Photo by Aleks Dorohovich on Unsplash
Developing Solutions for Microsoft Azure - Knowledge Check - Part1
Based on the article series starting from IaaS - Developing Solutions for Microsoft Azure - Part 1.1 onwards, we will do a knowledge check by going through the below questions.
1. Which Azure App Service Plan pricing tier is available only to the function apps?
a. Shared compute
b. Dedicated compute
c. Isolated
d. Consumption
2. You deploy an Azure App Service Web App for testing and troubleshooting. A company policy requires you to give necessary permissions to the Developer group to publish code to the web app. You would like to configure the members of this group by giving them appropriate Role-Based Access Control (RBAC) role at the right scope of access. Which PowerShell cmdlet should you use to grant access?
a. Set-AZRoleDefinition
b. New-AzRoleDefinition
c. New-AzRoleAssignment
d. New-AzTag
3. You would like to retrieve the metadata headers on a blob. What would be a correct URI syntax?
a. GET/HEAD myaccount.blob.core.windows.net/mycontainer..
b. GET/HEAD myaccount.blob.core.windows.net/mycontainer..
c. PUT myaccount.blob.core.windows.net/mycontainer..
d. PUT myaccount.blob.core.windows.net/mycontainer..
4. Selecting your partition key is a simple but important design choice in Azure Cosmos DB. What is not true of a partition key?
a. Partition Key path and Partition Key Count are two components of a partition key
b. A partition key should have a high cardinality
c. A partition key should be a value which does not change
d. Once you select your partition key, it is not possible to change it in-place
5. Below are a few characteristics of a user-assigned managed identity. Which one of them is incorrect?
a. Created as a stand-alone Azure resource
b. It can only be associated with a single Azure resource
c. Independent life-cycle. Must be explicitly deleted
d. Workloads that run on multiple resources and which can share a single identity.
Answers
1-d Function apps uses the Consumption pricing tier
2-c You use the cmdlet New-AzRoleAssignment
3-b GET/HEAD myaccount.blob.core.windows.net/mycontainermyblob?comp=metadata
4-a The statement that - Partition Key path and Partition Key Count are two components of a partition key - is false. The correct statement is Partition Key path and Partition Key value are two components of a partition key.
5-b A user-assigned managed identity can be associated with multiple Azure resources, so option (b) is incorrect.
6. To access Azure resources by using service principals, you need two parameters. What are those?
a. Authentication Key, Directory ID
b. Object ID, Client ID
c. Directory ID, Application ID
d. All the above
e. None of the above
7. Application Insights is aimed at the development team, to help you understand how your app is performing and how it's being used. It monitors the following:
- Request rates, response times, and failure rates
- Host diagnostics
- Exceptions
- Custom events and metrics
Is this true or false?
a. True
b. False
8. The Azure Command-Line Interface (Azure CLI) provides one of the most flexible methods to manage Azure content Delivery Network (CDN) profiles and endpoints. An admin creates a new CDN profile by using the following command group:
az cdn profile create --name DemoProfile --resource-group ExampleGroup
What is the default setting of the CDN profile that gets created?
a. Custom_Verizon
b. Standard_Akamai
c. Premium_Akamai
d. Standard_Verizon
9. _______ supports dead-lettering for events that aren't delivered to an endpoint and has the following characteristics
- dynamically scalable
- low cost
- serverless
- at least once delivery
Which Azure messaging service is this?
a. Service Bus
b. Event Hub
c. Event Grid
d. Azure function App
10. You are a developer and have the following requirements:
- Your application must store over 80 GB of messages in a queue
- Your application wants to track progress for processing a message inside of the queue
- You require server-side logs of all transactions executed against your queues.
Which message queuing service should you consider?
a. Storage Queue
b. Service bus Queue
c. Event Queue
d. Naming Queue
Answers
6-c Directory ID, Application ID
7-a True
8-b Standard_Akamai
9-c Event Grid
10-a Storage Queue
11. Which of the following Azure virtual machine types is most appropriate for testing and development?
a. Compute optimized
b. General Purpose
c. Storage optimized
12. Which of the below represents a logical grouping of VMs that allows Azure to understand how your application is built to provide for redundancy and availability?
a. Load balancer
b. Availability zone
c. Availability set
13. What purpose does the outputs section of an Azure Resource Manager template serve?
a. Specify the resources to deploy.
b. Return values from the deployed resources
c. Define values that are reused in your templates.
14. Which Azure Resource Manager template deployment mode deletes resources in a resource group that aren't specified in the template?
a. Incremental
b. Complete
c. Both incremental and complete delete resources
15. Which of the following Azure Container Registry options support geo-replication to manage a single registry across multiple regions?
a. Basic
b. Standard
c. Premium
Answers
11-b General Purpose VM has a balanced CPU-to-memory ratio, and is ideal for testing and development.
