Azure Solutions Architect Expert Certification Questions And Answers Dumps

Azure Solutions Architect Expert Exam Preparation

This exam measures your ability to accomplish the following technical tasks: design identity, governance, and monitoring solutions; design data storage solutions; design business continuity solutions; and design infrastructure solutions.

This blog covers the Designing Microsoft Azure Infrastructure Solutions.

A candidate for this certification should have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platforms, and governance. A professional in this role should manage how decisions in each area affect an overall solution. In addition, they should have experience in Azure administration, Azure development, and DevOps processes.

2022 AWS Cloud Practitioner Exam Preparation

Skills measured

  • Design identity, governance, and monitoring solutions (25-30%)
  • Design data storage solutions (25-30%)
  • Design business continuity solutions (10-15%)
  • Design infrastructure solutions (25-30%)

Below are the top 50 Questions and Answers for AZ303, AZ304 and AZ305 Certification Exam:

What is one reason to regularly review Azure role assignments?

A. ensure naming conventions are properly applied.

B. To reduce the risk associated with stale role assignments.

C. To eliminate extra distribution groups that are no longer used.

Answer: B:  You should regularly review access of privileged Azure resource roles to reduce the risk associated with stale role assignment

What is an access package?

A. An access package is a group of users with the access they need to work on a project or perform a task.

B. An access package is a bundle of all the resources with the access a user needs to work on a project or perform their task.

C. An access package is a used to create a transitive trust between B2B organizations.

Answer: B:  An access package is a bundle of all the resources with the access a user needs to work on a project or perform their task. For example, you may want to create an Access Package that includes all the applications that developers in your organization need, or all applications to which external users should have access.

How can Discovery and insights for privileged identity management help an organization?

A. Discovery and insights can find privileged role assignments across Azure AD, and then provide recommendations on how to secure them using Azure AD governance features like Privileged Identity Management (PIM).

B. Discovery and insights can find when guest’s access resources across Azure AD.


Save 65% on select product(s) with promo code 65ZDS44X on Amazon.com

C. Discovery and insights can find security group assignments across Azure AD, and then provide recommendations on how to secure them using Azure AD governance features like Privileged Identity Management (PIM).

D. N/A


Answer: A – Discovery and insights can find privileged role assignments across Azure AD, and then provide recommendations on how to secure them using Azure AD governance features like Privileged Identity Management (PIM).

Whether to assign a role to a group instead of to individual users is a strategic decision. When planning, consider assigning a role to a group to manage role assignments when the desired outcome is to delegate assigning the role and what else?

A. You want to use Conditional Access policies.

B. Many Azure resources need to be managed.

C. Many users are assigned to a role.

D. N/A


Answer: C – Management of one group is much easier than management many individual users.

Which roles can only be assigned using Privileged Identity Management?

A. Permanently active roles.

B. Eligible roles.

C. Transient roles.

D. N/A


Answer: B. – Permanently active roles are the normal roles assigned through Azure Active Directory and Azure resources while eligible roles can only be assigned in Privileged Identity Management.

What is the purpose of the audit logs?

A. Azure AD audit logs provide a comparison of budgeted Azure usage compared to actual.

B. Azure AD audit logs provide records of system activities for compliance reporting.

C. Azure AD audit logs allow customer to monitor activity when provisioning new services within Azure.

D. N/A


Answer: B. – An audit log has a default list view that shows data, like the date and time of the occurrence, the service that logged the occurrence, the category and name of the activity (what), the status of the activity (success or failure), the target, and the initiator/actor (who) of an activity.

Can Azure export logging data to third-party SIEM tools?

A. Yes, Azure supports exporting log data to several common third-party SIEM tools.

B. No, Azure only supports the export to Azure Sentinel.

C. Yes, Splunk is the 3rd Party SIEM Azure can export to.

D. N/A


Answer: A. – Azure can export to many of the most popular SIEM tools. The most common are Splunk, IBM QRadar, and ArcSight.

A Solutions Architect wants to configure email notifications to be sent from Azure AD Domain Services when issues are detected. In Azure, where this would be configured?

A. Azure Microsoft Portal > Azure Active Directory > Monitoring > Notifications > Add email recipient.

B. Azure Microsoft Portal > Azure AD Domain Services > Notification settings > Add email recipient.

C. Azure Microsoft Portal > Notification Hubs > Azure Active Directory > Add email recipient.

D. N/A


Answer: B – The health of an Azure Active Directory Domain Services (Azure AD DS) managed domain is monitored by the Azure platform. The health status page in the Azure Microsoft Portal shows any alerts for the managed domain. To make sure issues are responded to in a timely manner, email notifications can be configured to report on health alerts as soon as they’re detected in the Azure AD DS managed domain.

You are architecting a web application that constantly reads and writes important medical imaging data in blob storage.

To ensure the web application is resilient, you have been asked to configure Azure Storage as follows:

  • Protect against a regional disaster.
  • Leverage synchronous replication of storage data across multiple data centers.

How would you configure Azure Storage to meet these requirements?

GZRS provides asynchronous replication to a single physical location in the secondary region. Additionally, this includes synchronous replication across three availability zones within the primary region (ZRS).

Video for reference: Storage Account Replication

 

You need to ensure your virtual machine boot and data volumes are encrypted. Your virtual machine is already deployed using an Azure marketplace Windows OS image and managed disks. Which  tasks should you complete to enable the required encryption?

Configure a Key Vault Access Policy: A Key Vault Access Policy will be required to allow Azure Disk Encryption for volume encryption.

Create an Azure Key Vault: Azure Disk Encryption leverages a Key Vault for the secure storage of cryptographic information.

Video for reference: Azure Disk Encryption

You have configured Azure multi-factor authentication (MFA) for your company. Some staff have reported they are receiving MFA verification requests, even when they didn’t initiate any authentication themselves. They believe this might be hackers.
Which feature would you enable to help protect against this type of security issue?

Fraud alert helps users to protect against MFA verification requests they did not initiate. It provides the ability to report fraudulent attempts, as well as the ability to automatically block users who report fraud.

Reference: Fraud Alert

You are configuring a new storage account using PowerShell. The storage account must support Queue storage. The PowerShell command you are using is as follows:

New-AzStorageAccount -name "tpcstore01" -ResourceGroupName "rg1" -location "auseast" -SkuName "standard_lrs"

Which two arguments could you use to complete the PowerShell command to meet the above requirements?

-Kind "Storage"

General Purpose v1 supports blob, file, queue, table, and disk.

-Kind "StorageV2"

General Purpose v2 supports blob, file, queue, table, disk, and data lake.

You need to ensure your virtual machine boot and data volumes are encrypted. Your virtual machine is already deployed using an Azure marketplace Linux OS image and managed disks.
Which  two commands would you use to enable the required encryption?

New-AzKeyvault

Azure Disk Encryption leverages a Key Vault for the secure storage of cryptographic information.

Set-AzVMDiskEncryptionExtension

Azure Disk Encryption leverages a VM extension to enable BitLocker (Windows) or DM-Crypt (Linux) to encrypt boot/OS/data volumes.

CompanyA is planning on making some significant changes to their governance solution. They have asked for your assistance with recommendations and questions. Here are the specific requirements.

– Consistency across subscriptions. It appears each subscription has different policies for the creation of virtual machines. The IT department would like to standardize the policies across the Azure subscriptions.

– Ensure critical storage is highly available. There are several critical applications that use storage. The IT department wants to ensure the storage is made highly available across regions.

– Identify R&D costs. The CTO wants to know how much a new project is costing. The costs are spread out across multiple departments.

– ISO compliance. CompanyA wants to certify that it complies with the ISO 27001 standard. The standard will require resources groups, policy assignments, and templates.

How can CompanyA to ensure policies are implemented across multiple subscriptions?

Create a management group and place all the relevant subscriptions in the new management group.
A management group could include all the subscriptions. Then a policy could be scoped to the management group and applied to all the subscriptions.

How can CompanyA ensure applications use geo-redundancy to create highly available storage applications?

Add an Azure policy that requires geo-redundant storage.
An Azure policy can enforce different rules over your resource configurations.

How can CompanyA report all the costs associated with a new product?

Add a resource tag to identify which resources are used for the new product.
Resource tagging provides extra information, or metadata, about your resources. You could then run a cost report on all resources with that tag.

Which governance tool should CompanyA use for the ISO 27001 requirements?

Azure blueprints.
Azure blueprints will deploy all the artifacts for ISO 27001 compliance.

You are configuring an Azure Automation runbook using the Azure sandbox.
For your runbook to work, you need to install a PowerShell module. You would like to minimize the administrative overhead for maintaining and operating your runbook.
Which option should you choose to install an additional PowerShell module?

Navigate to Shared Resources > Modules, and configure the additional module.
Additional PowerShell modules can be added to the sandbox environment for use by your runbooks.

CompanyA is planning on making some significant changes to their identity and access management solution. They have asked for your assistance on some recommendations and questions. Here are the specific requirements.

– Device access to company applications. The CTO has agreed to allow some level of device access. Employees at the company’s retail stores will now be able to access certain company applications. This access, however, should be restricted to only approved devices.

– Company reorganization. A company-wide reorganization has affected many employees. These employees are now in new roles. The IT team needs to ensure users have the correct access based on their new jobs.

– External developer accounts. A new development project requires external software developers to access company data files. The IT team needs to create user accounts for approximately five developers.

– User sign-in attempts. A recent audit of user sign-ins attempts revealed anonymous IP addresses and unusual locations. The IT team wants to require multifactor authentication for these attempted sign-ins.

How can CompanyA ensure that employees at the company’s retail stores can access company applications only from approved tablet devices?

Conditional access: Conditional Access enables you to require users to access your applications only from approved, or managed, devices.

What should CompanyA do to ensure employees have the correct permissions for their job role?

Require an access review: An access review would give managers an opportunity to validate the employees access.

What should CompanyA do to give access to the partner developers?

Invite the developers as guest users to their directory: In Business-to-Business scenarios guest user accounts are created. You can then apply the appropriate permissions

What solution would be best for the user sign-in attempts requirement?

Create a sign-in risk policy: That’s correct. A sign-in risk policy can identify anonymous IP and atypical locations. Secondary multifactor authentication can then be required.

You are working as a network administrator, managing the following virtual networks:

VNET1

  • Location: Australia East

  • Resource groupRG1

  • Address space: 10.1.0.0/16

    VNET2

  • Location: Australia Southeast

  • Resource groupRG2

  • Address space: 10.1.0.0/16

You have been asked to connect VNET1 and VNET2, to allow private communication between resources in each virtual network. Do you need to modify either of the two virtual networks before virtual network peering is supported?

Yes: IP address ranges cannot overlap. One of the virtual networks must have their address space changed before VNet peering would be able to be configured.

You are architecting identity management for a hybrid environment, and you plan to use Azure AD Connect with password hash sync (PHS).
It is important that you design the solution to be highly available. How would you implement high availability for the synchronization service?

Configure an additional server with Azure AD Connect in staging mode.

Azure AD Connect can be configured in staging mode, which helps with high availability.

You are responsible for monitoring a major web application for your company. The application is implemented using Azure App Service Web Apps and Application Insights.
The chief marketing officer has asked you to provide information to help analyze user behavior based on a group of characteristics. To start with, it will be a simple query looking at all active users from Australia.
Which of the following would you use to provide this information?

Cohorts leverage analytics queries to analyze users, sessions, events, or operations that have something in common (e.g., location, event, etc.). Reference: App insights

You work for a company with multiple Active Directory domains: exampledomain1.com and test.lab.com. Your company would like to use Azure AD Connect to synchronize your on-premises Active Directory domain, exampledomain1.com, with Azure AD. You do not wish to synchronize test.lab.com.

Which tasks should you complete, requiring minimal administrative effort and causing the least disruption to the existing environment?

Run the Azure AD Connect wizard, and configure Domain and OU filtering.

You are architecting a mission-critical processing solution for your company. The solution will leverage virtual machines for the processing tier, and it is critical that high performance levels are maintained at all times.
You need to leverage a managed disk that guarantees up to 900 MB/s throughput and 2,000 IOPS — but also minimizes costs.
Which of the following would you use within your solution?

Premium SSD Managed Disks:  Premium SSDs provide high performance and low latency, and include guaranteed capacity, IOPS, and throughput.

CompanyA wants to reduce storage costs by reducing duplicate content and, whenever applicable, migrating it to the cloud. The company would like a solution that centralizes maintenance while still providing nation-wide access for customers. Customers should be able to browse and purchase items online even in a case of a failure affecting an entire Azure region. Here are some specific requirements.

  • Warranty document retention. The company’s risk and legal teams requires warranty documents be kept for three years.

  • New photos and videos. The company would like each product to have a photo or video to demonstrate the product features.

  • External vendor development. A vendor will create and develop some of the online ecommerce features. The developer will need access to the HTML files, but only during the development phase.

  • Product catalog updates. The product catalog is updated every few months. Older versions of the catalog aren’t viewed frequently but must be available immediately if accessed.

What is the best way for CompanyA to protect their warranty information?

Time-based retention policy: With a time-based retention policy, users can set policies to store data for a specified interval. When a time-based retention policy is in place, objects can be created and read, but not modified or deleted.

What type of storage should CompanyA use for their photos and videos?

Blob storage: That’s correct. Blob storage is best for their photos.

What is the best way to provide the developer access to the ecommerce HTML files?

Shared access signatures: That’s correct. Shared access signatures provide secure delegated access. This functionality can be used to define permissions and how long access is allowed.

Which access tier should be used for the older versions of the product catalog?

Cool access tier: That’s correct. The cool access tier is for content that wouldn’t be viewed frequently but must be available immediately if accessed.

What tool would you use to identify underutilized and idle Azure resources in order to help reduce overall spend?

Azure Advisor: Advisor helps you optimize and reduce your overall Azure spend by identifying idle and underutilized resources. Reference

You work as a network administrator for a company. You manage several virtual machines within the following virtual network:

  • NameVNET1
  • Address space: 10.1.0.0/16
  • SubnetSUBNET1 (10.1.1.0/24)

You need to configure DNS for a VM called VM1, that is located in SUBNET1. DNS should be set to 8.8.8.8. All other VMs must keep their existing settings.

What should you do?

Navigate to the network interface of VM1, DNS Servers, and enable Custom DNS Servers and set to 8.8.8.8.

Custom DNS can be set at the network interface level, so that the settings only apply for a specific virtual machine.

You are architecting a web application that constantly reads and writes important medical imaging data in blob storage. To ensure the web application is resilient, you have proposed the use of storage account failover. Management has asked you whether any data loss might occur for this solution, in the event of a failover. How would you respond?

There may be data loss, and the extent of data loss can be estimated using the Last Sync Time.

The Last Sync Time property provides an indication of how far the secondary is behind from the primary. This can be used to estimate the extent of data loss that may occur. 

What storage service should you implement for an application that streams video content?

Azure Blobs: Azure blobs are used for storing large amounts of unstructured data, such as documents, images, and video files. This service is best used for streaming audio and video, particularly over HTTP/S.

What storage service should you implement for an application that needs to access data using SMB?

Azure Files: Azure files allow you to create and maintain highly available file shares that are accessible anywhere. They can be considered as a replacement to traditional file servers. They provide SMB access.

You are architecting a mission-critical solution for your company using virtual machines.
The solution must qualify for a Microsoft service level agreement (SLA) of 99.95%.
You deploy your solution to a single virtual machine in an availability set. The virtual machine uses premium storage. Does this meet the required SLA?

No: The virtual machine does use premium storage; however, this only provides a 99.9% SLA.

You are implementing Azure Backup using the Microsoft Azure Backup Server.
Which of the following would you use to allow the server to register with your recovery services vault?

Vault Credentials: Vault Credentials are used by the Microsoft Azure Backup Server software to register with the vault.

You are developing a solution on a server hosted on-premises. The solution needs to access data within Azure Key Vault.
Which two options would you use to ensure the application has access to Azure Key Vault?

Register the application in Azure AD and use a client secret.
To allow an on-premises application to authenticate with Azure AD, it can be registered in Azure AD and given a client secret (or client certificate). If this application was hosted on a supported Azure service, it could have been possible to use a managed identity instead.

Configure an access policy in Azure Key Vault.
To allow access to Key Vault, any identity (application, user, etc.) must be provided permissions using an Access Policy.

You have a Windows virtual machine within Azure, which must be backed up.
You have the following requirements:
– Back up the virtual machine three times per day
– Include system state backups
You configure a backup to a recovery services vault using the Microsoft Azure Recovery Services (MARS) agent.
Does this fulfill the requirements above?

Yes: The Microsoft Azure Recovery Services (MARS) agent can perform backups of files, folders, and system states up to three times a day.

You are planning a migration of machines to Azure from your on-premises Hyper-V host.
You would like to estimate how much it will cost to migrate your operating machines to Azure. Which of the following two items would you include in your migration solution?
The effort required to estimate pricing, and then ultimately go on to perform a migration, should be minimized.

Azure Migrate Project: All migrations (both assessment and migration) require an Azure Migrate Project for the storage of related metadata.

You are implementing Azure Blueprints to help improve standards and compliance for your Azure environment.
You would like to ensure that when an Azure Blueprint is used, a user is assigned ‘owner’ permissions to a specific resource group defined in the blueprint.
Does Azure Blueprints provide this functionality?

Yes: Azure Blueprints includes several different artifacts, one of which is ‘Role Assignment’. This allows a user to be assigned permissions as part of the blueprint definition.

You are planning a migration from on-premises to Azure.
Your on-premises environment is made up of the following:
– VMware hosted virtual machines
– Hyper-V hosted virtual machines
– Physical servers
Will the Azure Migrate: Server Migration tool provided by Microsoft support your environment for migrations to Azure?

Yes, for VMware, Hyper-V, and physical machines. The Azure Migrate: Server Migration tool support migrating VMware VMs, Hyper-V VMs, and physical servers.

For a new container image you are developing, you need to ensure a local HTML file, index.html, is included in the image. Which command would you include in the Dockerfile?

COPY ./index.html /usr/share/nginx/html

The COPY command can be used within a Dockerfile to copy files and directories from source to destination.

You have developed a financial management application for your company.
It is currently hosted as an Azure App Service Web App within Azure.
To improve security, you need to ensure that the web application is only accessible when users connect from your head-office IP address of 14.78.162.190.
Within the Azure Portal settings for your web app, which section would you use to configure this security?

Networking > Access Restrictions
Access Restrictions allows you to filter inbound connectivity to Azure App service, based on the IP address of the requesting user/service.
This meets the requirements of this scenario, as an Access Restriction could be configured for the Web App. To configure this, an ALLOW rule would be created for the web app (and the management interface, SCM, if needed). Adding the ALLOW rule for the IP address of 13.77.161.179 would automatically create a DENY ALL rule, which will prevent any other network location from accessing this resource.

You are responsible for improving the availability of a web application. The web application has the following characteristics:
– Hosted using Azure App Service.
– Leverages an Azure SQL back-end.
You need to configure Azure SQL Database to meet the following needs:
Must be able to continue operations in the event of a region failure.
Must support automatic failover in the event of failure.
You must recommend a solution that requires the least amount of effort to implement, and can manage in the event of a failover. Which configuration do you recommend?

Azure SQL auto-failover group: Using Azure SQL auto-failover groups provides protection at a geographic scale. By using the read-write listener, an application will seamlessly point to the primary, even in the event of a failover. Azure SQL auto-failover groups simplify the deployment and management of geo-replicated databases. It supports replication, and failover, for one or more databases on Azure SQL Database, or Azure SQL Managed Instances. A key benefit of auto-failover groups, is the built-in management of DNS for read, and read-write listeners.

You have been asked to implement high availability for an Azure SQL Managed Instance.
The solution is critical, and data loss must be minimized. If the data platform fails you must wait 1 hour before automatic failover occurs.
You must determine: (1) How to configure replication. (2) How to configure the 1 hour delay.

Enable replication using Auto-Failover Groups. Enable the 1 hour delay using the Grace Period.
Auto-Failover Groups are supported by Azure SQL Managed Instances, and the Grace Period is used to define how many hours to wait before an automatic read/write failover occurs.

You are helping to architect a social media application.
The solution must ensure that all users read data in the order it has been completely written.
You propose the use of Cosmos DB. What else do you include in your proposal to meet the requirements?

Cosmos DB Strong Consistency: Strong consistency ensures that reads are guaranteed to return the most recent committed write. This is useful when order matters.

You need to configure high availability for Azure SQL Databases.
You would like the service to include the following:
– Automatic failover policy.
– Ability to manually failover.
– DNS management for primary read/write access.
You configure Azure SQL Active Geo-Replication. Does this meet the requirements?

No: Active Geo-Replication does not include DNS automatically managed for primary read/write access. This is a feature of auto-failover groups. The inclusion of DNS for both the primary read/write endpoint, and the secondary read endpoint, reduces the management overhead for ensuring applications are pointing to the correct resources in the event of a disaster.

Djamgatech: Multilingual and Platform Independent Cloud Certification and Education App for AWS, Azure, Google Cloud

Djamgatech: AI Driven Continuing Education and Certification Preparation Platform

The Cloud Education Certification App is an EduFlix App for AWS, Azure, Google Cloud Certification Prep [Android, iOS]

Technology is changing and is moving towards the cloud. The cloud will power most businesses in the coming years and is not taught in schools. How do we ensure that our kids and youth and ourselves are best prepared for this challenge?

Building mobile educational apps that work offline and on any device can help greatly in that sense.

2022 AWS Cloud Practitioner Exam Preparation

The ability to tab on a button and learn the cloud fundamentals and take quizzes is a great opportunity to help our children and youth to boost their job prospects and be more productive at work.

The App covers the following certifications :
AWS Cloud Practitioner Exam Prep CCP CLF-C01, Azure Fundamentals AZ 900 Exam Prep, AWS Certified Solution Architect Associate SAA-C02 Exam Prep, AWS Certified Developer Associate DVA-C01 Exam Prep, Azure Administrator AZ 104 Exam Prep, Google Associate Cloud Engineer Exam Prep, Data Analytics for AWS DAS-C01, Machine Learning for AWS and Google, AWS Certified Security – Specialty (SCS-C01), AWS Certified Machine Learning – Specialty (MLS-C01), Google Cloud Professional Machine Learning Engineer and more… [Android, iOS]

[appbox googleplay com.cloudeducation.free]
[appbox appstore 1560083470-iphone screenshots]

The App covers the following cloud categories:

AWS Technology, AWS Security and Compliance, AWS Cloud Concepts, AWS Billing and Pricing , AWS Design High Performing Architectures, AWS Design Cost Optimized Architectures, AWS Specify Secure Applications And Architectures, AWS Design Resilient Architecture, Development With AWS, AWS Deployment, AWS Security, AWS Monitoring, AWS Troubleshooting, AWS Refactoring, Azure Pricing and Support, Azure Cloud Concepts , Azure Identity, governance, and compliance, Azure Services , Implement and Manage Azure Storage, Deploy and Manage Azure Compute Resources, Configure and Manage Azure Networking Services, Monitor and Backup Azure Resources, GCP Plan and configure a cloud solution, GCP Deploy and implement a cloud solution, GCP Ensure successful operation of a cloud solution, GCP Configure access and security, GCP Setting up a cloud solution environment, AWS Incident Response, AWS Logging and Monitoring, AWS Infrastructure Security, AWS Identity and Access Management, AWS Data Protection, AWS Data Engineering, AWS Exploratory Data Analysis, AWS Modeling, AWS Machine Learning Implementation and Operations, GCP Frame ML problems, GCP Architect ML solutions, GCP Prepare and process data, GCP Develop ML models, GCP Automate & orchestrate ML pipelines, GCP Monitor, optimize, and maintain ML solutions, etc.. [Android, iOS]

Cloud Education and Certification

The App covers the following Cloud Services, Framework and technologies:

AWS: VPC, S3, DynamoDB, EC2, ECS, Lambda, API Gateway, CloudWatch, CloudTrail, Code Pipeline, Code Deploy, TCO Calculator, SES, EBS, ELB, AWS Autoscaling , RDS, Aurora, Route 53, Amazon CodeGuru, Amazon Bracket, AWS Billing and Pricing, Simply Monthly Calculator, cost calculator, Ec2 pricing on-demand, IAM, AWS Pricing, Pay As You Go, No Upfront Cost, Cost Explorer, AWS Organizations, Consolidated billing, Instance Scheduler, on-demand instances, Reserved instances, Spot Instances, CloudFront, Workspace, S3 storage classes, Regions, Availability Zones, Placement Groups, Amazon lightsail, Redshift, EC2 G4ad instances, DAAS, PAAS, IAAS, SAAS, NAAS, Machine Learning, Key Pairs, AWS CloudFormation, Amazon Macie, Amazon Textract, Glacier Deep Archive, 99.999999999% durability, AWS Codestar, Amazon Neptune, S3 Bucket, EMR, SNS, Desktop As A Service, Emazon EC2 for Mac, Aurora Postgres SQL, Kubernetes, Containers, Cluster.

Azure: Virtual Machines, Azure App Services, Azure Container Instances (ACI), Azure Kubernetes Service (AKS), and Windows Virtual Desktop, Virtual Networks, VPN Gateway, Virtual Network peering, and ExpressRoute, Container (Blob) Storage, Disk Storage, File Storage, and storage tiers, Cosmos DB, Azure SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL, and SQL Managed Instance, Azure Marketplace, Azure consumption-based mode, management groups, resources and RG, Geographic distribution concepts such as Azure regions, region pairs, and AZ Internet of Things (IoT) Hub, IoT Central, and Azure Sphere, Azure Synapse Analytics, HDInsight, and Azure Databricks, Azure Machine Learning, Cognitive Services and Azure Bot Service, Serverless computing solutions that include Azure Functions and Logic Apps, Azure DevOps, GitHub, GitHub Actions, and Azure DevTest Labs, Azure Mobile, Azure Advisor, Azure Resource Manager (ARM) templates, Azure Security, Privacy and Workloads, General security and network security, Azure security features, Azure Security Centre, policy compliance, security alerts, secure score, and resource hygiene, Key Vault, Azure Sentinel, Azure Dedicated Hosts, Concept of defense in depth, NSG, Azure Firewall, Azure DDoS protection, Identity, governance, Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO),Azure Services, Core Azure architectural components, Management Groups, Azure Resource Manager,


Save 65% on select product(s) with promo code 65ZDS44X on Amazon.com

Google Cloud Platform: Compute Engine, App Engine, BigQuery, Bigtable, Pub/Sub, flow logs, CORS, CLI, pod, Firebase, Cloud Run, Cloud Firestore, Cloud CDN, Cloud Storage, Persistent Disk, Kubernetes engine, Container registry, Cloud Load Balancing, Cloud Dataflow, gsutils, Cloud SQL,

2022 AWS Cloud Practitioner Exam Preparation

Cloud Education Certification: Eduflix App for Cloud Education and Certification (AWS, Azure, Google Cloud) [Android, iOS]

Features:
– Practice exams
– 1000+ Q&A updated frequently.
– 3+ Practice exams per Certification
– Scorecard / Scoreboard to track your progress
– Quizzes with score tracking, progress bar, countdown timer.
– Can only see scoreboard after completing the quiz.
– FAQs for most popular Cloud services
– Cheat Sheets
– Flashcards
– works offline

Note and disclaimer: We are not affiliated with AWS, Azure, Microsoft or Google. The questions are put together based on the certification study guide and materials available online. The questions in this app should help you pass the exam but it is not guaranteed. We are not responsible for any exam you did not pass.

Important: To succeed with the real exam, do not memorize the answers in this app. It is very important that you understand why a question is right or wrong and the concepts behind it by carefully reading the reference documents in the answers.

AZ-900: Microsoft Azure Fundamentals – Top 100 Questions and Answers Dumps

Azure Fundamentals AZ900 Exam Prep

Microsoft Certified: Azure Fundamentals Average Salary — $126,653/year

Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep
#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Amazon’s AWS and Microsoft’s Azure are the big boys of the cloud computing world, even though AWS is much bigger than Azure.

Revenue from Microsoft Azure grew 72% from 2018 from $7.56 billion to $13 billion. Azure contributed to almost 10.5% of Microsoft’s total revenue in 2019. It has also been noted that the US defense chose Azure in its tactical operations. The last quarter earnings of 2019 grew by 64%.

2022 AWS Cloud Practitioner Exam Preparation

Azure Fundamentals exam is an opportunity to prove knowledge of:

Describing Cloud Concepts (20%),

Describing Azure services (20%),

Describing core solutions and management tools on Azure (10-15%),

Describing general security and network security features (10-15%),

Describing identity, governance, privacy, and compliance features (15-20%),

Describe Azure cost management and Service Level Agreements (10-15%)

This blog also includes Azure Services Cheat Sheet.


Save 65% on select product(s) with promo code 65ZDS44X on Amazon.com

The exam is intended for candidates who are just beginning to work with cloud-based solutions and services or are new to Azure.
Candidates should be familiar with the general technology concepts, including concepts of
networking, storage, compute, application support, and application development.

Azure Fundamentals can be used to prepare for other Azure role-based or specialty
certifications, but it is not a prerequisite for any of them.

Download Azure Fundamentals AZ900 Certification Exam Prep

Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep #Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Azure Fundamentals AZ900 Exam Prep in Udemy [50% OFF with this link]

Azure Fundamentals AZ900 Exam Prep on iOs

Azure Fundamentals AZ900 Exam Prep on android

Azure Fundamentals AZ900 Exam Prep on Windows 10/11

Azure Fundamentals AZ900 Exam Prep on Web/PWA

Djamgatech App store

Below are the top 100 AZ-900 Microsoft Azure fundamentals Certification exam questions and answers dumps.

I- AZ-900 Cloud Concepts – Azure Services

Question 1: Microsoft Office 365 is an example of which cloud deployment model?

A. PaaS

B. IaaS

C. CASB

D. SaaS

Answer1:

D

Notes:

Software as a service (SaaS) allows users to connect to and use cloud-based apps over the internet. Common examples are email, calendar, and office tools, such as Microsoft Office 365.

Reference1: SAAS

Question 2: You have an on-premises application that processes incoming Simple Message Submission Service (SMSS) queue messages and records the data to a log file. You migrate this application to an Azure function app. What kind of cloud service would this be considered?

A. Software-as-a-Service (SaaS)

B. Infrastructure-as-a-Service (IaaS)

C. Serverless

D. Platform-as-a-Service (PaaS)

Answer2:

Download Azure Fundamentals AZ900 Certification Exam Prep

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Azure Fundamentals AZ900 Exam Prep in Udemy [50% OFF with this link]

Azure Fundamentals AZ900 Exam Prep on iOs

Azure Fundamentals AZ900 Exam Prep on android

Azure Fundamentals AZ900 Exam Prep on Windows 10/11

Azure Fundamentals AZ900 Exam Prep on Web/PWA

Djamgatech App store

Notes2:

Serverless computing is the abstraction of servers, infrastructure, and operating systems. When you build serverless apps, you don’t need to provision and manage any servers, so you don’t have to worry about infrastructure. Serverless computing is driven by the reaction to events and triggers happening in near-real time in the cloud.

Reference2: Platform-as-a-Service (PaaS)

Question 3: Define “economy of scale”.

A. Spending money on products or services now and being billed for them now. You can deduct this expense from your tax bill in the same year.

B. Spending money on physical infrastructure up front, and then deducting that expense from your tax bill over time.

C. Prices for individual resources and services are provided so you can predict how much you will spend in a given billing period based on your expected usage.

D. The ability to do things more efficiently or at a lower cost per unit when operating at a larger scale.

Answer 3:

D

Notes 3:

Cloud providers such as Microsoft, Google, and Amazon are large businesses that leverage the benefits of economies of scale and then pass the savings on to their customers.

Reference3: Cloud: Economies at scale

Download Azure Fundamentals AZ900 Certification Exam Prep#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #DjamgatechAzure Fundamentals AZ900 Exam Prep on iOsAzure Fundamentals AZ900 Exam Prep on androidAzure Fundamentals AZ900 Exam Prep on Windows 10/11Azure Fundamentals AZ900 Exam Prep on Web/PWA

Djamgatech App store

Question 4: Which of the following are characteristic of private clouds?

