1.

Which of the following option is ‘not’ required for on-premises resources to connect to the VPN
gateway in Azure?
a) Policy-based gateway
b) Route-based gateway
c) Public facing IPv4 address
d) None of the above

2. Which of the following is a security posture in your organization which allows protection and secure
from threats?
a) Confidentiality
b) Integrity
c) Availability
d) All of the above

3. Which of the following fits better as the hierarchy within azure account?
a) 1. Resources
2. Azure account
3. Resource groups
4. Subscription
b) 1. Azure account
2. Subscription
3. Resource groups
4. Resources
c) 1. Azure account
2. Resources
3. Subscription
4. Resource groups
d) 1. Resource groups
2. Azure account
3. Subscription
4. Resources

4. How many ExpressRoute circuits per subscriptions in an Azure account?

5. in an azure environment, with mfa enabled for any user how many minimum number of
authentication(s) are required?
a) 1
b) 2
c) 3
d) 4

6. which of the following VPN in azure basically works over the IKEv2 or sstp tunneling protocol?
a) point to site VPN
b) site to site VPN
c) Express Route
d) Al of the above
7. what is the supported ‘routing’ method in point-to-site VPN in azure?
a) BGP
b) Policy based
c) Route based
d) None of the above

8. which of the following tools is your best choice to setup your first VM to host a process that runs
nightly?
a) ARM templates
b) Azure powershell
c) The Azure portal
d) The Azure CLI

9. which component in azure is responsible for responding to the users request from web portal or
CLI?
a) API
b) Orchestrator
c) Fabric controller
d) TOR

10. Select the default state of Azure Function from the following
a) stateless
b) stateful
c) Neutral
d) None of the above

11. Which protocol provides dynamic routing for azure ExpressRoute?

12. which of the following azure serverless computing service could be “Designer-First” or
“Declarative” development approach?
a) Azure Functions
b) Azure Logic Apps
c) Both Functions and Logic Apps
d) None of the above

13. which of the following is a globally distributed database with NOSQL options support?
a) Azure COSMOS DB
b) Azure SQL Database
c) Azure Database for MYSQL
d) SQL server on Azure Virtual Machines

14. Which Azure Database is a fully managed and Scalable MariaDB RDMS with HA & Security
features?
a) Azure Cache for Redis
b) Azure Synapse Analytics
c) Azure Database Migration Service
d) Azure Database for MariaDB

15. which is the best way for your organization to safely store its certificates so that they’re accessible
to cloud VMs?
a) Place the certificate on a network share
b) Store them on a VM that’s protected by a password
c) store the certificates in Azure Key vault
d) All of the above

16. which of the following azure devops service is an automated test tool that can be used in a CI/CD
pipeline to ensure quality before a software release?
a) Azure Repos
b) Azure Boards
c) Azure Pipelines
d) Azure test plans

17. what is the default limit per subscription per region to create a virtual machine in Azure?
a) 10VMs
b) 20VMs
c) 30VMs
d) Unlimited

18. Which VPN approach requires greater bandwidth and greater level of security using azure
networking?
a) Point to site VPN
b) Site to Site VPN
c) Azure ExpressRoute
d) All of the above

19. which service provides official outage root cause analyses (RCAs) for Azure incidents?
a) Azure Advisor
b) Azure Monitor
c) Azure Service Health
d) All of the above

20. which of the following is a standard that applies to the security of IT systems, published by the
International Organization for standardization to certify that it computes with this standard?
a) ISO 27001
b) ISO 27002
c) ISO 27003
d) ISO 27004

21. which peering configuration would you use for your Express route circuit where you need to allow
direct connections to Azure compute resources?
a) Azure Virtual Network Peering1
b) Azure Private Peering
c) Microsoft Peering
d) None of the above

22. which of the following is a tool that Azure Active Directory uses to allow (or Deny) access to
resources based on identity signals?
a) Azure Advisor
b) Azure Active Directory
c) Conditional Access
d) MFA

23. Which of the app service within Azure APP service from the following includes full support for
hosting web apps by using ASP.NET, ASP.NET Core, Java, Ruby, Node.js, PHP, or Python?
a) API Apps
b) Web Apps
c) Web Jobs
d) Mobile Apps

24. what would be the correct option you need to think before creating an Azure VM?
a) Location for the resource
b) Size of the VM
c) Configuration of the VM
d) All of the above

25. Which of the following Azure storage access tier would be helpful in accessing the infrequently of
the stored data for atleast 30 days?
a) Hot access tier
b) Cool access tier
c) Archive access tier
d) All of the above

26. what is the first step that you would take in order to share an image file as a blob in azure
storage?
a) Create an azure storage container to store the image
b) create an azure storage account
c) upload the image file and create a container
d) use a shared access signature (SAAS) token to restrict access to the image.

