Skip Navigation Links
 

Microsoft - AZ-900: Microsoft Azure Fundamentals

Sample Questions

Question: 278
Measured Skill: Describe general security and network security features (10-15%)

To complete the sentence, select the appropriate option in the answer area.

www.cert2brain.com

AAfter you create a virtual machine, you need to modify the network security group (NSG) to allow connections from TCP port 8080 to the virtual machine.
B After you create a virtual machine, you need to modify the virtual network gateway to allow connections from TCP port 8080 to the virtual machine.
C After you create a virtual machine, you need to modify the virtual network to allow connections from TCP port 8080 to the virtual machine.
D After you create a virtual machine, you need to modify the route table to allow connections from TCP port 8080 to the virtual machine.

Correct answer: A

Explanation:

A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.

Inbound traffic on port 8080 TCP is blocked by default when creating a new Azure VM.

Reference: Network security groups

Question: 279
Measured Skill: Describe core Azure services (15-20%)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AYou can create Group Policies in Azure Active Directory (Azure AD): Yes
You can join Windows 10 devices to Azure Active Directory (Azure AD): Yes
You can join Android to Azure Active Directory (Azure AD): Yes
B You can create Group Policies in Azure Active Directory (Azure AD): Yes
You can join Windows 10 devices to Azure Active Directory (Azure AD): Yes
You can join Android to Azure Active Directory (Azure AD): No
C You can create Group Policies in Azure Active Directory (Azure AD): Yes
You can join Windows 10 devices to Azure Active Directory (Azure AD): No
You can join Android to Azure Active Directory (Azure AD): Yes
D You can create Group Policies in Azure Active Directory (Azure AD): No
You can join Windows 10 devices to Azure Active Directory (Azure AD): Yes
You can join Android to Azure Active Directory (Azure AD): No
E You can create Group Policies in Azure Active Directory (Azure AD): No
You can join Windows 10 devices to Azure Active Directory (Azure AD): Yes
You can join Android to Azure Active Directory (Azure AD): Yes
F You can create Group Policies in Azure Active Directory (Azure AD): No
You can join Windows 10 devices to Azure Active Directory (Azure AD): No
You can join Android to Azure Active Directory (Azure AD): No

Correct answer: D

Explanation:

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service.

Azure Active Directory (Azure AD) does not support Group Policies. Instead you use Intune configuration policies for device management.

You can register, join, or hybrid-join Windows 10 devices with Azure AD.

Android and iOS devices can be Azure AD registered but not Azure AD joined. Registering a device with Azure AD allows device authencication and corresponds to a workplace join in an on-premises Active Directory domain.

References:

What is Azure Active Directory?

Compare Active Directory to Azure Active Directory

Question: 280
Measured Skill: Describe identity, governance, privacy, and compliance features (20-25%)

To complete the sentence, select the appropriate option in the answer area.

www.cert2brain.com

AThe Microsoft Online Services Privacy Statement explains what data Microsoft processes, how Microsoft processes the data, and the purpose of processing the data.
B The Microsoft Online Services Terms explains what data Microsoft processes, how Microsoft processes the data, and the purpose of processing the data.
C The Microsoft Online Services Level Agreement explains what data Microsoft processes, how Microsoft processes the data, and the purpose of processing the data.
D The Online Subscription Agreement for Microsoft Azure explains what data Microsoft processes, how Microsoft processes the data, and the purpose of processing the data.

Correct answer: A

Explanation:

The Microsoft Online Services Privacy Statement explains the personal data Microsoft processes, how Microsoft processes it, and for what purposes.

