Skip to Content

AZ-900 Microsoft Azure Fundamentals Exam Questions and Answers – Page 5 Part 2

By: Author Alex Lim

Posted on

Categories Exam

The latest Microsoft AZ-900 Azure Fundamentals certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-900 Azure Fundamentals exam and earn Microsoft AZ-900 Azure Fundamentals certification.

Question 461

You have been tasked to create a solution to collect log files available inside the Dream Suites Azure subscription. The data from the log files should reside within a single workspace and allow administrators to query the data.

What solution below will meet the requirements?

A. Azure Network Watcher
B. Azure Service Health
*C. Azure Log Analytics
D. Azure Security Center

Explanation

Azure Log Analytics is a service that is used to collect log data from Azure and on-premises. Insights can be derived from this log repository and stored in a single workspace. A powerful expressive query language is available to transform log data into actionable insight. This option will provide the ability to collect log files in a single workspace.

The Azure Security Center feature is a robust management platform that allows monitoring of threats within on-premises and Azure workloads and to fix discovered vulnerabilities quickly. This security platform provides the visibility to visually manage the security posture of your on-premises and Azure assets. This option will not provide the ability to collect log files in a single workspace.

The Azure Service Health dashboard is the centralized place to track planned maintenance schedules, health advisories, and health alert notifications. This option will not provide the ability to collect log files in a single workspace.

The Azure Network Watcher service provides the ability to monitor network traffic among resources to identify latency, routing topology changes and view logs. For example, using the Azure Network Watcher feature you can monitor communication between virtual machines to diagnose routing issues or to determine if the endpoint is unreachable. This option will not provide the ability to collect log files in a single workspace.

Question 462

The Nutex Corporation wants to deploy Windows and Linux applications for its customers. They intend to use the capacity, scalability, and reach of Azure to accomplish this.

Which of the following statements about Azure virtual machines are TRUE? (Choose three.)

A. Virtual machines in the Stopped state do incur compute charges.
*B. Virtual machines in the Deallocated state do not incur compute costs.
C. Azure charges in real-time for the virtual machines’ size and operating system.
*D. OS disks on virtual machines can be resized.
*E. Virtual machines use virtual hard disks to store their operating system (OS) and data.
F. Existing virtual machines can be added to an Azure availability set.

Explanation

Azure virtual machines use virtual hard disks to store their operating system (OS) and data. These OS disks can be resized.

The default OS disk size on a virtual machine is usually 127 GB. However, some images have smaller OS disk sizes by default. Resizing the OS disk of a virtual machine requires the virtual machine to be deallocated first.

Virtual machines use virtual hard disks (VHDs) to store their operating system (OS) and data. VHDs are also used for the images chosen to install an OS.

An Azure virtual machine can have one of many power states:

  • Starting (virtual machine is being started)
  • Running (normally running)
  • Stopping (virtual machine is being stopped)
  • Stopped (virtual machine is stopped)
  • Deallocating (virtual machine is being deallocated)

When a VM is deallocated, the VM is removed from the hypervisor but is still available in the control plane). Virtual machines in the Stopped and Deallocated states do not incur compute charges. Although you are not paying compute charges, you still pay for storage costs for the OS and any disks attached to the VM and are billed for allocated cores.

It is not true that Azure charges in real-time for the virtual machines’ size and operating system. Azure charges an hourly price based on the virtual machine’s size and operating system. For partial hours, Azure charges only for the minutes used. Storage is priced and charged separately.

It is not true that existing virtual machines can be added to an Azure availability set. An availability set is a logical grouping that isolates virtual machines from each other after they are deployed. Azure makes sure that the virtual machines placed within an availability set run across multiple physical servers, network switches, compute racks, and storage units. If a hardware or software failure happens, the overall solution stays operational because only a subset of the virtual machines is impacted. If an existing virtual machine must be part of an availability set, the VM needs to be created within the set. Azure does not allow a virtual machine to be added to an availability set after the VM is already created.

