Compute

Question 1

What is Azure Key Vault?

Answer 1

A service that safeguards encryption keys and secrets

Question 2

What does an access policy in an Azure Key Vault define?

Answer 2

What operations can be done on the secrets and who can perform these operations

Question 3

What is best practice for storing passwords in ARM templates?

Answer 3

Using Azure Key Vault with an access policy, so it is not stored in plaintext

Question 4

What does a custom script extension do?

Answer 4

• Downloads and executes scripts on Azure VMs
• Useful for configuration/management tasks like software installation

Question 5

How would you apply a custom script extension in an ARM template?

Answer 5

Modify the extension Profile portion of the template

Question 6

What are the steps involved in setting up Azure Automation State Configuration to manage VM configs?

Answer 6

Step 1: Create and upload a configuration to Azure Automation
Step 2: Compile a configuration into a node configuration
Step 3: Register a VM to be managed by State Configuration
Step 4: Specify configuration mode settings
Step 5: Assign a node configuration to a managed node
Step 6: Check the compliance status of a managed node

Question 7

Why and when would you use a spot VM instance?

Answer 7

Ideal for workloads that can be interrupted, providing scalability while reducing costs

Question 8

What is SKU?

Answer 8

• Stock Keeping Unit
• A specific version or offering of a resource that is available in Azure

Question 9

What is the Compute Gallery used for?

Answer 9

Enabled versioning and replication of images and apps

Question 10

What’s the difference between uniform and flexible VMSS?

Answer 10

• In uniform and flexible VMSS, you define a template and capacity
• Flexible VMSS additionally supports auto-scale, adding other VMs, and full control over VMs

Question 11

What is a benefit of using a container over a VM?

Answer 11

Less resources consumed
Smaller size
Faster startup

Question 12

In Azure CLI, what command would you use to apply your YAML manifests in an AKS cluster?

Answer 12

kubectl apply -f <filename>.yaml</filename>

Question 13

In Azure CLI, what command is used for AKS cluster configuration?

Answer 13

az aks

Question 14

How would you move a VM to another network?

Answer 14

• Delete VM
• Recreate VM and add network interface

Question 15

What OS can ASP.NET apps run on?

Answer 15

Windows only

Question 16

What OS can ASP.NET Core apps run on?

Answer 16

Windows and Linux

Question 17

To run an App, what must be true about the associated App Service plan?

Answer 17

Must be in same region the app is running in
Must have a compatible OS

Question 18

Why might you be unable to create a staging slot?

Answer 18

• Your app may be running in too low a tier
• Scale up to Standard, Premium, or Isolated to enable multiple deployment slots

Question 19

During Azure planned maintenance, what is the maximum percentage of machines in a VMSS that will upgrade at any time?

Answer 19

20%

Question 20

What could you do if you wanted to move your VM so it wouldn’t be affected by a planned maintenance?

Answer 20

Redeploy the VM so it moves to a new node

Question 21

How many OS can you have per app service plan?

Answer 21

1

Question 22

How would you add a custom domain name to a web app?

Answer 22

Create a DNS record

Question 23

Can you change the VNet of a VM after creation?

Answer 23

No, you can only change the subnet

Question 24

What is required in order to access applications on Kubernetes?

Answer 24

An application Load Balancer created by Azure with a public IP

Question 25

What is the best way to deploy 10 Azure web apps?

Answer 25

App Service plan (Standard supports 10 web apps)

Question 26

What changes to a VM would cause downtime?

Answer 26

Resizing

Question 27

What steps are needed to deploy a web app update after testing?

Answer 27

• Deploy the update to the staging deployment slot
• Test
• Swap to the production deployment slot

Question 28

What is a quicker way to deploy multiple VMs

Answer 28

Use ARM template
VMSS

Question 29

What are the prerequisites for creating a recovery services vault to protect virtual machines?

Answer 29

The vault must be in the same region as the VM

Question 30

What is the difference between a container and a VM?

Answer 30

• VMs virtualize an entire machine (hardware)
• Containers only virtualize software layers above the OS level (software)

Question 31

How would you configure cluster autoscaler for AKS nodes?

Answer 31

az aks
Scale the nodes in the Azure portal

Question 32

How would you configure Horizontal pod autoscaling?

Answer 32

kubectl

Question 33

What are Azure proximity placement groups?

Answer 33

• A logical grouping capability for Azure VMs
• VMs assigned to a proximity placement group are placed in the same data center, so the VMSS should share the same region

Question 34

What port does DNS use?

Answer 34

53

Question 35

What port does HTTP/web server use?

Answer 35

80

Question 36

What is the difference between an availability set and an availability zone?

Answer 36

Set - Within data center - Configure update and fault domains
Zone - Within region - Protect from data center failures

Question 37

What must you specify when deploying a VM from a template?

Answer 37

Resource group
Password

Question 38

What VM property can you modify via scheduled runbook?

Answer 38

Size

Question 39

What extensions can you use to ensure a particular service offering is available on all deployed VMs?

