Skip to Content

AZ-900 Microsoft Azure Fundamentals Exam Questions and Answers – Page 5 Part 1

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

The latest Microsoft AZ-900 Azure Fundamentals certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-900 Azure Fundamentals exam and earn Microsoft AZ-900 Azure Fundamentals certification.

Question 411

Your organization has offices in multiple locations in France. Teams are distributed across the country. Your organization uses a private cloud storage solution to synchronize work-related data and make it available to employees across locations. Employees must manually synchronize the data on the cloud with that on their computers.

You are asked to plan for a solution that automatically synchronizes data, reduces costs and eliminates the dependency on Internet speeds to synchronize data. You plan to use Azure File Storage.

Which of the following are mandatory requirements to implement Azure File Storage and accomplish the goal of the plan? (Select all that apply.)

*A. Create a Sync Group and add the on-premises servers as Server Endpoints on the Azure portal.
*B. Prep on-premises servers that meet the requirements to deploy Azure File Sync.
C. Install Windows Deployment Services on-premises
*D. Register the on-premises servers with the Storage Sync Service.
*E. Create an Azure File Share on the Azure portal.
F. Create ExpressRoute circuit(s) for the Azure File Sync solution.
*G. Deploy Azure File Sync on the on-premises servers.

Explanation

The following are mandatory requirements:

  • Deploy Azure File Sync on the on-premises servers.
  • Create an Azure File Share on the Azure portal.
  • Prep on-premises servers that meet the requirements to deploy Azure File Sync.
  • Register the on-premises servers with the Storage Sync Service.
  • Create a Sync Group and add the on-premises servers as Server Endpoints on the Azure portal.

One of the purposes of Azure File Storage is for file shares in the cloud. You can use Azure File Storage to create file shares without worrying about overhead of a physical server, device, or appliance. The following are the steps you must perform to set up Azure File Storage and the planned solution:

  1. Create a File Share by using the Azure portal, PowerShell, or CLI and specify the maximum limit of the File Share.
  2. Identify servers or on-premises virtual machines that will synchronize and download the files to the on-premises locations by using Azure File Sync.

Although Azure File Sync is not a mandatory requirement to use Azure File Storage effectively, in the desired solution for this question, automatic synchronization, caching and reducing bandwidth costs, and eliminate dependency on Internet speeds. So, Azure File Sync must be used.

First, deploy Azure File Sync agent on the on-premises resources you’ve prepped. Next, register the on-premises servers with the Storage Sync service to establish a trust relationship. Lastly, create a Sync Group to define the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other.

A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. Also, add the on-premises servers as the Server Endpoints.

Azure ExpressRoute is not a mandatory requirement. Azure ExpressRoute is a feature that allows you to extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider. So, this is NOT a mandatory requirement to make Azure File Storage and Azure File Sync.

Windows Deployment Services (WDS) is not a mandatory requirement. WDS is a server role that allows you to deploy Windows operating systems remotely.

How to create an ExpressRoute circuit using the Azure portal and the Azure Resource Manager deployment model.

Question 412

You need to propose a budget for cloud services, including selecting the correct cloud service model (PaaS, IaaS, or SaaS). To help coordinate services, you must understand which responsibilities belong to each type of cloud provider and which would belong to your organization.

In each service scenario, which areas are the responsibility of the service provider? Move the appropriate responsibility to the appropriate category.

Service Provider Responsibility:

  • Physical security
  • Identity and access management
  • Network controls

Cloud service model:

  • PaaS
  • IaaS
  • SaaS

Answer: Answer for which areas are the responsibility of the service provider?

SaaS:

  • Physical security
  • Identity and access management
  • Network controls

PaaS:

  • Physical security
  • Identity and access management
  • Network controls

IaaS:

  • Physical security

Explanation

Network controls are the responsibilities of the SaaS and PaaS vendors. The customer has no responsibility for network controls in a SaaS. However, they have some control over network controls in a PaaS. The customer has full responsibility of network controls for an IaaS since the customer can allocate resources such as routers, virtual networks, and gateways in an IaaS.

Identity and access management is a shared responsibility between the vendor and the customer in a SaaS and PaaS. These vendors decide what type of access that the customer has to its software in a SaaS and platform in a PaaS and the customer can decide which users in their subscription can have access to the SaaS or PaaS.

