Azure AZ-900 Exam Study Notes Part – 3

This “Azure AZ-900 Exam Study Notes Part – 3” blog series covers the continuation of the questions and answers I used for brainstorming and self-learning for the exam. 

AZ-900 Exam Study Notes – Part 3

41What is an address space on a Virtual Network?
AAn address space is a number of IP addresses that are unique only on the specific Virtual Network. For instance, these IP addresses are assigned to resources connected to the VNet, which allows the resources to interact and communicate. And for a fact, there is no limit to the number or VNets you can have, nor to the number of address spaces.
42While configuring a Virtual Machine to use a Virtual Network, when do the Virtual Network need to be specified?
AAt the time the Virtual Machine is created
43What is the smallest subnet that you can implement in an Azure virtual network?
AThere are five IP addresses on each subnet that Azure platform reserves for its internal use. The smallest subnet you can implement is /29.
44Why would you use a Content Delivery Network?
AA CDN keeps a recent copy of your web application and can deliver this much faster to users close to an endpoint. CDNs can handle a LOT more data than a typical web server, which makes it ideal to handle traffic spikes as well. Furthermore, CDNs don’t generally handle individual traffic routing rules nor security.
45If you decide to implement some of your services on the Azure platform, would you need to create Azure virtual networks?
AAzure VMs have the prerequisite to create a virtual network. Also to note, Azure web app no PaaS service in Azure offers integration with a virtual network.
46In which scenario would you use an Application Gateway?
AAn application gateway is similar to a load balancer but can redirect traffic based on attributes in the HTTP request, the request coming in from the internet. Furthermore, you can have a VM handling video, one handling images, and so on. Application Gateways do not handle traffic security, nor manage any Virtual Networks.
47Will you be able to successfully ping the two virtual machines on the virtual network?
APing functionality relies on the Internet Control Message Protocol (ICMP), which by default is blocked by Windows Firewall on each of the two Azure virtual machines.
48How will your organization use Azure SQL Database?
AAzure SQL database can be used as a backend for App Service, Cloud Services, and Applications running under VM. Importantly, it can work as a replacement for SQL server installed on VM or On-Premise.
49What is the purpose of a VPN Gateway?
AIt allows encrypted traffic to flow between on-premises services and Azure services. A VPN Gateway does not filter traffic, monitor for malicious content or look after IP addresses.
50You are planning to move streaming media content to Windows Azure Storage. You need to recommend an approach for providing worldwide users the fastest possible access to the content.
AThe best option is the Azure blobs. This allows you to store a large volume of data. Additionally, in case your application is targeted for a global audience, this storage blob should be front ended with CDN for better performance and reduced latency.
51What role should you assign to a user account in the Azure AD directory instance to enable the user to fully manage all of its objects?
AGlobal Admin
52Which is set up by default when you create an Azure Storage Account?
ARead Access Geo-Redundant Storage (RA-GRS).
53How do resources on Azure use a Virtual Network?
AA VN connects Azure services to allow them to communicate with each other and with the outside world. Some resources, such as Virtual Machines, must have a Virtual network connection, where others, such as App Services, are not required to.
54You are a Service Administrator of an Azure subscription. What method do you recommend for delegating the ability to manage some of your subscription’s resources to another user?
AYou should use RBAC to configure the user as the owner of the resources. Consequently, this complies with the principle of least privilege and is the most secure solution. 
55What are the options to select, when you create a storage account ?
ALocally redundant storage (LRS), Zone-redundant storage (ZRS) and  Geo-redundant storage (GRS)
56Azure Multi-Factor Authentication adds a second level of authentication, what are the possible ways to enable that?
AMicrosoft Azure Multi-Factor Authentication adds an extra level of authentication. This includes options such as requiring users to use a text message, a call to an office, a mobile phone, or a smartphone app.
57How will your organization use Azure AD?
AAzure AD provides a range of features that integrate with other cloud and on-premises services. Leveraging Azure AD to authenticate Azure web apps, Azure PaaS cloud services, and web applications running in Azure virtual machines is easy. Similarly, you can delegate management of Azure AD resources that are accessible via the Azure Portal by using Role-Based Access Control (RBAC).For example, an organization that deploys a web app for sales personnel to Azure can use Azure AD to authenticate user requests to the app and can choose to implement Multi-Factor Authentication when sales personnel access the app via a browser or a mobile device.
58What does Geo-Redundant Storage (GRS) do?
AMaintains 6 copies of your data. Three copies are replicated within the primary region, with three additional copies being replicated within a secondary region hundreds of miles away.
59By default, Azure automatically configures new Windows VMs to be accessed via PowerShell Remoting.
ATRUE
60What does Zone-Redundant Storage (ZRS) do?
AMaintains 3 copies of your data, replicated across two to three facilities, either within a single region or across two regions.
Azure AZ-900 Exam Study Notes Part – 3

Summary & Next Steps

For passing the exam, on top of this blog series, I strongly urge you to create an account in the Azure portal and get some real-time experience on the topic. For more information, please visit Microsoft sites AZ-900 and Azure fundamentals. Also” Azure AZ-900 Exam Study Notes Part – 1 & 2 ” in case if you missed part-1 & 2 of the study notes. Happy learning

2 Comments

Add a Comment

Your email address will not be published. Required fields are marked *