Microsoft Azure Fundamentals Exam: Quiz!

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By GuiltySpark
G
GuiltySpark
Community Contributor
Quizzes Created: 1 | Total Attempts: 2,465
| Attempts: 2,467
SettingsSettings
Please wait...
  • 1/98 Questions

    You plan to deploy several Azure virtual machines. You need to ensure that the services running on the virtual machines are available if a single data center fails. Solution: You deploy the virtual machines to two or more availability zones. Does this meet the goal?

    • Yes
    • No
Please wait...
About This Quiz

This Microsoft Azure Fundamentals Exam tests knowledge on Azure services, focusing on different cloud models like SaaS and PaaS, and their deployment. It assesses understanding of Azure's pricing, scalability, and data management capabilities, essential for IT professionals.

Microsoft Azure Fundamentals Exam: Quiz! - Quiz

Quiz Preview

  • 2. 

    Your company hosts an accounting application named App1 that is used by all the customers of the company. App1 has low usage during the first three weeks of each month and very high usage during the last week of each month. Which benefit of Azure Cloud Services supports cost management for this type of usage pattern?

    •  high availability

    •   high latency

    •  elasticity

    •  load balancing

    Correct Answer
    A.  elasticity
    Explanation
    Elasticity is the correct answer because it allows the company to easily scale up or down the resources allocated to the accounting application based on the usage pattern. During the low usage periods, the company can reduce the resources to save costs, and during the high usage period, they can quickly scale up to meet the increased demand. This flexibility helps in optimizing costs and ensuring that the application performs well during peak times without overprovisioning resources during off-peak times.

    Rate this question:

  • 3. 

    Your company plans to migrate all its data and resources to Azure. The company’s migration plan states that only Platform as a Service (PaaS) solutions must be used in Azure. You need to deploy an Azure environment that meets the company migration plan. Solution: You create an Azure App Service and Azure SQL databases Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    Yes, this solution meets the company's migration plan because Azure App Service and Azure SQL databases are both Platform as a Service (PaaS) solutions in Azure. By deploying these services, the company is adhering to their plan of using only PaaS solutions for the migration.

    Rate this question:

  • 4. 

    Your company plans to migrate all its network resources to Azure. You need to start the planning process by exploring Azure. What should you create first?

    • A subscription

    • A resource group

    • A virtual network

    • A management group

    Correct Answer
    A. A subscription
    Explanation
    The first thing you create in Azure is a subscription. You can think of an Azure subscription as an ‘Azure account’. You get billed per subscription.

    A subscription is an agreement with Microsoft to use one or more Microsoft cloud platforms or services, for which charges accrue based on either a per-user
    license fee or on cloud-based resource consumption.

    Microsoft's Software as a Service (SaaS)-based cloud offerings (Office 365, Intune/EMS, and Dynamics 365) charge per-user license fees.

    Microsoft's Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) cloud offerings (Azure) charge based on cloud resource consumption.
    You can also use a trial subscription, but the subscription expires after a specific amount of time or consumption charges. You can convert a trial subscription to a
    paid subscription.

    Organizations can have multiple subscriptions for Microsoft's cloud offerings.

    https://docs.microsoft.com/en-us/office365/enterprise/subscriptions-licenses-accounts-and-tenants-for-microsoft-cloud-offerings

    Rate this question:

  • 5. 

    Your company plans to deploy an Artificial Intelligence (AI) solution in Azure. What should the company use to build, test, and deploy predictive analytics solutions?

    • Azure Logic Apps

    • Azure Machine Learning Studio

    • Azure Batch

    • Azure Cosmos DB

    Correct Answer
    A. Azure Machine Learning Studio
    Explanation
    Microsoft Azure Machine Learning Studio (classic) is a collaborative, drag-and-drop tool you can use to build, test, and deploy predictive analytics solutions on your
    data. Azure Machine Learning Studio (classic) publishes models as web services that can easily be consumed by custom apps or BI tools such as Excel. Machine Learning Studio (classic) is where data science, predictive analytics, cloud resources, and your data meet.

    https://docs.microsoft.com/en-us/azure/machine-learning/studio/what-is-ml-studio

    Rate this question:

  • 6. 

    Your network contains an Active Directory forest. The forest contains 5,000 user accounts. Your company plans to migrate all network resources to Azure and to decommission the on-premises data center. You need to recommend a solution to minimize the impact on users after the planned migration. What should you recommend?

