Module 4: Exam Prep 3

by
Contents hide
1 INTRODUCTION – Exam Prep 3
2 PRACTICE EXAM COVERING AZURE SERVICES & LIFECYCLES
3 CONCLUSION – Exam Prep 3
Spread the love

INTRODUCTION – Exam Prep 3

In this module, you will learn how Azure secures cloud resource access and understand the importance of developing a cloud governance strategy. In this course, you will also look at how Azure meets many common regulatory and compliance standards. Revisit some primary factors influencing cloud costs, find tools to estimate and manage cloud costs, and learn more about how Azure’s service-level agreements (SLAs) have an impact on your application design decisions.

You will also take a practice test covering identity, governance, privacy, and compliance features as well as Azure cost management and SLAs, one part of the AZ-900 Microsoft Certified Azure Fundamentals exam.

Learning Objectives:

  • Determine your knowledge of Microsoft Azure cost management and Service Level Agreements.
  • Assess your current understanding of identity, governance, privacy, and compliance features in Microsoft Azure.

PRACTICE EXAM COVERING AZURE SERVICES & LIFECYCLES

1. Tradewind Traders has recently migrated to Azure cloud services. The company has several departments and management has decided that the departmental administrators will be responsible for managing the resources related to their department. Which of the following will allow for the segmentation of the departments?

Select all options that apply.

  • Multiple Regions
  • Multiple subscriptions (CORRECT)
  • Multiple resource groups (CORRECT)
  • Multiple Azure Active Directory (Azure AD) directories

Correct: An Azure subscription is used to hold Azure resources. It serves as a limit to the permission and billing of resources. You complete monthly billing of all resources under this subscription. An Azure tenant (Azure Active Directory) provides multiple Azure subscriptions so that different environments or resource departments can be managed with greater flexibility.

Correct: At Azure, a resource group is a container for items that are related to an Azure solution. It may also contain resources very specific to the solution that one can manage together. Resource groups let you organize and manage the resources very effectively, allowing you to easily apply access controls and manage permissions or monitor resource usage.

2. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. The company has asked you to research Azure Single Sign On. Based on your research, is the following statement correct in respect of Single Sign-On in Azure?

Single sign-on enables a user to sign in one time and use that credential to access multiple resources and applications from different providers.

  • Yes (CORRECT)
  • No 

Correct: Single sign-on (SSO) allows a user to log in once and use the same credentials to access different resources and applications from different service providers, without logging in each time for that service. This facilitates the user’s experience and enhances security by reducing the number of times users must authenticate.

3. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. The company has asked you to research multi-factor authentication. A code that’s sent to a mobile phone is an example of which type of multi-factor authentication?

  • Something you have (CORRECT)
  • Something you know
  • something you are

Correct: The thing you might possess could be a code sent to your cell phone, such as a one-time password or authentication code. In the case of two-factor authentication, that is one type, which adds to the security of your password with another layer, that being the code itself.

4. Tradewind Traders has recently migrated to Azure cloud services. The company has just completed a review of its current configuration and has discovered that there is a selection of unused resources currently in existence including multiple AD accounts, multiple groups, multiple public IP addresses, and multiple network interfaces. The company wants to reduce costs to a minimum. You recommend removing the unused user accounts. Will this reduce the monthly costs?

  • Yes 
  • No (CORRECT)

Correct: There is actually no impact on the Azura costs of the company since the deletion of not-used accounts does not cost anything for user accounts.

5. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. The company has many independent departments and as part of this migration, the company wants to allow each department to use different payment options for the resources allocated to them. Which of the following will allow you to configure different payment options for each department?

  • Multiple Reservations
  • Multiple Container Instances 
  • Multiple Subscriptions (CORRECT)
  • Multiple Resource Groups

Correct: Azure has available several payment options. They have the pay-as-you-go (PAYG), Enterprise Agreement (EA), and Microsoft Customer Agreement (MCA). However, Azure costs are pushed per subscription. Every month, all resources are charged, occupying a subscription in Azure. To do this using different payment options for each department, a subscription per department must be made.

6. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. The company has multiple offices around the world. Management wants to be able to generate multiple billing reports from the Azure Portal that will contain the resource utilization from each office. Which feature should you use before you generate the reports?

  • Templates 
  • Policies 
  • Tags (CORRECT)
  • Locks

7. Tradewind Traders has recently migrated to Azure cloud services and management wishes to chargeback some of the resource costs to various departments every month. Which is the best solution to meet these requirements with the least amount of administrative effort?

  • Create Subscriptions for each department 
  • Tags (CORRECT)
  • Manually track using a Microsoft Excel spreadsheet

Correct: Tags give the opportunity to supplement existing information or metadata to your resources. For instance, you might want to build a tag called “Sales” with the value being the name of your billing department. In this case, it is also possible to use Azure Policy to enforce correct tag assignment when provisioning resources.

8. Tradewind Traders has recently migrated to Azure cloud services. Management wants access to in-depth information about security, privacy, compliance offerings, policies, features, and practices across Microsoft cloud products. Which tool should you recommend for them to use?

  • Azure Advisor 
  • Azure Monitor 
  • Microsoft Trust Center (CORRECT)
  • Azure Portal 

Correct: The Trust Center offers complete details on the security, privacy, and compliance features, policies, and practices across Microsoft cloud solutions. It includes links to security, privacy, and compliance blogs for more thorough integration.

9. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. As part of this migration, the company wants to create a support plan that will provide its users with access to Azure support engineers by phone and email. You have been asked to research the available support plans and recommend one that will provide this service. You recommend the Professional Direct support plan. Does this meet the company’s requirements?

  • Yes (CORRECT)
  • No 

Correct: Some basic support plans do not offer technical support to engineers. The Developer support plan offers only email technical support for engineers. The Standard, Professional Direct, and Premier support plans offer both email and telephone technical support to engineers. The aforementioned Standard plan is also the cheapest option among the selection, but that was irrelevant to the question’s specification.

10. Tradewind Traders has recently migrated to Azure cloud services. The company’s development team creates virtual machines for testing regularly. These test machines are only used during certain times. In your opinion what is the most efficient way to save costs on virtual machines when they are not in use?

  • Delete the virtual machines when they are not in use because once they are deleted, they will not incur any charges. 
  • Deallocate the virtual machines when they are not in use. (CORRECT)
  • Use virtual machines that are only chargeable when accessed remotely. Try going back and Managing Costs and SLA Service Cycles.

Correct: If you deallocate virtual machines, then the hard disks and the related data remain within Azure. You will not receive a charge for CPU or network consumption, thus saving costs.

11. Tradewind Traders has recently migrated to Azure cloud services. Management wants clarification as to what will occur if Microsoft plans to end support for an Azure service and does NOT have a successor service. What notification period will Microsoft provide in this scenario?

  • 90 days 
  • 12 months (CORRECT)
  • 6 months
  • 30 days 

Correct: The Modern Lifecycle Policy applies to products and services provided with continuous servicing and support. For such products covered by this Modern Lifecycle Policy, Microsoft must give at least 12 months’ notice before ceasing support, unless a successor product or service is then available.

12. Tradewind Traders has recently migrated to Azure cloud services. The company is reviewing its support plans. You have been asked to identify the lowest-cost support plan that allows 24×7 access to support engineers by phone. Which of the following support options allow this at a low cost?

  • Azure Standard support plan
  • Azure Professional Direct support plan 
  • Azure Basic support plan 
  • Azure Developer support plan (CORRECT)

13. Tradewind Traders has recently migrated to Azure cloud services. The company is reviewing its support plans. The company requires their users to be able to open new support requests and you have been asked to determine which support plan will provide this feature. Which of the following statements is correct?

  • Premier, Professional Direct, and Standard only
  • Premier and Professional Direct only
  • Premier, Professional Direct, Standard, and Developer only (CORRECT)
  • Premier, Professional Direct, Standard, Developer, and Basic

Correct: The following plans – Premier, Professional Direct, Standard, and Developer – would accept opening support cases. Basic support plans do not entitle you to open a support case. You may also consider reviewing the cost control and service cycle options in the SLA.

14. Tradewind Traders has recently migrated to Azure cloud services. The company is reviewing its support plans. Management has asked you to determine what is guaranteed in an Azure Service Level Agreement (SLA) for virtual machines? Select the appropriate option.

  • Bandwidth 
  • 22 (CORRECT)
  • Performance 
  • Feature Availability

Correct: In essence, it guarantees uptime for virtual machines, which is further determined by VM deployment in either an availability set or an availability zone. Such deployment types promise more uptime and dependability.

15. Tradewind Traders is planning to migrate to Azure cloud services. However, before this happens management requires some comparisons of the costs involved in using cloud services as opposed to an on-premises solution. What would be the first step you could take to provide this comparison information?

  • Setup some resources in Azure as this is a free service.
  • Run the Total Cost of Ownership Calculator. (CORRECT)
  • Assume that the cost of running workloads on Azure is similar to running workloads on-premises. 

Correct: A very good initial starting point is running the Total Cost of Ownership (TCO) Calculator, as it provides a clear comparison between the costs of running workloads in data centers and on Azure. The calculator employs independent research company certification. Thus, the results are accurate and unbiased.

16. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. As part of this migration, you have been asked to research the purpose of Azure Advisor. Based on this research, which of the following can be performed by using Azure Advisor?

  • Evaluate which on-premises resources can be migrated to Azure. 
  • Integrate Active Directory and Azure Active Directory (Azure AD). 
  • Confirm that Azure subscription security follows best practices. (CORRECT)
  • Estimate the costs of an Azure solution.

17. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. The company has asked you to research the differences between Authorisation and Authentication in Azure. Based on your research, which of the following is the process of establishing the identity of a person or service that wants to access a resource known as?

  • Authentication (CORRECT)
  • Authorisation

Correct: Authentication is defined as the act of verifying a person’s identity or the identity of a service requesting access to some resource or set of resources. It challenges the party to provide the requisite proof of a true identity of the basis upon which a security principle for identity and access control can be created. Authentication determines if the user is really who he claims to be.

18. Tradewind Traders has recently migrated to Azure cloud services. Management wants clarification on their legal agreement between themselves and Microsoft that details the obligations by both parties concerning the processing and security of customer data and personal data. Which of the following should you refer management to? 

  • Online Services Terms (CORRECT)
  • Microsoft Privacy Statement 

Correct: The Online Services Terms (OST) is a legal agreement between Microsoft and the customer and establishes the respective responsibilities of the parties involved regarding the processing and security of customer and personal data. It applies specifically to Microsoft online services licensed via subscription, such as Azure, Dynamics 365, Office 365, and Bing Maps.

19. True or False?

Azure China is operated by 21Vianet and is a physically separated instance of cloud services located in China.

  • True (CORRECT)
  • False

Correct: 21Vianet runs Azure China as an entirely separate instance of cloud services in China. The Shanghai Blue Cloud Technology Co., Ltd. (“21Vianet”) wholly controls this instance and transactions. It is set to operate independently from all other instances of the cloud services.

20. Which of the following define performance targets such as uptime?

  • Service Level Agreements (CORRECT)
  • Usage Meters
  • Support plans

Correct: SLAs for Azure products or services define the performance goals which the service should meet with regard to the availability and reliability that Microsoft promises to deliver.

21. Tradewind Traders has recently migrated to Azure cloud services. Users have deployed multiple resources since the migration however today one of the developers has received a message when creating several SQL database instances stating that that the Azure subscription limits must be increased. What must be done to increase this limit?

  • Create a new support request (CORRECT)
  • Modify an Azure policy 
  • Upgrade your support plan 
  • Create a service health alert

Correct: There are quota limiting restrictions enforced on majority part of Azure resources in place to manage your Azure cost. Going past the default quota is something that many need to do. To request an increase in the quota, one would have to open a support request. In the process, your subscription would have to be selected and specify the particular service you are requesting an increase for. In this case, you would select the quota type as ‘SQL Database Managed Instance.’

22. Tradewind Traders has recently migrated to Azure cloud services. The company is reviewing its support plans. You have been asked to determine which support plan will provide best practice information, health status and notifications, and 24/7 access to billing information at the lowest possible cost. Which support plan should you choose?

  • Basic (CORRECT)
  • Developer 
  • Standard support plan 
  • Premier

Correct: Beside 24 hours availability of billing and subscription support, the basic support plan provides online self-help tools, documentation, whitepapers, and support forums. Also, it gives comprehensive access to all full Azure Advisor Recommendations and access to a personalized Service Health Dashboard and Health APIs.

23. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. As part of this migration, you have been asked to research the Modern Lifecycle Policy for Azure services. Based on your research Which of the following statements do you think most accurately defines Modern Lifecycle Policy for Azure services?

  • After a service is made generally available, Microsoft provides support for the service for a minimum of four years. 
  • Microsoft provides a minimum of 12 months’ notice before ending support for a service. (CORRECT)
  • When a service is retired, you can purchase extended support for the service for up to five years.
  • Microsoft provides mainstream support for a service for five years.

