Question #: 1 Topic #: 6

You have an Azure subscription that has a Recovery Services vault named Vault1. The subscription contains the
virtual machines shown in the following table:

You plan to schedule backups to occur every night at 23:00.

Which virtual machines can you back up by using Azure Backup?
• A. VM1 and VM3 only
• B. VM1, VM2, VM3 and VM4
• C. VM1 and VM2 only
• D. VM1 only

Suggested Answer: B 🗳️
Azure Backup supports backup of 64-bit Windows server operating system from Windows Server 2008.
Azure Backup supports backup of 64-bit Windows 10 operating system.
Azure Backup supports backup of 64-bit Ubuntu Server operating system from Ubuntu 12.04.
Azure Backup supports backup of VM that are shutdown or offline.
Reference: https://docs.microsoft.com/en-us/azure/backup/backup-support-matrix-iaas
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/endorsed-distros
Community vote distribution
B (100%)

Question #: 02 Topic #: 6
HOTSPOT-
You create a Recovery Services vault backup policy named Policy1 as shown in the following exhibit:
Use the drop-down menus to select the answer choice that completes each statement based on the information
presented in the graphic.
NOTE: Each correct selection is worth one point.
Suggested Answer:

Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide

Question #: 3 Topic #: 6
You have the Azure virtual machines shown in the following table:

You have a Recovery Services vault that protects VM1 and VM2.
You need to protect VM3 and VM4 by using Recovery Services.
What should you do first?
A. Create a new Recovery Services vault
B. Create a storage account
C. Configure the extensions for VM3 and VM4
D. Create a new backup policy

Suggested Answer: A 🗳️
A Recovery Services vault is a storage entity in Azure that houses data. The data is typically copies of data, or configuration
information for virtual machines (VMs), workloads, servers, or workstations. You can use Recovery Services vaults to hold
backup data for various Azure services
Reference: https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-tutorial-enable-replicatio
Community vote distribution
A (100%)
Question #: 4 Topic #: 6
HOTSPOT -
You have an Azure subscription that contains an Azure Storage account named storage1 and the users shown in the
following table.

You plan to monitor storage1 and to configure email notifications for the signals shown in the following table.

You need to identify the minimum number of alert rules and action groups required for the planned monitoring.
How many alert rules and action groups should you identify? To answer, select the appropriate options in the answer
area.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-
supported#microsoftclassicstoragestorageaccounts
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs-
categories#microsoftstoragestorageaccountsblobservices
Question #: 5 Topic #: 6
You have an Azure subscription that contains the identities shown in the following table.

User1, Principal1, and Group1 are assigned the Monitoring Reader role.
An action group named AG1 has the Email Azure Resource Manager Role notification type and is configured to email
the Monitoring Reader role.
You create an alert rule named Alert1 that uses AG1.
You need to identity who will receive an email notification when Alert1 is triggered.
Who should you identify?
A. User1 and Principal1 only
B. User1, User2, Principal1, and Principal2
C. User1 only
D. User1 and User2 only

Suggested Answer: C 🗳️
Email will only be sent to Azure AD user members of the Monitoring Reader role. Email will not be sent to Azure AD groups or
service principals.
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups
https://docs.microsoft.com/en-us/azure/azure-monitor/alerts/action-groups#email-azure-resource-manager-role
Community vote distribution
D (64%)
C (36%)

Question #: 6 Topic #: 6
HOTSPOT -
You have an Azure virtual machine named VM1 and a Recovery Services vault named Vault1.
You create a backup policy named Policy1 as shown in the exhibit. (Click the Exhibit tab.)
You configure the backup of VM1 to use Policy1 on Thursday, January 1 at 1:00 AM.
You need to identify the number of available recovery points for VM1.
How many recovery points are available on January 8 and January 15? To answer, select the appropriate options in
the answer area.
NOTE: Each correct selection is worth one point. Hot Area:
Suggested Answer:

Box 1: 6 - 5 latest daily recovery points, which includes the weekly backup from the previous Sunday, plus the
monthly recovery point.
Box 2: 8 - 5 latest daily recovery points, plus two weekly backups, plus the monthly recovery point.
Reference: https://social.technet.microsoft.com/Forums/en-US/854ab6ae-79aa-4bad-ac65-471c4d422e94/daily-monthly-
yearly-recovery-points-and-storage-used?forum=windowsazureonlinebackup

Question #: 7 Topic #: 6
HOTSPOT -
You have the web apps shown in the following table.

You need to monitor the performance and usage of the apps by using Azure Application Insights. The solution must
minimize modifications to the application code.
What should you do on each app? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point. Hot Area:
Suggested Answer:

Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/app/azure-web-apps
https://docs.microsoft.com/en-us/azure/azure-monitor/app/status-monitor-v2-overview
https://docs.microsoft.com/en-us/azure/azure-monitor/app/status-monitor-v2-detailed-instructions

Question #: 8 Topic #: 6
You have an Azure virtual machine named VM1.
You use Azure Backup to create a backup of VM1 named Backup1.
After creating Backup1, you perform the following changes to VM1:
✑ Modify the size of VM1.
✑ Copy a file named Budget.xls to a folder named Data.
✑ Reset the password for the built-in administrator account.
✑ Add a data disk to VM1.
An administrator uses the Replace existing option to restore VM1 from Backup1.
You need to ensure that all the changes to VM1 are restored.
Which change should you perform again?
A. Modify the size of VM1.
B. Reset the password for the built-in administrator account.
C. Add a data disk.
D. Copy Budget.xls to Data.

