Microsoft - AZ-140: Configuring and Operating Microsoft Azure Virtual Desktop
Sample Questions
Question: 238
Measured Skill: Plan and implement an Azure Virtual Desktop infrastructure (40–45%)
Note: This question is part of a series of questions that present the same scenario. Each questions in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution. Determine whether the solution meets the stated goals.
You have an Azure Virtual Desktop host pool that runs Windows 10 Enterprise multi-session. User sessions are load-balanced between the session hosts. Idle session timeout is 30 minutes.
You plan to shut down a session host named Host1 to perform routine maintenance.
You need to prevent new user sessions to Host1 without disconnecting active user sessions.
Solution: From the Azure portal, add lock on Host1.
Does this meet the goal?Correct answer: BExplanation:
Adding a resource lock on Host1 will protect the virtual machine them from accidental user deletions and modifications. Adding a lock on Host1 will not prevent new user sessions from being established. We should enable the Drain mode for Host1 instead.
Drain mode isolates a session host when you want to apply patches and do maintenance without disrupting user sessions. When isolated, the session host won't accept new user sessions. Any new connections will be redirected to the next available session host. Existing connections in the session host will keep working until the user signs out or the administrator ends the session. When the session host is in drain mode, admins can also remotely connect to the server without going through the Azure Virtual Desktop service. You can apply this setting to both pooled and personal desktops.
Reference: Use drain mode to isolate session hosts and apply patches
Question: 239
Measured Skill: Plan and implement user environments and apps (20–25%)
You have an Azure subscription named Sub1 that contains a resource group named RG1. RG1 contains an Azure Virtual Desktop deployment. The deployment contains a host pool named Pool1.
You plan to configure Pool1 to meet the following requirements:
- Session hosts must start automatically as user demand increases.
- Azure Virtual Desktop must have permission to turn on session host virtual machines.
What should you configure, and which role should you assign to the Azure Virtual Desktop service principal?
(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)A | Configure: A scaling plan
Assign: Desktop Virtualization Power on Contributor for RG1 |
B | Configure: Drain mode
Assign: Desktop Virtualization Contributor for Sub1 |
C | Configure: RDP properties
Assign: Desktop Virtualization Contributor for RG1 |
D | Configure: RDP properties
Assign: Desktop Virtualization Power on Contributor for RG1 |
E | Configure: Start VM on Connect
Assign: Desktop Virtualization Contributor for RG1 |
F | Configure: Start VM on Connect
Assign: Desktop Virtualization Power on Contributor for Sub1 |
Correct answer: FExplanation:
Start VM on Connect lets you reduce costs by enabling end users to power on the virtual machines (VMs) used as session hosts only when they're needed. You can then power off VMs when they're not needed.
For personal host pools, Start VM on Connect only powers on an existing session host VM that is already assigned or can be assigned to a user. For pooled host pools, Start VM on Connect only powers on a session host VM when none are turned on and more VMs are only be turned on when the first VM reaches the session limit.
The time it takes for a user to connect to a remote session on a session host that is powered off (deallocated) increases because the VM needs time to power on again, much like turning on a physical computer. When a user uses Windows App and the Remote Desktop app to connect to Azure Virtual Desktop, they're told a VM is being powered on while they're connecting.
You can enable Start VM on Connect for session hosts on Azure and Azure Local in personal or pooled host pools using the Azure portal, Azure PowerShell, or Azure CLI. Start VM on Connect is configured per host pool.
To configure Start VM on Connect, you need to assign the Desktop Virtualization Power On Contributor role-based access control (RBAC) role to the Azure Virtual Desktop service principal with your Azure subscription as the assignable scope. If you assign this role at any level lower than a subscription, such as the resource group, host pool, or VM, prevents Start VM on Connect from working properly.
Reference: Configure Start VM on Connect
Question: 240
Measured Skill: Plan and implement user environments and apps (20–25%)
You have an Azure subscription named Sub1 that contains a resource group named RG1.
RG1 contains an Azure Virtual Desktop deployment. The deployment has a host pool named Pool1 that contains four session hosts.
You plan to enable the Start VM On Connect feature.
Which role should you assign to the Azure Virtual Desktop service principal, and to which scope should you assign the role?
(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)A | Role: Desktop Virtualization Power on Contributor
Scope: Pool1 |
B | Role: Desktop Virtualization Power on Contributor
Scope: Sub1 |
C | Role: Virtual Machine Administrator Login
Scope: RG1 |
D | Role: Virtual Machine Administrator Login
Scope: Pool1 |
E | Role: Virtual Machine User Login
Scope: Sub1 |
F | Role: Virtual Machine User Login
Scope: RG1 |
Correct answer: BExplanation:
Start VM on Connect lets you reduce costs by enabling end users to power on the virtual machines (VMs) used as session hosts only when they're needed. You can then power off VMs when they're not needed.
For personal host pools, Start VM on Connect only powers on an existing session host VM that is already assigned or can be assigned to a user. For pooled host pools, Start VM on Connect only powers on a session host VM when none are turned on and more VMs are only be turned on when the first VM reaches the session limit.