    • Implement Azure Multi-Factor Authentication (MFA)

    • Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)

    • Instruct all users to change their password

    • Create a guest user account in Azure Active Directory (Azure AD) for each user

    Correct Answer
    A. Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
    Explanation
    To migrate to Azure and decommission the on-premises data center, you would need to create the 5,000 user accounts in Azure Active Directory. The easy way to do this is to sync all the Active Directory user accounts to Azure Active Directory (Azure AD). You can even sync their passwords to further minimize the impact on
    users.

    The tool you would use to sync the accounts is Azure AD Connect. The Azure Active Directory Connect synchronization services (Azure AD Connect sync) is a main component of Azure AD Connect. It takes care of all the operations that are related to synchronize identity data between your on-premises environment and Azure AD.

    https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-whatis

    Rate this question:

  • 7. 

    From Azure Monitor, you can view which user turned off a specific virtual machine during the last 14 days. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    • No change is needed

    • Azure Event Hubs

    • Azure Activity Log

    • Azure Service Health

    Correct Answer
    A. Azure Activity Log
    Explanation
    You would use the Azure Activity Log, not Azure Monitor to view which user turned off a specific virtual machine during the last 14 days. Activity logs are kept for 90 days. You can query for any range of dates, as long as the starting date isn't more than 90 days in the past.

    In this question, we would create a filter to display shutdown operations on the virtual machine in the last 14 days.

    https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit

    Rate this question:

  • 8. 

    You plan to provision Infrastructure as a Service (IaaS) resources in Azure. Which resource is an example of IaaS?

    • An Azure web app

    • An Azure virtual machine

    • An Azure logic app

    •   an Azure SQL database

    Correct Answer
    A. An Azure virtual machine
    Explanation
    An Azure virtual machine is an example of Infrastructure as a Service (IaaS).
    Azure web app, Azure logic app and Azure SQL database are all examples of Platform as a Service (Paas).

    References:
    https://azure.microsoft.com/en-gb/overview/what-is-iaas/
    https://azure.microsoft.com/en-gb/overview/what-is-paas

    Rate this question:

  • 9. 

    You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1. From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create --resource-group RG1 --name VM1 -- image UbuntuLTS --generate-ssh-keys You need to create VM1 in Subscription1 by using the command. Solution: From the Azure portal, launch Azure Cloud Shell and select PowerShell. Run the command in Cloud Shell. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    The command can be run in the Azure Cloud Shell. Although this question says you select PowerShell rather than Bash, the Az commands will work in PowerShell.
    The Azure Cloud Shell is a free interactive shell. It has common Azure tools preinstalled and configured to use with your account.

    To open the Cloud Shell, just select Try it from the upper right corner of a code block. You can also launch Cloud Shell in a separate browser tab by going to https://
    shell.azure.com/bash.

    https://docs.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-cli

    Rate this question:

  • 10. 

    An Azure administrator plans to run a PowerShell script that creates Azure resources. You need to recommend which computer configuration to use to run the script. Solution: Run the script from a computer that runs Windows 10 and has the Azure PowerShell module installed. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    A PowerShell script is a file that contains PowerShell cmdlets and code. A PowerShell script needs to be run in PowerShell.
    In this question, the computer has the Azure PowerShell module installed. Therefore, this solution does meet the goal.

    https://docs.microsoft.com/en-us/powershell/scripting/components/ise/how-to-write-and-run-scripts-in-the-windows-powershell-ise?view=powershell-6

    Rate this question:

  • 11. 

    You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system. Solution: You use PowerShell in Azure Cloud Shell. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    Azure Cloud Shell is a browser-based shell experience to manage and develop Azure resources.
    Cloud Shell offers a browser-accessible, pre-configured shell experience for managing Azure resources without the overhead of installing, versioning, and maintaining a machine yourself.
    Being browser-based, Azure Cloud Shell can be run on a browser from a tablet that runs the Android operating system.

    https://docs.microsoft.com/en-us/azure/cloud-shell/features

    Rate this question:

  • 12. 

    You plan to deploy several Azure virtual machines. You need to control the ports that devices on the Internet can use to access the virtual machines. What should you use?

    • A network security group (NSG)

    •   an Azure Active Directory (Azure AD) role

    • An Azure Active Directory group

    • An Azure key vault

    Correct Answer
    A. A network security group (NSG)
    Explanation
    A network security group works like a firewall. You can attach a network security group to a virtual network and/or individual subnets within the virtual network. You can also attach a network security group to a network interface assigned to a virtual machine. You can use multiple network security groups within a virtual network to restrict traffic between resources such as virtual machines and subnets. You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.

    https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

    Rate this question:

  • 13. 

    An Azure administrator plans to run a PowerShell script that creates Azure resources. You need to recommend which computer configuration to use to run the script. Solution: Run the script from a computer that runs macOS and has PowerShell Core 6.0 installed. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    A PowerShell script is a file that contains PowerShell cmdlets and code. A PowerShell script needs to be run in PowerShell.

    In this question, the computer has PowerShell Core 6.0 installed. Therefore, this solution does meet the goal.

    Note: To create Azure resources using PowerShell, you would need to import the Azure PowerShell module which includes the PowerShell cmdlets required to
    create the resources.

    https://docs.microsoft.com/en-us/powershell/scripting/components/ise/how-to-write-and-run-scripts-in-the-windows-powershell-ise?view=powershell-6

    Rate this question:

  • 14. 

    Which Azure service should you use to store certificates?

    • Azure Security Center

    • An Azure Storage account

    • Azure Key Vault

    • Azure Information Protection

    Correct Answer
    A. Azure Key Vault
    Explanation
    Azure Key Vault is a secure store for storage various types of sensitive information including passwords and certificates.
    Azure Key Vault can be used to Securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets. Secrets and keys are safeguarded by Azure, using industry-standard algorithms, key lengths, and hardware security modules (HSMs). The HSMs used are Federal Information Processing Standards (FIPS) 140-2 Level 2 validated.
    Access to a key vault requires proper authentication and authorization before a caller (user or application) can get access. Authentication establishes the identity of the caller, while authorization determines the operations that they are allowed to perform.

    https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview

    Rate this question:

  • 15. 

    You have 1,000 virtual machines hosted on the Hyper-V hosts in a data center. You plan to migrate all the virtual machines to an Azure pay-as-you-go subscription. You need to identify which expenditure model to use for the planned Azure solution. Which expenditure model should you identify?

    • Operational

    • Elastic

    • Capital

    •   scalable

    Correct Answer
    A. Operational
    Explanation
    One of the major changes that you will face when you move from on-premises cloud to the public cloud is the switch from capital expenditure (buying hardware) to operating expenditure (paying for service as you use it). This switch also requires more careful management of your costs. The benefit of the cloud is that you can fundamentally and positively affect the cost of a service you use by merely shutting down or resizing it when it's not needed.

    References:
    https://docs.microsoft.com/en-us/azure/architecture/cloud-adoption/appendix/azure-scaffold

    Rate this question:

  • 16. 

    A team of developers at your company plans to deploy, and then remove, 50 customized virtual machines each week. Thirty of the virtual machines run Windows Server 2016 and 20 of the virtual machines run Ubuntu Linux. You need to recommend which Azure service will minimize the administrative effort required to deploy and remove the virtual machines. What should you recommend?

    • Azure Reserved Virtual Machines (VM) Instances

    • Azure virtual machine scale sets

    • Azure DevTest Labs

    • Microsoft Managed Desktop

    Correct Answer
    A. Azure DevTest Labs
    Explanation
    DevTest Labs creates labs consisting of pre-configured bases or Azure Resource Manager templates. By using DevTest Labs, you can test the latest versions of your applications by doing the following tasks:

    Quickly provision Windows and Linux environments by using reusable templates and artifacts. Easily integrate your deployment pipeline with DevTest Labs to provision on-demand environments.

    Scale up your load testing by provisioning multiple test agents and create pre-provisioned environments for training and demos.

    https://docs.microsoft.com/en-us/azure/lab-services/devtest-lab-overview

    Rate this question:

  • 17. 

    You plan to deploy a website to Azure. The website will be accessed by users worldwide and will host large video files. You need to recommend which Azure feature must be used to provide the best video playback experience. What should you recommend?

    • An application gateway

    • An Azure ExpressRoute circuit

    • A content delivery network (CDN)

    • An Azure Traffic Manager profile

    Correct Answer
    A. A content delivery network (CDN)
    Explanation
    The question states that users are located worldwide and will be downloading large video files. The video playback experience would be improved if they can
    download the video from servers in the same region as the users. We can achieve this by using a content deliver network.

    A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in
    point-of-presence (POP) locations that are close to end users, to minimize latency.
    Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at
    strategically placed physical nodes across the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network
    optimizations using CDN POPs. For example, route optimization to bypass Border Gateway Protocol (BGP).

    The benefits of using Azure CDN to deliver web site assets include:
    Better performance and improved user experience for end users, especially when using applications in which multiple round-trips are required to load content.
    Large scaling to better handle instantaneous high loads, such as the start of a product launch event. Distribution of user requests and serving of content directly from edge servers so that less traffic is sent to the origin server.

    https://docs.microsoft.com/en-us/azure/cdn/cdn-overview

    Rate this question:

  • 18. 

