Welcome to AI Unraveled, the podcast that demystifies frequently asked questions on artificial intelligence and keeps you up to date with the latest AI trends. Join us as we delve into groundbreaking research, innovative applications, and emerging technologies that are pushing the boundaries of AI. From the latest trends in ChatGPT and the recent merger of Google Brain and DeepMind, to the exciting developments in generative AI, we’ve got you covered with a comprehensive update on the ever-evolving AI landscape. In today’s episode, we’ll cover skills measured in Azure AI workloads, machine learning principles, computer vision, and Natural Language Processing, Azure AI Fundamentals Practice Quizzes on topics such as predictive models, computer vision, responsible AI, and machine learning methods, top tips for acing the Microsoft Azure AI Fundamentals AI-900 exam including understanding objectives, practice, engaging with the community, and staying updated, and the Azure AI Fundamentals AI-900 Exam Prep PRO by Djamgatech available on Apple and Windows App Stores.
Unlocking Azure AI Fundamentals AI-900 exam: Skills Measured, Top 10 Quizzes with detailed answers, Testimonials, Tips, and Key Resources to ace the exam and pass the certification
In the Azure AI Fundamentals Exam, you’ll be putting your knowledge of machine learning (ML) and artificial intelligence (AI) concepts to the test, along with your familiarity with related Microsoft Azure services. The great thing about this exam is that you don’t necessarily need a technical background or experience in data science or software engineering. So, if you’ve been wanting to break into the AI field, this could be a great opportunity for you! That said, having some knowledge of cloud basics and client-server applications will definitely come in handy. It’s not a requirement, but it would give you an advantage. Keep in mind that passing the Azure AI Fundamentals Exam can actually open doors to other Azure role-based certifications, like Azure Data Scientist Associate or Azure AI Engineer Associate. This means that once you ace this exam, you’ll have a head start on your AI journey. During the exam, you can expect questions that cover various aspects of AI workloads on Azure. This includes understanding the fundamental principles of machine learning, as well as the features and considerations of computer vision workloads and Natural Language Processing (NLP) workloads on Azure. So, get ready to dive deep into the exciting world of AI and show off your knowledge on the Azure platform. Good luck!
Quiz 1: So, you want to create a model to predict ice cream sales based on historic data, including daily sales totals and weather measurements. Now, which Azure service should you use for this task?
Well, the answer is Azure Machine Learning. With Azure Machine Learning, you can train a predictive model using the existing data. It’s pretty cool, right?
Quiz 2: Alright, let’s move on to the next question. You’re working on an AI application that detects cracks in car windshields and notifies drivers when repairs or replacements are necessary. What AI workload does this describe?
The answer is Computer Vision. By using computer vision, you can analyze images of car windshields and classify them into different groups based on their condition. This way, you can easily spot those pesky cracks.
Quiz 3: Here’s another question for you. There’s a predictive app that provides audio output for visually impaired users. Nice, right?
Now, which principle of Responsible AI is reflected in this scenario? The answer is Inclusiveness. Inclusiveness is all about ensuring that AI benefits all parts of society, regardless of physical ability, gender, sexual orientation, or ethnicity. It’s about making AI accessible to everyone. Good job!
Quiz 4: Let’s move on. Here’s a question about ChatGPT, OpenAI, and Azure OpenAI. How are they related?
Well, OpenAI is a research company that developed ChatGPT, a fancy chatbot that uses generative AI models. And Azure OpenAI? Well, it provides access to many of OpenAI’s awesome AI models. So, you can think of Azure OpenAI as the gateway to these cool AI creations.
Quiz 5: Time for another question! You want to summarize a paragraph of text. Which generative AI model family should you use for this task?
The answer is GPT. GPT, which stands for Generative Pre-trained Transformer, is a powerful family of generative AI models. It’s great for tasks like text summarization, where you need to condense a lot of information into a concise summary. So, GPT is your go-to model family for text summarization.
Quiz 6: Now, let’s talk about ethical AI practices in Azure OpenAI. What’s one action that Microsoft takes to support these practices?
Well, Microsoft provides Transparency Notes that share how their technology is built and asks users to consider its implications. It’s all about being transparent and promoting responsible use of AI. Kudos to Microsoft for their efforts!
Quiz 7: Okay, here’s a question about machine learning methods. You need to forecast the sea level in meters for the next ten years. What machine learning method should you employ for this task?
The answer is Regression. Regression is a fundamental concept in machine learning that focuses on predicting continuous numeric values. By analyzing patterns and dependencies, regression models can estimate or forecast numerical outcomes. So, for forecasting the sea level, regression is the way to go.
Quiz 8: Time for another question! You’re analyzing user reviews for a new product using the Text Analytics service. Your goal is to determine the general mood or opinion from these reviews. Which type of natural language processing should you use?
The answer is Sentiment Analysis. Sentiment Analysis is designed to determine the emotional tone behind a series of words. It helps you understand the attitudes, opinions, and emotions expressed in a text. So, it’s perfect for determining the general mood or opinion from those user reviews.
Quiz 9: We’re almost there! You’re developing a system to analyze images from a wildlife park and identify specific animal species. You want to leverage a custom model for this task. Which Azure Cognitive Services service should you use?
The answer is Custom Vision. Azure’s Custom Vision service allows you to build custom image classifiers. In this case, you would train it to recognize specific species of animals. So, Custom Vision is the service you’ll need to bring those animal identifications to life.
Quiz 10: Last but not least! Your organization plans to deploy facial recognition technology for security purposes. But, you want to make sure it doesn’t unintentionally exclude certain demographics. So, which Microsoft guiding principle for responsible AI does this relate to?
It relates to the principle of Inclusiveness. Inclusiveness in AI means developing systems that respect and include all users. In the context of facial recognition technology, it’s essential to identify any potential impediments that might unintentionally exclude particular demographics from using the technology. So, inclusiveness is key in this scenario. And there you have it! You managed to answer all the quiz questions correctly. Nice work! Remember, Azure AI has a wide range of services and principles to help you tackle different AI tasks responsibly and ethically. Keep exploring and learning, and you’ll become an AI expert in no time!
Here are my top 10 tips and key resources to help you ace the Microsoft Azure AI Fundamentals AI-900 exam.
Firstly, make sure you understand the exam objectives. Familiarize yourself with what will be tested by reviewing Microsoft’s detailed outline of the exam. Next, get some hands-on experience. While the AI-900 exam is more conceptual, using the Azure portal to experiment with AI services will solidify your understanding. Take advantage of Microsoft Learn. They offer a free learning path specifically tailored for the AI-900 exam. This includes interactive lessons and quizzes to help you prepare. Don’t forget to take practice exams. Mock tests are a great way to familiarize yourself with the exam pattern and assess your level of preparation. Engaging with the Azure AI community is also beneficial. Join forums and communities to participate in discussions and gain insights from real-world scenarios. Keep yourself updated with the latest advancements in AI and cloud technologies. The field evolves rapidly, so make sure you’re studying the most recent materials and are aware of any Azure AI updates. Take the time to review Microsoft’s official documentation. It’s a comprehensive resource that provides up-to-date information on each service related to Azure AI. Make sure you have a solid understanding of key AI concepts. Familiarize yourself with machine learning, natural language processing, computer vision, and conversational AI. Taking notes while studying is crucial, especially on topics that you find challenging. These notes will come in handy during revision. Lastly, don’t forget to relax before the exam. Avoid cramming the night before. Instead, review your notes, ensure you have a good grasp of the high-level concepts, and get a good night’s sleep. Now, let’s move on to the key resources that will aid your preparation for the AI-900 exam. Microsoft Learn’s AI-900 Learning Path is a great starting point. They offer free online training modules specifically tailored for the AI-900 exam. Microsoft’s official documentation is another valuable resource. They provide comprehensive documentation for Azure AI services, such as Azure Cognitive Services and Azure Machine Learning. To get a good approximation of the actual exam, try the Microsoft Azure AI Fundamentals AI-900 Official Practice Test. The Azure Portal is an excellent platform for getting hands-on experience with Azure services related to AI. If you prefer online courses, platforms like Udemy, Coursera, and Pluralsight offer dedicated courses for AI-900 exam preparation. Stay updated with the Azure AI Blog, where you’ll find articles on new features, best practices, and real-world use cases. GitHub repositories are another valuable resource. Many repositories provide samples, code snippets, and projects related to Azure AI, which can assist in hands-on practice. Joining study groups or engaging with peers who are studying for the same exam can be advantageous. You can share resources, discuss topics, and clarify doubts. There are also guidebooks available specifically tailored for the AI-900 exam. These can provide a comprehensive overview of the exam content. Lastly, check out YouTube. Many Azure experts and trainers post tutorial videos, webinars, and exam tips specifically focused on the AI-900 exam. Remember, consistent study, hands-on practice, and a clear understanding of the underlying principles behind each concept are key to acing the AI-900 exam. Good luck!
If you’re gearing up to take the Azure AI Fundamentals AI-900 exam, then the Azure AI Fundamentals AI-900 Exam Prep PRO by Djamgatech is a resource you won’t want to miss out on. This handy app is specifically designed to help you prepare for and pass the Azure AI-900 Fundamentals exam, and it’s conveniently available for download at both the Apple App Store and the Windows App Store. So, what exactly does the app have to offer? Well, let’s take a look at its impressive features. First and foremost, you’ll have access to a wide range of Azure AI-900 questions as well as detailed answers and references. This is a fantastic way to test your knowledge and ensure you’re fully prepared for each aspect of the exam. But that’s not all! The app also provides you with a selection of Machine Learning Basics questions and answers. These will give you a solid foundation in the fundamentals of machine learning, making it easier for you to tackle the exam questions with confidence. If you’re looking to take your understanding of machine learning to the next level, the app has you covered there as well. It offers Machine Learning Advanced questions and answers, which dive deeper into the subject matter and challenge you with more complex concepts. In addition to machine learning, the app also provides resources for NLP (Natural Language Processing) and Computer Vision. You’ll find a curated collection of questions and answers specifically tailored to these topics, helping you brush up on your knowledge and be better prepared for any exam questions related to NLP and Computer Vision. To keep track of your progress and stay motivated, the app includes a handy Scorecard feature. This allows you to see how well you’re doing and identify any areas that may need more attention. And to help you stay on track with your studying, there’s even a countdown timer that you can use to pace yourself effectively. For those who find cheat sheets helpful, the app offers Machine Learning Cheat Sheets. These concise and handy references provide quick reminders of key concepts and formulas, making them a valuable resource to have at your fingertips during the exam. And as if that wasn’t enough, the app also provides a collection of Machine Learning Interview Questions and Answers, which can come in handy when preparing for job interviews or discussing machine learning concepts with potential employers. Lastly, to ensure you stay up to date with the latest developments in the world of machine learning, the app includes a section dedicated to Machine Learning Latest News. This keeps you informed about new advancements, trends, and breakthroughs in the field. So, if you’re looking for a comprehensive and convenient study tool to help you prepare for the Azure AI Fundamentals AI-900 exam, look no further than the Azure AI Fundamentals AI-900 Exam Prep PRO by Djamgatech. With its array of features and resources, it’s the perfect companion to help you succeed in your exam endeavors.
In this episode we covered a range of topics including AI workloads, machine learning principles, computer vision, and Natural Language Processing in Azure; we explored Azure AI Fundamentals Practice Quizzes that cover predictive models, computer vision, responsible AI, and machine learning methods; we shared top tips for acing the Microsoft Azure AI Fundamentals AI-900 exam, highlighting the importance of understanding objectives, practicing, engaging with the community, and staying updated with key resources such as Microsoft Learn and online courses; and lastly, we introduced the Azure AI Fundamentals AI-900 Exam Prep PRO by Djamgatech, a preparation tool available on Apple and Windows App Stores to help you pass the AI-900 exam. Join us next time on AI Unraveled as we continue to demystify frequently asked questions on artificial intelligence and bring you the latest trends in AI, including ChatGPT advancements and the exciting collaboration between Google Brain and DeepMind. Stay informed, stay curious, and don’t forget to subscribe for more!
Dive deep into the key strategies and insights to master the Microsoft Azure Fundamentals exam (AZ900). Hear from successful candidates, discover invaluable tips, and explore the best resources to guarantee your success.
Welcome to the “Djamgatech Education” podcast – your ultimate educational hub where we dive deep into an ocean of knowledge, covering a wide range of topics from cutting-edge Artificial Intelligence to fundamental subjects like Mathematics, History, and Science. But that’s not all – our platform is tailored for learners of all ages and stages, from child education to continuing education across a multitude of subjects. So join us on this enlightening journey as we break down complex topics into digestible, engaging conversations. Stay curious, stay informed, and stay tuned with Djamgatech Education! In today’s episode, we’ll cover the Azure Fundamentals certification and its validation of basic knowledge of cloud services, architecture, security, network, and cost management, as well as how various individuals used different resources to pass the Azure Fundamentals AZ900 exam, and the top 10 tips to ace the exam in 2023 including using Microsoft Learn, taking practice exams, diversifying resources, staying updated, doing hands-on labs, focusing on core topics, joining study groups, managing time, reviewing Azure Architecture Center, and staying calm and trusting your preparation.
Ace the Microsoft Azure Fundamentals AZ-900 Certification Exam: Pass the Azure Fundamentals Exam with Ease: Master the AZ-900 Certification with this Comprehensive Exam Preparation Guide!
The Azure Fundamentals AZ900 Exam is a great way for technology professionals to showcase their foundational knowledge of cloud concepts and Microsoft Azure. This certification validates your understanding of cloud services and how they are provided with Azure. So, let’s dive into the different areas that this certification covers.
First off, you need to have a good grasp of Cloud Concepts, which make up about 25-30% of the exam. This includes understanding the benefits of cloud computing, the different types of cloud services, and the deployment models for cloud computing.
Next, Core Azure Services make up 15-20% of the exam. This section focuses on essential services such as compute, networking, and storage. You should be able to describe these services and understand their functionality within the Azure ecosystem.
Moving on, Core Solutions and Management Tools on Azure constitute 10-15% of the exam. Here, you need to familiarize yourself with the various tools and solutions available on Azure to manage and monitor your resources effectively.
General Security and Network Security Features account for 10-15% of the exam. This section examines your understanding of Azure’s security features and how to protect your resources from potential threats.
Identity, governance, privacy, and compliance features make up 15-20% of the exam. You should have a good understanding of Azure Active Directory, role-based access control, and data protection mechanisms to ensure privacy and compliance with regulations.
Azure cost management and Service Level Agreements (SLAs) constitute 10-15% of the exam. You need to be familiar with Azure’s cost management tools, budgeting, and monitoring features. Additionally, understanding SLAs and their importance in providing service guarantees is also crucial.
Candidates for this exam are technology professionals with expertise in areas such as infrastructure management, database management, or software development. It’s important to have hands-on experience with Azure services to better understand the concepts and apply them effectively.
In conclusion, the Azure Fundamentals AZ900 Exam validates your essential knowledge of cloud services and how Microsoft Azure works. By demonstrating your understanding of cloud concepts, core services, security features, governance, and cost management, you can showcase your proficiency in this fundamental aspect of modern technology. Good luck with your exam preparation!
Testimonial 1: Hey, guess what? I wanted to share some great news with you. I came across this testimonial from someone who just passed the AZ-900 exam last Friday. It wasn’t easy for them, I tell you. They faced some tough questions that they weren’t familiar with, and the exam was pretty comprehensive. But you know what? They still managed to clear it! Pretty impressive, right? They shared their preparation strategy with us. They used resources from Microsoft Learn, Scott Duffy’s Udemy course, and John Savill’s crash course on YouTube. It seems like they got a good mix of study materials to help them succeed.
Testimonial 2: So, there’s another testimonial that caught my attention. This person found the exam to be more challenging than they expected. But you know what they say, tough times don’t last, tough people do. They passed! They studied for six days straight, covering a lot of material. But they felt like only 20% of what they studied appeared on the exam. Isn’t that crazy? The questions on the exam were designed to be particularly challenging, blending familiar and unfamiliar content. It seems like the exam really tests your knowledge in a comprehensive way. They used various resources during their preparation, like Whizlabs, Tutorialsdojo, Udemy courses, and Microsoft’s free learning path. It’s great to see that they tried different sources to get a well-rounded understanding of the material.
Testimonial 3: Here’s another success story for you. This person recently passed the AZ-900, and they’re attributing their success to a variety of resources. They mentioned using the ‘green book’, which I assume is some sort of study guide. They also found Reza Salehi’s instructional videos on Safari Online to be helpful. And of course, they didn’t forget to mention a Pearson practice test. It’s always a good idea to take practice tests to get a feel for the real thing. I’m glad they found these resources valuable in their preparation.
Testimonial 4: Last but definitely not least, we have an individual who successfully passed the Microsoft AZ-900 Fundamentals Certification. They give a lot of credit to Adam Marczak’s insightful videos on YouTube. Apparently, Adam’s videos are clear, precise, and full of passion for Azure. Sounds like a great combination, right? No wonder they found it to be an invaluable resource. But they didn’t stop there. They also took the “Microsoft Azure AZ-900 Exam Ready Practice Tests 2023” course on Udemy. These practice tests really helped them gauge their understanding and refine their knowledge. The tests offered detailed breakdowns for each query, which I’m sure made a big difference in their preparation.
By combining Adam Marczak’s YouTube videos with the Udemy practice tests, they were able to get a comprehensive grasp of Azure fundamentals. This approach really boosted their confidence going into the exam. What’s even better is that they want to share their experience and resources with others. They emphasize the importance of meticulous preparation and highlight the wealth of exceptional resources available for prospective candidates. So if anyone has any questions about their experience or the tools they used, they’re more than happy to help. Isn’t that amazing? They just want to pay it forward and help others succeed.
Isn’t it inspiring to hear these success stories? It just goes to show that with the right resources and a lot of dedication, anyone can pass the AZ-900 exam. So if you’re getting ready to take the exam, make sure to check out these resources and prepare thoroughly. Good luck!
So you’re looking to ace the Microsoft Azure Fundamentals AZ900 certification exam in 2023? Well, you’ve come to the right place! I’ve got some great tips and tricks to help you prepare and increase your chances of success. Let’s dive right in!
First things first, start off by checking out the official Microsoft Learn’s learning path for AZ900. This is a fantastic resource that’s not only free but also frequently updated. It offers interactive modules that take a hands-on approach to help you grasp the fundamentals of Azure. It’s a great starting point for your preparation.
Now, taking practice exams is essential to gauge your readiness. Before you sit for the actual exam, make sure to try out several practice exams. Platforms like Whizlabs and Tutorialsdojo come highly recommended for their quality mock tests. These practice exams will not only help you get familiar with the exam format but also identify any areas where you may need to focus your studies.
While Microsoft Learn is a great resource, it’s always helpful to diversify your study materials. Consider utilizing courses from established instructors like Scott Duffy on Udemy or John Savill’s crash course on YouTube. Different perspectives can offer additional insights and help solidify your understanding of the Azure fundamentals.
Now, Azure services are constantly evolving, which means it’s crucial to stay updated with the latest information. Make sure you’re studying the most recent material and keep an eye on Azure’s official blog or updates page for any changes or announcements. Being aware of the latest updates will ensure you’re well-prepared for the exam.
Theory is essential, but don’t forget to get hands-on experience too! Make use of the Azure free tier or sandbox environments to practice and understand the core services. Hands-on labs are a great way to put your knowledge to the test and gain a deeper understanding of how Azure works in real-world scenarios.
While it’s important to have a broad understanding of all areas, make sure you focus heavily on the core topics that the exam emphasizes. These topics typically include Azure pricing, support plans, core services, and Azure’s global infrastructure. By dedicating more time and effort to these areas, you’ll be well-prepared for the exam.
Joining study groups can be extremely beneficial in your preparation. Platforms like Reddit, TechCommunity, and other online forums have dedicated groups for Azure certifications. Engaging in discussions, asking questions, and sharing resources with fellow learners can enhance your understanding and provide valuable insights.
Time management is key during the exam. The AZ900 exam is timed, so when you’re practicing, make sure you’re not only answering questions correctly but also doing so within a reasonable time frame. Practicing under timed conditions will help you manage your time effectively during the actual exam.
To gain a deeper understanding of Azure services and how they fit together in real-world scenarios, take the time to review the Azure Architecture Center. This resource provides best practices, architectural templates, and more. It’s a goldmine of information that will enhance your knowledge and help you succeed in the exam.
Last but not least, stay calm and trust your preparation. It’s common to come across a few unfamiliar questions in the exam, but don’t panic. Trust in the knowledge and skills you’ve built during your preparation. Use the process of elimination to narrow down your options and remember that you don’t need a perfect score to pass the exam. Stay confident and focused throughout the exam.
Preparing for the AZ900 exam is not just about passing a test. It’s about building a solid foundation in Azure. With the right resources and a strategic approach to studying, you’ll be well on your way to certification success! Best of luck on your journey to becoming an Azure expert!
In this episode, we explored Azure Fundamentals certification, heard success stories from those who passed the AZ900 exam, and discovered the top 10 tips to ace the exam in 2023. Thank you for joining us on the “Djamgatech Education” podcast, where we strive to ignite curiosity, foster lifelong learning, and keep you at the forefront of educational trends – so stay curious, stay informed, and stay tuned with Djamgatech Education!
250+ Azure Fundamentals Quizzes & Practice Exams: Experience rigorous tests that mirror the actual exam. Detailed Answers & References: Dive deep into concepts with expert insights. Illustrations & Flashcards: Enhance retention with visual cues and handy memory aids. Real Testimonials: Let the success stories of others boost your confidence. Exclusive Tips & Tricks: Benefit from Etienne’s vast experience to navigate the intricacies of the exam.
🛍️ Choose Your Preferred Format:
Available in both print and digital on platforms like Amazon, Google, Apple, Shopify, and Barnes & Noble.Harness the power of Etienne Noumen’s expertise and equip yourself with an unparalleled AZ-900 exam preparation tool. Secure your copy today and embark on a triumphant Azure journey! 🚀 Get it at amazon at https://amzn.to/3RbK12X
You can translate the content of this page by selecting a language in the select box.
AWS Azure Google Cloud Certifications Testimonials and Dumps
Do you want to become a Professional DevOps Engineer, a cloud Solutions Architect, a Cloud Engineer or a modern Developer or IT Professional, a versatile Product Manager, a hip Project Manager? Therefore Cloud skills and certifications can be just the thing you need to make the move into cloud or to level up and advance your career.
85% of hiring managers say cloud certifications make a candidate more attractive.
Build the skills that’ll drive your career into six figures.
In this blog, we are going to feed you with AWS Azure and GCP Cloud Certification testimonials and Frequently Asked Questions and Answers Dumps.
Went through the entire CloudAcademy course. Most of the info went out the other ear. Got a 67% on their final exam. Took the ExamPro free exam, got 69%.
Was going to take it last Saturday, but I bought TutorialDojo’s exams on Udemy. Did one Friday night, got a 50% and rescheduled it a week later to today Sunday.
Took 4 total TD exams. Got a 50%, 54%, 67%, and 64%. Even up until last night I hated the TD exams with a passion, I thought they were covering way too much stuff that didn’t even pop up in study guides I read. Their wording for some problems were also atrocious. But looking back, the bulk of my “studying” was going through their pretty well written explanations, and their links to the white papers allowed me to know what and where to read.
Not sure what score I got yet on the exam. As someone who always hated testing, I’m pretty proud of myself. I also had to take a dump really bad starting at around question 25. Thanks to TutorialsDojo Jon Bonso for completely destroying my confidence before the exam, forcing me to up my game. It’s better to walk in way over prepared than underprepared.
I would like to thank this community for recommendations about exam preparation. It was wayyyy easier than I expected (also way easier than TD practice exams scenario-based questions-a lot less wordy on real exam). I felt so unready before the exam that I rescheduled the exam twice. Quick tip: if you have limited time to prepare for this exam, I would recommend scheduling the exam beforehand so that you don’t procrastinate fully.
-Stephane’s course on Udemy (I have seen people saying to skip hands-on videos but I found them extremely helpful to understand most of the concepts-so try to not skip those hands-on)
-Tutorials Dojo practice exams (I did only 3.5 practice tests out of 5 and already got 8-10 EXACTLY worded questions on my real exam)
Previous Aws knowledge:
-Very little to no experience (deployed my group’s app to cloud via Elastic beanstalk in college-had 0 clue at the time about what I was doing-had clear guidelines)
Preparation duration: -2 weeks (honestly watched videos for 12 days and then went over summary and practice tests on the last two days)
I used Stephane Maarek on Udemy. Purchased his course and the 6 Practice Exams. Also got Neal Davis’ 500 practice questions on Udemy. I took Stephane’s class over 2 days, then spent the next 2 weeks going over the tests (3~4 per day) till I was constantly getting over 80% – passed my exam with a 882.
What an adventure, I’ve never really gieven though to getting a cert until one day it just dawned on me that it’s one of the few resources that are globally accepted. So you can approach any company and basically prove you know what’s up on AWS 😀
Passed with two weeks of prep (after work and weekends)
This was just a nice structured presentation that also gives you the powerpoint slides plus cheatsheets and a nice overview of what is said in each video lecture.
Udemy – AWS Certified Cloud Practitioner Practice Exams, created by Jon Bonso**, Tutorials Dojo**
These are some good prep exams, they ask the questions in a way that actually make you think about the related AWS Service. With only a few “Bullshit! That was asked in a confusing way” questions that popped up.
Pass AWS CCP. The score is beyond expected
I took CCP 2 days ago and got the pass notification right after submitting the answers. In about the next 3 hours I got an email from Credly for the badge. This morning I got an official email from AWS congratulating me on passing, the score is much higher than I expected. I took Stephane Maarek’s CCP course and his 6 demo exams, then Neal Davis’ 500 questions also. On all the demo exams, I took 1 fail and all passes with about 700-800. But in the real exam, I got 860. The questions in the real exam are kind of less verbose IMO, but I don’t truly agree with some people I see on this sub saying that they are easier. Just a little bit of sharing, now I’ll find something to continue ^^
Passed the exam! Spent 25 minutes answering all the questions. Another 10 to review. I might come back and update this post with my actual score.
Background
– A year of experience working with AWS (e.g., EC2, Elastic Beanstalk, Route 53, and Amplify).
– Cloud development on AWS is not my strong suit. I just Google everything, so my knowledge is very spotty. Less so now since I studied for this exam.
Study stats
– Spent three weeks studying for the exam.
– Studied an hour to two every day.
– Solved 800-1000 practice questions.
– Took 450 screenshots of practice questions and technology/service descriptions as reference notes to quickly swift through on my phone and computer for review. Screenshots were of questions that I either didn’t know, knew but was iffy on, or those I believed I’d easily forget.
– Made 15-20 pages of notes. Chill. Nothing crazy. This is on A4 paper. Free-form note taking. With big diagrams. Around 60-80 words per page.
– I was getting low-to-mid 70%s on Neal Davis’s and Stephane Maarek’s practice exams. Highest score I got was an 80%.
– I got a 67(?)% on one of Stephane Maarek’s exams. The only sub-70% I ever got on any practice test. I got slightly anxious. But given how much harder Maarek’s exams are compared to the actual exam, the anxiety was undue.
– Finishing the practice exams on time was never a problem for me. I would finish all of them comfortably within 35 minutes.
Resources used
– AWS Cloud Practitioner Essentials on the AWS Training and Certification Portal
– AWS Certified Cloud Practitioner Practice Tests (Book) by Neal Davis
– 6 Practice Exams | AWS Certified Cloud Practitioner CLF-C01 by Stephane Maarek*
– Certified Cloud Practitioner Course by Exam Pro (Paid Version)**
– One or two free practice exams found by a quick Google search
*Regarding Exam Pro: I went through about 40% of the video lectures. I went through all the videos in the first few sections but felt that watching the lectures was too slow and laborious even at 1.5-2x speed. (The creator, for the most part, reads off of the slides, adding brief comments here and there.) So, I decided to only watch the video lectures for sections I didn’t have a good grasp on. (I believe the video lectures provided in the course are just split versions of the full length course available for free on YouTube under the freeCodeCamp channel, here.) The online course provides five practice exams. I did not take any of them.
**Regarding Stephane Maarek: I only took his practice exams. I did not take his study guide course.
– My study regimen (i.e., an hour to two every day for three weeks) was overkill.
– The questions on the practice exams created by Neal Davis and Stephane Maarek were significantly harder than those on the actual exam. I believe I could’ve passed without touching any of these resources.
– I retook one or two practice exams out of the 10+ I’ve taken. I don’t think there’s a need to retake the exams as long as you are diligent about studying the questions and underlying concepts you got wrong. I reviewed all the questions I missed on every practice exam the day before.
What would I do differently?
– Focus on practice tests only. No video lectures.
– Focus on the technologies domain. You can intuit your way through questions in the other domains.
Lots of the comments here about networking / VPC questions being prevalent are true. Also so many damn Aurora questions, it was like a presales chat.
The questions are actually quite detailed; as some had already mentioned. So pay close attention to the minute details Some questions you definitely have to flag for re-review.
It is by far harder than the Developer Associate exam, despite it having a broader scope. The DVA-C02 exam was like doing a speedrun but this felt like finishing off Sigrun on GoW. Ya gotta take your time.
I took the TJ practice exams. It somewhat helped, but having intimate knowledge of VPC and DB concepts would help more.
Passed SAA-C03 – Feedback
Just passed the SAA-C03 exam (864) and wanted to provide some feedback since that was helpful for me when I was browsing here before the exam.
I come from an IT background and have a strong knowledge in the VPC portion so that section was a breeze for me in the preparation process (I had never used AWS before this so everything else was new, but the concepts were somewhat familiar considering my background). I started my preparation about a month ago, and used the Mareek class on Udemy. Once I finished the class and reviewed my notes I moved to Mareek’s 6 practice exams (on Udemy). I wasn’t doing extremely well on the PEs (I passed on 4/6 of the exams with 70s grades) I reviewed the exam questions after each exam and moved on to the next. I also purchased Tutorial Dojo’s 6 exams set but only ended up taking one out of 6 (which I passed).
Overall the practice exams ended up being a lot harder than the real exam which had mostly the regular/base topics: a LOT of S3 stuff and storage in general, a decent amount of migration questions, only a couple questions on VPCs and no ML/AI stuff.
Sharing the study guide that I followed when I prepared for the AWS Certified Solutions Architect Associate SAA-C03 exam. I passed this test and thought of sharing a real exam experience in taking this challenging test.
First off: my background – I have 8 years of development.experience and been doing AWS for several project, both personally and at work. Studied for a total of 2 months. Focused on the official Exam Guide, and carefully studied the Task Statements and related AWS services.
SAA-C03 Exam Prep
For my exam prep, I bought the adrian cantrill video course, tutorialsdojo (TD) video course and practice exams. Adrian’s course is just right and highly educational but like others has said, the content is long and cover more than just the exam. Did all of the hands-on labs too and played around some machine learning services in my AWS account.
TD video course is short and a good overall summary of the topics items you’ve just learned. One TD lesson covers multiple topics so the content is highly concise. After I completed doing Adrian’s video course, I used TD’s video course as a refresher, did a couple of their hands-on labs then head on to their practice exams.
For the TD practice exams, I took the exam in chronologically and didn’t jumped back and forth until I completed all tests. I first tried all of the 7 timed-mode tests, and review every wrong ones I got on every attempt., then the 6 review-mode tests and the section/topic-based tests. I took the final-test mode roughly 3 times and this is by far one of the helpful feature of the website IMO. The final-test mode generates a unique set from all TD question bank, so every attempt is challenging for me. I also noticed that the course progress doesn’t move if I failed a specific test, so I used to retake the test that I failed.
The Actual SAA-C03 Exam
The actual AWS exam is almost the same with the ones in the TD tests where:
All of the questions are scenario-based
There are two (or more) valid solutions in the question, e.g:
Need SSL: options are ACM and self-signed URL
Need to store DB credentials: options are SSM Parameter Store and Secrets Manager
The scenarios are long-winded and asks for:
MOST Operationally efficient solution
MOST cost-effective
LEAST amount overhead
Overall, I enjoyed the exam and felt fully prepared while taking the test, thanks to Adrian and TD, but it doesn’t mean the whole darn thing is easy. You really need to put some elbow grease and keep your head lights on when preparing for this exam. Good luck to all and I hope my study guide helped out anyone who is struggling.
Another Passed SAA-C03?
Just another thread about passing the general exam? I passed SAA-C03 yesterday, would like to share my experience on how I earned the examination.
Background:
– graduate with networking background
– working experience on on-premise infrastructure automation, mainly using ansible, python, zabbix and etc.
– cloud experience, short period like 3-6 months with practice
– provisioned cloud application using terraform in azure and aws
cantrill course is depth and lot of practical knowledge, like email alias and etc.. check in to know more
tutorialdojo practice exam help me filter the answer and guide me on correct answer. If I am wrong in specific topic, I rewatch cantrill video. However, there is some topics that not covered by cantrill but the guideline/review in practice exam will provide pretty much detail. I did all the other mode before the timed-based, after that get average 850 in timed-based exam, while scoring the final practice exam with 63/65. However, real examination is harder compared to practice exam in my opinion.
udemy course and practice exam, I go through some of them but I think the practice exam is quite hard compared to tutorialdojo.
lab – just get hand dirty and they will make your knowledge deep dive in your brain, my advice is try not only to do copy and paste lab but really read the description for each parameter in aws portal
Advice:
you need to know some general exam topics like how to:
– s3 private access
– ec2 availability
– kinesis product including firehose, data stream, blabla
– iam
My next target will be AWS SAP and CKA, still searching suitable material for AWS SAP but proposed mainly using acloudguru sandbox and homelab to learn the subject, practice with acantrill lab in github.
Good luck anyone!
Passed SAA
I wanted to give my personal experience. I have a background in IT, but I have never worked in AWS previous to 5 weeks ago. I got my Cloud Practitioner in a week and SAA after another 4 weeks of studying (2-4 hours a day). I used Cantril’s Course and Tutorials Dojo Practice Exams. I highly, highly recommend this combo. I don’t think I would have passed without the practice exams, as they are quite difficult. In my opinion, they are much more difficult than the actual exam. They really hit the mark on what kind of content you will see. I got a 777, and that’s with getting 70-80%’s on the practice exams. I probably could have done better, but I had a really rough night of sleep and I came down with a cold. I was really on the struggle bus halfway through the test.
I only had a couple of questions on ML / AI, so make sure you know the differences between them all. Lot’s of S3 and EC2. You really need to know these in and out.
My company is offering stipend’s for each certification, so I’m going straight to developer next.
Recently passed SAA-C03
Just passed my SAA-C03 yesterday with 961 points. My first time doing AWS certification. I used Cantrill’s course. Went through the course materials twice, and took around 6 months to study, but that’s mostly due to my busy schedule. I found his materials very detailed and probably go beyond what you’d need for the actual exam.
I also used Stephane’s practice exams on Udemy. I’d say it’s instrumental in my passing doing these to get used to the type of questions in the actual exams and review missing knowledge. Would not have passed otherwise.
Just a heads-up, there are a few things popped up that I did not see in the course materials or practice exams:
* Lake Formation: question about pooling data from RDS and S3, as well as controlling access.
* S3 Requester Pays: question about minimizing S3 data cost when sharing with a partner.
* Pinpoint journey: question about customer replying to SMS sent-out and then storing their feedback.
Not sure if they are graded or Amazon testing out new parts.
Cheers.
Another SAP-C01-Pass
Received my notification this morning that I passed 811.
Prep Time: 10 weeks 2hrs a day
Materials: Neil Davis videos/practice exam Jon Bonso practice exams White papers Misc YouTube videos Some hands on
Prof Experience: 4 years AWS using main services as architect
AWS Certs: CCP-SSA-DVA-SAP(now)
Thoughts: Exam was way more familiar to me than the Developer Exam. I use very little AWS developer tools but mainly use core AWS services. Neil’s videos were very straightforward, easy to digest, and on point. I was able to watch most of the videos on a plane flight to Vegas.
After video series I started to hit his section based exams, main exam, notes, and followed up with some hands on. I was getting destroyed on some of the exams early on and had to rewatch and research the topics, writing notes. There is a lot of nuance and fine details on the topics, you’ll see this when you take the practice exam. These little details matter.
Bonso’s exam were nothing less than awesome as per usual. Same difficulty and quality as Neil Davis. Followed the same routine with section based followed by final exam. I believe Neil said to aim for 80’s on his final exams to sit for the exam. I’d agree because that’s where I was hitting a week before the exam (mid 80’s). Both Neil and Jon exams were on par with exam difficulty if not a shade more difficult.
The exam itself was very straightforward. My experience is the questions were not overly verbose and were straight to the point as compared to the practice exams I took. I was able to quickly narrow down the questions and make a selection. Flagged 8 questions along the way and had 30min to review all my answers. Unlike some people, I didn’t feel like it was a brain melter and actually enjoyed the challenge. Maybe I’m a sadist who knows.
Advice: Follow Neil’s plan, bone up on weak areas and be confident. These questions have a pattern based upon the domain. Doing the practice exams enough will allow you to see the pattern and then research will confirm your suspicions. You can pass this exam!
Passed the certified developer associate this week.
Primary study was Stephane Maarek’s course on Udemy.
I also used the Practice Exams by Stephane Maarek and Abhishek Singh.
I used Stephane’s course and practice exams for the Solutions Architect Associate as well, and find his course does a good job preparing you to pass the exams.
The practice exams were more challenging than the actual exam, so they are a good gauge to see if you are ready for the exam.
Haven’t decided if I’ll do another associate level certification next or try for the solutions architect professional.
I cleared Developer associate exam yesterday. I scored 873. Actual Exam Exp: More questions were focused on mainly on Lambda, API, Dynamodb, cloudfront, cognito(must know proper difference between user pool and identity pool) 3 questions I found were just for redis vs memecached (so maybe you can focus more here also to know exact use case& difference.) other topic were cloudformation, beanstalk, sts, ec2. Exam was mix of too easy and too tough for me. some questions were one liner and somewhere too long.
Resources: The main resources I used was udemy. Course of Stéphane Maarek and practice exams of Neal Davis and Stéphane Maarek. These exams proved really good and they even helped me in focusing the area which I lacked. And they are up to the level to actual exam, I found 3-4 exact same questions in actual exam(This might be just luck ! ). so I feel, the course of stephane is more than sufficient and you can trust it. I have achieved solution architect associate previously so I knew basic things, so I took around 2 weeks for preparation and revised the Stephen’s course as much as possible. Parallelly I gave the mentioned exams as well, which guided me where to focus more.
Thanks to all of you and feel free to comment/DM me, if you think I can help you in anyway for achieving the same.
Another Passed Associate Developer Exam (DVA-C01)
Already had passed the Associate Architect Exam (SA-C03) 3 months ago, so I got much more relaxed to the exam, I did the exam with Pearson Vue at home with no problems. Used Adrian Cantrill for the course together with the TD exams.
Studied 2 weeks a 1-2 hours since there is a big overlap with the associate architect couse, even tho the exam has a different approach, more focused on the Serverless side of AWS. Lots of DynamoDB, Lambda, API Gateway, KMS, CloudFormation, SAM, SSO, Cognito (User Pool and Identity Pool), and IAM role/credentials best practices.
I do think in terms of difficulty it was a bit easier than the Associate Architect, maybe it is made up on my mind as it was my second exam so I went in a bit more relaxed.
Next step is going for the Associate Sys-Ops, I will use Adrian Cantrill and Stephane Mareek courses as it is been said that its the most difficult associate exam.
Passed the SCS-C01 Security Specialty
Passed the SCS-C01 Security Specialty
Mixture of Tutorial Dojo practice exams, A Cloud Guru course, Neal Davis course & exams helped a lot. Some unexpected questions caught me off guard but with educated guessing, due to the material I studied I was able to overcome them. It’s important to understand:
KMS Keys
AWS Owned Keys
AWS Managed KMS keys
Customer Managed Keys
asymmetrical
symmetrical
Imported key material
What services can use AWS Managed Keys
KMS Rotation Policies
Depending on the key matters the rotation that can be applied (if possible)
Key Policies
Grants (temporary access)
Cross-account grants
Permanent Policys
How permissions are distributed depending on the assigned principle
IAM Policy format
Principles (supported principles)
Conditions
Actions
Allow to a service (ARN or public AWS URL)
Roles
Secrets Management
Credential Rotation
Secure String types
Parameter Store
AWS Secrets Manager
Route 53
DNSSEC
DNS Logging
Network
AWS Network Firewall
AWS WAF (some questions try to trick you into thinking AWS Shield is needed instead)
AWS Shield
Security Groups (Stateful)
NACL (Stateless)
Ephemeral Ports
VPC FlowLogs
AWS Config
Rules
Remediation (custom or AWS managed)
AWS CloudTrail
AWS Organization Trails
Multi-Region Trails
Centralized S3 Bucket for multi-account log aggregation
AWS GuardDuty vs AWS Macie vs AWS Inspector vs AWS Detective vs AWS Security Hub
It gets more in depth, I’m willing to help anyone out that has questions. If you don’t mind joining my Discord to discuss amongst others to help each other out will be great. A study group community. Thanks. I had to repost because of a typo 🙁
Exam guide book by Kam Agahian and group of authors – this just got released and has all you need in a concise manual, it also included 3 practice exams, this is a must buy for future reference and covers ALL current exam topics including container networking, SD-WAN etc.
Stephane Maarek’s Udemy course – it is mostly up-to-date with the main exam topics including TGW, network firewall etc. To the point lectures with lots of hands-on demos which gives you just what you need, highly recommended as well!
Tutorial Dojos practice tests to drive it home – this helped me get an idea of the question wording, so I could train myself to read fast, pick out key words, compare similar answers and build confidence in my knowledge.
Crammed daily for 4 weeks (after work, I have a full time job + family) and went in and nailed it. I do have networking background (15+ years) and I am currently working as a cloud security engineer and I’m working with AWS daily, especially EKS, TGW, GWLB etc.
For those not from a networking background – it would definitely take longer to prep.
What an exciting journey. I think AZ-900 is the hardest probably because it is my first Microsoft certification. Afterwards, the others are fair enough. AI-900 is the easiest.
I generally used Microsoft Virtual Training Day, Cloud Ready Skills, Measureup and John Savill’s videos. Having built a fundamental knowledge of the Cloud, I am planning to do AWS CCP next. Wish me luck!
Passed Azure Fundamentals
Learning Material
Hi all,
I passed my Azure fundamentals exam a couple of days ago, with a score of 900/1000. Been meaning to take the exam for a few months but I kept putting it off for various reasons. The exam was a lot easier than I thought and easier than the official Microsoft practice exams.
Study materials;
A Cloud Guru AZ-900 fundamentals course with practice exams
I am pretty proud of this one. Databases are an area of IT where I haven’t spent a lot of time, and what time I have spent has been with SQL or MySQL with old school relational databases. NoSQL was kinda breaking my brain for a while.
Study Materials:
Microsoft Virtual Training Day, got the voucher for the free exam. I know several people on here said that was enough for them to pass the test, but that most certainly was not enough for me.
Exampro.co DP-900 course and practice test. They include virtual flashcards which I really liked.
Whizlabs.com practice tests. I also used the course to fill in gaps in my testing.
Passed AI-900! Tips & Resources Included!!
Azure AI Fundamentals AI-900 Exam Prep
Achievement Celebration
Huge thanks to this subreddit for helping me kick start my Azure journey. I have over 2 decades of experience in IT and this is my 3rd Azure certification as I already have AZ-900 and DP-900.
Here’s the order in which I passed my AWS and Azure certifications:
SAA>DVA>SOA>DOP>SAP>CLF|AZ-900>DP-900>AI-900
I have no plans to take this certification now but had to as the free voucher is expiring in a couple of days. So I started preparing on Friday and took the exam on Sunday. But give it more time if you can.
Here’s my study plan for AZ-900 and DP-900 exams:
finish a popular video course aimed at the cert
watch John Savill’s study/exam cram
take multiple practice exams scoring in 90s
This is what I used for AI-900:
Alan Rodrigues’ video course (includes 2 practice exams) 👌
John Savill’s study cram 💪
practice exams by Scott Duffy and in 28Minutes Official 👍
knowledge checks in AI modules from MS learn docs 🙌
I also found the below notes to be extremely useful as a refresher. It can be played multiple times throughout your preparation as the exam cram part is just around 20 minutes.
Just be clear on the topics explained by the above video and you’ll pass AI-900. I advise you to watch this video at the start, middle and end of your preparation. All the best in your exam
Just passed AZ-104
Achievement Celebration
I recommend to study networking as almost all of the questions are related to this topic. Also, AAD is a big one. Lots of load balancers, VNET, NSGs.
Received very little of this:
Containers
Storage
Monitoring
I passed with a 710 but a pass is a pass haha.
Used tutorial dojos but the closest questions I found where in the Udemy testing exams.
Regards,
Passed GCP Professional Cloud Architect
Google Professional Cloud Architect Practice Exam 2022
First of all, I would like to start with the fact that I already have around 1 year of experience with GCP in depth, where I was working on GKE, IAM, storage and so on. I also obtained GCP Associate Cloud Engineer certification back in June as well, which helps with the preparation.
I started with Dan Sullivan’s Udemy course for Professional Cloud Architect and did some refresher on the topics I was not familiar with such as BigTable, BigQuery, DataFlow and all that. His videos on the case studies helps a lot to understand what each case study scenario requires for designing the best cost-effective architecture.
In order to understand the services in depth, I also went through the GCP documentation for each service at least once. It’s quite useful for knowing the syntax of the GCP commands and some miscellaneous information.
As for practice exam, I definitely recommend Whizlabs. It helped me prepare for the areas I was weak at and helped me grasp the topics a lot faster than reading through the documentation. It will also help you understand what kind of questions will appear for the exam.
I used TutorialsDojo (Jon Bonso) for preparation for Associate Cloud Engineer before and I can attest that Whizlabs is not that good. However, Whizlabs still helps a lot in tackling the tough questions that you will come across during the examination.
One thing to note is that, there wasn’t even a single question that was similar to the ones from Whizlabs practice tests. I am saying this from the perspective of the content of the questions. I got totally different scenarios for both case study and non case study questions. Many questions focused on App Engine, Data analytics and networking. There were some Kubernetes questions based on Anthos, and cluster networking. I got a tough question regarding storage as well.
I initially thought I would fail, but I pushed on and started tackling the multiple-choices based on process of elimination using the keywords in the questions. 50 questions in 2 hours is a tough one, especially due to the lengthy questions and multiple choices. I do not know how this compares to AWS Solutions Architect Professional exam in toughness. But some people do say GCP professional is tougher than AWS.
All in all, I still recommend this certification to people who are working with GCP. It’s a tough one to crack and could be useful for future prospects. It’s a bummer that it’s only valid for 2 years.
Passed GCP: Cloud Digital Leader
Hi everyone,
First, thanks for all the posts people share. It helps me prep for my own exam. I passed the GCP: Cloud Digital Leader exam today and wanted to share a few things about my experience.
Preparation
I have access to ACloudGuru (AGU)and Udemy through work. I started one of the Udemy courses first, but it was clear the course was going beyond the scope of the Cloud Digital Leader certification. I switched over AGU and enjoyed the content a lot more. The videos were short and the instructor hit all the topics on the Google exam requirements sheet.
AGU also has three – 50 question practices test. The practice tests are harder than the actual exam (and the practice tests aren’t that hard).
I don’t know if someone could pass the test if they just watched the videos on Google Cloud’s certification site, especially if you had no experience with GCP.
Overall, I would say I spent 20 hrs preparing for the exam. I have my CISSP and I’m working on my CCSP. After taking the test, I realized I way over prepared.
Exam Center
It was my first time at this testing center and I wasn’t happy with the experience. A few of the issues I had are:
– My personal items (phone, keys) were placed in an unlocked filing cabinet
– My desk are was dirty. There were eraser shreds (or something similar) and I had to move the keyboard and mouse and brush all the debris out of my work space
– The laminated sheet they gave me looked like someone had spilled Kool-Aid on it
– They only offered earplugs, instead of noise cancelling headphones
Exam
My recommendation for the exam is to know the Digital Transformation piece as well as you know all the GCP services and what they do.
I wish you all luck on your future exams. Onto GCP: Associate Cloud Engineer.
Passed the Google Cloud: Associate Cloud Engineer
Hey all, I was able to pass the Google Cloud: Associate Cloud Engineer exam in 27 days.
I studied about 3-5 hours every single day.
I created this note to share with the resources I used to pass the exam.
Happy studying!
GCP ACE Exam Aced
Hi folks,
I am glad to share with you that I have cleared by GCP ACE exam today and would like to share my preparation with you:
1)I completed these courses from Coursera:
1.1 Google Cloud Platform Fundamentals – Core Infrastructure
1.2 Essential Cloud Infrastructure: Foundation
1.3 Essential Cloud Infrastructure: Core Services
1.4 Elastic Google Cloud Infrastructure: Scaling and Automation
Post these courses, I did couple of QwikLab courses as listed in orderly manner:
2 Getting Started: Create and Manage Cloud Resources (Qwiklabs Quest)
2.1 A Tour of Qwiklabs and Google Cloud
2.2 Creating a Virtual Machine
2.2 Compute Engine: Qwik Start – Windows
2.3 Getting Started with Cloud Shell and gcloud
2.4 Kubernetes Engine: Qwik Start
2.5 Set Up Network and HTTP Load Balancers
2.6 Create and Manage Cloud Resources: Challenge Lab
3 Set up and Configure a Cloud Environment in Google Cloud (Qwiklabs Quest)
3.1 Cloud IAM: Qwik Start
3.2 Introduction to SQL for BigQuery and Cloud SQL
3.3 Multiple VPC Networks
3.4 Cloud Monitoring: Qwik Start
3.5 Deployment Manager – Full Production [ACE]
3.6 Managing Deployments Using Kubernetes Engine
3.7 Set Up and Configure a Cloud Environment in Google Cloud: Challenge Lab
4 Kubernetes in Google Cloud (Qwiklabs Quest)
4.1 Introduction to Docker
4.2 Kubernetes Engine: Qwik Start
4.3 Orchestrating the Cloud with Kubernetes
4.4 Managing Deployments Using Kubernetes Engine
4.5 Continuous Delivery with Jenkins in Kubernetes Engine
Post these courses I did the following for mock exam preparation:
Cloud computing has revolutionized the way companies develop applications. Most of the modern applications are now cloud native. Undoubtedly, the cloud offers immense benefits like reduced infrastructure maintenance, increased availability, cost reduction, and many others.
However, which cloud vendor to choose, is a challenge in itself. If we look at the horizon of cloud computing, the three main providers that come to mind are AWS, Azure, and Google cloud. Today, we will compare the top three cloud giants and see how they differ. We will compare their services, specialty, and pros and cons. After reading this article, you will be able to decide which cloud vendor is best suited to your needs and why.
History and establishment
AWS
AWS is the oldest player in the market, operating since 2006. Here’s a brief history of AWS and how computing has changed. Being the first in the cloud industry, it has gained a particular advantage over its competitors. It offers more than 200+ services to its users. Some of its notable clients include:
Netflix
Expedia
Airbnb
Coursera
FDA
Coca Cola
Azure
Azure by Microsoft started in 2010. Although it started four years later than AWS, it is catching up quite fast. Azure is Microsoft’s public cloud platform which is why many companies prefer to use Azure for their Microsoft-based applications. It also offers more than 200 services and products. Some of its prominent clients include:
HP
Asus
Mitsubishi
3M
Starbucks
CDC (Center of Disease Control) USA
National health service (NHS) UK
Google
Google Cloud also started in 2010. Its arsenal of cloud services is relatively smaller compared to AWS or Azure. It offers around 100+ services. However, its services are robust, and many companies embrace Google cloud for its specialty services. Some of its noteworthy clients include:
PayPal
UPS
Toyota
Twitter
Spotify
Unilever
Market share & growth rate
If you look at the market share and growth chart below, you will notice that AWS has been leading for more than four years. Azure is also expanding fast, but it is still has a long way to go to catch up with AWS.
However, in terms of revenue, Azure is ahead of AWS. In Q1 2022, AWS revenue was $18.44 billion; Azure earned $23.4 billion, while Google cloud earned $5.8 billion.
Availability Zones (Data Centers)
When comparing cloud vendors, it is essential to see how many regions and availability zones are offered. Here is a quick comparison between all three cloud vendors in terms of regions and data centers:
AWS
AWS operates in 25 regions and 81 availability zones. It offers 218+ edge locations and 12 regional edge caches as well. You can utilize the edge location and edge caches in services like AWS Cloudfront and global accelerator, etc.
Azure
Azure has 66 regions worldwide and a minimum of three availability zones in each region. It also offers more than 116 edge locations.
Google
Google has a presence in 27 regions and 82 availability zones. It also offers 146 edge locations.
Although all three cloud giants are continuously expanding. Both AWS and Azure offer data centers in China to specifically cater for Chinese consumers. At the same time, Azure seems to have broader coverage than its competitors.
Comparison of common cloud services
Let’s look at the standard cloud services offered by these vendors.
Compute
Amazon’s primary compute offering is EC2 instances, which are very easy to operate. Amazon also provides a low-cost option called “Amazon lightsail” which is a perfect fit for those who are new to computing and have a limited budget. AWS charges for EC2 instances only when you are using them. Azure’s compute offering is also based on virtual machines. Google is no different and offers virtual machines in Google’s data centers. Here’s a brief comparison of compute offerings of all three vendors:
Storage
All three vendors offer various forms of storage, including object-based storage, cold storage, file-based storage, and block-based storage. Here’s a brief comparison of all three:
Database
All three vendors support managed services for databases. They also offer NoSQL as well as document-based databases. AWS also provides a proprietary RDBMS named “Aurora”, a highly scalable and fast database offering for both MySQL and PostGreSQL. Here’s a brief comparison of all three vendors:
Comparison of Specialized services
All three major cloud providers are competing with each other in the latest technologies. Some notable areas of competition include ML/AI, robotics, DevOps, IoT, VR/Gaming, etc. Here are some of the key specialties of all three vendors.
AWS
Being the first and only one in the cloud market has many benefits, and Amazon has certainly taken advantage of that. Amazon has advanced specifically in AI and machine learning related tools. AWS DeepLens is an AI-powered camera that you can use to develop and deploy machine learning algorithms. It helps you with OCR and image recognition. Similarly, Amazon has launched an open source library called “Gluon” which helps with deep learning and neural networks. You can use this library to learn how neural networks work, even if you lack any technical background. Another service that Amazon offers is SageMaker. You can use SageMaker to train and deploy your machine learning models. It contains the Lex conversational interface, which is the backbone of Alexa, Lambda, and Greengrass IoT messaging services.
Another unique (and recent) offering from AWS is IoT twinmaker. This service can create digital twins of real-world systems like factories, buildings, production lines, etc.
AWS is even providing a service for Quantum computing called AWS Braket.
Azure
Azure excels where you are already using some Microsoft products, especially on-premises Microsoft products. Organizations already using Microsoft products prefer to use Azure instead of other cloud vendors because Azure offers a better and more robust integration with Microsoft products.