Physical security is the sole responsibility of the customer in an on-premises environment. Ensuring that the physical datacenter that houses the computing resources are secure is the cloud vendor’s responsibility with a SaaS, PaaS, or IaaS environment.

Question 413

You are part of the IT team at the Nutex Corporation. Your management has triggered an initiative to reduce the costs to manage apps and services on Azure. To work for this initiative, you must know the best practices to reduce Azure costs.

Which of the following statements about Azure Reservations are TRUE? (Choose three.)

*A. The size of a Cosmos DB reservation required is dependent on the compute capacity used by Cosmos DB resources.
B. Azure Reservation is particularly useful when resources run for short durations.
*C. Azure Reservation discounts are not applicable for the duration of the overlap if the runtimes of two different SQL databases overlap.
D. Azure Reservations are not applicable for a refund and cannot be exchanged.
E. The unused reserved hours for virtual machines can be carried forward.
*F. The utilization percentages of Azure Reservations can be viewed on the Azure portal.

Explanation

The following statements are true:

  • Azure Reservation discounts are not applicable for the duration of the overlap if the runtimes of two different SQL databases overlap.
  • The utilization percentages of Azure Reservations can be viewed on the Azure portal.
  • The size of a Cosmos DB reservation required is dependent on the compute capacity used by Cosmos DB resources.

The SQL database reserved capacity discount is applied on an hourly basis to running SQL databases. The reservation is automatically applied to other SQL databases that do not run for an hour but match the reservation attributes. For example, a 16-core SQL database runs from 1 pm to 1:30 pm. Another 16-core SQL database runs from 1:30 to 2 pm. The reservation discount covers both. If the runtimes overlap, pay-as-you-go prices are charged for the duration of the overlap. The reservation discount applies to the compute usage for the rest of the time.

Azure Reservations’ utilization percentages can be monitored to ensure that they are used optimally. To view the utilization percentage, follow these steps:

  • Go to the Azure portal and select All services > Reservations and note the Utilization (%) for each reservation.
  • Select a reservation.
  • Review the reservation use trend over time.

The size of the Cosmos DB reservation should be based on the total amount of throughput that the existing or soon-to-be-deployed Azure Cosmos DB resources will use. The size of a SQL Database reservation should be based on the total amount of compute used by the existing or soon-to-be-deployed single databases, elastic pools, or managed instances within a specific region and using the same performance tier and hardware generation.

It is not true that the unused reserved hours for virtual machines can be carried forward. A reservation discount is “use-it-or-lose-it”. If there are no resources used for an hour, the reservation quantity for that hour is lost. When you shut down a resource, the reservation discount automatically applies to another matching resource in the specified scope. If no matching resources are found in the specified scope, then the reserved hours are lost.

An Azure reservation is particularly useful for resources that run for long, not short, periods, such as virtual machines, Azure Cosmos DBs, or SQL databases. If these resources are run continuously for long hours, the pay-as-you-go rates are charged. With Azure Reservation, discounts are applicable and up to 70% of the costs can be saved.

You can exchange a reservation for another reservation of the same type. You can also refund a reservation, up to $50,000 USD per year, if you no longer need it.

Self-service exchange and cancel capabilities are not available for US Government Enterprise Agreement customers. Other US Government subscription types, including pay-as-you-go and CSP, are supported.

Question 414

Your company needs to increase or decrease resources for a workload. You need to provide additional resources to service a workload or add additional capabilities to manage an increase in demand to the existing resource. The provision of additional resources does not have to be done automatically.

Which cloud feature is needed in this scenario?

A. Fault tolerance
B. Economy of scale
*C. Scalability
D. Agility
E. High availability
F. Disaster recovery
G. Elasticity

Explanation

You would choose scalability. This feature can increase (scale-up) or decrease (scale-down) resources that are assigned to a workload. As demand increases, you can add additional resources or capabilities to manage the increase in demand (known as scaling up). Scalability does not have to be done automatically.

You would not choose high availability. This feature allows services to run for extended periods, with very little downtime, depending on the service.

You would not choose elasticity. This feature increases or decreases resources as needed, but unlike scalability, elasticity is done automatically. Elastic resources are based on the current needs and resources are added or removed dynamically to meet those needs, from the most advantageous geographic location. A distinction between scalability and elasticity is that elasticity is done automatically.

You would not choose agility. Agility is the ability to react quickly. Cloud services can allocate and deallocate resources quickly. These are on-demand services that are provisioned in minutes. There is no manual intervention in provisioning or deprovisioning services.

You would not choose fault tolerance. Fault tolerance is the ability to remain up and running in the event of a component or service that is no longer functioning. Typically, redundancy is built into cloud services architecture so that if one component fails, a backup component takes its place. This type of service is said to be tolerant of faults.

You would not choose disaster recovery. This feature allows you to recover from a cloud service outage caused by an event. Cloud services disaster recovery can happen very quickly with automation, with resources being readily available for use.

You would not choose economy of scale. The concept of economy of scale is the ability to do business cheaper and more efficiently when operating on a larger scale, in comparison to operating on a smaller scale.

Question 415

The Nutex Corporation wants to implement an Azure service that will inspect the Azure resources and services and notify the Azure administration team about issues when they occur. They believe that Azure Service Health will meet their requirements.

Match the attribute or setting for Azure Service Health with its appropriate description.

Description:

  • A class of health notifications which implies that an event has occurred, and engineers have confirmed that you are still experiencing impact.
  • A health status reported by Azure Service Health when the resource detects a loss in its performance
  • A location or service which stores the Azure Service Health notifications
  • A type of Azure Service Health event reported when you exceed a usage quota.
  • A health check executed to determine the health of a specified type of a resource.

Attribute/Setting:

  • Degraded
  • Microsoft.ApiManagement/Service
  • Azure Activity Log
  • Assisted Recovery
  • Health Advisories

Answer: Correct answer for matching the attribute or setting for Azure Service Health with its appropriate description.

  • Degraded: A health status reported by Azure Service Health when the resource detects a loss in its performance
  • Microsoft.ApiManagement/Service: A health check executed to determine the health of a specified type of a resource.
  • Azure Activity Log: A location or service which stores the Azure Service Health notifications
  • Assisted Recovery: A class of health notifications which implies that an event has occurred, and engineers have confirmed that you are still experiencing impact.
  • Health Advisories: A type of Azure Service Health event reported when you exceed a usage quota.

Explanation

Azure Service Health reports the status of an Azure resource as follows:

  • Available – no events have been detected that affect the health of the resource.
  • Unavailable – an event has been detected on an ongoing platform or non-platform that affects the health of the resource.
  • Unknown – no information about the resource has been reported for more than 10 minutes.
  • Degraded – a loss in performance has been detected for the resource.

The health of a resource is determined by executing health checks that depend on the type of resource.

For the API management service, the health check is Microsoft.ApiManagement/service. This determines whether the API Management service is up and running.

Azure Service Health notifications are stored in the Azure Activity Log. This way, Azure Service Health integrates with Azure Monitor which sends alerts via text messages, emails, and webhook notifications when resources are impacted.

Depending on the class of the Azure Service Health notification, it can be informational or actionable. The various classes of service health notifications are as follows:

  • Action required – something unusual has happened on your account.
  • Assisted recovery – an event has occurred, and Azure engineers confirm you are still experiencing impact.
  • Azure engineering needs to work with you directly to restore your services to full health.
  • Incident – an event that impacts service is currently affecting one or more of the resources in your subscription.
  • Maintenance – a planned maintenance activity that might impact one or more of the resources under your subscription.
  • Information – states possible optimizations that might help improve your resource use.
  • Security – urgent security-related information regarding your solutions that run on Azure.

Health Advisories track the changes in Azure services that require your attention. Examples include when Azure features are deprecated or if you exceed a usage quota.

Question 416

Your company’s Chief Financial Officer wants to have a tighter control on spending for the cloud infrastructure.

She wants to have a tool to apply data analysis to the existing monthly costs of Azure. An associate recommends that she use Azure Advisor.

Will this solution meet the CFO’s needs?

*A. No
B. Yes

Explanation

Azure Cost Management is a tool that can perform that task. Azure Advisor finds unused resources such as VMs and receives recommendations about Azure reserved instance purchases. Azure Advisor does not apply data analysis to the existing monthly costs of Azure.

Azure Cost Management consists of Cost Management + Billing, which is a suite of tools that optimizes, analyzes, and manages your workload costs. You can use these tools to perform the following tasks:

  • Streamline bill paying tasks
  • Managing costs
  • Download cost and usage data from your invoice
  • Use data analysis to monthly costs
  • Limit spending through the use of thresholds
  • Find opportunities for changes in workloads that can reduce spending

Question 417

The Nutex Corporation plans to provide app management and monitoring services to some companies. The management wants you to discover ways to obtain customer-level usage and billing details.

Which of the following statements about options available with Azure Subscriptions are TRUE? (Choose three.)

*A. Existing key vaults are inaccessible when a subscription is added to an Active Directory tenant.
*B. Multiple Azure subscriptions can exist within a tenant.
C. Credit entitlements from one subscription can be moved to another.
*D. The registered Azure Stack must be re-registered after adding a subscription to an Active Directory tenant.
E. Azure subscriptions must always be purchased in $ (USD).
Check Answer

Explanation

The following statements are true:

  • Multiple Azure subscriptions can exist within a tenant.
  • Existing key vaults are inaccessible when a subscription is added to an Azure Active Directory tenant.
  • The registered Azure Stack must be re-registered after adding a subscription to an Active Directory tenant.

Each subscription can independently fuel a different set of resources within the same customer tenant. Subscriptions can come from different purchase channels and can co-exist independent of each other.

The following occurs when you add a subscription to an Azure Active Directory tenant:

  • Users with RBAC roles lose their access.
  • Service Administrators and Co-Administrators lose their access.
  • Existing key vaults are inaccessible until the key vault tenant ID is changed.
  • Managed identities for resources such as Virtual Machines or Logic Apps must be re-enabled or recreated.
  • A registered Azure Stack must be re-registered.

Credit entitlements in one subscription cannot be moved to another subscription. Resources can be migrated from one subscription to another, but not the credit entitlements.

Azure subscriptions can be bought by the designated currency based on the channel through which one procures, and all major currencies can be used.

Question 418

The Nutex Corporation purchased another company and is moving a large amount of that data to Azure.

Which of the following statements about Azure Disk Storage are TRUE? Drag the statement from the left to the appropriate column on the right.

Statement:

  • Ephemeral OS disks cannot be resized after they are provisioned.
  • Ephemeral OS disks support the Azure Disk Encryption and Azure Backup features.
  • The throughput of a virtual disk that has an I/O size of 1024 KB and an IOPS of 200, is 200 MB/s.
  • Azure Backup feature works only with managed disks.
  • Temporary disk is a managed disk that stores application data.

Answer:

  • Ephemeral OS disks cannot be resized after they are provisioned: True
  • Ephemeral OS disks support the Azure Disk Encryption and Azure Backup features: False
  • The throughput of a virtual disk that has an I/O size of 1024 KB and an IOPS of 200, is 200 MB/s: True
  • Azure Backup feature works only with managed disks: False
  • Temporary disk is a managed disk that stores application data: False

Explanation

Once the ephemeral OS disk is provisioned, the OS disk cannot be resized.

IOPS or Input/output Operations Per Second, is the number of requests that an application sends to the storage disks in one second. So, throughput is I/O size times the IOPS. So, an IOPS of 200 and an I/O size of 1024 KB allows a throughout of 200 MB per second.

Ephemeral OS disks do NOT support the following features: capturing VM images, disk snapshots, Azure Disk Encryption, Azure Backup, Azure Site Recovery, and OS Disk Swap.

Azure Backup is used for backups and disaster recovery. Azure Backup works with managed disks AND unmanaged disks.

The three roles of a disk in Azure Disk Storage are: Data disk, OS disk, and Temporary disk. Data disk is a managed disk that’s attached to a virtual machine to store application data. OS disk hosts the OS for the virtual machine. Temporary disk is an UNMANAGED disk used for short-term storage of page or swap files for applications and processes. Temporary disk is not a managed disk.

