You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" Microsoft Azure AZ-304 Practice Test 3 "
0 of 75 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
Microsoft Azure AZ-304 Practice Tests
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking view questions. Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
Answered
Review
Question 1 of 75
1. Question
A company is setting up a data storage solution for their on-premise location. They have to ensure that data is automatically replicated to Azure.
They decide to include using Azure StorSimple as part of their storage solution
Would this fulfil the requirement?
Correct
Using StorSimple is an ideal solution for this case. This is a hybrid cloud solution. The Microsoft documentation mentions the following on the usage of StorSimple
For more information on StorSimple, please visit the below URL https://docs.microsoft.com/en-us/azure/storsimple/storsimple-ova-overview
Incorrect
Using StorSimple is an ideal solution for this case. This is a hybrid cloud solution. The Microsoft documentation mentions the following on the usage of StorSimple
For more information on StorSimple, please visit the below URL https://docs.microsoft.com/en-us/azure/storsimple/storsimple-ova-overview
Unattempted
Using StorSimple is an ideal solution for this case. This is a hybrid cloud solution. The Microsoft documentation mentions the following on the usage of StorSimple
For more information on StorSimple, please visit the below URL https://docs.microsoft.com/en-us/azure/storsimple/storsimple-ova-overview
Question 2 of 75
2. Question
A company is setting up a data storage solution for their on-premise location. They have to ensure that data is automatically replicated to Azure.
They decide to include using Azure Table storage as part of their storage solution
Would this fulfil the requirement?
Correct
This is table level storage available in Azure. This is not the ideal solution for replicating data between on-premise and Azure.
For more information on Azure Table storage, please visit the below URL https://azure.microsoft.com/en-us/services/storage/tables/
Incorrect
This is table level storage available in Azure. This is not the ideal solution for replicating data between on-premise and Azure.
For more information on Azure Table storage, please visit the below URL https://azure.microsoft.com/en-us/services/storage/tables/
Unattempted
This is table level storage available in Azure. This is not the ideal solution for replicating data between on-premise and Azure.
For more information on Azure Table storage, please visit the below URL https://azure.microsoft.com/en-us/services/storage/tables/
Question 3 of 75
3. Question
A company is setting up the required privileges for users in their Azure AD tenant. They need to assign a group of users with the below mentioned privileges
The users should be able to manage virtual networks
They should not be allowed to manage role assignments
You need to ensure the right role is assigned based on the least privilege access.
You decide to provide the Owner role to the group
Would this fulfil the requirement?
Correct
This would also allow the users to have the ability to manage all resources and this would provide too many privileges. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Incorrect
This would also allow the users to have the ability to manage all resources and this would provide too many privileges. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Unattempted
This would also allow the users to have the ability to manage all resources and this would provide too many privileges. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Question 4 of 75
4. Question
A company is setting up the required privileges for users in their Azure AD tenant. They need to assign a group of users with the below mentioned privileges
The users should be able to manage virtual networks
They should not be allowed to manage role assignments
You need to ensure the right role is assigned based on the least privilege access.
You decide to provide the Contributor role to the group
Would this fulfil the requirement?
Correct
This would also allow the users to have the ability to manage all resources and this would provide too many privileges. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Incorrect
This would also allow the users to have the ability to manage all resources and this would provide too many privileges. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Unattempted
This would also allow the users to have the ability to manage all resources and this would provide too many privileges. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Question 5 of 75
5. Question
A company is setting up the required privileges for users in their Azure AD tenant. They need to assign a group of users with the below mentioned privileges
The users should be able to manage virtual networks
They should not be allowed to manage role assignments
You need to ensure the right role is assigned based on the least privilege access.
You decide to provide the Network Contributor role to the group
Would this fulfil the requirement?
Correct
Yes, this is the ideal role which allows users to manage virtual networks but does not give them the access to manage role assignments. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Incorrect
Yes, this is the ideal role which allows users to manage virtual networks but does not give them the access to manage role assignments. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Unattempted
Yes, this is the ideal role which allows users to manage virtual networks but does not give them the access to manage role assignments. Below is a snippet from the Microsoft documentation on the permissions for the role
For more information on in-built roles, please visit the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
Question 6 of 75
6. Question
A company named Contoso has an on-premises active directory forest defined as Contoso.com. Contoso recently took over another company and now have the following on-premises active directory forests:
· Contoso.com
· Fabrikam.com
· Resist.com
They are looking at a hybrid identity model by integrating their on-premises identities from all three forests with Azure Active Directory and requires the solution to be highly available.
How would you achieve this solution?
Correct
The correct answer is ADConnect with multiple forests with a single sync server and a staging server as a backup for redundancy purposes, this configuration is supported and required by the use case. ADConnect with single forests is supported however does not comply with the requirements. ADConnect with multiple forests and multiple sync servers is not supported based on the ADConnect architecture. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies
Incorrect
The correct answer is ADConnect with multiple forests with a single sync server and a staging server as a backup for redundancy purposes, this configuration is supported and required by the use case. ADConnect with single forests is supported however does not comply with the requirements. ADConnect with multiple forests and multiple sync servers is not supported based on the ADConnect architecture. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies
Unattempted
The correct answer is ADConnect with multiple forests with a single sync server and a staging server as a backup for redundancy purposes, this configuration is supported and required by the use case. ADConnect with single forests is supported however does not comply with the requirements. ADConnect with multiple forests and multiple sync servers is not supported based on the ADConnect architecture. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies
Question 7 of 75
7. Question
A company named Contoso has an on-premises active directory forest defined as Contoso.com. They are looking at a hybrid identity model by integrating their on-premises identities with Azure Active Directory and has a requirement for single-sign-on (SSO). Which of the following options would suffice? Choose all that apply, each answer represents a solution on its own.
Correct
ADFS, ADConnect with PTA and ADConnect with hash synchronization (PHS) can be used to achieve hybrid identity and supports Single-Sign-On. Deploying a domain controller on Azure is incorrect as this will simply extend the on-premises identity to another domain controller and will not integrate the on-premises identities with Azure Active Directory and does not support SSO with Azure AD. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-hybrid-identity
Incorrect
ADFS, ADConnect with PTA and ADConnect with hash synchronization (PHS) can be used to achieve hybrid identity and supports Single-Sign-On. Deploying a domain controller on Azure is incorrect as this will simply extend the on-premises identity to another domain controller and will not integrate the on-premises identities with Azure Active Directory and does not support SSO with Azure AD. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-hybrid-identity
Unattempted
ADFS, ADConnect with PTA and ADConnect with hash synchronization (PHS) can be used to achieve hybrid identity and supports Single-Sign-On. Deploying a domain controller on Azure is incorrect as this will simply extend the on-premises identity to another domain controller and will not integrate the on-premises identities with Azure Active Directory and does not support SSO with Azure AD. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-hybrid-identity
Question 8 of 75
8. Question
A company named Contoso has an on-premises active directory forest defined as Contoso.com. They are looking at a hybrid identity model by integrating their on-premises identities with Azure Active Directory and has the following requirements:
· Single-Sign-On (SSO)
· No on-premises password hashes are not stored in the cloud
The company decides to deploy ADConnect (PHS) with password hash synchronization. Would this meet the requirements?
Correct
False is correct, ADConnect with hash synchronization will not meet the requirements as this solution will sync a hash of the on-premises password hashes to Azure AD. The correct solution would be ADConnect with pass-through authentication (PTA) because with this method on-premises passwords (and password hashes) are never stored in the cloud.https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-phs
Incorrect
False is correct, ADConnect with hash synchronization will not meet the requirements as this solution will sync a hash of the on-premises password hashes to Azure AD. The correct solution would be ADConnect with pass-through authentication (PTA) because with this method on-premises passwords (and password hashes) are never stored in the cloud.https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-phs
Unattempted
False is correct, ADConnect with hash synchronization will not meet the requirements as this solution will sync a hash of the on-premises password hashes to Azure AD. The correct solution would be ADConnect with pass-through authentication (PTA) because with this method on-premises passwords (and password hashes) are never stored in the cloud.https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-phs
Question 9 of 75
9. Question
A company named skillcertlabs currently has an on-premise Active Directory Forest. They have recently setup an Azure AD tenant and also setup Azure AD Connect. They have currently procured Premium P1 licences.
Which of the following features could result in reducing the operational overhead when it comes to managing the user’s credentials?
Correct
If users get locked or forget their password, you can use the self-service password reset with writeback option. This is also given in the Microsoft documentation. And these features are included as part of Premium P1 licences.
Option B is incorrect since this is only when you want to conduct reviews for existing users.
Option D is incorrect since this requires Premium P2 licensing
For more information on self-service password reset, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-licensing
Incorrect
If users get locked or forget their password, you can use the self-service password reset with writeback option. This is also given in the Microsoft documentation. And these features are included as part of Premium P1 licences.
Option B is incorrect since this is only when you want to conduct reviews for existing users.
Option D is incorrect since this requires Premium P2 licensing
For more information on self-service password reset, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-licensing
Unattempted
If users get locked or forget their password, you can use the self-service password reset with writeback option. This is also given in the Microsoft documentation. And these features are included as part of Premium P1 licences.
Option B is incorrect since this is only when you want to conduct reviews for existing users.
Option D is incorrect since this requires Premium P2 licensing
For more information on self-service password reset, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-licensing
Question 10 of 75
10. Question
A company named skillcertlabs has just setup an Azure AD tenant. They need to deploy 2 applications to Azure, OnlineQuiz and OnlineForum. Below are the key authentication requirements for the applications
OnlineQuiz Application – Users should be able to authenticate using a personal Microsoft account and multi-factor authentication or using other providers such as facebook.
OnlineForum Application – Users should be able to authenticate using either a personal Microsoft account or using the credentials of skillcertlabs. The accounts should be managed via Azure AD
Which authentication mechanism would you recommend for the OnlineQuiz application?
Correct
If you look at the authentication providers possible with Azure B2C, you can see that you can use a Microsoft account. This is provided in the Microsoft documentation.
If also supports Multi-factor authentication as shown below
Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.
Options C and D are incorrect since this is normally only used for Microsoft based accounts
For more information on Azure B2C, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview
Incorrect
If you look at the authentication providers possible with Azure B2C, you can see that you can use a Microsoft account. This is provided in the Microsoft documentation.
If also supports Multi-factor authentication as shown below
Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.