The time it takes for a user to connect to a remote session on a session host that is powered off (deallocated) increases because the VM needs time to power on again, much like turning on a physical computer. When a user uses Windows App and the Remote Desktop app to connect to Azure Virtual Desktop, they're told a VM is being powered on while they're connecting.
You can enable Start VM on Connect for session hosts on Azure and Azure Local in personal or pooled host pools using the Azure portal, Azure PowerShell, or Azure CLI. Start VM on Connect is configured per host pool.
To configure Start VM on Connect, you need to assign the Desktop Virtualization Power On Contributor role-based access control (RBAC) role to the Azure Virtual Desktop service principal with your Azure subscription as the assignable scope. If you assign this role at any level lower than a subscription, such as the resource group, host pool, or VM, prevents Start VM on Connect from working properly.
Reference: Configure Start VM on Connect
Question: 241
Measured Skill: Plan and implement an Azure Virtual Desktop infrastructure (40–45%)
You have an Azure Virtual Desktop deployment that contains a host pool named Pool1.
Pool1 contains two session hosts named Host1 and Host2 and has the following settings:
- Host pool type: Pooled
- Load balancing algorithm: Breadth-first
You plan to implement Quality of Service (QoS) policies to manage RDP connections to Host1 and Host2.
You need to ensure that the Azure Virtual Desktop deployment supports the QoS policies.
What should you do?A | Modify the Load balancing algorithm setting for Pool1. |
B | Enable RDP Shortpath on Host1 and Host2. |
C | Assign a scaling plan to Pool1. |
D | Apply an Azure tag on Host1 and Host2. |
Correct answer: BExplanation:
RDP Shortpath improves the connection quality by enabling direct connectivity between the client and the session host, which is a prerequisite for implementing QoS policies effectively.
RDP Shortpath for managed networks provides a direct UDP-based transport between Remote Desktop Client and Session host. RDP Shortpath for managed networks enables configuration of Quality of Service (QoS) policies for the RDP data. QoS in Azure Virtual Desktop allows real-time RDP traffic that's sensitive to network delays to "cut in line" in front of traffic that's less sensitive. Example of such less sensitive traffic would be a downloading a new app, where an extra second to download isn't a large deal. QoS uses Windows Group Policy Objects to identify and mark all packets in real-time streams and help your network to give RDP traffic a dedicated portion of bandwidth.
If you support a large group of users experiencing any of the problems mentioned below, you probably need to implement QoS. A small business with few users might not need QoS, but it should be helpful even there.
Without some form of QoS, you might see the following issues:
- Jitter – RDP packets arriving at different rates, which can result in visual and audio glitches
- Packet loss – packets dropped, which results in retransmission that requires additional time
- Delayed round-trip time (RTT) – RDP packets taking a long time to reach their destinations, which result in noticeable delays between input and reaction from the desktop or application.
The least complicated way to address these issues is to increase the data connections' size, both internally and out to the internet. Since that is often cost-prohibitive, QoS provides a way to manage the resources you have instead of adding bandwidth more effectively. To address quality issues, we recommend that you first use QoS, then add bandwidth only where necessary.
For QoS to be effective, you must apply consistent QoS settings throughout your organization. Any part of the path that fails to support your QoS priorities can degrade the quality RDP session.
Reference: Implement Quality of Service (QoS) for Azure Virtual Desktop
Question: 242
Measured Skill: Monitor and maintain an Azure Virtual Desktop infrastructure (10–15%)
You have an Azure subscription that contains the vaults shown in the following table.
You have an Azure Virtual Desktop deployment that contains the host pools shown in the following table.
You need to back up all the session hosts in Pool1 and Pool2.
What should you do for each pool?
(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)A | Pool1: From Backup1, create a backup policy only.
Pool2: From Backup1, create a backup policy only. |
B | Pool1: From Backup1, create a backup policy only.
Pool2: From Recovery1, create a standard backup policy only. |
C | Pool1: From Recovery1, create a standard backup policy only.
Pool2: From Recovery1, create a standard backup policy only. |
D | Pool1: From Recovery1, create an Enhanced backup policy only
Pool2: From Recovery1, create a standard backup policy or an Enhanced backup policy. |
E | Pool1: From Recovery1, create an Enhanced backup policy only
Pool2: From Backup1, create a backup policy only. |
F | Pool1: From Recovery1, create a standard backup policy or an Enhanced backup policy.
Pool2: From Recovery1, create a standard backup policy or an Enhanced backup policy. |
Correct answer: DExplanation:
You can use the Azure Backup service to back up Azure virtual machines (VMs) to a Recovery Services vault. A Backup vault does not support virtual machines.
Back up Trusted Launch VMsis supported through Enhanced backup policy only. Back up standard VMs is supported using either a standard backup policy or an Enhanced backup policy only.
References:
Back up an Azure VM using Enhanced policy
Support matrix for Azure VM backups