-
web.groovymark@gmail.com
- December 1, 2024
Question 01
What is required to implement Azure administrative units?
a) Azure AD Free
b) Azure AD Premium P1
c) Azure AD Basic
d) Azure AD Premium P2
Correct Answer: b) Azure AD Premium P1
Explanation: Azure administrative units require the Azure AD Premium P1 license for implementation.
Question 02
What happens when a device is deleted from Azure Active Directory (AD)?
a) The device is disabled
b) Resources are no longer accessible
c) The device is archived
d) The device is rejoined to AD
Correct Answer: b) Resources are no longer accessible
Explanation: Deleting a device from Azure AD revokes access to resources associated with that device.
Question 03
Which operating system supports Azure AD join?
a) Windows 8
b) Windows 7
c) Windows 10
d) Windows Server 2012
Correct Answer: c) Windows 10
Explanation: Windows 10 natively supports Azure AD join for device management.
Question 04
Which administrator role has the minimum permissions required to manage Azure health settings and requests for vendor assistance?
a) Global administrator
b) Service support
c) Owner
d) Contributor
Correct Answer: b) Service support
Explanation: The Service Support role provides the necessary permissions to manage health settings and vendor requests.
Question 05
Which user has the minimum privileges needed to manage and delete a storage account?
a) User1
b) User2
c) User3
d) User4
Correct Answer: c) User3
Explanation: User3 has the Owner role at the Resource scope, granting the necessary permissions to manage and delete the storage account.
Question 06
Which role and scope should an administrator use to delegate the ability to only view resources in production Azure resources?
a) Reader role scoped to Dev-RG
b) Reader role scoped to Prod-RG
c) Contributor role scoped to Prod-RG
d) Owner role scoped to Prod-RG
Correct Answer: b) Reader role scoped to Prod-RG
Explanation: This configuration provides viewing rights limited to the production resources.
Question 07
What is the largest scope to which a custom Azure role-based access control (RBAC) role can be assigned?
a) Resource
b) Resource group
c) Management group
d) Subscription
Correct Answer: d) Subscription
Explanation: Custom RBAC roles can be assigned at the subscription level, which is the largest scope.
Question 08
Where does the Azure Recovery Services vault need to be deployed when it is first created?
a) Subscription
b) Resource group
c) Management group
d) Storage account
Correct Answer: b) Resource group
Explanation: The Azure Recovery Services vault must be created within a resource group.
Question 09
What is the maximum frequency for full backups of virtual machines that are configured using the Azure Backup policy?
a) Hourly
b) Daily
c) Weekly
d) Monthly
Correct Answer: b) Daily
Explanation: The Azure Backup policy allows for full backups of virtual machines to be scheduled daily.
Question 10
Which step is required to perform the restore of an individual file from a backup created by Azure Backup to an Azure Virtual Machine (VM) running Linux?
a) Restore the entire VM
b) Download and run a script
c) Use the Azure portal
d) Access the recovery services vault
Correct Answer: b) Download and run a script
Explanation: A script must be downloaded and executed to restore individual files on a Linux VM.
Question 11
What should be implemented to enforce tagging requirements for all Azure resources?
a) Azure Policy definition with a required tag
b) Management group policy
c) RBAC role assignment
d) Resource tagging script
Correct Answer: a) Azure Policy definition with a required tag
Explanation: Azure Policy allows for enforcing tagging standards on resources.
Question 12
Which operation should be performed to ensure that all resources are tagged correctly?
a) Add-AzTag
b) Update-AzTag -Operation Merge
c) Remove-AzTag
d) Get-AzTag
Correct Answer: b) Update-AzTag -Operation Merge
Explanation: This operation updates tags, merges correct tags, and adds nonexistent ones.
Question 13
Which Azure service is used to see an overview of resource usage on a subscription?
a) Azure Monitor
b) Cost Management
c) Azure Advisor
d) Azure Resource Manager
Correct Answer: b) Cost Management
Explanation: Cost Management provides insights into resource usage and costs.
Question 14
What should be used to limit storage account access to a blob shared to internal devices?
a) Private link
b) Storage firewall
c) Virtual network
d) Access keys
Correct Answer: b) Storage firewall
Explanation: A storage firewall restricts access based on specified IP addresses.
Question 15
What can a name for a storage account contain?
a) Uppercase letters and digits
b) Special characters
c) Only lowercase characters and digits
d) Any characters
Correct Answer: c) Only lowercase characters and digits
Explanation: Storage account names must be in lowercase letters and digits only.
Question 16
Which permission is granted with a Shared Access Signature (SAS) token that has the following parameters: sp=r&st=2021-11-30T01:00:34Z&se=2021-11-30T09:00:34Z?
a) Write
b) Delete
c) Read
d) List
Correct Answer: c) Read
Explanation: The SAS token specifies read permission with the 'sp=r' parameter.
Question 17
Which feature should be active before purge protection of Azure Blob storage can be enabled?
a) Soft delete
b) Versioning
c) Read access
d) Access tier
Correct Answer: a) Soft delete
Explanation: Soft delete must be enabled to configure purge protection for Azure Blob storage.
Question 18
Where is the access tier setting applied to if the access tier’s inferred property is set to true?
a) Blob
b) Container
c) Storage account
d) Subscription
Correct Answer: c) Storage account
Explanation: The access tier setting is applied at the storage account level when inferred.
Question 19
Which Blob access tier will automatically change if an administrator changes the default access tier of the storage account to Cool?
a) Blob 1
b) Blob 2
c) Blob 3
d) Blob 4
Correct Answer: a) Blob 1
Explanation: Blob 1 is set to Hot (inferred) and will change to Cool if the default tier is updated.
Question 20
How should Storage Explorer be connected to a storage account without using an account key?
a) Azure portal
b) By using a shared access signature
c) Managed identity
d) Azure AD credentials
Correct Answer: b) By using a shared access signature
Explanation: A shared access signature allows secure access without using account keys.