Suggested Answer: D 🗳️
Reference:https://docs.microsoft.com/en-us/azure/backup/about-azure-vm-restore
https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms#replace-existing-disks-from-a-restore-point
https://learn.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms#restore-options
Community vote distribution
D (79%)
C (18%)
Question #: 9 Topic #: 6
HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains the users
shown in the following table.

You enable password reset for contoso.onmicrosoft.com as shown in the Password Reset exhibit. (Click the
Password Reset tab.)

You configure the authentication methods for password reset as shown in the Authentication Methods exhibit. (Click
the Authentication Methods tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:
Box 1: No - Two methods are required.
Box 2: No - Self-service password reset is only enabled for Group2, and User1 is not a member of Group2.
Box 3: Yes - As a User Administrator, User3 can add security questions to the reset process.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/quickstart-sspr
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#password-reset-permissions
https://docs.microsoft.com/en-us/azure/active-directory/authentication/quickstart-sspr
https://docs.microsoft.com/en-us/azure/active-directory/authentication/active-directory-passwords-faq
https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr#prerequisites
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#user-administrator

Question #: 10 Topic #: 6
Your company has a main office in London that contains 100 client computers.
Three years ago, you migrated to Azure Active Directory (Azure AD).
The company's security policy states that all personal devices and corporate-owned devices must be registered or
joined to Azure AD.
A remote user named User1 is unable to join a personal device to Azure AD from a home network.
You verify that User1 was able to join devices to Azure AD in the past.
You need to ensure that User1 can join the device to Azure AD.
What should you do?
A. Assign the User administrator role to User1.
B. From the Device settings blade, modify the Maximum number of devices per user setting.
C. Create a point-to-site VPN from the home network of User1 to Azure.
D. From the Device settings blade, modify the Users may join devices to Azure AD setting.

Suggested Answer: B 🗳️
The Maximum number of devices setting enables you to select the maximum number of devices that a user can have in Azure AD.
If a user reaches this quota, they will not be able to add additional devices until one or more of the existing devices are removed.
Incorrect Answers:
C: Azure AD Join enables users to join their devices to Active Directory from anywhere as long as they have connectivity with the
Internet.
D: The Users may join devices to Azure AD setting enables you to select the users who can join devices to Azure AD. Options are
All, Selected and None. The default is All.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal
http://techgenix.com/pros-and-cons-azure-ad-join/
https://learn.microsoft.com/zh-tw/azure/active-directory/devices/device-management-azure-portal
https://learn.microsoft.com/zh-tw/troubleshoot/azure/active-directory/maximum-number-of-devices-joined-workplace
Community vote distribution
B (92%)
8%
Question #: 11 Topic #: 6
HOTSPOT -
You have two Azure App Service app named App1 and App2. Each app has a production deployment slot and a test
deployment slot.
The Backup Configuration settings for the production slots are shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Reference: https://docs.microsoft.com/en-us/cli/azure/webapp/config/backup?view=azure-cli-latest
https://docs.microsoft.com/en-us/rest/api/appservice/web-apps/backup-slot
https://learn.microsoft.com/en-us/azure/app-service/manage-backup?tabs=portal
Question #: 12 Topic #: 6
HOTSPOT -
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com. The
tenant is synced to the on-premises Active Directory domain.
The domain contains the users shown in the following table.

You enable self-service password reset (SSPR) for all users and configure SSPR to have the following authentication
methods:
✑ Number of methods required to reset: 2
✑ Methods available to users: Mobile phone, Security questions
✑ Number of questions required to register: 3
✑ Number of questions required to reset: 3
You select the following security questions:
✑ What is your favorite food?
✑ In what city was your first job?
✑ What was the name of your first pet?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Box 1: No - Administrator accounts are special accounts with elevated permissions. To secure them, the following
restrictions apply to changing passwords of administrators: On-premises enterprise administrators or domain
administrators cannot reset their password through Self-service password reset (SSPR). They can only change their
password in their on-premises environment. Thus, we recommend not syncing on-prem AD admin accounts to Azure
AD. An administrator cannot use secret Questions & Answers as a method to reset password.
Box 2: Yes - Self-service password reset (SSPR) is an Azure Active Directory feature that enables employees to reset
their passwords without needing to contact IT staff.
Box 3: Yes -
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment
https://docs.microsoft.com/en-us/troubleshoot/azure/active-directory/password-writeback-error-code-sspr-009
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-security-questions
Question #: 13 Topic #: 6 with Question #: 60 Topic #: 2
Question #: 14 Topic #: 6
You have an existing Azure subscription that contains 10 virtual machines.
You need to monitor the latency between your on-premises network and the virtual machines.
What should you use?
A. Service Map
B. Connection troubleshoot
C. Network Performance Monitor
D. Effective routes

