AZ-900 Exam Prep #3 Questions and Answers
How is authorization different from authentication?
Authorization is verifying that you are who you say you are. Authentication is granting access to features, sections, applications and more, once you have authenticated.
Authentication is the proces...
you are designing an azure infrastructure solution
what is the purpose of azure privileged identity m
Written for
AZ 900
AZ 900
Seller
Follow
Pogba119
Reviews received
Content preview
AZ-900 Exam Prep #3 Questions and
Answers
How is authorization different from authentication?
Authorization is verifying that you are who you say you are. Authentication is granting
access to features, sections, applications and more, once you have authenticated.
Authentication is the process of proving that you are who you say you are. Authorization
is the act of granting an authenticated party permission to do something.
Authorization is validating the IP address you are using has access to the application.
There is no difference. - answer Authentication is the process of proving that you are
who you say you are. Authorization is the act of granting an authenticated party
permission to do something. - Authentication is the process of proving that you are who
you say you are. It's sometimes shortened to AuthN. The Microsoft identity platform
uses the OpenID Connect protocol for handling authentication. Authorization is the act
of granting an authenticated party permission to do something. It specifies what data
you're allowed to access and what you can do with that data. Authorization is
sometimes shortened to AuthZ. The Microsoft identity platform uses the OAuth 2.0
protocol for handling authorization.
You are designing an Azure infrastructure solution for your company's application. This
solution must continue to function if a single datacenter goes offline. For compliance
reasons, your infrastructure and data must reside in the same general location. How
should you design this infrastructure?
Within a single region, replicate your infrastructure across multiple availability zones in
that region.
Use the Cosmos replication service to copy resources across fault domains.
Use region pairs to replicate resources.
Replicate your infrastructure across multiple regions. - answer Within a single region,
replicate your infrastructure across multiple availability zones in that region. - Availability
zones provide a level of fault tolerance within a single region (or general location). Each
availability zone is a self-contained datacenter. By replicating resources across multiple
availability zones, if 1 zone (or datacenter) goes offline, the other availability zones in
the same region can continue to host your application.
,What is the purpose of Azure Privileged Identity Management?
Manage, control, and monitor access to important resources in your organization
Security Information Event Management (SIEM) tool to monitor security of Azure
resources
Managed network firewall for Azure Virtual Networks
Securely store and provide access to connection credentials - answer Manage,
control, and monitor access to important resources in your organization - Azure
Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD)
that enables you to manage, control, and monitor access to important resources in your
organization.
You need to select the proper Azure service that can handle the following requirements:
- Act as a routing service to send events between Azure services and applications -
Serverless, with no infrastructure to deploy or manage Which Azure service is most
suited for this task?
Event Grid
Cosmos DB
Azure Synapse Analytics
Azure Functions - answer Event Grid - Azure Event Grid is a serverless routing
service that can send and receive events between different Azure services and
applications.
Which of the following statements are true for IaaS cloud services? (Select two)
The client is responsible for purchasing all Operating System (OS) host licensing.
The client is responsible for all guest VM OS and application updates.
The client has complete control over the hardware hosting the VM.
Services can be scaled automatically to support system load. - answer The client is
responsible for all guest VM OS and application updates. - Client must perform all guest
OS and application updates. Operating System (OS) licensing is included in the per-use
cost of the service.
Services can be scaled automatically to support system load. - IaaS host services often
feature the ability to scale automatically to combat increased system load and scaled
back during periods of inactivity.
, Regarding this diagram, which service might you place at 1 to protect the connection
credentials from the web service to the SQL database, but also allow access to third
party applications?
A Network Security Group
Azure Sentinel
Azure Information Protection
Azure Key Vault - answer Azure Key Vault - Azure Key Vault will store your
connection credentials securely, and allow third-party applications to use it through a
token. The token access can be revoked without changing the credentials.
You need to create a virtual machine with the following disk requirements: - Hold up to
64TB in a single disk - Highest possible performance with sub-millisecond latency
Which disk type should you select for your virtual machine?
Premium SSD
Ultra
Standard SSD
High Performance - answer Ultra - Ultra disks are the most expensive, yet highest-
performing disk types available for Azure virtual machines. They support up to 64TB on
a single disk.
When utilizing at least two Azure virtual machines with at least two availability zones,
what is the guaranteed service level agreement that can be expected?
100%
99.95%
99.9%
99.99% - answer 99.99% - When deploying at least two Azure virtual machines
across two or more Availability Zones in the same Azure region, a 99.99% SLA is
guaranteed.
You are beginning to extend your on-premises data center into Azure. You have created
a new Azure subscription and resource group called RG-One. You deploy two virtual
machines into RG-One with the intent of promoting these to Active Directory domain
controllers. What kind of cloud service would this be considered?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Pogba119. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £10.35. You're not tied to anything after your purchase.