๐Get Full PDF
| Question.91 You have an Azure virtual machine named VM1 that runs Windows Server 2019. The VM was deployed using default drive settings. You sign in to VM1 as a user named User1 and perform the following actions: -Create files on drive C. -Create files on drive D. -Modify the screen saver timeout. -Change the desktop background. You plan to redeploy VM1. Which changes will be lost after you redeploy VM1? (A) The modified screen saver timeout (B) The new desktop background (C) The new files on drive D (D) The new files on drive C |
90. Click here to View Answer
Answer is (C) The new files on drive D
For Windows Server, the temporary disk is mounted as โD:โ.
For Linux based VMโs the temporary disk is mounted as โ/dev/sdb1โ.
Reference:
https://www.cloudelicious.net/azure-vms-and-their-temporary-storage
| Question.92 You have an Azure subscription. You have an on-premises virtual machine named VM1. The settings for VM1 are shown in the exhibit.  You need to ensure that you can use the disks attached to VM1 as a template for Azure virtual machines. What should you modify on VM1? (A) The memory (B) The network adapters (C) The hard drive (D) The processor (E) Integration Services |
92. Click here to View Answer
Answer is (C) The hard drive
The Virtual hard disk is VHDx, it should be formated to VHD before migration from on-premises to Azure. Azure supports only generation 1 VMs that are in the VHD file format and have a fixed sized disk. The maximum size allowed for the VHD is 1,023 GB. You can convert a generation 1 VM from the VHDX file system to VHD and from a dynamically expanding disk to fixed-sized.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepare-for-upload-vhd-image
| Question.93 You have an Azure subscription named Subscription1. You have 5 TB of data that you need to transfer to Subscription1. You plan to use an Azure Import/Export job. What can you use as the destination of the imported data? (A) Azure File Storage (B) An Azure Cosmos DB database (C) Azure Data Factory (D) Azure SQL Database |
93. Click here to View Answer
Answer is (A) Azure File Storage
Azure Import/Export service is used to securely import large amounts of data to Azure Blob storage and Azure Files by shipping disk drives to an Azure datacenter. This service can also be used to transfer data from Azure Blob storage to disk drives and ship to your on-premises sites. Data from one or more disk drives can be imported either to Azure Blob storage or Azure Files.
Reference:
https://learn.microsoft.com/en-us/azure/import-export/storage-import-export-service
| Question.94 You have an Azure subscription. You have 100 Azure virtual machines. You need to quickly identify underutilized virtual machines that can have their service tier changed to a less expensive offering. Which blade should you use? (A) Monitor (B) Advisor (C) Metrics (D) Customer insights |
94. Click here to View Answer
Answer is (B) Advisor
The Advisor dashboard displays personalized recommendations for all your subscriptions. You can apply filters to display recommendations for specific subscriptions and resource types. The recommendations are divided into five categories:
Reliability (formerly called High Availability): To ensure and improve the continuity of your business-critical applications. For more information, see Advisor Reliability recommendations.
Security: To detect threats and vulnerabilities that might lead to security breaches. For more information, see Advisor Security recommendations.
Performance: To improve the speed of your applications. For more information, see Advisor Performance recommendations.
Cost: To optimize and reduce your overall Azure spending. For more information, see Advisor Cost recommendations.
Operational Excellence: To help you achieve process and workflow efficiency, resource manageability and deployment best practices. . For more information, see Advisor Operational Excellence recommendations.
Reference:
https://docs.microsoft.com/en-us/azure/advisor/advisor-cost-recommendations
| Question.95 You have an Azure Active Directory (Azure AD) tenant. You need to create a conditional access policy that requires all users to use multi-factor authentication when they access the Azure portal. Which three settings should you configure?  |
95. Click here to View Answer
– Users & Groups: Where you have to choose all users.
– Cloud apps: to specify the Azure portal
– Grant: to grant the MFA.
Those are the minimum requirements to create MFA policy. No conditions are required in the question.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policies
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-mfa
| Question.96 You have an Azure subscription named Subscription1 that contains an Azure virtual machine named VM1. VM1 is in a resource group named RG1. VM1 runs services that will be used to deploy resources to RG1. You need to ensure that a service running on VM1 can manage the resources in RG1 by using the identity of VM1. What should you do first? (A) From the Azure portal, modify the Managed Identity settings of VM1 (B) From the Azure portal, modify the Access control (IAM) settings of RG1 (C) From the Azure portal, modify the Access control (IAM) settings of VM1 (D) From the Azure portal, modify the Policies settings of RG1 |
96. Click here to View Answer
Answer is (A) From the Azure portal, modify the Managed Identity settings of VM1
Managed identities for Azure resources provides Azure services with an automatically managed identity in Azure Active Directory. You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code.