27. which azure storage option is better for storing data for backup and restore, disaster recovery and
archiving?
a) Azure files storage
b) Azure Disk storage
c) Azure Blob storage
d) All of the above

28. To change the DNS IP address for an environment with several windows & linux virtual machines
in it, which Azure resource must be modified?
a) Azure Virtual machines
b) Azure Virtual Network
c) Azure DNS
d) Azure security center
29. Select the appropriate action while creating azure policy using azure portal.
a) 1. Assign the definition to resources.
2. Create a Policy definition.
3. Review the evaluation results.
b) 1. Create a Policy definition.
2. Assign the definition to resources.
3. Review the evaluation results.
c) 1. Assign the definition to resources.
2. Review the evaluation results.
3. Create a Policy definition.
d) 1. Create a Policy definition.
2. Review the evaluation results.
3. Assign the definition to resources.

30. To implement a role on a user with the resource group, which option/blade must be used for
modification?
a) Overview
b) Activity log
c) Access control
d) Quickstart

31. what do you call the collection of VMs with the same configuration assigned to multiple users in
windows virtual desktop?
a) Pool
b) Host Pools
c) Farm
d) Load Balancing

32. which of the following option included follows the correct steps for the cloud Adoption
Framework?
a) 1. Define Your Strategy.
2. Make a plan.
3. Ready your Organization.
4. Adopt the Cloud.
5. Govern and manage your cloud environments.
b) 1. Ready your Organization.
2. Make a plan.
3. Define Your Strategy.
4. Adopt the Cloud.
5. Govern and manage your cloud environments.
c) 1. Make a plan.
2. Ready your Organization.
3. Define Your Strategy.
4. Adopt the Cloud.
5. Govern and manage your cloud environments.
d) 1. Define Your Strategy.
2. Govern and manage your cloud environments.
3. Make a plan.
4. Ready your Organization.
5. Adopt the Cloud.
33. which of the following azure storage access tier would be helpful in rarely accessing the data and
stored at least for 180 days.
a) Hot access tier
b) Cool access tier
c) Archive access tier
d) All of the above

34. Select the default state of Azure Logic Apps from the following
a) stateless
b) stateful
c) Neutral
d) None of the above

35. which of the following is the cheapest storage in Azure storage access tier?
a) Hot access tier
b) Cool access tier
c) Archive access tier
d) All of the above

36. Select the component that balances the inbound & outbound traffic to an application or service
endpoint?
a) Azure vNet
b) Azure Load Balancer
c) Azure DNS
d) Azure Virtual WAN

37. what is the minimum priority number required or available while defining a security network
group?
a) 10
b) 100
c) 500
d) 4096

38. which of the following azure VM sizes would help you with the fastest and most powerful CPU
virtual machines with optional high-throughput network interfaces?
a) High performance computers
b) Storage optimized
c) Memory optimized
d) compute optimized

39. which of the following “protection against Threats”, under Azure security center would be helpful
in configuring the monitoring of changes to important files on both windows and Linux, registry
settings, applications, and other aspects that might indicate a security attack?
a) File integrity monitoring
b) Adaptive Network hardening
c) Just-in-time VM access
d) Adaptive application controls

40. which of the following is a logical unit of Azure service that links to the account?
a) Azure Subscription
b) Management groups
c) Resource group
d) None of the above
41. which of the following is a valid networking option in Azure virtual networking for hybrid
connectivity?
a) Point to site VPN
b) Site to Site VPN
c) Azure ExpressRoute
d) All of the above

42. Which file format is supported while uploading an RBAC definition to the azure cloud?
a) JSON
b) XML
c) PS1
d) TXT

43. An attacker can bring down your website by sending a large volume of network traffic to your
servers. Which azure service can help your company to protect its app service instance from this kind
of attack?
a) Azure Firewall
b) Network Security Groups
c) Azure DDoS Protection
d) None of the above

