Saturday, October 23, 2021

Microsoft Azure Fundamental AZ-900 Questions 76-100

 Exam Preparation for AZ-900

Questions 76-100 (out of 185)

QUESTION 76
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource
group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1.
az vm create –resource-group RG1 –name VM1 — image
UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From the Azure portal, launch Azure Cloud Shell and select PowerShell. Run the command in Cloud
Shell.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
The command can be run in the Azure Cloud Shell. Although this question says you select PowerShell rather
than Bash, the Az commands will work in PowerShell.
The Azure Cloud Shell is a free interactive shell. It has common Azure tools preinstalled and configured to use
with your account.
To open the Cloud Shell, just select Try it from the upper right corner of a code block. You can also launch
Cloud Shell in a separate browser tab by going to https://shell.azure.com/bash.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-cli
QUESTION 77
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource
group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1.
az vm create –resource-group RG1 –name VM1 — image
UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From a computer that runs Windows 10, install Azure CLI. From PowerShell, sign in to Azure and then
run the command.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
The command can be run from PowerShell or the command prompt if you have the Azure CLI installed.
References:
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest
QUESTION 78
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource
group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1.
az vm create –resource-group RG1 –name VM1 — image
UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From a computer that runs Windows 10, install Azure CLI. From a command prompt, sign in to Azure
and then run the command.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
The command can be run from PowerShell or the command prompt if you have the Azure CLI installed.
References:
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest


QUESTION 79
HOTSPOT

Several support engineers plan to manage Azure by using the computers shown in the following table:


You need to identify which Azure management tools can be used from each computer.
What should you identify for each computer? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:


Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Previously, the Azure CLI (or x-plat CLI) was the only option for managing Azure subscriptions and resources
from the command-line on Linux and macOS. Now with the open source and cross-platform release of
PowerShell, you’ll be able to manage all your Azure resources from Windows, Linux and macOS using your tool
of choice, either the Azure CLI or Azure PowerShell cmdlets.
The Azure portal runs in a web browser so can be used in either operating system.
References:
https://buildazure.com/2016/08/18/powershell-now-open-source-and-cross-platform-linux-macos-windows/


QUESTION 80
This question requires that you evaluate the underlined text to determine if it is correct.
Azure policies provide a common platform for deploying objects to a cloud infrastructure and for implementing
consistency across the Azure environment.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the
statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed
B. Resource groups provide
C. Azure Resource Manager templates provides
D. Management groups provide
Correct Answer: C
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Azure Resource Manager templates provides a common platform for deploying objects to a cloud infrastructure
and for implementing consistency across the Azure environment.
Azure policies are used to define rules for what can be deployed and how it should be deployed. Whilst this
can help in ensuring consistency, Azure policies do not provide the common platform for deploying objects to a
cloud infrastructure.
References:
https://docs.microsoft.com/en-us/azure/governance/policy/overview
QUESTION 81
DRAG DROP

Match the Azure service to the correct description.
Instructions: To answer, drag the appropriate Azure service from the column on the left to its description on the
right. Each service may be used once, more than once, or not at all.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Section: Understand Core Azure Services
Explanation
Explanation/Reference:
Explanation:

Box 1:
Azure AI bot provides a digital online assistant that provides speech support.
Bots provide an experience that feels less like using a computer and more like dealing with a person – or at
least an intelligent robot. They can be used to shift simple, repetitive tasks, such as taking a dinner reservation
or gathering profile information, on to automated systems that may no longer require direct human intervention.
Users converse with a bot using text, interactive cards, and speech. A bot interaction can be a quick question
and answer, or it can be a sophisticated conversation that intelligently provides access to services.
Box 2:
Azure Machine Learning uses past trainings to provide predictions that have high probability.
Machine learning is a data science technique that allows computers to use existing data to forecast future
behaviors, outcomes, and trends. By using machine learning, computers learn without being explicitly
programmed.
Forecasts or predictions from machine learning can make apps and devices smarter. For example, when you
shop online, machine learning helps recommend other products you might want based on what you’ve bought.
Box 3:
Azure Functions provides serverless computing functionalities.
Azure Functions is a serverless compute service that lets you run event-triggered code without having to
explicitly provision or manage infrastructure.
Box 4:
IoT Hub (Internet of things Hub) provides data from millions of sensors.
IoT Hub is a managed service, hosted in the cloud, that acts as a central message hub for bi-directional
communication between your IoT application and the devices it manages. You can use Azure IoT Hub to build
IoT solutions with reliable and secure communications between millions of IoT devices and a cloud-hosted
solution backend. You can connect virtually any device to IoT Hub.
References:
https://docs.microsoft.com/en-us/azure/bot-service/bot-service-overview-introduction?view=azure-bot-service-
4.0
https://docs.microsoft.com/en-us/azure/machine-learning/overview-what-is-azure-ml
https://docs.microsoft.com/en-us/azure/azure-functions/
https://docs.microsoft.com/en-us/azure/iot-hub/about-iot-hub


QUESTION 82
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
An Azure administrator plans to run a PowerShell script that creates Azure resources.
You need to recommend which computer configuration to use to run the script.
Solution: Run the script from a computer that runs Windows 10 and has the Azure PowerShell module
installed.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
A PowerShell script is a file that contains PowerShell cmdlets and code. A PowerShell script needs to be run in
PowerShell.
In this question, the computer has the Azure PowerShell module installed. Therefore, this solution does meet
the goal.
References:
https://docs.microsoft.com/en-us/powershell/scripting/components/ise/how-to-write-and-run-scripts-in-thewindows-powershell-ise?view=powershell-6
QUESTION 83
DRAG DROP

Match the Azure service to the correct description.
Instructions: To answer, drag the appropriate Azure service from the column on the left to its description on the
right. Each service may be used once, more than once, or not at all.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Box 1:
Azure virtual machines provide operation system virtualization.
Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that Azure
offers. Typically, you choose a VM when you need more control over the computing environment than the other
choices offer.
Box 2:
Azure Container Instances provide portable environments for virtualized applications.
Containers are becoming the preferred way to package, deploy, and manage cloud applications. Azure
Container Instances offers the fastest and simplest way to run a container in Azure, without having to manage
any virtual machines and without having to adopt a higher-level service.
Containers offer significant startup benefits over virtual machines (VMs). Azure Container Instances can start
containers in Azure in seconds, without the need to provision and manage VMs.
Box 3:
Azure App Service is used to build, deploy and scale web apps.
Azure App Service is a platform-as-a-service (PaaS) offering that lets you create web and mobile apps for any
platform or device and connect to data anywhere, in the cloud or on-premises. App Service includes the web
and mobile capabilities that were previously delivered separately as Azure Websites and Azure Mobile
Services.
Box 4:
Azure Functions provide a platform for serverless code.
Azure Functions is a serverless compute service that lets you run event-triggered code without having to
explicitly provision or manage infrastructure.
References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/overview
https://docs.microsoft.com/en-us/azure/security/fundamentals/paas-applications-using-app-services
https://docs.microsoft.com/en-us/azure/azure-functions/
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-overview


QUESTION 84
Which service provides serverless computing in Azure?
A. Azure Virtual Machines
B. Azure Functions
C. Azure storage account
D. Azure Container Instances
Correct Answer: B
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Azure Functions provide a platform for serverless code.
Azure Functions is a serverless compute service that lets you run event-triggered code without having to
explicitly provision or manage infrastructure.
References:
https://docs.microsoft.com/en-us/azure/azure-functions/
QUESTION 85
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure subscription named Subscription1. You sign in to the Azure portal and create a resource
group named RG1.
From Azure documentation, you have the following command that creates a virtual machine named VM1.
az vm create –resource-group RG1 –name VM1 –image
UbuntuLTS –generate-ssh-keys
You need to create VM1 in Subscription1 by using the command.
Solution: From the Azure portal, launch Azure Cloud Shell and select Bash. Run the command in Cloud Shell.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
The command can be run in the Azure Cloud Shell.
The Azure Cloud Shell is a free interactive shell. It has common Azure tools preinstalled and configured to use
with your account.
To open the Cloud Shell, just select Try it from the upper right corner of a code block. You can also launch
Cloud Shell in a separate browser tab by going to https://shell.azure.com/bash.
References:
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-cli
QUESTION 86
Your company has several business units.
Each business unit requires 20 different Azure resources for daily operation. All the business units require the
same type of Azure resources.
You need to recommend a solution to automate the creation of the Azure resources.
What should you include in the recommendations?
A. Azure Resource Manager templates
B. virtual machine scale sets
C. the Azure API Management service
D. management groups
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
You can use Azure Resource Manager templates to automate the creation of the Azure resources. Deploying
resource through templates is known as ‘Infrastructure as code’.
To implement infrastructure as code for your Azure solutions, use Azure Resource Manager templates. The
template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your
project. The template uses declarative syntax, which lets you state what you intend to deploy without having to
write the sequence of programming commands to create it. In the template, you specify the resources to deploy
and the properties for those resources.
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/overview


QUESTION 87
DRAG DROP

Match the Azure service to the correct definition.
Instructions: To answer, drag the appropriate Azure service from the column on the left to its description on the
right. Each service may be used once, more than once, or not at all.
NOTE: Each correct selection is worth one point.
Select and Place:


Correct Answer:


Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Box 1:
Azure Functions provides the platform for serverless code.
Azure Functions is a serverless compute service that lets you run event-triggered code without having to
explicitly provision or manage infrastructure.
Box 2:
Azure Databricks is a big analysis service for machine learning.
Azure Databricks is an Apache Spark-based analytics platform. The platform consists of several components
including ‘MLib’. Mlib is a Machine Learning library consisting of common learning algorithms and utilities,
including classification, regression, clustering, collaborative filtering, dimensionality reduction, as well as
underlying optimization primitives.
Box 3:
Azure Application Insights detects and diagnoses anomalies in web apps.
Application Insights, a feature of Azure Monitor, is an extensible Application Performance Management (APM)
service for developers and DevOps professionals. Use it to monitor your live applications. It will automatically
detect performance anomalies, and includes powerful analytics tools to help you diagnose issues and to
understand what users actually do with your app.
Box 4:
Azure App Service hosts web apps.
Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends.
You can develop in your favorite language, be it .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python.
Applications run and scale with ease on both Windows and Linux-based environments.
References:
https://docs.microsoft.com/en-us/azure/azure-functions/
https://docs.microsoft.com/en-us/azure/azure-databricks/what-is-azure-databricks#apache-spark-basedanalytics-platform
https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview
https://docs.microsoft.com/en-us/azure/app-service/overview


QUESTION 88
HOTSPOT

You plan to deploy a critical line-of-business application to Azure.
The application will run on an Azure virtual machine.
You need to recommend a deployment solution for the application. The solution must provide a guaranteed
availability of 99.99 percent.
What is the minimum number of virtual machines and the minimum number of availability zones you should
recommend for the deployment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:


Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
You need a minimum of two virtual machines with each one located in a different availability zone.
Availability Zones is a high-availability offering that protects your applications and data from datacenter failures.
Availability Zones are unique physical locations within an Azure region. Each zone is made up of one or more
datacenters equipped with independent power, cooling, and networking. To ensure resiliency, there’s a
minimum of three separate zones in all enabled regions. The physical separation of Availability Zones within a
region protects applications and data from datacenter failures. Zone-redundant services replicate your
applications and data across Availability Zones to protect from single-points-of-failure. With Availability Zones,
Azure offers industry best 99.99% VM uptime SLA.
References:
https://docs.microsoft.com/en-us/azure/availability-zones/az-overview


QUESTION 89
Which Azure service should you use to correlate events from multiple resources into a centralized repository?
A. Azure Event Hubs
B. Azure Analysis Services
C. Azure Monitor
D. Azure Stream Analytics
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Azure Event Hubs is a big data streaming platform and event ingestion service. It can receive and process
millions of events per second. Data sent to an event hub can be transformed and stored by using any real-time
analytics provider or batching/storage adapters.
Azure Event Hubs can be used to ingest, buffer, store, and process your stream in real time to get actionable
insights. Event Hubs uses a partitioned consumer model, enabling multiple applications to process the stream
concurrently and letting you control the speed of processing.
Azure Event Hubs can be used to capture your data in near-real time in an Azure Blob storage or Azure Data
Lake Storage for long-term retention or micro-batch processing.
References:
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-about


QUESTION 90
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the
Android operating system.
Solution: You use PowerShell in Azure Cloud Shell.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Azure Cloud Shell is a browser-based shell experience to manage and develop Azure resources.
Cloud Shell offers a browser-accessible, pre-configured shell experience for managing Azure resources without
the overhead of installing, versioning, and maintaining a machine yourself.
Being browser-based, Azure Cloud Shell can be run on a browser from a tablet that runs the Android operating
system.
References:
https://docs.microsoft.com/en-us/azure/cloud-shell/features


QUESTION 91
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the
Android operating system.
Solution: You use the PowerApps portal.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
PowerApps lets you quickly build business applications with little or no code. It is not used to create Azure
virtual machines. Therefore, this solution does not meet the goal.
PowerApps Portals allow organizations to create websites which can be shared with users external to their
organization either anonymously or through the login provider of their choice like LinkedIn, Microsoft Account,
other commercial login providers.
References:
https://powerapps.microsoft.com/en-us/blog/introducing-powerapps-portals-powerful-low-code-websites-forexternal-users/


QUESTION 92
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an Azure environment. You need to create a new Azure virtual machine from a tablet that runs the
Android operating system.
Solution: You use the Azure portal.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
The Azure portal is a web-based, unified console that provides an alternative to command-line tools. With the
Azure portal, you can manage your Azure subscription using a graphical user interface. You can build, manage,
and monitor everything from simple web apps to complex cloud deployments. Create custom dashboards for an
organized view of resources. Configure accessibility options for an optimal experience.
Being web-based, the Azure portal can be run on a browser from a tablet that runs the Android operating
system.
References:
https://docs.microsoft.com/en-us/azure/azure-portal/azure-portal-overview


QUESTION 93
This question requires that you evaluate the underlined text to determine if it is correct.
Azure Databricks is an Apache Spark-based analytics service.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed.” If the
statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed.
B. Azure Data Factory
C. Azure DevOps
D. Azure HDInsight
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Azure Databricks is an Apache Spark-based analytics platform. The platform consists of several components
including ‘MLib’. Mlib is a Machine Learning library consisting of common learning algorithms and utilities,
including classification, regression, clustering, collaborative filtering, dimensionality reduction, as well as
underlying optimization primitives.
References:
https://docs.microsoft.com/en-us/azure/azure-databricks/what-is-azure-databricks#apache-spark-basedanalytics-platform


QUESTION 94
HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:


Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Box 1: Yes
Azure Monitor maximizes the availability and performance of your applications and services by delivering a
comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises
environments.
Box 2: Yes
Alerts in Azure Monitor proactively notify you of critical conditions and potentially attempt to take corrective
action.
Box 3: Yes
Azure Monitor uses Target Resource, which is the scope and signals available for alerting. A target can be any
Azure resource. Example targets: a virtual machine, a storage account, a virtual machine scale set, a Log
Analytics workspace, or an Application Insights resource.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/overview
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-overview


QUESTION 95
Which Azure service provides a set of version control tools to manage code?
A. Azure Repos
B. Azure DevTest Labs
C. Azure Storage
D. Azure Cosmos DB
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Azure Repos is a set of version control tools that you can use to manage your code.
Incorrect Answers:
B: Azure DevTest Labs creates labs consisting of pre-configured bases or Azure Resource Manager templates.
These have all the necessary tools and software that you can use to create environments.
D: Azure Cosmos DB is Microsoft’s globally distributed, multi-model database service.
References:
https://docs.microsoft.com/en-us/azure/devops/repos/get-started/what-is-repos?view=azure-devops


QUESTION 96
This question requires that you evaluate the underlined text to determine if it is correct.
Azure Site Recovery provides fault tolerance for virtual machines.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed.” If the
statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed.
B. disaster recovery
C. elasticity
D. high availability
Correct Answer: A
Section: Understand Core Azure Services
Explanation
Explanation/Reference:

Explanation:
Azure Site Recovery helps ensure business continuity by keeping business apps and workloads running during
outages. Site Recovery replicates workloads running on physical and virtual machines (VMs) from a primary
site to a secondary location.
References:
https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview

QUESTION 97
This question requires that you evaluate the underlined text to determine if it is correct.
Authorization is the process of verifying a user’s credentials.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the
statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed
B. Authentication
C. Federation
D. Ticketing
Correct Answer: B
Section: Understand Security, Privacy, Compliance and Trust
Explanation
Explanation/Reference:

Explanation:
Authentication, not authorization is the process of verifying a user’s credentials.
The difference between authentication and authorization is:
Authentication is proving your identity, proving that you are who you say you are. The most common
example of this is logging in to a system by providing credentials such as a username and password.
Authorization is what you’re allowed to do once you’ve been authenticated. For example, what resources
you’re allowed to access and what you can do with those resources.


