AZ-900 Exam Practice Questions Review

Jul 10, 2024

AZ-900 Exam Practice Questions Video (Part 2: Questions 101 to 200)

Introduction

  • Video Focus: Questions 101 to 200 from a bank of 420 questions
  • Content: In-depth explanation and validation of each question, with possible demo on J portal and references to Microsoft documentation.
  • Recommendation: Watch the complete video for full preparation and more variations of questions.
  • Playback Adjustment: Adjust the speed as per your preference.

Questions & Explanations

Question 101: Deploying Your Own Data Center (CapEx vs. OpEx)

  • CapEx: Upfront purchase of infrastructure
  • OpEx: Pay as you use, example – cloud services
  • Additional Resource: CapEx vs. OpEx Video

Question 102: Evaluate Azure Environment for Regulatory Compliance

  • Correct Option: Microsoft Defender for Cloud
  • Explanation: Continuously compares resource configuration with compliance requirements.

Question 103: SLA Guarantees for Azure VMs

  • Correct Option: Uptime
  • Explanation: SLAs provide commitments for uptime and connectivity.
  • Additional Resource: SLA Documents

Question 104: Mapping Network Drive to Azure Storage

  • Correct Option: File Service in a Storage Account
  • Explanation: Azure Files allow file shares in the cloud accessible from Windows.

Question 105: Automating Azure Resources Creation

  • Correct Option: ARM Templates
  • Explanation: Automate creation of multiple similar Azure resources.
  • Additional Resource: ARM Templates

Question 106: Assigning User Roles in Azure Portal

  • Correct Option: Access Control (IAM)
  • Explanation: IAM is used for managing resource group roles.

Question 107: Deploying Application to Multiple VMs

  • Correct Option: Deployment Group
  • Explanation: Logical set of deployment target machines in DevOps.

Question 108: Minimizing SQL Server Licensing Costs

  • Correct Option: Azure Hybrid Benefit
  • Explanation: Use on-premise licenses in Azure to reduce costs.

Question 109: Windows Server/SQL Server License through Software Assurance

  • Correct Option: Software Assurance
  • Explanation: Repurpose licenses for Azure VMs via Software Assurance.

Question 110: Premier Support Plan for Enterprises

  • Statement: Correct – Requires Enterprise Agreement.

Question 111: Managing On-Prem Windows Server as Azure Resource

  • Correct Option: Azure Arc
  • Explanation: Unified management across on-prem, multi-cloud, and Azure.

Question 112: Filtering Network Traffic for Azure Resources

  • Correct Option: Network Security Group
  • Explanation: Uses rules to filter inbound/outbound traffic by port and protocol.

Yes/No Questions

  • Trust Center for Compliance Offering: Yes
  • Improving Composite SLA by Adding Redundant Services: Yes
  • Private Preview Access via Separate Portal: No

Question 116: Managed Network Security in Azure

  • Correct Option: Azure Firewall
  • Explanation: Provides centralized protection with high availability.
  • Additional Resource: Azure Firewall

Question 117: Apache Spark-Based Analytics Service

  • Correct Option: Azure Databricks
  • Explanation: Collaborative Apache Spark-based big data analytics.

Question 118: Version Control Tools in Azure

  • Correct Option: Azure Repos
  • Explanation: Supports Git and Team Foundation Version Control.

Question 119: Viewing Service Failure Notifications

  • Correct Option: Azure Monitor
  • Explanation: Collects, analyzes, and responds to telemetry data.

Question 120: Azure Storage Tiers

  • Correct Option: Hot Tier
  • Explanation: Highest storage costs but lowest access costs.
  • Additional Resource: Azure Storage Tiers

Question 121: Microsoft Compliance Information

  • Correct Option: Microsoft Purview Compliance Portal
  • Explanation: Detailed insights on security, privacy, and compliance across Microsoft services.

Question 122: Premium Block Blob Storage Redundancy

  • Correct Option: Zone Redundant Storage
  • Explanation: Ensures data redundancy across multiple zones.
  • Additional Resource: Zone Redundant Storage

Question 123: Just-In-Time VM Access

  • Correct Option: Microsoft Defender for Cloud
  • Explanation: Protects VMs from unauthorized access by allowing limited time access.

Question 124: Retention Period for Archive Access Tier

  • Correct Option: 180 Days
  • Explanation: Minimum recommended retention period for archival data.

Question 125: Retention Period for Cool Access Tier

  • Correct Option: 30 Days
  • Explanation: Minimum recommended retention period for cool data.

Question 126: Network Traffic Filtering Service

  • Correct Option: Azure Firewall
  • Explanation: Provides network and application layer protection across subscriptions.

Question 127: Identifying VPN Appliance Resource

  • Correct Option: Local Network Gateway
  • Explanation: Represents on-prem location for routing purposes.

Question 128: Notifications for VM Deployment Completion

  • Correct Option: Notification Section in Portal
  • Explanation: Displays deployment status and links to resources.

Question 129: Patch Management for Azure SQL Database

  • Statement: Incorrect – Managed by Azure as it's a PaaS offering.

Yes/No Questions

  • Azure DevOps CI/CD Pipelines: Yes
  • Data Center Requirement for Public Cloud: No

Question 132: Data Transfers Between Regions

  • Statement: Incorrect – Charged based on region.
  • North America Region Representation: No - Has multiple regions.
  • Multiple Data Centers in Azure Regions: Yes

Multi-Factor Authentication Example

  • Statement: Correct - Password + Security Question

Azure Key Vault for Storing Secrets

  • Statement: Correct

Viewing Azure VM Turn-Off Events

  • Correct Option: Azure Activity Log
  • Explanation: Logs platform-level events for auditing.

Permissions for Azure Virtual Desktop

  • Correct Option: Role-Based Access Control (RBAC)
  • Explanation: Manages access permissions through roles.

TCO Calculator for Savings Due to Cloud Migration

  • Correct Option: Azure Total Cost of Ownership Calculator
  • Explanation: Estimates cost savings from cloud migration.

Serverless Solution for Code Execution

  • Correct Option: Azure Functions
  • Explanation: Run code in a serverless environment.

ARM Templates File Format

  • Correct Option: JSON
  • Explanation: Uses declarative syntax for resource deployment.

Costs During VM Deallocated State

  • Correct Option: Storage
  • Explanation: Charges for attached storage persist.

Requirement for Creating New File Share

  • Correct Option: Storage Account
  • Explanation: Necessary prerequisite for file shares.

Managing Web App from iPhone

  • Correct Options: Azure Portal, Azure Cloud Shell
  • Explanation: Access via web-based interfaces.

Securing Website and Generating Attack Reports

  • Correct Option: DDoS Protection
  • Explanation: Mitigates DDoS attacks and provides reports.
  • Additional Resource: DDoS Protection

Cloud Service Models Examples

  • Azure App Service: PaaS
  • Azure Virtual Machines: IaaS
  • Microsoft Dynamics 365: SaaS

Azure AD Group Permissions

  • Statement: Correct - Groups for managing user access.

Azure Logic Apps for Running Code

  • Statement: Incorrect - Logic Apps for workflows, not code execution.

Managing Containers

  • Correct Options: Azure Container Instances, Azure Kubernetes Service
  • Explanation: Both suitable for managing containerized applications.

Allowing TCP Port Connection on VM

  • Correct Option: Network Security Group
  • Explanation: Used to filter traffic by port.

Purchasing Third-Party Virtual Security Appliance

  • Correct Option: Azure Marketplace
  • Explanation: Source for third-party solutions.

New Features Addition After GA

  • Statement: Incorrect - New features can be added post-GA.

Resource Recreation After Public Preview

  • Statement: Incorrect - No recreation required.

Access to Compute Capacity at Deep Discounts

  • Correct Option: Azure Spot VM Instances
  • Explanation: Provides access to unused capacity.

Generating Billing Reports by Office

  • Correct Option: Tags
  • Explanation: Organize billing data for cost management.

OSI Layer for Azure ExpressRoute

  • Correct Option: Layer 3 (Network Layer)

Assigning User Roles for Resource Group

  • Correct Option: Access Control (IAM)

Managing User Access Across Multiple Subscriptions

  • Correct Option: Management Groups
  • Explanation: Provides top-level hierarchy for access management.

Customer Responsibility in SaaS Model

  • Correct Option: Application Data
  • Explanation: Cloud provider manages underlying infrastructure.

Azure Trial Account Restrictions

  • Correct Option: Unable to start existing VMs
  • Explanation: Expired trial accounts restrict new VMs.