44. Which of the following is a valid layer of defense in depth in Azure secure network connectivity?
a) 1. Physical Security.
2. Network.
3. Identity & Access.
4. Perimeter.
5. Compute.
6. Application.
7. Data.
b) 1. Physical Security.
2. Identity & Access.
3. Perimeter.
4. Network.
5. Compute.
6. Application.
7. Data.
c) 1. Physical Security.
2. Network.
3. Compute.
4. Identity & Access.
5. Perimeter.
6. Application.
7. Data.
d) 1. Physical Security.
2. Identity & Access.
3. Application.
4. Data.
5. Perimeter.
6. Network.
7. Compute.
45. In azure storage, which disk is used for storing the operating system within a windows operating
system?
a) Managed Disk
b) Unmanaged Disk
c) OS Disk
d) Data Disk

46. Which of the following Azure app service option would help you in running an .exe program or a
“.ps1” script?
a) API Apps
b) Web Apps
c) Web Jobs
d) Mobile Apps

47. Which of the following databases are supported by Azure Cosmos DB?
a) MongoDB
b) Cassandra
c) Gremlin APIs
d) All of the above

48. Which of the following Azure compute resource can be deployed to manage a set of identical
virtual machines?
a) Virtual Machine availability sets
b) Virtual Machine availability zones
c) Virtual Machine Scale sets
d) All of the above

49. Which of the following is fully managed service that allows data analysis models to be pushed
directly onto IOT devices, which allows them to react quickly to state changes without needing to
consult cloud based AI models?
a) IOT central
b) Azure IOT hub
c) IOT edge
d) All of the above

50. Which of the following option provides applications and data to deploy over various regional
datacenters around the globe for best performance in their region?
a) Agility
b) Reliability
c) Elasticity
d) Geo-distribution

51. Which of the layer in defense of depth limits the communication between resources and deny all
the traffic by default to implement secure connectivity?
a) Perimeter Layer
b) Application Layer
c) Identity and Access Layer
d) Network Layer
52. In Azure, which of the following is not a part of the Azure Media & CDN services?
a) Media Services
b) Azure Logic Apps
c) Media analytics
d) Content Deliver Network

53. Select an invalid statement for the Azure Firewall from the following?
a) Azure firewall is a stateless firewall
b) Azure firewall is a stateful firewall
c) Azure firewall provides a central location to create, enforce, and log application and network
connectivity policies across subscriptions and virtual networks.
d) Azure firewall uses a static (unchanging) public IP address for your virtual network resources, which
enables outside firewalls to identify traffic coming from your virtual network.

54. Which of the following Azure serverless computing executes the “WORKFLOWS”, designed to
automate business scenarios?
a) Azure Functions
b) Azure Logic Apps
c) serverless computing
d) None of the above

55. Which of the following Azure service health event type would be helpful in the problems of
outage, that affects you right now?
a) Service issues
b) Planned maintenance
c) health Advisories
d) All of the above

56. Which of the following is a valid powershell cmdlet to list the public IP address of a windows-
based virtual machine?
a) Get-AzPublicIpAddress -Name VM-Name
b) Get-AzWindowsPublicIpAddress -Name VM-Name
c) Get-AzLinuxPublicIpAddress -Name VM-Name
d) Get-AzIpAddress -Name VM-Name

57. Which of the following is a logical group of hardware that can undergo maintenance or be
rebooted at the same time?
a) Fault domain
b) Update domain
c) VMSS
d) Availability sets

58. Which of the following is the benefits of using Azure Machine Learning?
a) Create a Process that defines how to obtain data, how to handle missing or bad data, how to split
the data into either a training set, and deliver the data to the training process.
b) Train and evaluate predictive models by using tools and programming languages familiar to data
scientists .
c) create pipelines that define where and when to run the compute-intensive experiments that are
required to score the algorithms based on the training and test data.
d) All of the above

59. Which of the following is the valid option for azure virtual networking?
a) Isolated network
b) Hybrid connectivity from on-prem to cloud
c) Route network traffic
d) All of the above