Suggested Answer: C 🗳️
Network Performance Monitor is a cloud-based hybrid network monitoring solution that helps you monitor network performance
between various points in your network infrastructure. It also helps you monitor network connectivity to service and application
endpoints and monitor the performance of Azure ExpressRoute.
You can monitor network connectivity across cloud deployments and on-premises locations, multiple data centers, and branch
offices and mission-critical multitier applications or microservices. With Performance Monitor, you can detect network issues
before users complain.
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/network-performance-monitor
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview
Community vote distribution
C (100%)

Question #: 15 Topic #: 6
HOTSPOT -
You have an Azure App Service plan named ASP1. CPU usage for ASP1 is shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information
presented in the graphic.
NOTE: Each correct selection is worth one point.Hot Area:

Suggested Answer:

Box 1: four times - From the exhibit we see that the time granularity is 6 hours: Last 30 days (Automatic - 6 hours).
CPU Percentage Last days Automatic - hours
Box 2: scaled up - Scale up when:
* You see that your workloads are hitting some performance limit such as CPU or I/O limits.
* You need to quickly react to fix performance issues that can't be solved with classic database optimization.
* You need a solution that allows you to change service tiers to adapt to changing latency requirements.
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-troubleshoot
https://azure.microsoft.com/en-us/overview/scaling-out-vs-scaling-up
https://learn.microsoft.com/en-us/azure/app-service/overview-hosting-plans
https://azure.microsoft.com/en-au/resources/cloud-computing-dictionary/scaling-out-vs-scaling-up/
https://learn.microsoft.com/en-us/azure/architecture/best-practices/auto-scaling
Question #: 16 Topic #: 6
DRAG DROP -
You have an Azure Linux virtual machine that is protected by Azure Backup. One week ago, two files were deleted
from the virtual machine.
You need to restore the deleted files to an on-premises Windows Server 2016 computer as quickly as possible.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions
to the answer area and arrange them in the correct order. Select and Place:

Suggested Answer:

Step 1: From the Azure portal, click File Recovery from the vault
Step 2. Select a restore point that contains the deleted files
Step 3: Download and run the script to mount a drive on the local computer Generate and download script to browse and recover
files:
Step 4: Copy the files using File Explorer! After the disks are attached, use Windows File Explorer to browse the new volumes
and files. The restore files functionality provides access to all files in a recovery point. Manage the files via File Explorer as you
would for normal files.
Step 1-3 below: To restore files or folders from the recovery point, go to the virtual machine and perform the following steps:
1. Sign in to the Azure portal and in the left pane, select Virtual machines. From the list of virtual machines, select the virtual
machine to open that virtual machine's dashboard.
2. In the virtual machine's menu, select Backup to open the Backup dashboard.
3. In the Backup dashboard menu, select File Recovery.
The File Recovery menu opens.

4. From the Select recovery point drop-down menu, select the recovery point that holds the files you want. By default, the latest
recovery point is already selected.
5. Select Download Executable (for Windows Azure VMs) or Download Script (for Linux Azure VMs, a python script is generated)
to download the software used to copy files from the recovery point.
Running the script and identifying volumes:
For Linux machines, a python script is generated. Download the script and copy it to the relevant/compatible Linux server.
Reference: https://docs.microsoft.com/en-us/azure/backup/backup-azure-restore-files-from-vm
https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-automation#restore-files-from-an-azure-vm-backup
https://docs.microsoft.com/en-us/azure/storage/common/storage-use-azcopy
Question #: 17 Topic #: 6
HOTSPOT -
You purchase a new Azure subscription named Subscription1.
You create a virtual machine named VM1 in Subscription1. VM1 is not protected by Azure Backup.
You need to protect VM1 by using Azure Backup. Backups must be created at 01:00 and stored for 30 days.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Box 1: A Recovery Services vault - You can set up a Recovery Services vault and configure backup for multiple Azure VMs.
Box 2: A backup policy - In Choose backup policy, do one of the following:
✑ Leave the default policy. This backs up the VM once a day at the time specified, and retains backups in the vault for 30 days.
✑ Select an existing backup policy if you have one.
✑ Create a new policy, and define the policy settings.
Reference: https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-first-look-arm

Question #: 18 Topic #: 6
You have an Azure virtual machine named VM1. Azure collects events from VM1.
You are creating an alert rule in Azure Monitor to notify an administrator when an error is logged in the System event
log of VM1.
Which target resource should you monitor in the alert rule?
A. virtual machine extension
B. virtual machine
C. metric alert
D. Azure Log Analytics workspace
Suggested Answer: D 🗳️
For the first step to create the new alert tule, under the Create Alert section, you are going to select your Log Analytics
workspace as the resource, since this is a log based alert signal.
Reference: https://docs.microsoft.com/en-us/windows-server/storage/storage-spaces/configure-azure-monitor
Community vote distribution
D (85%)
B (15%)