A. Lower costs

B. High scalability

C. Improved security

D. Limited flexibility

Answer 4:

B and C

Notes 4:

Private clouds still afford the scalability and efficiency of a public cloud. Resources are purchased and available to meet your business needs.

Video for reference: The Private Cloud Model

Because resources are not shared with others, private clouds provide higher levels of control and security.

Reference 4: The private cloud model

Question 5: Which of the following Azure solutions allows you to geographically cache and distribute high-bandwidth content, such as streaming videos, to users in different parts of the world?

A. Content Delivery Network (CDN)

B. Load Balancer

C. Application Gateway

D. Virtual Network Gateway

Answer 5:

A

Notes 5:

Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes around the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs.

Reference 5: CDN

Question 6: You are beginning to extend your on-premises data center into Azure. You have created a new Azure subscription and resource group called RG-One. You deploy two virtual machines into RG-One with the intent of promoting these to Active Directory domain controllers. What kind of cloud service would this be considered?

A. Platform-as-a-Service (PaaS)

B. Infrastructure-as-a-Service (IaaS)

C. Software-as-a-Service (SaaS)

D. Hybrid-as-a-Service (HaaS)

Answer 6:

B

Notes 6:

Infrastructure as a service (IaaS) is an instant computing infrastructure, provisioned and managed over the internet. Deploying virtual machines into an Azure subscription would be considered an IaaS service.

Reference 6: IAAS


Download Azure Fundamentals AZ900 Certification Exam Prep App For More

AZ900 Prep on iOs: https://apps.apple.com/ca/app/azure-fundamentals-az900-pro/id1553636330

Azure Fundamentals AZ900 Exam Prep on Udemy [50% OFF]


AZ900 Prep on android: https://play.google.com/store/apps/details?id=com.azurefundamentalspro.enoumen


AZ900 Prep on Windows 10/11: https://www.microsoft.com/en-ca/p/azure-fundamentals-az-900-certification-exam-prep/9p1mh2vrq5h5

Az900 Prep on Web/PWA: https://azurefundamentalsexamprep.com
Djamgatech App store

Question 7: Select the concept that is defined as ensuring that servers are available if a single data center goes offline.

A. Scalability

B. Fault tolerance

C. Elasticity

D. Agility

Answer 7:

B

Notes 7:

Fault tolerance is the property that enables a system to continue operating properly in the event of the failure of one or more of its components. In Azure, it refers to ensuring that a portion of the production systems are available online (via a failover cluster, available set, or available zone) if a subset of the system components (or an entire data center) goes offline.

Reference 7: Fault Tolerance

Question 8: In regards to comparing Public Cloud and Private Cloud, which of these best describe the characteristics of a Public Cloud?

A. No-upfront costs

B. More control over the security

C. Less reliability

D. Less maintenance

Answer 8:

A and D

Notes 8

The public cloud provides a pay-as-you-go pricing model which can lead to lower costs than those in private cloud solutions where capital expenditures are high.

The public cloud provides agility to provision and de-provision resources quickly with far less maintenance than that of private cloud solutions.

Reference 8: Pay as you go

Question 9: Which of the following are considered capital expenditures (CapEx)?

A. Storage area network

B. Cloud-based virtual machine

C. Office 365 licenses

D. Hyper-V host server

Answer 9:

A and D

Notes 9:

Storage costs are typically considered CapEx and include storage hardware components and the cost of supporting them. Depending on the application and level of fault tolerance, centralized storage can be expensive.

Server costs are considered CapEx and include all server hardware components and the cost of supporting them. When purchasing servers, make sure to design for fault tolerance and redundancy (e.g., server clustering, redundant power supplies, and uninterruptible power supplies). When a server needs to be replaced or added to a data center, you need to pay for the computer. This can affect your immediate cash flow because you must pay for the server up front.

Reference 9: Storage area networkHyper-V host server


Question 10: You are in the process of migrating your existing on-premises SQL databases to Azure. You will migrate them to Azure SQL databases, as opposed to deploying SQL database servers in Azure. What kind of cloud service would this be considered?

A. Software-as-a-Service (SaaS)

B. Platform-as-a-Service (PaaS)

C. Serverless

D. Infrastructure-as-a-Service (IaaS)

Answer 10:

B

Notes 10:

Platform as a service (PaaS) is a complete development and deployment environment in the cloud with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. An Azure SQL instance would be considered a PaaS service.

Reference 10: PAAS

Question 11: Which of the following statements are true for IaaS cloud services?

A. The client is responsible for purchasing all Operating System (OS) host licensing.

B. Services can be scaled automatically to support system load.

C. The client has complete control over the host operating system.

D. The client is responsible for all guest OS and application updates.

Answer 11:

B and D

Notes 11:

IaaS host services are scaled automatically to combat increased system load and scaled back during periods of inactivity.

The cloud service provider performs all underlying hardware, OS, and middleware updates. The client performs all guest OS and application updates.

Question 12: Which of the following tools can be used to manage Azure resources on a Google Chromebook?

A. Azure portal

B. PowerShell

C. Azure Cloud Shell

D. Azure CLI

Answer 12:

A and C

Notes 12:

You can run the Azure portal on all modern desktop, tablet devices, and browsers.

Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.

Reference 12: Azure PortalAzure Cloud Shell

Question 13: Which Azure service can provide big data analysis for machine learning?

A. Azure App Service

B. Azure WebJobs

C. Application Insights

D. Azure Databricks

Answer 13:

D

Notes 13:

Azure Databricks is an Apache Spark-based analytics platform optimized for the Microsoft Azure cloud services platform. Databricks enables collaboration between data scientists, data engineers, and business analysts.

Reference 13: Azure Databricks

Question 14: You need to create an Azure storage solution that will store messages created by an Azure web role. The messages will then be processed by an Azure worker role. What type of storage solution should you create?

A. A Queue service in a storage account

B. A virtual machine data disk

C. A File service in a storage account

D. A Blob service in a storage account

Answer 14:

A

Notes 14:

Azure Queue storage is a service for storing large numbers of messages that can be accessed from anywhere in the world via authenticated calls using HTTP or HTTPS.

Reference: Azure Queue storage

Question 15: You have an on-premises application that sends email notifications automatically based on a rule. You plan to migrate the application to Azure. You need to recommend a computing solution for the application that should minimize costs by incurring charges only when it is executed.

Which Azure solution is best for this type of application?

A. Logic App

B. A web app

C. Service Bus App

D. IaaS web server in Azure

Answer 15:

A

Notes 15:

Azure Logic Apps is a cloud service that helps you automate and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on-premises, or both.

For example, here are just a few workloads you can automate with logic apps:Process and route orders across on-premises systems and cloud services.

Send email notifications with Office 365 when events happen in various systems, apps, and services.

Move uploaded files from an SFTP or FTP server to Azure Storage.

Monitor tweets for a specific subject, analyze the sentiment, and create alerts or tasks for items that need review.

For new logic apps that run in the public or “global” Azure Logic Apps service, you pay only for what you use. These logic apps use a consumption-based plan and pricing model.

Reference 15: Logic App Logic App Pricing


Question 16: You are the Systems Administrator for a local university. You are deploying several sets of systems that will be used for research and development teams. Each set of systems will be uniform in nature, containing the same number and type of Azure resources.

What should you recommend to automate the creation of these Azure resources?

A. Azure Resource Manager templates

B. Multiple Azure subscriptions

C. Management groups

D. Virtual machine scale sets

Answer 16:

A

Notes 16:

An Azure Resource Manager template is the framework by which resources are created. They can be used to define and automate the creation of similar resources.

Reference 16: ARM Templates

Question 17: You are deploying a pair of Azure virtual machines. You want to ensure that the application will remain available in the event of a complete data center failure. What Azure technology will help most in this task?

A. Locally redundant storage

B. Zone Redundant Storage

C. Availability zone

D. Availability set

Answer 17:

C

Notes 17:

An Availability zone consists of two or more virtual machines in different physical locations within an Azure region. This configuration ensures that only a subset of the virtual machines in an availability zone will be affected in the event of hardware failure, OS update, or a complete data center outage. This configuration offers 99.99% SLA.

Question 18: Which of the following database solutions has the ability to add data concurrently from multiple regions simultaneously?

A. SQL managed instances

B. Cosmos DB

C. SQL Data Warehouses

D. Azure SQL Databases

Answer 18:

B

Notes 18:

Azure Cosmos DB is Microsoft’s globally distributed, multi-model database service. Cosmos DB elastically and independently scales throughput and storage across any number of Azure regions worldwide.

Reference: Azure Cosmo DB

Question 19: Which Azure service can host your web apps without you having to manage underlying infrastructure?

A. Azure App Service

B. Azure WebJobs

C. Azure Databricks

D. Application Insights

Answer 19:

A

Notes 19:

Azure App Service enables you to build and host web apps, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure.

Reference 19: Azure App Services


Question 20: Which of the following components can be used to load balance traffic to web applications, such as Azure App Service web apps using layer 7 of the OSI model?

A. Virtual Network

B. Virtual Network Gateway

C. Route table

D. Load Balancer

E. Application Gateway

Answer 20:

E

Notes 20:

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 — TCP and UDP) and route traffic based on source IP address and port to a destination IP address and port.

Reference 20: Application Gateway

Question 21: Which Azure service can help you collect, analyze, and act on telemetry from your cloud and on-premises environments?

A. Azure App Service

B. Azure Monitor

C. Azure Analyzer

D. Azure WebJobs

Answer 21:

B

Notes 21:

Azure Monitor is a service that can help you understand how your applications are performing and proactively identify issues affecting them and the resources they depend on.

Reference 21: Azure Monitor

Download Azure Fundamentals AZ900 Certification Exam Prep App For More

Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep

AZ900 Prep on iOs: https://apps.apple.com/ca/app/azure-fundamentals-az900-pro/id1553636330


AZ900 Prep on android: https://play.google.com/store/apps/details?id=com.azurefundamentalspro.enoumen


AZ900 Prep on Windows 10/11: https://www.microsoft.com/en-ca/p/azure-fundamentals-az-900-certification-exam-prep/9p1mh2vrq5h5

Az900 Prep on Web/PWA: https://azurefundamentalsexamprep.com
Djamgatech App store

II- Azure workloads, Security, Privacy, Compliance, and Trust

Question 22: Which of the following components are required to establish communication between on-premises resources and resources in Azure?

A. Virtual Network

B. VNet peer

C. Route tables

D. Virtual network gateway

Answer 22:

A and D

Notes 22:

Question 23: Which Azure service should you use to correlate metrics and logs from multiple resources into a centralized repository?
A. Azure Event Grid

B. Azure Event Hubs

C. Azure SQL Data Warehouse

D. Azure Monitor

Answer 23:

D

Notes 23:

Log data collected by Azure Monitor (formerly Azure Log Analytics) is stored in a Log Analytics workspace, which is based on Azure Data Explorer. It collects telemetry from a variety of sources and uses the Kusto query language used by Data Explorer to retrieve and analyze data.

Reference 23: Azure Monitor – Log Query Overview

Question 24: You are the Azure Administrator for Radio Gaga, LTD. You have a resource group named RG-RG and need to ensure no other administrators can create virtual networks in this resource group. What can you implement to accomplish this?

A. Access Control (IAM)

B. Azure policy

C. Locks

D. Properties

Answer 24:

B

Notes 24:

Azure Policy is a service in Azure used to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.

For example, you can have the policy to allow only a certain SKU size of virtual machines in your environment. Once this policy is implemented, new and existing resources are evaluated for compliance. With the right type of policy, existing resources can be brought into compliance.

Reference 24: Azure Policy


Question 25: Which of the following is the organization that defines standards used by the United States government?

A. NIST

B. ITIL

C. GDPR

D. ISO

Answer 25:

A

Notes 25:

The National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidance to help organizations assess risk. It defines the standards that are used by the United States government as well as the US Department of Defense (DoD).

Reference 25: NIST

Download Azure Fundamentals AZ900 Certification Exam Prep App For More

AZ900 Prep on iOs: https://apps.apple.com/ca/app/azure-fundamentals-az900-pro/id1553636330

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF


AZ900 Prep on android: https://play.google.com/store/apps/details?id=com.azurefundamentalspro.enoumen


AZ900 Prep on Windows 10/11: https://www.microsoft.com/en-ca/p/azure-fundamentals-az-900-certification-exam-prep/9p1mh2vrq5h5

Az900 Prep on Web/PWA: https://azurefundamentalsexamprep.com
Djamgatech App store

Question 26: You have an Azure virtual network named VNet in a resource group named Bob-RG. You assign an Azure policy specifying virtual networks are not an allowed resource type in Bob-RG. What happens to VNet once this policy is applied?

A. VNet is moved to a new resource group.

B. Bob-RG is deleted automatically

C. VNet continues to function normally, but no new subnets can be added.

D. VNet is deleted automatically.

Answer 26:

C

Notes 26:

Azure policies that determine the allowed types of resources can only prevent non-compliant resources from being created. Existing non-compliant resources are not affected. However, the policy is flagged as non-compliant so that the administrator can determine action (if any).

Reference: Here

Question 27: Which Azure tool allows you to view which user turned off a specific virtual machine during the last 14 days?

A. Azure Event Hubs

B. Azure Activity Log

C. Azure Service Health

D. Azure Monitor

Answer 27:

B

Notes 27:

The Azure Activity Log is a subscription log that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. Events such as starting and stopping of virtual machines can be found here.

Reference 27: Here

Question 28: What kind of information does Azure Information Protection protect?

A. Email messages

B. Office documents

C. Azure Blob Storage

D. Virtual hard disks

E. PDF documents

Answer 28:

A B E

Notes 28:

Azure Information Protection (sometimes referred to as AIP) is a cloud-based solution that helps an organization classify and, optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations.

Azure Information Protection (sometimes referred to as AIP) is a cloud-based solution that helps an organization classify and, optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations.

A collaboration between Microsoft and Adobe brings you a more simplified and consistent experience for PDF documents that have been classified and, optionally, protected. This collaboration provides support for Adobe Acrobat native integration with Microsoft Information Protection solutions, such as Azure Information Protection.

Question 29: Which of the following is true regarding HDInsight?

A. It is an on-demand analytics job service that simplifies big data. Instead of deploying, configuring, and tuning hardware, you write queries to transform your data and extract valuable insights.

B. It is a managed relational cloud database service.

C. It is a cloud-based service that is a limitless analytics service that brings together enterprise data warehousing and Big Data analytics.

D. It is an open-source framework for the distributed processing and analysis of big datasets in clusters.

Answer 29:

D

Notes 29:

Azure HDInsight is a managed, full-spectrum, open-source analytics service for enterprises. HDInsight is a cloud service that makes it easy, fast, and cost-effective to process massive amounts of data. HDInsight also supports a broad range of scenarios, like extract, transform, and load (ETL); data warehousing; machine learning; and IoT.


Download Azure Fundamentals AZ900 Certification Exam Prep

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech  

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF iOs: https://apps.apple.com/ca/app/azure-fundamentals-az900-pro/id1553636330   android: https://play.google.com/store/apps/details?id=com.azurefundamentalspro.enoumen  

Windows 10/11: https://www.microsoft.com/en-ca/p/azure-fundamentals-az-900-certification-exam-prep/9p1mh2vrq5h5   Web/PWA: https://azurefundamentalsexamprep.comDjamgatech App store

Question 30: Which of the following website provides information on Azure product updates, roadmaps, and announcements?

A. https://preview.portal.azure.com/

B. https://azure.microsoft.com/en-us/updates/

C. https://portal.azure.com/

D. https://azure.microsoft.com/en-us/services/updates/

Answer 30:

B

Notes 30:

Learn about important Azure product updates, roadmap, and announcements here

Questions 31: Azure virtual machines can be moved between which of the following Azure resources?

A. Subscriptions

B. Regions

C. Availability Sets

D. Resource Groups

E. Availability Zones

Answer 31:

A, B, D, E

Notes 31:

Azure virtual machines can be moved between subscriptions with either Azure PowerShell or the Azure portal. Using Azure Site Recovery, you can migrate Azure VMs to other regions. Azure virtual machines can be moved between resource groups with either Azure PowerShell or the Azure portal. Using Azure Site Recovery, you can migrate Azure VMs to other Availability Zones.