12-c An availability set is a logical grouping of VMs Reason.
13-b The "outputs" section returns values from the resource(s) that were deployed.
14-b Complete mode will delete resources not specified in an Azure Resource Manager template deployment.
15-c The premium tier adds geo-replication as a feature.
16. Which of the methods below is recommended when deploying a multi-container group that includes only containers?
a. Azure Resource Management template
b. YAML file
c. az container creates command
17. Which of the following App Service plans supports only function apps?
a. Dedicated
b. Isolated
c. Consumption
18. Which of the following networking features of App Service can be used to control outbound network traffic?
a. App-assigned address
b. Hybrid Connections
c. Service endpoints
19. In which of the following app configuration settings categories would you set the language and SDK version?
a. Application settings
b. Path mappings
c. General settings
20. Which of the following types of application logging is supported on the Linux platform?
a. Web server logging
b. Failed request tracing
c. Deployment logging
Answers
16-b Due to the YAML format's more concise nature, a YAML file is recommended when your deployment includes only container instances.
17-c The consumption tier is only available to function apps. It scales the functions dynamically depending on workload
18-b Hybrid Connections are an outbound network feature.
19-c Gemeral settings are used to configure stack, platform, debugging, and incoming client certificate settings.
20-c Deployment logging is supported on the Linux platform.
21. Which of the following choices correctly lists the two parts of a feature flag?
a. Name, App Settings
b. Name, one or more filters
c. Feature manager, one or more filters
22. Which of these statements best describes autoscaling?
a. Autoscaling requires an administrator to actively monitor the workload on a system.
b. Autoscaling is a scale out/scale in solution.
c. Scaling up/scale down provides better availability than autoscaling.
23. Which of these scenarios is a suitable candidate for autoscaling?
a. The number of users requiring access to an application varies according to a regular schedule. For example, more users use the system on a Friday than other days of the week.
b. The system is subject to a sudden influx of requests that grinds your system to a halt.
c. Your organization is running a promotion and expects to see increased traffic to their web site for the next couple of weeks.
24. By default, all client requests to the app's production URL (http://<app_name>.azurewebsites.net) are routed to the production slot. One can automatically route a portion of the traffic to another slot. What is the default routing rule applied to new deployment slots?
a. 0%
b. 10%
c. 20%
25. Some configuration elements follow the content across a swap (not slot specific), whereas other configuration elements stay in the same slot after a swap (slot specific). Which of the following settings are swapped?
a. Publishing endpoints
b. WebJobs content
c. WebJobs schedulers
Answers
21-b Each feature flag has two parts: a name and a list of one or more filters that are used to evaluate if a feature's state is on.
22-b The system can scale out when specified resource metrics indicate increasing usage, and scale in when these metrics drop.
23-a Changes in application load that are predictable are good candidates for autoscaling.
24-a By default, new slots are given a routing rule of 0%.
25-b WebJobs content is swapped.
26. Which of the following Azure Functions hosting plans is best when predictive scaling and costs are required?
a. Functions Premium Plan
b. Dedicated plan
c. Consumption plan
27. An organization wants to implement a serverless workflow to solve a business problem. One of the requirements is the solution needs to use a designer-first (declarative) development model. Which of the choices below meets the requirements?
a. Azure Functions
b. Azure Logic Apps
c. WebJobs
28. Which of the following is required for a function to run?
a. Binding
b. Trigger
c. Both triggers and bindings
29. Which of the following supports both the in and out direction settings?
a. Bindings
b. Trigger
c. Connection value
30. Which of the following durable function types would you use to read and update small pieces of state?
a. Orchestrator
b. Activity
c. Entity
Answers
26-b Dedicated plans run in App service which supports setting autoscaling rules based on predictive usage.
27-b Azure Logic Apps enables serverless workloads and uses a designer-first (declarative) development model.
28-c A trigger defines how a function is invoked and a function must have exactly one trigger.
29-a Input and output bindings use in and out.
30-c Entity functions define operations for reading and updating small pieces of state.
31. Which application pattern would you use for a durable function that is polling a resource until it meets a specific condition?
a. Function chaining
b. Fan out/fan in
c. Monitor
32. When setting up Azure Cosmos DB there are three account type options. Which of the account type options below is used to specify the number of RUs for an application on a per-second basis?
a. Provisioned throughput
b. Serverless
c. Autoscale
33 Which of the following consistency levels below offers the greatest throughput?a. Strong
b. Session
c. Eventual
**34. Which of the options below best describes the relationship between logical and physical partitions?
**a. Logical partitions are collections of physical partitions.
b. Physical partitions are collections of logical partitions
c. There's no relationship between physical and logical partitions.
**35. Which of the below correctly lists the two components of a partition key?
**a. Key path, synthetic key
b. Key path, key value
c. Key value, item ID
Answers
31-c The monitor pattern refers to a flexible, recurring process in a workflow. An example is polling until specific conditions are met.