Azure has excellent services related to ML/AI and cognitive services. Some notable services include Bing web search API, Face API, Computer vision API, text analytics API, etc.
Google
Google is the current leader of all cloud providers regarding AI. This is because of their open-source Google library TensorFlow, the most popular library for developing machine learning applications. Vertex AI and BigQueryOmni are also beneficial services offered lately. Similarly, Google offers rich services for NLP, translation, speech, etc.
Pros and Cons
Let’s summarize the pros and cons for all three cloud vendors:
AWS
Pros:
An extensive list of services
Huge market share
Support for large businesses
Global reach
Cons:
Pricing model. Many companies struggle to understand the cost structure. Although AWS has improved the UX of its cost-related reporting in the AWS console, many companies still hesitate to use AWS because of a perceived lack of cost transparency
Azure
Pros:
Excellent integration with Microsoft tools and software
Broader feature set
Support for open source
Cons:
Geared towards enterprise customers
Google
Pros:
Strong integration with open source tools
Flexible contracts
Good DevOps services
The most cost-efficient
The preferred choice for startups
Good ML/AI-based services
Cons:
A limited number of services as compared to AWS and Azure
As mentioned earlier, AWS has the largest market share compared to other cloud vendors. That means more companies are using AWS, and there are more vacancies in the market for AWS-certified professionals. Here are main reasons why you would choose to learn AWS:
Azure is the second largest cloud service provider. It is ideal for companies that are already using Microsoft products. Here are the top reasons why you would choose to learn Azure:
Ideal for experienced user of Microsoft services
Azure certifications rank among the top paying IT certifications
If you’re applying for a company that primarily uses Microsoft Services
Google
Although Google is considered an underdog in the cloud market, it is slowly catching up. Here’s why you may choose to learn GCP.
While there are fewer job postings, there is also less competition in the market
GCP certifications rank among the top paying IT certifications
Most valuable IT Certifications
Keen to learn about the top paying cloud certifications and jobs? If you look at the annual salary figures below, you can see the average salary for different cloud vendors and IT companies, no wonder AWS is on top. A GCP cloud architect is also one of the top five. The Azure architect comes at #9.
Which cloud certification to choose depends mainly on your career goals and what type of organization you want to work for. No cloud certification path is better than the other. What matters most is getting started and making progress towards your career goals. Even if you decide at a later point in time to switch to a different cloud provider, you’ll still benefit from what you previously learned.
Over time, you may decide to get certified in all three – so you can provide solutions that vary from one cloud service provider to the next.
Don’t get stuck in analysis-paralysis! If in doubt, simply get started with AWS certifications that are the most sought-after in the market – especially if you are at the very beginning of your cloud journey. The good news is that you can become an AWS expert when enrolling in our value-packed training.
Further Reading
You may also be interested in the following articles:
I know a lot of people like to put their entire resume on their LinkedIn "Headline" John Smith - CISSP, MCSE, CCNA, VCP-DCV, RHCE, Linux+, Security+, Net+, Server+, Storage+, A+. Now that MCSE and MCSA, and even MCP are no longer a thing. What are the abbreviations for some of these newer "role based" certifications. Like "Azure Certified Administrator" or "Microsoft 365 Certified: Administrator Expert" etc? submitted by /u/zrad603 [link] [comments]
After three tries finally passed The ms learn assist window I utilized a decent amount. It felt like some of the questions were harder then my previous exams but referencing learn helped. 720-score submitted by /u/Bhra1s [link] [comments]
I passed my AZ-900 a couple of weeks ago. For reference I’m going into year 2 of my first job. I work with on cloud migrations and integrations. What would people recommend as a good next step certification? submitted by /u/Jzuru [link] [comments]
Got 900/1000 marks. For those who are planning to take exam, go through MS learn and practice tests(3, 4 times). Check answer each time while you are answering, they will give explanation. NLP questions were little tricky, I lost 100 marks there. If we want to score well in that section, see NLP section of AI 900 cloud challenge. Do one or two labs from there, it's sandbox you don't even need subscription. submitted by /u/AlertPreparation3164 [link] [comments]
Took the az 104 online today. It was the last possible date with the voucher, so I had no other choice even though I did not feel prepared at all. I prepared using MS Learn, John Saville, Tutorial Dojo and the MS Documentation. Tutorial Dojo is really helpful for understanding why something is right or wrong, but you quickly fall into the trap of memorizing the answers. I did not do any labs, which worked fine for me, but might not for others, so take this with a grain of salt. I passed with a score of 880. I had one case study with 6 questions and 51 questions in total. I would advice on studying ARM templates (be able to read them), how to navigate MS Learn without the search bar, and how Networking (VNets, NSG...) work. I found that going through MS Learn to correct questions I am not sure about was really helpful submitted by /u/m0rdr3d20 [link] [comments]
Good day, I was planning to take the 204 exam. I was studying but they are very specific configuration questions. I don't see how to pass the exam. Is the 104 exam just as very specific code questions? Or is it more similar to the AZ 900? submitted by /u/hectorin09 [link] [comments]
Just passed DP-420 on Monday (841). Went in totally feeling like I was going to fail; my least studied exam. Crammed the day before exam a couple months after completing the Learn Modules for a Cloud Skills Challenge. Used WhizLabs practice exams, which I have had good luck with in the past; however, nearly all the images in the answer explanations were way unrelated (for example, images of Windows regional date/time settings for answers about things like failover priorities, or images of PowerShell directory commands for things like consistency levels). Little disappointed in that. Happy I passed. Now off my detour and back to getting ready for AZ-400! submitted by /u/ouchmythumbs [link] [comments]
Got 727 marks took about a month of learning entirely from youtube and MS Learn. I dedicated one hour every day to prepare for the exam. Final paper is nothing like what a trial paper is on ms learn its completely opposite and way harder. In exam had 46 questions and 1 case study with 6 questions Ms learn is available and will consume time so not rely on it. Got single single question related to azure bastion , az copy , completing the cmdlet , immutable storage , web application endpoint , how many recovery points , load balancer sku , which resources can be moved to another resource group , arm templates with questions regarding about role user have , security groups. For a case study everything related to question is in current environment tab focus only on that plus Make sure you have a good knowledge of user roles , permissions and to what a certain user have access. submitted by /u/ammadmaf [link] [comments]
This was a tough one for me.Lots & lots of DLP & Defender which is by far my weakest area on my failed beta attempt. Was not far out last time, so used the free beta voucher because of the delay. Passed with 760. Think I was let down with my score by the case study being first. Passed AZ-305 on Friday. So a good week. submitted by /u/Eggtastico [link] [comments]
Hi everyone, I am really happy to be in this situation today and I wanted to say thanks to many helpful post in here 🙂 Was my first attempt and my first ms certification exam ever, I studied mostly the theory and I only played around with some VM/Functions/storage in the free tier. In fact I developed many solutions doing freelance and in my work in AWS but never used Azure "professionally". This is a post to encourage all of you, I think AZ-204 is really matter of luck in the questions and must of all a quickly understanding of the questions reading the keywords. Don't use Ms Learning in-exam is a waste of time, think pragmatically for niche questions. Best of the lucks to everyone with Az-204, is a bit tedious but you can do it! submitted by /u/Laingard [link] [comments]
745/1000 really really hard exam. way harder than I thought it would be tbh. I think half my questions were ARM templates. MS learn barely helps do not rely on it. resources: MS learn and tutorial dojos. I purchased whizlabs but it was pretty useless tbh. submitted by /u/dressedak [link] [comments]
I finally did it I passed the AZ-104 with a 727. Not a super solid score but a PASS is a PASS am super excited at this point. Over the moon in fact! submitted by /u/Limeman36 [link] [comments]
I know that Microsoft offers free vouchers in different ways. I missed the challenge that gave free voucher, is there any other challenge going on currently, or is there any other way to get a free Associate level voucher? Thanks. I am a student if that makes a difference. submitted by /u/PitifulCow1 [link] [comments]
Capgemini is partnering with Amazon Web Services (AWS) to address the digital divide through education and employability programs, emphasizing the importance of digital inclusion as part of its sustainabilitypledge. In this blog, Anurag Kumar Pratap, Capgemini's Vice President & CSR Leader in India, discusses Capgemini's collaboration with AWS re/Start program to train 1,800 learners in India for cloud-related careers by 2024.
Top-paying Cloud certifications:
Google Certified Professional Cloud Architect — $175,761/year AWS Certified Solutions Architect – Associate — $149,446/year Azure/Microsoft Cloud Solution Architect – $141,748/yr Google Cloud Associate Engineer – $145,769/yr AWS Certified Cloud Practitioner — $131,465/year Microsoft Certified: Azure Fundamentals — $126,653/year Microsoft Certified: Azure Administrator Associate — $125,993/year A Twitter List by enoumen A Twitter List by enoumen
You can translate the content of this page by selecting a language in the select box.
Azure Solutions Architect Expert Certification Questions And Answers Dumps
This exam measures your ability to accomplish the following technical tasks: design identity, governance, and monitoring solutions; design data storage solutions; design business continuity solutions; and design infrastructure solutions.
This blog covers the Designing Microsoft Azure Infrastructure Solutions.
Azure Solutions Architect Expert Certification Questions And Answers Dumps
A candidate for this certification should have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platforms, and governance. A professional in this role should manage how decisions in each area affect an overall solution. In addition, they should have experience in Azure administration, Azure development, and DevOps processes.
Skills measured
Design identity, governance, and monitoring solutions (25-30%)
Design data storage solutions (25-30%)
Design business continuity solutions (10-15%)
Design infrastructure solutions (25-30%)
Below are the top 50 Questions and Answers for AZ303, AZ304 and AZ305 Certification Exam:
What is one reason to regularly review Azure role assignments?
A. ensure naming conventions are properly applied.
B. To reduce the risk associated with stale role assignments.
C. To eliminate extra distribution groups that are no longer used.
Answer: B: You should regularly review access of privileged Azure resource roles to reduce the risk associated with stale role assignment
What is an access package?
A. An access package is a group of users with the access they need to work on a project or perform a task.
B. An access package is a bundle of all the resources with the access a user needs to work on a project or perform their task.
C. An access package is a used to create a transitive trust between B2B organizations.
Answer: B: An access package is a bundle of all the resources with the access a user needs to work on a project or perform their task. For example, you may want to create an Access Package that includes all the applications that developers in your organization need, or all applications to which external users should have access.
How can Discovery and insights for privileged identity management help an organization?
A. Discovery and insights can find privileged role assignments across Azure AD, and then provide recommendations on how to secure them using Azure AD governance features like Privileged Identity Management (PIM).
B. Discovery and insights can find when guest’s access resources across Azure AD.
C. Discovery and insights can find security group assignments across Azure AD, and then provide recommendations on how to secure them using Azure AD governance features like Privileged Identity Management (PIM).
D. N/A
Answer: A – Discovery and insights can find privileged role assignments across Azure AD, and then provide recommendations on how to secure them using Azure AD governance features like Privileged Identity Management (PIM).
Whether to assign a role to a group instead of to individual users is a strategic decision. When planning, consider assigning a role to a group to manage role assignments when the desired outcome is to delegate assigning the role and what else?
Answer: C – Management of one group is much easier than management many individual users.
Which roles can only be assigned using Privileged Identity Management?
A. Permanently active roles.
B. Eligible roles.
C. Transient roles.
D. N/A
Answer: B. – Permanently active roles are the normal roles assigned through Azure Active Directory and Azure resources while eligible roles can only be assigned in Privileged Identity Management.
What is the purpose of the audit logs?
A. Azure AD audit logs provide a comparison of budgeted Azure usage compared to actual.
B. Azure AD audit logs provide records of system activities for compliance reporting.
C. Azure AD audit logs allow customer to monitor activity when provisioning new services within Azure.
D. N/A
Answer: B. – An audit log has a default list view that shows data, like the date and time of the occurrence, the service that logged the occurrence, the category and name of the activity (what), the status of the activity (success or failure), the target, and the initiator/actor (who) of an activity.
Can Azure export logging data to third-party SIEM tools?
A. Yes, Azure supports exporting log data to several common third-party SIEM tools.
B. No, Azure only supports the export to Azure Sentinel.
C. Yes, Splunk is the 3rd Party SIEM Azure can export to.
D. N/A
Answer: A. – Azure can export to many of the most popular SIEM tools. The most common are Splunk, IBM QRadar, and ArcSight.
A Solutions Architect wants to configure email notifications to be sent from Azure AD Domain Services when issues are detected. In Azure, where this would be configured?
A. Azure Microsoft Portal > Azure Active Directory > Monitoring > Notifications > Add email recipient.
B. Azure Microsoft Portal > Azure AD Domain Services > Notification settings > Add email recipient.
C. Azure Microsoft Portal > Notification Hubs > Azure Active Directory > Add email recipient.
D. N/A
Answer: B – The health of an Azure Active Directory Domain Services (Azure AD DS) managed domain is monitored by the Azure platform. The health status page in the Azure Microsoft Portal shows any alerts for the managed domain. To make sure issues are responded to in a timely manner, email notifications can be configured to report on health alerts as soon as they’re detected in the Azure AD DS managed domain.
You are architecting a web application that constantly reads and writes important medical imaging data in blob storage.
To ensure the web application is resilient, you have been asked to configure Azure Storage as follows:
Protect against a regional disaster.
Leverage synchronous replication of storage data across multiple data centers.
How would you configure Azure Storage to meet these requirements?
GZRS provides asynchronous replication to a single physical location in the secondary region. Additionally, this includes synchronous replication across three availability zones within the primary region (ZRS).
Video for reference: Storage Account Replication
You need to ensure your virtual machine boot and data volumes are encrypted. Your virtual machine is already deployed using an Azure marketplace Windows OS image and managed disks. Which tasks should you complete to enable the required encryption?
Configure a Key Vault Access Policy: A Key Vault Access Policy will be required to allow Azure Disk Encryption for volume encryption.
Create an Azure Key Vault: Azure Disk Encryption leverages a Key Vault for the secure storage of cryptographic information.
Video for reference: Azure Disk Encryption
You have configured Azure multi-factor authentication (MFA) for your company. Some staff have reported they are receiving MFA verification requests, even when they didn’t initiate any authentication themselves. They believe this might be hackers. Which feature would you enable to help protect against this type of security issue?
Fraud alert helps users to protect against MFA verification requests they did not initiate. It provides the ability to report fraudulent attempts, as well as the ability to automatically block users who report fraud.
You are configuring a new storage account using PowerShell. The storage account must support Queue storage. The PowerShell command you are using is as follows:
You need to ensure your virtual machine boot and data volumes are encrypted. Your virtual machine is already deployed using an Azure marketplace Linux OS image and managed disks. Which two commands would you use to enable the required encryption?
New-AzKeyvault
Azure Disk Encryption leverages a Key Vault for the secure storage of cryptographic information.
Set-AzVMDiskEncryptionExtension
Azure Disk Encryption leverages a VM extension to enable BitLocker (Windows) or DM-Crypt (Linux) to encrypt boot/OS/data volumes.
CompanyA is planning on making some significant changes to their governance solution. They have asked for your assistance with recommendations and questions. Here are the specific requirements.
– Consistency across subscriptions. It appears each subscription has different policies for the creation of virtual machines. The IT department would like to standardize the policies across the Azure subscriptions.
– Ensure critical storage is highly available. There are several critical applications that use storage. The IT department wants to ensure the storage is made highly available across regions.
– Identify R&D costs. The CTO wants to know how much a new project is costing. The costs are spread out across multiple departments.
– ISO compliance. CompanyA wants to certify that it complies with the ISO 27001 standard. The standard will require resources groups, policy assignments, and templates.
How can CompanyA to ensure policies are implemented across multiple subscriptions?
Create a management group and place all the relevant subscriptions in the new management group. A management group could include all the subscriptions. Then a policy could be scoped to the management group and applied to all the subscriptions.
How can CompanyA ensure applications use geo-redundancy to create highly available storage applications?
Add an Azure policy that requires geo-redundant storage. An Azure policy can enforce different rules over your resource configurations.
How can CompanyA report all the costs associated with a new product?
Add a resource tag to identify which resources are used for the new product. Resource tagging provides extra information, or metadata, about your resources. You could then run a cost report on all resources with that tag.
Which governance tool should CompanyA use for the ISO 27001 requirements?
Azure blueprints. Azure blueprints will deploy all the artifacts for ISO 27001 compliance.
You are configuring an Azure Automation runbook using the Azure sandbox. For your runbook to work, you need to install a PowerShell module. You would like to minimize the administrative overhead for maintaining and operating your runbook. Which option should you choose to install an additional PowerShell module?
CompanyA is planning on making some significant changes to their identity and access management solution. They have asked for your assistance on some recommendations and questions. Here are the specific requirements.
– Device access to company applications. The CTO has agreed to allow some level of device access. Employees at the company’s retail stores will now be able to access certain company applications. This access, however, should be restricted to only approved devices.
– Company reorganization. A company-wide reorganization has affected many employees. These employees are now in new roles. The IT team needs to ensure users have the correct access based on their new jobs.
– External developer accounts. A new development project requires external software developers to access company data files. The IT team needs to create user accounts for approximately five developers.
– User sign-in attempts. A recent audit of user sign-ins attempts revealed anonymous IP addresses and unusual locations. The IT team wants to require multifactor authentication for these attempted sign-ins.
How can CompanyA ensure that employees at the company’s retail stores can access company applications only from approved tablet devices?
Conditional access: Conditional Access enables you to require users to access your applications only from approved, or managed, devices.
What should CompanyA do to ensure employees have the correct permissions for their job role?
Require an access review: An access review would give managers an opportunity to validate the employees access.
What should CompanyA do to give access to the partner developers?
Invite the developers as guest users to their directory: In Business-to-Business scenarios guest user accounts are created. You can then apply the appropriate permissions
What solution would be best for the user sign-in attempts requirement?
Create a sign-in risk policy: That’s correct. A sign-in risk policy can identify anonymous IP and atypical locations. Secondary multifactor authentication can then be required.
You are working as a network administrator, managing the following virtual networks:
VNET1
Location: Australia East
Resource group: RG1
Address space: 10.1.0.0/16
VNET2
Location: Australia Southeast
Resource group: RG2
Address space: 10.1.0.0/16
You have been asked to connect VNET1 and VNET2, to allow private communication between resources in each virtual network. Do you need to modify either of the two virtual networks before virtual network peering is supported?
Yes: IP address ranges cannot overlap. One of the virtual networks must have their address space changed before VNet peering would be able to be configured.
You are architecting identity management for a hybrid environment, and you plan to use Azure AD Connect with password hash sync (PHS). It is important that you design the solution to be highly available. How would you implement high availability for the synchronization service?
Configure an additional server with Azure AD Connect in staging mode.
Azure AD Connect can be configured in staging mode, which helps with high availability.
You are responsible for monitoring a major web application for your company. The application is implemented using Azure App Service Web Apps and Application Insights. The chief marketing officer has asked you to provide information to help analyze user behavior based on a group of characteristics. To start with, it will be a simple query looking at all active users from Australia. Which of the following would you use to provide this information?
Cohorts leverage analytics queries to analyze users, sessions, events, or operations that have something in common (e.g., location, event, etc.). Reference: App insights
You work for a company with multiple Active Directory domains: exampledomain1.com and test.lab.com. Your company would like to use Azure AD Connect to synchronize your on-premises Active Directory domain, exampledomain1.com, with Azure AD. You do not wish to synchronize test.lab.com.
Which tasks should you complete, requiring minimal administrative effort and causing the least disruption to the existing environment?
You are architecting a mission-critical processing solution for your company. The solution will leverage virtual machines for the processing tier, and it is critical that high performance levels are maintained at all times. You need to leverage a managed disk that guarantees up to 900 MB/s throughput and 2,000 IOPS — but also minimizes costs. Which of the following would you use within your solution?
Premium SSD Managed Disks: Premium SSDs provide high performance and low latency, and include guaranteed capacity, IOPS, and throughput.
CompanyA wants to reduce storage costs by reducing duplicate content and, whenever applicable, migrating it to the cloud. The company would like a solution that centralizes maintenance while still providing nation-wide access for customers. Customers should be able to browse and purchase items online even in a case of a failure affecting an entire Azure region. Here are some specific requirements.
Warranty document retention. The company’s risk and legal teams requires warranty documents be kept for three years.
New photos and videos. The company would like each product to have a photo or video to demonstrate the product features.
External vendor development. A vendor will create and develop some of the online ecommerce features. The developer will need access to the HTML files, but only during the development phase.
Product catalog updates. The product catalog is updated every few months. Older versions of the catalog aren’t viewed frequently but must be available immediately if accessed.
What is the best way for CompanyA to protect their warranty information?
Time-based retention policy: With a time-based retention policy, users can set policies to store data for a specified interval. When a time-based retention policy is in place, objects can be created and read, but not modified or deleted.
What type of storage should CompanyA use for their photos and videos?
Blob storage: That’s correct. Blob storage is best for their photos.
What is the best way to provide the developer access to the ecommerce HTML files?
Shared access signatures: That’s correct. Shared access signatures provide secure delegated access. This functionality can be used to define permissions and how long access is allowed.
Which access tier should be used for the older versions of the product catalog?
Cool access tier: That’s correct. The cool access tier is for content that wouldn’t be viewed frequently but must be available immediately if accessed.
What tool would you use to identify underutilized and idle Azure resources in order to help reduce overall spend?
Azure Advisor: Advisor helps you optimize and reduce your overall Azure spend by identifying idle and underutilized resources. Reference
You work as a network administrator for a company. You manage several virtual machines within the following virtual network:
Name: VNET1
Address space: 10.1.0.0/16
Subnet: SUBNET1 (10.1.1.0/24)
You need to configure DNS for a VM called VM1, that is located in SUBNET1. DNS should be set to 8.8.8.8. All other VMs must keep their existing settings.
What should you do?
Navigate to the network interface of VM1, DNS Servers, and enable Custom DNS Servers and set to 8.8.8.8.
You are architecting a web application that constantly reads and writes important medical imaging data in blob storage. To ensure the web application is resilient, you have proposed the use of storage account failover. Management has asked you whether any data loss might occur for this solution, in the event of a failover. How would you respond?
There may be data loss, and the extent of data loss can be estimated using the Last Sync Time.
What storage service should you implement for an application that streams video content?
Azure Blobs: Azure blobs are used for storing large amounts of unstructured data, such as documents, images, and video files. This service is best used for streaming audio and video, particularly over HTTP/S.
What storage service should you implement for an application that needs to access data using SMB?
Azure Files: Azure files allow you to create and maintain highly available file shares that are accessible anywhere. They can be considered as a replacement to traditional file servers. They provide SMB access.
You are architecting a mission-critical solution for your company using virtual machines. The solution must qualify for a Microsoft service level agreement (SLA) of 99.95%. You deploy your solution to a single virtual machine in an availability set. The virtual machine uses premium storage. Does this meet the required SLA?
No: The virtual machine does use premium storage; however, this only provides a 99.9% SLA.
You are implementing Azure Backup using the Microsoft Azure Backup Server. Which of the following would you use to allow the server to register with your recovery services vault?
Vault Credentials: Vault Credentials are used by the Microsoft Azure Backup Server software to register with the vault.
You are developing a solution on a server hosted on-premises. The solution needs to access data within Azure Key Vault. Which two options would you use to ensure the application has access to Azure Key Vault?
Register the application in Azure AD and use a client secret. To allow an on-premises application to authenticate with Azure AD, it can be registered in Azure AD and given a client secret (or client certificate). If this application was hosted on a supported Azure service, it could have been possible to use a managed identity instead.
Configure an access policy in Azure Key Vault. To allow access to Key Vault, any identity (application, user, etc.) must be provided permissions using an Access Policy.
You have a Windows virtual machine within Azure, which must be backed up. You have the following requirements: – Back up the virtual machine three times per day – Include system state backups You configure a backup to a recovery services vault using the Microsoft Azure Recovery Services (MARS) agent. Does this fulfill the requirements above?
Yes: The Microsoft Azure Recovery Services (MARS) agent can perform backups of files, folders, and system states up to three times a day.
You are planning a migration of machines to Azure from your on-premises Hyper-V host. You would like to estimate how much it will cost to migrate your operating machines to Azure. Which of the following two items would you include in your migration solution? The effort required to estimate pricing, and then ultimately go on to perform a migration, should be minimized.
Azure Migrate Project: All migrations (both assessment and migration) require an Azure Migrate Project for the storage of related metadata.
You are implementing Azure Blueprints to help improve standards and compliance for your Azure environment. You would like to ensure that when an Azure Blueprint is used, a user is assigned ‘owner’ permissions to a specific resource group defined in the blueprint. Does Azure Blueprints provide this functionality?
Yes: Azure Blueprints includes several different artifacts, one of which is ‘Role Assignment’. This allows a user to be assigned permissions as part of the blueprint definition.
You are planning a migration from on-premises to Azure. Your on-premises environment is made up of the following: – VMware hosted virtual machines – Hyper-V hosted virtual machines – Physical servers Will the Azure Migrate: Server Migration tool provided by Microsoft support your environment for migrations to Azure?
Yes, for VMware, Hyper-V, and physical machines. The Azure Migrate: Server Migration tool support migrating VMware VMs, Hyper-V VMs, and physical servers.
For a new container image you are developing, you need to ensure a local HTML file, index.html, is included in the image. Which command would you include in the Dockerfile?
You have developed a financial management application for your company. It is currently hosted as an Azure App Service Web App within Azure. To improve security, you need to ensure that the web application is only accessible when users connect from your head-office IP address of 14.78.162.190. Within the Azure Portal settings for your web app, which section would you use to configure this security?
Networking > Access Restrictions Access Restrictions allows you to filter inbound connectivity to Azure App service, based on the IP address of the requesting user/service. This meets the requirements of this scenario, as an Access Restriction could be configured for the Web App. To configure this, an ALLOW rule would be created for the web app (and the management interface, SCM, if needed). Adding the ALLOW rule for the IP address of 13.77.161.179 would automatically create a DENY ALL rule, which will prevent any other network location from accessing this resource.
You are responsible for improving the availability of a web application. The web application has the following characteristics: – Hosted using Azure App Service. – Leverages an Azure SQL back-end. You need to configure Azure SQL Database to meet the following needs: Must be able to continue operations in the event of a region failure. Must support automatic failover in the event of failure. You must recommend a solution that requires the least amount of effort to implement, and can manage in the event of a failover. Which configuration do you recommend?
Azure SQL auto-failover group: Using Azure SQL auto-failover groups provides protection at a geographic scale. By using the read-write listener, an application will seamlessly point to the primary, even in the event of a failover. Azure SQL auto-failover groups simplify the deployment and management of geo-replicated databases. It supports replication, and failover, for one or more databases on Azure SQL Database, or Azure SQL Managed Instances. A key benefit of auto-failover groups, is the built-in management of DNS for read, and read-write listeners.
You have been asked to implement high availability for an Azure SQL Managed Instance. The solution is critical, and data loss must be minimized. If the data platform fails you must wait 1 hour before automatic failover occurs. You must determine: (1) How to configure replication. (2) How to configure the 1 hour delay.
You are helping to architect a social media application. The solution must ensure that all users read data in the order it has been completely written. You propose the use of Cosmos DB. What else do you include in your proposal to meet the requirements?
Cosmos DB Strong Consistency: Strong consistency ensures that reads are guaranteed to return the most recent committed write. This is useful when order matters.
You need to configure high availability for Azure SQL Databases. You would like the service to include the following: – Automatic failover policy. – Ability to manually failover. – DNS management for primary read/write access. You configure Azure SQL Active Geo-Replication. Does this meet the requirements?
No: Active Geo-Replication does not include DNS automatically managed for primary read/write access. This is a feature of auto-failover groups. The inclusion of DNS for both the primary read/write endpoint, and the secondary read endpoint, reduces the management overhead for ensuring applications are pointing to the correct resources in the event of a disaster.
You can translate the content of this page by selecting a language in the select box.
Djamgatech – Multilingual and Platform Independent Cloud Certification and Education App for AWS Azure Google Cloud
Djamgatech is the ultimate Cloud Education Certification App. It is an EduFlix App for AWS, Azure, Google Cloud Certification Prep, School Subjects, Python, Math, SAT, etc.[Android, iOS]
Technology is changing and is moving towards the cloud. The cloud will power most businesses in the coming years and is not taught in schools. How do we ensure that our kids and youth and ourselves are best prepared for this challenge?
Building mobile educational apps that work offline and on any device can help greatly in that sense.
The ability to tab on a button and learn the cloud fundamentals and take quizzes is a great opportunity to help our children and youth to boost their job prospects and be more productive at work.
The App covers the following certifications : AWS Cloud Practitioner Exam Prep CCP CLF-C01, Azure Fundamentals AZ 900 Exam Prep, AWS Certified Solution Architect Associate SAA-C02 Exam Prep, AWS Certified Developer Associate DVA-C01 Exam Prep, Azure Administrator AZ 104 Exam Prep, Google Associate Cloud Engineer Exam Prep, Data Analytics for AWS DAS-C01, Machine Learning for AWS and Google, AWS Certified Security – Specialty (SCS-C01), AWS Certified Machine Learning – Specialty (MLS-C01), Google Cloud Professional Machine Learning Engineer and more… [Android, iOS]
Djamgatech: Multilingual and Platform Independent Cloud Certification and Education App for AWS, Azure, Google Cloud
The App covers the following cloud categories:
AWS Technology, AWS Security and Compliance, AWS Cloud Concepts, AWS Billing and Pricing , AWS Design High Performing Architectures, AWS Design Cost Optimized Architectures, AWS Specify Secure Applications And Architectures, AWS Design Resilient Architecture, Development With AWS, AWS Deployment, AWS Security, AWS Monitoring, AWS Troubleshooting, AWS Refactoring, Azure Pricing and Support, Azure Cloud Concepts , Azure Identity, governance, and compliance, Azure Services , Implement and Manage Azure Storage, Deploy and Manage Azure Compute Resources, Configure and Manage Azure Networking Services, Monitor and Backup Azure Resources, GCP Plan and configure a cloud solution, GCP Deploy and implement a cloud solution, GCP Ensure successful operation of a cloud solution, GCP Configure access and security, GCP Setting up a cloud solution environment, AWS Incident Response, AWS Logging and Monitoring, AWS Infrastructure Security, AWS Identity and Access Management, AWS Data Protection, AWS Data Engineering, AWS Exploratory Data Analysis, AWS Modeling, AWS Machine Learning Implementation and Operations, GCP Frame ML problems, GCP Architect ML solutions, GCP Prepare and process data, GCP Develop ML models, GCP Automate & orchestrate ML pipelines, GCP Monitor, optimize, and maintain ML solutions, etc.. [Android, iOS]
The App covers the following Cloud Services, Framework and technologies:
Features: – Practice exams – 1000+ Q&A updated frequently. – 3+ Practice exams per Certification – Scorecard / Scoreboard to track your progress – Quizzes with score tracking, progress bar, countdown timer. – Can only see scoreboard after completing the quiz. – FAQs for most popular Cloud services – Cheat Sheets – Flashcards – works offline
Note and disclaimer: We are not affiliated with AWS, Azure, Microsoft or Google. The questions are put together based on the certification study guide and materials available online. The questions in this app should help you pass the exam but it is not guaranteed. We are not responsible for any exam you did not pass.
Important: To succeed with the real exam, do not memorize the answers in this app. It is very important that you understand why a question is right or wrong and the concepts behind it by carefully reading the reference documents in the answers.
You can translate the content of this page by selecting a language in the select box.
Microsoft Azure Administrator Certification Questions and Answers Dumps – AZ 104
Microsoft Azure Administrator AZ 104 is one of the most popular Microsoft Azure Administrator certification exams. To pass this exam, you need to have a good understanding of Microsoft Azure and its various components. The best way to prepare for this exam is to use this Microsoft AZ 104 dumps. These dumps will help you to understand the Microsoft Azure platform and its various features. In addition, you will also get an idea about the types of questions that are asked in this exam. With the help of these dumps, you can easily pass the Microsoft AZ 104 exam.
Candidates for the Azure Administrator Associate certification should have subject matter expertise implementing, managing, and monitoring an organization’s Microsoft Azure environment.
Responsibilities for this role include implementing, managing, and monitoring identity, governance, storage, compute, and virtual networks in a cloud environment, plus provision, size, monitor, and adjust resources, when needed.
Manage Azure identities and governance (15-20%), Manage Azure AD objects, Manage role-based access control (RBAC), Manage subscriptions and governance, Implement and manage storage (10-15%), Manage storage accounts, Manage data in Azure Storage, Configure Azure files and Azure blob storage, Deploy and manage Azure compute resources (25-30%), Configure VMs for high availability and scalability, Automate deployment and configuration of VMs, Create and configure VMs, Create and configure containers, Create and configure Web Apps, Configure and manage virtual networking (30-35%), Implement and manage virtual networking, Configure name resolution, Secure access to virtual networks, Configure load balancing, Monitor and troubleshoot virtual networking, Integrate an on-premises network with an Azure virtual network, Monitor and back up Azure resources (10-15%), Monitor resources by using Azure Monitor, Implement backup and recovery,
Question 1:In our subscription, we have four different resource groups. They are RG1, RG2, RG3, RG4. RG2 has a Read-only lock at the resource group scope. RG3 has a Delete lock at the resource group scope. RG1 and RG4 do not have locks. We need to determine how we could move resources between resource groups during the lifecycle of these resources. Assuming all resources provisioned support moving between resource groups regardless of region. Which of the following statements are plausible?
Notes: We can effectively move resources from RG1 and RG4 because RG1 does not have a lock. We can move resources from RG4 and RG3 because RG4 does not have a lock. Also, while RG3 does have a Delete lock this does not stop resources from being moved into this resource group.
Question 2: Your company has recently added a few new users to your Azure Active Directory. You have already added them to an active directory group, and now you have asked them to add their devices to the domain. When they add their devices, you have to ensure they are prompted to use a mobile phone to verify their identity. How do you configure this?
A. Require multi-factor authentication to join devices
Question 3: Under your Azure Subscription, you are trying to identify VMs that are underutilized in order to shutdown all VMs with CPU utilization under 5%. Which blade should you use?
Question4: You have just purchased the domain name arseemagroup.com from a third party registrar. Using your Azure Active Directory domain, you’d like to create new users with the suffix @arseemagroup.com. Which three things must you do?
A. Access the custom domain names blade from Azure AD
B. Create a MX or TXT record from arseemagroup.com DNS
C. Verify that you own the domain name
D. Access the App registrations blade from Azure AD
ANSWER4:
A B and C
Notes: In order to add the domain “arseemagroup.com” to Azure AD, you must add the domain from the custom domain names blade.
When you add your custom domain to Azure AD, you must create an MX or TXT record with a destination address (provided) in order to verify that the domain does indeed belong to you.
Question 5: You have two subscriptions named Subscription1 and Subscription2. You are logged into Azure using Azure PowerShell from Computer1. How can you identify which subscription you are currently viewing and then switch from one subscription to the other for the current session at Computer1.
A. Set-AzContext -SubscriptionName
B. Get-AzContext
C. Select-AzContext
D. AzShow-Context
ANSWER5:
A and B
Notes: In Az PowerShell 3.7.0, Set-AzContext sets the tenant, subscription, and environment for cmdlets to use in the current session.
In Az PowerShell 3.7.0, ‘Get-AzContext’ gets the metadata used to authenticate Azure Resource Manager requests.
Question 6: You have two subscriptions named Subscription1 and Subscription2. You are currently managing resources in Subscription1 from Computer1 that has the Azure CLI installed. You need to switch to Subscription2. Which command should you run?
A. az set account –subscription “Subscription2”
B. az account set –subscription “Subscription2”
C. az subscription set “Subscription2”
D. Select-AzureSubscription -SubscriptionName “Subscription2”
ANSWER6:
B
Notes: You are accessing Azure from Computer1 with the Azure CLI installed; therefore, this command is the correct command.
Question 7: You work at the IT help desk for Consilium Corporation. You have been getting an influx of calls into the help desk about resetting users’ passwords. They keep reporting that they can’t seem to figure out how to reset their password in order to gain access to their Customer Relationship Management (CRM) software. What do you do?
A. Ensure that the users who are having problems are within the correct AD group
B. Make sure you have Azure Active Directory Free
C. Make sure they have their verification device (mobile app or access to email)
D. Verify that self-service password reset is enabled in Azure Active Directory
ANSWER7:
A C and D
Notes: Self-service password may not apply to those not in a specific Active Directory group. If the user is not in the group, they will not be able to reset their password.
In order to reset their password, the user will have to verify their identity using a mobile phone, mobile app, office phone or email.
Self-service password reset is an optional feature in Azure Active Directory, which may not apply to any and all users in the organization.
Question 8: In this scenario, we are working for Cloud Chase Support. We our the active administrator, and we have been tasked with determining how to ensure we do not incur costs in either our Prod-Subscription and our Dev-Subscription for virtual machine resources. We have a CloudChase management group where both subscription nested. We decide to use Azure Policy to enforce compliance on Virtual Machines. Our Policy definition states that virtual machines are not an allowed resource type at the scope of our CloudChase management group. There are some existing virtual machines in our Prod-Subscription at the time this policy is created. After the enforcement of our new policy which of the below statements is true?
A. We cannot create virtual machines in any subscription under the scope of our management group and our existing virtual machines will be deallocated.
B. Virtual machines can be created in our Prod-Subscription if they are compliant.
C. Virtual machines can be created in our Dev-Subscription.
D. We cannot create virtual machines in any subscription under the scope of our management group.
ANSWER8:
D
Notes: We created a policy that has a definition that defines that virtual machines are not a supported resource type at the scope of our management group. Any subscription under the scope of this management group will not support the provisioning of virtual machine resources.
Question 9: You recently signed up for Azure Active Directory Premium and need users to be able to reset their passwords if they are unable to login. What should you configure in Azure Active Directory?
A. Set “block sign-in” to off when creating the user
B. User password reset
C. User password change
D. Add user to sign-in group in Azure AD
ANSWER9:
B
Notes: With the password reset capability, the user will be able to click “forgot password” when trying to log in to the portal and reset their password on their own.
Question 10: You have an Azure Pay-as-you-go Subscription named Subscription1. You have some concerns about cost for Subscription1, and you would like to spend less than $100.00 US per month on all resources in this subscription. If you spend more than $90.00 US, you would like to get an alert in the form of a text message. What should you do?
A. Shutdown VMs when you are not using them
B. Create an alert in Azure Monitor
C. Create a budget alert condition tied to an action group
D. Create a budget in the subscriptions blade
ANSWER10:
C
Notes: Creating an alert condition is available when setting your budget, it is not required that you create an action group, however in this case where we want to be notified via SMS (text message), it is required that we tie an action group to our budget alert.
Question 11: We want to be provide an Azure AD B2B guest user the ability to manage all resources inside of our DevRG resource group. We want to give them these abilities over managing all resources inside of this resource group and nothing more. What role would we assign to the user to accomplish this goal? Assume we are assigning the role to the DevRG scope.
A. User Access Administrator
B. Owner
C. Contributor
D. Global Admin
ANSWER11:
C
Notes: This role will allow us to give this guest user the ability to manage all resources inside of the DevRG resource group, and nothing more like manage role assignments. This is exactly what we need for our scenario. When assigning permissions we need to think the principle of least privilege.
Question 12: You have just created a General-purpose V2 storage account in Azure. From a VM located in your on-prem environment, you’ve logged into your Azure subscription using the Connect-AzConnect command from the PowerShell command line. Next, you need to retrieve the key, in order to access your storage account. Which PowerShell cmdlet will you use to retrieve the access key?
A. Get-AzStorageAccount
B. Get-AzStorageContainerKey
C. Get-AzStorageContainerStoredAccessPolicy
D. Get-AzStorageAccountKey
ANSWER12:
D
Notes: The Get-AzStorageAccountKey cmdlet gets the access keys for an Azure Storage account.
Question 13: You have been directed to copy all data from one storage account to another using the AzCopy tool. You need to report which storage services you can copy. Which of those services would it be?
A. Only Azure File Shares
B. Azure Queues and Blobs
C. Azure Blob and File Shares
D. Azure Table and File Shares
ANSWER13:
C
Notes: AzCopy is a command-line utility that you can use to copy blobs or files to or from a storage account.
Question 14: You have a general purpose v1 storage account named consiliumstore that has a private container named container2. You need to allow read access to the data inside container2, but only within a 14 day window. How do you accomplish this using the Azure Portal?
A. Upgrade the storage account to general purpose v2
B. Create a shared access signatures
C. Create a service SAS
D. Create a stored access policy
ANSWER14:
B and D
Notes: A Shared Access Signature (SAS) allows you to have granular control over your storage account, including access to only certain services (i.e. Azure Blobs) and permitting only read, write, delete, list, add, or create access. A Stored Access Policy allows granular control over a single storage container using a Shared Access Signature (SAS).
Question 15: You have an existing Microsoft Enterprise Agreement (EA) Subscription. You need to ship 34TB of data from an on-premise Windows 2016 server to your Azure storage account. You need to ensure that the data transfer has zero impact on the network, preserves your existing drives and is the fastest and most secure method. What should be your first step to starting the import job?
A. Open a ticket with Microsoft Support
B. Order an Azure Databox via the Azure Portal
C. Start an Import Job via the Azure Portal
D. Prepare your hard drives using the WAImportExport tool
ANSWER15:
B
Notes: This option would be the best, as Azure Data boxsupports Windows 2016 servers, and is secure and reliable.
Question 16: You have data in an AWS S3 Bucket named myS3Bucket and you need to copy all of its contents to a container named container1 in an Azure storage account named companydata. Which command would be most efficient use of getting the data from the S3 bucket to the Azure storage container?
A. azcopy copy ‘https://s3.amazonaws.com/myS3Bucket’ ‘https://companydata.blob.core.windows.net/container1’ –recursive=true
B. aws s3 cp s3://mybucket/test.txt https://companydata.blob.core.windows.net/container1
C. azcopy blob copy ‘https://s3.amazonaws.com/myS3Bucket’ ‘https://companydata.blob.core.windows.net/container1’
D. azcopy copy sync ‘https://s3.amazonaws.com/myS3Bucket’ ‘https://companydata.blob.core.windows.net/container1’
ANSWER16:
A
Notes: The AzCopy tool can copy directly from an AWS S3 bucket to an Azure Storage Account. source
Question 17: You have the following Azure Storage Accounts in your Subscription: stor1 (BlockBlobStorage) stor2 (FileStorage) stor3 (StorageV2) Which of these storage accounts can be converted to Read-Access Geo-Redundant Storage (RA-GRS) based on their storage account kind? Please select the most appropriate answer.
Question 18: You create an Azure storage account named companystore with a publicly accessible container named container1. You upload a file to container1 named pic1.png. What will be the URL in order to access this blob?
Notes: The URL of the blob, by default will be the storage account name, followed by blob.core.windows.net, the container name, then the name of the blob.
Question 19: You have an Azure subscription named Subscription1. In Subscription1, you have an Azure virtual machine named VM1. Attached to VM1 are two network interface cards. You require a third network interface card with a network bandwidth above 1000 Mbps for your storage area network. What should you do?
A. Create an additional VM in the same subnet and connect to VM1 over the LAN
B. Create a new subnet with a sufficient number of available IP addresses
C. Create a new storage account to store data for VM1
Question 20: You are trying to create a new Azure Kubernetes Service (AKS) cluster from your local workstation. The AKS cluster must contain three nodes and ensure access to the worker nodes in order to troubleshoot the kubelet. You have authenticated to Azure from your local workstation with the Azure CLI. What command will you use to create an AKS cluster named AKS1 with the necessary components inside of the resource group named RG1?
A. az aks create -g RG1 -n AKS1 –generate-ssh-keys –node-count 3
B. az kubernetes create –name AKS1 –group RG1 –nodes 3 –generate-keys
C. az aks create –name AKS1 –resource-group RG1 –nodes 3 –ssh-key-value ~/.ssh/id_rsa.pub
D. az kubernetes create –name AKS1 –resource-group RG1 –nodes 3 –generate-keys
ANSWER20:
A
Notes: The correctcommand to use for creating an AKS cluster is az aks create and the -g and -n values are abbreviated syntax for resource group and name respectively. The --generate-ssh-keys flag will create the SSH keys in order to access the worker nodes. The --node-count flag will ensure that there are three worker nodes in the cluster.
Question 21: VM1 is located in the West US region, and the OS disk is Premium SSD. The size of VM1 is currently Standard_D2s_v3, but you need to change the size to Standard_D2. You are able to select the size from the size blade, but you receive an error message. Why can’t you change the VM size?
A. You need to provide the username and password for the OS to upgrade
B. Standard_D2 does not support premium SSD disks
C. The size Standard_D2 is not available in the West US region
D. You did not shut down (deallocated) VM1 before you change the size
ANSWER21:
B
Notes: Standard_D2 does not support premium disks; therefore, you are unable to change VM1 to this size. A good way to remember which size is available is the s in the size, as the s indicates Premium SSD. See more here: dsv3-series
Question 22: You have an Azure Kubernetes Service (AKS) cluster named AKS1 within the resource group named RG1. You are trying run the command kubectl get all from the Azure Cloud Shell (https://shell.azure.com) to view your cluster resources. You received the error Error from server (BadRequest): the server rejected our request for an unknown reason. You’ve verified that the resources exist and the command is correct. What do you need to do in order to view your cluster resources from the Azure Cloud Shell?
A. Retrieve the access credentials using the command az aks get-credentials --name AKS1 --resource-group RG1
B. Log into the cluster GUI from the Azure Portal
C. Install the kubectl tool
D. Access the Kubernetes Dashboard using the command az aks browse --name AKS1 --resource-group RG1
ANSWER22:
A
Notes: AKS does not have a cluster GUI that is accessible from the Azure Portal. You must use a machine with kubectl installed, or the Azure Cloud Shell.
The kubeconfig is required in order to access the Kubernetes API. You can retrieve the kubeconfig using the az aks get-credentials command.
Question 23: You have a subscription named Subscription1. You create a new Azure VM in your subscription named VM5 running Windows 2012 R2. You try to connect and login to VM5, but you get an error that says “We couldn’t connect to the remote PC. Make sure the PC is turned on and connected to the network, and that remote access is enabled.” You have verified that VM5 is running and has been assigned a public IP address. What change do you need to make in order to successfully connect and login to VM5?
A. Add a rule to the Network Security Group that will allow port 3389
B. Select Reset password from the VM blade
C. Use Network Watcher for detailed connection tracing
D. You need to access the VM from a computer that’s in the same subnet
ANSWER23:
A
Notes: A Network Security Group (NSG) is designed to filter traffic to and from Azure resources, including Azure VMs. Allowing port 3389 from your machine to the Azure VM will address the connection issue. You may reset the password, but being you received the error before attempting to enter your credentials says that it’s a connectivity problem, not a credentials problem.
Question 24: Subscription1 contains an Azure VM named VM1 with the following configuration:VM Size: Standard_D2s_v3
Public IP Address: 52.173.36.55
Resource Group: RG1
Availability Zone: None
Location: Japan East
Disk Type: Standard HDD
What are two things you can do to reduce data loss and achieve a 99.9% SLA?
A. Create a recovery services vault and enable replication for VM1
B. Move VM1 to a paired region
C. Place the VM in an availability zone
D. Change the disk type to Premium SSD
ANSWER24:
A and D
Notes: Creating a recovery services vault will allow you to back up the VM to a different region and location. You will enable replication to ensure that VM data and settings are continually replicated to the backup location for simple recovery.
Virtual machines with Premium SSD disks qualify for the 99.9% connectivity SLA.
Question 25: You have created an application that is to be run on Linux containers named ContainerApp1. You’ve created an Azure container instance with an FQDN, but you notice that when the container restarts, all application data is lost. What is the best solution to preserve the data associated with your application?
A. Create a public blob storage container and share the URI with the application
B. Create a storage account and share the SAS with the application
C. Mount an Azure file share as a volume in Azure Container Instances
D. Run the container on a VM, and use the managed disk attached to the VM
ANSWER25:
C
Notes:Azure Container Instancescan mount an Azure file share created with Azure Files. Azure Files offers fully managed file shares hosted in Azure Storage that are accessible via Server Message Block (SMB) protocol. Using an Azure file share with Azure Container Instances provides file-sharing features similar to using an Azure file share with Azure virtual machines.
Question 26: You’ve created a Dockerfile that contains the necessary steps to build an image that you plan to use for your application running as a Web App in App Services named APP1. You have created an Azure Container Registry, which is where you plan to store your images to be used for APP1. What should your next step be?
A. Run the az acr build command
B. Create the App Service Plan
C. Run the docker push command
D. Run the docker login command
ANSWER26:
A
Notes: The az acr build command will build and push your image to an Azure Container Registry all in one command. You should use this if you don’t have docker installed, and/or if you don’t have the compute resources to build images on your local machine.
Question 27: You have an application that runs on instances in a Virtual Machine Scale Set. The number of instances in the VMSS is at three starting Monday. The minimum number of instances is one, and the maximum is 5 instances. There are two scaling rules for this VMSS:
Rule
Condition
Action
Rule1
CPU > 75%
+1 instance
Rule2
CPU < 25%
-1 instance
Based on the rules above and the chart below, on Wednesday how many instances will there be in our VMSS?
Notes: We start with 3 instances on Monday. Based on the chart we will still be at 3 instances on Tuesday at 12:01 because we have not met a condition for any scaling actions to take place, but then at 13:36 on Tuesday we will scale down an instance due to the CPU% being below 25%. Now we have 2 instances. Then on Wednesday at 12:10 we will be scale-out by one instance because our CPU% has gone above 75%. This gives us three instances on Wednesday.
Question 28: Subscription1 contains an Azure VM named VM1. You have added a data disk to VM1, as well as a new network interface card. You need to create two more Azure VMs just like this one named VM2 and VM3. What is the most efficient way to create VM2 and VM3 that will minimize cost?
A. Backup the VM and recover to a different region
B. Redeploy VM1 with the new disk and NIC and deploy the template to VM2 and VM3
C. Select Export template from VM1 blade, then deploy VM2 and VM3 with that template
D. Create an image from VM1 and use the image to deploy VM2 and VM3
ANSWER28:
C
Notes: Exporting the template from a VM is a quick and easy way to take the existing VM settings and automate future deployments.
Question 29: You have an Azure subscription named Subscription1. You have created a web app named App1 in Subscription1 that is sourced from a git repository named Git1. You need to ensure that every commit to the master branch in Git1 triggers a deployment to a test version of the application before releasing it to production. What are two changes that you must make to App1 to fulfill this requirement?
A. Create a build server with the master branch of Git1 as the trigger
B. Configure custom domains for test and production versions of App1
C. Add a new deployment slot to App1 to release the test version of App1
D. Create a new web app and configure failover settings from test to production
ANSWER29:
A and C
Notes: You have the option of creating a build server natively in App Services by selecting Deployment Center in the App1 blade. This will trigger a build every time a commit is made to the master branch of Git1.
Deployment Slots allow greater flexibility within app services, providing a built-in staging environment for your app, allowing you access to your application without deploying it to production.
Question 30: You plan to create an Azure Web App in the East US region. You need to ensure that this web app scales out with demand, to prevent downtime. You also need to ensure that the data that resides inside of the application will remain secure and never become exposed to anyone outside of the organization. Which App Service plan SKU will you chose that will meet these requirements and also save on cost?
A. FREE
B. B1
C. SHARED
D. I1
ANSWER30:
D
Notes: The I1 SKU allows your app to run on dedicated hardware, and also provides network isolation on top of compute isolation to protect your app. It also provides the maximum scale-out capabilities.
Question 31: VM1 is located in the East US region. You have added a premium SSD data disk to VM1, but the IOPS are not satisfying the needs of your application, how can you change the speed of the disk?
A. Select the disk configuration and increase the size
B. Shut down (Deallocate) the VM
C. Export the disk and convert to VHD
D. Create a new disk and migrate the data
ANSWER31:
A and B
Notes: Premium disk performance increases based on the size of the disk, while standard disks have consistent performance for all disk sizes. Disks can be resized only when they are unattached or the owner VM is deallocated. Disks can be resized only when they are unattached or the owner VM is deallocated.
Question 32: The NoName Company has just deployed a number of Azure VMs into a specific subnet in an Azure virtual network. They have also implemented a network security plan which includes the use of Azure Firewall. From those newly deployed VMs, the company wants to deny access to the website https://www.microsoft.com. How can you achieve this using their current Azure resources?
A. A network rule
B. Create a route via Route Table to the firewall (as a virtual appliance hop)
C. Configure an application rule on the Azure Firewall that blocks FQDNS www.microsoft.com
D. An Application Gateway
E. A Subnet named AzureFirewallSubnet
F. A VPN Gateway
ANSWER32:
A B C
Notes: A network rule would allow access to an external public DNS service, to lookup the microsoft.com domain name. Creating a route via Route Table to the firewall is required to direct incoming traffic (from the firewall public IP address) to a specific destination.
An application rule allows or blocks an address by URL. This is necessary in order to block https://www.microsoft.com according to the requirements of the company.
Question 33: You need to create an Azure virtual machine named VM1 that requires a static private IP address configured inside the IP address space for the VNet in which the VM resides. How do you configure a static IP address for this Azure VM?
A. After the VM has been created, create a new network interface and configure a static IP address for that network interface
B. After the VM has been created, go to the network interface attached to the VM and change the IP configuration to static assignment
C. When creating a VM in the portal, select New next to private ip address and choose static after assigning the correct IP address
D. When creating the VM in the portal, change the setting from dynamic to static on the networking tab under private IP address
ANSWER33:
B
Notes: Changing the IP configuration on the network interface will achieve this goal.
Question 34: You have an Azure subscription named Subscription1. In Subscription1, you have a web server that has the IP address 10.1.0.83 and a database server that has the IP address 10.1.0.142. Instead of remembering the IP addresses of the servers, you’d like to connect to these servers using a DNS name. With no DNS server currently, and without having to create a new DNS server, how can you access your database server from your web server by the DNS name db.yourcompany.com?
A. Public DNS Zone
B. Promote Server to Domain Controller
C. Access the Domain Controller
D. Private DNS Zone
ANSWER34:
D
Notes: A private DNS zone is an easy way to register servers with a DNS name versus having to access them by their IP address
Question 35: You have an Azure subscription named Subscription1. In Subscription1 you have two VNets, one named VNet-Hub and one named VNet-Spoke. Within VNet-Hub, there is an Azure Firewall with a public IP address, configured as a Standard SKU. In VNet-Spoke, there is a Windows Server 2016 with no public IP address and no Network Security Group (NSG). Using which three items can you utilize the public IP address of the Azure firewall to connect to the Windows Server, without exposing the server to the public internet directly?
A. NAT Rule for the Firewall
B. Route Table
C. Virtual Network Gateway
D. Virtual Network Peering
E. ExpressRoute Gateway
ANSWER35:
A B D
Notes: You can configure a NAT rule on the firewall to translate and filter inbound Internet traffic to your subnets. You will need a route table to route ingress traffic to the firewall virtual appliance. In order for traffic to flow from the VNet-Spoke to VNet-Hub, you will need a peer connection between the virtual networks (Virtual Network Peering).
Question 36: You have an on-premises environment as well as your Azure environment with a subscription named Subscription1. Subscription1 has a virtual network named VNET1 and you need to connect to the on-premises network securely using an ExpressRoute link and Site-to-site VPN. What Azure resources do you need in order to establish the connection while minimizing cost?
A. Azure VPN Gateway
B. Network virtual appliance
C. No resources needed, ExpressRoute is encrypted by default
Notes: VPN tunnels over Microsoft peering can be terminated either using VPN gateway, or using an appropriate Network Virtual Appliance (NVA) available through Azure Marketplace. We choose to use NVA because it accomplishes our goal, but for a lesser cost than Azure VPN Gateway. A route table is required to specify the next hop for traffic coming and going from the on-premises network.
Question 37: You have a Network Security Group (NSG) that is associated with a network interface that is attached to an Azure virtual machine named VM1 running Windows Server 2019. VM1 is in subnet named subnet1, in a virtual network named VNet1. A different NSG is attached to subnet1, but you notice that there is an inbound rule to allow port 3389. When you try to connect to VM1, you cannot connect. You reviewed the NSG and the source IP address and the protocol are correct. How can you connect to VM1 using best practices for NSGs in Azure?
A. The protocol on the NSG rule is set to UDP
B. The NSG attached to the network interface needs to be removed
C. The source IP address on the NSG rule is incorrect
D. You need to add an inbound rule for the NSG attached to the network interface
ANSWER37:
B
Notes: Removing the NSG from the network interface would allow the VM to use the NSG associated with the subnet, which is best practice.
Question 38: You have an Azure subscription named Subscription1. In Subscription1 you have an Azure VM named VM1 with Windows Server 2019 as the operating system. VM1 does not have a public IP address assigned to it. VM1 is located in a virtual network named VNet1, in subnet1. Attached to subnet1 is a Network Security Group (NSG) that has port 3389 open inbound. On your local machine, you do not have an RDP client installed, but you need to login into the VM. Without assigning a public IP address to the VM, what three things in combination can we use to log into VM1?
A. HTML5 supported Web Browser
B. Azure VPN Gateway
C. A subnet named AzureBastionSubnet
D. A Gateway Subnet
E. Azure Bastion Host
F. Inbound security rule to open port 443
ANSWER38:
A C E
Notes: The RDP connection to the virtual machine happens via Bastion host using the Azure portal (over HTML5) using port 443 and the Bastion service.
The subnet inside your virtual network to which the Bastion resource will be deployed must have the name AzureBastionSubnet. The name lets Azure know which subnet to deploy the Bastion resource to. This is different than a Gateway Subnet.
The Azure Bastion service is a new fully platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly in the Azure portal over TLS. When you connect via Azure Bastion, your virtual machines do not need a public IP address.
Question 39: You have a subscription named Subscription1. Subscription1 has two virtual networks named VNet1 and VNet2 in two different resource groups. VNet1 is located in the West US region and VNet2 is located in the East US region. You need to apply a network security group named NSG1 to a subnet in VNet1. NSG1 is located in the East US region. How do you attach NSG1 to the subnet in VNet1?
A. You can’t. Create a new network security group in the west us region
B. Move VNet1 into a resource group located in the east us region
C. Select the subnet and choose NSG1 from the network security group drop-down
D. Move NSG1 into the VNet1 resource group
ANSWER39: A
Notes: In order for you to associate a network security group to a subnet, both the virtual network and the network security group must be in the same region.
Question 40: You have a subscription named Subscription1. Subscription1 has one Azure virtual machine named VM1 which is an Ubuntu server. You can’t seem to login to the server via SSH. What tool should you use to verify if the problem is the network security group?
A. IP flow verify tool in Azure Network Watcher
B. Azure Monitor VM metrics
C. Azure Traffic Manager traffic view
D. Azure Virtual Network logs
ANSWER40:
A
Notes: The IP Flow Verify tool checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and a remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned.
Question 41: You have two Azure virtual machines named VM1 and VM2. VM1 is using the Red Hat Enterprise Linux 8.1 (LVM) operating system and is located in VNet1, within subnet1. VM2 is using the Windows Server 2019 operating system, and is located in VNet1, within subnet2. VNet1 has custom DNS configured, pointing to a DNS server with the IP address 172.168.0.6. VM2 has 10.0.1.15 configured as the DNS server on its network interface. Which DNS server will VM2 use for DNS queries?
A. 8.8.8.8
B. 10.0.1.15 for primary, 172.168.0.6 as secondary
C. 10.0.1.15
D. 172.168.0.6
ANSWER41:
C
Notes: Since the network interface attached to VM2 is assigned to a specific DNS server, it takes precedence over the DNS configured on the VNet.
Question 42: You have created a new Azure virtual machine in a subnet named Subnet1 with an attached network interface card named NIC1. The NIC1, attached to Subnet1, has the following effective routes:
Question 43: You have a standard load balancer that directs traffic from port 80 externally to three different virtual machines. You need to direct all incoming TCP traffic on port 5000 to port 22 internally for connecting to Linux VMs. What do you need in order to connect to the VM via SSH?
A. A public IP address for all three VMs
B. A Route Table with at least one rule
C. A Network Security Group (NSG)
D. A Network Address Translation (NAT) Rule
ANSWER43:
C and D
Notes: The NSG rules work alongside the NAT rules to provide a connection to a VM that’s behind a load balancer. NAT rules work alongside NSG rules to provide a connection to a VM that’s behind a load balancer.
Question 44: You have a web application that serves video and images to those visiting the site. You start to notice that your web server is overloaded, and often crashes because the requests have consumed all of its resources. To combat this, you’ve added an additional web server and you plan to load balance these servers by serving images from the first server only and serving video from the second server only. Which Azure resource can you implement that will properly load balance (at OSI layer 7) with URL-based routing and secure with SSL at the lowest cost?
A. Azure Load Balancer
B. Azure Front Door
C. Azure Application Gateway
D. Web Application Firewall
ANSWER44:
C
Notes: Azure Application Gateway operates at layer 7 (the application layer), and is a web traffic load balancer that enables you to manage traffic to your web applications. Application Gateway can make routing decisions based on URI path and secure with SSL.
Question 45: You manage a virtual network named VNet1 that is hosted in the West US region. Two virtual machines named VM1 and VM2, both running Windows Server, are on VNet1. You need to monitor traffic between VM1 and VM2 for a period of five hours. As a solution, you propose to create a connection monitor in Azure Network Watcher. Does this solution meet the goal?
A. Yes
B. –
C. –
D. No
ANSWER45:
A
Notes: The connection monitor capability in Azure Network Watcher monitors communication at a regular interval and informs you of reachability, latency, and network topology changes between the VM and the endpoint.
Question 46: You have an Azure subscription named Subscription1. You would like to connect your on-premises environment to Subscription1. You have to meet three requirements from the business. The first requirement is that the connection from the on-premises office and Azure must be a private connection. No network traffic is allowed to go over the public internet. The second requirement is that all traffic from the on-premises office and Azure must happen at layer 3 (network layer). The third requirement is that this connection from on-premises to Azure must be redundant to minimize the opportunity for failure. What type of connection fulfills these three requirements?
A. ExpressRoute with premium add-on
B. ExpressRoute
C. Site-to-Site VPN
D. Virtual WAN
ANSWER46:
B
Notes:ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider. ExpressRoute connections do not go over the public Internet. An ExpressRoute Connection is a layer 3 connection between your on-premises network and Azure through a connectivity provider (e.g. Verizon).
Question 47: You have an Azure subscription as well as an on-premises environment that is connected via ExpressRoute circuit. You have two additional branch offices that you need to connect to the network, as well as ten remote employees that change locations frequently but still need access to Azure resources. What is the solution that will provide the quickest setup at the lowest cost?
A. Site-to-Site VPN
B. Point-to-Site VPN
C. Virtual WAN
D. Hub-and-Spoke Network Topology
ANSWER47:
C
Notes: The Virtual WAN architecture is a hub and spoke architecture for branches and users. It enables global transit network architecture, where the cloud-hosted network ‘hub’ enables transitive connectivity between endpoints that may be distributed across different types of ‘spokes’. All hubs are connected in full mesh in a Standard Virtual WAN making it easy for the user to use the Microsoft backbone for any-to-any (any spoke) connectivity. This satisfies the requirement to provide the quickest set up at the lowest cost.
Question 48: You have a small number of servers running a microservice, and you want to make sure that all the servers have connectivity to each other. You also need to calculate network performance metrics like packet loss and link latency. Which two Azure resources do you need to meet this requirement?
A. Log Analytics Workspace
B. Network Performance Monitor
C. Azure Monitor
D. Azure Traffic Manager
ANSWER48:
A and B
Notes:A Log Analytics workspace is a data repository for Azure Monitor log data. A pre-requisite in order to use Network Performance Monitor. Network Performance Monitor helps you monitor network performance between various points in your network infrastructure. It also helps you monitor network connectivity to service and application endpoints and monitor the performance of Azure ExpressRoute.
Question 49: You have two virtual networks named VNet1 and VNet2. VNet1 is located in the West US region, whereas VNet2 is located in the East US region. You need to configure a virtual machine that’s located in VNet1 to also communicate with VMs in VNet2. From the choices available how can we enable communication between resources in VNet1 and VNet2
A. Migrate the VNet1 VM to VNet2 and leave the other VM components on VNet1
B. Migrate the network interface card (NIC), the network security group (NSG) and the VM disks to VNet2
C. Just the VM disks will need to be migrated to VNet2
D. Configure a VNet-to-VNet VPN gateway connection to allow communication between VNets in different regions
Question 50: You have two subscriptions, one named Subscription1 and the other named Subscription2. Both subscriptions are located within the same tenant. You have one Azure virtual machine located within Subscription1 and another Azure virtual machine within Subscription2 and you’d like to view CPU utilization metrics on both virtual machines. How can you achieve this while maintaining the minimum number of Azure resources and minimizing cost?
A. Create a Log Analytics Workspace for both VMs
B.Turn on VM Insights in Azure Monitor
C. Install the Log Analytics (OMS) Agent on the VMs
D. Enable guest-level monitoring on each VM
ANSWER50:
A and B
Notes: You can view metrics data (such as CPU utilization %) over time by sending your metrics data to a log analytics workspace. This workspace can collect metrics data from multiple VMs, no matter if they are located in the same or different subscriptions.
VM integration with Azure Monitor Logs delivers powerful aggregation and filtering, allowing Azure Monitor for VMs to analyze data trends over time. You can view this data in a single VM from the virtual machine directly, or you can use Azure Monitor to deliver an aggregated view of your VMs where the view supports Azure resource-context or workspace-context modes.
Question 51: You have created a new Azure virtual machine named VM1. You plan to use VM1 as a web server, which will require the VM to be accessible using HTTP/S (HTTP and HTTPS) protocol. A Network Security Group (NSG) is attached to the NIC of VM1 with the following rules:
What changes do you have to make to the NSG in order to meet the requirements for VM1?
A. Change the priority of Rule3 to 200
B. Change the action of Rule1 to Allow
C. Change the priority of Rule4 to 200
D. Change the port of Rule5 to 443
ANSWER51:
C
Notes: Lower priority rules take precedence over higher ones. Changing Rule4 to a lower number will negate all the other rules of a lesser priority, therefore allowing traffic on ports 60-500, which includes 80 and 443, the ports necessary for allowing traffic over HTTP/S. Remember the lower the priority the priority number the higher the priority in regards to reading the rules.
Question 52: You have an Azure virtual machine running Windows Server 2016. You need to collect OS level metrics on this virtual machine, including Windows event logs and performance counters. Which of the following items do you need in order to collect this metrics data?
A. Enable guest-level monitoring
B. Windows Diagnostics Extension
C. Log Analytics Agent
D. InfluxData Telegraf Agent
E. Storage Account for Diagnostic Data
ANSWER52:
A B E
Notes: In order to install the diagnostics extension on an Azure VM, you must enable guest-level monitoring from the VM settings in the portal. Windows Diagnostic Extension is an agent in Azure Monitor that collects monitoring data from the guest operating system and workloads of Azure virtual machines and other compute resources. In order to enable guest-level monitoring, you need to create a storage account for storing the metrics data.
Question 53: You have an Azure subscription with a virtual machine named VM1. You are using Recovery Services Vault (RSV) to backup VM1 with soft delete enabled. The backup policy is set to backup daily at 11 PM UTC, retain an instant recovery snapshot for 2 days, and retain the daily backup point for 14 days. After the initial backup of VM1, you are instructed to delete the vault and all of the backup data. What should you do?
A. Turn off soft delete in the vault security settings
B. Wait 14 days
C. Stop the backup of VM1 and delete backup data
D. Delete the backup policy
E. Delete Backup Jobs Workload
F. Wait 15 days
ANSWER53:
A and C
Notes: When you stop the backup and delete the backup data, because you have soft delete enabled, the backup data is still kept. Permanently delete the soft-deleted backup items that would remove the backup data indefinitely. If you stop the backup of VM1 and choose delete backup data from the dropdown menu, this will stop future backups and delete the existing backup data.
Question 54: You have a number of virtual machines and web applications running in your Azure environment. These Azure resources are critical for business operations, so you’ve locked the resources in order to prevent deletion. In addition, how can you alert on these actions in the portal, and notify your team via email and SMS when a user is trying to delete or create a new resource from within your Azure subscription?
A. Pin the activity log to your dashboard
B. Create a new alert rule
C. Query Administrative Events and Copy Link to Query
D. Create a new action group
ANSWER54:
B and D
Notes: Alert rules specify the conditions for which the alert is triggered. Activity log alerts are the alerts that get activated when a new activity log event occurs that matches the conditions specified in the alert. An action group is a collection of notification preferences defined by the owner of an Azure subscription. Azure Monitor and Service Health alerts use action groups to notify users that an alert has been triggered.
Question 55: You have a .NET Core application running in Azure App Services. You are expecting a huge influx of traffic to your application in the coming days. When your application experiences this spike in traffic, you want to detect any anomalies such as request errors or failed queries immediately. What service can you use to assure that you know about these types of errors related to your .NET application immediately?
A. Client-side monitoring
B. Live Metrics Stream in Application Insights
C. Application Insights Search
D. Log analytics workspace
ANSWER55:
B
Notes: Live metrics stream includes such information as the number of incoming requests, the duration of those requests, and any failures that occur. You can also inspect critical performance metrics such as processor and memory.
Question 56: You have an Azure subscription named Subscription1. In Subscription1 you have two Azure VMs named VM1 and VM2, both running Windows Server 2016. VM1 is backed up using Recovery Services Vault, with a backup policy of producing a daily backup and keeping that daily backup for seven days. Also, a snapshot is kept for 2 days. VM1 is compromised by a virus that infects the entire system, including the files. You need to restore the files from yesterday’s backup of VM1. Where can you restore the files to in the quickest manner?
A. A new Azure VM
B. Restore the VM1 snapshot
C. VM2
D. In-place
ANSWER56:
B
Notes: Using snapshots for VM backups, you speed up the recovery time considerably. The snapshots are stored with the disks in Azure, so the transfer speeds are optimal.
Question 57: You have a subscription named Subscription1. You would like to be alerted upon certain administrative events within Subscription1 to detect unauthorized access. Which of the following is the quickest method to setup these types of alerts?
A. Monitor > Alerts > New Alert Rule
B. Log Analytics Workspace > myWorkdspace > Advanced Settings
C. Policy > Assignments > Assign Policy
D. Subscriptions > mySubscription > Activity Log > New Alert
ANSWER57:
A
Notes: Alerts can be created from within Azure Monitor
Microsoft Azure Administrator Certification Q&A:
What does az vmss deallocate do?
Theaz vmss deallocate command will deallocate and remove the VMs within a VMSS. Azure Doc
A company is planning to use Azure for the various services they offer. They want to ensure that they can bill each department for the resources they consume. They decide to use Azure resource tags to separate the bills department wise. Would this fulfill the requirement?
– Yes, you can use resource tags to organize your Azure resources and also apply billing techniques department wise. The Microsoft documentation mentions the following.
A company is planning to use Azure for the various services they offer. They want to ensure that they can bill each department for the resources they consume. They decide to use Azure rolebased access control to separate the bills department wise. Would this fulfill the requirement?
– No, This is used to control access to resources and can’t be used for billing purposes.
A company is planning to use Azure for the various services they offer. They want to ensure that they can bill each department for the resources they consume. They decide to use Azure policies to separate the bills department wise. Would this fulfill the requirement?
– No, Azure policies are used from a governance perspective and can’t be used to create bills department wise.
A company is planning to use the Azure Import/Export service to move data out of its Azure Storage account. Which of the following service could be used when defining the Azure Export job?
– Only the BLOB service is supported by the Export job feature. This is also given in the Microsoft documentation.
Suppose you have an application running on a windows virtual machine in azure. what is the best-practice guidance on where the app should store data files?
– Dedicated data disks are generally considered the best place to store application data files. They can be larger than OS disks and you can optimize them for the cost and performance characteristics appropriate for your data.
I'm looking through our Data Connectors in Sentinel, and I saw that we are getting a bunch of logs for threat intelligence. The problem is we don't have any threat intelligence platform, so I'm trying to figure out where this data is from. This is the query that Sentinel has for finding those logs: let Now = now(); (range TimeGenerated from ago(7d) to Now - 1d step 1d | extend Count = 0 | union isfuzzy=true (ThreatIntelligenceIndicator | where SourceSystem != 'Microsoft Sentinel' | summarize Count = count() by bin_at(TimeGenerated, 1d, Now)) | summarize Count=max(Count) by bin_at(TimeGenerated, 1d, Now) | sort by TimeGenerated | project Value = iff(isnull(Count), 0, Count), Time = TimeGenerated, Legend = "Connection Events") I'm wondering if there is a way to modify this to show me the SourceSystem in one of the columns. Or maybe I am going at this the wrong way and it could be other data being marked as threat intelligence. My end goal is to figure out where the data is coming from so I can figure out if it is supposed to be there or not. submitted by /u/p4khet [link] [comments]
Hello everyone, We have run into an issue where users are signing into 365 services from unapproved devices. I've been tasked with configuring Conditional Access policies to restrict access, but management wants a list of people who are currently doing this. This is more of an opportunity to educate, prior to the door being closed. Does anyone know if there is a way to see who is signing into certain 365 services (Teams, OneDrive)? I know we can dig into sign-in logs on a user-by-user basis, but with many users, this is proving time consuming. Any advice is greatly appreciated! submitted by /u/mattmak22 [link] [comments]
I have a Power BI file that connects to Synapse Serverless. Specifically, to Views that point to CSV files, being constantly updated by Dynamics FO. It always refreshes fine from Desktop. When Published to the PBI Service, it fails ~ 50% of the time. I can sit and hit refresh over & over - something like 50% of the time it'll work. No clear pattern. The failure error message is always the same as below, just with a different table referenced. I bolded the parts that stand out to me: The consist error message (first bolded) The ever changing datalake path (second bolded) Data source error: {"error":{"code":"DM_GWPipeline_Gateway_MashupDataAccessError","pbi.error":{"code":"DM_GWPipeline_Gateway_MashupDataAccessError","parameters":{},"details":[{"code":"DM_ErrorDetailNameCode_UnderlyingErrorCode","detail":{"type":1,"value":"-2147467259"}},{"code":"DM_ErrorDetailNameCode_UnderlyingErrorMessage","detail":{"type":1,"value":"Microsoft SQL: Error encountered while parsing data: 'Unexpected end-of-input within record at [byte: 7272362]. '. Underlying data description: file 'Tables/General/Miscellaneous/PMIPBillingScheduleTable/PMIPBILLINGSCHEDULETABLE_00001.csv'.\r\nStatement ID: {E49C2C4C-FDC8-4E8B-BD60-7ADF41198990} | Query hash: 0x5DB5B39FB3B72B73 | Distributed request ID: {816D796F-5A04-4623-BD08-1F7C2EF6F60D}. Total size of data scanned is 5468 megabytes, total size of data moved is 92 megabytes, total size of data written is 0 megabytes."}},{"code":"DM_ErrorDetailNameCode_UnderlyingHResult","detail":{"type":1,"value":"-2147467259"}},{"code":"Microsoft.Data.Mashup.ValueError.Class","detail":{"type":1,"value":"16"}},{"code":"Microsoft.Data.Mashup.ValueError.DataSourceKind","detail":{"type":1,"value":"SQL"}},{"code":"Microsoft.Data.Mashup.ValueError.DataSourcePath","detail":{"type":1,"value":"synw-dataplatform-prod-001-ondemand.sql.azuresynapse.net;datalakeserverless"}},{"code":"Microsoft.Data.Mashup.ValueError.ErrorCode","detail":{"type":1,"value":"-2146232060"}},{"code":"Microsoft.Data.Mashup.ValueError.Message","detail":{"type":1,"value":"Error encountered while parsing data: 'Unexpected end-of-input within record at [byte: 7272362]. '. Underlying data description: file 'Tables/General/Miscellaneous/PMIPBillingScheduleTable/PMIPBILLINGSCHEDULETABLE_00001.csv'.\r\nStatement ID: {E49C2C4C-FDC8-4E8B-BD60-7ADF41198990} | Query hash: 0x5DB5B39FB3B72B73 | Distributed request ID: {816D796F-5A04-4623-BD08-1F7C2EF6F60D}. Total size of data scanned is 5468 megabytes, total size of data moved is 92 megabytes, total size of data written is 0 megabytes."}},{"code":"Microsoft.Data.Mashup.ValueError.Number","detail":{"type":1,"value":"19734"}},{"code":"Microsoft.Data.Mashup.ValueError.Reason","detail":{"type":1,"value":"DataSource.Error"}}],"exceptionCulprit":1}}} Table: Project. Cluster URI: WABI-US-NORTH-CENTRAL-H-PRIMARY-redirect.analysis.windows.net Activity ID: 545479b9-d104-4f04-bb74-2e95375aab06 Request ID: 645aec4d-f3a4-b65c-505b-be08a3b40f2c Time: 2023-09-27 20:16:35Z (I am running a several month old version of the Data Gateway, and just started the beaucratic process to update that, but I doubt it's a Gateway version issue). I wonder if it's not freaking out, as it attempt to read a CSV file that's currently being updated. And - for whatever reason, that affects the Gateway, but not Desktop. Will see if it freaks out as frequently tonight, when presumably far less is being updated. submitted by /u/cdigioia [link] [comments]
I currently have a window service that pings a list of servers and post the results to a web api every 5 minutes. I've seen some documentation that ICMP protocol is not allowed in Azure, so I think that rules out webjobs and azure functions. Does that only leave VMs and container apps? Please let me know how you would implement this functionality. Thanks submitted by /u/Eric7Litre [link] [comments]
Hi, I have an Azure Timer Triggered Function, which I'm trying to spin up, but it fails with the following message: Microsoft.Azure.WebJobs.Script: Error configuring services in an external startup class. MyNameSpaceHere: Could not load file or assembly 'Microsoft.Extensions.Logging.Abstractions, Version=7.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'. The system cannot find the file specified. Value cannot be null. (Parameter 'provider') I have NO clue why it's thinking about that nuget package - I don't have it installed - because I have no where in my code where it says it's needed.Am I missing something obvious?Running dotnet 6 btw, windows hosted Azure Function. The Function uses DI and has a Startup.cs due to that. I saw this issue-track related to it, but trying those things didn't work either:https://github.com/Azure/azure-functions-core-tools/issues/2304 Is it even Azure-related? Update: Actually found the package - nested deep into one of the nugets of my project. A project I've already downgraded to 3.1.32 https://preview.redd.it/5xzzygqmuuqb1.png?width=476&format=png&auto=webp&s=b087d9a757cb1185788d36931e3524ea2d9bf7f3 submitted by /u/fisterdister [link] [comments]
I have a "Location" CA applied to the tenant and also MFA. We have alot of sign-in attempts from asia but they always fail with reason " Sign-in was blocked because it came from an IP address with malicious activity ". But I cant see any information under "Conditional access" or "Report-only" tabs. Does it mean the CA didnt apply? Or does it mean that microsoft stopped it before it even had the chance to check... submitted by /u/matt5on [link] [comments]
A bit lost at the moment as to what I should do next so TY in advance! Background - Power BI developer for over 7 years. Main skillset includes of course PBI, DAX, SQL Certification so far - the old PBI and Excel certifications (70-778, 70-779, DA-100), PL-900 Power Platform Fundamentals, passed AZ-900 and passed DP-900 yesterday! Situation - so I’ve been meaning to learn Azure for many years and recently got time to do so as my contract has recently ended. I’ve been wanting to learn any code languages needed in order to dev data factory/databricks or just the whole stack. I’ve started off with AZ900 and DP900 and both were good to give me a good overview of Azure. Now that I’ve passed both now, I’m not sure which certification I should focus next to get closer to what’s needed to be a solutions architect. I want a learn path that can allow me to learn all sorts of coding needed/Python and I saw DP-203 being a good one to learn from? Questions - What is the best resource out there to get hands on with coding for Databricks/Data Factory? What Azure certifications do you think I should focus on next given my background and skillset and what I’m trying to achieve? submitted by /u/pheebsbabe [link] [comments]
Trying to create a VM from a custom image that we captured thru the portal. I was able to previously create a VM using the image, but now I am getting an error when I try to create another VM. This is the error: The resource 'VM name' cannot be created from Image '/subscriptions/mysubscriptionID/resourceGroups/images-eastus/providers/Microsoft.Compute/images/my-image-name-2023' until Image has been successfully created. We are running on a Stack Hub. Hoping some of you have some ideas. Thanks! submitted by /u/cmacd_122 [link] [comments]
I am not too familiar with Linux set up in Azure. We have an Azure Server VM that runs Linux and we are close to running out of space. One of our team members says that Data Disks in Azure for Linux can only be a max of 4 TB per disk. I cannot find anywhere that says that or if we can just expand the existing 4TB and use what we need. If anyone can point me in the proper direction, I would appreciate it. submitted by /u/xcardinal_copiax [link] [comments]
I am setting up users as "F1" licenses, Frontline Workers. We don't want them to see any apps except Outlook, Teams, and the specific line-of-business app we're using. I'm having a hell of a time figuring out how to do this. We DO want to maintain MFA; we also want to restrict their email to internal only. submitted by /u/WhiskyEchoTango [link] [comments]
I recently performed an upgrade of AKS from 1.25.5 to 1.25.11. One of the nodes failed to upgrade and reported a bad PDB for that deployment. The Deployment was set to one replica and a PDB with a Max Unavailable of 1. The PDB reported Allowed Disruptions 1 however this still caused a failure. Is this expected behavior or is this configuration of the PDB misleading? I want to note that I require teams to have a min replica of three on their deployments with a proper PDB. I just thought this was odd the K8 thought the PDB was correct and a disruption was allowed for this workload. submitted by /u/boroamir [link] [comments]
So a little background, I have a BBA in IT, and a pretty okay resume. It includes a support specialist internship (3 mo), a data analyst position (10 mo), and a leadership position (12 mo), all the past 3 years since graduation. Also 3 certifications defined below. This year I've struggled, not knowing what to get into, but recently decided to go the Microsoft route. I have a fundamentals cert in Azure and M365, and want to know what else I can do to land a small sysadmin job, as I've heard this is a good stepping stone getting into cloud/M365 admin later on (let me know if this is false). Something I thought of is creating a fake company to set up a M365 environment for, as a self project to show employers. Kinda like a personal project. I would use all the available services in the free dev subscription, as well as what I can integrate with Azure. What I'm wondering is, should I be spending my time on that at all? Is it something that would look good? Is it actually possible to do on my own in a free trial, and if so, what are some tips on how I can implement it? Thank you for your time. submitted by /u/SettleBurgers [link] [comments]
I've been diving into Microsoft's reference architecture for web applications and noticed something I found peculiar. They've placed all private endpoints, be it for the frontend, backend, or database, in the same subnet. This seems to contrast with the classic N-tier architecture where different tiers/components are segmented into different subnets for security purposes. Is there a specific reason for this design choice? Is this approach recommended from a security standpoint? Would love to get insights and perspectives from anyone familiar with this. https://learn.microsoft.com/en-us/azure/architecture/web-apps/app-service/architectures/baseline-zone-redundant submitted by /u/Redamoukh [link] [comments]
Hello, The only tutorial I've seen is for when you're creating the VM, not for the VM that already exists. but there is a tutorial for change the routing preference for azure storage. Any ideas on how to change it without having to delete everything and start from scratch ! submitted by /u/Homayoon_p [link] [comments]
I am inquiring about Merging objects from disconnected source using Entra Cloud Sync (as described here: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/cloud-sync/plan-cloud-sync-topologies) We have two AD forests, one is our Enterprise forest and the second is an Administrative forest. The usernames / passwords in the Enterprise forest are synced to the Administrative forest using MIM. The users in the Enterprise forest are synced out to Azure using AAD Connect, they are licensed for M365, and are setup for MFA using Azure MFA. The users in the Administrative forest can only access that environment through a Citrix gateway that uses on-prem Azure MFA (which is going away in September of next year). We'd like to replace the on-prem Azure MFA solution with the cloud Azure MFA solution. In order for us to do that we need to sync the accounts in the Administrative forest to Azure. There are no routes between the Administrative forest and AAD Connect server, so we've begun investigating Entra Cloud Sync. Reviewing the link above, it looks like we'd be able to leverage Entra Cloud Sync to essentially merge the identity in the Administrative forest with the already synced identity in Azure from the Enterprise forest (provided certain conditions are met). I am I reading / understanding that correctly? If so, has anyone gotten this to work? If my understanding is accurate, it seems like this would save on licensing because we wouldn't have two identities for each user to license in the Azure tenant. Any insight would be helpful. Thanks submitted by /u/hanotsrii [link] [comments]
Hi everyone, I’ve been looking though Microsoft’s documentation on how to enforce passwordless MFA and unfortunately had no luck. It seems the only time it does work, is when the user is already registered into MFA before the policy is enabled. I’ve already tired the following: All policies are migrated to Azure’s new authentication method polices page. Enforced passwordless to the user’s group via setting it on the new authentication method policy setting. Created a custom multifactor authentication strength which only includes passwordless. Created a conditional access policy that allows access to all cloud apps, if the user uses the multi-factor strength, passwordless. Added the same user group to the MFA registration campaign. When the user tries to register for MFA, either on the Microsoft Authenticator app or via their browser, it simply states that it requires them to register MFA. But, provides no option todo so. Would love anyone’s opinion on this. 🙂 submitted by /u/M-Christo [link] [comments]
I created a storage account and created a container to store images. I created a function app and inside that I created a Blob trigger function. Now I don't know to connect my blob path to my function. Anyone please help me in this submitted by /u/vigneshp03 [link] [comments]
Passed DP100 today and scored 920. Preparation Hours - Approx 100 hours Resources to study - MS Learn, Jitesh's course on Udemy Practice Tests - SkillCertPro, Examtopics PS - the open book concept was a savior. I had no idea about the responsible AI questions (there were 4 of them), but the documentation helped. submitted by /u/Long_Energy7968 [link] [comments]
I inherited a Cisco umbrella deployment, that has finally come up for renewal in 12 weeks. Our currently set us is totally cloud based, with almost everything on Azure. Is there an Umbrella alternative within Azure / Microsoft 365? Umbrella is used primarily as an outer layer of protection against malware and so on both on clients, and also on our router(s) on prem. submitted by /u/Early-Ad-6660 [link] [comments]
Microsoft Azure Administrator Certification Questions and Answers Dumps – AZ 104
Azure Fundamentals –> Azure Administrator –> Microsoft Security, Compliance, and Identity Fundamentals –> Azure Solutions Architect Expert or Microsoft Azure Security Technologies
or Designing and Implementing Microsoft DevOps Solutions
That being said, I’d recommend learn scripting as that would come in handy for this admin path expert. If you passed SAA, I’m positive you can pass any cert with proper dedication.