II- Azure Pricing and Support

Question 32: Which Azure support plans can open support cases?

A. Professional Direct

B. Basic

C. Standard

D. Developer

E. Premier

Answer 32:

A, C, D, E

Notes 32:

Question 33: For any Single Instance virtual machine using premium SSD or Ultra Disk for all Operating System Disks and Data Disks, what is the SLA guarantee for virtual machine connectivity?

A. 99.9%

B. 99.99

C. 99.95%

D. There is no SLA guarantee

Answer 33:

A

Notes 33:

Question 34: Which of the following Azure services is a cloud-based service that leverages massively parallel processing (MPP) to quickly run complex queries across petabytes of data in a relational database?

A. Azure SQL database

B. Azure HDInsight

C. Azure SQL Data Warehouse (Azure Synapse )

D. Azure Data Lake Analytics

Answer 34:

C

Notes 34:

Azure SQL Data Warehouse (Azure Synapse ) is a cloud-based service that leverages massively parallel processing (MPP) to quickly run complex queries across petabytes of data in a relational database.

Reference 34: Azure SQL Data Warehouse (Azure Synapse )

Question 35: You have an Azure subscription that contains the following unused resources:

NameTypeConfiguration
nic0Network Interface10.0.0.6
pip1Public IPStatic
lb1Load BalancerStandard, 5 rules configured
VNet2Virtual Network10.1.0.0/16
VM3Virtual MachineStopped (Deallocated)

Based on this information, which of the following unused resources should you remove to lower cost?

A. lb1

B. VNet2

C. pip1

D. nic0

E. VM3

Answer 35:

A and C

Notes 35:

The pricing for Standard Load Balancer is based on the number of rules configured (load balancer rules and NAT rules) and data processed. However, there is no hourly charge for the Standard Load Balancer itself when no rules are configured. Since this load balancer contains rules, it should be removed to save money.

In ARM deployment model, there is no charge for dynamic public IP addresses when the associated virtual machine is “stopped-deallocated”. However, you’re charged for a static public IP address irrespective of the associated resource (unless it is part of the first five static ones in the region). This resource should be removed.

Reference 35: IP addresses

Question 36: Which of the following recommendations is provided by Azure Advisor?

A. Azure resource costs

B. Azure virtual machine IP configuration

C. Storage performance and reliability

D. Azure App Service security

Answer 36:

A C D

Notes 36:


Download Azure Fundamentals AZ900 Certification Exam Prep#Azure

#AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech   iOs: https://apps.apple.com/ca/app/azure-fundamentals-az900-pro/id1553636330   android: https://play.google.com/store/apps/details?id=com.azurefundamentalspro.enoumen  

Windows 10/11: https://www.microsoft.com/en-ca/p/azure-fundamentals-az-900-certification-exam-prep/9p1mh2vrq5h5   Web/PWA: https://azurefundamentalsexamprep.comDjamgatech App store

Question 37: You are planning on purchasing Azure AD Premium for your Azure subscription. What is the SLA for this product?

A. 99.99%

B. 99.9%

C. 99.95%

D. Azure AD products are not covered under an SLA.

Answer 37:

B

Notes 37:

Per the Azure documentation: We guarantee at least 99.9% availability of the Azure Active Directory Basic and Premium services. The services are considered available in the following scenarios:

Users are able to login to the service, log in to the Access Panel, access applications on the Access Panel and reset passwords. IT administrators are able to create, read, write and delete entries in the directory or provision or de-provision users to applications in the directory.

No SLA is provided for the Free tier of Azure Active Directory.

Question 38: Which of the following Azure support plans offer Severity “A” and “B” cases to be opened?

A. Premier

B. Standard

C. Developer

D. Professional Direct

E. Basic

Answer 38:

A B D

Notes 38:

Question 39: This question requires that you evaluate the underlined text to determine if it is correct.
When you are implementing a software as a service (SaaS) solution, you are responsible for configuring high availability.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

A. No change is needed.

B. defining scalability rules

C. installing the SaaS solution

D. configuring the SaaS solution

Answer 39:

D

Notes 39:

Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep #Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

Question 40: You have an on-premises network that contains several servers.
You plan to migrate all the servers to Azure.
You need to recommend a solution to ensure that some of the servers are available if a single Azure data center goes offline for an extended period.
What should you include in the recommendation?

A. fault tolerance

B. elasticity

C. scalability

D. low latency

Answer 40:

A

Notes 40:

Question 41: This question requires that you evaluate the underlined text to determine if it is correct.
When planning to migrate a public website to Azure, you must plan to pay monthly usage costs.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

A. No change is needed

B. Deploy a VPN

C. pay to transfer all the website data to Azure

D. reduce the number of connections to the website

Answer 41:

A

Notes 41:

No change is needed


Download Azure Fundamentals AZ900 Certification Exam Prep

Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep #Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech   iOs: https://apps.apple.com/ca/app/azure-fundamentals-az900-pro/id1553636330   android: https://play.google.com/store/apps/details?id=com.azurefundamentalspro.enoumen  

Windows 10/11: https://www.microsoft.com/en-ca/p/azure-fundamentals-az-900-certification-exam-prep/9p1mh2vrq5h5   Web/PWA: https://azurefundamentalsexamprep.comDjamgatech App store

Question 42: You have an on-premises network that contains 100 servers.
You need to recommend a solution that provides additional resources to your users. The solution must minimize capital and operational expenditure costs.
What should you include in the recommendation?

A. a complete migration to the public cloud

B. an additional data center

C. a private cloud

D. a hybrid cloud

Answer 42:

  C

Notes 42:

Question 43: Which Azure offering refers to a set of development, testing, and automation tools?

A. Azure Cognitive Services

B. Azure Boards

C. Azure DevOps

D. GitHub

Answer 43:

  C

Notes: Azure DevOps Services provides development collaboration tools, including high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and continuous testing capabilities.

Question 44: Which of the following are available in the Azure Marketplace?

A. Virtual machine images

B. SaaS applications

C. Solution templates

D. Sample application code

Answer 44:

A B C

Notes: Virtual machine images are available in the Azure Marketplace. Images are available for Windows and Linux. Stock operating system images, as well as custom images with pre-installed applications, are also available.

SaaS applications make up the majority of the Azure Marketplace. One click allows you to install and use many popular applications — such as Office365, Salesforce, Zoom, and others — seamlessly with your Azure subscription.

Solution templates allow you to deploy entire IaaS solutions with a simple click. Examples include complete SharePoint farms as well as SQL Always Available clusters.

Question 45: Which of the following regulates data privacy in the European Union (EU)?

A. ITIL

B. GDPR

C. ISO

D. NIST

Answer 45:

B

Notes: The General Data Protection Regulation (EU) 2016/679 (“GDPR”) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Question 46: You currently have two Azure Pay-As-You-Go subscriptions. You would like to transfer billing ownership of the subscriptions to another account while moving the subscriptions into the other accounts Azure AD tenant. How can you accomplish this?

A. Open a support ticket by contacting Microsoft Azure Support

B. In the Azure Portal, under Azure Subscriptions click Change Directory

C. Using Azure CLI, run the az account merge command

D. In the Azure Portal, under Cost Management + Billing under Azure Subscriptions

Answer 46:

 

Notes: It is here that we can transfer billing ownership by clicking on the context menu for the subscription. We then select “Transfer billing ownership” and as part of the process, we can provide the email associated with the other account, and can also choose to move the subscription into the Azure AD tenant of the other account. This will move the subscription into the default Azure AD tenant of the destination account.

Azure Documentation

Download Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep
#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech
 
#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech
 
 
 
 
 
 

Question 47: Where can you open a new Azure support request?

A. Knowledge Center

B. support.microsoft.com

C. Azure Portal

D. Security Center

Answer 47:

C

Notes: A support request can only be opened via the Azure Portal.

Question 48: You attempt to create several managed disks in your Azure environment. In the Portal, you receive a message that you must increase your Azure subscription limits. What should you do to increase the limits?

A. Modify an Azure policy.

B. Use Azure PowerShell to create the new managed disks.

C. Create a new support request.

D. Upgrade your support plan.

Answer 48:

Question 49: A company wants to build a new voting kiosk for sales to governments around the world. Which IoT technologies should the company choose to ensure the highest degree of security?

A. IoT Hub

B. IoT Central

C. Azure Sphere

D. Azure IoT

Answer 49:

C

Notes: Azure Sphere provides the highest degree of security to ensure the device has not been tampered with.

Question 50:  This question requires that you evaluate the underlined text to determine if it is correct.
When you are implementing a software as a service (SaaS) solution, you are responsible for configuring high availability.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

A. No change is needed.

B. defining scalability rules

C. installing the SaaS solution

D. configuring the SaaS solution

Answer 50:

D

Notes: configuring the SaaS solution

Question 51: A company wants to quickly manage its individual IoT devices by using a web-based user interface. Which IoT technology should it choose?

A. IoT Hub

B. IoT Central

C. Azure Sphere

D. Azure IoT


Answer: B – IoT Central quickly creates a web-based management portal to enable reporting and communication with IoT devices.

Question 52: You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages?

A. IoT Hub

B. IoT Central

C. Azure Sphere

D. Azure IoT


Answer: A – An IoT hub communicates to IoT devices by sending and receiving messages.

IV- Microsoft Azure Question and Answers

Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep
#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

 

What is Azure VM temporary storage?

 

In Azure, every VM – regardless if Linux or Windows – gets a temporary disk assigned automatically. This temporary disk is located on the physical server (the hypervisor) where the Azure VM is hosted and is non-persistent. Disks used by the operating system or additionally added data disks are persistent disks and stored in Azure Storage.

Azure VM’s can be moved from its current host to new host at any time due to maintenance, hardware failures or other reasons. In such an event, the data from the temporary storage will not preserve or moved to the new host. Apart from the hardware failures, there are many other reasons data from the temporary disk will be lost:

  • Resizing of the VM
  • Restarting of the VM
  • Moving from one host to another
  • Updating/upgrading of host

Really, the temporary disk should never be used for data that has to be persistent. To avoid misconfiguration, the disk also has the drive label “Temporary Storage” and includes a text file “DATALOSS_WARNING_README.txt”. Read more here…

Does Azure VM include a Windows license?

It depends on the virtual machine type we talk about. Some Azure virtual machines include a Windows operating system license in their price (some even include a SQL Server). Some do not, however, there is an “Azure Hybrid Use Benefit” in certain Microsoft licensing programs, where basically the customer can use its previously acquired software licenses on Azure virtual machines (“bring you own license”). Also, there are Azure virtual machines available with different Linux distributions (both commercial and community), Windows Server license is obviously not included in these. Continue reading here

Please consult the Windows virtual machine pricing guide of Azure for details: Pricing – Windows Virtual Machines | Microsoft Azure

Does Azure VM cost include an OS disk?

Hello. Yes They charge you for the disk usage too. So its Disk, Network, License (if Windows Server Instance) and Processor/RAM that are taken into consideration
(more)
 
Why don’t I see the N-Series (vga enabled) VMs in my Azure vm sizes list (I have Bizspark subscription)?
 
It has nothing to do with BizSpark. N series VMs are generally available since 1 December, 2016 (Azure N-Series: General availability on December 1 ), but only in select Azure datacenter regions. Please consult the Azure Products by Region | Microsoft Azure website for regional availability.
(more)
 

What is a data disk in Azure VM?

 

What are things to look out for when choosing a location for your Microsoft Azure VM?

 
The argument in placing a cloud vm would be performance. Performance in the cloud world means cost. The better performance you need the more its going to cost you. But the other side of that is the faster you can solve the problem you are trying to solve. The business problem to evaluate in placement of a VM is loosley these two things: Does increasing the performance of the application provide the overall answers required faster? Are there things you can do to your application that will allow it to better take advantage of cloud capabilities…
(more)

 

 
Please review Azure Monitor, the built-in monitoring service in Azure. Azure Monitor provides metrics and logs for many services in Azure including VMs. A quick overview : Product documentation: Get started with Azure Monitor Note: As of today (Apr ‘17) Cloud Services metrics are served using an older telemetry pipeline but that is the process of being migrated to Azure Monitor pipeline. You will soon be able to consume Cloud Service metrics via Azure Monitor, the same way you can for Azure VMs, Web Apps or Azure SQL DBs.
(more)
 
 
Azure Backup introduces a reinforcement expansion to the Azure VM specialist that is running on the VM. This expansion backs up the whole VM. You can back up explicit records and organizers on the Azure VM by running the MARS operator.
 
 
Make sure you have VMs in Availability set. Before selecting a VM collect below inputs either from Application or from Performance monitoring team 1. Maximum IOPS required. 2. Maximum size of DB in next 2 years at least. Based on these inputs select the VM size and required storage tier – Standard or Premium. For high performance, you can perform disk stripping if you require more than 5000 IOPS. Also you can configure Backup to URL.
(more)
 

Could I connect to a Linux Azure VM using SSH and private IP through Putty?

 
Absolutely. You can check your VM’s public IP address on the Azure Portal and SSH into it with the SSH client of your choice. A private IP allows Azure VMs to communicate with other resources in a virtual network or an on-premises network through a VPN or ExpressRoute. So you can SSH into an Azure VM using the private IP from the same virtual network or via VPN / ExpressRoute.
(more)
 
 
 
 
Azure portal ( Microsoft Azure ) now has a feature called Cloud Shell. This basically gets you a command line interface, in the browser, where you can make an authenticated access to Azure resources, including your virtual machines. Both Bash and PowerShell are available, and you can also save your frequently used scripts, etc for later re-use. More details here: Azure Cloud Shell – Browser-Based Command Line | Microsoft Azure
 
 
 
How to resize a Linux VM with the Azure CLI – Azure Linux Virtual Machines az vm resize –resource-group mygroup –name mytestvm –size Standard_D4s_v3 This call would trigger instance restart in the background if needed.
(more)
 
 
This document indicates how a Linux VM password can be reset Reset Linux VM password and SSH key from the CLI. There is also an option in the Azure portal (https://portal.azure.com). Go to the details of the virtual machine you wish to reset the password for and look for “reset password” at the bottom left:
(more)
 
 
Depending on what OS you are using lets say Linux. You could use properJavaRDP you will need a Java VM installed. I’ve used this with success the screen refresh was not great tho.
(more)
 

How do I monitor my Azure VM?

Monitor VM in Azure Management Portal.
  1. Step 1 − Login to Azure Management Portal.
  2. Step 2 − Go to Virtual Machine.
  3. Step 3 − Select the virtual machine you want to monitor.
  4. Step 4 − Select Monitor from the top menu as shown in following image.
 

How do we make an Azure VM accessible from outside?

Accessing Azure VM port from Outside of VM
  1. Open VM instance and run the server on port 80 and checked the localhost is running in the local browse,
  2. added port 80 in the inbound of Network security group,
  3. turned off all three types of firewall from the VM windows.

How do you see the memory usage of an Azure VM?

Steps For Existing Windows VMs:
  1. Click on a Windows VM.
  2. Select Diagnostics settings from the Azure UI blade.
  3. Under the Overview tab: Pick a Storage account: Select your storage account so that the metrics stats can be stored. Click on ‘Enable guest level monitoring‘ and wait for the process to complete.
 
 
1. From the Azure portal, on the left menu, select All services.
 
2. In the All services search box, enter disks and then select Disks to display the list of available disks.
 
3. Select the disk that you would like to use. 
 
4. In the Overview page, ensure that DISK STATE is listed as Unattached.
 
 
Configure App Service Certificate to Azure Virtual machines
1. Step 1: Create an Azure Virtual machine with IIS web server.
2. Step 2: Add a Custom Domain to your virtual machine.
3. Step 3: Place an SSL Certificate order.
4. Step 4 – Store the certificate in Azure Key Vault.
5. Step 5: Verify the domain ownership.
6. Step 6: Assign certificate to Virtual machine.
 

If I change the size of my Azure VM while running a script, will that stop the execution of the script? (Currently using a Linux VM).

