Microsoft - AZ-140: Configuring and Operating Microsoft Azure Virtual Desktop
Sample Questions
Question: 328
Measured Skill: Monitor and maintain an Azure Virtual Desktop infrastructure (10–15%)
You have an Azure Virtual Desktop host pool that runs Windows 10 Enterprise multi-session.
You need to configure automatic scaling for the host pool. Your solution must meet the following requirements:
- New user sessions should be distributed across all running session hosts.
- A new session host should be started automatically when concurrent user sessions surpass 30 users per host.
What should you include in the solution?| A | An Azure Automation account and the breadth-first load balancing algorithm. |
| B | An Azure load balancer and the breadth-first load balancing algorithm. |
| C | An Azure Automation account and the depth-first load balancing algorithm. |
| D | An Azure load balancer and the depth-first load balancing algorithm. |
Correct answer: AExplanation:
To run scaling scripts that monitor session host usage and start/stop VMs based on thresholds, an Azure Automation account is used.
To distribute new user sessions across all running hosts, we have to use the breadth-first load balancing algorithm.
Azure Virtual Desktop supports two load balancing algorithms for pooled host pools. Each algorithm determines which session host is used when a user starts a remote session.
The following load balancing algorithms are available for pooled host pools:
-
Breadth-first, which aims to evenly distribute new user sessions across the session hosts in a host pool. You don't have to specify a maximum session limit for the number of sessions.
-
Depth-first, which keeps starting new user sessions on one session host until the maximum session limit is reached. Once the session limit is reached, any new user connections are directed to the next session host in the host pool until it reaches its session limit, and so on.
References:
Scale session hosts using Azure Automation and Azure Logic Apps for Azure Virtual Desktop
Configure host pool load balancing in Azure Virtual Desktop
Question: 329
Measured Skill: Plan and implement user environments and apps (20–25%)
You have an Azure Virtual Desktop deployment that contains the resources shown in the following table.
You need to ensure that users can connect to a session host in the deallocated state.
On which resources can you enable Start VM on Connect?| A | Workspace1 only |
| B | Azure virtual machines |
| C | P1-0 and P1-1 |
| D | Pool1 only |
Correct answer: DExplanation:
Start VM on Connect lets you reduce costs by enabling end users to power on the virtual machines (VMs) used as session hosts only when they're needed. You can then power off VMs when they're not needed.
For personal host pools, Start VM on Connect only powers on an existing session host VM that is already assigned or can be assigned to a user. For pooled host pools, Start VM on Connect only powers on a session host VM when none are turned on and more VMs are only be turned on when the first VM reaches the session limit.
The time it takes for a user to connect to a remote session on a session host that is powered off (deallocated) increases because the VM needs time to power on again, much like turning on a physical computer. When a user uses Windows App and the Remote Desktop app to connect to Azure Virtual Desktop, they're told a VM is being powered on while they're connecting.
You can enable Start VM on Connect for session hosts on Azure and Azure Local in personal or pooled host pools using the Azure portal, Azure PowerShell, or Azure CLI. Start VM on Connect is configured per host pool.
To configure Start VM on Connect using the Azure portal:
Sign in to the Azure portal.
In the search bar, enter Azure Virtual Desktop and select the matching service entry.
Select Host pools, then select the name of the host pool where you want to enable the setting.
Select Properties.
In the configuration section, set Start VM on connect to Yes to enable it, or No to disable it.
Select Save to apply the settings.
Reference: Configure Start VM on Connect
Question: 330
Measured Skill: Plan and implement an Azure Virtual Desktop infrastructure (40–45%)
You have an Azure Virtual Desktop deployment that contains a host pool named Pool1.
You plan to use a custom image template to create session hosts for Pool1.
You need to create the custom image template.
What should you create first?| A | A user-assigned managed identity |
| B | An Azure Automation account |
| C | An FSLogix profile container |
| D | A workbook |
Correct answer: AExplanation:
Custom image templates in Azure Virtual Desktop enable you to easily create a custom image that you can use when deploying session host virtual machines (VMs). Using custom images helps you to standardize the configuration of your session host VMs for your organization. Custom image templates are built on Azure Image Builder and tailored for Azure Virtual Desktop.
Before you can create a custom image template, you need to meet the following prerequisites:
The following resource providers registered on your subscription.
