The skill “2.2. Describe Azure Compute and Networking Services” focuses on the Azure services related to compute and networking. Azure offers a range of services in these areas, providing users with the flexibility to choose the services that best meet their specific needs.
Azure Compute Services:
Azure Networking Services:
Overall, understanding the Azure compute and networking services is essential for anyone designing, deploying, and managing Azure-based solutions. These services provide users with the flexibility and scalability they need to run a wide range of applications and services in the cloud.
0 of 72 Questions completed
Questions:
You have already completed the skill exam before. Hence you can not start it again.
Skill Exam is loading…
You must sign in or sign up to start the skill exam.
You must first complete the following:
0 of 72 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
You plan to extend your company’s network to Azure. The network contains a VPN appliance that uses an IP address of 131.107.200.1. You need to create an Azure resource that identifies the VPN appliance.
Which Azure resource should you create? (To answer, select the appropriate resource in the answer area.)
Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify an Azure Traffic Manager profile.
Does this meet the goal?
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: You create a resource lock, and then you assign the lock to the subscription.
Does this meet the goal?
You have an Azure virtual machine named VM1 that runs Windows Server 2019. You save VM1 as a template named Template1 to the Azure Resource Manager library. You plan to deploy a virtual machine named VM2 from Template1.
What can you configure during the deployment of VM2?
You plan to deploy several Azure virtual machines. You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to a scale set.
Does this meet the goal?
Your company plans to deploy several web servers and several database servers to Azure. You need to recommend an Azure solution to limit the types of connections from the web servers to the database servers.
What should you include in the recommendation?
A company has an Azure infrastructure deployed. Three virtual machines (VMs) are deployed to Azure as a three-tiered architecture. All three VMs host different items, with one hosting a front-end web application, one hosting a Microsoft SQL Server database and one hosting a business application programming interface (API). For public access, only the front-end web application be available and should be accessible over HTTP on port 80. All three VMs must be accessible over Remote Desktop Protocol (RDP) on port 222. There should be only one account able to access the VMs using RDP, and it should be yours.
Can you determine how Network Security Groups (NSGs) will be used in this scenario? Identify the two ways NSG rules can be used. (Select two.)
You have an Azure subscription that contains an Azure virtual machine named VM1. VM1 runs a financial reporting app named App1 that does not support multiple active instances. At the end of each month, CPU usage for VM1 peaks when App1 runs. You need to create a scheduled runbook to increase the processor performance of VM1 at the end of each month.
What task should you include in the runbook?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
If you have Azure resources deployed to every region. You can implement availability zones in all the regions.
Which service provides network traffic filtering across multiple Azure subscriptions and virtual networks?
What is a feature of an Azure virtual network?
You have an Azure virtual machine named VM1 that runs Windows Server 2019. You sign in to VM1 as a user named User1 and perform the following actions:
– Create files on drive C.
– Create files on drive D. Modify the screen saver timeout.
– Change the desktop background.
You plan to redeploy VM1.
Which changes will be lost after you redeploy VM1?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Only virtual machines that run Windows Server can be created in availability zones.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
You can associate a network security group (NSG) to a virtual network subnet.
Match the serverless solution to the correct characteristic. (To answer, drag the appropriate serverless solution from the column on the left to its characteristic on the right. Each serverless solution may be used once, more than once, or not at all.)
Executes code:
|
|
Runs only in the cloud:
|
|
Is always stateful:
|
|
Your company has an Azure subscription named Subscription1. The company also has two on-premises servers named Server1 and Server2 that run Windows Server 2016. Server1 is configured as a DNS server that has a primary DNS zone named adatum.com. Adatum.com contains 1,000 DNS records. You manage Server1 and Subscription1 from Server2. Server2 has the following tools installed:
– The DNS Manager console
– Azure PowerShell
– Azure CLI 2.0
You need to move the adatum.com zone to an Azure DNS zone in Subscription1. The solution must minimize administrative effort.
What should you use?
Which option is used to enable encrypted internet-based communication between an on-premises VPN device and an Azure VPN gateway?
Site-to-site VPN: Established between on-premises VPN device and an Azure VPN Gateway that is deployed in a virtual network. This connection type allow communication between any on-premises authorize resource to access a virtual network through an encrypted tunnel.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Availability zones are used to replicate data and applications to multiple regions.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
You can associate a network security group (NSG) to a virtual network.
You plan to deploy a service to Azure virtual machines. You need to ensure that the service will be available if a datacenter fails.
What should you use as part of the virtual machine deployment?
You have a public load balancer that balances ports 80 and 443 across three virtual machines. You need to direct all the Remote Desktop Protocol (RDP) connections to VM3 only.
What should you configure?