    You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1. From Azure documentation, you have the following command that creates a virtual machine named VM1. az vm create --resource-group RG1 --name VM1 --image UbuntuLTS --generate-ssh-keys You need to create VM1 in Subscription1 by using the command. Solution: From the Azure portal, launch Azure Cloud Shell and select Bash. Run the command in Cloud Shell. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    The command can be run in the Azure Cloud Shell.
    The Azure Cloud Shell is a free interactive shell. It has common Azure tools preinstalled and configured to use with your account.

    To open the Cloud Shell, just select Try it from the upper right corner of a code block. You can also launch Cloud Shell in a separate browser tab by going to https://
    shell.azure.com/bash.

    https://docs.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-cli

    Rate this question:

  • 19. 

    Your company has several business units. Each business unit requires 20 different Azure resources for daily operation. All the business units require the same type of Azure resources. You need to recommend a solution to automate the creation of the Azure resources. What should you include in the recommendations?

    • Azure Resource Manager templates

    • Virtual machine scale sets

    •   the Azure API Management service

    •   management groups

    Correct Answer
    A. Azure Resource Manager templates
    Explanation
    You can use Azure Resource Manager templates to automate the creation of the Azure resources. Deploying resource through templates is known as ‘Infrastructure as code’. To implement infrastructure as code for your Azure solutions, use Azure Resource Manager templates. The template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your project. The template uses declarative syntax, which lets you state what you intend to deploy without having to write the sequence of programming commands to create it. In the template, you specify the resources to deploy and the properties for those resources.

    https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/overview

    Rate this question:

  • 20. 

    F2You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system. Solution: You use Bash in Azure Cloud Shell. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    With Azure Cloud Shell, you can create virtual machines using Bash or PowerShell.
    Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience
    that best suits the way you work, either Bash or PowerShell.

    https://docs.microsoft.com/en-us/azure/cloud-shell/quickstart
    https://docs.microsoft.com/en-us/azure/cloud-shell/overview

    Rate this question:

  • 21. 

    Your company plans to move several servers to Azure. The company’s compliance policy states that a server named FinServer must be on a separate network segment. You are evaluating which Azure services can be used to meet the compliance policy requirements. Which Azure solution should you recommend?

    • A resource group for FinServer and another resource group for all the other servers

    • A virtual network for FinServer and another virtual network for all the other servers

    • A VPN for FinServer and a virtual network gateway for each other server

    • One resource group for all the servers and a resource lock for FinServer

    Correct Answer
    A. A virtual network for FinServer and another virtual network for all the other servers
    Explanation
    Networks in Azure are known as virtual networks. A virtual network can have multiple IP address spaces and multiple subnets. Azure automatically routes traffic between different subnets within a virtual network.
    The question states that FinServer must be on a separate network segment. The only way to separate FinServer from the other servers in networking terms is to place the server in a different virtual network to the other servers.

    https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-vnet-plan-design-arm

    Rate this question:

  • 22. 

    Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP. Solution: You modify a network security group (NSG). Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    A network security group works like a firewall. You can attach a network security group to a virtual network and/or individual subnets within the virtual network. You can also attach a network security group to a network interface assigned to a virtual machine. You can use multiple network security groups within a virtual network to restrict traffic between resources such as virtual machines and subnets.

    You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules
    that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
    In this question, we need to add a rule to the network security group to allow the connection to the virtual machine on port 80 (HTTP).

    https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

    Rate this question:

  • 23. 

    What can Azure Information Protection encrypt?

    • Network traffic

    • Documents and email messages

    • An Azure Storage account

    • An Azure SQL database

    Correct Answer
    A. Documents and email messages
    Explanation
    Azure Information Protection can encrypt documents and emails.
    Azure Information Protection is a cloud-based solution that helps an organization to classify and optionally, protect its documents and emails by applying labels.

    Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations.

    The protection technology uses Azure Rights Management (often abbreviated to Azure RMS). This technology is integrated with other Microsoft cloud services and applications, such as Office 365 and Azure Active Directory.
    This protection technology uses encryption, identity, and authorization policies. Similarly to the labels that are applied, protection that is applied by using Rights Management stays with the documents and emails, independently of the location—inside or outside your organization, networks, file servers, and applications.

    https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection
    https://docs.microsoft.com/en-us/azure/information-protection/quickstart-label-dnf-protectedemail

    Rate this question:

  • 24. 

    When you are implementing a Software as a Service (SaaS) solution, you are responsible for configuring high availability.

    • No change is needed.