- Microsoft.DesktopVirtualization
- Microsoft.VirtualMachineImages
- Microsoft.Storage
- Microsoft.Compute
- Microsoft.Network
- Microsoft.KeyVault
- Microsoft.ContainerInstance
-
A resource group to store custom image templates, and images. If you specify your own resource group for Azure Image Builder to use, then it needs to be empty before the image build starts.
A user-assigned managed identity. We recommend you create one specifically to use with custom image templates.
Create a custom role in Azure role-based access control (RBAC) with the following permissions as actions:
"Microsoft.Compute/galleries/read",
"Microsoft.Compute/galleries/images/read",
"Microsoft.Compute/galleries/images/versions/read",
"Microsoft.Compute/galleries/images/versions/write",
"Microsoft.Compute/images/write",
"Microsoft.Compute/images/read",
"Microsoft.Compute/images/delete"
Assign the custom role to the managed identity. This should be scoped appropriately for your deployment, ideally to the resource group you use store custom image templates.
Reference: Use custom image templates to create custom images in Azure Virtual Desktop
Question: 331
Measured Skill: Plan and implement user environments and apps (20–25%)
You have 20 on-premises Windows 11 devices.
You have an Azure subscription that contains an Azure Virtual Desktop deployment. The deployment only uses private IP addresses.
You need to recommend what to use to connect to Azure Virtual Desktop session hosts. The solution must support the following features:
- Multiple monitors
- Camera redirection
What should you recommend for each feature?
(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)
| A | Multiple monitors: Remote Desktop Connection
Camera redirection: Remote Desktop Connection |
| B | Multiple monitors: Remote Desktop Connection
Camera redirection: Windows app |
| C | Multiple monitors: Remote Desktop app
Camera redirection: Remote Desktop app |
| D | Multiple monitors: Remote Desktop app
Camera redirection: Remote Desktop Connection |
| E | Multiple monitors: Windows app
Camera redirection: Windows app |
| F | Multiple monitors: Windows app
Camera redirection: Remote Desktop app |
Correct answer: EExplanation:
You can connect remotely to Windows desktops and apps running in Azure Virtual Desktop using Windows App or the Remote Desktop client which is also refered to as Remote Desktop app.
Windows App and the Remote Desktop client are available on many different types of devices on different platforms and form factors, such as desktops and laptops, tablets, smartphones, through a web browser, and virtual reality headsets. This choice provides flexibility and convenience to access desktops and apps from anywhere.
The Windows App is the recommended app to connect to Azure Virtual Desktop as it replaces the Remote Desktop client.
Windows App is available for the following platforms:
- Windows
- macOS
- iOS/iPadOS
- Android/Chrome OS
- Web browsers
- Meta Quest VR headset (preview)
The Windows App supports many features you can use to enhance your remote experience, such as:
- Multiple monitor support, with custom and dynamic display resolutions and scaling.
- Microsoft Teams optimizations.
- Device redirection, such as webcams, audio, storage devices, and printers.
- Single sign-on to eliminate the need to enter credentials multiple times.
- Sign in with multiple accounts and easily switch between them.
References:
Connect to Azure Virtual Desktop
What is Windows App?
Question: 332
Measured Skill: Plan and implement identity and security (15–20%)
You have a Microsoft 365 E5 subscription.
You have an Azure subscription named Sub1. Sub1 contains an Azure Virtual Desktop deployment. The deployment contains the session hosts shown in the following table.
Which session hosts can you protect by using Microsoft Defender for Endpoint?| A | Host1 only |
| B | Host1 and Host2 only |
| C | Host2 and Host3 only |
| D | Host1, Host2, and Host3 |
Correct answer: DExplanation:
Microsoft Defender for Endpoint supports monitoring both VDI and Azure Virtual Desktop sessions.
The following session host operating systems are supported:
- Windows 11
- Windows 10
- Windows Server 2025
- Windows Server 2022
- Windows Server 2019
- Windows Server 2016
- Windows Server 2012 R2
- Windows Server 2008
Onboarding a persistent VDI machine into Microsoft Defender for Endpoint is handled the same way you would onboard a physical machine, such as a desktop or laptop.
References:
Onboard Windows devices in Azure Virtual Desktop
Onboard non-persistent virtual desktop infrastructure (VDI) devices in Microsoft Defender XDR