 
Changing the size of an Azure VM (scaling up or down) is only possible with a reboot. That will most definitely stop the execution of your script.
(more)
 

How do I make an Azure VM snapshot?

 
1. On the Azure portal, select Create a resource. 2. Search for and select Snapshot. 3. In the Snapshot window, select Create. 4. Enter a Name for the snapshot. 5. Select an existing Resource group or enter the name of a new one. 6. Select an Azure datacenter Location.
(more)
  • On the Azure portal, select Create a resource.
  • Search for and select Snapshot.
  • In the Snapshot window, select Create. …
  • Enter a Name for the snapshot.
  • Select an existing Resource group or enter the name of a new one.
  • Select an Azure datacenter Location.
 

Can we restrict a developer (on Microsoft Azure VM) to not upload a source code on any website or email?

 
You can restrict a developer from uploading a source code on any website by following the below steps: 1. Go to the desired VM instance in the Azure portal 2. Select “Access control (IAM)” option from the left pane 3. Select Role Assignment option under +Add option 4. Now, you will be able to assign any one of the available pre-defined roles to a user 5. Give contributor level access to the respective developer, now he will not be able to access/upload a file to the website
(more)
 

Why there is a difference in the same VM prices among Azure regions?

azure fundamentals az900 exam preparation pro
 
The region prices are related to pricing conditions in particular region. In details it is about tenancy of physical area, prices of the hardware from vendors, the cost of man-hours in a particular region for IT specialists and other Azure datacenter workers, and so on. Unfortunately, I can’t find any reference for that information, I’m talking here personally as the person who works with Azure every day and have a contact with Microsoft teams.
(more)
 

Can we spin up a Windows Azure VM programmatically from a php page? We can assume that we have valid Microsoft Credentials.

 
The REST Management API is the one you want to go for. Authentication is certificate based. You’ll have to upload a management certificate using the Windows Azure portal in able for your PHP application to authenticate. A good starting point on how to use the Windows Azure REST APIs for management can be found here How to use Windows Azure service management APIs (PHP). Like Rahul suggested, once you have that up-and-running use the Operations on Virtual Machines API set to manipulate your Virtual Machine deployments.
(more)
 

How do you reduce the size of my Azure VM disk?

 
Hi, Below are some points that would be beneficial for you. 1. Pick the best possible disk size. 2. Compress the panel size in the VM. 3. Export the managed disk to a VHD. 4. Compress the exported VHD. 5. Make another new managed disk from the VHD. 6. Make another VM from the new recently created disk. 7. Alternatively, clean up all the old resources. Hope it helps.
(more)
 

Your company wants to use Azure to manage all of their IoT devices. They are going to create the infrastructure themselves, but need a backend in Azure to manage the flow of data, and to ensure security as well as ease of deployment of new devices. Which Azure product or solution would be suitable?

 Azure IoT Hub is a solution for providing managed services for large IoT projects. It provides secure and reliable communication from devices to the Azure backend. Azure IoT Central is a SaaS solution that provides both managed connections and security as well as the dashboards and applications to use the data. Event Grid is used to connect many Azure services. IoT Hub

Your company has a new Azure virtual network that needs to be secured. What is the best way to only allow specific kinds of outside traffic into this network?

Use an Azure Firewall attached to the virtual network.

Azure Firewall blocks any incoming or outgoing traffic that isn’t specifically allowed on a network. A Network Security Group manages the traffic to specific services, Azure DDoS Protection Service protects against attacks and a load balancer distributes traffic to specific VMs. Azure Firewall FAQ

How is authorization different from authentication?

Authentication is the process of proving that you are who you say you are. Authorization is the act of granting an authenticated party permission to do something.

Authentication is the process of proving that you are who you say you are. It’s sometimes shortened to AuthN. The Microsoft identity platform uses the OpenID Connect protocol for handling authentication. Authorization is the act of granting an authenticated party permission to do something. It specifies what data you’re allowed to access and what you can do with that data. Authorization is sometimes shortened to AuthZ. The Microsoft identity platform uses the OAuth 2.0 protocol for handling authorization. Reference: Authentication vs. authorization

Which minimum costing support plan provides access to general guidance with architecture support?

 The Developer support plan provides access to technical support via email in business hours and is the most-effective. The Standard and

Azure Support Plans Comparison

You are looking to build and host your website on Azure without needing to manage the underlying infrastructure. Which type of Cloud service should you choose?

Platform as a service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications, all without you having to manage any of the underlying infrastructure or services. Reference: What is PaaS? Platform as a Service 

You are beginning to extend your on-premises data center into Azure. You have created a new Azure subscription and resource group called RG-One. You deploy two virtual machines into RG-One with the intent of promoting these to Active Directory domain controllers. What kind of cloud service would this be considered?

Infrastructure as a service (IaaS) is the use of on-demand computing infrastructure which is provisioned and managed over the internet. Deploying virtual machines into an Azure subscription would be considered an IaaS service. Reference: What is IaaS? Infrastructure as a Service

Define the concept of “dynamic elasticity.”

Dynamic elasticity is defined as a cloud service that both quickly scales up and also back down in order to serve your changing workload patterns for the lowest cost.

Which Azure service can host your web apps without you having to manage underlying infrastructure?

Azure App Service enables you to build and host web apps, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure. Azure App Service documentation – Azure App Service

Which Azure service can you use to make sure your virtual machines are running smoothly and without problems?

Azure Monitor collects and analyzes telemetry data from your virtual machines to provide your with alerts and recommendations for how they are running.
Azure Monitor overview – Azure Monitor

Which Azure DevOps tool would you use to share applications and code libraries?

Azure Artifacts is a service in Azure DevOps, which can host code libraries and applications for you to share internally or externally. Azure Boards is for project managers. Azure Repos holds your source code. Azure Test Plans is used to create manual and automatic test scenarios for your application. Azure Pipelines is the process that builds and deploys your application. Azure DevOps Services

What are the main components of an Azure VPN Gateway setup?

The VPN Gateway must be attached to an Azure Virtual Network. 

An on-premises network with a complimentary gateway that can accept the encrypted data.

A secure connection, called a tunnel, which encrypts the traffic sent through it.

An Azure VPN Gateway consists of a Virtual Network, a secure connection called a tunnel, and an on-premises network and gateway. A storage account, a backend pool of VMs and a Load Balancer are not needed. About Azure VPN Gateway

Your company has a large amount of documents that are both sensitive and important to a large number of people. How would you secure these documents so you can still share them, but track where they are?

Use Azure Information Protection – Azure Information Protection (AIP) is a cloud-based solution that helps your organization to classify and protect its documents and emails by applying labels. What is Azure Information Protection?

Which Azure solution would you implement to embed a watermark into Office documents that contain social security numbers?

Azure Information Protection (sometimes referred to as AIP) is a cloud-based solution that helps an organization classify and, optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations. Azure Active Directory. This includes access to resources in Azure AD, Azure resources, and other Microsoft Online Services, like Office 365 or Microsoft Intune. What is Azure Information Protection? – AIP

What are region pairs?

A region that is linked with another region in the same geography) – Azure has the concept of region pairs, these are two or more regions that are at least 300 miles apart within a single Geography. This enables the ability to replicate certain resources such as virtual machine storage across the geography providing protection against such events as natural disasters or civil unrest. Ensure business continuity & disaster recovery using Azure Paired Regions

Which Azure tool allows you to view which user turned off a specific virtual machine during the last 14 days?

The correct answer is the Azure Activity Log – it is a logging service that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. Events such as starting and stopping of virtual machines can be found here.
Overview of Azure platform logs – Azure Monitor

What does Azure Information Protection do?

Provides the ability to securely share sensitive data – Azure Information Protection helps control and secure information (including emails and documents) that is shared outside of your organization. Azure information protection

Which of the following can be used to manage governance across multiple Azure subscriptions? 

A. Azure initiatives

B. Management groups

C. Resource groups

B

Which of the following is a logical unit of Azure services that links to an Azure account?

A. Azure subscription

B. Management group

C. Resource group

D. Public cloud

A

Which of the following features does not apply to resource groups?

A. Resources can be in only one resource group.

B. Role-based access control can be applied to the resource group.

C. Resource groups can be nested. 

C

Which of the following statements is a valid statement about an Azure subscription?

A. Using Azure doesn’t require a subscription.

B. An Azure subscription is a logical unit of Azure services. 

B

You need to process messages from a queue, parse them by using some existing imperative logic written in Java, and then send them to a third-party API. Which serverless option should you choose?

Azure Functions: Azure Functions is the correct choice because you can use existing Java code with minimal modification.

You want to orchestrate a workflow by using APIs from several well-known services. Which is the best option for this scenario?

Azure Logic Apps: Azure Logic Apps makes it easy to create a workflow across well-known services with less effort than writing code and manually orchestrating all the steps yourself.

Your team has limited experience with writing custom code, but it sees tremendous value in automating several important business processes. Which of the following options is your team’s best option?

Azure Logic Apps is best suited for users who are more comfortable in a visual environment that allows them to automate their business processes. Logic Apps is the best option in this scenario.

You need to predict future behavior based on previous actions. Which product option should you select as a candidate?

A. Azure Machine Learning
 

B. Azure Bot Service

C. Azure Cognitive Services

Answer:   A. Azure Machine Learning enables you to build models to predict the likelihood of a future result. It should not be eliminated as a candidate.
 

You need to create a human-computer interface that uses natural language to answer customer questions. Which product option should you select as a candidate?

A. Azure Machine Learning

B. Azure Cognitive Services

C. Azure Bot Service

 Answer: Azure Bot Service creates virtual agent solutions that utilize natural language. It should not be eliminated as a candidate.

You need to identify the content of product images to automatically create alt tags for images formatted properly. Which product option is the best candidate?

A. Azure Machine Learning

B. Azure Cognitive Services

C. Azure Bot Service

Answer: Azure Cognitive Services includes Vision services that can identify the content of an image. Azure Cognitive Services is the best candidate.

Your development team is interested in writing Graph-based applications that take advantage of the Gremlin API. Which option would be ideal for that scenario?

A. Azure Cosmos DB
 

B. Azure SQL Database

C. Azure Databricks

D. Azure Database for PostgreSQL

Answer: Azure Cosmos DB supports SQL, MongoDB, Cassandra, Tables, and Gremlin APIs.

CompanyA uses the LAMP stack for several of its websites. Which option would be ideal for migration?

A. Azure Cosmos DB
B. Azure Database for MySQL
C. Azure Database for PostgreSQL
 
B: Answer: Azure Database for MySQL is the logical choice for existing LAMP stack applications.
 

CompanyA has millions of log entries that it wants to analyze. Which option would be ideal for analysis?

A. Azure Cosmos DB
B. Azure SQL Database
C. Azure Database for PostgreSQL
D. Azure Synapse Analytics
 
D: Azure Synapse Analytics is the logical choice for analyzing large volumes of data.
 

Which of the following options can you use to link virtual networks?

A. Network address translation
B. Multi-chassis link aggregation
C. Dynamic Host Configuration Protocol
D. Virtual network peering

D: Answer: Virtual network peering can be used to link virtual networks.
 

Which of the following options isn’t a benefit of ExpressRoute?

A. Redundant connectivity
B. Consistent network throughput
C. Encrypted network communication

D. Access to Microsoft cloud services

C: Answer: ExpressRoute does provide private connectivity, but it isn’t encrypted.
 

Testimonial: Passed my AZ-900 on the second attempt!

Wow, what a difference a couple of days and a different set of questions makes. I took the exam Monday and fell just short of passing (659), and I retook it today and scored 850! The questions on the first attempt were definitely harder, and I could tell from the first few questions I was going to have a rough time.

Today was totally different and I felt like I was getting all the “gimme” questions first and was able to coast through most questions confidently. I flagged exactly half the questions for review and at the end I had 20 minutes leftover after I was done reviewing. Total day and night difference between the two attempts.

For preparation I used:

– Microsoft Learn

– A Cloud Guru AZ-900 course + practice exam

– Tutorials Dojo practice exam

– and of course, John Savill’s YT channel

I bought the TD practice exams because of all the suggestions here, and I can attest they were well worth the price. This morning before the exam I went through all the TD section-based exams and took each one until I scored 90% on every section. I don’t always condone preparing for the exam on the day of but it was certainly a nice confidence booster to help me get mentally prepared.

Testimonial: Passed my AZ-900 on the first attempt!

Pleased to have passed this first time with a score of 775!

For any looking to sit this, I’ve had around 3 years of experience proving 2nd line technical support for an Azure environment. I used the following to prep for this exam:

Scotty Duffy’s Udemy Course – this was a bit of a waste of time and money in my eyes, nowhere near detailed enough. There are some reviews from people saying they passed the exam using this course alone with no experience using Azure but I really do not believe that.

Tim Warner’s YouTube series – this was great bearing in mind it was free. Way more worth the time than Scott’s, I wish I’d have started here.

Tutorials Dojo Practise Exams – I’d only recommend using these exams to test your knowledge and build some confidence, the questions in the exam were more difficult but the format and nature of these give you a good idea of what to expect.

Hope this advice helps some of you – onto the AZ-104!

Testimonial: AZ900 – Passed – some notes

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

Just passed with a 970. I used a combination of:

1. ITProTV – good training overviews but useless practice tests. Utterly not even close to the exam.

2. Udemy and Whizlabs – VERY close to what is on the exam, highly recommend this.

3. TutorialsDojo – this was the closest to the actual test – if you can pass these tests you can pass the exam.

ANKI for terms and basic rules.

I studied way too much – make sure you know what each service does and how offerings differ

1. Availability Zones vs. Sets

2. Datacenters vs. Regions vs. Geographies

3. Where Compliance and Security information is done

4. Exactly what Azure Advisor can do, so you know what it can’t do.

5. The Difference between the DB offerings.

6. The difference between SaaS, IaaS and PaaS – really know this, multiple questions on it.

7. When you are charged for data transfer vs. when you are not.

Testimonial: Passed AZ104. Here is how i studied

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

So guys im not going to bore you with all the blah-blah-blah. Here is how you pass AZ104.

My background: Only az900 fundamentals ( no IT previous experience)

Learning Path

Step 1) DO all the MS Learn modules.

( if you get stuck on any chapter or portion use this playlist of videos from John Savill … he is amazing at explaining this stuff)

Step 2) Complete all the labs on github for az104

Step 3) Watch this cram video which will cement in the concepts

Study Material

Use tutorials dojo practice tests and do them until you reach 90+% Passing on average, Every question you get wrong make sure to read the explanation as to why you are wrong.

AZ-104 Microsoft Azure Administrator Practice Exams

Watch these YOutube follow alongs for 40 more practice questions with good explanations (parts 1-4)

Then you are ready to take the exam. Good luck everyone!

Azure Services Cheat Sheet

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech
 
 
 
 
 
Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep
#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech
Azure Virtual Machine vs Azure Web App Cheat Sheet
Azure Virtual Machine vs Azure Web App

Azure Containers vs Azure Kubernetes Cheat Sheet
Azure Containers vs Azure Kubernetes Cheat Sheet

Azure Containers vs Azure Kubernetes Cheat Sheet
Azure Containers vs Azure Kubernetes Cheat Sheet

Use the following flowchart to select a candidate compute service.

Decision tree for Azure compute services

Definitions:

  • “Lift and shift” is a strategy for migrating a workload to the cloud without redesigning the application or making code changes. Also called rehosting. For more information, see Azure migration center.
  • Cloud optimized is a strategy for migrating to the cloud by refactoring an application to take advantage of cloud-native features and capabilities.
  • App Service. A managed service for hosting web apps, mobile app back ends, RESTful APIs, or automated business processes.
  • Azure Kubernetes Service (AKS). A managed Kubernetes service for running containerized applications.
  • Batch. A managed service for running large-scale parallel and high-performance computing (HPC) applications
  • Container Instances. The fastest and simplest way to run a container in Azure, without having to provision any virtual machines and without having to adopt a higher-level service.
  • Functions. A managed FaaS service.
  • Service Fabric. A distributed systems platform that can run in many environments, including Azure or on premises.
  • Virtual machines. Deploy and manage VMs inside an Azure virtual network.
  • Infrastructure-as-a-Service (IaaS) lets you provision individual VMs along with the associated networking and storage components. Then you deploy whatever software and applications you want onto those VMs. This model is the closest to a traditional on-premises environment, except that Microsoft manages the infrastructure. You still manage the individual VMs.
  • Platform-as-a-Service (PaaS) provides a managed hosting environment, where you can deploy your application without needing to manage VMs or networking resources. Azure App Service is a PaaS service.
  • Functions-as-a-Service (FaaS) goes even further in removing the need to worry about the hosting environment. In a FaaS model, you simply deploy your code and the service automatically runs it. Azure Functions are a FaaS service.