Objective: Describe Azure architecture and services

Sub-Objective: Describe Azure storage services

Question 419

The Nutex Corporation wants to migrate its on-premises applications and services to Azure. You are the analyst tasked to investigate the benefits of this migration to Azure.

Which of the following statements about the Azure TCO Calculator is TRUE?

*A. Customers interested in migrating from on-premises deployments to Azure must focus their calculations on the Compute, Storage, and Network requirements on Azure in order to evaluate the costs accurately.
B. The Azure TCO Calculator application can be downloaded from the Azure website.
C. Azure TCO Calculator calculates on-premises infrastructure costs based on three criteria: hardware, software, and networking costs.
D. Azure TCO Calculator primarily evaluates the total cost incurred to migrate on-premises application workloads to Microsoft Azure.
E. The Azure Pipelines service is not available with the Azure Government offering.

Explanation

Customers interested in migrating from on-premises deployments to Azure must focus their calculations on the Compute, Storage, and Network requirements on Azure in order to evaluate the costs accurately.

Unfortunately, not all cloud TCO calculations are accurate enough to let you make an informed decision. Many are ballpark estimates because they have failed to account for all performance metrics essential for rightsizing, and they may rely on metrics that have been averaged instead of considering peaks and valleys. These imprecise assessment methods may cause you to estimate a configuration scenario that is not suited to your performance requirements.

Metrics such as peak CPU utilization, allocated and peak RAM usage, observed storage on-premises (capacity and current occupancy), disk IOPS and bandwidth, throughput, and usage patterns must be analyzed. This approach focuses on three areas: Compute, Storage, and Network.

The following statements are not true:

  • Azure TCO Calculator primarily evaluates the total cost incurred to migrate on-premises application workloads to Microsoft Azure.
  • Azure TCO Calculator calculates on-premises infrastructure costs based on three criteria: hardware, software, and networking costs.
  • The Azure TCO Calculator application can be downloaded from the Azure website.

Microsoft’s Azure Total Cost of Ownership (TCO) Calculator allows you to evaluate potential cost savings if you migrate on-premises application workloads to Microsoft Azure. You must specify the details of your existing infrastructure and various cost assumptions that you want the tool to work with. You receive a report that shows your on-premises costs compared to Microsoft Azure costs. While you may get a report of cost savings, TCO will NOT give you the total costs incurred to migrate on-premises application workloads to Microsoft Azure. TCO may allow you to compare costs on databases, storage, and networking, but does NOT calculate the labor rate that may be involved with the migration.

The Azure TCO Calculator calculates the on-premises infrastructure costs based on more than three criteria. It takes the following costs into consideration:

  • Hardware
  • Software (for Windows as an OS)
  • Electricity
  • Data center
  • Networking
  • Disk storage
  • IT labor
  • Virtualization

Azure TCO Calculator is an online calculator that can be accessed on the Azure website. Customers can use it to check their TCO but only the results can be downloaded.

At the time of this writing, Azure Pipelines service is not available with the Azure Government offering.

Question 420

You are an Azure architect that must define a repeatable set of Azure resources that adhere to your company’s standards, patterns, and requirements. You need to ensure that your developers and administrators rapidly build a new environment that will adhere to organizational compliance.

What do you need?

*A. Azure Blueprint
B. Azure Policy
C. Azure Initiative

Explanation

You should use an Azure Blueprint. Blueprints allow you to deploy Azure Policies, role assignments, Azure Resource Manager (ARM) templates, and resource groups in an orchestrated way to adhere to organizational compliance with a consistent set of built-in components. Blueprints ensure that policies, assignments, and policy initiatives can rapidly build new environments because they adhere to the organization’s standards, patterns, and requirements.

You should not choose an Azure Policy or initiative. An Azure Policy allows enforcement and control of the property of a resource. A policy initiative is a collection of policy definitions that can be used as a common overarching goal. Definitions group a set of policies as one single item that can be assigned to scopes. A Blueprint uses both polices and initiatives to provide compliance and guidance.

You can use the Azure Security and Compliance GDPR Blueprint portal to build and launch cloud applications that meet GDPR requirements. Customers can use deployment guidance, GDPR article implementation mappings, common reference architectures, customer responsibility matrices, and threat models to simplify the adoption of Azure in support of the GDPR compliance initiatives.