32-a Provisioned throughput - In this mode, you provision the number of RUs for your application on a per-second basis in increments of 100 RUs per second.
33-c The eventual consistency level offers the greatest throughput at the cost of weaker consistency.
34-b One or more logical partitions are mapped to a single physical partition.
35-b A partition key has two components: partition key path and the partition key value.
36. When defining a stored procedure in the Azure portal input parameters are always sent as what type to the stored procedure?
a. String
b. Integer
c. Boolean
37. Which of the following would one use to validate properties of an item being created?
a. Pre-trigger
b. Post-trigger
c. User-defined function
38. Which of the following types of blobs are used to store virtual hard drive files?
a. Block blobs
b. Append blobs
c. Page blobs
39. Which of the following types of storage accounts is recommended for most scenarios using Azure Storage?
a. General-purpose v2
b. General-purpose v1
c. FileStorage
**40 Which access tier is considered to be offline and can't be read or modified?
**a. Cool
b. Archive
c. Hot
Answers
36-a When defining a stored procedure in Azure portal, input parameters are always sent as a string to the stored procedure.
37-a Pre-triggers can be used to conform data before it's added to the container.
38-c Page blobs store random access files up to 8 TB in size, and are used to store virtual hard drive (VHD) files and serve as disks for Azure virtual machines.
39-a General-purpose v2 - This supports blobs, files, queues, and tables. It's recommended for most scenarios using Azure Storage.
40-b Blobs in the archive tier must be rehydrated to either the hot or cool tier before it can be read or modified.
41. Which of the following storage account types supports lifecycle policies?
a. General Purpose v1
b. General Purpose v2
c. FileStorage
42. Which of the following standard HTTP headers are supported for both containers and blobs when setting properties by using REST?
a. Last-Modified
b. Content-Length
c. Origin
43. Which of the following classes of the Azure Storage client library for .NET allows you to manipulate both Azure Storage containers and their blobs?
a. BlobClient
b. BlobContainerClient
c. BlobUriBuilder
44. Which of the types of permissions supported by the Microsoft identity platform is used by apps that have a signed-in user present?
a. Delegated permissions
b. App-only access permissions
c. Both delegated and app-only access permissions
45. Which of the following app scenarios require code to handle Conditional Access challenges?
a. Apps performing the device-code flow
b. Apps performing the on-behalf-of flow
c. Apps performing the Integrated Windows authentication flow
Answers
41-b Azure Blob storage lifecycle management offers a rich, rule-based policy for General Purpose v2 and Blob storage accounts.
42-a Last-Modified is supported on both containers and blobs.
43-b The BlobContainerClient can be used to manipulate both containers and blobs.
44-a Delegated permissions are used by apps that have a signed-in user present. The app is delegated with the permission to act as a signed-in user when it makes calls to the target resource.
45-b Apps performing the on-behalf-of flow require code to handle Conditional Access challenges.
46. Which of the following MSAL libraries supports single-page web apps?
a. MSAL Node
b. MSAL.js
c. MSAL.NET
47. Which of the following types of shared access signatures (SAS) applies to Blob storage only?
a. Account SAS
b. Service SAS
c. User delegation SAS
48. Which of the following best practices provides the most flexible and secure way to use a service or account shared access signature (SAS)?
a. Associate SAS tokens with a stored access policy.
b. Always use HTTPS
c. Implement a user delegation SAS
49. Which HTTP method below is used to update a resource with new values?
a. POST
b. PATCH
c. PUT
50. Which of the components of the Microsoft 365 platform is used to deliver data external to Azure into Microsoft Graph services and applications?
a. Microsoft Graph API
b. Microsoft Graph connectors
c. Microsoft Graph Data Connect
Answers
46-b MSAL.js supports single-page applications.
47-c A user delegation SAS is secured with Azure Active Directory credentials and also by the permissions specified for the SAS. A user delegation SAS applies to Blob storage only.
48-a The most flexible and secure way to use a service or account SAS is to associate the SAS tokens with a stored access policy.
49-b The PATCH method does update a resource with a new value.
50-b Microsoft Graph connectors work in the incoming direction. Connectors exist for many commonly used data sources such as Box, Google Drive, Jira, and Salesforce.
51. Which of the below methods of authenticating to Azure Key Vault is recommended for most scenarios?
a. Service principal and certificate
b. Service principal and secret
c. Managed identities
52. Azure Key Vault protects data when it is traveling between Azure Key Vault and clients. What protocol does it use for encryption?
a. Secure Sockets Layer
b. Transport Layer Security
c. Presentation Layer
53. Which of the following characteristics is indicative of user-assigned identities?
a. Shared lifecycle with an Azure resource
b. Independent life-cycle
c. Can only be associated with a single Azure resource
54. A client app requests managed identities for an access token for a given resource. Which of the below is the basis for the token?
a. Oauth 2.0
b. Service principal
c. Virtual machine
55. Which type of encryption does Azure App Configuration use to encrypt data at rest?
a. 64-bit AES
b. 128-bit AES
c. 256-bit AES
Answers
51-c The benefit of this approach is that Azure automatically rotates the identity.
52-b Azure Key Vault enforces Transport Layer Security protocol to protect data when it’s traveling between Azure Key Vault and clients.
53-b User-assigned identities exist independently from the resources they're associated with and must be explicitly deleted.
54-b The token is based on the managed identities for Azure resources service principal.
55-c Azure App Configuration encrypts sensitive information at rest using a 256-bit AES encryption key provided by Microsoft.
56. Which of the following options evaluates the state of a feature flag?
a. Feature flag
b. Feature manager
c. Filter
57. Which of the Azure Cache for Redis service tiers is the lowest tier recommended for use in production scenarios?
a. Basic
b. Standard
c. Premium
58. Caching is important because it allows us to store commonly used values in memory. However, we also need a way to expire values when they're stale. In Redis this is done by applying a time to live (TTL) to a key. Which value represents the expire time resolution?
a. 1 millisecond
b. 10 milliseconds
c. seconds or milliseconds
59. Each Azure subscription has default limits on resources needed for an Azure Content Delivery Network. Which of the following resources has subscription limitations that may impact your solution?
a. Resource group
b. CDN profiles
c. Storage account
60. When publishing a website through Azure CDN, the files on that site are cached until their time-to-live (TTL) expires. What is the default TTL for large file optimizations?
a. One day
b. One week
c. One year
Answers
56-c A filter is a rule for evaluating the state of a feature flag. A user group, a device or browser type, a geographic location, and a time window are all examples of what a filter can represent.
57-b The standard tier is the lowest tier that offers replication,which is always recommended for production scenarios.
58-a The expire time resolution is always 1 millisecond.
59-b The number of CDN profiles that can be created is limited by the type of Azure subscription.
60-a The default TTL for large file optimizations is one day.
**61. Which of the following availability tests is recommended for authentication tests?
**a. URL ping
b. Standard
c. Custom TrackAvailability
62. Which of the following metric collection types below provides near real-time querying and alerting on dimensions of metrics, and more responsive dashboards?
a. Log-based
b. Pre-aggregated
c. Azure Service Bus
63. Which of the following components of the API Management service would a developer use if they need to create an account and subscribe to get API keys?
a. API gateway
b. Azure portal
c. Developer portal
64. Which of the following API Management policies would one use if one wants to apply a policy based on a condition?
a. forward-request
b. choose
c. return-response
65 Which of the following event schema properties requires a value?
a. Topic
b. Data
c. Subject
Answers
61-b TrackAvailability test is the long term supported solution for multi request or authentication test scenarios.
62-b Pre-aggregated metrics are stored as a time series and only with key dimensions, which enable near real-time alerting on dimensions of metrics, more responsive dashboards.
63-c The Developer portal serves as the main web presence for developers, and is where they can subscribe to get API keys.
64-b The choose policy applies enclosed policy statements based on the outcome of evaluation of boolean expressions.
65-c The subject property specifies the publisher-defined path to the event subject and is required.
66. Which of the following Event Grid built-in roles is appropriate for managing Event Grid resources?
a. Event Grid Contributor
b. Event Grid Subscription Contributor
c. Event Grid Data Sender
67. Which of the following Event Hubs concepts represents an ordered sequence of events that is held in an Event Hub?
a. Consumer group
b. Partition
c. Event Hub producer
68. Which of the following represents when an event processor marks or commits the position of the last successfully processed event within a partition?
a. Checkpointing
b. Scale
c. Load balance
69. Which of the following advanced features of Azure Service Bus creates a first-in, first-out (FIFO) guarantee?
a. Transactions
b. Scheduled delivery
c. Message sessions
70. In Azure Service Bus messages are durably stored which enables a load-leveling benefit. Which of the following correctly describes the load-leveling benefit relative to a consuming application's performance?
a. Performance needs to handle peak load
b. Performance needs to handle average load
c. Performance needs to handle low loads
Answers
66-a The Event Grid Contributor role has permissions to manage resources.
67-b A partition is an ordered sequence of events that is held in an Event Hub.
68-a Checkpointing is a process by which an event processor marks or commits the position of the last successfully processed event within a partition.
69-c To create a first-in, first-out (FIFO) guarantee in Service Bus, use sessions. Message sessions enable joint and ordered handling of unbounded sequences of related messages.
70-b Intermediating message producers and consumers with a queue means that the consuming application only has to be able to handle average load instead of peak load.
Next up: Developing Solutions for Microsoft Azure - Knowledge Check - Part2