60. Which of the following enables you to filter network traffic to and from Azure resources within an
Azure virtual network?
a) Azure firewall
b) Network security group
c) Access control list
d) None of the above

61. For which of the following, Azure Active directory is more suitable?
a) IT admins
b) App developers
c) Online service subscribers
d) All of the above

62. Which of the following is “not” a fault tolerant configuration option for Highly-Available VPN
support scenario?
a) zone read-only gateways
b) Active-Active VPN gateway
c) Active-standby VPN gateway
d) ExpressRoute failover

63. Select the database that hosts enterprise SQL server apps in the cloud.
a) Azure COSMOS DB
b) Azure SQL Database
c) Azure Database for MYSQL
d) SQL server on Azure Virtual Machines

64. Which of the following is a platform for collecting, analyzing, visualizing, and potentially taking
action based on the metric and logging data from your entire Azure and on-premises environment.
a) Azure Advisor
b) Log Analytics
c) Azure Application Insights
d) Azure Monitor

65. Select the following is a valid command to list the Azure network NSG rules?
a) az network nsg rule list \ --rg test-tg \ --nsg-name my-vmNSG
b) az network nsg rule show \ --resource-group test-tg \ --nsg-name my-vmNSG
c) az network nsg rule list \ --resource-group test-tg \ --nsg-name my-vmNSG
d) az nsg rule list \ --resource-group test-tg \ --nsg-name my-vmNSG
66. Which of the following would allow you to define rules about how the traffic should be directed in
Azure networking?
a) Network Security Group
b) Network Virtual Appliance
c) Access Control List
d) Route Tables

67. Which of the following attack attempts to overwhelm and exhaust an application’s resources,
making the application slow or unresponsive to legitimate users in the Azure cloud environment?
a) Distributed Denial of Service
b) Denial of Service
c) Man in the middle
d) Spoofing

68. Your company wants to create a secure communication tunnel between its branch offices. Which
of the following technologies can’t be used?
a) Point-to-site virtual private network
b) Implicit FTP over SSL
c) Azure ExpressRoute
d) Site-to-site virtual private network

69. A subscripton is a deployment boundary for Azure resources. To which of the following options, a
subscription is associated with?
a) Azure Resource group
b) Azure Active Directory
c) Windows Active Directory
d) Management Group

70. Which of the following Azure subscription could be helpful you to pay only for what you have
used?
a) Free Trail
b) Pay-as-you-go
c) Member offers
d) Enterprise Agreement

71. Which of the layer in defense of depth is responsible for controls access to infrastructure and
change control?
a) Perimeter Layer
b) Application Layer
c) Identity and Access Layer
d) Network Layer

72. Which of the following azure devops service is a repository for hosting artifacts, such as compiled
source code, which can be fed into testing or deployment pipeline steps?
a) Azure Repos
b) Azure Boards
c) Azure Pipelines
d) Azure Artifacts
73. Select the false statement about cloud computing from the following?
a) IAAS, PAAS, SAAS are cloud service models
b) Resources in cloud are limited to a specific geo-location
c) Cloud computing decreases the cost
d) All of the above

74. Select the Azure service that migrates databases to the cloud with no application code changes.
a) Azure Database for PostgreSQL
b) Azure Database Migration Service
c) Azure Synapse Analytics
d) Azure Cache for Redis

75. What is the powershell cmdlet to list/get the Azure location for the VM?
a) Get-AzLocation
b) Get-Location
c) List-AzLocation
d) None of the above

76. Which of the following option physically separates the datacenters within Azure region?
a) Fault Domain
b) Region Pair
c) Availability zones
d) Availability Sets

77. Which of the following Azure app service helps you in sending push notifications and also
authenticate customer against common social providers like Google, Twitter and Facebook?
a) API Apps
b) Web Apps
c) Web Jobs
d) Mobile Apps

78. Which of the following choices would not be used to automate a CI/CD process?
a) Azure pipelines
b) Github actions
c) Azure Boards
d) None of the above

79. What is the maximum number of routes advertised to Azure private peering with ExpressRoute
Standard.
a) 1000
b) 4000
c) 16000
d) No limit

80. Which of the following Azure service health event type would be helpful for you to act to avoid
service interruption, including service retirements and breaking changes?
a) Service issues
b) Planned maintenance
c) health Advisories
d) All of the above