Options C and D are incorrect since this is normally only used for Microsoft based accounts
For more information on Azure B2C, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview
Unattempted
If you look at the authentication providers possible with Azure B2C, you can see that you can use a Microsoft account. This is provided in the Microsoft documentation.
If also supports Multi-factor authentication as shown below
Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.
Options C and D are incorrect since this is normally only used for Microsoft based accounts
For more information on Azure B2C, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview
Question 11 of 75
11. Question
A company named skillcertlabs has just setup an Azure AD tenant. They need to deploy 2 applications to Azure, OnlineQuiz and OnlineForum. Below are the key authentication requirements for the applications
OnlineQuiz Application – Users should be able to authenticate using a personal Microsoft account and multi-factor authentication or using other providers such as facebook.
OnlineForum Application – Users should be able to authenticate using either a personal Microsoft account or using the credentials of skillcertlabs. The accounts should be managed via Azure AD
Which authentication mechanism would you recommend for the OnlineForum application?
Correct
Azure AD v2.0 endpoint is best suited for this, since it supports both Work and personal accounts as shown below
Option A is incorrect since this is normally used for user authentication with other identity providers besides Microsoft.
Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.
Option C is incorrect since it does not support Personal accounts
For more information on the Microsoft identity platform, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/develop/about-microsoft-identity-platform
Incorrect
Azure AD v2.0 endpoint is best suited for this, since it supports both Work and personal accounts as shown below
Option A is incorrect since this is normally used for user authentication with other identity providers besides Microsoft.
Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.
Option C is incorrect since it does not support Personal accounts
For more information on the Microsoft identity platform, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/develop/about-microsoft-identity-platform
Unattempted
Azure AD v2.0 endpoint is best suited for this, since it supports both Work and personal accounts as shown below
Option A is incorrect since this is normally used for user authentication with other identity providers besides Microsoft.
Option B is incorrect since this is normally used when you want to allow authentication of users from other companies.
Option C is incorrect since it does not support Personal accounts
For more information on the Microsoft identity platform, please visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/develop/about-microsoft-identity-platform
Question 12 of 75
12. Question
A company needs to create a series of data stores in Azure. Below are the requirements for the different data stores
DataStore1 – This data store needs to store table like data. The data needs to be available 99.99% of the time. It should also provide less than 10ms latency for reads and less than 15ms latency for writes.
DataStore2 – This would be used to store petabytes of data. You should be able to run complex queries across the data store
Which of the following could be used to hold the data for DataStore1?
Correct
Azure CosmosDB can both provide the required SLA and the required latency for reads and writes.
The Microsoft documentation mentions the following
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on table storage, please go to the below URL https://docs.microsoft.com/en-us/azure/cosmos-db/table-introduction
Incorrect
Azure CosmosDB can both provide the required SLA and the required latency for reads and writes.
The Microsoft documentation mentions the following
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on table storage, please go to the below URL https://docs.microsoft.com/en-us/azure/cosmos-db/table-introduction
Unattempted
Azure CosmosDB can both provide the required SLA and the required latency for reads and writes.
The Microsoft documentation mentions the following
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on table storage, please go to the below URL https://docs.microsoft.com/en-us/azure/cosmos-db/table-introduction
Question 13 of 75
13. Question
A company needs to create a series of data stores in Azure. Below are the requirements for the different data stores
DataStore1 – This data store needs to store table like data. The data needs to be available 99.99% of the time. It should also provide less than 10ms latency for reads and less than 15ms latency for writes.
DataStore2 – This would be used to store petabytes of data. You should be able to run complex queries across the data store
Which of the following could be used to hold the data for DataStore2?
A company needs to create a site-to-site VPN connection with an Azure virtual network. They want to implement redundancy and high availability for the connection. Hence, they decide to implement an active-active configuration for the site-to-site connections.
How many public IP address need to be defined for such a setup?
Correct
Since we need an active-active configuration, we need to 2 public IP addresses.
An example of this is given in the Microsoft documentation.
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on configuring active-active VPN gateways, please go to the below URL https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-activeactive-rm-powershell
Incorrect
Since we need an active-active configuration, we need to 2 public IP addresses.
An example of this is given in the Microsoft documentation.
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on configuring active-active VPN gateways, please go to the below URL https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-activeactive-rm-powershell
Unattempted
Since we need an active-active configuration, we need to 2 public IP addresses.
An example of this is given in the Microsoft documentation.
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on configuring active-active VPN gateways, please go to the below URL https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-activeactive-rm-powershell
Question 15 of 75
15. Question
A company needs to create a site-to-site VPN connection with an Azure virtual network. They want to implement redundancy and high availability for the connection. Hence, they decide to implement an active-active configuration for the site-to-site connections.
Which of the following could be used as SKU’s for the VPN gateway in Azure? Choose 3 answers from the options given below
A company needs to create a storage account.
The storage account must meet the following requirements
-Ensure that the documents can be stored in the storage account
-The documents must be made accessible via drive mappings from Azure virtual machines that run Windows Server 2016.
-Provide the highest possible redundancy for the documents.
-Minimize storage access costs.
Objective – Design an infrastructure strategy
Which of the following would you choose for the performance of the Storage account?
Correct
You have to use the Standard performance tier. The premium tier only allows storage of Page BLOB’s.
In the below diagram you can see that if we choose Premium as the Performance option, we will have no option for files shares. And that is the main requirement. File shares allow to have drive mappings from Azure Virtual Machines.
You have to use the Standard performance tier. The premium tier only allows storage of Page BLOB’s.
In the below diagram you can see that if we choose Premium as the Performance option, we will have no option for files shares. And that is the main requirement. File shares allow to have drive mappings from Azure Virtual Machines.
You have to use the Standard performance tier. The premium tier only allows storage of Page BLOB’s.
In the below diagram you can see that if we choose Premium as the Performance option, we will have no option for files shares. And that is the main requirement. File shares allow to have drive mappings from Azure Virtual Machines.
A company needs to create a storage account.
The storage account must meet the following requirements
Ensure that the documents can be stored in the storage account
The documents must be made accessible via drive mappings from Azure virtual machines that run Windows Server 2016.
Provide the highest possible redundancy for the documents.
Minimize storage access costs.
Which of the following would you choose for the Account kind?
Correct
If you need to use a storage account to host file shares, the consider General Purpose v2 which has support for Page BLOB’s. Microsoft recommends this storage account kind which has more features than General Purpose v2.
In the Azure portal, you would configure this as shown below
If you need to use a storage account to host file shares, the consider General Purpose v2 which has support for Page BLOB’s. Microsoft recommends this storage account kind which has more features than General Purpose v2.
In the Azure portal, you would configure this as shown below
If you need to use a storage account to host file shares, the consider General Purpose v2 which has support for Page BLOB’s. Microsoft recommends this storage account kind which has more features than General Purpose v2.
In the Azure portal, you would configure this as shown below
A company needs to create a storage account.
The storage account must meet the following requirements
Ensure that the documents can be stored in the storage account
The documents must be made accessible via drive mappings from Azure virtual machines that run Windows Server 2016.
Provide the highest possible redundancy for the documents.
Minimize storage access costs.
Which of the following would you choose for the replication?
Correct
Please refer to https://docs.microsoft.com/en-us/azure/storage/common/storage-introduction#redundancy
Redundancy
In order to ensure that your data is durable, Azure Storage replicates multiple copies of your data. When you set up your storage account, you select a redundancy option.
Replication options for a storage account include:
Locally-redundant storage (LRS): A simple, low-cost replication strategy. Data is replicated within a single storage scale unit.
Zone-redundant storage (ZRS): Replication for high availability and durability. Data is replicated synchronously across three availability zones.
Geo-redundant storage (GRS): Cross-regional replication to protect against region-wide unavailability.
Read-access geo-redundant storage (RA-GRS): Cross-regional replication with read access to the replica.
Means redundancy of RA-GRS and GRS: both has same but availability of data is more in RA-GRS than GRS.
in GRS, in case of region failure, data is unavailable till Microsoft trigger failover
but in case of RA-GRS: Data for read-only, is available from secondary region all the time
Since question is also talking about “Minimize cost and as we know cost of GRS is comparatively lower than RA-GRS.
Please refer to https://docs.microsoft.com/en-us/azure/storage/common/storage-introduction#redundancy
Redundancy
In order to ensure that your data is durable, Azure Storage replicates multiple copies of your data. When you set up your storage account, you select a redundancy option.
Replication options for a storage account include:
Locally-redundant storage (LRS): A simple, low-cost replication strategy. Data is replicated within a single storage scale unit.
Zone-redundant storage (ZRS): Replication for high availability and durability. Data is replicated synchronously across three availability zones.
Geo-redundant storage (GRS): Cross-regional replication to protect against region-wide unavailability.
Read-access geo-redundant storage (RA-GRS): Cross-regional replication with read access to the replica.
Means redundancy of RA-GRS and GRS: both has same but availability of data is more in RA-GRS than GRS.
in GRS, in case of region failure, data is unavailable till Microsoft trigger failover
but in case of RA-GRS: Data for read-only, is available from secondary region all the time
Since question is also talking about “Minimize cost and as we know cost of GRS is comparatively lower than RA-GRS.
Please refer to https://docs.microsoft.com/en-us/azure/storage/common/storage-introduction#redundancy
Redundancy
In order to ensure that your data is durable, Azure Storage replicates multiple copies of your data. When you set up your storage account, you select a redundancy option.
Replication options for a storage account include:
Locally-redundant storage (LRS): A simple, low-cost replication strategy. Data is replicated within a single storage scale unit.
Zone-redundant storage (ZRS): Replication for high availability and durability. Data is replicated synchronously across three availability zones.
Geo-redundant storage (GRS): Cross-regional replication to protect against region-wide unavailability.
Read-access geo-redundant storage (RA-GRS): Cross-regional replication with read access to the replica.
Means redundancy of RA-GRS and GRS: both has same but availability of data is more in RA-GRS than GRS.
in GRS, in case of region failure, data is unavailable till Microsoft trigger failover
but in case of RA-GRS: Data for read-only, is available from secondary region all the time
Since question is also talking about “Minimize cost and as we know cost of GRS is comparatively lower than RA-GRS.
A company needs to deploy a system that complies with the below architecture to Azure
Below is the requirement for the various services
Service1 – Orchestrate the movement of data from various log and applications sources to a large expansive data store
Service2 – Sustainable data store for taking large amounts of data
Service3 – Large data store with the ability to analyze and visualize data with Power BI
Which of the following would you use for Service1?
A company needs to deploy a system that complies with the below architecture to Azure
Below is the requirement for the various services
Service1 – Orchestrate the movement of data from various log and applications sources to a large expansive data store
Service2 – Sustainable data store for taking large amounts of data
Service3 – Large data store with the ability to analyze and visualize data with Power BI
Which of the following would you use for Service2?
A company needs to deploy a system that complies with the below architecture to Azure
Below is the requirement for the various services
Service1 – Orchestrate the movement of data from various log and applications sources to a large expansive data store
Service2 – Sustainable data store for taking large amounts of data
Service3 – Large data store with the ability to analyze and visualize data with Power BI
Which of the following would you use for Service3?
A company needs to deploy an application to a set of virtual machines. Below are the key requirements for the application
Ensure an SLA of 99.99% overall for the application
The application would require a data store for storage of images uploaded by users
Ensure that only a group of IT administrators have the required permissions to restart the virtual machine
Which of the following could be used to achieve the requirement of high availability?
Correct
You can achieve an availability of 99.95% with the help of availability zones.
The Microsoft documentation mentions the following
Option A is incorrect because this only provides an SLA of 99.95%
Options B and C are incorrect since these are used for distributing the load onto the virtual machines
For more information on Azure availability zones, please go to the below URL https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
Incorrect
You can achieve an availability of 99.95% with the help of availability zones.
The Microsoft documentation mentions the following
Option A is incorrect because this only provides an SLA of 99.95%
Options B and C are incorrect since these are used for distributing the load onto the virtual machines
For more information on Azure availability zones, please go to the below URL https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
Unattempted
You can achieve an availability of 99.95% with the help of availability zones.
The Microsoft documentation mentions the following
Option A is incorrect because this only provides an SLA of 99.95%
Options B and C are incorrect since these are used for distributing the load onto the virtual machines
For more information on Azure availability zones, please go to the below URL https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
Question 23 of 75
23. Question
A company needs to deploy an application to a set of virtual machines. Below are the key requirements for the application
Ensure an SLA of 99.99% overall for the application
The application would require a data store for storage of images uploaded by users
Ensure that only a group of IT administrators have the required permissions to restart the virtual machine
Which of the following would ensure the following requirement
“Ensure that only a group of IT administrators have the required permissions to restart the virtual machine”
Correct
You can create fine grained access control with the help of role-based access control
The Microsoft documentation mentions the following
Option B is incorrect because this is used from a governance perspective
Option C is incorrect because this is an authentication technique
Option D is incorrect because this is used to synchronize your on-premise Active directory with Azure AD
For more information on Role based access control, please go to the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/overview
Incorrect
You can create fine grained access control with the help of role-based access control
The Microsoft documentation mentions the following
Option B is incorrect because this is used from a governance perspective
Option C is incorrect because this is an authentication technique
Option D is incorrect because this is used to synchronize your on-premise Active directory with Azure AD
For more information on Role based access control, please go to the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/overview
Unattempted
You can create fine grained access control with the help of role-based access control
The Microsoft documentation mentions the following
Option B is incorrect because this is used from a governance perspective
Option C is incorrect because this is an authentication technique
Option D is incorrect because this is used to synchronize your on-premise Active directory with Azure AD
For more information on Role based access control, please go to the below URL https://docs.microsoft.com/en-us/azure/role-based-access-control/overview
Question 24 of 75
24. Question
A company needs to design an architecture that would meet the below requirements
Capture data with regards to creation of users and assignment of roles in their Azure account
All captured data must be sent to a CosmosDB account
You have to complete the below architecture diagram to fulfil the above requirements.
Which of the following would you suggest for Azure Service 1?
Correct
The Event Grid service is ideal for capturing different sort of events in Azure. So, since you need to capture events pertaining to the creation of users and assignment of roles, you can use the Event Grid service. The diagram representation of the Azure Event Grid service is given below.
So, on the left-hand side, you have different Azure resources for which you can receive events. And on the right-hand side, you have consumers. The event grid service can send data about the event onto the consumers.
Option B is incorrect since this is a Big data ingestion service
Option C is incorrect since this is a serverless compute service
Option D is incorrect since this is used for analysis of data sent to the log service in Azure
Option E is incorrect since this is a purely notification-based service
For more information on Azure Event Grids, please visit the below URL https://docs.microsoft.com/en-us/azure/event-grid/overview
Incorrect
The Event Grid service is ideal for capturing different sort of events in Azure. So, since you need to capture events pertaining to the creation of users and assignment of roles, you can use the Event Grid service. The diagram representation of the Azure Event Grid service is given below.
So, on the left-hand side, you have different Azure resources for which you can receive events. And on the right-hand side, you have consumers. The event grid service can send data about the event onto the consumers.
Option B is incorrect since this is a Big data ingestion service
Option C is incorrect since this is a serverless compute service
Option D is incorrect since this is used for analysis of data sent to the log service in Azure
Option E is incorrect since this is a purely notification-based service
For more information on Azure Event Grids, please visit the below URL https://docs.microsoft.com/en-us/azure/event-grid/overview
Unattempted
The Event Grid service is ideal for capturing different sort of events in Azure. So, since you need to capture events pertaining to the creation of users and assignment of roles, you can use the Event Grid service. The diagram representation of the Azure Event Grid service is given below.
So, on the left-hand side, you have different Azure resources for which you can receive events. And on the right-hand side, you have consumers. The event grid service can send data about the event onto the consumers.
Option B is incorrect since this is a Big data ingestion service
Option C is incorrect since this is a serverless compute service
Option D is incorrect since this is used for analysis of data sent to the log service in Azure
Option E is incorrect since this is a purely notification-based service
For more information on Azure Event Grids, please visit the below URL https://docs.microsoft.com/en-us/azure/event-grid/overview
Question 25 of 75
25. Question
A company needs to design an architecture that would meet the below requirements
Capture data with regards to creation of users and assignment of roles in their Azure account
All captured data must be sent to a CosmosDB account
You have to complete the below architecture diagram to fulfil the above requirements.
Which of the following would you suggest for Azure Service 2?
Correct
Azure Functions is an ideal consumer for this requirement. The Azure Function can be programmed to receive the event data and then send it across to CosmosDB.
Option A is incorrect since this is the service to receive the data
Option B is incorrect since this is a Big data ingestion service
Option D is incorrect since this is used for analysis of data sent to the log service in Azure
Option E is incorrect since this is a purely notification-based service
Azure Functions is an ideal consumer for this requirement. The Azure Function can be programmed to receive the event data and then send it across to CosmosDB.
Option A is incorrect since this is the service to receive the data
Option B is incorrect since this is a Big data ingestion service
Option D is incorrect since this is used for analysis of data sent to the log service in Azure
Option E is incorrect since this is a purely notification-based service
Azure Functions is an ideal consumer for this requirement. The Azure Function can be programmed to receive the event data and then send it across to CosmosDB.
Option A is incorrect since this is the service to receive the data
Option B is incorrect since this is a Big data ingestion service
Option D is incorrect since this is used for analysis of data sent to the log service in Azure
Option E is incorrect since this is a purely notification-based service
A company needs to design and deploy an application onto Azure. They want to base the design the application on a microservice design pattern. For deployment, they want to have a microservices based platform on Azure for hosting their application. The application itself would be a ecommerce application with modules for managing user accounts, shopping carts, managing delivery.
Which of the following could they use for hosting the application?
Correct
The ideal solution for this is Azure Service Fabric. The Microsoft documentation mentions the following
Option A is incorrect because this a serverless platform for hosting code
Option C is incorrect because this is primarily used as a platform for hosting web applications
Option D is incorrect because this is a workflow-based service
For more information on Azure Service Fabric, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-overview-microservices
Incorrect
The ideal solution for this is Azure Service Fabric. The Microsoft documentation mentions the following
Option A is incorrect because this a serverless platform for hosting code
Option C is incorrect because this is primarily used as a platform for hosting web applications
Option D is incorrect because this is a workflow-based service
For more information on Azure Service Fabric, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-overview-microservices
Unattempted
The ideal solution for this is Azure Service Fabric. The Microsoft documentation mentions the following
Option A is incorrect because this a serverless platform for hosting code
Option C is incorrect because this is primarily used as a platform for hosting web applications
Option D is incorrect because this is a workflow-based service
For more information on Azure Service Fabric, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-overview-microservices
Question 27 of 75
27. Question
A company needs to design and deploy an application onto Azure. They want to base the design the application on a microservice design pattern. For deployment, they want to have a microservices based platform on Azure for hosting their application. The application itself would be a ecommerce application with modules for managing user accounts, shopping carts, managing delivery.
Based on the application need, what type of design pattern would you use to build the application?
Correct
Since the application needs to maintain the state across its lifecycle, (for example from shopping cart items to checkout), you can use the Stateful microservices design pattern.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on Azure Service Fabric, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-content-roadmap
Incorrect
Since the application needs to maintain the state across its lifecycle, (for example from shopping cart items to checkout), you can use the Stateful microservices design pattern.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on Azure Service Fabric, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-content-roadmap
Unattempted
Since the application needs to maintain the state across its lifecycle, (for example from shopping cart items to checkout), you can use the Stateful microservices design pattern.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on Azure Service Fabric, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-content-roadmap
Question 28 of 75
28. Question
A company needs to ensure that a network security group is defined for every subnet in all virtual networks defined in their Azure subscription. Which of the following could be used to achieve this requirement?
Correct
An example of this is given in the Microsoft documentation
Option A is incorrect because this is basically a recommendations engine
Option C is incorrect because this is used to set access to resources
Option D is incorrect because this is an identity provider in Azure
For more information on the example itself, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/governance/policy/samples/nsg-on-subnet
Incorrect
An example of this is given in the Microsoft documentation
Option A is incorrect because this is basically a recommendations engine
Option C is incorrect because this is used to set access to resources
Option D is incorrect because this is an identity provider in Azure
For more information on the example itself, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/governance/policy/samples/nsg-on-subnet
Unattempted
An example of this is given in the Microsoft documentation
Option A is incorrect because this is basically a recommendations engine
Option C is incorrect because this is used to set access to resources
Option D is incorrect because this is an identity provider in Azure
For more information on the example itself, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/governance/policy/samples/nsg-on-subnet
Question 29 of 75
29. Question
A company needs to move a web application onto Azure. Below are the main requirements for the application
The application must be available to users even if an Azure data center becomes unavailable.
