https://learn.microsoft.com/en-us/credentials/certifications/exams/az-900/practice/results
13/50
Your organization is building a custom application.
You need to focus on application development rather than configuration and management of servers.
Which cloud service model should you use?
With PaaS, users can focus on application development because the cloud provider handles all the platform management. In SaaS, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications. IaaS is the closest service model to managing physical servers.
Describe cloud service types - Training | Microsoft Learn
Question 16 of 50
Select the answer that correctly completes the sentence.
[Answer choice] are physically separate datacenters within an Azure region.
A region is a geographical area on the planet that contains at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network.
Availability zones
Each Azure region is always paired with another region within the same geography, such as US, Europe, or Asia, at least 300 miles away.
Describe the core architectural components of Azure - Training | Microsoft Learn
Question 19 of 50
Which resource can you use to manage access, policies, and compliance across multiple subscriptions?
management groups
Management groups can be used in environments that have multiple subscriptions to streamline the application of governance conditions.
Resource groups can be used to organize Azure resources.
Administrative units are used to delegate the administration of Azure AD resources, such as users and groups.
Accounts are used to provide access to resources
Describe the core architectural components of Azure - Training | Microsoft Learn
Question 23 of 50
You need to allow resources on two different Azure virtual networks to communicate with each other.
What should you configure?
peering
You can link virtual networks together by using virtual network peering. Peering enables resources in each virtual network to communicate with each other.
Describe Azure compute and networking services - Training | Microsoft Learn
Question 24 of 50
What can you use to provide Mac and Android users with access to a Windows environment that will run Windows-based applications?
Azure Virtual Desktop
Azure Virtual Desktop is a desktop and application virtualization service that runs in the cloud. It enables your users to use a cloud-hosted version of Windows from any location. Azure Virtual Desktop works across devices such as Windows, Mac, iOS, Android, and Linux. It works with apps that you can use to access Remote Desktops and apps. You can also use most modern browsers to access Azure Virtual Desktop-hosted experiences.
Describe Azure compute and networking services - Training | Microsoft Learn
Question 28 of 50
Which two protocols are used to access Azure file shares? Each correct answer presents a complete solution.
Azure Files offers fully managed file shares in the cloud that are accessible via industry-standard SMB(Server Message Block) and NFS(Network File System) protocols.
Describe Azure storage services - Training | Microsoft Learn
Question 29 of 50
What is the purpose of defense in depth?
The objective of defense in depth is to use several layers of protection to prevent information from being accessed or stolen by unauthorized users.
Describe Azure identity, access, and security - Training | Microsoft Learn
Question 31 of 50
To which object or level is an Azure role-based access control (RBAC) role applied?
An Azure RBAC role is applied to a scope, which is a resource or set of resources that the access applies to. Resource locks prevent the accidental change or deletion of a resource. Resource tags are used to locate and act on resources associated with specific workloads, environments, business units, and owners. Policies enforce different rules across resource configurations so that the configurations stay compliant with corporate standards.
Describe Azure identity, access, and security - Training | Microsoft Learn
Question 32 of 50
What Azure AD feature can you use to ensure that users can only access Microsoft Office 365 applications from approved client applications?
Conditional Access allows administrators to control, allow, or deny access to resources based on certain signals. You can require that access to certain applications only be allowed if the users are using an approved client application. MFA is a process whereby a user is prompted during the sign-in process for an additional form of identification. Examples include a code on their mobile phone or a fingerprint scan.
Describe Azure identity, access, and security - Training | Microsoft Learn
Question 41 of 50
Which management layer accepts requests from any Azure tool or API and enables you to create, update, and delete resources in an Azure account?
ARM is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in an Azure account.
Describe features and tools for managing and deploying Azure resources - Training | Microsoft Learn
Question 46 of 50
You need to review the root cause analysis (RCA) report for a service outage that occurred last week.
Where should you look for the report?
Azure Service Health
After an outage, Service Health provides official incident reports called root cause analysis (RCA), which you can share with stakeholders.
Describe monitoring tools in Azure - Training | Microsoft Learn
Question 48 of 50
What should you proactively review and act on to avoid service interruptions, such as service retirements and breaking changes?
Health advisories are issues that require that you take proactive action to avoid service interruptions, such as service retirements and breaking changes. Service issues are problems such as outages that require immediate actions.
Describe monitoring tools in Azure - Training | Microsoft Learn
Question 50 of 50
Which feature in the Microsoft Purview governance portal should you use to manage access to data sources and datasets?
Incorrect: Data Catalog –– This enables data discovery.
Incorrect: Data Sharing –– This shares data within and between organizations.
Incorrect: Data Estate Insights –– This accesses data estate health.
Correct: Data Policy –– This governs access to data.
Introduction to Microsoft Purview governance solutions - Microsoft Purview | Microsoft Learn
Describe features and tools in Azure for governance and compliance - Training | Microsoft Learn