There is a spectrum from IaaS to pure PaaS. For example, Azure VMs can autoscale by using virtual machine scale sets. This automatic scaling capability isn’t strictly PaaS, but it’s the type of management feature found in PaaS services.

Azure Data Store:

Use the following flowchart to select a candidate data store.

Data store decision tree

Which of the following choices isn’t a cloud computing category: NAAS, PAAS, SAAS, IAAS, DAAS?
– Networking-as-a-Service (NaaS)

– NaaS isn’t a cloud computing category.

Azure Fundamentals AZ900 Certification Exam Prep
Azure Fundamentals AZ900 Certification Exam Prep #Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Download Azure Fundamentals AZ900 Certification Exam Prep

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

Azure Fundamentals AZ900 Exam Prep on iOs

Azure Fundamentals AZ900 Exam Prep on android

Azure Fundamentals AZ900 Exam Prep on Windows 10/11

Azure Fundamentals AZ900 Exam Prep on Web/PWA

Djamgatech App store

Updates to AZ-900 Coming May 5th 2022

[AZ-900](Exam AZ-900: Microsoft Azure Fundamentals – Learn)

Under skills measured section:

The English language version of this exam will be updated on May 5, 2022. Please download the exam skills outline below to see what’s changing.

[List of Changes]

To be honest seems like decent set of changes. In addition to reshuffling existing titles and task #s of several items, there is a redistribution of weight across objectives and removing of following sections:

3.1 Describe core solutions available in Azure

5.3 Describe privacy and compliance resources

6.2 Describe Azure Service Level Agreements (SLAs)

Top-paying Cloud certifications:

  1. Google Certified Professional Cloud Architect — $175,761/year
  2. AWS Certified Solutions Architect – Associate — $149,446/year
  3. Azure/Microsoft Cloud Solution Architect – $141,748/yr
  4. Google Cloud Associate Engineer – $145,769/yr
  5. AWS Certified Cloud Practitioner — $131,465/year
  6. Microsoft Certified: Azure Fundamentals — $126,653/year
  7. Microsoft Certified: Azure Administrator Associate — $125,993/year

Sources:

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

Azure Fundamentals AZ900 Exam Prep on iOs

Azure Fundamentals AZ900 Exam Prep on android

Azure Fundamentals AZ900 Exam Prep on Windows 10/11

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

Azure Fundamentals AZ900 Exam Prep on iOs

Azure Fundamentals AZ900 Exam Prep on android

Azure Fundamentals AZ900 Exam Prep on Windows 10/11

Azure Fundamentals Breaking News – Azure Fundamentals Certifications Testimonials

  • Error Setting Sqlserver Auditing Logs (Powershell)
    by /u/d3fnotarandomnam3 (Microsoft Azure) on May 19, 2022 at 7:43 am

    Set-AzContext -Subscription "subscription01" $server = Get-AzSqlServer -ResourceGroupName. "Resourcegroup-01" -ServerName "servername-01"| Select-Object ServerName,ResourceGroupName Set-AzSQLServerAudit -ResourceGroupName $server.ResourceGroupName -ServerName $server.ServerName -AuditActionGroup "SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP", "FAILED_DATABASE_AUTHENTICATION_GROUP", "SUCCESSFUL_LOGIN_GROUP", "FAILED_LOGIN_GROUP", "DATABASE_PRINCIPAL_CHANGE_GROUP", "SERVER_PRINCIPAL_CHANGE_GROUP" The error message: Set-AzSqlServerAudit : Cannot bind parameter 'AuditActionGroup'. Cannot convert value "SUCCESSFUL_LOGIN_GROUP" to type "Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups". Error: "Unable to match the identifier name SUCCESSFUL_LOGIN_GROUP to a valid enumerator name. Specify one of the following enumerator names and try again: BATCH_STARTED_GROUP, BATCH_COMPLETED_GROUP, APPLICATION_ROLE_CHANGE_PASSWORD_GROUP, BACKUP_RESTORE_GROUP, DATABASE_LOGOUT_GROUP, DATABASE_OBJECT_CHANGE_GROUP, DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP, DATABASE_OBJECT_PERMISSION_CHANGE_GROUP, DATABASE_OPERATION_GROUP, DATABASE_PERMISSION_CHANGE_GROUP, DATABASE_PRINCIPAL_CHANGE_GROUP, DATABASE_PRINCIPAL_IMPERSONATION_GROUP, DATABASE_ROLE_MEMBER_CHANGE_GROUP, FAILED_DATABASE_AUTHENTICATION_GROUP, SCHEMA_OBJECT_ACCESS_GROUP, SCHEMA_OBJECT_CHANGE_GROUP, SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP, SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP, SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, USER_CHANGE_PASSWORD_GROUP, LEDGER_OPERATION_GROUP, DBCC_GROUP, DATABASE_OWNERSHIP_CHANGE_GROUP, DATABASE_CHANGE_GROUP" If you notice the successful login group is part of the allowed values. submitted by /u/d3fnotarandomnam3 [link] [comments]

  • Quota delays?
    by /u/yellowplantain (Microsoft Azure) on May 19, 2022 at 2:30 am

    Is anyone else having problems getting quota from Azure? I've been trying for two months now to get a few hundred low priority cores, and I'm making absolutely no progress with the support request, just being bounced around from broken forms to broken process to follow, with two weeks latency between their responses. I first tried to start some instances - no quota, so I go to the Quota page and request it. After following up twice, a month later they respond to tell me to fill out a different ticket template, and link to that template on a dev.azure.com address that it says I don't have permission to view. They escalate it again and now a month later tell me I need to switch to Invoice Billing. I follow the steps for invoice billing, but the button to actually request it is just... not there. ​ ​ Can you just let me give you money Azure? Please? Is this just happening to me or everyone? submitted by /u/yellowplantain [link] [comments]

  • 3rd Party VPNs with Virtual WAN
    by /u/pedrotheterror (Microsoft Azure) on May 19, 2022 at 1:51 am

    So we have a vWAN deployed, with multiple vHUBs. These are not secured vHUBs, but we do have Azure FWs deployed in VNETs peered to the vHUBs which we use for outbound Internet access. Now we need to provide for a 3rd Party VPN to access some of our resources. I do not want to terminate this into our exiting vHub as then then would have access to all of our resources. So, I want to terminate them into a dedicated VPNG sitting behind an AFW. But, I am running into some snags. I do not see how to advertise routes that the VNET learned from the vHub to the VPN endpoint. We could turn the vHub into a secured vHub, but the issue with that is that I do not see a Terraform provider to do that, and I am not 100% confident we can do that without destroying the existing infrastructure. The other option I guess is to create a separate secured vHub for this, but see the note above about no TF provider for it (though I could use the azAPI provider). Anyone have any insight or pointers they can send my way? submitted by /u/pedrotheterror [link] [comments]

  • Azure App Service deployment question
    by /u/ihorbond (Microsoft Azure) on May 19, 2022 at 12:37 am

    I've described everything here https://stackoverflow.com/questions/72297391/azure-app-service-deployment-fails-when-referenced-by-azure-function but I will give a short description: I have a solution that contains 2 projects: functions and web API. Functions project references web API, one way. Functions deploy fine but web API deployment fails. I don't understand why? It doesn't reference functions project. submitted by /u/ihorbond [link] [comments]

  • Best way to transfer data from an Azure Storage Blob to a Azure File Share
    by /u/noscpal (Microsoft Azure) on May 19, 2022 at 12:10 am

    Hey All, As the title suggests looking at the best way to make this happen, i have roughly 2.6tb in a blob that i would like to migrate to some Azure file shares. regards submitted by /u/noscpal [link] [comments]

  • How can I fix this Cisco Anyconnect Azure SAML CSRF Token error?
    by /u/TheHungryNetworker (Microsoft Azure) on May 18, 2022 at 11:20 pm

    submitted by /u/TheHungryNetworker [link] [comments]

  • Getting AD groups synced into AAD to use for a few things
    by /u/Ok-Examination3168 (Microsoft Azure) on May 18, 2022 at 11:11 pm

    Sup team, running into some issues on a current project. Have a work around in place so I'm not at a deadline but would love some insights. We've got an AD sync to AAD, and use Okta as our idp. We have a ton of security groups for license provisioning through okta - all dandy. I've been tasked with making some permission sets in Power BI from Active directory. So the ideal end result would be Active Directory security groups for powerBI license prov, specific sharepoint access, and data set in PowerBI access. There will be a few different groups with different outcomes. Currently I've manually made AAD groups for the PowerBI, SharePoint stuffs. Wondering if I can drive allllll of it from Active Directory for ease of use. Is this possible? Am I an idiot? Ideally yes to both. submitted by /u/Ok-Examination3168 [link] [comments]

  • Azure AD Security defaults for all users to 2FA at login
    by /u/mattzacamber (Microsoft Azure) on May 18, 2022 at 10:53 pm

    We have Security defaults enabled on our tenant. I expect all users to register for 2FA. Admins to be forced to 2FA. We find all users are asked to 2FA at login. Audit logs show reason is 'security defaults' Azure does state it will also trigger 'when necessary' 'One common method to improve protection for all users is to require a stronger form of account verification, such as Multi-Factor Authentication, for everyone. After users complete Multi-Factor Authentication registration, they'll be prompted for another authentication whenever necessary. Azure AD decides when a user will be prompted for Multi-Factor Authentication, based on factors such as location, device, role and task. This functionality protects all applications registered with Azure AD including SaaS applications. ' Seems to apply to all users at any portal (portal,devops,office). Didn't expect defaults to enforce 2FA for everyone. Is this expected behaviour now? Is it just enforced for everyone? submitted by /u/mattzacamber [link] [comments]

  • Increase the expiration period of Graph Api access token
    by /u/Pristine-Month-8944 (Microsoft Azure) on May 18, 2022 at 10:29 pm

    Using the app only approach of creating access token using msal for Graph API. It expires in about an hour usually. Can I increase it anyway? If not, can I check if the token is valid currently etc. For context I'll be creating and using the token in Python code. I need to make many API calls, so which is the best approach to make sure unnecessary tokens aren't created? Also, looked into refresh token, it's only for user credential flow, I'm using the app only approach. submitted by /u/Pristine-Month-8944 [link] [comments]

  • Where to get key vault connection key for logic apps?
    by /u/prinkpan (Microsoft Azure) on May 18, 2022 at 10:06 pm

    When we add a Get secret action in logic app it creates a connection with the key vault in Azure and generates a connection key which is then stored in local.settings.json file shown below. How is it generated? { "IsEncrypted": false, "Values": { "AzureWebJobsStorage": "UseDevelopmentStorage=true", "FUNCTIONS_WORKER_RUNTIME": "node", "WORKFLOWS_TENANT_ID": "<tenant-id>", "WORKFLOWS_SUBSCRIPTION_ID": "<subscription-id>", "WORKFLOWS_RESOURCE_GROUP_NAME": "<resource-group-name>", "WORKFLOWS_LOCATION_NAME": "westus2", "WORKFLOWS_MANAGEMENT_BASE_URI": "https://management.azure.com/", "keyvault-connectionKey": "eyJ0eXAiOiJKV1QiLCJhbGciO..." <-- How is this key generated? } } submitted by /u/prinkpan [link] [comments]

  • How to initiate VNET peering from one side, complete from the other side later on
    by /u/0x4ddd (Microsoft Azure) on May 18, 2022 at 9:50 pm

    My case is: dedicated team is managing hub virtual network developer teams can can create their own vnets Most likely developers would like to use ARM/Bicep/Terraform/whatever templates to automate their deployments. What I have thought about is that they could create peering to the hub from their side and then someone from the networking team can complete peering from the Hub side. However, when I did simple test on my subscription, I have been able to initiate peering from application side. It appeared with the "Initiated" state on the peerings list for my VNET with the message above - "At least one peering is in an initiated state. Navigate to the peer virtual network to complete the initiation. " Now I have thought I just would need to go to my hub virtual network and somewhere there I would see there is a peering request pending. However, I do not see any information on the Hub network side. Moreover, using Azure Portal I cannot create "one-way" peering, so in this case I cannot just create peering from Hub to App. Portal requires to create two-way peering while there is already existing Initiated peering from App to Hub. Is there any way to complete peering using Azure Portal from the Hub side, after application side initiated peering? Or maybe there is no other way than completing this using Azure CLI or any IaC tool? submitted by /u/0x4ddd [link] [comments]

  • azure front door + application gateway
    by /u/Tmmcwm (Microsoft Azure) on May 18, 2022 at 9:05 pm

    Hi everyone, Playing around with application gateway and front door. So far my config is app gateway with an internal ase ilb (wildcard domain) and this works fine. But I want to put front door in front so I can make things a little more redundant. So I've configured the front door with my app gateways public ip as the backend and re assigned my custom domain to the front door and stuck everything in forward mode. When I hit that custom domain it just immediately hits a not found page. I'm confused as to why this wouldn't work. Anyone configured a similar thing before? submitted by /u/Tmmcwm [link] [comments]

  • How can I add a IoT Hub in Azure into a VNet
    by /u/sjimenez46 (Microsoft Azure) on May 18, 2022 at 8:14 pm

    I see that is possible to use a private link to generate a static IP in the same VNet but I cant figure out how to provisioning an IoT Edge using Eflow to connect with the IoT Hub if I disable the public address. In the connection string is possible to change the public hostname with the static IP assigned yo IoT Hub in the VNet? Thanks in advance submitted by /u/sjimenez46 [link] [comments]

  • HTTP Logic App
    by /u/dj_avi (Microsoft Azure) on May 18, 2022 at 8:14 pm

    I'm trying to create a logic app with http GET. It can get a site code status of 200 when the site is running fine. If the site is attacked or the web service is down, it can't pull the GET request, so I the actions won't run. Is there way I can make it do that (When site is down). submitted by /u/dj_avi [link] [comments]

  • Best way to Automate setup for New Employees
    by /u/Mortamus978 (Microsoft Azure) on May 18, 2022 at 7:25 pm

    Hey Everyone, So we've just moved one of our companies to Azure AD, moving them away from on-premises AD. I want to know what the best way to "automate" setting up new hires for the company. What I've been doing in the past may make you cringe, so bear with me. Get laptop Install Fresh 21H2 on it w/ USB Go through OOBE Add machine to Azure AD Sign into their Azure AD account Have to add their account to my authenticator (We require 2FA) Install all the software and ready the PC for the employee Remove myself from their 2FA in Azure settings, send re-register Ship it to the user, or set it up in the corp office. Now, as you can see it's not the most efficient way of doing things. I'm looking for some advice on a few things. Avoiding adding myself as a 2FA on their account for the setup... is there a way to avoid that for first sign on or something? What would be the best way to prep these new machines for users? I wonder if it's possible to create a "golden image" for all the stuff they need, then apply it to the machine with their Azure AD account linked. Sorry if any of that is poorly explained. I'm mostly helpdesk / network infrastructure... this is my first time taking on a project that I would consider sysadmin-y. Thanks! submitted by /u/Mortamus978 [link] [comments]

  • Hybrid Azure AD join windows 10 or later
    by /u/VirtualCHi (Microsoft Azure) on May 18, 2022 at 7:10 pm

    Hi We are planning an pilot for hybrid Azure AD joined windows 10 computers. Do I need to use the Intune connector for active directory? For example in this article, the setup is not using Intune connector. In this other article, is using group policy for auto enrollment. Please shed some light, I am a bit confused, which is the best method. My environment is Hybrid, on-premise AD sycning to Azure AD. submitted by /u/VirtualCHi [link] [comments]