Which Azure serverless computing technology enables trigger-based workflow execution to automate business scenarios without the need for coding?
Which Azure serverless computing technology enables trigger-based workflow execution to automate business scenarios without the need for coding?
https://learn.microsoft.com/training/modules/azure-compute-fundamentals/azure-functions
Your company plans to move several servers to Azure. The company’s compliance policy states that a server named FinServer must be on a separate network segment. You are evaluating which Azure services can be used to meet the compliance policy requirements.
Which Azure solution should you recommend?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
You can associate a network security group (NSG) to a network interface card.
What is the function of a Site-to-Site VPN?
You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated to a different Azure AD tenant. Subscription1 contains a virtual network named VNet1. VNet1 contains an Azure virtual machine named VM1 and has an IP address space of
10.0.0.0/16. Subscription2 contains a virtual network named VNet2. VNet2 contains an Azure
virtual machine named VM2 and has an IP address space of 10.10.0.0/24. You need to connect
VNet1 to VNet2.
What should you do first?
Select the answer that correctly completes the sentence.
__________ allows you to scale to thousands of virtual machines for high-performance computing and large-scale parallel jobs.
Azure Batch allows you to scale to thousands of virtual machines for high-performance computing (HPC) and large-scale parallel jobs. Other Azure functionalities allow you to scale multiple VMs, but only Azure Batch will allow for thousands of VMs for HPC.
https://learn.microsoft.com/training/modules/azure-compute-fundamentals/azure-virtual-machines
You plan to deploy a critical line-of-business application to Azure. The application will run on an Azure virtual machine. You need to recommend a deployment solution for the application. The solution must provide a guaranteed availability of 99.99 percent. What is the minimum number of virtual machines and the minimum number of availability zones you should recommend for the deployment?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
When using an Azure ExpressRoute connection. Inbound data traffic from an on-premises network to Azure is always free.
You need to manage containers.
Which two services can you use? (Select two.)
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: You assign a built-in policy definition to the subscription.
Does this meet the goal?
Select the answer that correctly completes the sentence.
__________ allows you to provision a group of matching and load-balanced virtual machines in Azure.
“Virtual machine scale enables you to provision a group of matching and load-balanced virtual machines in Azure.
Imagine you are running a website that enables scientists to upload astronomy images that need to be processed. If you duplicated the VM, you would normally need to configure an additional service to route requests between multiple instances of the website. Virtual machine scale sets could do that work for you.
https://learn.microsoft.com/training/modules/azure-compute-fundamentals/azure-virtual-machines
An Availability Zone in Azure has physically separate locations across two continents.
Review the text. If it makes the statement correct, select “No change is needed.” If the statement is incorrect, select the answer choice that makes the statement correct.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Outbound data traffic from Azure to an on-premises network is always free.
At which OSI layer does ExpressRoute operate?
You have an Azure subscription. You plan to deploy an Azure Kubernetes Service (AKS) cluster to support an app named App1. On-premises clients connect to App1 by using the IP address of the pod. For the AKS cluster, you need to choose a network type that will support App1.
What should you choose?
Select the answer that correctly completes the sentence.
ExpressRoute supports _________ for tying an on-premises network to Azure.
A Point-to-point Ethernet connection is supported by ExpressRoute for connecting your on-premises network to Azure.
Your company has several business units. Each business unit requires 20 different Azure resources for daily operation. All the business units require the same type of Azure resources.
You need to recommend a solution to automate the creation of the Azure resources.
What should you include in the recommendations?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Data traffic between Azure services within the same Azure region is always free.
Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
What are two possible solutions? (Select two.)
You have an Azure web app named webapp1. Users report that they often experience HTTP 500 errors when they connect to webapp1. You need to provide the developers of webapp1 with real-time access to connection errors. The solution must provide all the connection error details.
What should you do first?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
A company can extend the capacity of its internal network by using the public cloud.
Azure Databricks is an Apache Spark-based analytics service.
Review the text. If it makes the statement correct, select “No change is needed.” If the statement is incorrect, select the answer choice that makes the statement correct.
Your company has virtual machines (VMs) hosted in Microsoft Azure. The VMs are located in a single Azure virtual network named VNet1. The company has users that work remotely. The remote workers require access to the VMs on VNet1. You need to provide access for the remote workers.
What should you do?
You have an application that is comprised of an Azure web app that has a Service Level Agreement (SLA) of 99.95 percent and an Azure SQL database that has an SLA of 99.99 percent.
The composite SLA for the application is the product of both SLAs. which equals 99.94 percent.
Instructions: Review the text. If it makes the statement correct, select “No change is needed.” If the statement is incorrect, select the answer choice that makes the statement correct.