Question 463

The Nutex Corporation wants to migrate its apps and services to Azure. Before doing so, they want to estimate the cost of managing apps and services on Azure. You are part of the product support team. You are asked to perform a feasibility analysis and create a migration plan, and to show the costs associated with adopting Azure.

Which of the following statements about Azure Price Calculator are TRUE? (Choose two.)

A. Azure Pricing Calculator displays the estimated cost only in $ (USD).
*B. Estimates made using the Azure Pricing Calculator can be saved for later use.
C. To run functions directly from a deployment package file of the function app, the function files must be deployed in the d:\home\site\functions directory of the function app.
*D. Estimates made on the Azure Pricing Calculator can be shared over email with other Azure users.
E. The Azure Pricing Calculator is only available for customers with an Enterprise Agreement.

Explanation

The following statements are true:

  • Estimates made on the Azure Pricing Calculator can be shared over email.
  • Estimates made using the Azure Pricing Calculator can be saved for later use.

To share an estimate with other users, scroll down to the bottom of the page and select Share. (If you are not signed in, you will be prompted to do so.) You will receive a unique URL, which you can share with others over IM or email. When others select the link, they will see the estimate that you configured.

Estimates can be saved. The pricing used to calculate an estimate may vary by day. An estimate is based on the prices applicable on the day the estimate was created.

The following statements are not true:

  • Azure Pricing Calculator displays the estimated cost only in $ (USD)
  • The Azure Pricing Calculator is only available for customers with an Enterprise Agreement.
  • Orchestrator functions are best suited for CPU-intensive tasks.
  • To run functions directly from a deployment package file of the function app, the function files must be deployed in the d:\home\site\functions directory of the function app.

Azure Pricing Calculator is not limited to displaying the estimated costs in $ (USD). After you configure your services, scroll down to the bottom of the page and use the drop-down menu to change the currency. The prices will immediately reflect the currency you choose.

Azure Pricing Calculator is available for all customers, not just customers with an Enterprise Agreement. The prices calculated to estimate the costs vary for regular customers, customers with an Enterprise Agreement, or customers with Microsoft Customer Agreements.

Orchestrator function threads should not perform CPU-intensive tasks, do I/O, or block for any reason. Orchestrator functions are executed on a single thread to ensure that execution can be deterministic across many replays. Since single-threaded execution is used, any work that may require I/O, blocking, or multiple threads should be moved into activity functions.

To run functions directly from a deployment package file of the function app, the function files must be deployed in the d:\home\site\wwroot directory of the function app, not the d:\home\site\functions directory of the function app.

Question 464

Microsoft Azure has datacenters in several locations in North America, Europe, and Asia.

Which of the following statements describes an Azure region?

A. A geographical area containing at least one, but potentially multiple, datacenters that are in close proximity and networked together through the Internet
*B. A geographical area containing one or more datacenters networked together with a low-latency network and are in close proximity
C. A geographical area containing more than one datacenter in close proximity networked together with a low-latency network
D. A geographical area containing only one datacenter

Explanation

An Azure region is a geographical area containing one or more datacenters that are networked together with a low-latency network and are in close proximity.

Azure has some special regions used for compliance or legal purposes:

  • Regions such as US DoD Central, US Gov Virginia, and US Gov Iowa are physical and logical network-isolated instances of Azure for use by US government agencies and their partners. They are operated by screened US persons. These regions contain additional compliance certifications.
  • Regions are available in Asia, China East, China North, and certain other countries through a unique partnership between Microsoft and 21Vianet. Microsoft does not directly maintain the datacenters.
  • Germany Central and Germany Northeast regions are available through a data trustee model whereby customer data remains in Germany under control of T-Systems, a German Telekom company, acting as the data trustee. Any user or enterprise that needs their data to reside in Germany can use this service.

Azure has regional pairing, which are two or more regions within the same geography. The lone exception is Brazil South, which is not paired with another region in the same geography. With regional pairing, platform updates (planned maintenance) are performed so that only one paired region is updated at a time. At least one region in each pair will be prioritized for recovery in the event of an outage affecting multiple regions.

Some services or virtual machine features are only available in certain regions.