Question #: 19 Topic #: 6
You have an Azure subscription that contains 100 virtual machines. You regularly create and delete virtual machines.
You need to identify unattached disks that can be deleted. What should you do?
A. From Azure Cost Management, view Cost Analysis
B. From Azure Advisor, modify the Advisor configuration
C. From Microsoft Azure Storage Explorer, view the Account Management properties
D. From Azure Cost Management, view Advisor Recommendations

Suggested Answer: D 🗳️
From Home ‫ג‬€"> Cost Management + Billing ‫ג‬€"> Cost Management, scroll down on the options and select View
Recommendations:

Azure Cost Management / Advisor -

From here you will see the recommendations for your subscription, if you have orphaned disks, they will be listed.
Reference: https://docs.microsoft.com/en-us/azure/cost-management-billing/cost-management-billing-overview
https://codeserendipity.com/2020/07/08/microsoft-azure-find-unattached-disks-that-can-be-deleted-and-other-
recommendations/
Community vote distribution
D (82%)
C (18%)
Question #: 20 Topic #: 6
You have an Azure web app named webapp1.
Users report that they often experience HTTP 500 errors when they connect to webapp1.
You need to provide the developers of webapp1 with real-time access to the connection errors. The solution must
provide all the connection error details.
What should you do first?
A. From webapp1, enable Web server logging
B. From Azure Monitor, create a workbook
C. From Azure Monitor, create a Service Health alert
D. From webapp1, turn on Application Logging

Suggested Answer: A 🗳️
Community vote distribution
A (86%)
14%
Reference: https://learn.microsoft.com/en-us/troubleshoot/developer/webapps/iis/www-administration-management/http-
error-500-when-you-visit-web-site
https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-performance-degradation#enable-web-server-diagnostics

Question #: 21 Topic #: 6
You have an Azure web app named App1.
You need to monitor the availability of App1 by using a multi-step web test.
What should you use in Azure Monitor?
A. Azure Service Health
B. Azure Application Insights
C. the Diagnostic settings
D. metrics

Suggested Answer: B 🗳️
Upload the web test -
1. In the Application Insights portal on the Availability pane select Add Classic test, then select Multi-step as the SKU.
2. Upload your multi-step web test.
3. Set the test locations, frequency, and alert parameters.
4. Select Create.
Reference:https://docs.microsoft.com/en-us/azure/azure-monitor/app/availability-multistep
https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-overview
Community vote distribution
B (100%)
Question #: 22 Topic #: 6
HOTSPOT -
You have an Azure subscription that has diagnostic logging enabled and is configured to send logs to a Log Analytics
workspace. You are investigating a service outage.
You need to view the event time, the event name, and the affected resources.
How should you complete the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Box 1: AzureActivity - The AzureActivity table has entries from the Azure activity log, which provides insight into subscription-
level or management group-level events occuring in Azure. Let's see only Critical entries during a specific week.
The where operator is common in the Kusto Query Language. where filters a table to rows that match specific criteria. The
following example uses multiple commands. First, the query retrieves all records for the table. Then, it filters the data for only
records that are in the time range. Finally, it filters those results for only records that have a Critical level.
AzureActivity -
| where TimeGenerated > datetime(10-01-2020) and TimeGenerated < datetime(10-07-2020)
| where Level == 'Critical'
Incorrect: not Perf: The Perf table has performance data that's collected from virtual machines that run the Log Analytics agent.
Box 2: | project -
Select a subset of columns: project.
Use project to include only the columns you want. Building on the preceding example, let's limit the output to certain columns:
AzureActivity -
| where TimeGenerated > datetime(10-01-2020) and TimeGenerated < datetime(10-07-2020)
| where Level == 'Critical'
| project TimeGenerated, Level, OperationNameValue, ResourceGroup, _ResourceId
Reference: https://github.com/MicrosoftDocs/dataexplorer-docs/blob/main/data-explorer/kusto/query/tutorial.md
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log?tabs=powershell#send-to-log-analytics-workspace
https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/projectoperator
https://www.shudnow.io/2020/03/06/retrieving-activity-log-data-from-azure-log-analytics-part-2/
Question #: 23 Topic #: 6
You have a Recovery Services vault named RSV1. RSV1 has a backup policy that retains instant snapshots for five
days and daily backup for 14 days.
RSV1 performs daily backups of VM1. VM1 hosts a static website that was updated eight days ago.
You need to recover VM1 to a point eight days ago. The solution must minimize downtime.
What should you do first?
A. Deallocate VM1.
B. Restore VM1 by using the Replace existing restore configuration option.
C. Delete VM1.
D. Restore VM1 by using the Create new restore configuration option.

Suggested Answer: B 🗳️
Replace existing: You can restore a disk, and use it to replace a disk on the existing VM.
The current VM must exist. If it's been deleted, this option can't be used.
Azure Backup takes a snapshot of the existing VM before replacing the disk, and stores it in the staging location you specify.
Existing disks connected to the VM are replaced with the selected restore point.
The snapshot is copied to the vault, and retained in accordance with the retention policy.
After the replace disk operation, the original disk is retained in the resource group. You can choose to manually delete the
original disks if they aren't needed.
Reference: https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms
Community vote distribution
B (53%)
D (47%)
Question #: 24 Topic #: 6

HOTSPOT -
You have an Azure subscription that contains the resources shown in the following table.

You plan to create a data collection rule named DCR1 in Azure Monitor.
Which resources can you set as data sources in DCR1, and which resources can you set as destinations in DCR1? To
answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Box 1: VM1 only - A virtual machine may have an association to multiple DCRs, and a DCR may have multiple virtual machines
associated to it. In the Resources tab, add the resources (virtual machines, virtual machine scale sets, Arc for servers) that
should have the Data Collection Rule applied.
Box 2: Workspace1 only - On the Destination tab, add one or more destinations for the data source. You can select multiple
destinations of same of different types, for instance multiple Log Analytics workspaces (i.e. "multi-homing").
Note: The Data Collection Rules (or DCR) improve on a few key areas of data collection from VMs including like better control
and scoping of data collection (e.g. collect from a subset of VMs for a single workspace), collect once and send to both Log
Analytics and Azure Monitor Metrics, send to multiple workspaces (multi- homing for Linux), improved Windows event filtering,
and improved extension management.
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/data-collection-rule-azure-monitor-agent
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/data-collection-rule-overview
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/data-collection
Question #: 25 Topic #: 6
HOTSPOT -
You have the role assignment file shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information
presented in the graphic.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:
Reference: https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#contributor

Question #: 26 Topic #: 6
HOTSPOT -
You have the following custom role-based access control (RBAC) role.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
https://learn.microsoft.com/en-us/azure/role-based-access-control/role-definitions#notactions
https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles/compute#virtual-machine-contributor
https://docs.metallic.io/metallic/azure_resource_provider_usage.html

Question #: 27 Topic #: 6
HOTSPOT -
You have an Azure subscription that contains the resources shown in the following table.

NSG1 is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview#default-security-rules
Question #: 28 Topic #: 6 Duplicate of Question #: 9 Topic #: 5
Question #: 29 Topic #: 6
HOTSPOT -
You have two Azure subscriptions named Sub1 and Sub2. Sub1 is in a management group named MG1. Sub2 is in a
management group named MG2. You have the resource groups shown in the following table.

You have the virtual machines shown in the following table.

You assign roles to users as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point. Hot Area:

Suggested Answer:

Reference: https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-contributor
https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-user-login
https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-contributor

Question #: 30 Topic #: 6
You have an Azure Active Directory (Azure AD) tenant that is linked to 10 Azure subscriptions.
You need to centrally monitor user activity across all the subscriptions.
What should you use?
A. Azure Application Insights Profiler
B. access reviews
C. Activity log filters
D. a Log Analytics workspace

Suggested Answer: D 🗳️
Community vote distribution
D (100%)
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log?tabs=powershell
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log?tabs=powershell#send-to-log-analytics-
workspace

Question #: 31 Topic #: 6
DRAG DROP -
You have an Azure subscription that contains a virtual machine name VM1.
VM1 has an operating system disk named Disk1 and a data disk named Disk2.
You need to back up Disk2 by using Azure Backup.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of
actions to the answer area and arrange them in the correct order. Select and Place:
Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/backup/backup-managed-disks
https://docs.microsoft.com/en-us/answers/questions/405915/what-is-difference-between-recovery-services-vault.html

Question #: 32 Topic #: 6
You have a subnet named Subnet1 that contains Azure virtual machines. A network security group (NSG) named
NSG1 is associated to Subnet1. NSG1 only contains the default rules.
You need to create a rule in NSG1 to prevent the hosts on Subnet1 form connecting to the Azure portal. The hosts
must be able to connect to other internet hosts.
To what should you set Destination in the rule?
A. Application security group
B. IP Addresses
C. Service Tag
D. Any
Suggested Answer: C 🗳️
Community vote distribution
C (81%)
B (19%)
Reference: https://docs.microsoft.com/en-us/azure/virtual-network/service-tags-overview
https://learn.microsoft.com/en-us/answers/questions/1198445/what-azureportal-service-tag-mean

Question #: 33 Topic #: 6 Duplicate of Question #: 22 Topic #: 2

Question #: 34 Topic #: 6
You have an Azure App Service web app named App1.
You need to collect performance traces for App1.
What should you use?
A. Azure Application Insights Profiler
B. the Activity log
C. the Deployment center
D. the Diagnose and solve problems settings

Suggested Answer: B 🗳️
Community vote distribution
A (100%)
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/profiler/profiler-overview

Question #: 35 Topic #: 6
You have an Azure subscription that contains the storage accounts shown in the following table.

You deploy a web app named App1 to the West US Azure region.
You need to back up App1. The solution must minimize costs.
Which storage account should you use as the target for the backup?
A. storage1
B. storage2
C. storage3
D. storage4

Suggested Answer: D 🗳️
Community vote distribution
B (85%)
A (15%)
Reference: https://learn.microsoft.com/en-us/azure/storage/common/storage-account-overview
https://azure.microsoft.com/en-us/pricing/calculator/
https://learn.microsoft.com/en-us/azure/app-service/manage-backup?tabs=portal
https://learn.microsoft.com/en-us/azure/storage/common/storage-account-upgrade?tabs=azure-portal

Question #: 36 Topic #: 6
HOTSPOT -
You have an Azure subscription that is linked to an Azure AD tenant. The tenant contains two users named User1 and
User2. The subscription contains the resources shown in the following table.

The subscription contains the alert rules shown in the following table.

The users perform the following action:

• User1 creates a new virtual disk and attaches the disk to VM1
• User2 creates a new resource tag and assigns the tag to RG1 and VM1
Which alert rules are triggered by each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-types#log-alerts
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log-schema
Question #: 37 Topic #: 6 Duplicate of Question #: 51 Topic #: 4
Question #: 38 Topic #: 6
You have an Azure subscription that contains eight virtual machines and the resources shown in the following table.

You need to configure access for VNET1. The solution must meet the following requirements:
• The virtual machines connected to VNET1 must be able to communicate with the virtual machines
connected to VNET2 by using the Microsoft backbone.
• The virtual machines connected to VNET1 must be able to access storage1, storage2, and Azure AD by using
the Microsoft backbone.
What is the minimum number of service endpoints you should add to VNET1?
A. 1
B. 2
C. 3
D. 5

Suggested Answer: D 🗳️
Reference: https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints
https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal
https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoint-policies-portal
Community vote distribution
B (89%)
11%
Question #: 39 Topic #: 6
You need to configure an Azure web app named contoso.azurewebsites.net to host www.contoso.com.
What should you do first?
A. Create A records named www.contoso.com and asuid.contoso.com.
B. Create a TXT record named asuid that contains the domain verification ID.
C. Create a CNAME record named asuid that contains the domain verification ID.
D. Create a TXT record named www.contoso.com that has a value of contoso.azurewebsites.net.

Suggested Answer: C 🗳️
Reference: https://learn.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-domain?tabs=a%2Cazurecli
Community vote distribution
B (68%)
C (21%)

Question #: 40 Topic #: 6
You have an Azure subscription that contains 10 network security groups (NSGs), 10 virtual machines, and a Log
Analytics workspace named Workspace1. Each NSG is connected to a virtual machine.
You need to configure an Azure Monitor Network Insights alert that will be triggered when suspicious network traffic
is detected. What should you do first?
A. Deploy Connection Monitor.
B. Configure data collection endpoints.
C. Configure a private link.
D. Configure NSG flow logs.

Suggested Answer: D 🗳️
Community vote distribution
D (90%)
10%
Reference: https://learn.microsoft.com/en-us/azure/network-watcher/network-insights-overview#traffic
https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview
Question #: 41 Topic #: 6
HOTSPOT-
You have an Azure subscription named Sub1 that contains the resources shown in the following table.

Sub1 contains the following alert rule:

• Name: Alert1
• Scope: All resource groups in Sub1
o Include all future resources
• Condition: All administrative operations
• Actions: Action1
Sub1 contains the following alert processing rule:
• Name: Rule1
• Scope: Sub1
• Rule type: Suppress notifications
• Apply the rule: On a specific time
o Start: August 10, 2022
o End: August 13, 2022
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources#required-access
https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-processing-rules?tabs=portal#what-should-this-rule-do
Question #: 42 Topic #: 6
You have an Azure subscription that contains a storage account named storage1 in the North Europe Azure region.
You need to ensure that when blob data is added to storage1, a secondary copy is created in the East US region. The
solution must minimize administrative effort. What should you configure?
A. operational backup
B. object replication
C. geo-redundant storage (GRS)
D. a lifecycle management rule

Suggested Answer: C 🗳️
Community vote distribution
B (91%)
9%
Reference: https://learn.microsoft.com/en-us/azure/storage/blobs/object-replication-overview
https://learn.microsoft.com/en-us/azure/reliability/cross-region-replication-azure

Question #: 43 Topic #: 6
You have an Azure subscription that contains two Log Analytics workspaces named Workspace1 and Workspace2
and 100 virtual machines that run Windows Server.
You need to collect performance data and events from the virtual machines. The solution must meet the following
requirements:
• Logs must be sent to Workspace1 and Workspace 2.
• All Windows events must be captured.
• All security events must be captured.
What should you install and configure on each virtual machine?
A. the Azure Monitor agent
B. the Windows Azure diagnostics extension (WAD)
C. the Windows VM agent
Suggested Answer: A 🗳️
A (100%)
Reference: https://learn.microsoft.com/en-us/azure/azure-monitor/agents/agentsoverview
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/agentsoverview#install-the-agent-and-configure-data-collection
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/datacollection-rule-azure-monitor-agent?tabs=portal