    • Defining scalability rules

    • Installing the SaaS solution

    • Configuring the SaaS solution

    Correct Answer
    A. Configuring the SaaS solution
    Explanation
    When implementing a Software as a Service (SaaS) solution, configuring high availability is an essential responsibility. This involves setting up the necessary infrastructure and systems to ensure that the SaaS solution remains accessible and operational even in the event of failures or disruptions. It includes measures such as redundancy, load balancing, fault tolerance, and disaster recovery planning. This ensures that the SaaS solution can handle a large number of users, provide uninterrupted service, and maintain performance and reliability. Therefore, the correct answer is configuring the SaaS solution.

    Rate this question:

  • 25. 

    What are the two characteristics of the public cloud? Each correct answer presents a complete solution.

    •  dedicated hardware

    •   unsecured connections

    •   limited storage

    •  metered pricing

    •   self-service management

    Correct Answer(s)
    A.  metered pricing
    A.   self-service management
    Explanation
    The two characteristics of the public cloud are metered pricing and self-service management. Metered pricing refers to the pay-as-you-go model where users are charged based on their actual usage of cloud resources. This allows for cost optimization and flexibility. Self-service management means that users have control and can manage their own cloud resources without the need for manual intervention from the cloud provider. This enables users to easily provision, configure, and scale their resources as needed, providing convenience and agility.

    Rate this question:

  • 26. 

    You plan to deploy several Azure virtual machines. You need to ensure that the services running on the virtual machines are available if a single data center fails. Solution: You deploy the virtual machines to two or more scale sets. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. No
    Explanation
    Explanation:

    This answer does not specify that the scale set will be configured across multiple data centers so this solution does not meet the goal.

    Azure virtual machine scale sets let you create and manage a group of load balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide high availability to your applications, and allow you to centrally manage, configure, and update many
    VMs.
    Virtual machines in a scale set can be deployed across multiple update domains and fault domains to maximize availability and resilience to outages due to data center outages, and planned or unplanned maintenance events.

    Reference:
    https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/availability

    Rate this question:

  • 27. 

    You have an on-premises application that sends email notifications automatically based on a rule. You plan to migrate the application to Azure. You need to recommend a serverless computing solution for the application. What should you include in the recommendation?

    • A web app

    • A server image in Azure Marketplace

    • A logic app

    • An API app

    Correct Answer
    A. A logic app
    Explanation
    Azure Logic Apps is a cloud service that helps you schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate
    apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data
    integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on premises, or both.
    For example, here are just a few workloads you can automate with logic apps:
    Process and route orders across on-premises systems and cloud services.
    Send email notifications with Office 365 when events happen in various systems, apps, and services.

    Move uploaded files from an SFTP or FTP server to Azure Storage.
    Monitor tweets for a specific subject, analyze the sentiment, and create alerts or tasks for items that need review.

    https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview

    Rate this question:

  • 28. 

    Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP. Solution: You modify an Azure firewall. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
    In this question, we need to add a rule to Azure Firewall to allow the connection to the virtual machine on port 80 (HTTP).

    https://docs.microsoft.com/en-us/azure/firewall/overview

    Rate this question:

  • 29. 

    From Access Control (IAM), you can view which user turned off a specific virtual machine during the last 14 days. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    • No change is needed

    • Azure Event Hubs

    •   Azure Activity Log

    • Azure Service Health

    Correct Answer
    A.   Azure Activity Log
    Explanation
    You would use the Azure Activity Log, not Access Control to view which user turned off a specific virtual machine during the last 14 days.

    Activity logs are kept for 90 days. You can query for any range of dates, as long as the starting date isn't more than 90 days in the past. In this question, we would create a filter to display shutdown operations on the virtual machine in the last 14 days.

    https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit

    Rate this question:

  • 30. 

    Your company plans to purchase Azure. The company’s support policy states that the Azure environment must provide an option to access support engineers by phone or email. You need to recommend which support plan meets the support policy requirement. Solution: Recommend a Standard support plan. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    The Standard, Professional Direct, and Premier support plans have technical support for engineers via email and phone.

    https://azure.microsoft.com/en-gb/support/plans/

    Rate this question:

  • 31. 

    A team of developers at your company plans to deploy, and then remove, 50 virtual machines each week. All the virtual machines are configured by using Azure Resource Manager templates. You need to recommend which Azure service will minimize the administrative effort required to deploy and remove the virtual machines. What should you recommend?