Costs must be minimized.
Which of the following would you recommend?
Correct
A Data center corresponds to the concept of availability zones. So, if you want to maintain availability even in a data center outage, then make use of availability sets
The Microsoft documentation mentions the following with respect to availability sets
All other options are invalid, since you need to minimize on costs, and you don’t need to deploy resources across regions
For more information on availability sets, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/virtual-machines/windows/manage-availability
Incorrect
A Data center corresponds to the concept of availability zones. So, if you want to maintain availability even in a data center outage, then make use of availability sets
The Microsoft documentation mentions the following with respect to availability sets
All other options are invalid, since you need to minimize on costs, and you don’t need to deploy resources across regions
For more information on availability sets, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/virtual-machines/windows/manage-availability
Unattempted
A Data center corresponds to the concept of availability zones. So, if you want to maintain availability even in a data center outage, then make use of availability sets
The Microsoft documentation mentions the following with respect to availability sets
All other options are invalid, since you need to minimize on costs, and you don’t need to deploy resources across regions
For more information on availability sets, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/virtual-machines/windows/manage-availability
Question 30 of 75
30. Question
A company needs to run an application that would be processing thousands of images at the same time. They need to have an ideal compute solution designed in Azure to handle the high scale processing of the images.
You decide to implement Azure Web Apps as part of the solution
Does this meet the requirement?
Correct
The Azure Web App service is used to run primarily web applications and cannot be used for high compute intensive parallel processing jobs.
For more information on Azure Web Apps, please go ahead and visit the below URL https://azure.microsoft.com/en-us/services/app-service/web/
Incorrect
The Azure Web App service is used to run primarily web applications and cannot be used for high compute intensive parallel processing jobs.
For more information on Azure Web Apps, please go ahead and visit the below URL https://azure.microsoft.com/en-us/services/app-service/web/
Unattempted
The Azure Web App service is used to run primarily web applications and cannot be used for high compute intensive parallel processing jobs.
For more information on Azure Web Apps, please go ahead and visit the below URL https://azure.microsoft.com/en-us/services/app-service/web/
Question 31 of 75
31. Question
A company needs to setup a web application on to the Azure Web App Service. One of the key requirements is for the platform to scale automatically when there is sustainable load that caused the CPU threshold to go beyond a particular threshold.
The IT Admin team needs to be notified if there is an autoscale failure. Which of the following can be done to alert the team accordingly?
Correct
You can create an Activity Log Alert for this.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on best practices for autoscaling, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-best-practices
Incorrect
You can create an Activity Log Alert for this.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on best practices for autoscaling, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-best-practices
Unattempted
You can create an Activity Log Alert for this.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on best practices for autoscaling, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-best-practices
Question 32 of 75
32. Question
A company needs to setup a web application on to the Azure Web App Service. One of the key requirements is for the platform to scale automatically when there is sustainable load that caused the CPU threshold to go beyond a particular threshold.
Which of the following is the most cost-effective App Service Plan to use for the Azure Web App?
Correct
The Autoscaling option for Web Apps is available from the Standard App Service plan onwards. Hence this would be the most cost-effective plan.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on Azure App Service Plans, please visit the below URL https://azure.microsoft.com/en-us/pricing/details/app-service/plans/
Incorrect
The Autoscaling option for Web Apps is available from the Standard App Service plan onwards. Hence this would be the most cost-effective plan.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on Azure App Service Plans, please visit the below URL https://azure.microsoft.com/en-us/pricing/details/app-service/plans/
Unattempted
The Autoscaling option for Web Apps is available from the Standard App Service plan onwards. Hence this would be the most cost-effective plan.
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on Azure App Service Plans, please visit the below URL https://azure.microsoft.com/en-us/pricing/details/app-service/plans/
Question 33 of 75
33. Question
A company needs to transfer a data set to Azure. The size of the data set is around 10TB. The data needs to be copied to an Azure Storage account. The currently line bandwidth that the company has is around 100 MBps.
After the initial data transfer, which of the following can be used for periodic transfers of MB’s of data onto the Azure storage account? Choose 2 answers from the options given below
A company needs to transfer a data set to Azure. The size of the data set is around 10TB. The data needs to be copied to an Azure Storage account. The currently line bandwidth that the company has is around 100 MBps.
Which of the following would be the ideal solution to use for the data transfer?
Correct
Here the size of the data set is large, and the bandwidth is small. Hence doing an offline transfer with the Azure Data Box service is the ideal approach.
The Microsoft documentation also gives a recommendation on when to use the service
The other options are incorrect since an online transfer would just take too long.
For more information on transferring large data sets over a limited bandwidth network, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/storage/common/storage-solution-large-dataset-low-network
Incorrect
Here the size of the data set is large, and the bandwidth is small. Hence doing an offline transfer with the Azure Data Box service is the ideal approach.
The Microsoft documentation also gives a recommendation on when to use the service
The other options are incorrect since an online transfer would just take too long.
For more information on transferring large data sets over a limited bandwidth network, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/storage/common/storage-solution-large-dataset-low-network
Unattempted
Here the size of the data set is large, and the bandwidth is small. Hence doing an offline transfer with the Azure Data Box service is the ideal approach.
The Microsoft documentation also gives a recommendation on when to use the service
The other options are incorrect since an online transfer would just take too long.
For more information on transferring large data sets over a limited bandwidth network, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/storage/common/storage-solution-large-dataset-low-network
Question 35 of 75
35. Question
A company wants to create a set of virtual machines in Azure. These would be Windows virtual machines that would be hosting a web-based application. The company wants to achieve an availability of 99.99% for the virtual machines.
They decide to implement availability sets for the virtual machines.
Would this satisfy the requirement?
A company wants to create a set of virtual machines in Azure. These would be Windows virtual machines that would be hosting a web-based application. The company wants to achieve an availability of 99.99% for the virtual machines.
They decide to implement availability zones for the virtual machines.
Would this satisfy the requirement?
Correct
Yes, by deploying the virtual machines across availability zones, you can achieve an availability of 99.99%
The Microsoft documentation mentions the following
For more information on availability zones, please visit the below URL https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
Incorrect
Yes, by deploying the virtual machines across availability zones, you can achieve an availability of 99.99%
The Microsoft documentation mentions the following
For more information on availability zones, please visit the below URL https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
Unattempted
Yes, by deploying the virtual machines across availability zones, you can achieve an availability of 99.99%
The Microsoft documentation mentions the following
For more information on availability zones, please visit the below URL https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
Question 37 of 75
37. Question
A company wants to create a set of virtual machines in Azure. These would be Windows virtual machines that would be hosting a web-based application. The company wants to achieve an availability of 99.99% for the virtual machines.
They decide to implement Azure Load balancers for the virtual machines.
Would this satisfy the requirement?
Correct
Azure Load balancers are primarily used to distribute traffic across virtual machines. They can add high availability to your architecture but does not guarantee an availability of 99.99% for the virtual machines.
For more information on Azure Load balancers, please visit the below URL https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Incorrect
Azure Load balancers are primarily used to distribute traffic across virtual machines. They can add high availability to your architecture but does not guarantee an availability of 99.99% for the virtual machines.
For more information on Azure Load balancers, please visit the below URL https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Unattempted
Azure Load balancers are primarily used to distribute traffic across virtual machines. They can add high availability to your architecture but does not guarantee an availability of 99.99% for the virtual machines.
For more information on Azure Load balancers, please visit the below URL https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Question 38 of 75
38. Question
A company wants to deploy a web solution to Azure. The web solution would be hosted on a set of Azure Virtual Machines. The company wants to ensure that end user load is distributed across the virtual machines. The virtual machine requesting the service from the user should be done in such a manner that it provides the least latency for the request and response traffic.
Which of the following would you consider as the service to implement as part of this architecture?
Correct
You can use the Azure Traffic Manager service. You can use the Performance Routing method to route traffic based on the latency. So, the virtual machine which offers the least network latency for the user will serve the user request.
The Microsoft documentation mentions the following
Options A and C are incorrect since these load balancing solutions can’t distribute traffic based on a rule such as low latency.
Option D is incorrect since this is a data storage solution
For more information on the Azure Traffic Manager service, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Incorrect
You can use the Azure Traffic Manager service. You can use the Performance Routing method to route traffic based on the latency. So, the virtual machine which offers the least network latency for the user will serve the user request.
The Microsoft documentation mentions the following
Options A and C are incorrect since these load balancing solutions can’t distribute traffic based on a rule such as low latency.
Option D is incorrect since this is a data storage solution
For more information on the Azure Traffic Manager service, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Unattempted
You can use the Azure Traffic Manager service. You can use the Performance Routing method to route traffic based on the latency. So, the virtual machine which offers the least network latency for the user will serve the user request.
The Microsoft documentation mentions the following
Options A and C are incorrect since these load balancing solutions can’t distribute traffic based on a rule such as low latency.
Option D is incorrect since this is a data storage solution
For more information on the Azure Traffic Manager service, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Question 39 of 75
39. Question
A company wants to deploy a web solution to Azure. The web solution would be hosted on a set of Azure Virtual Machines. The company wants to ensure that end user load is distributed across the virtual machines. The virtual machine requesting the service from the user should be done in such a manner that it provides the least latency for the request and response traffic.
Based on the service chosen in Question 4, which of the following would you use as the feature to implement?
Correct
Since we are going to be using the Traffic Manager service, we have to use the Routing methods available with the Traffic Manager service.
The Microsoft documentation mentions the following
All of the other options are incorrect since these are not linked to the Traffic Manager service.
For more information on the Azure Traffic Manager routing methods, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods
Incorrect
Since we are going to be using the Traffic Manager service, we have to use the Routing methods available with the Traffic Manager service.
The Microsoft documentation mentions the following
All of the other options are incorrect since these are not linked to the Traffic Manager service.
For more information on the Azure Traffic Manager routing methods, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods
Unattempted
Since we are going to be using the Traffic Manager service, we have to use the Routing methods available with the Traffic Manager service.
The Microsoft documentation mentions the following
All of the other options are incorrect since these are not linked to the Traffic Manager service.