Limiting Inbound Traffic to Virtual Networks

  • Correct Option: Azure Firewall
  • Explanation: Controls inbound traffic centrally.

Managing Legacy Database in Cloud

  • Correct Option: IaaS
  • Explanation: Flexibility to manage applications and databases.

Collecting Security Events from Azure AD

  • Correct Option: Microsoft Sentinel

Layer for DDoS Protection Implementation

  • Correct Option: Network Layer

Running Azure CLI Commands

  • Correct Options: Command Prompt, Windows PowerShell
  • Explanation: Tools for executing CLI commands.

Azure Service Examples

  • DNS Server on VM: IaaS
  • Microsoft Intune: SaaS
  • Azure Files: PaaS

Storing Certificates in Azure

  • Correct Option: Azure Key Vault

Hosting Production Resources with Azure Free Account

  • Statement: Yes - Allowed but not recommended.

Using Serverless Features for Scripts

  • Statement: Yes - Azure Functions suitable.

Vertical Scaling Example

  • Correct Option: Increasing CPU and RAM
  • Explanation: Scaling up single instance resources.
  • Additional Resource: Scaling in Azure

Hosting Zero-Administration Tables

  • Correct Option: Azure Cosmos DB
  • Explanation: Fully managed, globally distributed NoSQL database.

Tool for Guidance and Recommendations

  • Correct Option: Azure Advisor
  • Explanation: Provides intelligent recommendations.

Maintaining File Versions in Blob Storage

  • Correct Option: Azure Blob Versioning
  • Explanation: Preserves previous versions of data.

Failure Protection with Availability Zone

  • Correct Option: Azure Data Center Failure
  • Explanation: Ensures high availability.

Automating VM Shutdown/Start

  • Correct Option: Azure Automation
  • Explanation: Create and schedule runbooks.

Auditing Access to Blob Storage

  • Correct Option: Azure Blob Storage Analytics
  • Explanation: Provides logging for auditing.

Segmenting Resources for Departments

  • Correct Options: Multiple Subscriptions, Multiple Resource Groups
  • Explanation: Segregation for management and billing.

Azure Portals for Specific Tasks

  • Security Recommendations: Advisor
  • Service Health Monitoring: Monitor

Yes/No Questions

  • Azure DevOps Git Repository: Yes
  • Security Advisor Recommendations Increase Secure Score: Yes
  • Azure Reservation for Specific Data Center: No

Disaster Recovery Plan Responsibility

  • Correct Option: Azure Customer

Classifying and Labeling Sensitive Data

  • Correct Option: Azure Purview

Reducing Effort for Deploying VMs

  • Correct Option: Azure Virtual Machine Scale Sets
  • Explanation: Automated and managed scaling of VMs.

Enforcing Resource Tagging

  • Correct Options: Azure Policy, Azure Management Groups

Enterprise Messaging Solution

  • Correct Option: Azure Service Bus
  • Explanation: Reliable and scalable messaging.

Compliance Audits Responsibility

  • Correct Option: Third-Party Provider

Cloud Benefit for Variable Usage

  • Correct Option: Elasticity

Managing Infrastructure Without Data Center

  • Correct Option: Public Cloud
  • Explanation: Complete management by cloud provider.

Example of IaaS

  • Correct Option: Azure Virtual Machine

Cost Minimized Solution for Additional Resources

  • Correct Option: Hybrid Cloud
  • Explanation: Combines on-prem and cloud resources.

Solution for Controlling VM Connections

  • Correct Option: Network Security Group

Service Trust Portal for Compliance Reports

  • Statement: Yes

Minimizing Administrative Effort for Web Application

  • Correct Option: PaaS

Preventing VM Creation in Resource Group

  • Correct Option: Azure Policy

Effect of Non-Allowed Policy on Existing Resources

  • Action: VNet continues to function

Azure Policy Initiative Definition

  • Correct Option: Collection of Policy Definitions

Built-in High Availability in Synapse Analytics

  • Statement: Correct

Creating Workflows Platform

  • Correct Option: Azure Logic Apps

Storing Unmanaged Data Disks

  • Correct Option: Blob Storage Containers

Governance Tool for Development Teams

  • Correct Option: Azure Blueprints

Management Groups Limit per Directory

  • Correct Option: 10,000

Conclusion

  • Suggestions: Explore other parts of the series and review the full set of 420 questions.
  • Community Interaction: Engage in the comment section for doubts and discussions.