    •   Azure Reserved Virtual Machine (VM) Instances

    • Azure DevTest Labs

    • Azure virtual machine scale sets

    • Microsoft Managed Desktop

    Correct Answer
    A. Azure DevTest Labs
    Explanation
    DevTest Labs creates labs consisting of pre-configured bases or Azure Resource Manager templates.
    By using DevTest Labs, you can test the latest versions of your applications by doing the following tasks:
    Quickly provision Windows and Linux environments by using reusable templates and artifacts.
    Easily integrate your deployment pipeline with DevTest Labs to provision on-demand environments.
    Scale up your load testing by provisioning multiple test agents and create pre-provisioned environments for training and demos.

    Reference:
    https://docs.microsoft.com/en-us/azure/lab-services/devtest-lab-overview

    Rate this question:

  • 32. 

    An Azure region contains one or more data centers that are connected by using a low-latency network. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    • No change is needed

    •   Is found in each country where Microsoft has a subsidiary office

    • Can be found in every country in Europe and the Americas only

    • Contains one or more data centers that are connected by using a high-latency network

    Correct Answer
    A. No change is needed
    Explanation
    A region is a set of data centres deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network. Microsoft Azure currently has 55 regions worldwide.

    Regions are divided into Availability Zones. Availability Zones are physically separate locations within an Azure region. Each Availability Zone is made up of one or more datacenters equipped with independent power, cooling, and networking.

    https://azure.microsoft.com/en-gb/global-infrastructure/regions/

    Rate this question:

  • 33. 

    Which service provides serverless computing in Azure?

    • Azure Virtual Machines

    •   Azure Functions

    • Azure storage account

    • Azure Container Instances

    Correct Answer
    A.   Azure Functions
    Explanation
    Azure Functions provide a platform for serverless code.

    Azure Functions is a serverless compute service that lets you run event-triggered code without having to explicitly provision or manage infrastructure.

    https://docs.microsoft.com/en-us/azure/azure-functions

    Rate this question:

  • 34. 

    Your company has an Azure environment that contains resources in several regions. A company policy states that administrators must only be allowed to create additional Azure resources in a region in the country where their office is located. You need to create the Azure resource that must be used to meet the policy requirement. What should you create?

    • A read-only lock

    • An Azure policy

    •  a management group

    • A reservation

    Correct Answer
    A. An Azure policy
    Explanation
    Azure policies can be used to define requirements for resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources.

    Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy meets this need by evaluating your resources for noncompliance with assigned policies. All data stored by Azure Policy is encrypted at rest. Azure Policy offers several built-in policies that are available by default. In this question, we would use the ‘Allowed Locations’ policy to define the locations where resources can be deployed.

    https://docs.microsoft.com/en-us/azure/governance/policy/overview

    Rate this question:

  • 35. 

    If Microsoft plans to end support for an Azure service that does NOT have a successor service, Microsoft will provide notification at least 12 months before. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    •  No change is needed.

    • 6 months

    • 90 days

    • 30 days

    Correct Answer
    A.  No change is needed.
    Explanation
    The Modern Lifecycle Policy covers products and services that are serviced and supported continuously. For products governed by the Modern Lifecycle Policy, Microsoft will provide a minimum of 12 months' notification prior to ending support if no successor product or service is offered—excluding free services or preview releases.

    https://support.microsoft.com/en-us/help/30881

    Rate this question:

  • 36. 

    Your company has 10 departments. The company plans to implement an Azure environment. You need to ensure that each department can use a different payment option for the Azure services it consumes. What should you create for each department?

    • A reservation

    •  a subscription

    • A resource group

    • A container instance

    Correct Answer
    A.  a subscription
    Explanation
    There are different payment options in Azure including pay-as-you-go (PAYG), Enterprise Agreement (EA), and Microsoft Customer Agreement (MCA) accounts. Your Azure costs are ‘per subscription’. You are charged monthly for all resources in a subscription. Therefore, to use different payment options per department, you will need to create a separate subscription per department. You can create multiple subscriptions in a single Azure Active Directory tenant.

    Incorrect Answers:

    A: A reservation is where you commit to a resource (for example a virtual machine) for one or three years. This gives you a discounted price on the resource for the
    reservation period. Reservations do not provide a way to use different payment options per department.
    C: A resource group is a logical container for Azure resources. You can view the total cost of all the resources in a resource group. However, resource groups do
    not provide a way to use different payment options per department.
    D: A container instance is an Azure resource used to run an application. Container instances do not provide a way to use different payment options per department.
    References:
    https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription

    Rate this question:

  • 37. 

    You plan to deploy several Azure virtual machines. You need to ensure that the services running on the virtual machines are available if a single data center fails. Solution: You deploy the virtual machines to two or more resource groups. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. No
    Explanation
    A resource group is a logical container for Azure resources. When you create a resource group, you specify which location to create the resource group in. However, when you create a virtual machine and place it in the resource group, the virtual machine can still be in a different location (different datacenter).

    Therefore, creating multiple resource groups, even if they are in separate datacenters does not ensure that the services running on the virtual machines are available if a single data center fails.
    References:

    https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/overview#resource-groups

    Rate this question:

  • 38. 

    You need to identify the type of failure for which an Azure availability zone can be used to protect access to Azure services. What should you identify?

    • A physical server failure

    • An Azure region failure

    • A storage failure

    • An Azure data center failure

    Correct Answer
    A. An Azure data center failure
    Explanation
    Availability zones expand the level of control you have to maintain the availability of the applications and data on your VMs. An Availability Zone is a physically
    separate zone, within an Azure region. There are three Availability Zones per supported Azure region.

    Each Availability Zone has a distinct power source, network, and cooling. By architecting your solutions to use replicated VMs in zones, you can protect your apps
    and data from the loss of a datacenter. If one zone is compromised, then replicated apps and data are instantly available in another zone.


    https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/availability

    Rate this question:

  • 39. 

    If a resource group named RG1 has a delete lock, only a member of the global administrators group can delete RG1 Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    • No change is needed

    • The delete lock must be removed before an administrator

    • An Azure policy must be modified before an administrator

    • An Azure tag must be added before an administrator

    Correct Answer
    A. The delete lock must be removed before an administrator
    Explanation
    You can configure a lock on a resource group to prevent the accidental deletion of the resource group. The lock applies to everyone, including global administrators. If you want to delete the resource group, the lock must be removed first.
    As an administrator, you may need to lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. You can set the lock level to CanNotDelete or ReadOnly. In the portal, the locks are called Delete and Read-only respectively.

    CanNotDelete means authorized users can still read and modify a resource, but they can't delete the resource.
    ReadOnly means authorized users can read a resource, but they can't delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.

    https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources

    Rate this question:

  • 40. 

    Your company has an Azure subscription that contains the following unused resources: 20 user accounts in Azure Active Directory (Azure AD) Five groups in Azure AD 10 public IP addresses 10 network interfaces You need to reduce the Azure costs for the company. Solution: You remove the unused groups. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. No
    Explanation
    You are not charged for Azure Active Directory Groups. Therefore, deleting unused groups will not reduce your Azure costs.

    https://docs.microsoft.com/en-us/azure/advisor/advisor-cost-recommendations#reduce-costs-by-deleting-or-reconfiguring-idle-virtual-network-gateways

    Rate this question:

  • 41. 

    You have an on-premises network that contains 100 servers. You need to recommend a solution that provides additional resources to your users. The solution must minimize capital and operational expenditure costs. What should you include in the recommendation?

    •  a complete migration to the public cloud

    •   an additional data center

    • A private cloud

    • A hybrid cloud

    Correct Answer
    A. A hybrid cloud
    Explanation
    Explanation: A hybrid cloud is a combination of a private cloud and a public cloud. Capital expenditure is the spending of money up-front for infrastructure such as new servers. With a hybrid cloud, you can continue to use the on-premises servers while adding new servers in the public cloud (Azure for example). Adding new servers in Azure minimizes the capital expenditure costs as you are not paying for new servers as you would if you deployed new server on-premises

    Rate this question:

  • 42. 

    One of the benefits of Azure SQL Data Warehouse is that high availability is built into the platform. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    • No change is needed

    • Automatic scaling

    • Data compression

    • Versioning

    Correct Answer
    A. No change is needed
    Explanation
    Azure Data Warehouse (now known as Azure Synapse Analytics) is a PaaS offering from Microsoft. As with all PaaS services from Microsoft, SQL Data Warehouse offers an availability SLA of 99.9%. Microsoft can offer 99.9% availability because it has high availability features built into the platform.

    https://docs.microsoft.com/en-us/azure/sql-data-warehouse/sql-data-warehouse-overview-faq

    Rate this question:

  • 43. 

    You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource group named RG1. From Azure documentation, you have the following command that creates a virtual machine named VM1.az vm create --resource-group RG1 --name VM1 -- image UbuntuLTS --generate-ssh-keys You need to create VM1 in Subscription1 by using the command. Solution: From a computer that runs Windows 10, install Azure CLI. From PowerShell, sign in to Azure and then run the command. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    The command can be run from PowerShell or the command prompt if you have the Azure CLI installed.

    https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest

    Rate this question:

  • 44. 

