# AZ 900 題庫 ### Q1 **Public Cloud:** No required capital expenditure. **Private Cloud:** Provides complete control over security. **Hybrid Cloud:** Provides a choice to user on-premises or cloud-based resources. ### Q2 To build a hybrid cloud, you must deploy resources to the public cloud. **YES** ### Q3 You have 50 virtual machines hosted on-premises and 50 virtual machines hosted in Azure. The on-premises virtual machines and the Azure virtual machines connect to each other. Which type of cloud model is this? **A.** hybrid ### Provide access to unused Azure compute capacity at deep discounts Azure Spot virtual machine instances *使用 Azure Spot Virtual Machines 可讓您以大幅降低的成本使用我們未運用的容量。* ### To save on the costs of an unused Azure virtual machine that runs Windows 10 , you should shut down the virtual machine from a Remote Desktop session. *關閉虛擬機節省成本* ### All Azure services that are in public preview are excluded from the Service Level Agreements. *不保證SLA* ### If an Azure virtual machine has a status of Stopped(deallocated),you will continue to pay for storage ### The ______ explains what data Microsoft processes, how Microsoft processes the data, and the purpose of processing the data. Microsoft Online Services Privacy Statement *微軟隱私聲明會說* ### You can access Compliance Manager from the Microsoft Service Trust Portal ### You have 1000 virtual machines hosted on the Hyper-V hosts in a data center.You plan to migrate all the virtual machines.to an Azure pay-as-you-go subscription.You need to identify which expenditure model to use for the planned Azure solution.Which expenditure model should you identify? operational ### ______ is an Apache Spark-based analytics service. Azure Databricks ### 是非題 #### A company has complete control of the resources and security for its private cloud. ---> Yes #### A hybrid cloud solution enables a company to control whether its applications run on-premises or in the cloud. ---> Yes ### Which Service Level Agreement (SLA) is provided for Azure services in public preview ? Each service defines its own SLA ### ______ in Azure Firewall enables users on the internet to access a server on a virtual network. Network Address Translation (NAT) rules ### 是非題 #### Purchasing Azure services through an Enterprise Agreement (EA) requires you to spend a predetermined amount. ---> YES #### Microsoft defines the pricing structure of all third-part services sold through Azure Marketplace. ---> YES ### 是非題 #### Pay-As-You-Go(PAYG) is a consumprion-based model.---> YES #### The services provided through a consumption-based model are considered operational expenditures(OpEx). ---> YES ### What is the longest term you can purchase for Azure Reserved VM instances? Three years ### ______ can calculate cost savings due to reduced electricity consumption as a result of migrating on-premises Microsoft SQL servers to Azure. The Azure Total Cost of Ownership (TCO) calculator ### You need to compare a company's cloud usage to industry standard best practices. What should you use ? 爭議題： Azure Monitor//Azure Advisor ### You need to start Azure Cloud Shell. What should you use ? the Azure portal ### How many copies of data are maintained by an Azure Storage account that uses locally-redundant storage(LRS)? 3 ### What enables a cloud service to adapt quickly to changing requirements? agility ### What is an example of vertical scaling in a cloud environment? adding an additional CPU to an existing Azure virtual machine ### 是非題 #### Microsoft Defender for Cloud can monitor Azure resources and on-premises resources. ---> YES #### For Microsoft Defender for Cloud, you can download a Regulatory Compliance report. ---> YES ### 是非題 #### Cloud computing offers lower capital expenditure (CAPEX) costs than on-premises deployments. ---> YES #### Cloud computing can scale when a business requires change. ---> YES ### What additional resource is required by an Azure virtual machine? a virtual network ### 是非題 #### Azure Functions is an example of a platform as a service (PaaS) cloud service model. ---> YES #### Microsoft 365 is an example of a software as a service(SaaS) cloud service model. ---> YES #### An Azure virtual machine is an example of an infrastructure as a service (IaaS) cloud service model. ---> YES ### How many copies of data are maintained by an Azure Storage account that uses geo-redundant storage(GRS)? 6 ### What is used to grant permission to Azure Virtual.Desktop resources? role-based access control (RBAC) roles ### 是非題 #### Virtual network created in the same resource group must have unique names. ---> YES #### The Azure virtual network's address space must be unique within a subscription. ---> YES ### 應用題 **The company plans to migrate servers to Azure virtual machines.You need to identify which administrative responsibilities will be eliminated after the planned migration.Which two responsibilities should you identify?** Replacing failed server hardware Managing physical server security ### 是非題 #### You must have internet connectivity to use cloud computing. ---> YES #### The costs to increase cloud computing capacity are less than the costs to increase the computing capacity of an on-premised datacenter. ---> YES ### 拖拉題 **Scalability:** Resources can be provisioned dynamically to meet changing demands. **Geo-distribution:** Applications and data can be deployed to multiple regions. **Agility:** Applications can be developed,tested,and launched rapidly. ### Azure Site Recovery provides ______ for virtual machines. disaster recovery ### 應用題 **You plan to use Azure to host two apps named App1 and App2. The apps must meet the following requirements:** **- You must be able to modify the code of App1** **- Administrative effort to manage the operating system of App1 must be minimized.** **- App2 must run interactively with the operating system of the server.** **Which type of cloud service should you use for each app?** **App1** PaaS **App2:** Saas ### You have an accounting application named App1 that used a legacy database. You plan to move App1 to the cloud.Which service model should you use? infrastructure as a service (IaaS) ### When you are implementing a Software as a Service (SaaS) solution, you are responsible for Configuring the SaaS solution ### An Azure web app that queries an on-premises Microsoft SQL server is an example of a ______ cloud. hybrid ### A Microsoft SQL Server database that is hosted in the cloud and has software updates managed by Azure is an example of ______. platform as a server (PaaS) ### Which cloud computing model includes on-premises and cloud-based resources? hybrid ### Auto scaling is an example of ______. elasticity ### 題非題 #### Each Azure virtual network in a single resource group must have a unique name. ---> YES #### The Azure virtual network's address space must be unique within a subscription. ---> YES ### Which term represents the ability to increase the computing capacity of a virtual machine by adding memory or CPUs? vertical scaling ### What are two benefits of cloud computing? Each correct answer presents a complete solution. enables the rapid provisioning of resources shifts capital expenditures(CAPEX) to operating expenditures ### What is a feature of an Azure virtual network? isolation and segmentation ### ______ enables Azure resources to be deployed close to users. Geo-distribution ### 拖拉題 **Scalability:** Increase the compute capacity of apps in the cloud. **High availability:** Provide a continuous user experience with no apparent downtime. **Geo-distribution:** Ensure that users always have the best experience by deploying apps to all the regions where there are users. ### Which cloud computing benefit provides continuous user access to a cloud based application with minimal downtime ? high availability ### 拖拉題 **Azure Policy:** Restrict which virtual machine types can be created in s subscription. **Azure tags:** Identify Azure resources that are associated with specific cost centers. **Azure Blueprints:** Deploy a complete Azure application environment including resources configuration and role assignments. ### An Availability Zone in Azure has physically separate locations ______ within a single Azure region. ### 拖拉題 **Azure virtual machines:** Provide operating system virtualization. **Azure Container Instances:** Provide portable environment for virtualized applications. **Azure App service:** Used to build, deploy, and scale web apps. **Azure Functions:** Provide a platform for serverless code. ### You have several virtual machines in an Azure subscription. You create a new subscription. The virtual machines can be moved to the new subscription. ### You need to purchase a third-party virtual security appliance that you will deploy to an Azure subscription. What should you use? Azure Marketplace ### ______ is a highly secure IoT solution that includes a microcontroller unit (MCU) and a customized Linux operating system. Azure sphere ### You plan to deploy a service to Azure virtual machines. You need to ensure that the service will be availavle if a datacenter fails. What should you use as part of the virtual machine deployment? availability zones ### An Azure region ______ contains one or more data centers that are connected by using a low-latency network. ### You can use the Azure File Sync agent to sync on-premises data to an Azure ______ file share ### What is the function of a Site-to-Site VPN? provides a connection from an on-premises VPN device to an Azure VPN gateway. ### 拖拉題 **PaaS:** Azure App Service **IaaS:** Azure virtual machines **SaaS:** Microsoft Dynamics 365 ### 拖拉題 **IaaS:** A cloud-based file server **SaaS:** A cloud-based accounting system **PaaS:** A cloud-based service for custom apps. ### You need to manage containers. Which two services can you use? Azure Container Instances Azure Kubernetes Service(AKS) ### An Azure container instance is an example of an Azure ______ compute service ### At which OSI layer does ExpressRoute operate? Layer 3 ### Application Insights is a feature of ______ Azure Monitor ### 拖拉題 #### Arrange the storage account redundancy options from the least redundant to the most redundant. Locally-Redundant storage(LRS) Zone-redundant storage(ZRS) Geo-redundant storage(GRS) ### Azure Blob Storage is a ______ storage service optimized for very large objects, such as video files and bitmaps. ### What can you use to identify underutilized or unused Azure virtual machines? Azure Advisor ### Which node in the Azure portal should you use to assign a user the Reader role for a resource group. Access control (IAM) ### ______ is an Apache Spark-based analytics service. Azure Databricks ### 是非題 #### You must have internet connectivity to manage cloud services. ---> YES #### You can manage cloud services from any modern web browser. ---> YES ### You can manage an on-premises Windows server as an Azure resource by using ______ Azure Arc ### 是非題 #### You can manage cloud services from the command line. ---> YES #### You can manage cloud services by using a web browser. ---> YES ### 拖拉題 **Microsoft Sentinel:** Provide security information event management(SIEM) functionality **Microsoft Defender for Cloud:** Display the secure score for an Azure subscription. **Azure Key Vault:** Store passwords for use by Azure Function applications ### Which Azure service can you use as a security information and event management(SIEM) solution? Microsoft Sentinel ### An Azure Policy initiative definition is a ______ collection of policy definitions ### You have an Azure subscription. You need to review your secure score. What should you use ? Microsoft Defender for Cloud ### You can enable just in time (JIT) VM access by using Microsoft Defender for Cloud ### You can view your company's regulatory compliance report from ______ Microsoft Defender for Cloud ### You need to collect and automatically analyze security events from Azure Active Directory(Azure AD).What should you use? Microsoft Sentinel ### ______ enables users to authenticate to multiple applications by using single sign-on(SSO). Azure Active Directory(Azure AD) ### 是非題 #### Application security groups can be specified as part of network security group (NSG) rules. ---> YES #### Network security groups (NSGs) always include inbound security rules and outbound security rules. ---> YES ### 拖拉題 **single sign-on (SSO)** The ability to use the same credentials to access multiple resources and applications from different providers. **authorization** The process of identifying the access level of a user or service. **multi-factor authentication(MFA)** Requires several elements to identify a user or a service. ### You need to recommend an Azure solution that encrypts the administrative credentials during the deployment.What should you include in the recommendation? Azure Key Vault ### After you create a virtual machine, you need to modify the to allow connections to TCP port 8080 on the virtual machine ______ nerwork security group (NSG) ### Azure distributed denial of service (DDoS) protection is an example of protection that is implemented at the ______ networking layer ### Microsoft Sentinael uses playbooks to ______ automatically respond to threats ### You need to prevent the accidental deletion of the resources in RG1. Which setting should you use? To answer, select the appropriate setting in the answer area. Locks ### 是非題 #### Trust Center provides information about the Azure compliance offerings. ---> YES ### Requiring a user to enter a password and answer a security question when signing-in to Azure Active Directory (Azure AD) is an example of ______ multi-factor authentication(MFA) ### What should you use to evaluate whether your company's Azure environment meets regulatory requirements? Microsoft Defender for Cloud ### You can review audit reports and compliance-related information for Azure services from ______ Microsoft Defender for Cloud. ### 是非題 #### The Microsoft Service Trust Portal can be accessed by using a Microsoft cloud services account. ---> YES #### Compliance Manager can be used to track your company's regulatory compliance activities related to Microsoft cloud services. ---> YES #### The My Library feature can be used to save Microsoft Service Trust Portal documents and resources in a single location. ---> YES ### ______ is the process of establishing the identity of a user or service that wants to access a resource. Authentication ### 是非題 #### Conditional Access uses signals collected from a user during the sign-in process to decide whether to allow or deny access requests. ---> YES ### An Azure service is available to all Azure customers when it is in ______. public preview