngle Server General purpose tier( supports up to 16tb and uses azure premium storage. point in time is met by all azure database for postgres SQL deployments
95
you need to ensure that your database can scale horizontally and suport the query parallelization for faster response on a large dataset, without your teams involvement in database or operating system. which deployment option of postgres should you use?"
Azure database for postgres sql hyperscale (citus)
96
Which resource fit this scenario?
fast migration of sql server from on-premise to azure with retention of operating system access
sql server on azure vms
97
Which resource fit this scenario?
cost-effective, serverless database with an intermittent usage pattern and a low compute utilization over time
azure sql databricks
98
Which resource fit this scenario?
live=and shift of on premise sql server with minimal changes to an azure platform as a service solution
azure sql managed instances
99
which two solutions should you use to transfer an on-premise virtual hard disk to azure?
Azure storage explorer
azCopy
100
match azure storage blob with associated desc
incurs penalties for data deleted within days
cool
101
match azure storage blob with associated desc
is not available at account level
archive
102
match azure storage blob with associated desc
incurs highest rehydration cost
archive
103
blob storage:
____ offers highest performance and lowest access latencies but is more expensive storage tier. intend to hold data that is accessed frequently
hot
104
blob storage:
____ tier is designed to hold data that only requires infrequent access. must be stored for at least 30 days
cool
105
blob storage:
___designed to hold data that is rarely requires access. not available at account level
archive
106
_________ storage account supports blob, queue, and table storage services
standard general-purpose v2
107
(T/F) azure file can be access using the server mesasge block protocol
True
108
(T/F) azure files can be accessed using the network file system protocol
True
109
(T/F) a share access signature is required to access azure files
False
110
as part of a cloud migration, your azure cloud implementation has been initially seeded with 100tb of data. as the migration cointinues you need to periodically migrate data to azure using server message block. what two solutions meet this requirement?
Azure files
azure data box gateway
111
(T/F) virtual network from multiple subscriptions in your organization can link to the same azure ddos protection plan
True
112
which license should you use?
you want to publish on premise web apps using azure ad
premium
113
Which license should you use?
you want to use an on premise directory synchronization
free
114
Which license should you use?
you want on premise users to be able to reset their own passwrods
premium
115
(T/F) azure ad authentication and authorization support required integration with an on premise ad
false
116
(T/F) web apps must be registered with azure ad to support authentication and authorization services
True
117
(T/F) azure ad supports authorization through the use of role based access control
True
118
What does Azure ad premium p1 edition support?
Rolebased access control and conditional access
119
Included in azure ad p2 license
identity protection, service entitlement management, and privileged identity management, just in time access
120
authentication types supported by both sspr and mfa are
password
sms
voicecall
121
sspr authentication supports
passwrod, sms, voicecall, security question, email address
122
you need a security solution that helps provision, manage, and deploy secure socket layer/ transport layer security certificates. what should you use?
key vault
123
key vault features
-store cryptographic keys
-secure storage and controlled access to token ,password, certificates, api keys
-created and controlling encryption keys used to encrypt data
-provisioning, managing and deploying both public and private ssl/tls certificates
-secrets and keys protected by software or federal information processing standard
124
microsoft defender for identity helps
-advance threats and protect hybrid computing enviornment
-monitor users, entity behavior and credentials stored in active directory
-provide clear incident information
125
(T/F) microsoft defender for cloud supports monitoring, security recommendations, and advanced threat protection for cloud and on-premise virtual machine resources
True
126
(T/F) Microsoft defender for cloud provides native integration with microsoft defender antivirus in windows
True
127
(T/F) microsoft defender for cloud support is limited to windows operating system only
false
128
(T/F) microsoft defender for cloud can automatically discover and assess security for new azure resources as they are deployed
True
129
your azure tenaants include several internet facing web services. the web servers reply on data stored on azure sql database servers. the web servers are located in different virtual network subnets. the database servers have their endpoints exposed to subnets. you need to implement detailed controls over the type of connections supported between teh web servers and databse serves. you want to minimize the efforts and cost necessary to implement and paintain your solution
application security groups
network security groups
130
which azure security solution provides general security recommendation and suggest remidies to better secure your resoruces?
microsoft defender for cloud
131
is it true about azure dedicated host? a provided physical server is dedicated to your organizations workload only
true
132
is it true about azure dedicated host? you can share a provided physical server across you rmutiple azure subscriptions
false
133
is it true about azure dedicated host? you are charged per number of virtual machines deployed
false
134
which two organiztion-level insights can you derive from the regulatory compliance dashboard of microsoft defender for cloud?
number of passing and failing assignments
overall compliance score
135
azure intergrates with ____ to help prevent, detect , and respond to threats to azure resources
microsoft defender for cloud
136
application security groups lets you
organize simialr services so you can easily define and implement security policies based on those groups
137
factors that affect cost of an app service
instance type
number of instances
operating system
region
tier
138
select appropiate cost control mechanism:
your company plans to commit to a three year plan for virtual machines and storage resources to recieve a reduction in pay as you go prices
azure reservations
139
select appropiate cost control mechanism
your company plans ot make use of a free saas solution that lets your company monitor, allocate and optimize cloud spend in multi cloud enviornment
azure cost management
140
select appropiate cost control mechanism
your company wants to increase defauly limit on how many select resources of each type can be provisioned per azure region
azure resource manager
141
(t/f) spot pricing provides access to discounted azure compute resources
false
142
(t/f) spot virtual machines use the standard service level agreement for azure vms
true
143
(t/f) you can set the maximum price that you agree to pay
True
144
billing zone is a geographical grouping of azure regions used to determine billing based on _______
data transfers
145
(t/f) azure advisor makes shutdown recommendation based on cpu and memory utilization over the last seven days
false
146
(t/f) you can use azure advisor to reduce cost by resizing underutilized virtual machines
true
147
(t/f) tags can aid in cost management for your subscription, and each tag consist of a name, location, and value
false
148
you need to compare the cost of running an application workload in azure vs on premise. what should you do to ensure that you can use azure tco calculator to complete the task?