    After you create a virtual machine, you need to modify the network security group (NSG) to allow connections to TCP port 8080 on the virtual machine. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    • No change is needed

    • Virtual network gateway

    • Virtual network

    • Route table

    Correct Answer
    A. No change is needed
    Explanation
    When you create a virtual machine, the default setting is to create a Network Security Group attached to the network interface assigned to a virtual machine. A network security group works like a firewall. You can attach a network security group to a virtual network and/or individual subnets within the virtual network. You can also attach a network security group to a network interface assigned to a virtual machine. You can use multiple network security groups within a virtual network
    to restrict traffic between resources such as virtual machines and subnets. You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules
    that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.

    In this question, we need to add a rule to the network security group to allow the connection to the virtual machine on port 8080.

    https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

    Rate this question:

  • 45. 

    Your company implements Azure policies to automatically add a watermark to Microsoft Word documents that contain credit card information. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

    • No change is needed.

    • DDoS protection

    • Azure Information Protection

    • Azure Active Directory (Azure AD) Identity Protection

    Correct Answer
    A. Azure Information Protection
    Explanation
    Azure Information Protection is used to automatically add a watermark to Microsoft Word documents that contain credit card information. You use Azure Information Protection labels to apply classification to documents and emails. When you do this, the classification is identifiable regardless of where the data is stored or with whom it’s shared. The labels can include visual markings such as a header, footer, or watermark. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations. In this question, we would configure a label to be automatically applied to Microsoft Word documents that contain credit card information. The label would then add the watermark to the documents.

    https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection
    https://docs.microsoft.com/en-us/azure/information-protection/infoprotect-quick-start-tutorial

    Rate this question:

  • 46. 

    You plan to deploy 20 virtual machines to an Azure environment. To ensure that a virtual machine named VM1 cannot connect to the other virtual machines, VM1 must be deployed to a separate virtual network. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct

    • No change is needed

    • Run a different operating system than the other virtual machines

    • Be deployed to a separate resource group

    • Have two network interfaces

    Correct Answer
    A. No change is needed
    Explanation
    Azure automatically routes traffic between subnets in a virtual network. Therefore, all virtual machines in a virtual network can connect to the other virtual machines in the same virtual network. Even if the virtual machines are on separate subnets within the virtual network, they can still communicate with each other.

    To ensure that a virtual machine cannot connect to the other virtual machines, the virtual machine must be deployed to a separate virtual network.

    https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview

    Rate this question:

  • 47. 

    Your company has 10 offices. You plan to generate several billing reports from the Azure portal. Each report will contain the Azure resource utilization of each office. Which Azure Resource Manager feature should you use before you generate the reports?

    • Tags

    • Templates

    • Locks

    • Policies

    Correct Answer
    A. Tags
    Explanation
    You can use resource tags to ‘label’ Azure resources. Tags are metadata elements attached to resources. Tags consist of pairs of key/value strings. In this question, we would tag each resource with a tag to identify each office. For example: Location = Office1. When all Azure resources are tagged, you can generate reports to list all resources based on the value of the tag. For example: All resources used by Office1.

    https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/decision-guides/resource-tagging/

    Rate this question:

  • 48. 

    An organization that hosts its infrastructure in a private cloud can close its data center.

    • No change is needed.

    •   in a hybrid cloud

    •   in the public cloud

    • On a Hyper-V host

    Correct Answer
    A.   in the public cloud
    Explanation
    An organization that hosts its infrastructure in a private cloud can close its data center. This means that they have the option to move their infrastructure to the public cloud, where they can leverage the services and resources provided by a third-party cloud service provider. By doing so, they can eliminate the need for maintaining and managing their own data center, resulting in cost savings and increased flexibility.

    Rate this question:

  • 49. 

    You plan to deploy several Azure virtual machines. You need to ensure that the services running on the virtual machines are available if a single data center fails. Solution: You deploy the virtual machines to two or more regions. Does this meet the goal?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    By deploying the virtual machines to two or more regions, you are deploying the virtual machines to multiple datacenters. This will ensure that the services running on the virtual machines are available if a single data center fails.
    Azure operates in multiple datacenters around the world. These datacenters are grouped in to geographic regions, giving you flexibility in choosing where to build your applications.

    You create Azure resources in defined geographic regions like 'West US', 'North Europe', or 'Southeast Asia'. You can review the list of regions and their locations.

    Within each region, multiple datacenters exist to provide for redundancy and availability.

    Reference:
    https://docs.microsoft.com/en-us/azure/virtual-machines/windows/regions

    Rate this question:

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Mar 22, 2020
    Quiz Created by
    GuiltySpark
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.