QUESTION 98
You need to configure an Azure solution that meets the following requirements:
Secures websites from attacks
Generates reports that contain details of attempted attacks
What should you include in the solution?
A. Azure Firewall
B. a network security group (NSG)
C. Azure Information Protection
D. DDoS protection
Correct Answer: D
Section: Understand Security, Privacy, Compliance and Trust
Explanation
Explanation/Reference:

Explanation:
DDoS is a type of attack that tries to exhaust application resources. The goal is to affect the application’s
availability and its ability to handle legitimate requests. DDoS attacks can be targeted at any endpoint that is
publicly reachable through the internet.
Azure has two DDoS service offerings that provide protection from network attacks: DDoS Protection Basic and
DDoS Protection Standard.
DDoS Basic protection is integrated into the Azure platform by default and at no extra cost.
You have the option of paying for DDoS Standard. It has several advantages over the basic service, including
logging, alerting, and telemetry. DDoS Standard can generate reports that contain details of attempted attacks
as required in this question.
References:
https://docs.microsoft.com/en-us/azure/security/fundamentals/ddos-best-practices


QUESTION 99
HOTSPOT

You plan to implement several security services for an Azure environment. You need to identify which Azure
services must be used to meet the following security requirements:
Monitor threats by using sensors
Enforce Azure Multi-Factor Authentication (MFA) based on a condition
Which Azure service should you identify for each requirement? To answer, select the appropriate options in the
answer area.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:


Section: Understand Security, Privacy, Compliance and Trust
Explanation
Explanation/Reference:

Explanation:
Box 1:
To monitor threats by using sensors, you would use Azure Advanced Threat Protection (ATP).
Azure Advanced Threat Protection (ATP) is a cloud-based security solution that leverages your on-premises
Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and
malicious insider actions directed at your organization.
Sensors are software packages you install on your servers to upload information to Azure ATP.
Box 2:
To enforce MFA based on a condition, you would use Azure Active Directory Identity Protection.
Azure AD Identity Protection helps you manage the roll-out of Azure Multi-Factor Authentication (MFA)
registration by configuring a Conditional Access policy to require MFA registration no matter what modern
authentication app you are signing in to.
References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/what-is-atp
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configuremfa-policy


QUESTION 100
HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:


Section: Understand Security, Privacy, Compliance and Trust
Explanation
Explanation/Reference:

Explanation:
Box 1: Yes
Azure Service Health consists of three components: Azure Status, Azure Service Heath and Azure Resource
Health.
Azure service health provides a personalized view of the health of the Azure services and regions you’re using.
This is the best place to look for service impacting communications about outages, planned maintenance
activities, and other health advisories because the authenticated Azure Service Health experience knows which
services and resources you currently use.
To view the health of all other services available in Azure, you would use the Azure Status component of Azure
Service Health. Azure status informs you of service outages in Azure on the Azure Status page. The page is a
global view of the health of all Azure services across all Azure regions.
Box 2: Yes
The best way to use Service Health is to set up Service Health alerts to notify you via your preferred
communication channels when service issues, planned maintenance, or other changes may affect the Azure
services and regions you use.
Box 3: No
You can use Resource Health to view the health of a virtual machine. However, you cannot use Resource
Health to prevent a service failure affecting the virtual machine.
Azure resource health provides information about the health of your individual cloud resources such as a
specific virtual machine instance.
References:
https://docs.microsoft.com/en-us/azure/service-health/overview

No comments:

Post a Comment

Lab 09: Publish and subscribe to Event Grid events

  Microsoft Azure user interface Given the dynamic nature of Microsoft cloud tools, you might experience Azure UI changes that occur after t...