Microsoft Azure Bonus Content
30 questions on Microsoft Azure.
Question 1: What is an Azure Virtual Machine Scale Set (VMSS)?
- A. A tool to measure virtual machine disk write speed.
- B. A group of load-balanced, identical VMs that dynamically scale in or out based on resource demand or scheduling. β (correct answer)
- C. An Azure portal page listing cloud costs.
- D. A server cluster used exclusively for active directory.
Explanation: Scale sets simplify deployment of large-scale virtual machines, automating horizontal scaling policies.
Question 2: In Azure Blob Storage, what is the main difference between Hot, Cool, and Archive access tiers?
- A. Hot is for databases, Cool is for templates, Archive is for logs.
- B. Hot has the lowest access costs but highest storage costs, while Archive has the lowest storage costs but highest access costs and recovery times. β (correct answer)
- C. Archive tier blobs can be read within 5 milliseconds.
- D. Cool tier storage is encrypted, while Hot tier is not.
Explanation: Tiers map usage profiles. Archive is cheap for cold storage, but fetching data requires rehydration which takes hours.
Question 3: What are Azure Resource Manager (ARM) templates primarily used for?
- A. Documenting server configuration spreadsheets.
- B. Managing user authorization credentials in Entra ID.
- C. Provisioning cloud infrastructure declaratively as code using JSON files. β (correct answer)
- D. Speeding up network routing across regions.
Explanation: ARM templates are Infrastructure as Code (IaC) documents, letting teams build, version, and deploy Azure environments consistently.
Question 4: How does Microsoft Entra ID (formerly Azure AD) Conditional Access protect corporate resources?
- A. By routing database queries to the nearest geographic location.
- B. By evaluating signals (user, location, device health) to enforce access policies (e.g. requiring MFA or compliant devices) before granting entry. β (correct answer)
- C. By encrypting email payloads automatically.
- D. By blocking all external HTTP traffic to VMs.
Explanation: Conditional access uses if-then statements to enforce contextual security checks, verifying credentials before access.
Question 5: In Azure App Services, what is the primary benefit of using Deployment Slots?
- A. They increase VM storage space by 100%.
- B. They allow staging applications to run in isolated slots, enabling risk-free zero-downtime swaps to production. β (correct answer)
- C. They compile CSS assets automatically.
- D. They load balance databases across resource groups.
Explanation: Deployment slots let you test changes in a staging slot, swapping it with production instantly to avoid user interruption.
Question 6: What is Azure Virtual Machines?
- A. A serverless database service.
- B. Azure's Infrastructure as a Service (IaaS) providing scalable virtual computing resources on demand. β (correct answer)
- C. An image processing framework.
- D. A server container manager.
Explanation: Azure VMs offer virtualized compute instances, giving developers full OS control.
Question 7: Which Azure storage option is best suited for hosting shared files that can be mounted as SMB network drives?
- A. Blob Storage
- B. Azure Files β (correct answer)
- C. Disk Storage
- D. Archive Storage
Explanation: Azure Files provides fully managed file shares accessible via SMB and NFS.
Question 8: What is the function of Azure VNet Peering?
- A. Sharing user accounts.
- B. Connecting two Azure Virtual Networks (VNets) seamlessly, allowing private traffic routing between them. β (correct answer)
- C. Scaling databases automatically.
- D. Resolving DNS queries.
Explanation: Peering connects VNets over Microsoft's backbone network, keeping traffic private.
Question 9: What is Microsoft Entra ID (formerly Azure Active Directory)?
- A. A local file browser.
- B. Microsoft's cloud-based identity and access management service. β (correct answer)
- C. An SQL database wrapper.
- D. A server firewall dashboard.
Explanation: Entra ID manages user logins, SSO, and roles across cloud systems.
Question 10: What does an Azure Resource Group do?
- A. Groups databases for replication.
- B. A logical container that groups related Azure resources (VMs, databases, VNets) for unified management and billing. β (correct answer)
- C. Caches static website files.
- D. Compiles source code.
Explanation: Resource Groups organize deployments, making it easy to create and delete environments.
Question 11: What is the difference between Azure Policy and Azure RBAC (Role-Based Access Control)?
- A. Policy is for files, RBAC is for networks.
- B. Policy enforces resource compliance and configurations (what can be created), while RBAC controls user permissions (who can access). β (correct answer)
- C. Policy is deprecated.
- D. RBAC does not support custom roles.
Explanation: RBAC handles authorization boundaries. Policy audit environments for compliance rules.
Question 12: Which service hosts serverless Python or C# code executed by network triggers?
- A. Azure App Service
- B. Azure Functions β (correct answer)
- C. Azure Virtual Machines
- D. Azure Cosmos DB
Explanation: Azure Functions is a serverless FaaS offering, scaling compute on trigger events.
Question 13: What is Azure Cosmos DB?
- A. A relational SQL database only.
- B. A fully managed, globally distributed NoSQL database service supporting multiple API models (Document, Key-Value, Graph). β (correct answer)
- C. An in-memory caching system.
- D. An analytical data warehouse.
Explanation: Cosmos DB offers single-digit millisecond latencies globally with guaranteed SLA metrics.
Question 14: What is the purpose of Azure Key Vault?
- A. Storing backup image files.
- B. Securing and centralizing the storage of secrets, encryption keys, and TLS/SSL certificates. β (correct answer)
- C. Managing VM scale policies.
