Sample Questions and Answers
What can you use to connect on-premises users to Azure resources securely over the internet?
Azure ExpressRoute
B. Azure VPN Gateway
C. Azure Traffic Manager
D. Azure Load Balancer
Answer: B. Azure VPN Gateway
Explanation: VPN Gateway establishes secure site-to-site or point-to-site connections using encrypted tunnels.
What is the benefit of using Azure Private Link?
Faster public access
B. Free bandwidth
C. Access PaaS resources via private IP
D. Automatically scales resources
Answer: C. Access PaaS resources via private IP
Explanation: Azure Private Link enables secure, private access to Azure services without traversing the public internet.
You want to enforce MFA for a group of users. What should you use?
Azure AD P1 + Conditional Access
B. Azure Policy
C. Azure Monitor
D. NSG Rules
Answer: A. Azure AD P1 + Conditional Access
Explanation: Conditional Access policies require Azure AD Premium P1 and allow enforcing MFA under specified conditions.
What Azure feature helps visualize billing by subscription, resource group, or resource type?
Azure Advisor
B. Azure Pricing Calculator
C. Azure Cost Management
D. Azure Policy
Answer: C. Azure Cost Management
Explanation: Azure Cost Management offers dashboards and insights to monitor and analyze spending.
What type of Azure account is needed to use Azure Lighthouse as a service provider?
Developer account
B. Enterprise Agreement
C. Microsoft Partner account
D. CSP-only account
Answer: C. Microsoft Partner account
Explanation: Azure Lighthouse requires a Microsoft Partner account to manage customer resources across tenants.
You want to isolate VM traffic in a subnet. What should you use?
NSG
B. Azure DNS
C. Azure AD
D. Azure Log Analytics
Answer: A. NSG
Explanation: Network Security Groups (NSGs) can be applied at subnet or NIC level to filter traffic.
What Azure feature allows centralized definition and deployment of governance across subscriptions?
Azure Security Center
B. Azure Blueprints
C. Azure Sentinel
D. Azure Resource Graph
Answer: B. Azure Blueprints
Explanation: Blueprints allow you to package governance controls and deploy them consistently.
Which command lists VM sizes available in a specific region using Azure CLI?
az vm size list
B. az vm list-sizes
C. az vm list
D. az size list
Answer: B. az vm list-sizes
Explanation: This CLI command returns available VM sizes for a specific location.
You need to deploy a containerized application on Azure without managing the underlying servers. What should you use?
Azure VMs
B. Azure App Service
C. Azure Container Instances
D. Azure Kubernetes Service
Answer: C. Azure Container Instances
Explanation: ACI offers a lightweight way to run containers without managing infrastructure.
How can you schedule automatic shutdown of development VMs?
Azure Advisor
B. Azure Automation Runbooks
C. Azure Monitor Alerts
D. Auto-shutdown feature in VM settings
Answer: D. Auto-shutdown feature in VM settings
Explanation: You can configure auto-shutdown directly from the VM blade in the portal.
What role allows read-only access to Azure resources?
Owner
B. Contributor
C. Reader
D. User Access Administrator
Answer: C. Reader
Explanation: The Reader role grants read-only access to view resources but not modify them.
Which Azure service enables you to manage compliance across multiple subscriptions?
Azure AD Identity Protection
B. Azure Policy
C. Azure Monitor
D. Azure Migrate
Answer: B. Azure Policy
Explanation: Azure Policy helps enforce standards and assess compliance across multiple subscriptions.
What tool should you use to move resources between Azure subscriptions?
Azure Migrate
B. Azure Site Recovery
C. Azure Resource Mover
D. Azure Traffic Manager
Answer: C. Azure Resource Mover
Explanation: Azure Resource Mover simplifies moving resources across regions or subscriptions.
Which Azure service provides secure and seamless RDP and SSH connectivity to VMs without public IPs?
Azure Firewall
B. Azure Bastion
C. Azure Front Door
D. Azure VPN Gateway
Answer: B. Azure Bastion
Explanation: Azure Bastion provides browser-based RDP/SSH access over SSL to VMs without exposing public IPs.
What type of disk is most suitable for I/O-intensive workloads like databases?
Standard HDD
B. Standard SSD
C. Premium SSD
D. Ultra Disk
Answer: D. Ultra Disk
Explanation: Ultra Disks are designed for extreme performance and low latency, ideal for databases.
What can help ensure consistent application of role-based access control across resource groups?
Azure Monitor
B. Management Groups
C. Azure DevOps
D. Availability Sets
Answer: B. Management Groups
Explanation: Management Groups allow you to apply RBAC and policies across multiple subscriptions or resource groups.
How can you track login attempts and failures in Azure AD?
Azure Site Recovery
B. Azure Monitor
C. Azure AD Sign-in Logs
D. Azure Advisor
Answer: C. Azure AD Sign-in Logs
Explanation: These logs contain detailed information about sign-in activity, including failures and IPs.
What is the maximum number of update domains in an availability set?
5
B. 10
C. 20
D. 30
Answer: B. 10
Explanation: Azure allows up to 10 update domains in an availability set for maintenance operations.
You need to prevent accidental deletion of a resource group. What should you use?
Azure Blueprint
B. Soft Delete
C. Resource Lock
D. Tags
Answer: C. Resource Lock
Explanation: Applying a Delete Lock protects the resource group and its contents from being deleted.
Which Azure tool helps in setting up a hybrid identity solution?
Azure VPN
B. Azure AD Connect
C. Azure DevOps
D. Azure Lighthouse
Answer: B. Azure AD Connect
Explanation: Azure AD Connect syncs on-premises AD with Azure AD, enabling hybrid identity.
What service provides cloud-native SIEM functionality in Azure?