For more information on the Azure Traffic Manager routing methods, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods
Question 40 of 75
40. Question
A company wants to deploy an application to Azure. The application has the below requirements
Give the ability to install and provide access to the full .Net framework
Allow administrative access to the operating system
Provide a level of redundancy if an Azure region fails
You decide to deploy 2 Azure Virtual Machines in 2 separate regions. And then you create a Traffic Manager Profile
Does this solution meet the requirement?
Correct
Yes, this will meet all the requirements. Since you are using Azure Virtual Machines, IT administrators can get the required access. You can also then get the required access to the underlying software including the .Net framework.
Using a Traffic Manager profile along with the failover routing policy can ensure the requirement for redundancy is fulfilled.
For more information on Azure Traffic Manager, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Incorrect
Yes, this will meet all the requirements. Since you are using Azure Virtual Machines, IT administrators can get the required access. You can also then get the required access to the underlying software including the .Net framework.
Using a Traffic Manager profile along with the failover routing policy can ensure the requirement for redundancy is fulfilled.
For more information on Azure Traffic Manager, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Unattempted
Yes, this will meet all the requirements. Since you are using Azure Virtual Machines, IT administrators can get the required access. You can also then get the required access to the underlying software including the .Net framework.
Using a Traffic Manager profile along with the failover routing policy can ensure the requirement for redundancy is fulfilled.
For more information on Azure Traffic Manager, please visit the below URL https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Question 41 of 75
41. Question
A company wants to deploy an application to Azure. The application has the below requirements
Give the ability to install and provide access to the full .Net framework
Allow administrative access to the operating system
Provide a level of redundancy if an Azure region fails
You decide to deploy a web app using the Isolated App Service plan
Does this solution meet the requirement?
A company wants to deploy an application to Azure. The application has the below requirements
Give the ability to install and provide access to the full .Net framework
Allow administrative access to the operating system
Provide a level of redundancy if an Azure region fails
You decide to deploy 2 Azure Virtual Machines in 2 separate regions. And then you create an Azure Load balancer
Does this solution meet the requirement?
A company wants to make use of a data storage solution in Azure. The data storage solution must have the option for storage of archive-based documents. The storage solution must offer a cost-effective solution for long term storage of these files.
Based on the storage solution, which of the following would you choose as the data storage type?
Correct
Since we need to use Azure Storage Accounts for this requirement, we have to choose General Purpose v2.
The Microsoft documentation mentions the following on the support for tiering
Since this is the ideal option, all other options are incorrect
For more information on Azure Blob storage tiers, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Incorrect
Since we need to use Azure Storage Accounts for this requirement, we have to choose General Purpose v2.
The Microsoft documentation mentions the following on the support for tiering
Since this is the ideal option, all other options are incorrect
For more information on Azure Blob storage tiers, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Unattempted
Since we need to use Azure Storage Accounts for this requirement, we have to choose General Purpose v2.
The Microsoft documentation mentions the following on the support for tiering
Since this is the ideal option, all other options are incorrect
For more information on Azure Blob storage tiers, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Question 44 of 75
44. Question
A company wants to make use of a data storage solution in Azure. The data storage solution must have the option for storage of archive-based documents. The storage solution must offer a cost-effective solution for long term storage of these files.
Which of the following would you choose as the underlying data storage solution?
Correct
All other options are incorrect since these are no meant for storage of documents or files. You can use the Blob service available with Azure storage accounts for storage of archive-based documents.
The Microsoft documentation mentions the following
For more information on Azure Blob storage tiers, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Incorrect
All other options are incorrect since these are no meant for storage of documents or files. You can use the Blob service available with Azure storage accounts for storage of archive-based documents.
The Microsoft documentation mentions the following
For more information on Azure Blob storage tiers, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Unattempted
All other options are incorrect since these are no meant for storage of documents or files. You can use the Blob service available with Azure storage accounts for storage of archive-based documents.
The Microsoft documentation mentions the following
For more information on Azure Blob storage tiers, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Question 45 of 75
45. Question
A company wants to migrate a set of resources from their on-premise data center onto Azure. Below are the requirements for each application
Name Requirement
skillcertlabappA This application is based entirely on docker contains. The underlying service must provide the ability to manage the contains and also provide automatically scaling.
skillcertlabappB This is a web-based application. The application needs to be ported to a service which can scale automatically. Minimum administrative overhead is expected.
skillcertlabappC This application needs to run on demand. The solution must focus on minimizing costs.
Which of the following would you consider for hosting the application “skillcertlabappA”?
Correct
If you are looking for a fully managed service to host docker based applications, then look towards using the Azure Kubernetes service
The Microsoft documentation mentions the following
Option A is incorrect because this is a serverless service that is used to run code on Azure
Option B is incorrect because this is a workflow-based service
Option D is incorrect because even though you can host Kubernetes on a virtual machine, it wouldn’t be a fully managed service
Option E is incorrect because this is used for hosting web applications. It can host docker based web applications, but if you want a service to manage the contains, using Kubernetes is more ideal
For more information on Kubernetes, please visit the below URL https://azure.microsoft.com/en-in/topic/what-is-kubernetes/
Incorrect
If you are looking for a fully managed service to host docker based applications, then look towards using the Azure Kubernetes service
The Microsoft documentation mentions the following
Option A is incorrect because this is a serverless service that is used to run code on Azure
Option B is incorrect because this is a workflow-based service
Option D is incorrect because even though you can host Kubernetes on a virtual machine, it wouldn’t be a fully managed service
Option E is incorrect because this is used for hosting web applications. It can host docker based web applications, but if you want a service to manage the contains, using Kubernetes is more ideal
For more information on Kubernetes, please visit the below URL https://azure.microsoft.com/en-in/topic/what-is-kubernetes/
Unattempted
If you are looking for a fully managed service to host docker based applications, then look towards using the Azure Kubernetes service
The Microsoft documentation mentions the following
Option A is incorrect because this is a serverless service that is used to run code on Azure
Option B is incorrect because this is a workflow-based service
Option D is incorrect because even though you can host Kubernetes on a virtual machine, it wouldn’t be a fully managed service
Option E is incorrect because this is used for hosting web applications. It can host docker based web applications, but if you want a service to manage the contains, using Kubernetes is more ideal
For more information on Kubernetes, please visit the below URL https://azure.microsoft.com/en-in/topic/what-is-kubernetes/
Question 46 of 75
46. Question
A company wants to migrate a set of resources from their on-premise data center onto Azure. Below are the requirements for each application
Name Requirement
skillcertlabappA This application is based entirely on docker contains. The underlying service must provide the ability to manage the contains and also provide automatically scaling.
skillcertlabappB This is a web-based application. The application needs to be ported to a service which can scale automatically. Minimum administrative overhead is expected.
skillcertlabappC This application needs to run on demand. The solution must focus on minimizing costs.
Which of the following would you consider for hosting the application “skillcertlabappB”?
Correct
You can use the managed service of Azure App Service to deploy your web-based application
The Microsoft documentation mentions the following
Option A is incorrect because this is a serverless service that is used to run code on Azure
Option B is incorrect because this is a workflow-based service
Option C is incorrect because this is an orchestration-based service for container-based applications
Option D is incorrect because even though you can host Web applications on a virtual machine, it wouldn’t be a fully managed service
For more information on Azure App service, please visit the below URL https://docs.microsoft.com/en-us/azure/app-service/overview
Incorrect
You can use the managed service of Azure App Service to deploy your web-based application
The Microsoft documentation mentions the following
Option A is incorrect because this is a serverless service that is used to run code on Azure
Option B is incorrect because this is a workflow-based service
Option C is incorrect because this is an orchestration-based service for container-based applications
Option D is incorrect because even though you can host Web applications on a virtual machine, it wouldn’t be a fully managed service
For more information on Azure App service, please visit the below URL https://docs.microsoft.com/en-us/azure/app-service/overview
Unattempted
You can use the managed service of Azure App Service to deploy your web-based application
The Microsoft documentation mentions the following
Option A is incorrect because this is a serverless service that is used to run code on Azure
Option B is incorrect because this is a workflow-based service
Option C is incorrect because this is an orchestration-based service for container-based applications
Option D is incorrect because even though you can host Web applications on a virtual machine, it wouldn’t be a fully managed service
For more information on Azure App service, please visit the below URL https://docs.microsoft.com/en-us/azure/app-service/overview
Question 47 of 75
47. Question
A company wants to migrate a set of resources from their on-premise data center onto Azure. Below are the requirements for each application
Name Requirement
skillcertlabappA This application is based entirely on docker contains. The underlying service must provide the ability to manage the contains and also provide automatically scaling.
skillcertlabappB This is a web-based application. The application needs to be ported to a service which can scale automatically. Minimum administrative overhead is expected.
skillcertlabappC This application needs to run on demand. The solution must focus on minimizing costs.
Which of the following would you consider for hosting the application “skillcertlabappC”?
Correct
This is the ideal cost-effective solution to run code on demand on Azure.
The Microsoft documentation mentions the following
Option B is incorrect because this is a workflow-based service
Option C is incorrect because this is an orchestration-based service for container-based applications
Option D is incorrect because even though you can host applications on a virtual machine, it would be less cost-effective if you just want to run code on demand.
Option E is incorrect because this is used as a platform for hosting web-based applications. We could use the web jobs feature, but this would not be effective from a costing perspective.
For more information on Azure Functions, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-functions/functions-overview
Incorrect
This is the ideal cost-effective solution to run code on demand on Azure.
The Microsoft documentation mentions the following
Option B is incorrect because this is a workflow-based service
Option C is incorrect because this is an orchestration-based service for container-based applications
Option D is incorrect because even though you can host applications on a virtual machine, it would be less cost-effective if you just want to run code on demand.
Option E is incorrect because this is used as a platform for hosting web-based applications. We could use the web jobs feature, but this would not be effective from a costing perspective.
For more information on Azure Functions, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-functions/functions-overview
Unattempted
This is the ideal cost-effective solution to run code on demand on Azure.
The Microsoft documentation mentions the following
Option B is incorrect because this is a workflow-based service
Option C is incorrect because this is an orchestration-based service for container-based applications
Option D is incorrect because even though you can host applications on a virtual machine, it would be less cost-effective if you just want to run code on demand.
Option E is incorrect because this is used as a platform for hosting web-based applications. We could use the web jobs feature, but this would not be effective from a costing perspective.
For more information on Azure Functions, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-functions/functions-overview
Question 48 of 75
48. Question
A company wants to migrate an existing application onto Azure. The application currently runs as docker based containers.
The company has setup the following
A Virtual network
An Azure SQL database as the data store
They also need the following services
Service1- This service should be a fully managed service capable of storing the images for the application
Service2- This service should be able to manage and scale the application
Service3 – This service should be able to control access to the resources for Service2
Which of the following would you consider for Service3?
A company wants to migrate an existing application onto Azure. The application currently runs as docker based containers.
The company has setup the following
A Virtual network
An Azure SQL database as the data store
They also need the following services
Service1- This service should be a fully managed service capable of storing the images for the application
Service2- This service should be able to manage and scale the application
Service3 – This service should be able to control access to the resources for Service2
Which of the following would you consider for Service2?
A company wants to migrate an existing application onto Azure. The application currently runs as docker based containers.
The company has setup the following
A Virtual network
An Azure SQL database as the data store
They also need the following services
Service1- This service should be a fully managed service capable of storing the images for the application
Service2- This service should be able to manage and scale the application
Service3 – This service should be able to control access to the resources for Service2
Which of the following would you consider for Service1?
A company wants to migrate the following resources to Azure.
A set of Hyper-V servers running on a Hyper-V host
A set of VMware servers managed via a vCenter Server
A set of web applications
The company wants to design the solution in Azure based on the following key requirements
The capacity requirements in Azure must be determined beforehand.
Indicative costs for provisioning resources in Azure must be determined beforehand.
Wherever possible PaaS services should be used
The resources in Azure would be used across multiple departments within the company
Which of the following can be part of the design phase to determine the capacity and cost requirements for the servers?
Correct
You can use the Azure Migrate tool to get an indicator on the capacity and costs for migrating VMware servers onto Azure. So, this can be part of the design planning stage. Remember that this tool only works for VMware environments.
The Microsoft documentation mentions the following
Option A is incorrect since this is used along with the Azure Site Recovery Service for the migration of servers onto Azure.
Option C is incorrect since this is used to provide recommendations on various aspects such as Security and Performance for your existing resources in Azure.
Option D is incorrect since this is used to view your costs over time for your Azure resources
For more information on the Azure Migrate Tool, please visit the below URL https://docs.microsoft.com/en-us/azure/migrate/migrate-overview
Incorrect
You can use the Azure Migrate tool to get an indicator on the capacity and costs for migrating VMware servers onto Azure. So, this can be part of the design planning stage. Remember that this tool only works for VMware environments.
The Microsoft documentation mentions the following
Option A is incorrect since this is used along with the Azure Site Recovery Service for the migration of servers onto Azure.
Option C is incorrect since this is used to provide recommendations on various aspects such as Security and Performance for your existing resources in Azure.
Option D is incorrect since this is used to view your costs over time for your Azure resources
For more information on the Azure Migrate Tool, please visit the below URL https://docs.microsoft.com/en-us/azure/migrate/migrate-overview
Unattempted
You can use the Azure Migrate tool to get an indicator on the capacity and costs for migrating VMware servers onto Azure. So, this can be part of the design planning stage. Remember that this tool only works for VMware environments.
The Microsoft documentation mentions the following
Option A is incorrect since this is used along with the Azure Site Recovery Service for the migration of servers onto Azure.
Option C is incorrect since this is used to provide recommendations on various aspects such as Security and Performance for your existing resources in Azure.
Option D is incorrect since this is used to view your costs over time for your Azure resources
For more information on the Azure Migrate Tool, please visit the below URL https://docs.microsoft.com/en-us/azure/migrate/migrate-overview
Question 52 of 75
52. Question
A company wants to migrate the following resources to Azure.
A set of Hyper-V servers running on a Hyper-V host
A set of VMware servers managed via a vCenter Server
A set of web applications
The company wants to design the solution in Azure based on the following key requirements
The capacity requirements in Azure must be determined beforehand.
Indicative costs for provisioning resources in Azure must be determined beforehand.
Wherever possible PaaS services should be used
The resources in Azure would be used across multiple departments within the company
The company wants to segregate the billing of Azure resources across the multiple departments in the company. Which of the following could be used to fulfil this requirement?
Correct
Tags can be used as an effective means for billing purposes. The Microsoft documentation mentions the following
In the Cost Analysis section, you can actually create a filter based on the tag as shown below.
Option A is incorrect since this is used mainly from a governance perspective
Option C is incorrect since this is used to provide recommendations for the resources hosted in Azure
Option D is incorrect since this is used to prevent the accidental modification or deletion of resources
For more information on resource group tags, please go to the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags
Incorrect
Tags can be used as an effective means for billing purposes. The Microsoft documentation mentions the following
In the Cost Analysis section, you can actually create a filter based on the tag as shown below.
Option A is incorrect since this is used mainly from a governance perspective
Option C is incorrect since this is used to provide recommendations for the resources hosted in Azure
Option D is incorrect since this is used to prevent the accidental modification or deletion of resources
For more information on resource group tags, please go to the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags
Unattempted
Tags can be used as an effective means for billing purposes. The Microsoft documentation mentions the following
In the Cost Analysis section, you can actually create a filter based on the tag as shown below.
Option A is incorrect since this is used mainly from a governance perspective
Option C is incorrect since this is used to provide recommendations for the resources hosted in Azure
Option D is incorrect since this is used to prevent the accidental modification or deletion of resources
For more information on resource group tags, please go to the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags
Question 53 of 75
53. Question
A company wants to run a series of tasks using the Azure Batch service. They have the following key requirements
Large-scale parallel execution of Azure Batch jobs.
Minimize costs to run the solution
Which of the following would you consider implementing for the Virtual Machines for running the Batch jobs?
Correct
The Azure Batch service already gives you the capability of running processes in parallel. If you want to ensure minimum costs for your solution, then you can consider using low priority nodes.
Option A is incorrect since this is not supported as per the Microsoft documentation as given below
Option B is incorrect since this is used if you have tightly coupled workloads that need to run on the Azure Batch service.
Option D is incorrect since this is used if you have unpredictable workloads to run in Azure.,
For more information on an example of using the Azure Batch service, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/batch/tutorial-parallel-dotnet
Incorrect
The Azure Batch service already gives you the capability of running processes in parallel. If you want to ensure minimum costs for your solution, then you can consider using low priority nodes.
Option A is incorrect since this is not supported as per the Microsoft documentation as given below
Option B is incorrect since this is used if you have tightly coupled workloads that need to run on the Azure Batch service.
Option D is incorrect since this is used if you have unpredictable workloads to run in Azure.,
For more information on an example of using the Azure Batch service, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/batch/tutorial-parallel-dotnet
Unattempted
The Azure Batch service already gives you the capability of running processes in parallel. If you want to ensure minimum costs for your solution, then you can consider using low priority nodes.
Option A is incorrect since this is not supported as per the Microsoft documentation as given below
Option B is incorrect since this is used if you have tightly coupled workloads that need to run on the Azure Batch service.
Option D is incorrect since this is used if you have unpredictable workloads to run in Azure.,
For more information on an example of using the Azure Batch service, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/batch/tutorial-parallel-dotnet
Question 54 of 75
54. Question
A company wants to setup a storage account in Azure. Below are the primary requirements
Ability to store documents
Be available in the event of a data center failure
Minimize on costs
Which of the following would you choose as the replication strategy for the storage account?
Correct
Here the most cost-effective replication technique would be Zone-redundant storage (ZRS).
The Microsoft documentation mentions the following
Option A is incorrect since this would not make data available in the event of a data center failure
Options C and D are incorrect since these are not cost-effective replication strategies based on the requirements
For more information on Azure storage account replication, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
Incorrect
Here the most cost-effective replication technique would be Zone-redundant storage (ZRS).
The Microsoft documentation mentions the following
Option A is incorrect since this would not make data available in the event of a data center failure
Options C and D are incorrect since these are not cost-effective replication strategies based on the requirements
For more information on Azure storage account replication, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
Unattempted
Here the most cost-effective replication technique would be Zone-redundant storage (ZRS).
The Microsoft documentation mentions the following
Option A is incorrect since this would not make data available in the event of a data center failure
Options C and D are incorrect since these are not cost-effective replication strategies based on the requirements
For more information on Azure storage account replication, please go to the below URL https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
Question 55 of 75
55. Question
A company wants to setup the following architecture in Azure
A web application hosted on a set of two virtual machines
Users would be accessing the web application via the URL https://skillcertlabs.com
A database hosted on a set of two virtual machines
The database would be listening for connections on port 1433
A Public facing load balancer for the web application layer
An Internal load balancer for the database layer
How many frontend IP addresses need to be assigned to the public load balancer?
Correct
Since the users would be accessing the application via a secure URL, that means the load balancer needs to be listening on port 443. Hence here we just need one frontend IP configuration.
Since this is the ideal approach, all other options are incorrect
For more information on the Azure Load balancer, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Incorrect
Since the users would be accessing the application via a secure URL, that means the load balancer needs to be listening on port 443. Hence here we just need one frontend IP configuration.
Since this is the ideal approach, all other options are incorrect
For more information on the Azure Load balancer, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Unattempted
Since the users would be accessing the application via a secure URL, that means the load balancer needs to be listening on port 443. Hence here we just need one frontend IP configuration.
Since this is the ideal approach, all other options are incorrect
For more information on the Azure Load balancer, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Question 56 of 75
56. Question
A startup company named Contoso Security has recently adopted Azure as their cloud platform of choice. Contoso security is a cloud-first company with all identity and services running on Azure Active Directory and have a strong focus on security and automation. There are currently 800 users in the organization. They have the following requirements:
· Cloud authentication which includes pass-through auth, password hash sync, seamless SSO.
· Self-Service Password Change for cloud users
· Most cost-effective solution
Which of the following licenses would suffice?
A startup company named Contoso Security has recently adopted Azure as their cloud platform of choice. Contoso security is a cloud-first company with all identity and services running on Azure Active Directory and have a strong focus on security and automation. There are currently 800 users in the organization. They have the following requirements:
· Automatically add or remove users to certain groups in Azure AD based on specified criteria
· Multi-Factor authentication based on specific requirements
· Most cost-effective solution
Which of the following licenses would suffice?
A team has a .Net application that needs to run on a Virtual machine. The application on the Virtual machine must authenticate using the same Azure AD Identity.
In order to generate a request token, which of the following would be used?