Question #: 44 Topic #: 6
You have an Azure subscription that contains a virtual machine named VM1 and an Azure function named App1.
You need to create an alert rule that will run App1 if VM1 stops.
What should you create for the alert rule?
A. an application security group
B. a security group that has dynamic device membership
C. an action group
D. an application group

Suggested Answer: C 🗳️
Community vote distribution
C (100%)

Question #: 45 Topic #: 6
You have an Azure subscription that contains a virtual network named VNet1.
VNet1 uses two ExpressRoute circuits that connect to two separate on-premises datacenters.
You need to create a dashboard to display detailed metrics and a visual representation of the network topology.
What should you use?
A. Azure Monitor Network Insights
B. a Data Collection Rule (DCR)
C. Azure Virtual Network Watcher
D. Log Analytics

Suggested Answer: A 🗳️
Reference: https://learn.microsoft.com/en-us/azure/network-watcher/network-insights-overview
https://learn.microsoft.com/en-us/azure/network-watcher/view-network-topology?tabs=portal
https://learn.microsoft.com/en-us/azure/expressroute/monitor-expressroute
https://learn.microsoft.com/en-us/azure/expressroute/expressroute-network-insights
Community vote distribution
A (91%)
9%
Question #: 46 Topic #: 6
You deploy Azure virtual machines to three Azure regions
Each region contains a virtual network. Each virtual network contains multiple subnets peered in a full mesh topology.
Each subnet contains a network security group (NSG) that has defined rules.
A user reports that he cannot use port 33000 to connect from a virtual machine in one region to a virtual machine in
another region.
Which two options can you use to diagnose the issue? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Azure Virtual Network Manager
B. IP flow verify
C. Azure Monitor Network Insights
D. Connection troubleshoot
E. elective security rules

Suggested Answer: BC 🗳️
Reference: https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview
https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-connectivity-overview
Community vote distribution
BD (100%)
Question #: 47 Topic #: 6
You have an Azure subscription.
You need to receive an email alert when a resource lock is removed from any resource in the subscription.
What should you use to create an activity log alert in Azure Monitor?
A. a resource, a condition, and an action group
B. a resource, a condition, and a Microsoft 365 group
C. a Log Analytics workspace, a resource, and an action group
D. a data collection endpoint, an application security group, and a resource group

Suggested Answer: A 🗳️
Reference: https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-create-new-alert-rule
https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-create-new-alert-rule?tabs=metric
Community vote distribution
A (100%)

uestion #: 48 Topic #: 6
HOTSPOT-
You have an Azure subscription that contains the alerts shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information
presented in the graphic.
NOTE: Each correct selection is worth one point.
Suggested Answer:

Reference: https://learn.microsoft.com/en-us/training/modules/configure-azure-alerts/2b-manage-azure-monitor-alerts

Question #: 49 Topic #: 6 Duplicate of Question #: 02 Topic #: 6

Question #: 50 Topic #: 6
HOTSPOT-
You have an Azure subscription that contains the vaults shown in the following table.

You deploy the virtual machines shown in the following table.

You have the backup policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/backup/backup-azure-vms-enhanced-policy?tabs=azure-portal
https://learn.microsoft.com/en-us/azure/backup/backup-support-matrix
https://learn.microsoft.com/en-us/azure/backup/selective-disk-backup-restore
https://learn.microsoft.com/en-us/azure/backup/backup-azure-vms-encryption#encryption-support-using-ade

Question #: 51 Topic #: 6
You have an Azure subscription. The subscription contains virtual machines that connect to a virtual network named
VNet1. You plan to configure Azure Monitor for VM Insights.
You need to ensure that all the virtual machines only communicate with Azure Monitor through VNet1.
What should you create first?
A. a data collection rule (DCR)
B. a Log Analytics workspace
C. an Azure Monitor Private Link Scope (AMPLS)
D. a private endpoint

Suggested Answer: C 🗳️
Reference: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/private-link-configure
https://learn.microsoft.com/en-us/azure/azure-monitor/logs/private-link-security
Community vote distribution
C (85%)
Question #: 52 Topic #: 6
HOTSPOT-
You have an Azure subscription that contains the vaults shown in the following table.

You create a storage account that contains the resources shown in the following table.

To which vault can you back up cont1 and share1? To answer, select the appropriate options in the answer area.
NOTE: Each correct answer is worth one point.

Suggested Answer:

Reference: https://learn.microsoft.com/en-us/answers/questions/405915/what-is-difference-between-recovery-services-vault
Question #: 53 Topic #: 6
You have an Azure subscription that contains an Azure Stream Analytics job named Job1.
You need to monitor input events for Job1 to identify the number of events that were NOT processed.
Which metric should you use?
A. Out-of-Order Events
B. Output Events
C. Late Input Events
D. Backlogged Input Events

Suggested Answer: D 🗳️
Reference: https://learn.microsoft.com/en-us/azure/stream-analytics/stream-analytics-job-metrics
Community vote distribution
D (100%)

Question #: 54 Topic #: 6
You have an Azure subscription that contains an Azure SQL database named DB1.
You plan to use Azure Monitor to monitor the performance of DB1. You must be able to run queries to analyze log
data. Which destination should you configure in the Diagnostic settings of DB1?
A. Send to a Log Analytics workspace.
B. Archive to a storage account.
C. Stream to an Azure event hub.

