Question.6 This question requires that you evaluate the underlined text to determine if it is correct. You company has an on-premises deployment of MongoDB, and an Azure Cosmos DB account that makes use of the MongoDB API. You need to devise a strategy to migrate MongoDB to the Azure Cosmos DB account. You include the Data Management Gateway tool in your migration strategy. (A) No change required (B) mongorestore (C) Azure Storage Explorer (D) AzCopy |
6. Click here to View Answer
Answer is (B) mongorestore
Data Management Gateway: This tool is used for connecting on-premises data sources (like SQL Server) to Azure Analysis Services or Power BI for data visualization and reporting. It’s not designed for direct database migrations.
The mongorestore command-line tool is specifically designed for restoring data backups created with mongodump into a MongoDB instance. This makes it a suitable option for migrating data from your on-premises MongoDB deployment to the Azure Cosmos DB account using the MongoDB API.
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/mongodb-migrate
https://docs.mongodb.com/manual/reference/program/mongorestore/
Question.7 You have downloaded an Azure Resource Manager template to deploy numerous virtual machines. The template is based on a current virtual machine, but must be adapted to reference an administrative password. You need to make sure that the password is not stored in plain text. You are preparing to create the necessary components to achieve your goal. Which of the following should you create to achieve your goal? (A) An Azure Key Vault (B) An Azure Storage account (C) Azure Active Directory (AD) Identity Protection (D) An access policy (E) An Azure policy (F) A backup policy |
7. Click here to View Answer
Answers are (A) & (D);
An Azure Key Vault
An access policy
Using Key Vault we create a secret containing our Password
Using an Access Policy we allow access to the previously created secret.
Reference:
https://docs.microsoft.com/en-us/azure/key-vault/secrets/quick-create-portal
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/key-vault-parameter?tabs=azure-cli
Question.8 You are developing an e-Commerce Web App. You want to use Azure Key Vault to ensure that sign-ins to the e-Commerce Web App are secured by using Azure App Service authentication and Azure Active Directory (AAD). What should you do on the e-Commerce Web App? (A) Run the az keyvault secret command. (B) Enable Azure AD Connect. (C) Enable Managed Service Identity (MSI). (D) Create an Azure AD service principal. |
8. Click here to View Answer
Answer is (C) Enable Managed Service Identity (MSI).
Managed Service Identity (MSI) is a feature in Azure that allows you to securely authenticate an Azure service to other Azure services without having to manage credentials. By enabling MSI on the Azure App Service hosting the e-Commerce Web App, you can create a trust relationship between the App Service and Azure Key Vault. This allows the e-Commerce Web App to authenticate with Azure Active Directory (AAD) and securely retrieve secrets from the Key Vault.
Reference:
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity
https://docs.microsoft.com/en-us/samples/azure-samples/app-service-msi-keyvault-dotnet/keyvault-msi-appservice-sample/
Question.9 You have two Hyper-V hosts named Host1 and Host2. Host1 has an Azure virtual machine named VM1 that was deployed by using a custom Azure Resource Manager template. You need to move VM1 to Host2. What should you do? (A) From the Update management blade, click Enable. (B) From the Overview blade, move VM1 to a different subscription. (C) From the Redeploy blade, click Redeploy. (D) From the Profile blade, modify the usage location. |
9. Click here to View Answer
Answer is (C) From the Redeploy blade, click Redeploy.
When you redeploy a VM, it moves the VM to a new node within the Azure infrastructure and then powers it back on, retaining all your configuration options and associated resources.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/redeploy-to-new-node
Question.10 Your company has an Azure subscription. You need to deploy a number of Azure virtual machines to the subscription by using Azure Resource Manager (ARM) templates. The virtual machines will be included in a single availability set. You need to ensure that the ARM template allows for as many virtual machines as possible to remain accessible in the event of fabric failure or maintenance. Which of the following is the value that you should configure for the platformFaultDomainCount property? (A) 10 (B) 30 (C) Min Value (D) Max Value |
10. Click here to View Answer
Answer is (D) Max Value
The platformFaultDomainCount property in an Azure Resource Manager (ARM) template specifies the number of fault domains for the Azure virtual machines within an availability set. Fault domains are distinct groups of hardware within a datacenter. When you deploy virtual machines within an availability set, Azure ensures that each VM is placed into a different fault domain to minimize the impact of hardware failures or maintenance events.
The maximum value allowed for platformFaultDomainCount depends on the region where you’re deploying your resources. It varies across Azure regions. Typically, the maximum value is either 2 or 3. Therefore, to ensure that the ARM template allows for as many virtual machines as possible to remain accessible in the event of fabric failure or maintenance, you should configure
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/manage-availability
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-manage-fault-domains
https://docs.microsoft.com/en-us/azure/virtual-machines/availability-set-overview