Question 465

You have been tasked to investigate the types of models for the cloud. Which cloud model is totally owned by the cloud service provider?

A. Hybrid cloud
B. Private cloud
C. None of these options
*D. Public cloud

Explanation

A public cloud is owned by the cloud services provider (also referred to as the hosting provider). It serves multiple organizations and users who typically connect to the cloud service via the Internet or over a secure network connection.

A private cloud is owned and managed by the organizations that are served by the cloud itself. A cloud environment is created in their own datacenter, which provides self-service access to resources to their own users.

A hybrid cloud is a combination of both public and private models, allowing applications to be run in one or other location.

Question 466

Your company has a cloud-based application named MktTrends, which is used by the Marketing department. Which type of cloud computing model would deliver exactly 3.76GB of memory to the MktTrends application to complete a query task?

A. FaaS
B. PaaS
C. IaaS
*D. Serverless computing

Explanation

Serverless computing is used to deliver exact units of resources when an application needs it, unlike other cloud computing models where resources must be allocated ahead of time to be available when demanded. For example, if you use IaaS, you might add 4 GB of RAM so that an application has enough memory for peak usage times. Serverless computing allocates the exact amount that application needs, such as 3.76 GB, to complete the task.

All other options do not deliver the exact number of resources when the application needs it.

IaaS is a category of cloud computing services that is used by many cloud providers. With IaaS, you pay for resources such as servers, virtual machines (VMs), storage, networks, and operating systems from a cloud provider on a pay-as-you-go basis. These resources are provisioned and managed over the Internet.

Platform as a service (PaaS) provides a company with an environment for developing, running, debugging, testing, patching, and deploying software applications. PaaS allows you to quickly create an application without having to worry about managing the underlying infrastructure. PaaS eliminates the need to install an operating system, web server, server patches, or other infrastructure to create applications. PaaS creates a complete deployment environment in the cloud that has tools to deliver simple cloud-based apps or sophisticated cloud-enabled enterprise applications. The tools and resources are purchased from the service provider on a pay-as-you-go basis.

Function as a service (FaaS) is a type of service that uses a service-hosted remote procedure call. FaaS is a platform to run functions without worrying about the underlying infrastructure. FaaS lets the application logic created by developers execute, but the code is executed in stateless compute instances of the cloud provider.

Question 467

The Nutex Corporation plans to provide app management and monitoring services to some companies. The management wants you to discover ways to obtain customer-level usage and billing details.

Which of the following statements about Azure Subscriptions are TRUE? (Choose three.)

A. Each subscription can trust up to three Azure AD directories.
B. The accidental deletion of an Azure subscription by an admin user cannot be reversed.
*C. An Azure subscription can be transferred to an Azure account in another country.
*D. Multiple subscriptions can trust the same Azure AD directory, but each subscription can only trust a single directory.
E. An Azure subscription cannot contain multiple resource groups.
*F. Azure subscriptions help customers monitor the billing and usage of data granularly.

Explanation

The following statements are true:

  • Azure subscriptions help customers monitor the usage and billing data granularly.
  • Multiple subscriptions can trust the same Azure AD directory. However, each subscription can only trust one Azure AD directory.
  • An Azure subscription can be transferred to an Azure account in another country.

To monitor the usage and billing data granularly, customers can obtain usage and billing data by resource groups as well as others. The following shows you the different properties that can be used to segment costs.

Property When to use
Availability zones Break down AWS costs by availability zone.
Billing period Break down PAYG costs by the month they were (or will be) invoiced.
Charge type Break down usage, purchase, refund, and unused reservation costs.
Department Break down costs by EA department.
Enrollment account Break down costs by EA account owner.
Frequency Break down usage-based, one-time, and recurring costs.
Invoice ID Break down costs by billed invoice.
Meter Break down costs by usage meter.
Operation Break down AWS costs by operation.
Pricing mode Break costs down by on-demand, reservation, or spot usage.
Provider Break down costs by AWS and Azure.
Publisher type Break down AWS, Azure, and Marketplace costs.
Reservation Break down costs by reservation.
Resource Break down costs by resource.
Resource group Break down costs by resource group.
Resource type Break down costs by resource type.
Resource location Break down costs by location or region.
Service name or Meter category Break down cost by Azure service.
Service tier or Meter subcategory Break down cost by Azure usage meter subclassification.
Subscription Break down costs by Azure subscription and AWS linked account.
Tag Break down costs by tag values for a specific tag key.

An Azure subscription has a trust relationship with Azure Active Directory (Azure AD). Azure AD authenticates users, services, and devices of the Azure subscriptions that are added to the AD directory.

Cross-country transfers cannot be performed in the Azure portal. To transfer a subscription across countries, customers must contact the Microsoft Support team.

Azure subscriptions allow multiple resource groups to be added. Azure provides four levels of scope: management groups, subscriptions, resource groups, and resources. Management settings can be applied at any of these levels of scope. The level you select determines how widely the setting is used. Lower levels inherit settings from higher levels. For example, when you apply a policy to the subscription, the policy is applied to all resource groups and resources in your subscription. When you apply a policy on the resource group, that policy is applied to the resource group and all its resources.

Azure subscriptions can be reactivated if they are deleted by another admin user. If you are the Account Administrator and accidentally delete an individual subscription with pay-as-you-go rates, you can reactivate it in the Account Center.

Question 468

The Nutex Corporation wants to build apps on Azure. You are part of a Software Development operations team that must manage the operational aspects of developing apps.

Which of the following statements about Azure App Service are TRUE? (Choose two)

A. The Dedicated Compute Premium pricing tier of App Service runs dedicated Azure VMs on dedicated Azure Virtual Networks.
B. If an app’s Memory quota is exceeded, the app is stopped.
C. The per-app scaling setting is available only for Shared, Premium, Premium V2, and Isolated pricing tiers.
*D. The Dedicated Compute Premium pricing tier of App Service can host up to 100 Hybrid connections.
E. The auto swap feature is supported in web apps running in a Linux or Windows environment.
*F. Only apps hosted in the Dedicated Computer Premium pricing tier or higher can be restored from snapshots.

Explanation

The following statements are true:

  • The Dedicated Compute Premium pricing tier of App Service can host up to 100 hybrid connections.
  • Only apps hosted in the Dedicated Computer Premium pricing tier or higher can be restored from snapshots.

Hybrid connections provide access from the app to an application endpoint in another network. They do not enable an alternate capability to access the application. Each hybrid connection corresponds to a single TCP host and port combination, which means that the hybrid connection endpoint can be on any application and any operating system when a single TCP listening port is accessed.

The maximum allowed hybrid connections are as follows: Basic (5), Standard (10), Premium (100), and Isolated (200).

Apps can be restored to the previous state based on one of the apps’ snapshots. Azure saves a snapshot of all apps automatically. Snapshots are incremental shadow copies and are more beneficial than regular backups. Snapshots eliminate issues such as storage size limitations, file copy errors due to file locks, and backup configuration issues.

The following statements are not true:

  • If an app’s Memory quota is exceeded, the app is stopped.
  • The Dedicated Compute Premium pricing tier of App Service runs dedicated Azure VMs on dedicated Azure Virtual Networks.
  • The auto swap feature is supported in web apps running on a Linux or Windows environment.
  • The per-app scaling setting is available only in Shared, Premium, Premium V2, and Isolated pricing tiers.

All Dedicated Compute pricing tiers run apps on dedicated Azure VMs. Apps in the same App Service plan share compute resources for that plan. The higher tiers can scale-out more VM instances than lower tiers.

The Isolated pricing tier provides network isolation by running dedicated Azure VMs on dedicated Azure Virtual Networks. It provides compute isolation to the apps and the maximum scale-out capabilities.

The auto swap feature is supported in web apps running in a Windows environment only. Auto swap should be used where the app is to be deployed continuously with zero cold starts and zero downtime for app users. Auto swap is enabled from a slot into production every time the code changes are pushed to that slot. App Service automatically swaps the app into production after it has warmed up in the source slot.