Suggested Answer: A 🗳️
Reference: https://www.sqlservercentral.com/articles/monitoring-azure-sql-databases
https://learn.microsoft.com/en-us/azure/azure-sql/database/metrics-diagnostic-telemetry-logging-streaming-export-configure
https://techcommunity.microsoft.com/t5/azure-database-support-blog/azure-sql-db-and-log-analytics-better-together-part-1/ba-
p/794833
Community vote distribution
A (100%)
Question #: 55 Topic #: 6
You have an Azure subscription. The subscription contains virtual machines that run Windows Server.
You have a data collection rule (DCR) named Rule1.
You plan to use the Azure Monitor Agent to collect events from Windows System event logs.
You only need to collect system events that have an ID of 1001.
Which type of query should you use for the data source in Rule1?
A. SQL
B. XPath
C. KQL

Suggested Answer: B 🗳️
Community vote distribution
B (80%)
C (20%)
Reference: https://learn.microsoft.com/en-us/windows/win32/wes/consuming-events
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-collection-rule-azure-monitor-agent?tabs=portal
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/data-collection-rule-structure

Question #: 56 Topic #: 6
You have an Azure subscription that contains a virtual machine named VM1.
You have an on-premises datacenter that contains a domain controller named DC1. ExpressRoute is used to connect
the on-premises datacenter to Azure.
You need to use Connection Monitor to identify network latency between VM1 and DC1.
What should you install on DC1?
A. the Azure Connected Machine agent for Azure Arc-enabled servers
B. the Azure Network Watcher Agent virtual machine extension
C. the Log Analytics agent
D. an Azure Monitor agent extension

Suggested Answer: D 🗳️
Reference: https://learn.microsoft.com/en-us/azure/network-watcher/azure-monitor-agent-with-connection-monitor
https://learn.microsoft.com/en-us/azure/network-watcher/connection-monitor-overview
Community vote distribution
D (48%)
C (41%)
Question #: 57 Topic #: 6
You have an Azure subscription that has Traffic Analytics configured.
You deploy a new virtual machine named VM1 that has the following settings:
• Region: East US
• Virtual network: VNet1
• NIC network security group: NSG1
You need to monitor VM1 traffic by using Traffic Analytics.
Which settings should you configure?
A. Diagnostic settings for VM1
B. NSG flow logs for NSG1
C. Diagnostic settings for NSG1
D. Insights for VM1

Suggested Answer: B 🗳️
Community vote distribution
B (100%)
Reference: https://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics
https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-tutorial

Question #: 58 Topic #: 6
You have an Azure subscription. The subscription contains 10 virtual machines that run Windows Server. Each virtual
machine hosts a website in IIS and has the Azure Monitor Agent installed.
You need to collect the IIS logs from each virtual machine and store them in a Log Analytics workspace.
What should you configure first?
A. a data collection endpoint
B. an Azure Monitor Private Link Scope (AMPLS)
C. Diagnostic settings
D. VM insights
E. a private endpoint

Suggested Answer: A 🗳️
Community vote distribution
A (100%)
Reference: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/data-collection-endpoint-overview?tabs=portal
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-collection-iis
https://learn.microsoft.com/en-us/azure/azure-monitor/vm/tutorial-monitor-vm-guest

Question #: 59 Topic #: 6
HOTSPOT-
You have an Azure subscription that contains two storage accounts named contoso101 and contoso102.
The subscription contains the virtual machines shown in the following table.

VNet1 has service endpoints configured as shown in the Service endpoints exhibit. (Click the Service endpoints tab.)

The Microsoft.Storage service endpoint has the service endpoint policy shown in the Microsoft.Storage exhibit. (Click
the Microsoft.Storage tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Suggested Answer:

Reference: https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoint-policies-overview#configuration
https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview#limitations

Question #: 60 Topic #: 6
You have an Azure subscription that contains multiple virtual machines in the West US Azure region.
You need to use Traffic Analytics in Azure Network Watcher to monitor virtual machine traffic.
Which two resources should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. a Log Analytics workspace
B. an Azure Monitor workbook
C. a storage account
D. a Microsoft Sentinel workspace
E. a Data Collection Rule (DCR) in Azure Monitor
Suggested Answer: AC 🗳️
Reference: https://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics#prerequisites
https://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-overview
https://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-faq
Community vote distribution
AE (50%)
AC (48%)
Question #: 61 Topic #: 6
You have an Azure subscription that contains a virtual machine named VM1.
You plan to deploy an Azure Monitor alert rule that will trigger an alert when CPU usage on VM1 exceeds 80 percent.
You need to ensure that the alert rule sends an email message to two users named User1 and User2.
What should you create for Azure Monitor?
A. an action group
B. a mail-enabled security group
C. a distribution group
D. a Microsoft 365 group

Suggested Answer: A 🗳️
Reference: https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-overview
Community vote distribution
A (100%)