  • Received an offer from Microsoft. Faced with an interesting choice.
    by /u/ThrowAwayTheSys (Microsoft Azure) on May 18, 2022 at 7:06 pm

    Greetings, This is a throwaway for obvious reasons, my co-workers may read this, and I'd like some degree of anonymity. I'm currently in a Sysadmin role at a company and I'm doing pretty well for myself there. I make 86k per year with a yearly 10% bonus. I've made great connections and fostered even better relationships since I started here almost 10 months ago. Overall, I'm pretty happy with what I'm doing. I get to focus heavily on Powershell automation and coming up with creative solutions to solve the technical debt in my department. We underwent quite a bit of structural changes within the company & my department effectively was cut in half. We've been playing catch up and are finally rediscovering our footing and bringing on new talent. Now we have some interesting things coming down the pipeline, such as a full lift and shift to Azure, which is fairly exciting as that's the direction I want to take in my career. Got my AZ900 + AZ104. Want to get the AZ305 and work my way up to becoming a Azure Solutions Architect. Queue me recently getting a call out of the blue from a recruiter and I landed an interview for freaking Microsoft for an Azure AD Support Engineering role. I just received my offer letter. $49.00 per hour on a long term contract to hire role with benefits. The FTE conversion is an automatic bump to 115k + stock options, a sign on bonus, and pretty ridiculous benefits, which is needless to say, very attractive. Assuming I can really shine in this role and actually land the FTE position. I received a counter offer from my company for a bump to 95k + a 10k retention bonus + my 10% performance bonus paid up front. It seems like an ok counter offer, I could probably try and peg them for more, but I'm thinking the right move here is to go with Microsoft. I can't seem to find much information out there on what it's like to work in that role on the Azure team, but from the interviews & people I've talked to, the opportunity for growth is unparalleled if you're hungry enough. I'm curious to hear what you fine folks have to say. What would you do in this position? And if there are any Microsoft engineers lurking this sub, would love to hear what your experience working for the giant is like. Much appreciate anyone's feedback! submitted by /u/ThrowAwayTheSys [link] [comments]

  • Azure Dashboard for pipeline
    by /u/Ughdontlookatmyname (Microsoft Azure) on May 18, 2022 at 6:44 pm

    Is there any wizard that could give details on the total number of builds/release- filtered for a(/multiple) pipeline. I can achieve this from Analytics View for specific pipeline but I want to get these details on dashboard and for multiple pipelines. submitted by /u/Ughdontlookatmyname [link] [comments]

  • How Azure Certificate helped you in growing career?
    by /u/licedey (Microsoft Azure Certifications) on May 18, 2022 at 6:18 pm

    You may know me as an author of Learn Azure project. I am working on this project during last 1.5 years. The idea was born from my own needs. When I prepared for AZ-900, then a lot of time I had to be outside my desk. So, I prepared through phone using Whizzlabs and it was inconvenient that time. I decided to develop mobile app that will close this need. As download statistics says, I am not the only one who has interest in such app. Since release of v1.0 there are 50k downloads of the app for iOS/Android together. And all that time I didn't ask users of how Azure certification are helps them in growing their career. As Microsoft's certification ad says that there may be such benefits compared to peers w/o certificate: Salary increase Receive a raise or promotion Skills and quality of their work improve Is it truth? I raise this discussion to understand of how the specific Azure certificate helped you on job seeking or current job. And then, will focus on what is really needed for IT-specialists that has desire to become Azure certified. submitted by /u/licedey [link] [comments]

  • Moving Local ML Experiments to Cloud with Terraform Plugin - Tutorial
    by /u/thumbsdrivesmecrazy (Microsoft Azure) on May 18, 2022 at 6:00 pm

    In this tutorial, you can learn how to move a local machine learning experiment to a remote cloud machine with the help of Terraform Provider Iterative (TPI): Moving Local Experiments to the Cloud with Terraform Provider Iterative (TPI) submitted by /u/thumbsdrivesmecrazy [link] [comments]

#Azure #AzureFundamentals #AZ900 #AzureTraining #LeranAzure #Djamgatech

Azure Fundamentals AZ900 Exam Prep on Udemy – 50-% OFF

Azure Fundamentals AZ900 Exam Prep on iOs

Azure Fundamentals AZ900 Exam Prep on android

Azure Fundamentals AZ900 Exam Prep on Windows 10/11

 

Top 60 AWS Solution Architect Associate Exam Tips

aws certified solution architect exam prep

Top 60 AWS Solution Architect Associate Exam Tips

SAA Exam Prep App urls

Solution Architect FREE version:
Google Play Store (Android)
Apple Store (iOS)
Pwa: Web
Amazon android: Amazon App Store (Android)
Microsoft/Windows10:

0 In a nutshell, below are the resources and apps that you need for SAA-C02 Exam Prep:

2022 AWS Cloud Practitioner Exam Preparation

Read FAQs and learn more about the following topics in details: Load Balancing, DynamoDB, EBS, Multi-AZ RDS, Aurora, EFS, DynamoDB, NLB, ALB, Aurora, Auto Scalling, DynamoDB(latency), Aurora(performance), Multi-AZ RDS(high availability), Throughput Optimized EBS (highly sequential), Read the quizlet note cards about Cloudwatch, CloudTrail, KMS, ElasticBeanstalk, OpsWorks here. Read Dexter’s Barely passed AWS Cram Notes about RPO vs RTO, HA vs FT, Undifferentiated Heavy Lifting, Access Management Basics, Shared Responsibility Model, Cloud Service Models
AWS topics for SAA-CO1 and SAA-CO2

1

Know what instance types can be launched from which types of AMIs, and which instance types require an HVM AMI
AWS HVM AMI

2

Understand bastion hosts, and which subnet one might live on. Bastion hosts are instances that sit within your public subnet and are typically accessed using SSH or RDP. Once remote connectivity has been established with the bastion host, it then acts as a ‘jump’ server, allowing you to use SSH or RDP to login to other instances (within private subnets) deeper within your network. When properly configured through the use of security groups and Network ACLs, the bastion essentially acts as a bridge to your private instances via the Internet.”
Bastion Hosts

3

Know the difference between Directory Service’s AD Connector and Simple AD. Use Simple AD if you need an inexpensive Active Directory–compatible service with the common directory features. AD Connector lets you simply connect your existing on-premises Active Directory to AWS.
AD Connector and Simple AD

4


Save 65% on select product(s) with promo code 65ZDS44X on Amazon.com

Know how to enable cross-account access with IAM: To delegate permission to access a resource, you create an IAM role that has two policies attached. The permissions policy grants the user of the role the needed permissions to carry out the desired tasks on the resource. The trust policy specifies which trusted accounts are allowed to grant its users permissions to assume the role. The trust policy on the role in the trusting account is one-half of the permissions. The other half is a permissions policy attached to the user in the trusted account that allows that user to switch to, or assume the role.
Enable cross-account access with IAM

5

Have a good understanding of how Route53 supports all of the different DNS record types, and when you would use certain ones over others.
Route 53 supports all of the different DNS record types

6

Know which services have native encryption at rest within the region, and which do not.
AWS Services with native Encryption at rest

7

Know which services allow you to retain full admin privileges of the underlying EC2 instances
EC2 Full admin privilege

8

Know When Elastic IPs are free or not: If you associate additional EIPs with that instance, you will be charged for each additional EIP associated with that instance per hour on a pro rata basis. Additional EIPs are only available in Amazon VPC. To ensure efficient use of Elastic IP addresses, we impose a small hourly charge when these IP addresses are not associated with a running instance or when they are associated with a stopped instance or unattached network interface.
When are AWS Elastic IPs Free or not?

9

Know what are the four high level categories of information Trusted Advisor supplies.
#AWS Trusted advisor

10

Know how to troubleshoot a connection time out error when trying to connect to an instance in your VPC. You need a security group rule that allows inbound traffic from your public IP address on the proper port, you need a route that sends all traffic destined outside the VPC (0.0.0.0/0) to the Internet gateway for the VPC, the network ACLs must allow inbound and outbound traffic from your public IP address on the proper port, etc.
#AWS Connection time out error

11

Be able to identify multiple possible use cases and eliminate non-use cases for SWF.
#AWS

12

Understand how you might set up consolidated billing and cross-account access such that individual divisions resources are isolated from each other, but corporate IT can oversee all of it.
#AWS Set up consolidated billing

13

Know how you would go about making changes to an Auto Scaling group, fully understanding what you can and can’t change. “You can only specify one launch configuration for an Auto Scaling group at a time, and you can’t modify a launch configuration after you’ve created it. Therefore, if you want to change the launch configuration for your Auto Scaling group, you must create a launch configuration and then update your Auto Scaling group with the new launch configuration. When you change the launch configuration for your Auto Scaling group, any new instances are launched using the new configuration parameters, but existing instances are not affected.
#AWS Make Change to Auto Scaling group

14

Know how you would go about making changes to an Auto Scaling group, fully understanding what you can and can’t change. “You can only specify one launch configuration for an Auto Scaling group at a time, and you can’t modify a launch configuration after you’ve created it. Therefore, if you want to change the launch configuration for your Auto Scaling group, you must create a launch configuration and then update your Auto Scaling group with the new launch configuration. When you change the launch configuration for your Auto Scaling group, any new instances are launched using the new configuration parameters, but existing instances are not affected.
#AWS Make Change to Auto Scaling group

15

Know which field you use to run a script upon launching your instance.
#AWS User data script

16

Know how DynamoDB (durable, and you can pay for strong consistency), Elasticache (great for speed, not so durable), and S3 (eventual consistency results in lower latency) compare to each other in terms of durability and low latency.
#AWS DynamoDB consistency

17

Know the difference between bucket policies, IAM policies, and ACLs for use with S3, and examples of when you would use each. “With IAM policies, companies can grant IAM users fine-grained control to their Amazon S3 bucket or objects while also retaining full control over everything the users do. With bucket policies, companies can define rules which apply broadly across all requests to their Amazon S3 resources, such as granting write privileges to a subset of Amazon S3 resources. Customers can also restrict access based on an aspect of the request, such as HTTP referrer and IP address. With ACLs, customers can grant specific permissions (i.e. READ, WRITE, FULL_CONTROL) to specific users for an individual bucket or object.
#AWS Difference between bucket policies

18

Know when and how you can encrypt snapshots.
#AWS EBS Encryption

19

Understand how you can use ELB cross-zone load balancing to ensure even distribution of traffic to EC2 instances in multiple AZs registered with a load balancer.
#AWS ELB cross-zone load balancing

20

How would you allow users to log into the AWS console using active directory integration. Here is a link to some good reference material.
#AWS og into the AWS console using active directory integration

21

Spot instances are good for cost optimization, even if it seems you might need to fall back to On-Demand instances if you wind up getting kicked off them and the timeline grows tighter. The primary (but still not only) factor seems to be whether you can gracefully handle instances that die on you–which is pretty much how you should always design everything, anyway!
#AWS Spot instances

22

The term “use case” is not the same as “function” or “capability”. A use case is something that your app/system will need to accomplish, not just behaviour that you will get from that service. In particular, a use case doesn’t require that the service be a 100% turnkey solution for that situation, just that the service plays a valuable role in enabling it.
#AWS use case

23

There might be extra, unnecessary information in some of the questions (red herrings), so try not to get thrown off by them. Understand what services can and can’t do, but don’t ignore “obvious”-but-still-correct answers in favour of super-tricky ones.
#AWS Exam Answers: Distractors

24

If you don’t know what they’re trying to ask, in a question, just move on and come back to it later (by using the helpful “mark this question” feature in the exam tool). You could easily spend way more time than you should on a single confusing question if you don’t triage and move on.
#AWS Exa: Skip Questions that are vague and come back to them later

25

Some exam questions required you to understand features and use cases of: VPC peering, cross-account access, DirectConnect, snapshotting EBS RAID arrays, DynamoDB, spot instances, Glacier, AWS/user security responsibilities, etc.
#AWS

26

The 30 Day constraint in the S3 Lifecycle Policy before transitioning to S3-IA and S3-One Zone IA storage classes
#AWS S3 lifecycle policy

27

Enabling Cross-region snapshot copy for an AWS KMS-encrypted cluster
Redis Auth / Amazon MQ / IAM DB Authentication

#AWS Cross-region snapshot copy for an AWS KMS-encrypted cluster

28

Know that FTP is using TCP and not UDP (Helpful for questions where you are asked to troubleshoot the network flow)
TCP and UDP

29

Know the Difference between S3, EBS and EFS
#AWS Difference between S3, EBS and EFS

30

Kinesis Sharding:
#AWS Kinesis Sharding

31

Handling SSL Certificates in ELB ( Wildcard certificate vs SNI )
#AWS Handling SSL Certificates in ELB ( Wildcard certificate vs SNI )

32

Difference between OAI, Signed URL (CloudFront) and Pre-signed URL (S3)
#AWS Difference between OAI, Signed URL (CloudFront) and Pre-signed URL (S3)

33

Different types of Aurora Endpoints
#AWS Different types of Aurora Endpoints

34

The Default Termination Policy for Auto Scaling Group (Oldest launch configuration vs Instance Protection)
#AWS Default Termination Policy for Auto Scaling Group

35

Watch Acloud Guru Videos Lectures while commuting / lunch break – Reschedule the exam if you are not yet ready
#AWS ACloud Guru

36

Watch Linux Academy Videos Lectures while commuting / lunch break – Reschedule the exam if you are not yet ready
#AWS Linux Academy

37

Watch Udemy Videos Lectures while commuting / lunch break – Reschedule the exam if you are not yet ready
#AWS Linux Academy

38

The Udemy practice test interface is good that it pinpoints your weak areas, so what I did was to re-watch all the videos that I got the wrong answers. Since I was able to gauge my exam readiness, I decided to reschedule my exam for 2 more weeks, to help me focus on completing the practice tests.
#AWS Udemy

39

Use AWS Cheatsheets – I also found the cheatsheets provided by Tutorials Dojo very helpful. In my opinion, it is better than Jayendrapatil Patil’s blog since it contains more updated information that complements your review notes.
#AWS Cheat Sheet

40

Watch this exam readiness 3hr video, it very recent webinar this provides what is expected in the exam.
#AWS Exam Prep Video

41

Start off watching Ryan’s videos. Try and completely focus on the hands on. Take your time to understand what you are trying to learn and achieve in those LAB Sessions.
#AWS Exam Prep Video

42

Do not rush into completing the videos. Take your time and hone the basics. Focus and spend a lot of time for the back bone of AWS infrastructure – Compute/EC2 section, Storage (S3/EBS/EFS), Networking (Route 53/Load Balancers), RDS, VPC, Route 3. These sections are vast, with lot of concepts to go over and have loads to learn. Trust me you will need to thoroughly understand each one of them to ensure you pass the certification comfortably.
#AWS Exam Prep Video

43

Make sure you go through resources section and also AWS documentation for each components. Go over FAQs. If you have a question, please post it in the community. Trust me, each answer here helps you understand more about AWS.
#AWS Faqs

44

Like any other product/service, each AWS offering has a different flavor. I will take an example of EC2 (Spot/Reserved/Dedicated/On Demand etc.). Make sure you understand what they are, what are the pros/cons of each of these flavors. Applies for all other offerings too.
#AWS Services

45

Ensure to attend all quizzes after each section. Please do not treat these quizzes as your practice exams. These quizzes are designed to mostly test your knowledge on the section you just finished. The exam itself is designed to test you with scenarios and questions, where in you will need to recall and apply your knowledge of different AWS technologies/services you learn over multiple lectures.
#AWS Services

46

I, personally, do not recommend to attempt a practice exam or simulator exam until you have done all of the above. It was a little overwhelming for me. I had thoroughly gone over the videos. And understood the concepts pretty well, but once I opened exam simulator I felt the questions were pretty difficult. I also had a feeling that videos do not cover lot of topics. But later I realized, given the vastness of AWS Services and offerings it is really difficult to encompass all these services and their details in the course content. The fact that these services keep changing so often, does not help
#AWS Services

47

Go back and make a note of all topics, that you felt were unfamiliar for you. Go through the resources section and fiund links to AWS documentation. After going over them, you shoud gain at least 5-10% more knowledge on AWS. Have expectations from the online courses as a way to get thorough understanding of basics and strong foundations for your AWS knowledge. But once you are done with videos. Make sure you spend a lot of time on AWS documentation and FAQs. There are many many topics/sub topics which may not be covered in the course and you would need to know, atleast their basic functionalities, to do well in the exam.
#AWS Services

48

Once you start taking practice exams, it may seem really difficult at the beginning. So, please do not panic if you find the questions complicated or difficult. IMO they are designed or put in a way to sound complicated but they are not. Be calm and read questions very carefully. In my observation, many questions have lot of information which sometimes is not relevant to the solution you are expected to provide. Read the question slowly and read it again until you understand what is expected out of it.
#AWS Services

49

With each practice exam you will come across topics that you may need to scale your knowledge on or learn them from scratch.
#AWS Services

50

With each test and the subsequent revision, you will surely feel more confident.
There are 130 mins for questions. 2 mins for each question which is plenty of time.
At least take 8-10 practice tests. The ones on udemy/tutorialdojo are really good. If you are a acloudguru member. The exam simulator is really good.
Manage your time well. Keep patience. I saw someone mention in one of the discussions that do not under estimate the mental focus/strength needed to sit through 130 mins solving these questions. And it is really true.
Do not give away or waste any of those precious 130 mins. While answering flag/mark questions you think you are not completely sure. My advice is, even if you finish early, spend your time reviewing the answers. I could review 40 of my answers at the end of test. And I at least rectified 3 of them (which is 4-5% of total score, I think)
So in short – Put a lot of focus on making your foundations strong. Make sure you go through AWS Documentation and FAQs. Try and envision how all of the AWS components can fit together and provide an optimal solution. Keep calm.
This video gives outline about exam, must watch before or after Ryan’s course. #AWS Services

51

Walking you through how to best prepare for the AWS Certified Solutions Architect Associate SAA-C02 exam in 5 steps:
1. Understand the exam blueprint
2. Learn about the new topics included in the SAA-C02 version of the exam
3. Use the many FREE resources available to gain and deepen your knowledge
4. Enroll in our hands-on video course to learn AWS in depth
5. Use practice tests to fully prepare yourself for the exam and assess your exam readiness
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

52

Storage:
1. Know your different Amazon S3 storage tiers! You need to know the use cases, features and limitations, and relative costs; e.g. retrieval costs.
2. Amazon S3 lifecycle policies is also required knowledge — there are minimum storage times in certain tiers that you need to know.
3. For Glacier, you need to understand what it is, what it’s used for, and what the options are for retrieval times and fees.
4. For the Amazon Elastic File System (EFS), make sure you’re clear which operating systems you can use with it (just Linux).
5. For the Amazon Elastic Block Store (EBS), make sure you know when to use the different tiers including instance stores; e.g. what would you use for a datastore that requires the highest IO and the data is distributed across multiple instances? (Good instance store use case)
6. Learn about Amazon FSx. You’ll need to know about FSx for Windows and Lustre.
7. Know how to improve Amazon S3 performance including using CloudFront, and byte-range fetches — check out this whitepaper.
8. Make sure you understand about Amazon S3 object deletion protection options including versioning and MFA delete.
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

53

Compute:
1. You need to have a good understanding of the options for how to scale an Auto Scaling Group using metrics such as SQS queue depth, or numbers of SNS messages.
2. Know your different Auto Scaling policies including Target Tracking Policies.
3. Read up on High Performance Computing (HPC) with AWS. You’ll need to know about Amazon FSx with HPC use cases.
4. Know your placement groups. Make sure you can differentiate between spread, cluster and partition; e.g. what would you use for lowest latency? What about if you need to support an app that’s tightly coupled? Within an AZ or cross AZ?
5. Make sure you know the difference between Elastic Network Adapters (ENAs), Elastic Network Interfaces (ENIs) and Elastic Fabric Adapters (EFAs).
6. For the Amazon Elastic Container Service (ECS), make sure you understand how to assign IAM policies to ECS for providing S3 access. How can you decouple an ECS data processing process — Kinesis Firehose or SQS?
7. Make sure you’re clear on the different EC2 pricing models including Reserved Instances (RI) and the different RI options such as scheduled RIs.
8. Make sure you know the maximum execution time for AWS Lambda (it’s currently 900 seconds or 15 minutes).
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

54

Network
1. Understand what AWS Global Accelerator is and its use cases.
2. Understand when to use CloudFront and when to use AWS Global Accelerator.
3. Make sure you understand the different types of VPC endpoint and which require an Elastic Network Interface (ENI) and which require a route table entry.
4. You need to know how to connect multiple accounts; e.g. should you use VPC peering or a VPC endpoint?
5. Know the difference between PrivateLink and ClassicLink.
6. Know the patterns for extending a secure on-premises environment into AWS.
7. Know how to encrypt AWS Direct Connect (you can use a Virtual Private Gateway / AWS VPN).
8. Understand when to use Direct Connect vs Snowball to migrate data — lead time can be an issue with Direct Connect if you’re in a hurry.
9. Know how to prevent circumvention of Amazon CloudFront; e.g. Origin Access Identity (OAI) or signed URLs / signed cookies.
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

55

Databases
1. Make sure you understand Amazon Aurora and Amazon Aurora Serverless.
2. Know which RDS databases can have Read Replicas and whether you can read from a Multi-AZ standby.
3. Know the options for encrypting an existing RDS database; e.g. only at creation time otherwise you must encrypt a snapshot and create a new instance from the snapshot.
4. Know which databases are key-value stores; e.g. Amazon DynamoDB.
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

56

Application Integration
1. Make sure you know the use cases for the Amazon Simple Queue Service (SQS), and Simple Notification Service (SNS).
2. Understand the differences between Amazon Kinesis Firehose and SQS and when you would use each service.
3. Know how to use Amazon S3 event notifications to publish events to SQS — here’s a good “How To” article.
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

57

Management and Governance
1. You’ll need to know about AWS Organizations; e.g. how to migrate an account between organizations.
2. For AWS Organizations, you also need to know how to restrict actions using service control policies attached to OUs.
3. Understand what AWS Resource Access Manager is.
AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS

About this App

The AWS Certified Solution Architect Associate Examination reparation and Readiness Quiz App (SAA-C01, SAA-C01, SAA) Prep App helps you prepare and train for the AWS Certification Solution Architect Associate Exam with various questions and answers dumps.

This App provide updated Questions and Answers, an Intuitive Responsive Interface allowing to browse questions horizontally and browse tips and resources vertically after completing a quiz.

Features:

  • 100+ Questions and Answers updated frequently to get you AWS certified.
  • Quiz with score tracker, countdown timer, highest score saving. Vie Answers after completing the quiz for each category.
  • Can only see answers after completing the quiz.
  • Show/Hide button option for answers. Link to PRO Version to see all answers for each category
  • Ability to navigate through questions for each category using next and previous button.
  • Resource info page about the answer for each category and Top 60 Tips to succeed in the exam.
  • Prominent Cloud Evangelist latest tweets and Technology Latest News Feed
  • The app helps you study and practice from your mobile device with an intuitive interface.
  • SAA-C01 and SAA-C02 compatible
  • Resource info page about the answer for each category.
  • Helps you study and practice from your mobile device with an intuitive interface.

The questions and Answers are divided in 4 categories:

  • Design High Performing Architectures,
  • Design Cost Optimized Architectures,
  • Design Secure Applications And Architectures,
  • Design Resilient Architecture,

The questions and answers cover the following topics: AWS VPC, S3, DynamoDB, EC2, ECS, Lambda, API Gateway, CloudWatch, CloudTrail, Code Pipeline, Code Deploy, TCO Calculator, AWS S3, AWS DynamoDB, CloudWatch , AWS SES, Amazon Lex, AWS EBS, AWS ELB, AWS Autoscaling , RDS, Aurora, Route 53, Amazon CodeGuru, Amazon Bracket, AWS Billing and Pricing, AWS Simply Monthly Calculator, AWS cost calculator, Ec2 pricing on-demand, AWS Pricing, AWS Pay As You Go, AWS No Upfront Cost, Cost Explorer, AWS Organizations, Consolidated billing, Instance Scheduler, on-demand instances, Reserved instances, Spot Instances, CloudFront, Web hosting on S3, S3 storage classes, AWS Regions, AWS Availability Zones, Trusted Advisor, Various architectural Questions and Answers about AWS, AWS SDK, AWS EBS Volumes, EC2, S3, Containers, KMS, AWS read replicas, Cloudfront, API Gateway, AWS Snapshots, Auto shutdown Ec2 instances, High Availability, RDS, DynamoDB, Elasticity, AWS Virtual Machines, AWS Caching, AWS Containers, AWS Architecture, AWS Ec2, AWS S3, AWS Security, AWS Lambda, Bastion Hosts, S3 lifecycle policy, kinesis sharing, AWS KMS, Design High Performing Architectures, Design Cost Optimized Architectures, Design Secure Applications And Architectures, Design Resilient Architecture, AWS vs Azure vs Google Cloud, Resources, Questions, AWS, AWS SDK, AWS EBS Volumes, AWS read replicas, Cloudfront, API Gateway, AWS Snapshots, Auto shutdown Ec2 instances, High Availability, RDS, DynamoDB, Elasticity, AWS Virtual Machines, AWS Caching, AWS Containers, AWS Architecture, AWS Ec2, AWS S3, AWS Security, AWS Lambda, Load Balancing, DynamoDB, EBS, Multi-AZ RDS, Aurora, EFS, DynamoDB, NLB, ALB, Aurora, Auto Scaling, DynamoDB(latency), Aurora(performance), Multi-AZ RDS(high availability), Throughput Optimized EBS (highly sequential), SAA-CO1, SAA-CO2, Cloudwatch, CloudTrail, KMS, ElasticBeanstalk, OpsWorks, RPO vs RTO, HA vs FT, Undifferentiated Heavy Lifting, Access Management Basics, Shared Responsibility Model, Cloud Service Models, etc…

The resources sections cover the following areas: Certification, AWS training, Mock Exam Preparation Tips, Cloud Architect Training, Cloud Architect Knowledge, Cloud Technology, cloud certification, cloud exam preparation tips, cloud solution architect associate exam, certification practice exam, learn aws free, amazon cloud solution architect, question dumps, acloud guru links, tutorial dojo links, linuxacademy links, latest aws certification tweets, and post from reddit, quota, linkedin, medium, cloud exam preparation tips, aws cloud solution architect associate exam, aws certification practice exam, cloud exam questions, learn aws free, amazon cloud solution architect, amazon cloud certified solution architect associate exam questions, as certification dumps, google cloud, azure cloud, acloud, learn google cloud, learn azure cloud, cloud comparison, etc.

Abilities Validated by the Certification:

  • Effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies
  • Define a solution using architectural design principles based on customer requirements
  • Provide implementation guidance based on best practices to the organization throughout the life cycle of the project

Recommended Knowledge for the Certification:

  • One year of hands-on experience designing available, cost-effective, fault-tolerant, and scalable distributed systems on AWS.
  • Hands-on experience using compute, networking, storage, and database AWS services.
  • Hands-on experience with AWS deployment and management services.
  • Ability to identify and define technical requirements for an AWS-based application.
  • bility to identify which AWS services meet a given technical requirement.
  • Knowledge of recommended best practices for building secure and reliable applications on the AWS platform.
  • An understanding of the basic architectural principles of building in the AWS Cloud.
  • An understanding of the AWS global infrastructure.
  • An understanding of network technologies as they relate to AWS.
  • An understanding of security features and tools that AWS provides and how they relate to traditional services.

Note and disclaimer: We are not affiliated with AWS or Amazon or Microsoft or Google. The questions are put together based on the certification study guide and materials available online. We also receive questions and answers from anonymous users and we vet to make sure they are legitimate. The questions in this app should help you pass the exam but it is not guaranteed. We are not responsible for any exam you did not pass.

Important: To succeed with the real exam, do not memorize the answers in this app. It is very important that you understand why a question is right or wrong and the concepts behind it by carefully reading the reference documents in the answers.

Top

What is the AWS Certified Solution Architect Associate Exam?

This exam validates an examinee’s ability to effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies. It validates an examinee’s ability to:

  • Define a solution using architectural design principles based on customer requirements.
  • Multiple-response: Has two correct responses out of five options.

There are two types of questions on the examination:

  • Multiple-choice: Has one correct response and three incorrect responses (distractors).
  • Provide implementation guidance based on best practices to the organization throughout the lifecycle of the project.

Select one or more responses that best complete the statement or answer the question. Distractors, or incorrect answers, are response options that an examinee with incomplete knowledge or skill would likely choose. However, they are generally plausible responses that fit in the content area defined by the test objective. Unanswered questions are scored as incorrect; there is no penalty for guessing.

To succeed with the real exam, do not memorize the answers below. It is very important that you understand why a question is right or wrong and the concepts behind it by carefully reading the reference documents in the answers.

Top

AWS Certified Solution Architect Associate info and details

The AWS Certified Solution Architect Associate Exam is a multiple choice, multiple answer exam. Here is the Exam Overview:

Top

Other AWS Facts and Summaries and Questions/Answers Dump

Top

Additional Information for reference

Below are some useful reference links that would help you to learn about AWS Practitioner Exam.

Other Relevant and Recommended AWS Certifications

AWS Certification Exams Roadmap AWS Certification Exams Roadmap[/caption]

AWS Solution Architect Associate Exam Whitepapers:

AWS has provided whitepapers to help you understand the technical concepts. Below are the recommended whitepapers.

Top

Online Training and Labs for AWS Certified Solution Architect Associate Exam

Top

AWS Certified Solution Architect Associate Jobs

AWS Certification and Training Apps for all platforms:

AWS Cloud practitioner FREE version:

AWS Certified Cloud practitioner for the web:pwa

AWS Certified Cloud practitioner Exam Prep App for iOS

AWS Certified Cloud practitioner Exam Prep App for Microsoft/Windows10

AWS Certified Cloud practitioner Exam Prep App for Android (Google Play Store)

AWS Certified Cloud practitioner Exam Prep App for Android (Amazon App Store)

AWS Certified Cloud practitioner Exam Prep App for Android (Huawei App Gallery)

AWS Solution Architect FREE version:

AWS Certified Solution Architect Associate Exam Prep App for iOS: https://apps.apple.com/ca/app/solution-architect-assoc-quiz/id1501225766

Solution Architect Associate for Android Google Play

AWS Certified Solution Architect Associate Exam Prep App for the eb: Pwa

AWS Certified Solution Architect Associate Exam Prep App for Amazon android

‪‬

AWS Certified Cloud practitioner Exam Prep App for Microsoft/Windows10

AWS Certified Cloud practitioner Exam Prep App for Huawei App Gallery

AWS Cloud Practitioner PRO Versions:

AWS Certified Cloud practitioner PRO Exam Prep App for iOS

AWS Certified Cloud Practitioner PRO Associate Exam Prep App for android google

AWS Certified Cloud practitioner Exam Prep App for Amazon android

AWS Certified Cloud practitioner Exam Prep App for Windows 10

AWS Certified Cloud practitioner Exam Prep PRO App for Android (Huawei App Gallery) Coming soon

AWS Solution Architect PRO

AWS Certified Solution Architect Associate PRO versions for iOS

AWS Certified Solution Architect Associate PRO Exam Prep App for Android google

AWS Certified Solution Architect Associate PRO Exam Prep App for Windows10

AWS Certified Solution Architect Associate PRO Exam Prep App for Amazon android

Huawei App Gallery: Coming soon

AWS Certified Developer Associates Free version:

AWS Certified Developer Associates for Android (Google Play)

AWS Certified Developer Associates Web/PWA

AWS Certified Developer Associates for iOs

AWS Certified Developer Associates for Android (Huawei App Gallery)

AWS Certified Developer Associates for windows 10 (Microsoft App store)

Amazon App Store: Coming soon

AWS Developer Associates PRO version

PRO version with mock exam for android (Google Play)

PRO version with mock exam ios

AWS Certified Developer Associates PRO for Android (Amazon App Store): Coming Soon

AWS Certified Developer Associates PRO for Android (Huawei App Gallery): Coming soon