Free AZ-900 Dump

Question #101Topic 1

This question requires that you evaluate the underlined text to determine if it is correct.

Resource groups provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.

Instructions: Review the underlined text. If it makes the statement correct, select `No change is needed`. If the statement is incorrect, select the answer choice that makes the statement correct.

• A. No change is needed
• B. Management groups
• C. Azure policies
• D. Azure App Service plans

Correct Answer: C

Azure policies can be used to define requirements for resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources.

Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy meets this need by evaluating your resources for non- compliance with assigned policies. All data stored by Azure Policy is encrypted at rest.

For example, you can have a policy to allow only a certain SKU size of virtual machines in your environment. Once this policy is implemented, new and existing resources are evaluated for compliance. With the right type of policy, existing resources can be brought into compliance.

References:

https://docs.microsoft.com/en-us/azure/governance/policy/overview

Community vote distribution

B (58%)

C (41%)

1%

Question #102Topic 1

Your company plans to migrate to Azure.

The company has several departments. All the Azure resources used by each department will be managed by a department administrator.

What are two possible techniques to segment Azure for the departments? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

• A. multiple subscriptions
• B. multiple Azure Active Directory (Azure AD) directories
• C. multiple regions
• D. multiple resource groups

Correct Answer: AD

An Azure subscription is a container for Azure resources. It is also a boundary for permissions to resources and for billing. You are charged monthly for all resources in a subscription. A single Azure tenant (Azure Active Directory) can contain multiple Azure subscriptions.

A resource group is a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group.

To enable each department administrator to manage the Azure resources used by that department, you will need to create a separate subscription per department. You can then assign each department administrator as an administrator for the subscription to enable them to manage all resources in that subscription.

Reference:

https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/add-change-subscription-administrator

Community vote distribution

AD (90%)

10%

Question #103Topic 1

HOTSPOT –

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer: 

Box 1: Yes –

You can use the same account to manage multiple subscriptions. You can create an additional subscription for your account in the Azure portal. You may want an additional subscription to avoid hitting subscription limits, to create separate environments for security, or to isolate data for compliance reasons.

Box 2: No –

You cannot merge two subscriptions into a single subscription. However, you can move some Azure resources from one subscription to another. You can also transfer ownership of a subscription and change the billing type for a subscription.

Box 3: Yes –

A company can have multiple subscriptions and store resources in the different subscriptions. However, a resource instance can exist in only one subscription.

Reference:

https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription

Question #104Topic 1

HOTSPOT –

To complete the sentence, select the appropriate option in the answer area.

Hot Area:

Correct Answer: 

You can move a VM and its associated resources to a different subscription by using the Azure portal.

Moving between subscriptions can be handy if you originally created a VM in a personal subscription and now want to move it to your company’s subscription to continue your work. You do not need to start the VM in order to move it and it should continue to run during the move.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/move-vm

Question #105Topic 1

You have an Azure environment that contains multiple Azure virtual machines.

You plan to implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines.

You need to recommend which Azure resources must be created for the planned solution.

Which two Azure resources should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

• A. a virtual network gateway
• B. a load balancer
• C. an application gateway
• D. a virtual network
• E. a gateway subnet

Correct Answer: AE

To implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines, you need to configure a

VPN (Virtual Private Network) to connect the on-premises network to the Azure virtual network.

The Azure VPN device is known as a Virtual Network Gateway. The virtual network gateway needs to be located in a dedicated subnet in the Azure virtual network. This dedicated subnet is known as a gateway subnet and must be named ‘GatewaySubnet’.

Note: a virtual network (answer D) is also required. However, as we already have virtual machines deployed in a Azure, we can assume that the virtual network is already in place.

References:

https://docs.microsoft.com/en-us/office365/enterprise/connect-an-on-premises-network-to-a-microsoft-azure-virtual-network

Community vote distribution

AE (53%)

AD (47%)

Question #106Topic 1

You attempt to create several managed Microsoft SQL Server instances in an Azure environment and receive a message that you must increase your Azure subscription limits.

What should you do to increase the limits?

• A. Create a service health alert
• B. Upgrade your support plan
• C. Modify an Azure policy
• D. Create a new support request

Correct Answer: D

Many Azure resource have quote limits. The purpose of the quota limits is to help you control your Azure costs. However, it is common to require an increase to the default quota.

You can request a quota limit increase by opening a support request. In the support request, select ‘Service and subscription limits (quotas)’ for the Issue type, select your subscription and the service you want to increase the quota for. For this question, you would select ‘SQL Database Managed Instance’ as the quote type.

Reference:

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instance-resource-limits#obtaining-a-larger-quota-for-sql-managed-instance

Community vote distribution

D (90%)

10%

Question #107Topic 1

HOTSPOT –

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer: 

Box 1: No –

You can assign service administrators and co-administrators in the Azure Portal but there can only be one account administrator.

Box 2: No –

You need an Azure Active Directory account to manage a subscription, not a Microsoft account.

An account is created in the Azure Active Directory when you create the subscription. Further accounts can be created in the Azure Active Directory to manage the subscription.