Correct: Microsoft will give a minimum notice period of 12 months before the termination of support for its products falling under the Modern Lifecycle Policy, i.e. unless a successor product or service is made available. This does not include free services or preview editions.

24. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. The company has asked you to research Azure AD. What types of resources can Azure AD help secure?

  • Only internal resources 
  • Both External and Internal Resources (CORRECT)
  • Only external resources 

Correct: Azure AD enables users to access both external and internal resources. External resources include services such as Microsoft Office 365 and the Azure portal, among many other software-as-a-service (SaaS) applications. Internal resources include the applications that are made available on your organization intranet and corporate network as well as any cloud applications developed internally for your organization.

6. What are investigative tools used for?

  • Monitoring activity
  • Documenting incidents
  • Managing alerts
  • Analyzing events (CORRECT)

25. Tradewind Traders is planning to migrate its data and resources to Azure cloud services. The company has asked you to research Azure Single Sign On. Based on your research, is the following statement correct in respect of Single Sign-On in Azure?

Single sign-on enables a user to sign in one time and use that credential to access multiple resources and applications from different providers.

  • Yes (CORRECT)
  • No

Correct: Single sign-on (SSO) is a way of logging into a multiple number of systems by simply logging in once and then using the same credentials to have access to different apps or resources across different service providers and thereby improving user experience through hastening authentication.

26. Tradewind Traders has recently migrated to Azure cloud services. Management has asked you to research Azure Blueprints which are composed of artifacts. Which of the following resources as artifacts are currently supported by Azure Blueprints?

Select all options that apply.

  • Management Groups
  • Role Assignment (CORRECT)
  • ARM Templates (CORRECT)
  • Policy Assignment (CORRECT)

Azure Blueprint now supports the following artifacts: Resource Groups, ARM templates, Policy Assignments and Role Assignments.

Support currently exists for Resource Groups, ARM templates, Policy Assignments, and Role Assignments as artifacts in Azure Blueprints.

Artifacts supported in Azure Blueprints are Resource Groups, ARM templates, Policy Assignments, and Role Assignments.

27. Tradewind Traders has recently migrated to Azure cloud services management wants you to implement resource locks to prevent accidental changes or deletions. Which of the following are valid options when configuring Resource Locks?

Select all options that apply.

  • ReadOnly (CORRECT)
  • CanNotDelete (CORRECT)
  • CanNotModify

Correct: ReadOnly designates that the authorized user has access to view a resource, yet it is unavailable for deletion or modification purposes. Application of the lock would be like providing only the Reader role permissions in Azure RBAC, as this role would limit the user to only reading rights.

Correct: CanNotDelete means authorized users may read and modify a resource but not delete it unless they first remove the lock.

28. Tradewind Traders has recently migrated to Azure cloud services. The company has just completed a review of its current configuration and has discovered that there is a selection of unused resources currently in existence including multiple AD accounts, multiple groups, multiple public IP addresses, and multiple network interfaces. The company wants to reduce costs to a minimum. You recommend removing the network interfaces. Will this reduce the monthly costs?

  • Yes 
  • No (CORRECT)

29. Tradewind Traders has recently migrated to Azure cloud services and management is in the process of setting up an SLA with Microsoft. They want clarification on the time duration that the service is unavailable based on the percentages listed. How much cumulative downtime per year will an SLA percentage of 99.95 give?

  • 4.38 hours (CORRECT)
  • 52.56 minutes  
  • 8.76 hours 
  • 3.65 days 

30. If you have a free trial subscription to Azure and you reach your credit limit during the trial period, what will happen to your resources?

  • The oldest resources will be deleted once the credit limit has been reached allowing you to create new resources. 
  • You can carry on and access existing resources, but you will not be able to create new resources.
  • Your existing Azure resources are removed from production and your Azure virtual machines are stopped and deallocated. (CORRECT)

CONCLUSION – Exam Prep 3

As a matter of fact, this module describes the chief aspects regarding Azure’s security in accessing cloud resources and creates an understanding on the necessity of formulating a governance strategy for the cloud, and Azure’s focus on adherence to standards and regulations. You have revisited some of the most crucial cost influencers, thought of tools to estimate and manage expenses associated with the cloud, and understood how Azure’s SLAs affect your application design decisions.

Completion of the practice exam optimally helps you to know the subject areas on identity, governance, privacy, and compliance, as well as the Azure cost management and SLAs domains of the AZ-900 Microsoft Certified Azure Fundamentals exam.

Leave a Comment