Correct
To generate the token, you have to use the Azure Instance Metadata Service Identity. The workflow is also given in the Microsoft documentation
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on Managed service identities, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Incorrect
To generate the token, you have to use the Azure Instance Metadata Service Identity. The workflow is also given in the Microsoft documentation
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on Managed service identities, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Unattempted
To generate the token, you have to use the Azure Instance Metadata Service Identity. The workflow is also given in the Microsoft documentation
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on Managed service identities, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Question 59 of 75
59. Question
A team has a .Net application that needs to run on a Virtual machine. The application on the Virtual machine must authenticate using the same Azure AD Identity.
Which of the following would be done to provision the Azure AD Identity?
Correct
Here we can simply use a system assigned Managed Service Identity. This can be done for the Virtual machine. The Microsoft documentation mentions the following
Option D is incorrect since we just have a single virtual machine that needs an identity provisioned in Azure AD.
Options B and C are incorrect because you need to use Managed service identities.
For more information on Managed service identities, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Incorrect
Here we can simply use a system assigned Managed Service Identity. This can be done for the Virtual machine. The Microsoft documentation mentions the following
Option D is incorrect since we just have a single virtual machine that needs an identity provisioned in Azure AD.
Options B and C are incorrect because you need to use Managed service identities.
For more information on Managed service identities, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Unattempted
Here we can simply use a system assigned Managed Service Identity. This can be done for the Virtual machine. The Microsoft documentation mentions the following
Option D is incorrect since we just have a single virtual machine that needs an identity provisioned in Azure AD.
Options B and C are incorrect because you need to use Managed service identities.
For more information on Managed service identities, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Question 60 of 75
60. Question
A team has an application that receives data from IoT based devices. The data is sent to CosmosDB which uses the SQL API. A notification needs to be sent when data is received from the IoT devices. Which of the following can be part of the implementation? Choose 2 answers from the options give below
Correct
You can use the CosmosDB connector for Azure Logic App to trigger a workflow when data is sent to CosmosDB. The Microsoft documentation mentions the following
You can use SendGrid to send emails from the Log App. The Microsoft documentation mentions the following
Options B and D are incorrect since you would need to use Azure Logic Apps to build a workflow
For more information on the connectors, please visit the below URL https://docs.microsoft.com/en-us/connectors/documentdb/ https://docs.microsoft.com/en-us/azure/connectors/connectors-create-api-sendgrid
Incorrect
You can use the CosmosDB connector for Azure Logic App to trigger a workflow when data is sent to CosmosDB. The Microsoft documentation mentions the following
You can use SendGrid to send emails from the Log App. The Microsoft documentation mentions the following
Options B and D are incorrect since you would need to use Azure Logic Apps to build a workflow
For more information on the connectors, please visit the below URL https://docs.microsoft.com/en-us/connectors/documentdb/ https://docs.microsoft.com/en-us/azure/connectors/connectors-create-api-sendgrid
Unattempted
You can use the CosmosDB connector for Azure Logic App to trigger a workflow when data is sent to CosmosDB. The Microsoft documentation mentions the following
You can use SendGrid to send emails from the Log App. The Microsoft documentation mentions the following
Options B and D are incorrect since you would need to use Azure Logic Apps to build a workflow
For more information on the connectors, please visit the below URL https://docs.microsoft.com/en-us/connectors/documentdb/ https://docs.microsoft.com/en-us/azure/connectors/connectors-create-api-sendgrid
Question 61 of 75
61. Question
A team has an Azure CosmosDB account. A solution needs to be in place to generate an alert from Azure Log Analytics when a query request charge exceeds 40 units more than 10 times during a 10-minute window. Which of the following would you recommend? Choose 2 answers from the options given below
Correct
If you look at the table for the log entries in Azure Log Analytics, you can see that in order to monitor the request unit rate, we have to check for the requestCharge_s log entry.
You can then generate alerts in Azure Monitor based on the period and frequency
Option B is incorrect since the question states to check if the request charge exceeds 40 units
Option C is incorrect since this is the wrong metric to monitor
For more information on CosmoDB logging, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/cosmos-db/logging
Incorrect
If you look at the table for the log entries in Azure Log Analytics, you can see that in order to monitor the request unit rate, we have to check for the requestCharge_s log entry.
You can then generate alerts in Azure Monitor based on the period and frequency
Option B is incorrect since the question states to check if the request charge exceeds 40 units
Option C is incorrect since this is the wrong metric to monitor
For more information on CosmoDB logging, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/cosmos-db/logging
Unattempted
If you look at the table for the log entries in Azure Log Analytics, you can see that in order to monitor the request unit rate, we have to check for the requestCharge_s log entry.
You can then generate alerts in Azure Monitor based on the period and frequency
Option B is incorrect since the question states to check if the request charge exceeds 40 units
Option C is incorrect since this is the wrong metric to monitor
For more information on CosmoDB logging, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/cosmos-db/logging
Question 62 of 75
62. Question
A team has created a storage account in Azure. They also have the following object available in the storage account
Currently the Sample.txt file will be stored
Correct
The Microsoft documentation mentions that the object will be set at a lower storage cost.
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on the storage tiers, please visit the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Incorrect
The Microsoft documentation mentions that the object will be set at a lower storage cost.
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on the storage tiers, please visit the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Unattempted
The Microsoft documentation mentions that the object will be set at a lower storage cost.
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on the storage tiers, please visit the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Question 63 of 75
63. Question
A team has created a storage account in Azure. They also have the following object available in the storage account
In order to access the Sample.txt file, which of the following must be done first?
Correct
In order to access the BLOB, since it is in the archive access tier, you need to first change the access tier for the blob object. The Microsoft documentation mentions the following
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on the storage tiers, please visit the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Incorrect
In order to access the BLOB, since it is in the archive access tier, you need to first change the access tier for the blob object. The Microsoft documentation mentions the following
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on the storage tiers, please visit the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Unattempted
In order to access the BLOB, since it is in the archive access tier, you need to first change the access tier for the blob object. The Microsoft documentation mentions the following
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on the storage tiers, please visit the below URL https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
Question 64 of 75
64. Question
A team has just setup an Azure SQL database. They are planning on enabling the diagnostics for the underlying Azure SQL server as shown below
What is the amount of time SQLInsights data will be stored in BLOB storage?
Correct
Since the retention for SQLInsights is specified as 90 days , hence the data will be stored for that duration of time.
Since this is clear from the above representation, all other options are incorrect
For more information on SQL Server database metrics, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/sql-database/sql-database-metrics-diag-logging
Incorrect
Since the retention for SQLInsights is specified as 90 days , hence the data will be stored for that duration of time.
Since this is clear from the above representation, all other options are incorrect
For more information on SQL Server database metrics, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/sql-database/sql-database-metrics-diag-logging
Unattempted
Since the retention for SQLInsights is specified as 90 days , hence the data will be stored for that duration of time.
Since this is clear from the above representation, all other options are incorrect
For more information on SQL Server database metrics, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/sql-database/sql-database-metrics-diag-logging
Question 65 of 75
65. Question
A team has just setup an Azure SQL database. They are planning on enabling the diagnostics for the underlying Azure SQL server as shown below
What is the maximum amount of time that SQLInsights data can be stored in Azure Log Analytics?
Correct
There is no limit on the amount or retention of data in Azure Log Analytics. In Azure Log Analytics, you get charged for the data ingestion and retention. But the service itself is automatically scalable in terms of storage requirements.
The data retention policy only refers when sending logs to Event Hubs or to a storage account. This is also given in the Microsoft documentation
There is no limit on the amount or retention of data in Azure Log Analytics. In Azure Log Analytics, you get charged for the data ingestion and retention. But the service itself is automatically scalable in terms of storage requirements.
The data retention policy only refers when sending logs to Event Hubs or to a storage account. This is also given in the Microsoft documentation
There is no limit on the amount or retention of data in Azure Log Analytics. In Azure Log Analytics, you get charged for the data ingestion and retention. But the service itself is automatically scalable in terms of storage requirements.
The data retention policy only refers when sending logs to Event Hubs or to a storage account. This is also given in the Microsoft documentation
A team is planning on deploying Azure resources by using Resource Manager templates. The templates need to reference secrets that are stored in Azure Key vault. You need to ensure deployments can be made accordingly.
Which of the following would you need to enable in the Azure key vault to ensure the templates can reference the secrets stored in the vault?
Correct
This is clearly given in the documentation. In order for Resource Manager templates to access Azure Key vault , you need to enable the setting in the Advanced policy section for the Key vault.
Since this is clearly given in the documentation, all other options are invalid
For more information on using the Azure Key vault from Resource Manager templates, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
Incorrect
This is clearly given in the documentation. In order for Resource Manager templates to access Azure Key vault , you need to enable the setting in the Advanced policy section for the Key vault.
Since this is clearly given in the documentation, all other options are invalid
For more information on using the Azure Key vault from Resource Manager templates, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
Unattempted
This is clearly given in the documentation. In order for Resource Manager templates to access Azure Key vault , you need to enable the setting in the Advanced policy section for the Key vault.
Since this is clearly given in the documentation, all other options are invalid
For more information on using the Azure Key vault from Resource Manager templates, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
Question 67 of 75
67. Question
A team is planning on deploying Azure resources by using Resource Manager templates. The templates need to reference secrets that are stored in Azure Key vault. You need to ensure deployments can be made accordingly.
Which of the following would you use to restrict access to the secrets in the key vault?
Correct
The Microsoft documentation clearly gives the steps for this. One of them is to ensure the identity deploying the template has the right permissions. This can be done with the help of Role based access.
Since this is clearly given in the documentation, all other options are invalid
For more information on accessing secrets from Resource Manager templates, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter
Incorrect
The Microsoft documentation clearly gives the steps for this. One of them is to ensure the identity deploying the template has the right permissions. This can be done with the help of Role based access.
Since this is clearly given in the documentation, all other options are invalid
For more information on accessing secrets from Resource Manager templates, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter
Unattempted
The Microsoft documentation clearly gives the steps for this. One of them is to ensure the identity deploying the template has the right permissions. This can be done with the help of Role based access.
Since this is clearly given in the documentation, all other options are invalid
For more information on accessing secrets from Resource Manager templates, please visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter
Question 68 of 75
68. Question
A team is setting the below policy for the backup of Azure virtual machines
What is the minimum recovery point objective for virtual machines backed up by this policy?
