Microsoft Azure Fundamentals v1.0 (AZ-900)

Page:    1 / 15   
Total 222 questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the Android operating system.
Solution: You use Bash in Azure Cloud Shell.
Does this meet the goal?

  • A. Yes
  • B. No


Answer : A

Explanation:
With Azure Cloud Shell, you can create virtual machines using Bash or PowerShell.
Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell.
Reference:
https://docs.microsoft.com/en-us/azure/cloud-shell/quickstart https://docs.microsoft.com/en-us/azure/cloud-shell/overview

HOTSPOT -
You plan to create an Azure virtual machine.
You need to identify which storage service must be used to store the unmanaged data disks of the virtual machine.
What should you identify? To answer, select the appropriate service in the answer area.
Hot Area:




Answer :

Explanation:
Azure containers are the backbone of the virtual disks platform for Azure IaaS. Both Azure OS and data disks are implemented as virtual disks where data is durably persisted in the Azure Storage platform and then delivered to the virtual machines for maximum performance. Azure Disks are persisted in Hyper-V VHD format and stored as a page blob in Azure Storage.
References:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-pageblob-overview

Your company plans to move several servers to Azure.
The company"™s compliance policy states that a server named FinServer must be on a separate network segment.
You are evaluating which Azure services can be used to meet the compliance policy requirements.
Which Azure solution should you recommend?

  • A. a resource group for FinServer and another resource group for all the other servers
  • B. a virtual network for FinServer and another virtual network for all the other servers
  • C. a VPN for FinServer and a virtual network gateway for each other server
  • D. one resource group for all the servers and a resource lock for FinServer


Answer : B

Explanation:
Networks in Azure are known as virtual networks. A virtual network can have multiple IP address spaces and multiple subnets. Azure automatically routes traffic between different subnets within a virtual network.
The question states that FinServer must be on a separate network segment. The only way to separate FinServer from the other servers in networking terms is to place the server in a different virtual network to the other servers.
References:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-vnet-plan-design-arm

You plan to map a network drive from several computers that run Windows 10 to Azure Storage.
You need to create a storage solution in Azure for the planned mapped drive.
What should you create?

  • A. an Azure SQL database
  • B. a virtual machine data disk
  • C. a Files service in a storage account
  • D. a Blobs service in a storage account


Answer : C

Explanation:
Azure Files is Microsoft's easy-to-use cloud file system. Azure file shares can be seamlessly used in Windows and Windows Server.
To use an Azure file share with Windows, you must either mount it, which means assigning it a drive letter or mount point path, or access it via its UNC path.
Unlike other SMB shares you may have interacted with, such as those hosted on a Windows Server, Linux Samba server, or NAS device, Azure file shares do not currently support Kerberos authentication with your Active Directory (AD) or Azure Active Directory (AAD) identity, although this is a feature we are working on.
Instead, you must access your Azure file share with the storage account key for the storage account containing your Azure file share. A storage account key is an administrator key for a storage account, including administrator permissions to all files and folders within the file share you're accessing, and for all file shares and other storage resources (blobs, queues, tables, etc) contained within your storage account.
References:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows

HOTSPOT -
You plan to implement an Azure database solution.
You need to implement a database solution that meets the following requirements:
-> Can add data concurrently from multiple regions
-> Can store JSON documents
Which database service should you deploy? To answer, select the appropriate service in the answer area.
Hot Area:




Answer :

Explanation:
Azure Cosmos DB is Microsoft's globally distributed, multi-model database service. With a click of a button, Cosmos DB enables you to elastically and independently scale throughput and storage across any number of Azure regions worldwide.
Azure Cosmos DB is a great way to store unstructured and JSON data. Combined with Azure Functions, Cosmos DB makes storing data quick and easy with much less code than required for storing data in a relational database.
References:
https://docs.microsoft.com/en-us/azure/cosmos-db/introduction https://docs.microsoft.com/en-us/azure/azure-functions/functions-integrate-store-unstructured-data-cosmosdb?tabs=csharp

Your company plans to migrate all its network resources to Azure.
You need to start the planning process by exploring Azure.
What should you create first?

  • A. a subscription
  • B. a resource group
  • C. a virtual network
  • D. a management group


Answer : A

Explanation:
The first thing you create in Azure is a subscription. You can think of an Azure subscription as an "˜Azure account"™. You get billed per subscription.
A subscription is an agreement with Microsoft to use one or more Microsoft cloud platforms or services, for which charges accrue based on either a per-user license fee or on cloud-based resource consumption.
Microsoft's Software as a Service (SaaS)-based cloud offerings (Office 365, Intune/EMS, and Dynamics 365) charge per-user license fees.
Microsoft's Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) cloud offerings (Azure) charge based on cloud resource consumption.
You can also use a trial subscription, but the subscription expires after a specific amount of time or consumption charges. You can convert a trial subscription to a paid subscription.
Organizations can have multiple subscriptions for Microsoft's cloud offerings.
References:
https://docs.microsoft.com/en-us/office365/enterprise/subscriptions-licenses-accounts-and-tenants-for-microsoft-cloud-offerings

You have an on-premises application that sends email notifications automatically based on a rule.
You plan to migrate the application to Azure.
You need to recommend a serverless computing solution for the application.
What should you include in the recommendation?

  • A. a web app
  • B. a server image in Azure Marketplace
  • C. a logic app
  • D. an API app


Answer : C

Explanation:
Azure Logic Apps is a cloud service that helps you schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on premises, or both.
For example, here are just a few workloads you can automate with logic apps:
-> Process and route orders across on-premises systems and cloud services.
-> Send email notifications with Office 365 when events happen in various systems, apps, and services.
-> Move uploaded files from an SFTP or FTP server to Azure Storage.
-> Monitor tweets for a specific subject, analyze the sentiment, and create alerts or tasks for items that need review.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview

You plan to deploy a website to Azure. The website will be accessed by users worldwide and will host large video files.
You need to recommend which Azure feature must be used to provide the best video playback experience.
What should you recommend?

  • A. an application gateway
  • B. an Azure ExpressRoute circuit
  • C. a content delivery network (CDN)
  • D. an Azure Traffic Manager profile


Answer : C

Explanation:
The question states that users are located worldwide and will be downloading large video files. The video playback experience would be improved if they can download the video from servers in the same region as the users. We can achieve this by using a content deliver network.
A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in point-of-presence (POP) locations that are close to end users, to minimize latency.
Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes across the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs. For example, route optimization to bypass Border Gateway Protocol (BGP).
The benefits of using Azure CDN to deliver web site assets include:
-> Better performance and improved user experience for end users, especially when using applications in which multiple round-trips are required to load content.
-> Large scaling to better handle instantaneous high loads, such as the start of a product launch event.
-> Distribution of user requests and serving of content directly from edge servers so that less traffic is sent to the origin server.
References:
https://docs.microsoft.com/en-us/azure/cdn/cdn-overview

Your company plans to deploy several million sensors that will upload data to Azure.
You need to identify which Azure resources must be created to support the planned solution.
Which two Azure resources should you identify? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Azure Data Lake
  • B. Azure Queue storage
  • C. Azure File Storage
  • D. Azure IoT Hub
  • E. Azure Notification Hubs


Answer : AD

Explanation:
IoT Hub (Internet of things Hub) provides data from millions of sensors.
IoT Hub is a managed service, hosted in the cloud, that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages. You can use Azure IoT Hub to build IoT solutions with reliable and secure communications between millions of IoT devices and a cloud- hosted solution backend. You can connect virtually any device to IoT Hub.
There are two storage services IoT Hub can route messages to -- Azure Blob Storage and Azure Data Lake Storage Gen2 (ADLS Gen2) accounts. Azure Data
Lake Storage accounts are hierarchical namespace-enabled storage accounts built on top of blob storage. Both of these use blobs for their storage.
References:
https://docs.microsoft.com/en-us/azure/iot-hub/about-iot-hub
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-messages-d2c

You have an Azure web app.
You need to manage the settings of the web app from an iPhone.
What are two Azure management tools that you can use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Azure CLI
  • B. the Azure portal
  • C. Azure Cloud Shell
  • D. Windows PowerShell
  • E. Azure Storage Explorer


Answer : BC

Explanation:
The Azure portal is the web-based portal for managing Azure. Being web-based, you can use the Azure portal on an iPhone.
Azure Cloud Shell is a web-based command line for managing Azure. You access the Azure Cloud Shell from the Azure portal. Being web-based, you can use the
Azure Cloud Shell on an iPhone.
Incorrect Answers:
A: Azure CLI can be installed on MacOS but it cannot be installed on an iPhone.
D: Windows PowerShell can be installed on MacOS but it cannot be installed on an iPhone.
E: Azure Storage Explorer is not used to manage Azure web apps.
References:
http://www.deployazure.com/management/managing-azure-from-ipad/

This question requires that you evaluate the underlined text to determine if it is correct.
You have an application that is comprised of an Azure web app that has a Service Level Agreement (SLA) of 99.95 percent and an Azure SQL database that has an SLA of 99.99 percent.
The composite SLA for the application is the product of both SLAs, which equals 99.94 percent.
Instructions: Review the underlined text. If it makes the statement correct, select "No change is needed". If the statement is incorrect, select the answer choice that makes the statement correct.