You have an Azure subscription that has a Recovery Services vault named Vault1. The subscription contains the virtual machines shown in the following table:
You plan to schedule backups to occur every night at 23:00.
Which virtual machines can you back up by using Azure Backup?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
A company can extend the computer resources of its internal network by using the public cloud.
You have an Azure environment that contains 10 virtual networks and 100 virtual machines. You need to limit the amount of inbound traffic to all the Azure virtual networks.
What should you create?
Your developers have created a portal web app for users in the Miami branch office. The web app will be publicly accessible and used by Miami users to retrieve customer and product information. The web app is currently running in an on-premises test environment. You plan to host the web app on Azure. You need to determine which Azure web tier plan to host the web app. The web tier plan must meet the following requirements:
– The website will use the miami.weyland.com URL.
– The website will be deployed to two instances.
– SSL support must be included.
– The website requires 12 GB of storage.
– Costs must be minimized.
which web tier plan should you use?
After you create a virtual machine, you need to modify the network security group (NSG) to allow connections from TCP port 8080.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
You have an Azure subscription that contains the identities shown in the following table.
User1, Principal1, and Group1 are assigned the Monitoring Reader role. An action group named AG1 has the Email Azure Resource Manager Role notification type and is configured to email the Monitoring Reader role. You create an alert rule named Alert1 that uses AG1. You need to identify who will receive an email notification when Alert1 is triggered.
Who should you identify?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Every Azure region has multiple datacenters.
You plan to deploy several Azure virtual machines. You need to control the ports that devices on the Internet can use to access the virtual machines.
What should you use?
You have an Azure virtual network named VNET1 in a resource group named RG1. You assign an Azure policy specifying that virtual networks are not an allowed resource type in RG1. VNET1 is deleted automatically.
Review the text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
You have an Azure subscription that contains a resource group named TestRG. You use TestRG to validate an Azure deployment. TestRG contains the following resources:
You need to delete TestRG.
What should you do first?
Your company has serval departments. Each department has a number of virtual machines (VMs). The company has an Azure subscription that contains a resource group named RG1. All VMs are located in RG1. You want to associate each VM with its respective department.
What should you do?
You plan to deploy several Azure virtual machines. You need to ensure that the services running on the virtual machines are available if a single data center fails. Solution: You deploy the virtual machines to two or more scale sets.
Does this meet the goal?
To complete the sentence, select the appropriate option in the answer area.
After you create a virtual machine, you need to modify the. XXXXXXX to allow connections to TCP port 8080 on the virtual machine.
You have a web app named App1 that is hosted on-premises and on four Azure virtual machines. Each virtual machine is in a different region. You need to recommend a solution to ensure that users will always connect to the closest instance of App1. The solution must prevent the users from attempting to connect to a failed instance of App1.
Which two possible recommendations achieve the goal? (Select two.)
You have an Azure DNS zone named adatum.com. You need to delegate a subdomain named research.adatum.com to a different DNS server in Azure.
What should you do?
To complete the sentence, select the appropriate option in the answer area. You plan to deploy 20 virtual machines to an Azure environment. To ensure that a virtual machine named VM1 cannot connect to the other virtual machines, VM1 must XXXX
Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a network security group (NSG).
Does this meet the goal?
You need to implement App2 to meet the application requirements.
What should you include in the enabled feature?
You have an Azure subscription named Subscription1 that contains the resources shown in the following table.
VM1 connects to a virtual network named VNET2 by using a network interface named NIC1. You need to create a new network interface named NIC2 for VM1.
Solution: You create NIC2 in RG2 and Central US.
Does this meet the goal?
You plan to deploy several Azure virtual machines. You need to ensure that the services running on the virtual machines are available if a single data center fails.
Solution: You deploy the virtual machines to two or more availability zones.
Does this meet the goal?
Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a DDoS protection plan.
Does this meet the goal?
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created,
it automatically blocks TCP port 8080 between the virtual networks.
Solution: From the Resource providers blade, you unregister the Microsoft.ClassicNetwork provider.
Does this meet the goal?
You have an Azure subscription named Subscription1 that contains the resources shown in the following table.
VM1 connects to a virtual network named VNET2 by using a network interface named NIC1. You need to create a new network interface named NIC2 for VM1.
Solution: You create NIC2 in RG2 and West US.
Does this meet the goal?
You need to identify the type of failure for which an Azure availability zone can be used to protect access to Azure services.
What should you identify?
Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify an Azure firewall.
Does this meet the goal?
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: You configure a custom policy definition, and then you assign the policy to the subscription.
Does this meet the goal?
You plan to deploy three Azure virtual machines named VM1, VM2, and VM3. The virtual machines will host a web app named App1. You need to ensure that at least two virtual machines are available if a single Azure datacenter becomes unavailable.
What should you deploy?