Correct
Since there is a backup being taken every day, the minimum recovery point objective is one day.
Recovery point objective is the point to which you can recover back to based on the backup’s being taken. Since the backups are being taken every day, there would be a recovery point available on a daily basic.
Since this evident from the settings of the Azure policy, all other options are incorrect
For more information on the Azure backup architecture, please visit the below URL https://docs.microsoft.com/en-us/azure/backup/backup-architecture
Incorrect
Since there is a backup being taken every day, the minimum recovery point objective is one day.
Recovery point objective is the point to which you can recover back to based on the backup’s being taken. Since the backups are being taken every day, there would be a recovery point available on a daily basic.
Since this evident from the settings of the Azure policy, all other options are incorrect
For more information on the Azure backup architecture, please visit the below URL https://docs.microsoft.com/en-us/azure/backup/backup-architecture
Unattempted
Since there is a backup being taken every day, the minimum recovery point objective is one day.
Recovery point objective is the point to which you can recover back to based on the backup’s being taken. Since the backups are being taken every day, there would be a recovery point available on a daily basic.
Since this evident from the settings of the Azure policy, all other options are incorrect
For more information on the Azure backup architecture, please visit the below URL https://docs.microsoft.com/en-us/azure/backup/backup-architecture
Question 69 of 75
69. Question
A team is setting the below policy for the backup of Azure virtual machines
Which of the following is the maximum time that a virtual machine would be available for recovery based on the policy?
Correct
Since there is a yearly recovery point in place, that would be retained for 2 years, this would be the maximum time over which the backup of the virtual machine would be available for.
Since this evident from the settings of the Azure policy, all other options are incorrect
For more information on the Azure backup architecture, please visit the below URL https://docs.microsoft.com/en-us/azure/backup/backup-architecture
Incorrect
Since there is a yearly recovery point in place, that would be retained for 2 years, this would be the maximum time over which the backup of the virtual machine would be available for.
Since this evident from the settings of the Azure policy, all other options are incorrect
For more information on the Azure backup architecture, please visit the below URL https://docs.microsoft.com/en-us/azure/backup/backup-architecture
Unattempted
Since there is a yearly recovery point in place, that would be retained for 2 years, this would be the maximum time over which the backup of the virtual machine would be available for.
Since this evident from the settings of the Azure policy, all other options are incorrect
For more information on the Azure backup architecture, please visit the below URL https://docs.microsoft.com/en-us/azure/backup/backup-architecture
Question 70 of 75
70. Question
A team needs to deploy an application onto Azure. The application will be used to perform intensive and long compute calculations. You need to deploy the solution to Azure. Below are the key requirements
Ensure every compute node can communicate with each other
Maximize the number of nodes to perform the computations faster
Least amount of effort to implement the entire solution
Which of the following would you use as the service for hosting the solution?
Correct
The ideal solution to use for this is the Azure Batch Service. The Microsoft documentation mentions the following
Options A and B are incorrect since these are load balancing solutions
Option C is incorrect since this should be used for applications that need to scale on demand
For more information on the Azure Batch service, please visit the below URL https://docs.microsoft.com/en-us/azure/batch/batch-technical-overview
Incorrect
The ideal solution to use for this is the Azure Batch Service. The Microsoft documentation mentions the following
Options A and B are incorrect since these are load balancing solutions
Option C is incorrect since this should be used for applications that need to scale on demand
For more information on the Azure Batch service, please visit the below URL https://docs.microsoft.com/en-us/azure/batch/batch-technical-overview
Unattempted
The ideal solution to use for this is the Azure Batch Service. The Microsoft documentation mentions the following
Options A and B are incorrect since these are load balancing solutions
Option C is incorrect since this should be used for applications that need to scale on demand
For more information on the Azure Batch service, please visit the below URL https://docs.microsoft.com/en-us/azure/batch/batch-technical-overview
Question 71 of 75
71. Question
A team needs to deploy an application onto Azure. The application will be used to perform intensive and long compute calculations. You need to deploy the solution to Azure. Below are the key requirements
Ensure every compute node can communicate with each other
Maximize the number of nodes to perform the computations faster
Least amount of effort to implement the entire solution
Which of the following would you implement within the service?
Correct
Since we are going to be using the Azure Batch Service to run the workloads, we need to ensure the tasks run in parallel. The Microsoft documentation mentions the following
Since this is the only ideal approach, all other options are incorrect
For more information on the Azure Batch service, please visit the below URL https://docs.microsoft.com/en-us/azure/batch/batch-technical-overview
Incorrect
Since we are going to be using the Azure Batch Service to run the workloads, we need to ensure the tasks run in parallel. The Microsoft documentation mentions the following
Since this is the only ideal approach, all other options are incorrect
For more information on the Azure Batch service, please visit the below URL https://docs.microsoft.com/en-us/azure/batch/batch-technical-overview
Unattempted
Since we are going to be using the Azure Batch Service to run the workloads, we need to ensure the tasks run in parallel. The Microsoft documentation mentions the following
Since this is the only ideal approach, all other options are incorrect
For more information on the Azure Batch service, please visit the below URL https://docs.microsoft.com/en-us/azure/batch/batch-technical-overview
Question 72 of 75
72. Question
A team needs to deploy resources using Azure Resource Manager templates. You have to ensure that the users performing the deployment don’t have the ability to view the connecting strings required by the application being deployed via the template. Which of the following would you use for this requirement?
Correct
The ideal service to use for this purpose is the Azure Key vault service. The Microsoft documentation mentions the following
All other options are incorrect since the ideal service to use for this requirement is the Azure Key vault service.
For more information on using the Azure Key vault service to protect application secrets, please visit the below URL https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/key-vault
Incorrect
The ideal service to use for this purpose is the Azure Key vault service. The Microsoft documentation mentions the following
All other options are incorrect since the ideal service to use for this requirement is the Azure Key vault service.
For more information on using the Azure Key vault service to protect application secrets, please visit the below URL https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/key-vault
Unattempted
The ideal service to use for this purpose is the Azure Key vault service. The Microsoft documentation mentions the following
All other options are incorrect since the ideal service to use for this requirement is the Azure Key vault service.
For more information on using the Azure Key vault service to protect application secrets, please visit the below URL https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/key-vault
Question 73 of 75
73. Question
A team wants to deploy a set of Linux based virtual machines onto an Azure subscription. They want to ensure that a set of packages get automatically installed when the machines are provisioned in Azure. Which of the following could they use for this purpose?
Correct
The Cloud-init feature can be used to install packages on Linux based virtual machines. The Microsoft documentation mentions the following
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on Infrastructure automation, please visit the below URL https://docs.microsoft.com/en-us/azure/virtual-machines/windows/infrastructure-automation
Incorrect
The Cloud-init feature can be used to install packages on Linux based virtual machines. The Microsoft documentation mentions the following
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on Infrastructure automation, please visit the below URL https://docs.microsoft.com/en-us/azure/virtual-machines/windows/infrastructure-automation
Unattempted
The Cloud-init feature can be used to install packages on Linux based virtual machines. The Microsoft documentation mentions the following
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on Infrastructure automation, please visit the below URL https://docs.microsoft.com/en-us/azure/virtual-machines/windows/infrastructure-automation
Question 74 of 75
74. Question
A testing team needs to create resources in an Azure subscription.
These resources will be pertinent to applications that ned to be tested in Azure. These applications will make use of shared resources and application specific resources.
You have to create a deployment solution that meets the following requirements
Minimize the administrative effort for the testing team to create the application environment
Ensure that the application environment can be created consistency multiple times
When the testing of the application is complete, all resources except for the shared resources should be deleted
Which of the following should be used to implement this requirement?
Correct
The ideal solution is to use Template deployment. Below is why Microsoft recommends a template deployment.
Also ensure separate resource group deployments. So, when the application needs to be deleted, you can just delete the resource group, so that all resources in the resource group get deleted.
Option B is incorrect since you should deploy shared resources and application specific resources to separate resources groups
Options C and D are incorrect since you should use JSON based templates for deployment
For more information on Resources Groups, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview
Incorrect
The ideal solution is to use Template deployment. Below is why Microsoft recommends a template deployment.
Also ensure separate resource group deployments. So, when the application needs to be deleted, you can just delete the resource group, so that all resources in the resource group get deleted.
Option B is incorrect since you should deploy shared resources and application specific resources to separate resources groups
Options C and D are incorrect since you should use JSON based templates for deployment
For more information on Resources Groups, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview
Unattempted
The ideal solution is to use Template deployment. Below is why Microsoft recommends a template deployment.
Also ensure separate resource group deployments. So, when the application needs to be deleted, you can just delete the resource group, so that all resources in the resource group get deleted.
Option B is incorrect since you should deploy shared resources and application specific resources to separate resources groups
Options C and D are incorrect since you should use JSON based templates for deployment
For more information on Resources Groups, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview
Question 75 of 75
75. Question
An application needs to be deployed onto Azure. This application will be hosted on a set of Virtual Machines. The below set of rules need to apply when it comes to diverting traffic for users
Users navigating to http://skillcertlabs.com/video/* need to be directed to one set of Virtual Machines
Users navigating to http://skillcertlabs.com/images/* need to be directed to another set of Virtual Machines
You need to setup the correct appliance which could be used to fulfil these requirements. Which of the following would you implement?
Correct
You can use the URL routing feature of the application gateway as shown below
Option A is incorrect since this is used to divert traffic based on DNS to multiple regions
Option B is incorrect since this can’t be used to divert traffic
Option D is incorrect since this is used to divert traffic from a Virtual Network over a VPN connection
For more information on the application gateway, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/application-gateway/overview
Incorrect
You can use the URL routing feature of the application gateway as shown below
Option A is incorrect since this is used to divert traffic based on DNS to multiple regions
Option B is incorrect since this can’t be used to divert traffic
Option D is incorrect since this is used to divert traffic from a Virtual Network over a VPN connection
For more information on the application gateway, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/application-gateway/overview
Unattempted
You can use the URL routing feature of the application gateway as shown below
Option A is incorrect since this is used to divert traffic based on DNS to multiple regions
Option B is incorrect since this can’t be used to divert traffic
Option D is incorrect since this is used to divert traffic from a Virtual Network over a VPN connection
For more information on the application gateway, please go ahead and visit the below URL https://docs.microsoft.com/en-us/azure/application-gateway/overview
X
Use Page numbers below to navigate to other practice tests