define server, database, storage, and networking workload
149
what resource or features fit this scenario?
you want to ensure that only virtual machines of a specific size are deployed to a resource group
policy
150
what resource or features fit this scenario?
you want to manage a collection of policy definitions
initiative
151
what resource or features fit this scenario?
you want to prevent virtual machines from being deleted by anyone after they are deployed
lock
152
what resource or features fit this scenario?
you want to prevent virtual machines from being deployed in a subscription
policy
153
what resource or features fit this scenario?
you want to review security recommendations related to deploying your resources
advisor
154
what resource or features fit this scenario?
you want to control the users who are allowed to create virtual network
rbac
155
what resource or features fit this scenario?
you want to ensure that only sql database instances can be added to a resourced named database-rg
policy
156
what resource or features fit this scenario? you want to ensure that only members of the sales group can access virtual machines in the sales-rg resource group
rbac
157
(T/F) locks can be applied in the context of specific users and roles
false
158
(T/F) when multiple locks are applied at different scopes, the most restrictive inherited lock applies
true
159
(T/F) a lock applies to all the resource contained in a scope and any new resources added to the scope
True
160
(T/F) role based access control roles takes precedence over locks
false
161
your company wants to ensure that it meets its internal compliance goals and that azure resource are compliant with company standards. this will include ongoing evaluation for compliance and the identification of non-compliant resources. what should you use?
azure policy
162
What should you use in this scenario?
you need to use information from azure security center to develop best practices recommendation for optimization
azure advisor
163
What should you use in this scenario?
you need to define a set of policies to help ensure compliance for resources contained in a resource group
initiative
164
your company uses azure blueprints to assist with its migration to azure. should be able to assign and publish blueprints what role should they be assigned?
blueprint operator
165
(T/F) when a blueprint is updated and the updated version is published, any assignment of the blueprints are updated automatically
false
166
(T/F) when a blueprint is unassigned, all of the resources assigned by the blueprint remains in place, but blueprint resource locking is removed
true
167
(T/F) when you delete a core blueprint, any assigned versions of the blueprint remains in place
true
168
(T/F) an initative is limited to being assigned to resource group or subscription only
false
169
(T/F) when an ititiative assignment is evaluated, all of the policies in that initiative are evaluated
true
170
(T/F) an initiative can only contain policies that are located in the same subscription
true
171
an azure initiative
is a collection of azure policies targeted toward reaching a single overall goal
172
which azure management tool provides a graphic interface for deploying, managing, and monitoring azure reosurces?
azure protal
173
(T/F)azure powershell can be used to create scripts to automate azure management tasks
true
174
(T/F) azure powershell virtual machine management is limtied to windows vm only
false
175
(T/F) azure powershell can be run in a browser in the azure cloud shell
true
176
(T/F) azure resource manager templates use azure powershell syntax
false
177
which ui elements best match the descriptions
a collection of customizable tiles that are displayed in the portal
dashboard
178
which ui elements best match the descriptions
a panel that slides out in a navigation sequesnce
blade
179
which ui elements best match the descriptions
a service that provides recommendation on high availability
azure advisor
180
(T/F) when running azure powershell with cloud shell, both linux specific and windows specific functionality is available
false
181
(T/F) cloud shell times out after 20 min of inactivity
true
182
(T/F) cloud shell provides a way to run azure command line interface and azure powershell on ios and android mobile devices
True
183
you deploy a new linux virtual machine and then manually adjust its configuration in azure portal to meet the requirements of your department vms configuration after the original deployment, so that you can reuse it as a template in the deployment of test an production vms
which two actions can you perform to achieve your goal?
export the azure resource manager templates from a resource
export the azure resource manager template from a resource group
184
what cases is service health beneficial?
-you want to be notified if your app service usage exceeds the usage quota
-you want to respond to planned service outage in virginia
-you want to implement a webhook on you website to display health incidents
185
which feature of azure monitor allows you to visually analyze telemetry data
application isnights
186
which monitoring features should you use for each scenario?
you want you and your team members to receive a text message when azure maintenance is planned
health alerts
187
which monitoring features should you use for each scenario?
you want to view the azure features that are planned to be deprecated
health advisories
188
which azure service can use autoscale to add or remove resources as appropriate to minimize cost and ensure optimum performance levels
azure monitor
189
which azure component provides information about planned maintenance and advisories such as deprecated offerings?
azure service health
190
a coworker informs you of a planned azure maintenance window. you attempt to verify this information using the tools shown. You are still uncertain if the maintenance will impact the services you use. What should you do to determine how this maintenance might impact your organization?
verify any planned maintenance via the service health dashboard