  • A. No change is needed
  • B. the lowest SLA associated to the application, which is 99.95 percent
  • C. the highest SLA associated to the application, which is 99.99 percent
  • D. the difference between the two SLAs, which is 0.05 percent


Answer : A

Explanation:
Composite SLAs involve multiple services supporting an application, each with differing levels of availability. For example, consider an App Service web app that writes to Azure SQL Database. At the time of this writing, these Azure services have the following SLAs:
-> App Service web apps = 99.95%
-> SQL Database = 99.99%
What is the maximum downtime you would expect for this application? If either service fails, the whole application fails. The probability of each service failing is independent, so the composite SLA for this application is 99.95% × 99.99% = 99.94%. That's lower than the individual SLAs, which isn't surprising because an application that relies on multiple services has more potential failure points.
References:
https://docs.microsoft.com/en-us/azure/architecture/reliability/requirements#understand-service-level-agreements

HOTSPOT -
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:




Answer :

Explanation:

Box 1: No -
Azure resources deployed to a single resource group can be located in different regions. The resource group only contains metadata about the resources it contains.
When creating a resource group, you need to provide a location for that resource group. You may be wondering, "Why does a resource group need a location?
And, if the resources can have different locations than the resource group, why does the resource group location matter at all?" The resource group stores metadata about the resources. When you specify a location for the resource group, you're specifying where that metadata is stored. For compliance reasons, you may need to ensure that your data is stored in a particular region.

Box 2: No -
Tags for Resources are not inherited by default from their Resource Group

Box 3: Yes -
A resource group can be used to scope access control for administrative actions. By default, permissions set at the resource level are inherited by the resources in the resource group.
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview

Your company plans to deploy an Artificial Intelligence (AI) solution in Azure.
What should the company use to build, test, and deploy predictive analytics solutions?

  • A. Azure Logic Apps
  • B. Azure Machine Learning Studio
  • C. Azure Batch
  • D. Azure Cosmos DB


Answer : B

Explanation:
Microsoft Azure Machine Learning Studio (classic) is a collaborative, drag-and-drop tool you can use to build, test, and deploy predictive analytics solutions on your data. Azure Machine Learning Studio (classic) publishes models as web services that can easily be consumed by custom apps or BI tools such as Excel.
Machine Learning Studio (classic) is where data science, predictive analytics, cloud resources, and your data meet.
References:
https://docs.microsoft.com/en-us/azure/machine-learning/studio/what-is-ml-studio

HOTSPOT -
To complete the sentence, select the appropriate option in the answer area.
Hot Area:




Answer :

Explanation:
Azure storage offers different access tiers: hot, cool and archive.
The archive access tier has the lowest storage cost. But it has higher data retrieval costs compared to the hot and cool tiers. Data in the archive tier can take several hours to retrieve.
While a blob is in archive storage, the blob data is offline and can't be read, overwritten, or modified. To read or download a blob in archive, you must first rehydrate it to an online tier.
Example usage scenarios for the archive access tier include:
-> Long-term backup, secondary backup, and archival datasets
-> Original (raw) data that must be preserved, even after it has been processed into final usable form.
-> Compliance and archival data that needs to be stored for a long time and is hardly ever accessed.
References:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers?tabs=azure-portal#archive-access-tier

HOTSPOT -
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:




Answer :

Explanation:

Box 1: No -
Azure Advisor provides you with a consistent, consolidated view of recommendations for all your Azure resources. It integrates with Azure Security Center to bring you security recommendations. You can get security recommendations from the Security tab on the Advisor dashboard. Examples of recommendations include restricting access to virtual machines by configuring Network Security Groups, enabling storage encryption, installing vulnerability assessment solutions.
However, Azure Advisor does not provide recommendations on how to improve the security of an Azure AD environment.

Box 2: Yes -
Advisor helps you optimize and reduce your overall Azure spend by identifying idle and underutilized resources. You can get cost recommendations from the Cost tab on the Advisor dashboard.
Box 3: No.
Azure Advisor does not provide recommendations on how to configure network settings on Azure virtual machines.
References:
https://docs.microsoft.com/en-us/azure/advisor/advisor-security-recommendations https://docs.microsoft.com/en-us/azure/advisor/advisor-cost-recommendations

Page:    1 / 15   
Total 222 questions