Answer 39

• Custom script extension
• DSC extension

Question 40

Where do containers live?

Answer 40

Inside pods

Question 41

What does the service CIDR assign IP addresses for?

Answer 41

Internal services in the AKS cluster

Question 42

For Windows Server, what is the temporary disk?

Answer 42

D:\

Question 43

What type of disk does Azure support for migration from on-premises to Azure?

Answer 43

VHD file format with a fixed size disk

Question 44

What is the advantage of using deployment slots?

Answer 44

You can validate app changes in a staging deployment slot before swapping to production

Question 45

What are your options for restoring a VM?

Answer 45

Create new
Replace existing

Question 46

What is a requirement for Azure Backup to work correctly?

Answer 46

The latest version of the Azure VM Agent

Question 47

What is the maximum number of update domains you can have?

Answer 47

20

Question 48

What is the maximum number of fault domains you can have?

Answer 48

3 for most regions

Question 49

How many app service plans can you have per region?

Answer 49

10 free, 100 premium

Question 50

What command allows you to use a custom ARM template file to deploy resources to a RG?

Answer 50

New-AzResourceGroupDeployment

Question 51

What does Microsoft Azure Recovery Services Agent (MARS) do?

Answer 51

Restore data for entire volume or just individual folders and files

Question 52

Why would you add a copy loop to the resource section of your template?

Answer 52

• So you can dynamically set the number of items for a property during deployment
• Copy - copyindex

Question 53

What do you need to connect a VM to different subnets?

Answer 53

• Multiple NICS
• Each NIC attached to a VM must exist in the same location and subscription as the VM

Question 54

What’s the difference between New-AzResource and New-AzResourceGroupDeployment?

Answer 54

• New-AzResource creates an Azure resource in a RG
• New-AzResourceGroupDeployment adds a deployment to an existing RG

Question 55

What do you backup an app service to?

Answer 55

An Azure storage account

Question 56

What can you backup with a Recovery service vault?

Answer 56

VMs
File Shares

Question 57

What types of storage can you backup in a Backup vault?

Answer 57

Azure disks
Azure blobs

Question 58

When backing up an app service, how do you exclude folders/files from being stored in future backups?

Answer 58

Create a _backup.filter file

Question 59

What “type”: command is needed to install an extension on a VM when deploying an ARM template?

Answer 59

Microsoft.Compute/virtualMachines/extensions

Question 60

What is required to run an AKS cluster that supports node pools for Windows Server containers?

Answer 60

A network policy that uses Azure CNI (advanced) network plugin

Question 61

What must be enabled if you want to integrate an AKS cluster with an Azure container registry?

Answer 61

AKS-managed Azure Active Directory setting

Question 62

When configuring AKS clusters, when would you use the “max surge” command?

Answer 62

Extra nodes used to speed up upgrade

Question 63

What deployment modes are available when using ARM templates?

Answer 63

Complete
Incremental

Question 64

What does deploying an ARM template in complete mode do?

Answer 64

Resource Manager deletes resources that exist in the RG but are not specified in the template

Question 65

What does deploying an ARM template in incremental mode do?

Answer 65

Resource Manager leaves unchanged resources that exist in the resource group but are not specified in the template

Question 66

What does the Cooldown parameter define when configuring autoscaling?

Answer 66

How much time has to pass before the next autoscale operation triggers

Question 67

What OS supports multi-container groups?

Answer 67

Linux only

Question 68

What IP address does Azure Firewall support?

Answer 68

Standard SKU public IPv4 addresses

Question 69

What does ImageReference specify in an ARM template?

Answer 69

Which image to use, whether it be a platform, marketplace, or VM image

Question 70

What kind of record does Azure use to verify a custom domain?

Answer 70

CNAME or TXT

Question 71

For Azure App Services, why might you need to use a Standard plan over a Basic plan?

Answer 71

• If you need 4-10 instances
• Standard supports up to 10, basic supports up to 3

Question 72

For web apps, what runtime stacks are ONLY supported by Windows?

Answer 72

ASP.NET

Question 73

For web apps, what runtime stacks are ONLY supported by Linux?

Answer 73

Python

Question 74

What OS does Azure Container Apps support?

Answer 74

Linux only

Question 75

At what level would you deploy a template that creates a RG?

Answer 75

Subscription

Question 76

What does virtual network integration do for your app?

Answer 76

• Gives your app access to resources in your VNet
• Used only to make outbound calls from your app into your VNet

Question 77

How would you sign in as an admin user into a container registry?

Answer 77

Username: Name of container registry
Password: Admin user access key

Question 78

What is required to ensure a VM can be created in an Availability Zone?

Answer 78

• VM should use managed disks if you want to move them to an Availability Zone using Site Recovery
• You should select a zone in the High Availability section during VM creation

Question 79

Does the location of a RG influence the choice of the location of a VM?

Answer 79

No

Question 80

Can you restore a test slot from a production slot backup?

Answer 80

No