Box 3: No –

Resource groups are logical containers for Azure resources. However, resource groups do not contain subscriptions. Subscriptions contain resource groups.

Reference:

https://docs.microsoft.com/en-us/office365/enterprise/subscriptions-licenses-accounts-and-tenants-for-microsoft-cloud-offerings

Question #108Topic 1

HOTSPOT –

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer: 

Box 1: No –

Not all Azure regions support availability zones.

Box 2: No –

Availability zones can be used with many Azure services, not just VMs.

Box 3: No –

Availability Zones are unique physical locations within a single Azure region.

Reference:

https://docs.microsoft.com/en-us/azure/availability-zones/az-region#azure-regions-with-availability-zones

Question #109Topic 1

HOTSPOT –

You plan to create an Azure virtual machine.

You need to identify which storage service must be used to store the unmanaged data disks of the virtual machine.

What should you identify? To answer, select the appropriate service in the answer area.

Hot Area:

Correct Answer: 

Azure containers are the backbone of the virtual disks platform for Azure IaaS. Both Azure OS and data disks are implemented as virtual disks where data is durably persisted in the Azure Storage platform and then delivered to the virtual machines for maximum performance. Azure Disks are persisted in Hyper-V VHD format and stored as a page blob in Azure Storage.

Reference:

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-pageblob-overview

Question #110Topic 1

Your company plans to move several servers to Azure.

The company’s compliance policy states that a server named FinServer must be on a separate network segment.

You are evaluating which Azure services can be used to meet the compliance policy requirements.

Which Azure solution should you recommend?

• A. a resource group for FinServer and another resource group for all the other servers
• B. a virtual network for FinServer and another virtual network for all the other servers
• C. a VPN for FinServer and a virtual network gateway for each other server
• D. one resource group for all the servers and a resource lock for FinServer

Correct Answer: B

Networks in Azure are known as virtual networks. A virtual network can have multiple IP address spaces and multiple subnets. Azure automatically routes traffic between different subnets within a virtual network.

The question states that FinServer must be on a separate network segment. The only way to separate FinServer from the other servers in networking terms is to place the server in a different virtual network to the other servers.

References:

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-vnet-plan-design-arm

Community vote distribution

B (100%)

Question #111Topic 1

You plan to map a network drive from several computers that run Windows 10 to Azure Storage.

You need to create a storage solution in Azure for the planned mapped drive.

What should you create?

• A. an Azure SQL database
• B. a virtual machine data disk
• C. a File service in a storage account
• D. a Blob service in a storage account

Correct Answer: C

Azure Files is Microsoft’s easy-to-use cloud file system. Azure file shares can be seamlessly used in Windows and Windows Server.

To use an Azure file share with Windows, you must either mount it, which means assigning it a drive letter or mount point path, or access it via its UNC path.

Unlike other SMB shares you may have interacted with, such as those hosted on a Windows Server, Linux Samba server, or NAS device, Azure file shares do not currently support Kerberos authentication with your Active Directory (AD) or Azure Active Directory (AAD) identity, although this is a feature we are working on.

Instead, you must access your Azure file share with the storage account key for the storage account containing your Azure file share. A storage account key is an administrator key for a storage account, including administrator permissions to all files and folders within the file share you’re accessing, and for all file shares and other storage resources (blobs, queues, tables, etc) contained within your storage account.

References:

https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows

Community vote distribution

C (93%)

7%

Question #112Topic 1

HOTSPOT –

You plan to implement an Azure database solution.

You need to implement a database solution that meets the following requirements:

✑ Can add data concurrently from multiple regions

✑ Can store JSON documents

Which database service should you deploy? To answer, select the appropriate service in the answer area.

Hot Area:

Correct Answer: 

Azure Cosmos DB is Microsoft’s globally distributed, multi-model database service. With a click of a button, Cosmos DB enables you to elastically and independently scale throughput and storage across any number of Azure regions worldwide.

Azure Cosmos DB is a great way to store unstructured and JSON data. Combined with Azure Functions, Cosmos DB makes storing data quick and easy with much less code than required for storing data in a relational database.

References:

https://docs.microsoft.com/en-us/azure/cosmos-db/introduction https://docs.microsoft.com/en-us/azure/azure-functions/functions-integrate-store-unstructured-data-cosmosdb?tabs=csharp

Question #113Topic 1

Your company plans to start using Azure and will migrate all its network resources to Azure.

You need to start the planning process by exploring Azure.

What should you create first?

• A. a subscription
• B. a resource group
• C. a virtual network
• D. a management group

Correct Answer: A

The first thing you create in Azure is a subscription. You can think of an Azure subscription as an ‘Azure account’. You get billed per subscription.

A subscription is an agreement with Microsoft to use one or more Microsoft cloud platforms or services, for which charges accrue based on either a per-user license fee or on cloud-based resource consumption.

✑ Microsoft’s Software as a Service (SaaS)-based cloud offerings (Office 365, Intune/EMS, and Dynamics 365) charge per-user license fees.

✑ Microsoft’s Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) cloud offerings (Azure) charge based on cloud resource consumption.

You can also use a trial subscription, but the subscription expires after a specific amount of time or consumption charges. You can convert a trial subscription to a paid subscription.

Organizations can have multiple subscriptions for Microsoft’s cloud offerings.

References:

https://docs.microsoft.com/en-us/office365/enterprise/subscriptions-licenses-accounts-and-tenants-for-microsoft-cloud-offerings

Community vote distribution

A (100%)

Question #114Topic 1

HOTSPOT –

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer: 

Box 1: No –

Azure resources deployed to a single resource group can be located in different regions. The resource group only contains metadata about the resources it contains.

When creating a resource group, you need to provide a location for that resource group. You may be wondering, “Why does a resource group need a location?

And, if the resources can have different locations than the resource group, why does the resource group location matter at all?” The resource group stores metadata about the resources. When you specify a location for the resource group, you’re specifying where that metadata is stored. For compliance reasons, you may need to ensure that your data is stored in a particular region.

Box 2: No –

Tags for Resources are not inherited by default from their Resource Group

Box 3: Yes –

A resource group can be used to scope access control for administrative actions. By default, permissions set at the resource level are inherited by the resources in the resource group.

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview

Question #115Topic 1

HOTSPOT –

To complete the sentence, select the appropriate option in the answer area.

Hot Area:

Correct Answer: 

Azure storage offers different access tiers: hot, cool and archive.

The archive access tier has the lowest storage cost. But it has higher data retrieval costs compared to the hot and cool tiers. Data in the archive tier can take several hours to retrieve.

While a blob is in archive storage, the blob data is offline and can’t be read, overwritten, or modified. To read or download a blob in archive, you must first rehydrate it to an online tier.

Example usage scenarios for the archive access tier include:

✑ Long-term backup, secondary backup, and archival datasets

✑ Original (raw) data that must be preserved, even after it has been processed into final usable form.

✑ Compliance and archival data that needs to be stored for a long time and is hardly ever accessed.

Reference:

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers?tabs=azure-portal#archive-access-tier

Question #116Topic 1

HOTSPOT –

You plan to deploy a critical line-of-business application to Azure.

The application will run on an Azure virtual machine.

You need to recommend a deployment solution for the application. The solution must provide a guaranteed availability of 99.99 percent.

What is the minimum number of virtual machines and the minimum number of availability zones you should recommend for the deployment? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer: 

You need a minimum of two virtual machines with each one located in a different availability zone.

Availability Zones is a high-availability offering that protects your applications and data from datacenter failures. Availability Zones are unique physical locations within an Azure region. Each zone is made up of one or more datacenters equipped with independent power, cooling, and networking. To ensure resiliency, there’s a minimum of three separate zones in all enabled regions. The physical separation of Availability Zones within a region protects applications and data from datacenter failures. Zone-redundant services replicate your applications and data across Availability Zones to protect from single-points-of-failure. With Availability

Zones, Azure offers industry best 99.99% VM uptime SLA.

References:

https://docs.microsoft.com/en-us/azure/availability-zones/az-overview

Question #117Topic 1

Which Azure service should you use to collect events from multiple resources into a centralized repository?

• A. Azure Event Hubs
• B. Azure Analysis Services
• C. Azure Monitor
• D. Azure Stream Analytics

Correct Answer: A

Azure Event Hubs is a big data streaming platform and event ingestion service. It can receive and process millions of events per second. Data sent to an event hub can be transformed and stored by using any real-time analytics provider or batching/storage adapters.

Azure Event Hubs can be used to ingest, buffer, store, and process your stream in real time to get actionable insights. Event Hubs uses a partitioned consumer model, enabling multiple applications to process the stream concurrently and letting you control the speed of processing.

Azure Event Hubs can be used to capture your data in near-real time in an Azure Blob storage or Azure Data Lake Storage‰for long-term retention or micro-batch processing.

Reference:

https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-about

Community vote distribution

A (52%)

C (48%)

Question #118Topic 1

HOTSPOT –

To complete the sentence, select the appropriate option in the answer area.

Hot Area:

Correct Answer: 

Availability Zones is a high-availability offering that protects your applications and data from datacenter failures. Availability Zones are unique physical locations within an Azure region.

Reference:

https://docs.microsoft.com/en-us/azure/availability-zones/az-overview

Question #119Topic 1

HOTSPOT –

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer: 

Box 1: Yes –

There are different replication options available with a storage account. The ‘minimum’ replication option is Locally Redundant Storage (LRS). With LRS, data is replicated synchronously three times within the primary region.

Box 2: No –

Data is not backed up automatically to another Azure Data Center although it can be depending on the replication option configured for the account. Locally

Redundant Storage (LRS) is the default which maintains three copies of the data in the data center.

Geo-redundant storage (GRS) has cross-regional replication to protect against regional outages. Data is replicated synchronously three times in the primary region, then replicated asynchronously to the secondary region.

Box 3: No –

The limits are much higher than that. The current storage limit is 2 PB for US and Europe, and 500 TB for all other regions (including the UK) with no limit on the number of files.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview