Microsoft Azure Fundamentals

Practice Exam 7

Click on the Answer button for the correct answer and its explanation.

If this practice exam has been helpful to you please share it with others.

  1. You can associate a Network Security Group (NSG) to a network interface.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  2. After you create a virtual machine, you need to modify to allow connections to TCP port 8080 on the virtual machine.
    • A. Network Security Group (NSG).
    • B. Virtual network gateway.
    • C. Virtual network.
    • D. Eoute table.
    Answer

    Correct Answer: Network Security Group (NSG).

  3. You can create custom Azure roles to control access to resources.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  4. A user account can be assigned to multiple Azure roles.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  5. A resource group can have the Owner role assigned to multiple users.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  6. You need to collect and automatically analyze security events from Azure Active Directory (Azure AD). What should you use?
    • A. Azure Sentinel.
    • B. Azure Synapse Analytics.
    • C. Azure AD Connect.
    • D. Azure Key Vault.
    Answer

    Correct Answer: Azure Sentinel.

  7. From […] you can view which user turned off a specific virtual machine during the last 14 days.
    • A. Azure Access Control IAM.
    • B. Azure Event Hubs.
    • C. Azure Activity Log.
    • D. Azure Service Health.
    Answer

    Correct Answer: Azure Activity Log.

  8. Which Azure service can you use as a security information and event management (SIEM) solution?
    • A. Azure Analysis Services.
    • B. Azure Sentinel.
    • C. Azure Information Protection.
    • D. Azure Cognitive Services.
    Answer

    Correct Answer: Azure Sentinel.

  9. Your company implements [Azure policies] to automatically add a watermark to Microsoft Word documents that contain credit card information.
    • A. No change is needed.
    • B. DDoS protection.
    • C. Azure Information Protection.
    • D. Azure Active Directory (Azure AD) Identity Protection.
    Answer

    Correct Answer: Azure Information Protection.

  10. You have an Azure virtual network named VNET1 in a resource group named RG1. You assign the Azure Policy definition of Not Allowed Resource Type and specify that virtual networks are not an allowed resource type in RG1. VNET1 […].
    • A. Is deleted automatically.
    • B. Is moved automatically to another resource group.
    • C. Continues to function normally.
    • D. Is now a read-only object.
    Answer

    Correct Answer: Continues to function normally.

  11. You can create Group Polices in Azure Active Directory (Azure AD).
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  12. You can join Windows 10 devices to Azure Active Directory (Azure AD).
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  13. You can join Android devices to Azure Active Directory (Azure AD).
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  14. The […] explains what data Microsoft processes, how Microsoft processes the data, and the purpose of processing the data.
    • A. The Microsoft Online Services Privacy Statement.
    • B. Microsoft Online Services Terms.
    • C. Microsoft Online Service Level Agreement.
    • D. Online Subscription Agreement for Microsoft Azure.
    Answer

    Correct Answer: The Microsoft Online Services Privacy Statement.

  15. An Azure Policy initiative definition is a […].
    • A. Collection of policy definitions.
    • B. Collection of Azure Policy definition assignments.
    • C. Group of Azure Blueprints definitions.
    • D. Group of role-based access control (RBAC) role assignments.
    Answer

    Correct Answer: Collection of policy definitions.

  16. […] provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.
    • A. Resource groups.
    • B. Management groups.
    • C. Azure policies.
    • D. Azure App Service plans.
    Answer

    Correct Answer: Azure policies.

  17. General Data Protection Regulation (GDPR) defines data protection and privacy rules.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  18. General Data Protection Regulation (GDPR) applies to companies that offer goods or services to individuals in the EU.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  19. Azure can be used to build a General Data Protection Regulation (GDPR)-compliant infrastructure.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  20. You can add an Azure Resource Manager template to an Azure blueprint.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  21. You can assign an Azure blueprint to a resource group.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  22. You can use Azure Blueprints to grant permissions to a resource.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  23. Azure China is operated by Microsoft.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  24. Azure Government is operated by Microsoft.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  25. Azure Government is available only to US government agencies and their partners.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  26. An Azure resource can have multiple Delete locks.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  27. An Azure resource inherits locks from its resource group.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  28. If an Azure resource has a Read-only lock, you can add a Delete lock to the resource.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  29. Authorization to access Azure resources can be provided only to Azure Active Directory (Azure AD) users.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  30. Identities stored in Azure Active Directory (Azure AD), third-party cloud services, and on-premises Active Directory can be used to access Azure resources.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  31. Azure has built-in authentication and authorization services that provide secure access to Azure resources.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  32. Identities stored in an on-premises Active Directory can be synchronized to Azure Active Directory (Azure AD).
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  33. You can view your company regulatory compliance report from […].
    • A. Azure Advisor.
    • B. Azure Analysis Services.
    • C. Azure Monitor.
    • D. Azure Security Center.
    Answer

    Correct Answer: Azure Security Center.

  34. Your company has an Azure subscription that contains resources in several regions. You need to ensure that administrators can only create resources in those regions. What should you use?
    • A. A read-only lock.
    • B. An Azure policy.
    • C. A management group.
    • D. A reservation.
    Answer

    Correct Answer: An Azure policy.

  35. Azure Active Directory (Azure AD) requires the implementation of domain controllers on Azure virtual machines.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  36. Azure Active Directory (Azure AD) provides authentication services for resources hosted in Azure and Microsoft 365.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  37. Each user account in Azure Active Directory (Azure AD) can be assigned only one license.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  38. To implement an Azure Multi-Factor Authentication (MFA) solution, you must sync on-premises identities to the cloud.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  39. Two valid methods for Azure Multi-Factor Authentication (MFA) are picture identification and a passport number.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  40. You can configure the Azure Active Directory (Azure AD) activity logs to appear in Azure Monitor.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  41. From Azure Monitor, you can monitor resources across multiple Azure subscriptions.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  42. From Azure Monitor, you can create alerts.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

  43. You create a resource group named RG1 in Azure Resource Manager. You need to prevent the accidental deletion of the resources in RG1. Which setting should you use?
    • A. Quickstart.
    • B. Resource costs.
    • C. Deployments.
    • D. Policies.
    • E. Properties.
    • F. Locks.
    • G. Automation script.
    Answer

    Correct Answer: Locks.

  44. You have a resource group named RG1. You need to prevent the creation of virtual machines only in RG1. The solution must ensure that other objects can be created in RG1. What should you use?
    • A. A lock.
    • B. An Azure role.
    • C. A tag.
    • D. An Azure policy.
    Answer

    Correct Answer: An Azure policy.

  45. You have an Azure subscription and 100 Windows 10 devices. You need to ensure that only users whose devices have the latest security patches installed can access Azure Active Directory (Azure AD)-integrated applications. What should you implement?
    • A. A conditional access policy.
    • B. Azure Bastion.
    • C. Azure Firewall.
    • D. Azure Policy.
    Answer

    Correct Answer: A conditional access policy.

  46. […] enables users to authenticate to multiple applications by using single sign-on (SSO).
    • A. Application security groups in Azure Azure.
    • B. Active Directory (Azure AD).
    • C. Azure Key Vault.
    • D. Azure Security Center.
    Answer

    Correct Answer: Active Directory (Azure AD).

  47. You deploy an Azure resource. The resource becomes unavailable for an extended period due to a service outage. Microsoft will […].
    • A. Refund your bank account.
    • B. Migrate the resource to another subscription.
    • C. Credit your Azure account.
    • D. Send you a coupon code that you can redeem for Azure credits.
    Answer

    Correct Answer: Credit your Azure account.

  48. Which task can you perform by using Azure Advisor?
    • A. Integrate Active Directory and Azure Active Directory (Azure AD).
    • B. Estimate the costs of an Azure solution.
    • C. Confirm that Azure subscription security follows best practices.
    • D. Evaluate which on-premises resources can be migrated to Azure.
    Answer

    Correct Answer: Estimate the costs of an Azure solution.

  49. If your company uses an Azure free account, you will only be able to use a subset of Azure services.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: No.

  50. All Azure free accounts expire after a specific period.
    • A. Yes.
    • B. No.
    Answer

    Correct Answer: Yes.

Please feel free to contact us if any information is inaccurate or if any answers need correction.

Exam List