The AZ-900 exam is a stepping stone to success in the Microsoft industry. To help you prepare for the AZ-900 exam, we offer a plan: Try the Microsoft AZ-900 dumps of the Pass4itSure update and succeed on the AZ-900 exam with the actual AZ-900 exam questions.
Saving the Microsoft Azure Fundamentals exam? The latest AZ-900 dumps online download: https://www.pass4itsure.com/az-900.html to pass this exam smoothly.
Related to AZ-900
You need to understand which exams it is related to and where it is headed, as shown below.
The AZ-900 exam is too difficult, how to save it?
AZ-900 is only an introductory exam for other advanced Microsoft certifications, but it’s not a small challenge. You need thorough preparation to pass.
Back to business, how to save your AZ-900 exam? Use Pass4itSure AZ-900 dumps, use Pass4itSure AZ-900 dumps, use Pass4itSure AZ-900 dumps. Say important things three times.
Pass4itSure: A reliable platform
Pass4itSure adheres to the principles of honesty, truthfulness, and trustworthiness, and provides you with real-time updated AZ-900 dumps exam preparation resources at a moderate price to help you complete the exam.
Latest-2023 Microsoft AZ-900 real questions (free share)
Question 1:
You have a virtual machine named VM1 that runs Windows Server 2016. VM1 is in the East US Azure region.
Which Azure service should you use from the Azure portal to view service failure notifications that can affect the availability of VM1?
A. Azure Service Fabric
B. Azure Monitor
C. Azure virtual machines
D. Azure Advisor
Correct Answer: C
In the Azure virtual machines page in the Azure portal, there is a named Maintenance Status. This column will display service issues that could affect your virtual machine. A service failure is rare but host server maintenance that could affect your virtual machines is more common.
Azure periodically updates its platform to improve the reliability, performance, and security of the host infrastructure for virtual machines. The purpose of these updates ranges from patching software components in the hosting environment to upgrading networking components or decommissioning hardware.
References: https://docs.microsoft.com/en-us/azure/virtual-machines/maintenance-and-updates
Question 2:
Fill in the blank (______________________) in Azure Firewall enables users on the internet to access a server on a virtual network.
Correct Answer: Network Address Translation(NAT) rules
Question 3:
DRAG DROP
Match the Azure service to the correct description.
Instructions: To answer, drag the appropriate Azure service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point.
Select and Place:
Correct Answer:
Explanation:
Box 1: Azure SQL Database
SQL Server is a relational database service. Azure SQL Database is a managed SQL Server Database in Azure. The SQL Server is managed by Microsoft; you just have access to the database.
Box 2: Azure SQL Synapse Analytics
Azure SQL Synapse Analytics (previously called Data Warehouse) is a cloud-based Platform-as-a-Service (PaaS) offering from Microsoft. It is a large-scale, distributed, MPP (massively parallel processing) relational database technology in the same class of competitors as Amazon Redshift or Snowflake.
Azure SQL Synapse Analytics is an important component of the Modern Data Warehouse multi-platform architecture.
Because Azure SQL Synapse Analytics is an MPP system with a shared-nothing architecture across distributions, it is meant for large-scale analytical workloads which can take advantage of parallelism.
Box 3: Azure Data Lake Analytics
You can process big data jobs in seconds with Azure Data Lake Analytics.
You can process petabytes of data for diverse workload categories such as querying, ETL, analytics, machine learning, machine translation, image processing, and sentiment analysis by leveraging existing libraries written in .NET languages, R or Python.
Box 4: Azure HDInsight.
Apache Hadoop was the original open-source framework for distributed processing and analysis of big data sets on clusters. The Hadoop ecosystem includes related software and utilities, including Apache Hive, Apache HBase, Spark, Kafka, and many others.
Azure HDInsight is a fully managed, full-spectrum, open-source analytics service in the cloud for enterprises.
The Apache Hadoop cluster type in Azure HDInsight allows you to use HDFS, YARN resource management, and a simple MapReduce programming model to process and analyze batch data in parallel.
Reference:
https://azure.microsoft.com/en-us/services/sql-database/
https://docs.microsoft.com/en-us/azure/sql-data-warehouse/sql-data-warehouse-overview-what-is
https://docs.microsoft.com/bs-latn-ba/azure/hdinsight/hadoop/apache-hadoop-introduction
https://www.blue-granite.com/blog/is-azure-sql-data-warehouse-a-good-fit-updated
https://azure.microsoft.com/en-gb/services/data-lake-analytics/
Question 4:
You have a resource group named RG1.
You plan to create virtual networks and app services in RG1.
You need to prevent the creation of virtual machines only in RG1.
What should you use?
A. a lock
B. an Azure role
C. a tag
D. an Azure policy
Correct Answer: D
Azure policies can be used to define requirements for resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources.
Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.
In this question, we would create an Azure policy assigned to the resource group that denies the creation of virtual machines in the resource group.
You could place a read-only lock on the resource group. However, that would prevent the creation of any resources in the resource group, not virtual machines only. Therefore, an Azure Policy is a better solution.
References:
https://docs.microsoft.com/en-us/azure/governance/policy/overview
Question 5:
Your network contains an Active Directory forest. The forest contains 5,000 user accounts.
Your company plans to migrate all network resources to Azure and to decommission the on-premises data center.
You need to recommend a solution to minimize the impact on users after the planned migration.
What should you recommend?
A. Implement Azure Multi-Factor Authentication (MFA)
B. Sync all the Active Directory user accounts to Azure Active Directory (Azure AD)
C. Instruct all users to change their password
D. Create a guest user account in Azure Active Directory (Azure AD) for each user
Correct Answer: B
To migrate to Azure and decommission the on-premises data center, you would need to create the 5,000 user accounts in Azure Active Directory. The easy way to do this is to sync all the Active Directory user accounts to Azure Active
Directory (Azure AD). You can even sync their passwords to further minimize the impact on users.
The tool you would use to sync the accounts is Azure AD Connect. The Azure Active Directory Connect synchronization services (Azure AD Connect sync) are a main component of Azure AD Connect.
It takes care of all the operations that are related to synchronizing identity data between your on-premises environment and Azure AD.
References:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-whatis
Question 6:
Fill in the blank Azure distributed denial of service (DDoS) protection is an example of a protection that is implemented at the (_______________).
Correct Answer: networking layer
Question 7:
HOTSPOT
Select the answer that correctly completes the sentence.
Hot Area:
Correct Answer:
Explanation:
Box: within a single Azure region
Azure availability zones are physically separate locations within each Azure region that are tolerant to local failures.
Reference:
https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
Question 8:
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear on the review screen.
Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is being deployed and configured for on-premises to Azure connectivity.
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines.
Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Instead use Azure Network Watcher IP Flow Verify, which allows you to detect traffic filtering issues at a VM level.
Note: IP flow verification checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and a remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned.
While any source or destination IP can be chosen, IP flow verification helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview
Question 9:
HOTSPOT
Select the answer that correctly completes the sentence.
Hot Area:
Correct Answer:
Question 10:
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: Yes
You can send Azure AD activity logs to Azure Monitor logs to enable rich visualizations, monitoring, and alerting on the connected data.
All data collected by Azure Monitor fits into one of two fundamental types, metrics, and logs (including Azure AD activity logs). Activity logs record when resources are created or modified. Metrics tell you how the resource is performing and the resources that it\’s consuming.
Box 2: Yes
Azure Monitor can consolidate log entries from multiple Azure resources, subscriptions, and tenants into one location for analysis together.
Box 3: Yes
You can create alerts in Azure Monitor.
Alerts in Azure Monitor proactively notify you of critical conditions and potentially attempt to take corrective action. Alert rules based on metrics provide near real-time alerting based on numeric values, while rules based on logs allow for complex logic across data from multiple sources.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/overview
Question 11:
DRAG DROP
Match the Azure services to the appropriate descriptions.
To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point.
Select and Place:
Correct Answer:
Explanation: Box 1: ExpressRoute ExpressRoute lets you extend your on-premises networks into the Microsoft Cloud over a private connection with the help of a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure and Microsoft 365.
Box 2: Virtual network peering enables you to seamlessly connect two or more Virtual Networks in Azure. The virtual networks appear as one for connectivity purposes. The traffic between virtual machines in peered virtual networks uses the Microsoft backbone infrastructure.
Box 3: VPN gateway VPN gateways provide secure connectivity between multiple sites, such as on-premises data centers, Google Cloud Virtual Private Cloud (VPC) networks, and Google Cloud VMware Engine private clouds. Traffic is encrypted because the VPN connections traverse the internet.
Reference: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview https://cloud.google.com/vmware-engine/docs/concepts-vpn-gateways
Question 12:
Your company plans 10 migrate all its data and resources to Azure.
The company\’s migration plan states that only Platform as a Service (PaaS) solutions must be used in Azure
You need to deploy an Azure environment that meets the company\’s migration plan
What should you create?
A. an Azure App Service and Azure SQL databases
B. Azure storage accounts and web server in Azure virtual machines
C. Azure virtual machines. Azure SQL databases, and Azure Storage accounts
D. an Azure App Service and Azure virtual machines that have Microsoft SQL Server installed
Correct Answer: A
Azure App Service and Azure SQL databases are examples of Azure PaaS solutions. Therefore, this solution does meet the goal.
Question 13:
What is the longest term you can purchase for Azure Reserved VM Instances?
A. three years
B. four years
C. one year
D. five years
Correct Answer: A
Question 14:
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company is planning to migrate all its virtual machines to an Azure pay-as-you-go subscription. The virtual machines are currently hosted on the Hyper-V hosts in a data center.
You are required to make sure that the intended Azure solution uses the correct expenditure model.
Solution: You should recommend the use of the elastic expenditure model.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: B
Question 15:
You have an Azure Sentinel workspace.
You need to automate responses to threats detected by Azure Sentinel.
What should you use?
A. adaptive network hardening in Azure Security Center
B. Azure Service Health
C. Azure Monitor workbooks
D. adaptive application controls in Azure Security Center
Correct Answer: C
The above practice questions contain 15 questions for the exam for final preparation. This is not enough and it is recommended that you download the Pass4itSure AZ-900 dumps https://www.pass4itsure.com/az-900.html (there are 604 questions).
Final words:
How do I pass the Microsoft Azure Fundamentals AZ-900 exam? The most effective thing to do is: Download the latest AZ-900 dumps (Pass4itSure) to practice exam questions.