FYI – I created this free tool to carve out your certification path. Give it a try here. Open to feedback on how it can be improved for everyone.
Certifications for Microsoft Azure
There’s a Microsoft certification for you, whether or not you’re thinking about what Microsoft Azure is and where to start, or where you should go next in your cloud job. There are around 16 Azure cloud assertions open. Here is an overview of current Microsoft Azure assertions.
Microsoft Certified: Azure Administrator Associate
Microsoft Certified: Azure Developer Associate
Microsoft Certified: Azure Database Administrator Associate
Microsoft Certified: Azure Security Engineer Associate
Microsoft Certified: Azure Data Scientist Associate
Microsoft Certified: Azure Data Engineer Associate
Microsoft Certified: Azure AI Engineer Associate
Microsoft Certified: Azure Stack Hub Operator Associate
Expert Level Certifications
Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certified: DevOps Engineer Expert
Specialty Certifications
Microsoft Certified: Azure IoT Developer Specialty
Microsoft Certified: Azure for SAP Workloads Specialty
Microsoft Certified: Azure Virtual Desktop Specialty
There are also two other Microsoft assertions that are Azure-related. While we won’t cautiously depict them in this post, dependent upon your master way and limit, they might justify researching.
For security engineers responsible for peril the leaders, checking, and response, the Microsoft Certified: Security Operations Analyst Associate confirmation is required. It requires completing the SC-200 appraisal.
Test SC-300 is required for the Microsoft Certified: Identity and Access Administrator Associate, which is for heads who use Azure AD to manage IAM.
What mightbe prudent for you to do first?
In particular, you should make certain with regards to what a Microsoft Azure confirmation is and isn’t. Is simply clear? Phenomenal! Then, at that point, we ought to explore three circumstances that can assist you with picking where to start.
“I’m new to development. I’m essentially uninformed in regards to this ‘cloud’ that is quite serious.”
You can sort out some way to cloud in the event that you’re the kind of person who counts “Microsoft Word” as a specific capacity on your resume. On the off chance that you’re just beginning started, a section level certification will outfit you with the language and understanding you’ll need to all the more promptly analyze your ensuing stages. The AZ-900 Azure Fundamentals accreditation is your first stop on the Azure road.
The cloud might be alarming, yet the capacities you’ll get as you seek after this accreditation will help you with understanding it in a way that even an all out beginner can understand — especially if you have the right getting ready. (Look at me as a hotshot, yet I think our Azure Fundamentals getting ready is astonishing.)
“I have a fundamental cognizance of the cloud.”
Perhaps you’ve worked in the IT field beforehand. Perhaps you’ve attempted various things with AWS, GCP, or Azure. Do you accept you’re ready to make a dive? Press the brakes. Start with the Azure Fundamentals affirmation, if you haven’t at this point. In the best circumstance, you’ll see it to be a breeze. Regardless, paying little heed to how far you advance in Azure, this accreditation will give the establishment to future accomplishment. The accompanying crosspiece on the ladder (Azure Administrator Associate) can be an inconvenient one to ascend. Before dealing with it, you’ll need all of the Fundamentals data notwithstanding a huge load of Azure included knowledge.
Here are different Azure Certifications (Microsoft Certified)
AZ-900
For beginners, this is the best Microsoft Azure accreditation. It’s an unprecedented spot to start on the off chance that you’re new to appropriated processing or Microsoft Azure. This one would be Azure 101 if test names appeared to be okay and acceptable.
Test AZ-900: Microsoft Azure Fundamentals ($99 USD) is required.
There are no fundamentals.
For whom this is for?
In a general sense, everyone. Non-particular individuals with a cloud-related calling, similarly as new or cheerful designers or IT experts, could benefit from acknowledging what the cloud is and isn’t. Any person who needs to comprehend the Microsoft Azure environment should have the data expected to complete this evaluation.
Fundamentals DP-900 Microsoft Certified
For inescapable data focused cloud subject matter experts, this is a significant beginning advance assertion.
Test DP-900: Microsoft Azure Data Fundamentals ($99 USD) is required.
There are no fundamentals.
For whom this is for?
This helper is for informational collection draftsmen and data base administrators who are essentially starting with cloud data.
AI Fundamentals AI-900 Microsoft Certified
This Microsoft Azure affirmation exhibits that you appreciate the fundamentals of man-made mental ability (AI) and AI (ML) in Azure for amateurs with both particular and non-specific establishments.
Test AI-900: Microsoft Azure AI Fundamentals ($99 USD) is required.
There are no basics.
For whom this is for?
Reproduced insight Engineers, Data Scientists, Developers, and Solutions Architects with a working data on AL and ML, similarly as Azure organizations related with them. This affirmation, like the others in the Azure Fundamentals series, is normal for those with both specific and non-particular establishments. That proposes data science and PC programming experience aren’t required, but Microsoft recommends making them program data or experience.
Administrator Associate AZ-104 is a Microsoft attestation.
For the IT swarm, this is the rudiments of Azure organization. This takes you from a fundamental perception of the cloud to having the alternative to perform cloud tasks (and get repaid to do them).
Test AZ-104: Microsoft Azure Administrator ($165 USD) is required.
For whom this is for?
This affirmation is for IT specialists and administrators who screen cloud assets and resources and direct cloud system. This test is (mistakenly) seen as an entry level test, yet you’ll need to know an immense heap of anticipated that information should pass and do whatever it takes not to have your AZ denied.
Azure Container Apps is a serverless offering you can use to host your containers. It is a good fit for containerized apps and hosting microservices. Integrated services like KEDA, Envoy proxy, and Dapr provide you with out-of-the-box auto-scaling, ingress, traffic splitting, and simplified microservice connectivity.
Container Apps service is built on top of Kubernetes. Container Apps are an Azure Resource Manager deployment object, meaning you can’t just use your existing Kubernetes object descriptions and migrate them to Container Apps. You need to rewrite your deployment stack using Bicep or ARM templates. Terraform is not yet supported.
AZ-900: Microsoft Azure Fundamentals – Top 100 Questions and Answers Dumps
Amazon’s AWS and Microsoft’s Azure are the big boys of the cloud computing world, even though AWS is much bigger than Azure.
Revenue from Microsoft Azure grew 72% from 2018 from $7.56 billion to $13 billion. Azure contributed to almost 10.5% of Microsoft’s total revenue in 2019. It has also been noted that the US defense chose Azure in its tactical operations. The last quarter earnings of 2019 grew by 64%.
The exam is intended for candidates who are just beginning to work with cloud-based solutions and services or are new to Azure. Candidates should be familiar with the general technology concepts, including concepts of networking, storage, compute, application support, and application development. Azure Fundamentals can be used to prepare for other Azure role-based or specialty certifications, but it is not a prerequisite for any of them.
Below are the top 100 AZ-900 Microsoft Azure fundamentals Certification exam questions and answers dumps.
I- AZ-900 Cloud Concepts – Azure Services
Question 1:Microsoft Office 365 is an example of which cloud deployment model?
A. PaaS
B. IaaS
C. CASB
D. SaaS
Answer1:
D
Notes:
Software as a service (SaaS) allows users to connect to and use cloud-based apps over the internet. Common examples are email, calendar, and office tools, such as Microsoft Office 365.
Question 2:You have an on-premises application that processes incoming Simple Message Submission Service (SMSS) queue messages and records the data to a log file. You migrate this application to an Azure function app. What kind of cloud service would this be considered?
Serverless computing is the abstraction of servers, infrastructure, and operating systems. When you build serverless apps, you don’t need to provision and manage any servers, so you don’t have to worry about infrastructure. Serverless computing is driven by the reaction to events and triggers happening in near-real time in the cloud.
A. Spending money on products or services now and being billed for them now. You can deduct this expense from your tax bill in the same year.
B. Spending money on physical infrastructure up front, and then deducting that expense from your tax bill over time.
C. Prices for individual resources and services are provided so you can predict how much you will spend in a given billing period based on your expected usage.
D. The ability to do things more efficiently or at a lower cost per unit when operating at a larger scale.
Answer 3:
D
Notes 3:
Cloud providers such as Microsoft, Google, and Amazon are large businesses that leverage the benefits of economies of scale and then pass the savings on to their customers.
Question 5: Which of the following Azure solutions allows you to geographically cache and distribute high-bandwidth content, such as streaming videos, to users in different parts of the world?
A. Content Delivery Network (CDN)
B. Load Balancer
C. Application Gateway
D. Virtual Network Gateway
Answer 5:
A
Notes 5:
Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes around the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs.
Question 6:You are beginning to extend your on-premises data center into Azure. You have created a new Azure subscription and resource group called RG-One. You deploy two virtual machines into RG-One with the intent of promoting these to Active Directory domain controllers. What kind of cloud service would this be considered?
Infrastructure as a service (IaaS) is an instant computing infrastructure, provisioned and managed over the internet. Deploying virtual machines into an Azure subscription would be considered an IaaS service.
Question 7:Select the concept that is defined as ensuring that servers are available if a single data center goes offline.
A. Scalability
B. Fault tolerance
C. Elasticity
D. Agility
Answer 7:
B
Notes 7:
Fault tolerance is the property that enables a system to continue operating properly in the event of the failure of one or more of its components. In Azure, it refers to ensuring that a portion of the production systems are available online (via a failover cluster, available set, or available zone) if a subset of the system components (or an entire data center) goes offline.
Question 8:In regards to comparing Public Cloud and Private Cloud, which of these best describe the characteristics of a Public Cloud?
A. No-upfront costs
B. More control over the security
C. Less reliability
D. Less maintenance
Answer 8:
A and D
Notes 8
The public cloud provides a pay-as-you-go pricing model which can lead to lower costs than those in private cloud solutions where capital expenditures are high.
The public cloud provides agility to provision and de-provision resources quickly with far less maintenance than that of private cloud solutions.
Question 9:Which of the following are considered capital expenditures (CapEx)?
A. Storage area network
B. Cloud-based virtual machine
C. Office 365 licenses
D. Hyper-V host server
Answer 9:
A and D
Notes 9:
Storage costs are typically considered CapEx and include storage hardware components and the cost of supporting them. Depending on the application and level of fault tolerance, centralized storage can be expensive.
Server costs are considered CapEx and include all server hardware components and the cost of supporting them. When purchasing servers, make sure to design for fault tolerance and redundancy (e.g., server clustering, redundant power supplies, and uninterruptible power supplies). When a server needs to be replaced or added to a data center, you need to pay for the computer. This can affect your immediate cash flow because you must pay for the server up front.
Question 10:You are in the process of migrating your existing on-premises SQL databases to Azure. You will migrate them to Azure SQL databases, as opposed to deploying SQL database servers in Azure. What kind of cloud service would this be considered?
A. Software-as-a-Service (SaaS)
B. Platform-as-a-Service (PaaS)
C. Serverless
D. Infrastructure-as-a-Service (IaaS)
Answer 10:
B
Notes 10:
Platform as a service (PaaS) is a complete development and deployment environment in the cloud with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. An Azure SQL instance would be considered a PaaS service.
Question 11: Which of the following statements are true for IaaS cloud services?
A. The client is responsible for purchasing all Operating System (OS) host licensing.
B. Services can be scaled automatically to support system load.
C. The client has complete control over the host operating system.
D. The client is responsible for all guest OS and application updates.
Answer 11:
B and D
Notes 11:
IaaS host services are scaled automatically to combat increased system load and scaled back during periods of inactivity.
The cloud service provider performs all underlying hardware, OS, and middleware updates. The client performs all guest OS and application updates.
Question 12: Which of the following tools can be used to manage Azure resources on a Google Chromebook?
A. Azure portal
B. PowerShell
C. Azure Cloud Shell
D. Azure CLI
Answer 12:
A and C
Notes 12:
You can run the Azure portal on all modern desktop, tablet devices, and browsers.
Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.
Question 13:Which Azure service can provide big data analysis for machine learning?
A. Azure App Service
B. Azure WebJobs
C. Application Insights
D. Azure Databricks
Answer 13:
D
Notes 13:
Azure Databricks is an Apache Spark-based analytics platform optimized for the Microsoft Azure cloud services platform. Databricks enables collaboration between data scientists, data engineers, and business analysts.
Question 14:You need to create an Azure storage solution that will store messages created by an Azure web role. The messages will then be processed by an Azure worker role. What type of storage solution should you create?
A. A Queue service in a storage account
B. A virtual machine data disk
C. A File service in a storage account
D. A Blob service in a storage account
Answer 14:
A
Notes 14:
Azure Queue storage is a service for storing large numbers of messages that can be accessed from anywhere in the world via authenticated calls using HTTP or HTTPS.
Question 15:You have an on-premises application that sends email notifications automatically based on a rule. You plan to migrate the application to Azure. You need to recommend a computing solution for the application that should minimize costs by incurring charges only when it is executed.
Which Azure solution is best for this type of application?
A. Logic App
B. A web app
C. Service Bus App
D. IaaS web server in Azure
Answer 15:
A
Notes 15:
Azure Logic Apps is a cloud service that helps you automate and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on-premises, or both.
For example, here are just a few workloads you can automate with logic apps:Process and route orders across on-premises systems and cloud services.
Send email notifications with Office 365 when events happen in various systems, apps, and services.
Move uploaded files from an SFTP or FTP server to Azure Storage.
Monitor tweets for a specific subject, analyze the sentiment, and create alerts or tasks for items that need review.
For new logic apps that run in the public or “global” Azure Logic Apps service, you pay only for what you use. These logic apps use a consumption-based plan and pricing model.
Question 16: You are the Systems Administrator for a local university. You are deploying several sets of systems that will be used for research and development teams. Each set of systems will be uniform in nature, containing the same number and type of Azure resources.
What should you recommend to automate the creation of these Azure resources?
A. Azure Resource Manager templates
B. Multiple Azure subscriptions
C. Management groups
D. Virtual machine scale sets
Answer 16:
A
Notes 16:
An Azure Resource Manager template is the framework by which resources are created. They can be used to define and automate the creation of similar resources.
Question 17:You are deploying a pair of Azure virtual machines. You want to ensure that the application will remain available in the event of a complete data center failure. What Azure technology will help most in this task?
A. Locally redundant storage
B. Zone Redundant Storage
C. Availability zone
D. Availability set
Answer 17:
C
Notes 17:
An Availability zone consists of two or more virtual machines in different physical locations within an Azure region. This configuration ensures that only a subset of the virtual machines in an availability zone will be affected in the event of hardware failure, OS update, or a complete data center outage. This configuration offers 99.99% SLA.
Question 18: Which of the following database solutions has the ability to add data concurrently from multiple regions simultaneously?
A. SQL managed instances
B. Cosmos DB
C. SQL Data Warehouses
D. Azure SQL Databases
Answer 18:
B
Notes 18:
Azure Cosmos DB is Microsoft’s globally distributed, multi-model database service. Cosmos DB elastically and independently scales throughput and storage across any number of Azure regions worldwide.
Question 19: Which Azure service can host your web apps without you having to manage underlying infrastructure?
A. Azure App Service
B. Azure WebJobs
C. Azure Databricks
D. Application Insights
Answer 19:
A
Notes 19:
Azure App Service enables you to build and host web apps, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure.
Question 20: Which of the following components can be used to load balance traffic to web applications, such as Azure App Service web apps using layer 7 of the OSI model?
A. Virtual Network
B. Virtual Network Gateway
C. Route table
D. Load Balancer
E. Application Gateway
Answer 20:
E
Notes 20:
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 — TCP and UDP) and route traffic based on source IP address and port to a destination IP address and port.
Question 21: Which Azure service can help you collect, analyze, and act on telemetry from your cloud and on-premises environments?
A. Azure App Service
B. Azure Monitor
C. Azure Analyzer
D. Azure WebJobs
Answer 21:
B
Notes 21:
Azure Monitor is a service that can help you understand how your applications are performing and proactively identify issues affecting them and the resources they depend on.
Question 23: Which Azure service should you use to correlate metrics and logs from multiple resources into a centralized repository? A. Azure Event Grid
B. Azure Event Hubs
C. Azure SQL Data Warehouse
D. Azure Monitor
Answer 23:
D
Notes 23:
Log data collected by Azure Monitor (formerly Azure Log Analytics) is stored in a Log Analytics workspace, which is based on Azure Data Explorer. It collects telemetry from a variety of sources and uses the Kusto query language used by Data Explorer to retrieve and analyze data.
Question 24: You are the Azure Administrator for Radio Gaga, LTD. You have a resource group named RG-RG and need to ensure no other administrators can create virtual networks in this resource group. What can you implement to accomplish this?
A. Access Control (IAM)
B. Azure policy
C. Locks
D. Properties
Answer 24:
B
Notes 24:
Azure Policy is a service in Azure used to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.
For example, you can have the policy to allow only a certain SKU size of virtual machines in your environment. Once this policy is implemented, new and existing resources are evaluated for compliance. With the right type of policy, existing resources can be brought into compliance.
Question 25: Which of the following is the organization that defines standards used by the United States government?
A. NIST
B. ITIL
C. GDPR
D. ISO
Answer 25:
A
Notes 25:
The National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidance to help organizations assess risk. It defines the standards that are used by the United States government as well as the US Department of Defense (DoD).
Question 26: You have an Azure virtual network named VNet in a resource group named Bob-RG. You assign an Azure policy specifying virtual networks are not an allowed resource type in Bob-RG. What happens to VNet once this policy is applied?
A. VNet is moved to a new resource group.
B. Bob-RG is deleted automatically
C. VNet continues to function normally, but no new subnets can be added.
D. VNet is deleted automatically.
Answer 26:
C
Notes 26:
Azure policies that determine the allowed types of resources can only prevent non-compliant resources from being created. Existing non-compliant resources are not affected. However, the policy is flagged as non-compliant so that the administrator can determine action (if any).
Question 27: Which Azure tool allows you to view which user turned off a specific virtual machine during the last 14 days?
A. Azure Event Hubs
B. Azure Activity Log
C. Azure Service Health
D. Azure Monitor
Answer 27:
B
Notes 27:
The Azure Activity Log is a subscription log that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. Events such as starting and stopping of virtual machines can be found here.
A collaboration between Microsoft and Adobe brings you a more simplified and consistent experience for PDF documents that have been classified and, optionally, protected. This collaboration provides support for Adobe Acrobat native integration with Microsoft Information Protection solutions, such as Azure Information Protection.
Question 29: Which of the following is true regarding HDInsight?
A. It is an on-demand analytics job service that simplifies big data. Instead of deploying, configuring, and tuning hardware, you write queries to transform your data and extract valuable insights.
B. It is a managed relational cloud database service.
C. It is a cloud-based service that is a limitless analytics service that brings together enterprise data warehousing and Big Data analytics.
D. It is an open-source framework for the distributed processing and analysis of big datasets in clusters.
Answer 29:
D
Notes 29:
Azure HDInsight is a managed, full-spectrum, open-source analytics service for enterprises. HDInsight is a cloud service that makes it easy, fast, and cost-effective to process massive amounts of data. HDInsight also supports a broad range of scenarios, like extract, transform, and load (ETL); data warehousing; machine learning; and IoT.
Learn about important Azure product updates, roadmap, and announcements here
Questions 31: Azure virtual machines can be moved between which of the following Azure resources?
A. Subscriptions
B. Regions
C. Availability Sets
D. Resource Groups
E. Availability Zones
Answer 31:
A, B, D, E
Notes 31:
Azure virtual machines can be moved between subscriptions with either Azure PowerShell or the Azure portal. Using Azure Site Recovery, you can migrate Azure VMs to other regions. Azure virtual machines can be moved between resource groups with either Azure PowerShell or the Azure portal. Using Azure Site Recovery, you can migrate Azure VMs to other Availability Zones.
II- Azure Pricing and Support
Question 32: Which Azure support plans can open support cases?
Question 33: For any Single Instance virtual machine using premium SSD or Ultra Disk for all Operating System Disks and Data Disks, what is the SLA guarantee for virtual machine connectivity?
Question 34: Which of the following Azure services is a cloud-based service that leverages massively parallel processing (MPP) to quickly run complex queries across petabytes of data in a relational database?
A. Azure SQL database
B. Azure HDInsight
C. Azure SQL Data Warehouse (Azure Synapse )
D. Azure Data Lake Analytics
Answer 34:
C
Notes 34:
Azure SQL Data Warehouse (Azure Synapse ) is a cloud-based service that leverages massively parallel processing (MPP) to quickly run complex queries across petabytes of data in a relational database.
Question 35: You have an Azure subscription that contains the following unused resources:
Name
Type
Configuration
nic0
Network Interface
10.0.0.6
pip1
Public IP
Static
lb1
Load Balancer
Standard, 5 rules configured
VNet2
Virtual Network
10.1.0.0/16
VM3
Virtual Machine
Stopped (Deallocated)
Based on this information, which of the following unused resources should you remove to lower cost?
A. lb1
B. VNet2
C. pip1
D. nic0
E. VM3
Answer 35:
A and C
Notes 35:
The pricing for Standard Load Balancer is based on the number of rules configured (load balancer rules and NAT rules) and data processed. However, there is no hourly charge for the Standard Load Balancer itself when no rules are configured. Since this load balancer contains rules, it should be removed to save money.
In ARM deployment model, there is no charge for dynamic public IP addresses when the associated virtual machine is “stopped-deallocated”. However, you’re charged for a static public IP address irrespective of the associated resource (unless it is part of the first five static ones in the region). This resource should be removed.
Users are able to login to the service, log in to the Access Panel, access applications on the Access Panel and reset passwords. IT administrators are able to create, read, write and delete entries in the directory or provision or de-provision users to applications in the directory.
No SLA is provided for the Free tier of Azure Active Directory.
Question 38: Which of the following Azure support plans offer Severity “A” and “B” cases to be opened?
Question 39:This question requires that you evaluate the underlined text to determine if it is correct. When you are implementing a software as a service (SaaS) solution, you are responsible for configuring high availability. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
Question 40:You have an on-premises network that contains several servers. You plan to migrate all the servers to Azure. You need to recommend a solution to ensure that some of the servers are available if a single Azure data center goes offline for an extended period. What should you include in the recommendation?
Question 41: This question requires that you evaluate the underlined text to determine if it is correct. When planning to migrate a public website to Azure, you must plan to pay monthly usage costs. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed
B. Deploy a VPN
C. pay to transfer all the website data to Azure
D. reduce the number of connections to the website
Question 42: You have an on-premises network that contains 100 servers. You need to recommend a solution that provides additional resources to your users. The solution must minimize capital and operational expenditure costs. What should you include in the recommendation?
Question 43: Which Azure offering refers to a set of development, testing, and automation tools?
A. Azure Cognitive Services
B. Azure Boards
C. Azure DevOps
D. GitHub
Answer 43:
C
Notes: Azure DevOps Services provides development collaboration tools, including high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and continuous testing capabilities.
Question 44: Which of the following are available in the Azure Marketplace?
A. Virtual machine images
B. SaaS applications
C. Solution templates
D. Sample application code
Answer 44:
A B C
Notes: Virtual machine images are available in the Azure Marketplace. Images are available for Windows and Linux. Stock operating system images, as well as custom images with pre-installed applications, are also available.
SaaS applications make up the majority of the Azure Marketplace. One click allows you to install and use many popular applications — such as Office365, Salesforce, Zoom, and others — seamlessly with your Azure subscription.
Solution templates allow you to deploy entire IaaS solutions with a simple click. Examples include complete SharePoint farms as well as SQL Always Available clusters.
Question 45: Which of the following regulates data privacy in the European Union (EU)?
A. ITIL
B. GDPR
C. ISO
D. NIST
Answer 45:
B
Notes: The General Data Protection Regulation (EU) 2016/679 (“GDPR”) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Question 46: You currently have two Azure Pay-As-You-Go subscriptions. You would like to transfer billing ownership of the subscriptions to another account while moving the subscriptions into the other accounts Azure AD tenant. How can you accomplish this?
A. Open a support ticket by contacting Microsoft Azure Support
B. In the Azure Portal, under Azure Subscriptions click Change Directory
C. Using Azure CLI, run the az account merge command
D. In the Azure Portal, under Cost Management + Billing under Azure Subscriptions
Answer 46:
Notes: It is here that we can transfer billing ownership by clicking on the context menu for the subscription. We then select “Transfer billing ownership” and as part of the process, we can provide the email associated with the other account, and can also choose to move the subscription into the Azure AD tenant of the other account. This will move the subscription into the default Azure AD tenant of the destination account.
Notes: A support request can only be opened via the Azure Portal.
Question 48: You attempt to create several managed disks in your Azure environment. In the Portal, you receive a message that you must increase your Azure subscription limits. What should you do to increase the limits?
A. Modify an Azure policy.
B. Use Azure PowerShell to create the new managed disks.
Question 49: A company wants to build a new voting kiosk for sales to governments around the world. Which IoT technologies should the company choose to ensure the highest degree of security?
A. IoT Hub
B. IoT Central
C. Azure Sphere
D. Azure IoT
Answer 49:
C
Notes: Azure Sphere provides the highest degree of security to ensure the device has not been tampered with.
Question 50: This question requires that you evaluate the underlined text to determine if it is correct. When you are implementing a software as a service (SaaS) solution, you are responsible for configuring high availability. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed.
B. defining scalability rules
C. installing the SaaS solution
D. configuring the SaaS solution
Answer 50:
D
Notes: configuring the SaaS solution
Question 51: A company wants to quickly manage its individual IoT devices by using a web-based user interface. Which IoT technology should it choose?
A. IoT Hub
B. IoT Central
C. Azure Sphere
D. Azure IoT
Answer: B – IoT Central quickly creates a web-based management portal to enable reporting and communication with IoT devices.
Question 52: You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages?
A. IoT Hub
B. IoT Central
C. Azure Sphere
D. Azure IoT
Answer: A – An IoT hub communicates to IoT devices by sending and receiving messages.
In Azure, every VM – regardless if Linux or Windows – gets a temporary disk assigned automatically. This temporary disk is located on the physical server (the hypervisor) where the Azure VM is hosted and is non-persistent. Disks used by the operating system or additionally added data disks are persistent disks and stored in Azure Storage.
Azure VM’s can be moved from its current host to new host at any time due to maintenance, hardware failures or other reasons. In such an event, the data from the temporary storage will not preserve or moved to the new host. Apart from the hardware failures, there are many other reasons data from the temporary disk will be lost:
Resizing of the VM
Restarting of the VM
Moving from one host to another
Updating/upgrading of host
Really, the temporary disk should never be used for data that has to be persistent. To avoid misconfiguration, the disk also has the drive label “Temporary Storage” and includes a text file “DATALOSS_WARNING_README.txt”. Read more here…
It depends on the virtual machine type we talk about. Some Azure virtual machines include a Windows operating system license in their price (some even include a SQL Server). Some do not, however, there is an “Azure Hybrid Use Benefit” in certain Microsoft licensing programs, where basically the customer can use its previously acquired software licenses on Azure virtual machines (“bring you own license”). Also, there are Azure virtual machines available with different Linux distributions (both commercial and community), Windows Server license is obviously not included in these. Continue reading here
Hello. Yes They charge you for the disk usage too. So its Disk, Network, License (if Windows Server Instance) and Processor/RAM that are taken into consideration
(more)
Why don’t I see the N-Series (vga enabled) VMs in my Azure vm sizes list (I have Bizspark subscription)?
It has nothing to do with BizSpark. N series VMs are generally available since 1 December, 2016 (Azure N-Series: General availability on December 1 ), but only in select Azure datacenter regions. Please consult the Azure Products by Region | Microsoft Azure website for regional availability.
(more)
What is a data disk in Azure VM?
What are things to look out for when choosing a location for your Microsoft Azure VM?
The argument in placing a cloud vm would be performance. Performance in the cloud world means cost. The better performance you need the more its going to cost you. But the other side of that is the faster you can solve the problem you are trying to solve. The business problem to evaluate in placement of a VM is loosley these two things: Does increasing the performance of the application provide the overall answers required faster? Are there things you can do to your application that will allow it to better take advantage of cloud capabilities…
Please review Azure Monitor, the built-in monitoring service in Azure. Azure Monitor provides metrics and logs for many services in Azure including VMs. A quick overview : Product documentation: Get started with Azure Monitor Note: As of today (Apr ‘17) Cloud Services metrics are served using an older telemetry pipeline but that is the process of being migrated to Azure Monitor pipeline. You will soon be able to consume Cloud Service metrics via Azure Monitor, the same way you can for Azure VMs, Web Apps or Azure SQL DBs.
Azure Backup introduces a reinforcement expansion to the Azure VM specialist that is running on the VM. This expansion backs up the whole VM. You can back up explicit records and organizers on the Azure VM by running the MARS operator.
Make sure you have VMs in Availability set. Before selecting a VM collect below inputs either from Application or from Performance monitoring team 1. Maximum IOPS required. 2. Maximum size of DB in next 2 years at least. Based on these inputs select the VM size and required storage tier – Standard or Premium. For high performance, you can perform disk stripping if you require more than 5000 IOPS. Also you can configure Backup to URL.
(more)
Could I connect to a Linux Azure VM using SSH and private IP through Putty?
Absolutely. You can check your VM’s public IP address on the Azure Portal and SSH into it with the SSH client of your choice. A private IP allows Azure VMs to communicate with other resources in a virtual network or an on-premises network through a VPN or ExpressRoute. So you can SSH into an Azure VM using the private IP from the same virtual network or via VPN / ExpressRoute.
Azure portal ( Microsoft Azure ) now has a feature called Cloud Shell. This basically gets you a command line interface, in the browser, where you can make an authenticated access to Azure resources, including your virtual machines. Both Bash and PowerShell are available, and you can also save your frequently used scripts, etc for later re-use. More details here: Azure Cloud Shell – Browser-Based Command Line | Microsoft Azure
How to resize a Linux VM with the Azure CLI – Azure Linux Virtual Machines az vm resize –resource-group mygroup –name mytestvm –size Standard_D4s_v3 This call would trigger instance restart in the background if needed.
This document indicates how a Linux VM password can be reset Reset Linux VM password and SSH key from the CLI. There is also an option in the Azure portal (https://portal.azure.com). Go to the details of the virtual machine you wish to reset the password for and look for “reset password” at the bottom left:
Depending on what OS you are using lets say Linux. You could use properJavaRDP you will need a Java VM installed. I’ve used this with success the screen refresh was not great tho.
Select Diagnostics settings from the Azure UI blade.
Under the Overview tab: Pick a Storage account: Select your storage account so that the metrics stats can be stored. Click on ‘Enable guest level monitoring‘ and wait for the process to complete.
If I change the size of my Azure VM while running a script, will that stop the execution of the script? (Currently using a Linux VM).
Changing the size of an Azure VM (scaling up or down) is only possible with a reboot. That will most definitely stop the execution of your script.
(more)
How do I make an Azure VM snapshot?
1. On the Azure portal, select Create a resource. 2. Search for and select Snapshot. 3. In the Snapshot window, select Create. 4. Enter a Name for the snapshot. 5. Select an existing Resource group or enter the name of a new one. 6. Select an Azure datacenter Location.
(more)
On the Azure portal, select Create a resource.
Search for and select Snapshot.
In the Snapshot window, select Create. …
Enter a Name for the snapshot.
Select an existing Resource group or enter the name of a new one.
Select an Azure datacenter Location.
Can we restrict a developer (on Microsoft Azure VM) to not upload a source code on any website or email?
You can restrict a developer from uploading a source code on any website by following the below steps: 1. Go to the desired VM instance in the Azure portal 2. Select “Access control (IAM)” option from the left pane 3. Select Role Assignment option under +Add option 4. Now, you will be able to assign any one of the available pre-defined roles to a user 5. Give contributor level access to the respective developer, now he will not be able to access/upload a file to the website
The region prices are related to pricing conditions in particular region. In details it is about tenancy of physical area, prices of the hardware from vendors, the cost of man-hours in a particular region for IT specialists and other Azure datacenter workers, and so on. Unfortunately, I can’t find any reference for that information, I’m talking here personally as the person who works with Azure every day and have a contact with Microsoft teams.
(more)
Can we spin up a Windows Azure VM programmatically from a php page? We can assume that we have valid Microsoft Credentials.
The REST Management API is the one you want to go for. Authentication is certificate based. You’ll have to upload a management certificate using the Windows Azure portal in able for your PHP application to authenticate. A good starting point on how to use the Windows Azure REST APIs for management can be found here How to use Windows Azure service management APIs (PHP). Like Rahul suggested, once you have that up-and-running use the Operations on Virtual Machines API set to manipulate your Virtual Machine deployments.
(more)
How do you reduce the size of my Azure VM disk?
Hi, Below are some points that would be beneficial for you. 1. Pick the best possible disk size. 2. Compress the panel size in the VM. 3. Export the managed disk to a VHD. 4. Compress the exported VHD. 5. Make another new managed disk from the VHD. 6. Make another VM from the new recently created disk. 7. Alternatively, clean up all the old resources. Hope it helps.
(more)
Your company wants to use Azure to manage all of their IoT devices. They are going to create the infrastructure themselves, but need a backend in Azure to manage the flow of data, and to ensure security as well as ease of deployment of new devices. Which Azure product or solution would be suitable?
Azure IoT Hub is a solution for providing managed services for large IoT projects. It provides secure and reliable communication from devices to the Azure backend. Azure IoT Central is a SaaS solution that provides both managed connections and security as well as the dashboards and applications to use the data. Event Grid is used to connect many Azure services. IoT Hub
Your company has a new Azure virtual network that needs to be secured. What is the best way to only allow specific kinds of outside traffic into this network?
Use an Azure Firewall attached to the virtual network.
Azure Firewall blocks any incoming or outgoing traffic that isn’t specifically allowed on a network. A Network Security Group manages the traffic to specific services, Azure DDoS Protection Service protects against attacks and a load balancer distributes traffic to specific VMs. Azure Firewall FAQ
How is authorization different from authentication?
Authentication is the process of proving that you are who you say you are. Authorization is the act of granting an authenticated party permission to do something.
Authentication is the process of proving that you are who you say you are. It’s sometimes shortened to AuthN. The Microsoft identity platform uses the OpenID Connect protocol for handling authentication. Authorization is the act of granting an authenticated party permission to do something. It specifies what data you’re allowed to access and what you can do with that data. Authorization is sometimes shortened to AuthZ. The Microsoft identity platform uses the OAuth 2.0 protocol for handling authorization. Reference: Authentication vs. authorization
Which minimum costing support plan provides access to general guidance with architecture support?
The Developer support plan provides access to technical support via email in business hours and is the most-effective. The Standard and
You are looking to build and host your website on Azure without needing to manage the underlying infrastructure. Which type of Cloud service should you choose?
Platform as a service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications, all without you having to manage any of the underlying infrastructure or services. Reference: What is PaaS? Platform as a Service
You are beginning to extend your on-premises data center into Azure. You have created a new Azure subscription and resource group called RG-One. You deploy two virtual machines into RG-One with the intent of promoting these to Active Directory domain controllers. What kind of cloud service would this be considered?
Infrastructure as a service (IaaS) is the use of on-demand computing infrastructure which is provisioned and managed over the internet. Deploying virtual machines into an Azure subscription would be considered an IaaS service. Reference: What is IaaS? Infrastructure as a Service
Define the concept of “dynamic elasticity.”
Dynamic elasticity is defined as a cloud service that both quickly scales up and also back down in order to serve your changing workload patterns for the lowest cost.
Which Azure service can host your web apps without you having to manage underlying infrastructure?
Azure App Service enables you to build and host web apps, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure. Azure App Service documentation – Azure App Service
Which Azure service can you use to make sure your virtual machines are running smoothly and without problems?
Azure Monitor collects and analyzes telemetry data from your virtual machines to provide your with alerts and recommendations for how they are running. Azure Monitor overview – Azure Monitor
Which Azure DevOps tool would you use to share applications and code libraries?
Azure Artifacts is a service in Azure DevOps, which can host code libraries and applications for you to share internally or externally. Azure Boards is for project managers. Azure Repos holds your source code. Azure Test Plans is used to create manual and automatic test scenarios for your application. Azure Pipelines is the process that builds and deploys your application. Azure DevOps Services
What are the main components of an Azure VPN Gateway setup?
The VPN Gateway must be attached to an Azure Virtual Network.
An on-premises network with a complimentary gateway that can accept the encrypted data.
A secure connection, called a tunnel, which encrypts the traffic sent through it.
An Azure VPN Gateway consists of a Virtual Network, a secure connection called a tunnel, and an on-premises network and gateway. A storage account, a backend pool of VMs and a Load Balancer are not needed. About Azure VPN Gateway
Your company has a large amount of documents that are both sensitive and important to a large number of people. How would you secure these documents so you can still share them, but track where they are?
Use Azure Information Protection – Azure Information Protection (AIP) is a cloud-based solution that helps your organization to classify and protect its documents and emails by applying labels. What is Azure Information Protection?
Which Azure solution would you implement to embed a watermark into Office documents that contain social security numbers?
Azure Information Protection (sometimes referred to as AIP) is a cloud-based solution that helps an organization classify and, optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations. Azure Active Directory. This includes access to resources in Azure AD, Azure resources, and other Microsoft Online Services, like Office 365 or Microsoft Intune. What is Azure Information Protection? – AIP
What are region pairs?
A region that is linked with another region in the same geography) – Azure has the concept of region pairs, these are two or more regions that are at least 300 miles apart within a single Geography. This enables the ability to replicate certain resources such as virtual machine storage across the geography providing protection against such events as natural disasters or civil unrest. Ensure business continuity & disaster recovery using Azure Paired Regions
Which Azure tool allows you to view which user turned off a specific virtual machine during the last 14 days?
The correct answer is the Azure Activity Log – it is a logging service that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. Events such as starting and stopping of virtual machines can be found here. Overview of Azure platform logs – Azure Monitor
What does Azure Information Protection do?
Provides the ability to securely share sensitive data – Azure Information Protection helps control and secure information (including emails and documents) that is shared outside of your organization. Azure information protection
Which of the following can be used to manage governance across multiple Azure subscriptions?
A. Azure initiatives
B. Management groups
C. Resource groups
B
Which of the following is a logical unit of Azure services that links to an Azure account?
A. Azure subscription
B. Management group
C. Resource group
D. Public cloud
A
Which of the following features does not apply to resource groups?
A. Resources can be in only one resource group.
B. Role-based access control can be applied to the resource group.
C. Resource groups can be nested.
C
Which of the following statements is a valid statement about an Azure subscription?
A. Using Azure doesn’t require a subscription.
B. An Azure subscription is a logical unit of Azure services.
B
You need to process messages from a queue, parse them by using some existing imperative logic written in Java, and then send them to a third-party API. Which serverless option should you choose?
Azure Functions: Azure Functions is the correct choice because you can use existing Java code with minimal modification.
You want to orchestrate a workflow by using APIs from several well-known services. Which is the best option for this scenario?
Azure Logic Apps: Azure Logic Apps makes it easy to create a workflow across well-known services with less effort than writing code and manually orchestrating all the steps yourself.
Your team has limited experience with writing custom code, but it sees tremendous value in automating several important business processes. Which of the following options is your team’s best option?
Azure Logic Apps is best suited for users who are more comfortable in a visual environment that allows them to automate their business processes. Logic Apps is the best option in this scenario.
You need to predict future behavior based on previous actions. Which product option should you select as a candidate?
A. Azure Machine Learning
B. Azure Bot Service
C. Azure Cognitive Services
Answer: A. Azure Machine Learning enables you to build models to predict the likelihood of a future result. It should not be eliminated as a candidate.
You need to create a human-computer interface that uses natural language to answer customer questions. Which product option should you select as a candidate?
A. Azure Machine Learning
B. Azure Cognitive Services
C. Azure Bot Service
Answer: Azure Bot Service creates virtual agent solutions that utilize natural language. It should not be eliminated as a candidate.
You need to identify the content of product images to automatically create alt tags for images formatted properly. Which product option is the best candidate?
A. Azure Machine Learning
B. Azure Cognitive Services
C. Azure Bot Service
Answer: Azure Cognitive Services includes Vision services that can identify the content of an image. Azure Cognitive Services is the best candidate.
Your development team is interested in writing Graph-based applications that take advantage of the Gremlin API. Which option would be ideal for that scenario?
A. Azure Cosmos DB
B. Azure SQL Database
C. Azure Databricks
D. Azure Database for PostgreSQL
Answer: Azure Cosmos DB supports SQL, MongoDB, Cassandra, Tables, and Gremlin APIs.
CompanyA uses the LAMP stack for several of its websites. Which option would be ideal for migration?
A. Azure Cosmos DB
B. Azure Database for MySQL C. Azure Database for PostgreSQL
B:Answer: Azure Database for MySQL is the logical choice for existing LAMP stack applications.
CompanyA has millions of log entries that it wants to analyze. Which option would be ideal for analysis?
A. Azure Cosmos DB B. Azure SQL Database C. Azure Database for PostgreSQL D. Azure Synapse Analytics
D: Azure Synapse Analytics is the logical choice for analyzing large volumes of data.
Which of the following options can you use to link virtual networks?
A. Network address translation B. Multi-chassis link aggregation C. Dynamic Host Configuration Protocol D. Virtual network peering
D: Answer: Virtual network peering can be used to link virtual networks.
Which of the following options isn’t a benefit of ExpressRoute?
A. Redundant connectivity B. Consistent network throughput C. Encrypted network communication
D. Access to Microsoft cloud services
C: Answer: ExpressRoute does provide private connectivity, but it isn’t encrypted.
Wow, what a difference a couple of days and a different set of questions makes. I took the exam Monday and fell just short of passing (659), and I retook it today and scored 850! The questions on the first attempt were definitely harder, and I could tell from the first few questions I was going to have a rough time.
Today was totally different and I felt like I was getting all the “gimme” questions first and was able to coast through most questions confidently. I flagged exactly half the questions for review and at the end I had 20 minutes leftover after I was done reviewing. Total day and night difference between the two attempts.
For preparation I used:
– Microsoft Learn
– A Cloud Guru AZ-900 course + practice exam
– Tutorials Dojo practice exam
– and of course, John Savill’s YT channel
I bought the TD practice exams because of all the suggestions here, and I can attest they were well worth the price. This morning before the exam I went through all the TD section-based exams and took each one until I scored 90% on every section. I don’t always condone preparing for the exam on the day of but it was certainly a nice confidence booster to help me get mentally prepared.
Pleased to have passed this first time with a score of 775!
For any looking to sit this, I’ve had around 3 years of experience proving 2nd line technical support for an Azure environment. I used the following to prep for this exam:
Scotty Duffy’s Udemy Course – this was a bit of a waste of time and money in my eyes, nowhere near detailed enough. There are some reviews from people saying they passed the exam using this course alone with no experience using Azure but I really do not believe that.
Tim Warner’s YouTube series – this was great bearing in mind it was free. Way more worth the time than Scott’s, I wish I’d have started here.
Tutorials Dojo Practise Exams – I’d only recommend using these exams to test your knowledge and build some confidence, the questions in the exam were more difficult but the format and nature of these give you a good idea of what to expect.
Hope this advice helps some of you – onto the AZ-104!
Step 3) Watch this cram video which will cement in the concepts
Study Material
Use tutorials dojo practice tests and do them until you reach 90+% Passing on average, Every question you get wrong make sure to read the explanation as to why you are wrong.
“Lift and shift” is a strategy for migrating a workload to the cloud without redesigning the application or making code changes. Also called rehosting. For more information, see Azure migration center.
Cloud optimized is a strategy for migrating to the cloud by refactoring an application to take advantage of cloud-native features and capabilities.
App Service. A managed service for hosting web apps, mobile app back ends, RESTful APIs, or automated business processes.
Azure Kubernetes Service (AKS). A managed Kubernetes service for running containerized applications.
Batch. A managed service for running large-scale parallel and high-performance computing (HPC) applications
Container Instances. The fastest and simplest way to run a container in Azure, without having to provision any virtual machines and without having to adopt a higher-level service.
Service Fabric. A distributed systems platform that can run in many environments, including Azure or on premises.
Virtual machines. Deploy and manage VMs inside an Azure virtual network.
Infrastructure-as-a-Service (IaaS) lets you provision individual VMs along with the associated networking and storage components. Then you deploy whatever software and applications you want onto those VMs. This model is the closest to a traditional on-premises environment, except that Microsoft manages the infrastructure. You still manage the individual VMs.
Platform-as-a-Service (PaaS) provides a managed hosting environment, where you can deploy your application without needing to manage VMs or networking resources. Azure App Service is a PaaS service.
Functions-as-a-Service (FaaS) goes even further in removing the need to worry about the hosting environment. In a FaaS model, you simply deploy your code and the service automatically runs it. Azure Functions are a FaaS service.
There is a spectrum from IaaS to pure PaaS. For example, Azure VMs can autoscale by using virtual machine scale sets. This automatic scaling capability isn’t strictly PaaS, but it’s the type of management feature found in PaaS services.
Azure Data Store:
Use the following flowchart to select a candidate data store.
Which of the following choices isn’t a cloud computing category: NAAS, PAAS, SAAS, IAAS, DAAS? – Networking-as-a-Service (NaaS)
To be honest seems like decent set of changes. In addition to reshuffling existing titles and task #s of several items, there is a redistribution of weight across objectives and removing of following sections:
3.1 Describe core solutions available in Azure
5.3 Describe privacy and compliance resources
6.2 Describe Azure Service Level Agreements (SLAs)
I passed Azure Fundamentals AZ900 Certification Testimonials
AZ-900 Passed today. Score of 835.
Achievement Celebration
Path I took:
Microsoft Learn course
John Savill Study Cram
SkillCertPro Practice Tests (were decent for what they were).
I found this somewhat simple and completed within 15 minutes. I do have some experience with Azure but don’t work in it every day. As always, John Savill’s knowledge was a great watch and the MS Learn course was quite good content wise. Exam was not hard but there were some gotcha questions around resource locks, SLAs, ExpressRoute and storage accounts.
Happy to answer any questions.
Passed AZ-900, SC-900, AI-900, and DP-900 within 6 weeks!
Achievement Celebration
What an exciting journey. I think AZ-900 is the hardest probably because it is my first Microsoft certification. Afterwards, the others are fair enough. AI-900 is the easiest.
I generally used Microsoft Virtual Training Day, Cloud Ready Skills, Measureup and John Savill’s videos. Having built a fundamental knowledge of the Cloud, I am planning to do AWS CCP next. Wish me luck!
Passed Azure Fundamentals
Learning Material
Hi all,
I passed my Azure fundamentals exam a couple of days ago, with a score of 900/1000. Been meaning to take the exam for a few months but I kept putting it off for various reasons. The exam was a lot easier than I thought and easier than the official Microsoft practice exams.
Study materials;
A Cloud Guru AZ-900 fundamentals course with practice exams
Literally just passed the exam an hour or so ago 🙂 Not full points but whatever, ~900 is enough.
Have 0 experience with any of it, actually just did it for fun because of the discounts on virtual training days and I thought why not, certification looks good.
Spent half of the virtual day course not listening but you have to log in for the exam discount. Around 4h or so in total watching John Savills content and some of the MS resource sites.
Exam questions were often not directly related to all the stuff talked in the courses so some kinda surprised me. Also I only spent like 25min in total going through them twice, much faster than I thought it was gonna be.
Savills content is gold though, a neat summary of the MS product system. MS resource sites are beneficial to go through as well.
Really doubt any of my future employers will actually take notice or care that much given I won’t go into the sysadmin industry but certification is certification right? And it was free 🙂
Now I just need to figure out how to actually get a pdf of the certificate/badge lol
I’m interested if Microsoft actually gives away discounts for the actual admin courses or if they just restrict it to fundamentals to promote their products? Did anyone do the admin exams with discounts?
Azure Certification Path 2022-2023
Popular: Az900 –> AZ104 –> AZ305 or AZ400 or AZ500 or AI900
Here’s a Microsoft certification for you, whether or not you’re thinking about what Microsoft Azure is and where to start, or where you should go next in your cloud job. There are around 16 Azure cloud assertions open. Here is an overview of current Microsoft Azure assertions.
Nuts and bolts Level Certifications
Microsoft Certified: Azure Fundamentals
Microsoft Certified: Azure Data Fundamentals
Microsoft Certified: Azure AI Fundamentals
Accomplished Level Certifications
Microsoft Certified: Azure Administrator Associate
Microsoft Certified: Azure Developer Associate
Microsoft Certified: Azure Database Administrator Associate
Microsoft Certified: Azure Security Engineer Associate
Microsoft Certified: Azure Data Scientist Associate
Microsoft Certified: Azure Data Engineer Associate
Microsoft Certified: Azure AI Engineer Associate
Microsoft Certified: Azure Stack Hub Operator Associate
Expert Level Certifications
Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certified: DevOps Engineer Expert
Specialty Certifications
Microsoft Certified: Azure IoT Developer Specialty
Microsoft Certified: Azure for SAP Workloads Specialty
Microsoft Certified: Azure Virtual Desktop Specialty
There are also two other Microsoft assertions that are Azure-related. While we won’t cautiously depict them in this post, dependent upon your master way and limit, they might justify researching.
For security engineers responsible for peril the leaders, checking, and response, the Microsoft Certified: Security Operations Analyst Associate confirmation is required. It requires completing the SC-200 appraisal.
Test SC-300 is required for the Microsoft Certified: Identity and Access Administrator Associate, which is for heads who use Azure AD to manage IAM.
What mightbe prudent for you to do first?
In particular, you should make certain with regards to what a Microsoft Azure confirmation is and isn’t. Is simply clear? Phenomenal! Then, at that point, we ought to explore three circumstances that can assist you with picking where to start.
“I’m new to development. I’m essentially uninformed in regards to this ‘cloud’ that is quite serious.”
You can sort out some way to cloud in the event that you’re the kind of person who counts “Microsoft Word” as a specific capacity on your resume. On the off chance that you’re just beginning started, a section level certification will outfit you with the language and understanding you’ll need to all the more promptly analyze your ensuing stages. The AZ-900 Azure Fundamentals accreditation is your first stop on the Azure road.
The cloud might be alarming, yet the capacities you’ll get as you seek after this accreditation will help you with understanding it in a way that even an all out beginner can understand — especially if you have the right getting ready. (Look at me as a hotshot, yet I think our Azure Fundamentals getting ready is astonishing.)
“I have a fundamental cognizance of the cloud.”
Perhaps you’ve worked in the IT field beforehand. Perhaps you’ve attempted various things with AWS, GCP, or Azure. Do you accept you’re ready to make a dive? Press the brakes. Start with the Azure Fundamentals affirmation, if you haven’t at this point. In the best circumstance, you’ll see it to be a breeze. Regardless, paying little heed to how far you advance in Azure, this accreditation will give the establishment to future accomplishment. The accompanying crosspiece on the ladder (Azure Administrator Associate) can be an inconvenient one to ascend. Before dealing with it, you’ll need all of the Fundamentals data notwithstanding a huge load of Azure included knowledge.
Here are different Azure Certifications (Microsoft Certified)
AZ-900
For beginners, this is the best Microsoft Azure accreditation. It’s an unprecedented spot to start on the off chance that you’re new to appropriated processing or Microsoft Azure. This one would be Azure 101 if test names appeared to be okay and acceptable.
Test AZ-900: Microsoft Azure Fundamentals ($99 USD) is required.
There are no fundamentals.
For whom this is for?
In a general sense, everyone. Non-particular individuals with a cloud-related calling, similarly as new or cheerful designers or IT experts, could benefit from acknowledging what the cloud is and isn’t. Any person who needs to comprehend the Microsoft Azure environment should have the data expected to complete this evaluation.
Fundamentals DP-900 Microsoft Certified
For inescapable data focused cloud subject matter experts, this is a significant beginning advance assertion.
Test DP-900: Microsoft Azure Data Fundamentals ($99 USD) is required.
There are no fundamentals.
For whom this is for?
This helper is for informational collection draftsmen and data base administrators who are essentially starting with cloud data.
AI Fundamentals AI-900 Microsoft Certified
This Microsoft Azure affirmation exhibits that you appreciate the fundamentals of man-made mental ability (AI) and AI (ML) in Azure for amateurs with both particular and non-specific establishments.
Test AI-900: Microsoft Azure AI Fundamentals ($99 USD) is required.
There are no basics.
For whom this is for?
Reproduced insight Engineers, Data Scientists, Developers, and Solutions Architects with a working data on AL and ML, similarly as Azure organizations related with them. This affirmation, like the others in the Azure Fundamentals series, is normal for those with both specific and non-particular establishments. That proposes data science and PC programming experience aren’t required, but Microsoft recommends making them program data or experience.
Administrator Associate AZ-104 is a Microsoft attestation.
For the IT swarm, this is the rudiments of Azure organization. This takes you from a fundamental perception of the cloud to having the alternative to perform cloud tasks (and get repaid to do them).
Test AZ-104: Microsoft Azure Administrator ($165 USD) is required.
For whom this is for?
This affirmation is for IT specialists and administrators who screen cloud assets and resources and direct cloud system. This test is (mistakenly) seen as an entry level test, yet you’ll need to know an immense heap of anticipated that information should pass and do whatever it takes not to have your AZ denied.
I'm looking through our Data Connectors in Sentinel, and I saw that we are getting a bunch of logs for threat intelligence. The problem is we don't have any threat intelligence platform, so I'm trying to figure out where this data is from. This is the query that Sentinel has for finding those logs: let Now = now(); (range TimeGenerated from ago(7d) to Now - 1d step 1d | extend Count = 0 | union isfuzzy=true (ThreatIntelligenceIndicator | where SourceSystem != 'Microsoft Sentinel' | summarize Count = count() by bin_at(TimeGenerated, 1d, Now)) | summarize Count=max(Count) by bin_at(TimeGenerated, 1d, Now) | sort by TimeGenerated | project Value = iff(isnull(Count), 0, Count), Time = TimeGenerated, Legend = "Connection Events") I'm wondering if there is a way to modify this to show me the SourceSystem in one of the columns. Or maybe I am going at this the wrong way and it could be other data being marked as threat intelligence. My end goal is to figure out where the data is coming from so I can figure out if it is supposed to be there or not. submitted by /u/p4khet [link] [comments]
Hello everyone, We have run into an issue where users are signing into 365 services from unapproved devices. I've been tasked with configuring Conditional Access policies to restrict access, but management wants a list of people who are currently doing this. This is more of an opportunity to educate, prior to the door being closed. Does anyone know if there is a way to see who is signing into certain 365 services (Teams, OneDrive)? I know we can dig into sign-in logs on a user-by-user basis, but with many users, this is proving time consuming. Any advice is greatly appreciated! submitted by /u/mattmak22 [link] [comments]
I have a Power BI file that connects to Synapse Serverless. Specifically, to Views that point to CSV files, being constantly updated by Dynamics FO. It always refreshes fine from Desktop. When Published to the PBI Service, it fails ~ 50% of the time. I can sit and hit refresh over & over - something like 50% of the time it'll work. No clear pattern. The failure error message is always the same as below, just with a different table referenced. I bolded the parts that stand out to me: The consist error message (first bolded) The ever changing datalake path (second bolded) Data source error: {"error":{"code":"DM_GWPipeline_Gateway_MashupDataAccessError","pbi.error":{"code":"DM_GWPipeline_Gateway_MashupDataAccessError","parameters":{},"details":[{"code":"DM_ErrorDetailNameCode_UnderlyingErrorCode","detail":{"type":1,"value":"-2147467259"}},{"code":"DM_ErrorDetailNameCode_UnderlyingErrorMessage","detail":{"type":1,"value":"Microsoft SQL: Error encountered while parsing data: 'Unexpected end-of-input within record at [byte: 7272362]. '. Underlying data description: file 'Tables/General/Miscellaneous/PMIPBillingScheduleTable/PMIPBILLINGSCHEDULETABLE_00001.csv'.\r\nStatement ID: {E49C2C4C-FDC8-4E8B-BD60-7ADF41198990} | Query hash: 0x5DB5B39FB3B72B73 | Distributed request ID: {816D796F-5A04-4623-BD08-1F7C2EF6F60D}. Total size of data scanned is 5468 megabytes, total size of data moved is 92 megabytes, total size of data written is 0 megabytes."}},{"code":"DM_ErrorDetailNameCode_UnderlyingHResult","detail":{"type":1,"value":"-2147467259"}},{"code":"Microsoft.Data.Mashup.ValueError.Class","detail":{"type":1,"value":"16"}},{"code":"Microsoft.Data.Mashup.ValueError.DataSourceKind","detail":{"type":1,"value":"SQL"}},{"code":"Microsoft.Data.Mashup.ValueError.DataSourcePath","detail":{"type":1,"value":"synw-dataplatform-prod-001-ondemand.sql.azuresynapse.net;datalakeserverless"}},{"code":"Microsoft.Data.Mashup.ValueError.ErrorCode","detail":{"type":1,"value":"-2146232060"}},{"code":"Microsoft.Data.Mashup.ValueError.Message","detail":{"type":1,"value":"Error encountered while parsing data: 'Unexpected end-of-input within record at [byte: 7272362]. '. Underlying data description: file 'Tables/General/Miscellaneous/PMIPBillingScheduleTable/PMIPBILLINGSCHEDULETABLE_00001.csv'.\r\nStatement ID: {E49C2C4C-FDC8-4E8B-BD60-7ADF41198990} | Query hash: 0x5DB5B39FB3B72B73 | Distributed request ID: {816D796F-5A04-4623-BD08-1F7C2EF6F60D}. Total size of data scanned is 5468 megabytes, total size of data moved is 92 megabytes, total size of data written is 0 megabytes."}},{"code":"Microsoft.Data.Mashup.ValueError.Number","detail":{"type":1,"value":"19734"}},{"code":"Microsoft.Data.Mashup.ValueError.Reason","detail":{"type":1,"value":"DataSource.Error"}}],"exceptionCulprit":1}}} Table: Project. Cluster URI: WABI-US-NORTH-CENTRAL-H-PRIMARY-redirect.analysis.windows.net Activity ID: 545479b9-d104-4f04-bb74-2e95375aab06 Request ID: 645aec4d-f3a4-b65c-505b-be08a3b40f2c Time: 2023-09-27 20:16:35Z (I am running a several month old version of the Data Gateway, and just started the beaucratic process to update that, but I doubt it's a Gateway version issue). I wonder if it's not freaking out, as it attempt to read a CSV file that's currently being updated. And - for whatever reason, that affects the Gateway, but not Desktop. Will see if it freaks out as frequently tonight, when presumably far less is being updated. submitted by /u/cdigioia [link] [comments]
I currently have a window service that pings a list of servers and post the results to a web api every 5 minutes. I've seen some documentation that ICMP protocol is not allowed in Azure, so I think that rules out webjobs and azure functions. Does that only leave VMs and container apps? Please let me know how you would implement this functionality. Thanks submitted by /u/Eric7Litre [link] [comments]
Hi, I have an Azure Timer Triggered Function, which I'm trying to spin up, but it fails with the following message: Microsoft.Azure.WebJobs.Script: Error configuring services in an external startup class. MyNameSpaceHere: Could not load file or assembly 'Microsoft.Extensions.Logging.Abstractions, Version=7.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'. The system cannot find the file specified. Value cannot be null. (Parameter 'provider') I have NO clue why it's thinking about that nuget package - I don't have it installed - because I have no where in my code where it says it's needed.Am I missing something obvious?Running dotnet 6 btw, windows hosted Azure Function. The Function uses DI and has a Startup.cs due to that. I saw this issue-track related to it, but trying those things didn't work either:https://github.com/Azure/azure-functions-core-tools/issues/2304 Is it even Azure-related? Update: Actually found the package - nested deep into one of the nugets of my project. A project I've already downgraded to 3.1.32 https://preview.redd.it/5xzzygqmuuqb1.png?width=476&format=png&auto=webp&s=b087d9a757cb1185788d36931e3524ea2d9bf7f3 submitted by /u/fisterdister [link] [comments]
I have a "Location" CA applied to the tenant and also MFA. We have alot of sign-in attempts from asia but they always fail with reason " Sign-in was blocked because it came from an IP address with malicious activity ". But I cant see any information under "Conditional access" or "Report-only" tabs. Does it mean the CA didnt apply? Or does it mean that microsoft stopped it before it even had the chance to check... submitted by /u/matt5on [link] [comments]
A bit lost at the moment as to what I should do next so TY in advance! Background - Power BI developer for over 7 years. Main skillset includes of course PBI, DAX, SQL Certification so far - the old PBI and Excel certifications (70-778, 70-779, DA-100), PL-900 Power Platform Fundamentals, passed AZ-900 and passed DP-900 yesterday! Situation - so I’ve been meaning to learn Azure for many years and recently got time to do so as my contract has recently ended. I’ve been wanting to learn any code languages needed in order to dev data factory/databricks or just the whole stack. I’ve started off with AZ900 and DP900 and both were good to give me a good overview of Azure. Now that I’ve passed both now, I’m not sure which certification I should focus next to get closer to what’s needed to be a solutions architect. I want a learn path that can allow me to learn all sorts of coding needed/Python and I saw DP-203 being a good one to learn from? Questions - What is the best resource out there to get hands on with coding for Databricks/Data Factory? What Azure certifications do you think I should focus on next given my background and skillset and what I’m trying to achieve? submitted by /u/pheebsbabe [link] [comments]
Trying to create a VM from a custom image that we captured thru the portal. I was able to previously create a VM using the image, but now I am getting an error when I try to create another VM. This is the error: The resource 'VM name' cannot be created from Image '/subscriptions/mysubscriptionID/resourceGroups/images-eastus/providers/Microsoft.Compute/images/my-image-name-2023' until Image has been successfully created. We are running on a Stack Hub. Hoping some of you have some ideas. Thanks! submitted by /u/cmacd_122 [link] [comments]
I am not too familiar with Linux set up in Azure. We have an Azure Server VM that runs Linux and we are close to running out of space. One of our team members says that Data Disks in Azure for Linux can only be a max of 4 TB per disk. I cannot find anywhere that says that or if we can just expand the existing 4TB and use what we need. If anyone can point me in the proper direction, I would appreciate it. submitted by /u/xcardinal_copiax [link] [comments]
I am setting up users as "F1" licenses, Frontline Workers. We don't want them to see any apps except Outlook, Teams, and the specific line-of-business app we're using. I'm having a hell of a time figuring out how to do this. We DO want to maintain MFA; we also want to restrict their email to internal only. submitted by /u/WhiskyEchoTango [link] [comments]
Understand bastion hosts, and which subnet one might live on. Bastion hosts are instances that sit within your public subnet and are typically accessed using SSH or RDP. Once remote connectivity has been established with the bastion host, it then acts as a ‘jump’ server, allowing you to use SSH or RDP to login to other instances (within private subnets) deeper within your network. When properly configured through the use of security groups and Network ACLs, the bastion essentially acts as a bridge to your private instances via the Internet.” Bastion Hosts
Know the difference between Directory Service’s AD Connector and Simple AD. Use Simple AD if you need an inexpensive Active Directory–compatible service with the common directory features. AD Connector lets you simply connect your existing on-premises Active Directory to AWS. AD Connector and Simple AD
Know how to enable cross-account access with IAM: To delegate permission to access a resource, you create an IAM role that has two policies attached. The permissions policy grants the user of the role the needed permissions to carry out the desired tasks on the resource. The trust policy specifies which trusted accounts are allowed to grant its users permissions to assume the role. The trust policy on the role in the trusting account is one-half of the permissions. The other half is a permissions policy attached to the user in the trusted account that allows that user to switch to, or assume the role. Enable cross-account access with IAM
Know which services allow you to retain full admin privileges of the underlying EC2 instances EC2 Full admin privilege
8
Know When Elastic IPs are free or not: If you associate additional EIPs with that instance, you will be charged for each additional EIP associated with that instance per hour on a pro rata basis. Additional EIPs are only available in Amazon VPC. To ensure efficient use of Elastic IP addresses, we impose a small hourly charge when these IP addresses are not associated with a running instance or when they are associated with a stopped instance or unattached network interface. When are AWS Elastic IPs Free or not?
9
Know what are the four high level categories of information Trusted Advisor supplies. #AWS Trusted advisor
10
Know how to troubleshoot a connection time out error when trying to connect to an instance in your VPC. You need a security group rule that allows inbound traffic from your public IP address on the proper port, you need a route that sends all traffic destined outside the VPC (0.0.0.0/0) to the Internet gateway for the VPC, the network ACLs must allow inbound and outbound traffic from your public IP address on the proper port, etc. #AWS Connection time out error
11
Be able to identify multiple possible use cases and eliminate non-use cases for SWF. #AWS
12
Understand how you might set up consolidated billing and cross-account access such that individual divisions resources are isolated from each other, but corporate IT can oversee all of it. #AWS Set up consolidated billing
13
Know how you would go about making changes to an Auto Scaling group, fully understanding what you can and can’t change. “You can only specify one launch configuration for an Auto Scaling group at a time, and you can’t modify a launch configuration after you’ve created it. Therefore, if you want to change the launch configuration for your Auto Scaling group, you must create a launch configuration and then update your Auto Scaling group with the new launch configuration. When you change the launch configuration for your Auto Scaling group, any new instances are launched using the new configuration parameters, but existing instances are not affected. #AWS Make Change to Auto Scaling group
14
Know how you would go about making changes to an Auto Scaling group, fully understanding what you can and can’t change. “You can only specify one launch configuration for an Auto Scaling group at a time, and you can’t modify a launch configuration after you’ve created it. Therefore, if you want to change the launch configuration for your Auto Scaling group, you must create a launch configuration and then update your Auto Scaling group with the new launch configuration. When you change the launch configuration for your Auto Scaling group, any new instances are launched using the new configuration parameters, but existing instances are not affected. #AWS Make Change to Auto Scaling group
15
Know which field you use to run a script upon launching your instance. #AWS User data script
16
Know how DynamoDB (durable, and you can pay for strong consistency), Elasticache (great for speed, not so durable), and S3 (eventual consistency results in lower latency) compare to each other in terms of durability and low latency. #AWS DynamoDB consistency
Know the difference between bucket policies, IAM policies, and ACLs for use with S3, and examples of when you would use each. “With IAM policies, companies can grant IAM users fine-grained control to their Amazon S3 bucket or objects while also retaining full control over everything the users do. With bucket policies, companies can define rules which apply broadly across all requests to their Amazon S3 resources, such as granting write privileges to a subset of Amazon S3 resources. Customers can also restrict access based on an aspect of the request, such as HTTP referrer and IP address. With ACLs, customers can grant specific permissions (i.e. READ, WRITE, FULL_CONTROL) to specific users for an individual bucket or object. #AWS Difference between bucket policies
Understand how you can use ELB cross-zone load balancing to ensure even distribution of traffic to EC2 instances in multiple AZs registered with a load balancer. #AWS ELB cross-zone load balancing
Spot instances are good for cost optimization, even if it seems you might need to fall back to On-Demand instances if you wind up getting kicked off them and the timeline grows tighter. The primary (but still not only) factor seems to be whether you can gracefully handle instances that die on you–which is pretty much how you should always design everything, anyway! #AWS Spot instances
The term “use case” is not the same as “function” or “capability”. A use case is something that your app/system will need to accomplish, not just behaviour that you will get from that service. In particular, a use case doesn’t require that the service be a 100% turnkey solution for that situation, just that the service plays a valuable role in enabling it. #AWS use case
23
There might be extra, unnecessary information in some of the questions (red herrings), so try not to get thrown off by them. Understand what services can and can’t do, but don’t ignore “obvious”-but-still-correct answers in favour of super-tricky ones. #AWS Exam Answers: Distractors
24
If you don’t know what they’re trying to ask, in a question, just move on and come back to it later (by using the helpful “mark this question” feature in the exam tool). You could easily spend way more time than you should on a single confusing question if you don’t triage and move on. #AWS Exa: Skip Questions that are vague and come back to them later
25
Some exam questions required you to understand features and use cases of: VPC peering, cross-account access, DirectConnect, snapshotting EBS RAID arrays, DynamoDB, spot instances, Glacier, AWS/user security responsibilities, etc. #AWS
26
The 30 Day constraint in the S3 Lifecycle Policy before transitioning to S3-IA and S3-One Zone IA storage classes #AWS S3 lifecycle policy
Watch Acloud Guru Videos Lectures while commuting / lunch break – Reschedule the exam if you are not yet ready #AWS ACloud Guru
36
Watch Linux Academy Videos Lectures while commuting / lunch break – Reschedule the exam if you are not yet ready #AWS Linux Academy
37
Watch Udemy Videos Lectures while commuting / lunch break – Reschedule the exam if you are not yet ready #AWS Linux Academy
38
The Udemy practice test interface is good that it pinpoints your weak areas, so what I did was to re-watch all the videos that I got the wrong answers. Since I was able to gauge my exam readiness, I decided to reschedule my exam for 2 more weeks, to help me focus on completing the practice tests. #AWS Udemy
39
Use AWS Cheatsheets – I also found the cheatsheets provided by Tutorials Dojo very helpful. In my opinion, it is better than Jayendrapatil Patil’s blog since it contains more updated information that complements your review notes. #AWS Cheat Sheet
40
Watch this exam readiness 3hr video, it very recent webinar this provides what is expected in the exam. #AWS Exam Prep Video
41
Start off watching Ryan’s videos. Try and completely focus on the hands on. Take your time to understand what you are trying to learn and achieve in those LAB Sessions. #AWS Exam Prep Video
42
Do not rush into completing the videos. Take your time and hone the basics. Focus and spend a lot of time for the back bone of AWS infrastructure – Compute/EC2 section, Storage (S3/EBS/EFS), Networking (Route 53/Load Balancers), RDS, VPC, Route 3. These sections are vast, with lot of concepts to go over and have loads to learn. Trust me you will need to thoroughly understand each one of them to ensure you pass the certification comfortably. #AWS Exam Prep Video
43
Make sure you go through resources section and also AWS documentation for each components. Go over FAQs. If you have a question, please post it in the community. Trust me, each answer here helps you understand more about AWS. #AWS Faqs
44
Like any other product/service, each AWS offering has a different flavor. I will take an example of EC2 (Spot/Reserved/Dedicated/On Demand etc.). Make sure you understand what they are, what are the pros/cons of each of these flavors. Applies for all other offerings too. #AWS Services
45
Ensure to attend all quizzes after each section. Please do not treat these quizzes as your practice exams. These quizzes are designed to mostly test your knowledge on the section you just finished. The exam itself is designed to test you with scenarios and questions, where in you will need to recall and apply your knowledge of different AWS technologies/services you learn over multiple lectures. #AWS Services
46
I, personally, do not recommend to attempt a practice exam or simulator exam until you have done all of the above. It was a little overwhelming for me. I had thoroughly gone over the videos. And understood the concepts pretty well, but once I opened exam simulator I felt the questions were pretty difficult. I also had a feeling that videos do not cover lot of topics. But later I realized, given the vastness of AWS Services and offerings it is really difficult to encompass all these services and their details in the course content. The fact that these services keep changing so often, does not help #AWS Services
47
Go back and make a note of all topics, that you felt were unfamiliar for you. Go through the resources section and fiund links to AWS documentation. After going over them, you shoud gain at least 5-10% more knowledge on AWS. Have expectations from the online courses as a way to get thorough understanding of basics and strong foundations for your AWS knowledge. But once you are done with videos. Make sure you spend a lot of time on AWS documentation and FAQs. There are many many topics/sub topics which may not be covered in the course and you would need to know, atleast their basic functionalities, to do well in the exam. #AWS Services
48
Once you start taking practice exams, it may seem really difficult at the beginning. So, please do not panic if you find the questions complicated or difficult. IMO they are designed or put in a way to sound complicated but they are not. Be calm and read questions very carefully. In my observation, many questions have lot of information which sometimes is not relevant to the solution you are expected to provide. Read the question slowly and read it again until you understand what is expected out of it. #AWS Services
49
With each practice exam you will come across topics that you may need to scale your knowledge on or learn them from scratch. #AWS Services
50
With each test and the subsequent revision, you will surely feel more confident. There are 130 mins for questions. 2 mins for each question which is plenty of time. At least take 8-10 practice tests. The ones on udemy/tutorialdojo are really good. If you are a acloudguru member. The exam simulator is really good. Manage your time well. Keep patience. I saw someone mention in one of the discussions that do not under estimate the mental focus/strength needed to sit through 130 mins solving these questions. And it is really true. Do not give away or waste any of those precious 130 mins. While answering flag/mark questions you think you are not completely sure. My advice is, even if you finish early, spend your time reviewing the answers. I could review 40 of my answers at the end of test. And I at least rectified 3 of them (which is 4-5% of total score, I think) So in short – Put a lot of focus on making your foundations strong. Make sure you go through AWS Documentation and FAQs. Try and envision how all of the AWS components can fit together and provide an optimal solution. Keep calm. This video gives outline about exam, must watch before or after Ryan’s course.#AWS Services
51
Walking you through how to best prepare for the AWS Certified Solutions Architect Associate SAA-C02 exam in 5 steps: 1. Understand the exam blueprint 2. Learn about the new topics included in the SAA-C02 version of the exam 3. Use the many FREE resources available to gain and deepen your knowledge 4. Enroll in our hands-on video course to learn AWS in depth 5. Use practice tests to fully prepare yourself for the exam and assess your exam readiness AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS
52
Storage: 1. Know your different Amazon S3 storage tiers! You need to know the use cases, features and limitations, and relative costs; e.g. retrieval costs. 2. Amazon S3 lifecycle policies is also required knowledge — there are minimum storage times in certain tiers that you need to know. 3. For Glacier, you need to understand what it is, what it’s used for, and what the options are for retrieval times and fees. 4. For the Amazon Elastic File System (EFS), make sure you’re clear which operating systems you can use with it (just Linux). 5. For the Amazon Elastic Block Store (EBS), make sure you know when to use the different tiers including instance stores; e.g. what would you use for a datastore that requires the highest IO and the data is distributed across multiple instances? (Good instance store use case) 6. Learn about Amazon FSx. You’ll need to know about FSx for Windows and Lustre. 7. Know how to improve Amazon S3 performance including using CloudFront, and byte-range fetches — check out this whitepaper. 8. Make sure you understand about Amazon S3 object deletion protection options including versioning and MFA delete. AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS
53
Compute: 1. You need to have a good understanding of the options for how to scale an Auto Scaling Group using metrics such as SQS queue depth, or numbers of SNS messages. 2. Know your different Auto Scaling policies including Target Tracking Policies. 3. Read up on High Performance Computing (HPC) with AWS. You’ll need to know about Amazon FSx with HPC use cases. 4. Know your placement groups. Make sure you can differentiate between spread, cluster and partition; e.g. what would you use for lowest latency? What about if you need to support an app that’s tightly coupled? Within an AZ or cross AZ? 5. Make sure you know the difference between Elastic Network Adapters (ENAs), Elastic Network Interfaces (ENIs) and Elastic Fabric Adapters (EFAs). 6. For the Amazon Elastic Container Service (ECS), make sure you understand how to assign IAM policies to ECS for providing S3 access. How can you decouple an ECS data processing process — Kinesis Firehose or SQS? 7. Make sure you’re clear on the different EC2 pricing models including Reserved Instances (RI) and the different RI options such as scheduled RIs. 8. Make sure you know the maximum execution time for AWS Lambda (it’s currently 900 seconds or 15 minutes). AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS
54
Network 1. Understand what AWS Global Accelerator is and its use cases. 2. Understand when to use CloudFront and when to use AWS Global Accelerator. 3. Make sure you understand the different types of VPC endpoint and which require an Elastic Network Interface (ENI) and which require a route table entry. 4. You need to know how to connect multiple accounts; e.g. should you use VPC peering or a VPC endpoint? 5. Know the difference between PrivateLink and ClassicLink. 6. Know the patterns for extending a secure on-premises environment into AWS. 7. Know how to encrypt AWS Direct Connect (you can use a Virtual Private Gateway / AWS VPN). 8. Understand when to use Direct Connect vs Snowball to migrate data — lead time can be an issue with Direct Connect if you’re in a hurry. 9. Know how to prevent circumvention of Amazon CloudFront; e.g. Origin Access Identity (OAI) or signed URLs / signed cookies. AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS
55
Databases 1. Make sure you understand Amazon Aurora and Amazon Aurora Serverless. 2. Know which RDS databases can have Read Replicas and whether you can read from a Multi-AZ standby. 3. Know the options for encrypting an existing RDS database; e.g. only at creation time otherwise you must encrypt a snapshot and create a new instance from the snapshot. 4. Know which databases are key-value stores; e.g. Amazon DynamoDB. AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS
56
Application Integration 1. Make sure you know the use cases for the Amazon Simple Queue Service (SQS), and Simple Notification Service (SNS). 2. Understand the differences between Amazon Kinesis Firehose and SQS and when you would use each service. 3. Know how to use Amazon S3 event notifications to publish events to SQS — here’s a good “How To” article. AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS
57
Management and Governance 1. You’ll need to know about AWS Organizations; e.g. how to migrate an account between organizations. 2. For AWS Organizations, you also need to know how to restrict actions using service control policies attached to OUs. 3. Understand what AWS Resource Access Manager is. AWS CERTIFIED SOLUTIONS ARCHITECT SAA-C02 : HOW TO BEST PREPARE IN 5 STEPS
The AWS Certified Solution Architect Associate Examination reparation and Readiness Quiz App (SAA-C01, SAA-C01, SAA) Prep App helps you prepare and train for the AWS Certification Solution Architect Associate Exam with various questions and answers dumps.
This App provide updated Questions and Answers, an Intuitive Responsive Interface allowing to browse questions horizontally and browse tips and resources vertically after completing a quiz.
Features:
100+ Questions and Answers updated frequently to get you AWS certified.
Quiz with score tracker, countdown timer, highest score saving. Vie Answers after completing the quiz for each category.
![Amplify Your Brand's Exposure with the AI Unraveled Podcast - Elevate Your Sales Today! [150K downloads per Month]](https://djamgatech.com/wp-content/uploads/2023/06/amplify_your_brand_exposure_with_the_ai_unraveled_podcast_thumbnail.png)