The per-app scaling setting is available for Standard, Premium, Premium V2, and Isolated pricing tiers, not Shared or Free tier. Per-app scaling can be enabled at the level of an App Service plan to allow for scaling an app independently from the App Service plan that hosts it. This way, an App Service plan can be scaled to six instances, for example, but an app can be set to use only three.

If an app’s Memory quota is exceeded, the app is only restarted. The quotas for apps are CPU (short), CPU (Day), Memory, Bandwidth, and Filesystem. If an app exceeds the CPU (short), CPU (Day), or Bandwidth quota, the app is stopped until the quota resets and all incoming requests result in an HTTP 403 error. If the Filesystem quota is exceeded, any write operation fails. Write operation failures include writes to logs.

Question 469

Your company has created a structure of management groups and subscriptions. The following diagram shows an example of creating a hierarchy for governance using management groups:

Your company has created a structure of management groups and subscriptions.

A custom RBAC role named NutexCustomRole is created. You define the management group scope in the NutexCustomRole role definition’s assignable scope to the Tax management group.

Which of the following are true? (Choose two

A. NutexCustomRole will be available on any subscription in the Beta management group
B. NutexCustomRole will be available on any resource group in in the Production management group
*C. NutexCustomRole will be available on any resource group in the Sales Tax management group
*D. NutexCustomRole will be available on any subscription in the Tax management group

Explanation

The following are true:

NutexCustomRole will be available on any resource group in the Sales Tax management group.

NutexCustomRole will be available on any subscription in the Tax management group.

Custom RBAC roles can define the management group scope in the Role Definition’s assignable scope. In this scenario, the custom RBAC role named NutexCustomRole is assigned to the Tax management group. That RBAC role will be available for assignment on the Tax management group. That RBAC role is also available for assignment on any management group, subscription, resource group, or resource under it. In this scenario, the Sales Tax management group is under the Tax management group.

Neither the Beta management group nor the Production management group are under the Tax management group. Therefore, the RBAC role assigned at onto the Tax management group applies to any subscription, resource group, or resource under the Beta management group or the Production management group

Question 470

You are the administrator of Nutex. You want to run containers in Azure. You have to decide between the following Azure services:

  • Azure Container Instance
  • Azure Kubernetes Service.

Apply the following service benefits from the left to the relevant service on the right. (Use each option only once.)

Features:

  • Fast startup
  • Custom sizes
  • persistent storage
  • Per-second billing
  • Hypervisor-level security
  • Linux and Windows
  • Full container orchestration
  • Service discovery across multiple containers
  • Automatic scaling
  • Coordinated application upgrades

Answer:

Azure Container Instance:

  • Fast startup
  • Custom sizes
  • persistent storage
  • Per-second billing
  • Hypervisor-level security
  • Linux and Windows

Azure Kubernetes Service:

  • Full container orchestration
  • Service discovery across multiple containers
  • Automatic scaling
  • Coordinated application upgrades

Explanation

You should choose the following:

You are the administrator of Nutex. You want to run containers in Azure.

Azure Container Instances (ACI) is the service that allows you deploy a container on Azure cloud without having to manage the underlying infrastructure. ACI allows you launch containers quickly. With ACI, you incur costs only when running the container. The billing is on a per-second instead of a per-minute billing. You can isolate an application in a container like a VM environment. You can specify custom sizes for an Azure Container by specifying exact values for CPU cores and memory. With ACI, you can mount Azure files for persistent storage. The shared files are part of the container and are in a persistent state. You can have scheduled Linux containers as well as Windows containers with the same API. ACI allows to have Hypervisor-level security which can isolate your application like the same experience that occurs in a VM.

The Azure Kubernetes Service (AKS) manages a Kubernetes environment in Azure. AKS provides full container orchestration because you deploy and manage containerized applications without container orchestration expertise. AKS is scalable to meet growing demands by designs because it includes built-in application autoscaling.

Microsoft recommends AKS instead of ACI when you need service discovery across multiple containers, coordinated application upgrades, and automatic scaling.