Azure Advisor
B. Azure Sentinel
C. Azure Firewall
D. Azure Defender
Answer: B. Azure Sentinel
Explanation: Sentinel is Microsoft’s cloud-native SIEM that aggregates data and detects threats.
You need to automate the patching of Windows VMs. What should you use?
Azure Monitor
B. Azure Automation Update Management
C. Azure Blueprints
D. Azure Backup
Answer: B. Azure Automation Update Management
Explanation: It manages OS updates automatically across VMs.
Which Azure service enables workload migration assessments?
Azure Advisor
B. Azure Migrate
C. Azure Monitor
D. Azure Arc
Answer: B. Azure Migrate
Explanation: Azure Migrate helps assess and migrate on-premises workloads to Azure.
What type of DNS zone is used for internal name resolution in Azure VNet?
Public DNS Zone
B. Global DNS
C. Private DNS Zone
D. External DNS
Answer: C. Private DNS Zone
Explanation: Private DNS Zones provide DNS resolution for resources within a virtual network.
You want to create a VM that is preconfigured with applications. What should you use?
Custom Script Extension
B. Azure Quickstart Templates
C. Azure Marketplace Image
D. Azure Container Registry
Answer: C. Azure Marketplace Image
Explanation: Marketplace images can include pre-installed software for immediate use.
What Azure service provides centralized monitoring for applications and infrastructure?
Azure App Insights
B. Azure DevOps
C. Azure Monitor
D. Azure Resource Graph
Answer: C. Azure Monitor
Explanation: Azure Monitor collects and analyzes metrics and logs across Azure environments.
Which of the following can trigger Azure Automation Runbooks?
Azure Front Door
B. Azure Sentinel
C. Azure Backup
D. Azure Resource Graph
Answer: B. Azure Sentinel
Explanation: Sentinel can trigger Automation Runbooks in response to security alerts or incidents.
What feature allows autoscaling of VMs based on CPU usage?
Azure Logic App
B. Azure Monitor Metrics
C. Virtual Machine Scale Sets
D. Azure Traffic Manager
Answer: C. Virtual Machine Scale Sets
Explanation: VMSS allows automatic scaling based on performance metrics like CPU usage.
How can you restrict the deployment of specific Azure VM sizes in a subscription?
Azure Lock
B. Azure Monitor
C. Azure Policy
D. Azure Advisor
Answer: C. Azure Policy
Explanation: Azure Policy can define allowed or denied VM SKUs in a subscription.
What is the primary protocol used by Azure Load Balancer for health probes?
TCP
B. HTTPS
C. ICMP
D. UDP
Answer: A. TCP
Explanation: Azure Load Balancer typically uses TCP or HTTP for health probes to check backend availability.
What provides an SLA of 99.99% for VM uptime in Azure?
Azure AD Connect
B. Azure Policy
C. Availability Zones
D. Resource Locks
Answer: C. Availability Zones
Explanation: Deploying VMs across Availability Zones ensures high availability with a 99.99% SLA.
What command in PowerShell stops an Azure VM?
Stop-AzVM
B. Shutdown-AzVM
C. Halt-AzVM
D. Suspend-AzVM
Answer: A. Stop-AzVM
Explanation: This cmdlet stops a VM in a specific resource group and subscription.
What is required to enable multi-factor authentication for a user?
Azure AD Premium P1 or P2
B. Azure Firewall
C. Azure DevOps License
D. Azure Monitor
Answer: A. Azure AD Premium P1 or P2
Explanation: Conditional Access-based MFA requires Azure AD Premium licensing.
Which tool allows querying Azure resource metadata across subscriptions?
Azure Automation
B. Azure Arc
C. Azure Resource Graph
D. Azure Traffic Manager
Answer: C. Azure Resource Graph
Explanation: Azure Resource Graph enables fast, efficient queries of Azure metadata.
What happens to VM disk data if you delete a VM but retain its managed disks?
Data is wiped
B. Data is retained
C. Disks are deleted
D. VM goes to pause mode
Answer: B. Data is retained
Explanation: Deleting a VM doesn’t delete its managed disks unless explicitly done.
Which Azure construct groups resources for billing and access control?
Resource Groups
B. Virtual Networks
C. Storage Accounts
D. Load Balancers
Answer: A. Resource Groups
Explanation: Resource Groups are logical containers for managing access and billing.
Which service helps create and manage service principals in Azure?
Azure AD
B. Azure DevOps
C. Azure Traffic Manager
D. Azure Kubernetes Service
Answer: A. Azure AD
Explanation: Azure AD manages service principals for applications and services to authenticate with Azure.
Which of the following is a benefit of using Azure Reserved Instances?
Higher scalability
B. Lower latency
C. Cost savings on long-term VM usage
D. Free support
Answer: C. Cost savings on long-term VM usage
Explanation: Reserved Instances offer discounted pricing for VMs over a 1- or 3-year commitment.
What can be used to deploy the same Azure resources repeatedly and consistently?
Azure Load Balancer
B. Azure DevOps Pipelines
C. ARM Templates
D. Azure Cost Management
Answer: C. ARM Templates
Explanation: Azure Resource Manager (ARM) templates allow repeatable deployments using JSON definitions.
What service allows you to create, schedule, and manage backups of Azure VMs?
Azure Policy
B. Azure Monitor
C. Azure Backup
D. Azure App Service
Answer: C. Azure Backup
Explanation: Azure Backup automates backup management for virtual machines and workloads.
How do you ensure your Azure SQL Database is always available even during regional outages?
Use a single-region database
B. Enable geo-replication
C. Create a local failover group
D. Use database snapshots
Answer: B. Enable geo-replication
Explanation: Active geo-replication ensures availability by replicating databases to other regions.
Reviews
There are no reviews yet.