Azure Test - A&A

Download as txt, pdf, or txt
Download as txt, pdf, or txt
You are on page 1of 4

Azure Questions:

1) PCI DSS (Payment Card Industry Data Security Standard)


2) HIPPA - The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
is a federal law that required the creation of national standards to protect
sensitive patient health information from being disclosed without the patient's
consent or knowledge.
3) FedRAMP - The Federal Risk and Authorization Management Program (FedRAMP) is a
US government-wide program that provides a standardized approach to security
assessment, authorization, and continuous monitoring for cloud products and
services
4) ISO - The International Organization for Standardization is an international
standard-setting body composed of representatives from various national standards
organizations. Founded on 23 February 1947, the organization promotes worldwide
proprietary, industrial, and commercial standards

2) Azure Cloud Shell is an interactive, authenticated, browser-accessible (the key


to everything since all you need is a browser and the OS doesn't matter) shell for
managing Azure resources. It provides the flexibility of choosing the shell
experience that best suits the way you work, either Bash or PowerShell.
All you need is a browser on your Tablet, and then:

3)Azure Logic App and Azure Data Factory both fall under the PaaS (Platform as a
Service) category.

4)Which of the following services allows you to send events generated from Azure
resources to applications?
Azure Event Grid

5) The composite SLA for the application is the product of both SLAs, which equals
99.94 percent.

For example, consider an App Service web app that writes to Azure SQL Database. At
the time of writing this answer, these Azure services have the following SLAs:

-> App Service web apps = 99.95%

-> SQL Database = 99.99%

What is the maximum downtime you would expect for this application? If either
service fails, the WHOLE application fails. The probability of each service failing
is independent, so the composite SLA for this application is 0.9995% * 0.9999% =
99.94%. That's lower than the individual SLAs, which isn't surprising because an
application that relies on multiple services has more potential failure points.

6) Which of the following can be used to manage your Azure Resources from an
iPhone?
Azure Cloud SHell
Azure Portal
Azure Mobile App
The Azure portal is the web-based portal for managing Azure. Being web-based, you
can use the Azure portal on an iPhone.
Azure Cloud Shell is a web-based command line for managing Azure. You access the
Azure Cloud Shell from the Azure portal. Being web-based, you can use the Azure
Cloud Shell on an iPhone.
Incorrect Answers:

A: Azure CLI can be installed on MacOS but it cannot be installed on an iPhone.


D: Windows PowerShell can be installed on MacOS but it cannot be installed on an
iPhone.

7)No, according to the official documentation, Tags CANNOT be applied to all


resource types. See below:

8)When a subscription expires, the trusted instance of the Azure AD service


remains, but the security principals LOSE access to Azure resources.

9)Load balancing is used for PERFORMANCE OPTIMISATION and not cost saving.

10)Australia is composed of 1 single Azure Region.-->NO

11)Which of the following is a great place to start when examining the security of
your Azure-based solutions and provides threat protection across all of your
services both in Azure, and on-premises?--->Azure security center

12)Every Azure region is composed of a set of datacenters.-->Yes

Region: Set of DC's connected with low-latency.


Datacenter: Unique physical buildings
AZ: Unique physical locations within a region.

13) With Azure ___________ , you can scale your applications and create highly
available services-> Load Balancer

14)When you cancel an Azure Subscription, your resources are immediately deleted
permanently to free up space.-->NO
Azure only deletes your resources permanently after a waiting period.

15) Azure Advisor has the ability to provide recommendations for Azure
ExpressRoute. -->Yes
Advisor provides recommendations for Application Gateway, App Services,
availability sets, Azure Cache, Azure Data Factory, Azure Database for MySQL, Azure
Database for PostgreSQL, Azure Database for MariaDB, Azure ExpressRoute, Azure
Cosmos DB, Azure public IP addresses, Azure Synapse Analytics, SQL servers, storage
accounts, Traffic Manager profiles, and virtual machines.Azure Advisor also
includes your recommendations from Microsoft Defender for Cloud which may include
recommendations for additional resource types.

16)Choose 3 components of Azure SLAs:


Service Credits
Performance targets
Uptime and connectivities guarantees
Azure service - Performance targets, Uptime, and Connectivity guarantees.

18)Modern life cycle policy azure provides 12 months prior notice prior to ending
support.

19)Which of the following can you use to filter traffic to and from an Azure
Virtual Network?-->NSG

20) In order to move a VM from one subscription to another, it must first be


stopped.-->NO

21)Even though Azure Event Hubs falls under PaaS, Azure Blob Storage is considered
IaaS and therefore our requirements are not met.
17)Azure Load Balancers are IaaS not PaaS!

18) You can use Azure DNS to buy a domain name.-->NO


19)A(n) ______________ lets you run legacy applications in the cloud that can't
use modern authentication methods, or where you don't want directory lookups to
always go back to an on-premises AD DS environment-->AZURE AD Domain Services
(Azure AD DS)

20) Cognitive Services brings AI within reach of every developer and data
scientist. With leading models, a variety of use cases can be unlocked. All it
takes is an API call to embed the ability to see, hear, speak, search, understand,
and accelerate advanced decision-making into your apps. Enable developers and data
scientists of all skill levels to easily add AI capabilities to their apps.

21)A _______________ can enable branch offices to share sensitive information


between locations.===> VPN

22) What is the maximum number of virtual network rules and IP network rules
allowed per storage account in Azure?--> 200/250

Max storage capacity 5PiB

23) Which Azure service should you use to correlate events from multiple resources
into a centralized repository--->Azure event HUB

24) It's possible to deploy a new Azure VM from a Google Chromebook by using
PowerAutomate.-->NO--PowerAutomate moreover isn't a part of Azure! It falls under
the Microsoft umbrella of offerings, just like PowerApps.

25)Your Azure account contains several policies and you wish to group/organize
them. Which of the following can help you achieve this?

An initiative definition is a collection of policy definitions that are tailored


towards achieving a singular overarching goal. Initiative definitions simplify
managing and assigning policy definitions. They simplify by grouping a set of
policies as one single item. For example, you could create an initiative titled
Enable Monitoring in Azure Security Center, with a goal to monitor all the
available security recommendations in your Azure Security Center.

Azure Policy helps to enforce organizational standards and to assess compliance at-
scale. Through its compliance dashboard, it provides an aggregated view to evaluate
the overall state of the environment, with the ability to drill down to the per-
resource, per-policy granularity. It also helps to bring your resources to
compliance through bulk remediation for existing resources and automatic
remediation for new resources.

26) Azure strives to ensure a minimum distance of ______________ miles between


datacenters in enabled regions, although it isn't possible across all
geographies.-->300miles (483kms)

27) Which tab of the Azure pricing calculator would you use to calculate your
estimate?--Products

28)** You can use the Azure Pricing Calculator to calculate your estimated hourly
or monthly costs for using Azure. Azure TCO on the other hand is primarily used to
estimate the cost savings you can realize by migrating your workloads to Azure.

29)The Microsoft Service Trust Portal provides a variety of content, tools, and
other resources about Microsoft security, privacy, and compliance practices.
30)Public endpoint for a managed instance enables data access to your managed
instance from outside the virtual network.

31)Azure Data Lake Storage Gen2 is a set of capabilities dedicated to big data
analytics, built on Azure Blob Storage.

32)All resources in a VNet can communicate outbound to the internet, by default.--


>YES

33)Each virtual network can have only one VPN gateway ?? .However, you can create
multiple connections to the same VPN gateway. When you create multiple connections
to the same VPN gateway, all VPN tunnels share the available gateway bandwidth.--
YES

34) enforcement is at the center of a Zero Trust architecture. -->Security policy


Zero Trust is a new security model that assumes breach and verifies each request as
though it originated from an uncontrolled network
A Zero Trust approach extends throughout the entire digital estate and serves as an
integrated security philosophy and end-to-end strategy.
This illustration provides a representation of the primary elements that contribute
to Zero Trust.

35)

You might also like