- D. Hosting database tables.
Explanation: Key Vault prevents key exposure by separating credentials from application codes.
Question 15: What does the 'Azure Portal' represent?
- A. The command-line client.
- B. The web-based console interface for creating and managing all Azure resources. β (correct answer)
- C. A local network driver.
- D. An API schema inspector.
Explanation: The portal provides dashboard controls for all cloud management operations.
Question 16: What is Azure DevOps?
- A. A developer compiler tool.
- B. A suite of services providing boards, pipelines, repositories, and test plans to automate application lifecycles. β (correct answer)
- C. A database migration engine.
- D. A server backup scheduler.
Explanation: Azure DevOps supports CI/CD pipelines, mapping deployments to target slots.
Question 17: How do Azure ExpressRoute connections differ from standard VPNs?
- A. ExpressRoute is slower and runs over dialup.
- B. ExpressRoute establishes private, dedicated physical connections to Azure, bypassing the public internet entirely. β (correct answer)
- C. ExpressRoute is software-only.
- D. ExpressRoute does not support encryption.
Explanation: ExpressRoute provides stable, low-latency links for hybrid corporate networks.
Question 18: Which tool is the Azure command-line interface?
- A. az CLI β (correct answer)
- B. gcloud
- C. aws-cli
- D. kubectl
Explanation: The Azure CLI (az) manages cloud resources directly from terminal consoles.
Question 19: What is the function of Azure Load Balancer?
- A. Balancing CPU clock speeds.
- B. Distributing incoming network traffic across backend virtual machine instances. β (correct answer)
- C. Caching static site assets.
- D. Splitting database tables.
Explanation: Load Balancer ensures high availability, routing traffic to healthy VM instances.
Question 20: What is the benefit of Azure Availability Zones?
- A. Lower billing tariffs.
- B. Redundant, physically separate data center locations within a region, protecting applications from local zone failures. β (correct answer)
- C. In-memory caching.
- D. Automated SQL queries.
Explanation: Availability Zones provide local redundancy, ensuring business continuity during power/network cuts.
Question 21: What is Azure SQL Database?
- A. A NoSQL key-value store.
- B. A fully managed relational database service based on the Microsoft SQL Server engine. β (correct answer)
- C. A memory cache database.
- D. An analytical warehouse.
Explanation: Azure SQL is a PaaS database offering, handling patching and backups automatically.
Question 22: What does Azure Monitor do?
- A. Displays billing reports only.
- B. Collects, analyzes, and acts on telemetry data from cloud and on-premises environments. β (correct answer)
- C. Controls firewall rules.
- D. Compiles script codes.
Explanation: Monitor tracks metrics and logs, alerting teams when CPU/RAM thresholds breach.
Question 23: What is the purpose of Azure Advisor?
- A. An email newsletter for developers.
- B. A personalized recommendation engine that analyzes Azure configurations to optimize cost, security, reliability, and performance. β (correct answer)
- C. An automated coding script.
- D. A directory manager.
Explanation: Advisor scans settings, presenting checklists to improve cloud environments.
Question 24: Which service is a PaaS framework for hosting web applications without managing VMs?
- A. Azure Virtual Machines
- B. Azure App Service β (correct answer)
- C. Azure Cosmos DB
- D. Azure Functions
Explanation: App Service hosts web apps and APIs, managing scaling and IIS/Linux environments.
Question 25: What is the function of Azure Bastion?
- A. Compressing data backups.
- B. A service providing secure, seamless RDP/SSH access to VMs directly through the Azure Portal over SSL, eliminating public IP exposures. β (correct answer)
- C. Inbound load balancing.
- D. Cache synchronization.
Explanation: Bastion acts as a secure jump-box, protecting VMs from public network exposures.
Question 26: What does Azure Front Door do?
- A. It provides virtual GPU power.
- B. A global, scalable entry-point that combines CDN, global load balancing, and web application firewall (WAF) services. β (correct answer)
- C. An encryption key vault.
- D. A server network switch.
Explanation: Front Door routes traffic to optimal regions, securing endpoints at global edges.
Question 27: What is an 'Azure Subscription'?
- A. A developer training course.
- B. An agreement with Microsoft that associates Azure resources with a billing account. β (correct answer)
- C. A database table schema.
- D. A local folder path.
Explanation: All resources must exist within a Subscription, which acts as a billing boundary.
Question 28: What does Azure Traffic Manager do?
- A. Compiles styles.
- B. A DNS-based traffic load balancer that routes incoming requests to endpoints across different global Azure regions. β (correct answer)
- C. Configures network cards.
- D. Manages user logs.
Explanation: Traffic Manager uses DNS queries to route users to the nearest regional endpoint.
Question 29: In Azure, what is 'VNet Peering'?
- A. Sharing database keys.
- B. Connecting virtual networks privately, allowing resources in either network to communicate directly. β (correct answer)
- C. Encrypting storage tables.
- D. Logging API endpoints.
Explanation: VNet Peering routes traffic through Microsoft's backbone, bypassing public internet.
Question 30: What is Azure Synapse Analytics?
- A. A container registry.
- B. An enterprise analytics service that accelerates time-to-insight across data warehouses and big data systems. β (correct answer)
- C. A database indexing tool.
- D. A local firewall control panel.
Explanation: Synapse combines SQL analytics, Spark, and data integrations into a unified warehouse workspace.