Reference: Microsoft Privacy Statement

Question: 281
Measured Skill: Describe identity, governance, privacy, and compliance features (20-25%)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AYou can add an Azure Resource Manager template to an Azure Blueprint: Yes
You can assign an Azure Blueprint to a resource group: Yes
You can use Azure Blueprints to grant permissions to a resource: Yes
B You can add an Azure Resource Manager template to an Azure Blueprint: Yes
You can assign an Azure Blueprint to a resource group: No
You can use Azure Blueprints to grant permissions to a resource: No
C You can add an Azure Resource Manager template to an Azure Blueprint: Yes
You can assign an Azure Blueprint to a resource group: No
You can use Azure Blueprints to grant permissions to a resource: Yes
D You can add an Azure Resource Manager template to an Azure Blueprint: No
You can assign an Azure Blueprint to a resource group: Yes
You can use Azure Blueprints to grant permissions to a resource: No
E You can add an Azure Resource Manager template to an Azure Blueprint: No
You can assign an Azure Blueprint to a resource group: No
You can use Azure Blueprints to grant permissions to a resource: Yes
F You can add an Azure Resource Manager template to an Azure Blueprint: No
You can assign an Azure Blueprint to a resource group: No
You can use Azure Blueprints to grant permissions to a resource: No

Correct answer: C

Explanation:

Blueprints are a declarative way to orchestrate the deployment of various resource templates and other artifacts such as:

  • Role Assignments
  • Policy Assignments
  • Azure Resource Manager templates (ARM templates)
  • Resource Groups

The Azure Blueprints service is backed by the globally distributed Azure Cosmos DB. Blueprint objects are replicated to multiple Azure regions.

The service is designed to help with environment setup. This setup often consists of a set of resource groups, policies, role assignments, and ARM template deployments. A blueprint is a package to bring each of these artifact types together and allow you to compose and version that package, including through a continuous integration and continuous delivery (CI/CD) pipeline. Ultimately, each is assigned to a subscription in a single operation that can be audited and tracked.

Nearly everything that you want to include for deployment in Azure Blueprints can be accomplished with an ARM template. However, an ARM template is a document that doesn't exist natively in Azure – each is stored either locally or in source control. The template gets used for deployments of one or more Azure resources, but once those resources deploy there's no active connection or relationship to the template.

With Azure Blueprints, the relationship between the blueprint definition (what should be deployed) and the blueprint assignment (what was deployed) is preserved. This connection supports improved tracking and auditing of deployments. Azure Blueprints can also upgrade several subscriptions at once that are governed by the same blueprint.

There's no need to choose between an ARM template and a blueprint. Each blueprint can consist of zero or more ARM template artifacts. This support means that previous efforts to develop and maintain a library of ARM templates are reusable in Azure Blueprints.

A blueprint is composed of artifacts. Azure Blueprints currently supports the following resources as artifacts:

Reference: What is Azure Blueprints?



Question: 282
Measured Skill: Describe identity, governance, privacy, and compliance features (20-25%)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AAzure China is operated by Microsoft: Yes
Azure Government is operated by Microsoft: Yes
Azure Government is available only to US government agencies and their partners: Yes
B Azure China is operated by Microsoft: Yes
Azure Government is operated by Microsoft: Yes
Azure Government is available only to US government agencies and their partners: No
C Azure China is operated by Microsoft: No
Azure Government is operated by Microsoft: Yes
Azure Government is available only to US government agencies and their partners: No
D Azure China is operated by Microsoft: Yes
Azure Government is operated by Microsoft: No
Azure Government is available only to US government agencies and their partners: Yes
E Azure China is operated by Microsoft: No
Azure Government is operated by Microsoft: Yes
Azure Government is available only to US government agencies and their partners: Yes
F Azure China is operated by Microsoft: No
Azure Government is operated by Microsoft: No
Azure Government is available only to US government agencies and their partners: No

Correct answer: E

Explanation:

Microsoft Azure operated by 21Vianet (Azure China) is a physically separated instance of cloud services located in China. It's independently operated and transacted by Shanghai Blue Cloud Technology Co., Ltd. ("21Vianet"), a wholly owned subsidiary of Beijing 21Vianet Broadband Data Center Co., Ltd..

Azure Government delivers a dedicated cloud enabling government agencies and their partners to transform mission-critical workloads to the cloud. Azure Government services handle data that is subject to certain government regulations and requirements, such as FedRAMP, NIST 800.171 (DIB), ITAR, IRS 1075, DoD L4, and CJIS. In order to provide you with the highest level of security and compliance, Azure Government uses physically isolated datacenters and networks (located in U.S. only).

Azure Government uses same underlying technologies as global Azure, which includes the core components of Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS).

References:

What is Azure China

What is Azure Government?



 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2021 by cert2brain.com