You can enable and disable the system-assigned managed identity for VM using the Azure portal.
RBAC manages who has access to Azure resources, what areas they have access to and what they can do with those resources. Examples of Role Based Access Control (RBAC) include: Allowing an app to access all resources in a resource group Policies on the other hand focus on resource properties during deployment and for already existing resources. As an example, a policy can be issued to ensure users can only deploy DS series VMs within a specified resource
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm
| Question.97 You have an Azure subscription that contains a resource group named TestRG. You use TestRG to validate an Azure deployment. TestRG contains the following resources:  You need to delete TestRG. What should you do first? (A) Modify the backup configurations of VM1 and modify the resource lock type of VNET1 (B) Remove the resource lock from VNET1 and delete all data in Vault1 (C) Turn off VM1 and remove the resource lock from VNET1 (D) Turn off VM1 and delete all data in Vault1 |
97. Click here to View Answer
Answer is (B) Remove the resource lock from VNET1 and delete all data in Vault1
When you delete a resource group, all of its resources are also deleted. Deleting a resource group deletes all of its template deployments and currently stored operations.
As an administrator, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. The lock overrides any permissions the user might have.
You can’t delete a vault that contains backup data. Once backup data is deleted, it will go into the soft deleted state.
So you have to remove the lock on order to delete the VNET and delete the backups in order to delete the vault.
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/delete-resource-group?tabs=azure-powershell
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources
https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault#before-you-start
| Question.98 You have an Azure subscription that contains an Azure Storage account. You plan to copy an on-premises virtual machine image to a container named vmimages. You need to create the container for the planned image. Which command should you run?  |
98. Click here to View Answer
Answer is make and blob
azcopy make ‘https://mystorageaccount.blob.core.windows.net/vmimages’
Similar to OS Images, a VM Image is a collection of metadata and pointers to a set of VHDs (one VHD per disk) stored as page blobs in Azure Storage.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-ref-azcopy-make
| Question.99 You have several Azure virtual machines on a virtual network named VNet1. You configure an Azure Storage account as shown in the following exhibit.  Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.  |
99. Click here to View Answer
VNet1’s address space is 10.2.0.0/16.
The VNet1 has only 1 Subnet associated: 10.2.0.0/24. The address space of a VNet is irrelevant if there isnโt a corresponding Subnet from, which VMs can be assigned IP addresses.
Box1: Never
VMs from 10.2.9.0/24 (10.2.9.0 – 10.2.9.255) are out of Subnet.
Subnet IP range 10.2.0.0 – 10.2.0. 255.
Box2: Never
Since the checkbox to allow trusted Microsoft services is not checked. After you configure firewall and virtual network settings for your storage account, select Allow trusted Microsoft services to access this storage account as an exception to enable Azure Backup service to access the network restricted storage account.
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows
https://azure.microsoft.com/en-us/blog/azure-backup-now-supports-storage-accounts-secured-with-azure-storage-firewalls-and-virtual-networks/
| Question.100 You have an app named App1 that runs on two Azure virtual machines named VM1 and VM2. You plan to implement an Azure Availability Set for App1. The solution must ensure that App1 is available during planned maintenance of the hardware hosting VM1 and VM2. What should you include in the Availability Set? (A) One update domain (B) Two fault domains (C) One fault domain (D) Two update domains |
100. Click here to View Answer
Answer is (D) Two update domains
Microsoft updates, which Microsoft refers to as planned maintenance events, sometimes require that VMs be rebooted to complete the update. To reduce the impact on VMs, the Azure fabric is divided into update domains to ensure that not all VMs are rebooted at the same time.
Incorrect Answers:
A: An update domain is a group of VMs and underlying physical hardware that can be rebooted at the same time.
B, C: A fault domain shares common storage as well as a common power source and network switch. It is used to protect against unplanned system failure.
References:
https://petri.com/understanding-azure-availability-sets
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets