Microsoft Azure Fundamentals Practice Test (AZ-900)

Availability Zones are physically separate locations within an Azure region, each with independent power, cooling, and networking. By deploying resources across multiple Availability Zones, your application can continue to operate even if one zone experiences an outage.

Availability Sets protect against hardware failures within a datacenter but do not provide resilience against datacenter failures.

Azure Regional Pairs provide disaster recovery capabilities across different regions, not within the same region.

Azure Traffic Manager is used for DNS-based load balancing and distribution of traffic but does not protect against datacenter failures within a single region.

The Azure portal is an online, web-based console that enables users to build, manage, and monitor Azure resources through a graphical user interface. It supports all Azure services and includes tools for managing cloud resources. Unlike the Azure CLI and Azure PowerShell, which are command-line tools, the portal provides a visual interface accessible through a web browser. It is not an offline tool or on-premises software; it is a fully online platform.

The pay-as-you-go model charges customers based on their actual resource consumption, providing flexibility and cost savings by paying only for what is used. Other models like reserved pricing involve upfront commitments to certain resources, and subscription-based models often involve fixed costs regardless of usage.

Azure Log Analytics is the service within Azure Monitor that is designed specifically to perform log data aggregation and complex querying. It lets you analyze data across multiple virtual machines, enabling the detection of trends and patterns. In contrast, Application Insights provides application performance insights but isn't used for extensive log data analysis across VMs. Azure Monitor alerts enable you to set up alert rules based on metrics or logs, but do not involve data aggregation or complex querying. Azure Service Health notifies you about Azure service incidents and maintenance, but is not used for log data analysis.

Azure Advisor is an intelligent, personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry, then provides recommendations to help improve the efficiency of your Azure resources. Azure Advisor does not directly manage resources, provide real-time security alerts, or guarantee SLAs for your services; its main purpose is to offer guidance that you can act on to optimize your deployments.

Platform as a Service (PaaS) is the correct answer because it allows customers to deploy applications without managing the underlying infrastructure, such as servers or runtime environments. PaaS provides a platform with tools to develop, test, and host applications in the same integrated environment, simplifying the process for developers. Infrastructure as a Service (IaaS) would require managing the operating system and runtime environment, and Software as a Service (SaaS) generally refers to using software applications provided by a third party, not deploying your own. Server Hosting is not a cloud service type but rather a general term that can refer to any form of hosting a server, which would require greater management of the infrastructure.

Cloud computing enhances security and governance by allowing organizations to centrally manage policies and access controls. This centralized approach ensures consistent security measures are applied across all resources, improving overall security posture and compliance with regulations. Other options like increased hardware control or enhanced application performance do not directly relate to centralized policy management.

Reliability is the correct answer because cloud providers offer robust and redundant infrastructure that minimizes downtime and ensures consistent performance. This enables organizations to maintain continuous operation and meet their service commitments. While scalability allows a system to handle increased loads, it does not directly address service interruptions. Cost savings focus on reducing expenses, and rapid deployment refers to the speed at which services can be launched; neither directly ensures consistent operational performance.

To execute shell scripts that contain both Bash and PowerShell cmdlets without installing any additional software, you would use Azure Cloud Shell. Azure Cloud Shell is a browser-based, authenticated shell environment that provides a built-in option to switch between Bash (which supports Azure CLI) and PowerShell, making it ideal for scenarios requiring both. Azure Cloud Shell is preconfigured to work with Azure services, and it abstracts the complexities of the underlying infrastructure. Azure CLI alone does not support PowerShell cmdlets, and Azure PowerShell alone does not support Bash scripts. Visual Studio Code with the Azure extension, while powerful for development and deployment, primarily serves as an Integrated Development Environment (IDE) rather than a browser-based shell environment.

A hybrid cloud model integrates both on-premises infrastructure and public cloud services, allowing the company to keep sensitive data in-house while accessing scalable resources from the cloud provider. This model meets the requirements of maintaining compliance with regulations and handling variable computing demands. The public cloud model would not keep data in-house, and the private cloud model wouldn't leverage external cloud resources.

Azure Cloud Shell is the correct answer because it provides a browser-based command-line interface accessible directly from the Azure portal. It supports both Bash and PowerShell environments, allowing you to manage Azure resources without installing anything locally.

Azure CLI installed locally requires installation on your local machine and does not meet the requirement of not installing software.

Azure PowerShell module installed locally also requires local installation.

Azure Portal offers a graphical interface, not a command-line interface that supports both Bash and PowerShell.

An Azure subscription is a logical container that organizes resources created in Azure. It acts as a boundary for billing by tracking resource usage and costs. This helps organizations manage expenses and resource allocations effectively. While access permissions are managed through Azure Active Directory and role-based access control and physical deployment locations are determined by Azure regions, the subscription itself is central to billing and resource management.

Resource locks in Azure are designed to prevent accidental deletion or modification of resources. By applying a lock, you can ensure that even users with the correct permissions cannot delete or modify the resource without first removing the lock.

Role-Based Access Control (RBAC) manages user access but does not prevent actions by authorized users.

Azure Policy helps enforce organizational standards but cannot block deletions or modifications on individual resources.

Tags are used for organizing resources and have no impact on resource protection.

Zone Redundant Storage replicates your data synchronously across three availability zones within a region, ensuring high availability and protection against zone failures.

Locally Redundant Storage copies data within a single physical location in the primary region.

Geo-Redundant Storage replicates data asynchronously to a secondary region, but not across zones within the same region.

Read-Access Geo-Redundant Storage provides read access to data in the secondary region, but also does not replicate across zones within a region.

Zone-redundant storage (ZRS) replicates data synchronously across three availability zones within a single region, ensuring high durability and availability even if one zone becomes unavailable.

Locally redundant storage (LRS) keeps multiple copies within a single storage cluster, but all copies are in the same zone, making it less resilient to zone failures.

Geo-redundant storage (GRS) replicates data across two geographically separate regions to protect against regional outages.

Read-access geo-redundant storage (RA-GRS) provides the same cross-regional data replication as GRS but with the added capability of read access to the secondary region. However, like GRS, its primary focus is on cross-regional redundancy rather than guaranteeing availability within a single region.