AZ-900 Exam Questions and Answers

A startup wants to deploy a web application that experiences unpredictable traffic spikes. They need to scale resources automatically without manual intervention. Which benefit of cloud computing directly addresses this requirement?

High availability

Elasticity

Elasticity enables automatic scaling of resources to match varying demand, making it the correct choice.

Disaster recovery

Fault tolerance

Why: Elasticity is the ability of a cloud service to automatically scale resources up or down based on demand. This allows the startup to handle traffic spikes without manual intervention.

A retail company runs its e-commerce platform on a public cloud. During a major sale event, they want to ensure that the application remains accessible even if an entire data center fails. Which cloud computing concept does this describe?

Scalability

Elasticity

High availability

High availability is designed to minimize downtime and keep services running during component failures.

Disaster recovery

Why: High availability ensures that services remain operational despite failures, often through redundancy across multiple data centers. This directly addresses the requirement to stay accessible during a data center outage.

A financial services company is evaluating a public cloud provider. They are concerned about the shared responsibility model for security. The company must ensure that their customer data is encrypted at rest and in transit. Under the shared responsibility model, which security control is the cloud provider typically responsible for?

Encrypting customer data at rest

Patching virtual machines

Physical network security

The cloud provider is responsible for the security of the physical network, including firewalls and infrastructure against physical threats.

Managing customer access policies

Why: In the shared responsibility model, the cloud provider is responsible for the security of the physical infrastructure, including network controls. Customer data encryption at rest and in transit is typically the customer's responsibility, as well as patching of VMs.

A multinational corporation wants to reduce its carbon footprint by shifting workloads to the cloud. They want to understand how using a cloud provider's shared infrastructure contributes to sustainability. Which cloud computing concept is most directly related to this environmental benefit?

Broad network access

Resource pooling

Resource pooling enables sharing of resources among multiple customers, improving utilization and reducing waste.

On-demand self-service

Rapid elasticity

Why: Resource pooling allows cloud providers to consolidate workloads onto shared infrastructure, leading to higher utilization and reduced energy consumption per customer. This directly supports sustainability goals.

A small business wants to move its accounting software to the cloud to avoid purchasing and maintaining physical servers. Which cloud service model would provide the accounting application as a ready-to-use service over the internet?

Infrastructure as a Service (IaaS)

Platform as a Service (PaaS)

Software as a Service (SaaS)

SaaS delivers ready-to-use software applications over the internet, such as accounting software.

Function as a Service (FaaS)

Why: Software as a Service (SaaS) provides fully managed applications accessible via the internet. The business does not need to manage infrastructure or the application itself.

All Describe Azure architecture and services questions

A hospital is subject to strict data residency laws that require patient data to remain within the country's borders. They are considering using a public cloud provider. Which cloud deployment model would best meet this compliance requirement?

Public cloud

Private cloud

A private cloud is dedicated to a single organization, providing maximum control over data location and compliance.

Hybrid cloud

Community cloud

Why: A private cloud gives the organization full control over the location of data and infrastructure. While a public cloud can have data center regions, the hospital may need more control to ensure data does not leave the country. For absolute compliance, a private cloud is safer. Given the options, private cloud is the best fit.

Want more Describe cloud concepts practice?

Practice this domain

Domain 2: Describe Azure architecture and services

A company is planning to migrate its on-premises applications to Azure. They have a mix of monolithic and microservices-based applications. Which Azure compute service should they choose for a microservices architecture that requires independent scaling and deployment of components?

Azure Functions

Azure App Service

Azure Kubernetes Service (AKS)

AKS provides container orchestration, enabling independent scaling, deployment, and management of microservices.

Azure Virtual Machines

Why: Azure Kubernetes Service (AKS) is designed for containerized microservices, allowing independent scaling and deployment of each service. Azure Functions is for serverless event-driven code, and App Service is for web apps but not optimal for microservices orchestration.

A solutions architect is designing a storage solution for a large media company. The company needs to store video files that are accessed infrequently but must be retained for several years for compliance. Which two Azure storage options meet these requirements? (Select two.)

Blob Storage - Hot tier

Blob Storage - Cool tier

Cool tier is for infrequently accessed data with a lower storage cost, suitable for videos accessed occasionally.

Blob Storage - Archive tier

Archive tier is the lowest-cost option for data that is rarely accessed and requires long-term retention, perfect for compliance.

Azure Files - Premium tier

Why: Azure Blob Storage Cool tier is optimized for infrequently accessed data stored for at least 30 days, and Archive tier is for rarely accessed data stored for at least 180 days. Both are cost-effective for long-term retention. Hot tier is for frequently accessed data, and Premium tier is for high-performance needs.

A developer is building a serverless application that requires integration with an on-premises SQL Server database for real-time data processing. The on-premises network is connected to Azure via a site-to-site VPN. Which Azure service would allow the function to securely access the on-premises database without exposing it to the public internet?

Azure Functions in Consumption plan

Azure Functions in Premium plan with VNet integration

Premium plan allows VNet integration, enabling secure access to on-premises resources over the VPN.

Azure SQL Database

Hybrid Connections

Why: Azure Functions running on a Premium plan can be integrated with a VNet, and combined with a site-to-site VPN, they can access on-premises resources securely. The Consumption plan does not support VNet integration. Azure SQL Database is a PaaS service, and a hybrid connection is used for PaaS services to on-premises, but for a function accessing an on-prem SQL Server, VNet integration is appropriate.

A company is designing a multi-tier application on Azure. The web tier needs to scale out based on CPU usage, while the database tier requires high-performance storage for transactional data. Which combination of Azure services should they choose?

Azure Functions and Azure Cosmos DB

Azure App Service and Azure SQL Database

App Service provides autoscaling for web applications, and Azure SQL Database offers high-performance transactional storage with built-in scaling.

Azure Virtual Machine Scale Sets and Azure Files

Azure Kubernetes Service and Blob Storage

Why: For scalable web tier, Azure App Service with Autoscale is appropriate. For high-performance transactional storage, Azure SQL Database with Premium tier or Managed Disks with Premium SSD are options. However, the question asks for a combination. The best match is App Service for the web tier and Azure SQL Database for the database tier, as it provides managed database with performance tiers.

A company is deploying a mission-critical application that must remain available even if a physical Azure datacenter within a region fails. The application will run on multiple virtual machines. Which Azure feature should they use to protect against this specific failure scenario?

Availability Zones

Availability Zones are physically separate locations within an Azure region that provide redundancy at the datacenter level.

Availability Sets

Virtual Machine Scale Sets

Azure Load Balancer

Why: Availability Zones are physically separate datacenters within an Azure region. Each zone has independent power, cooling, and networking. By deploying VMs across Availability Zones, the application can survive a datacenter failure. Availability Sets protect against hardware failures within a single datacenter (update/ fault domains), but not a full datacenter outage. Scale Sets are for scaling VMs, not for high availability across zones. Load Balancer distributes traffic but does not protect against zone failure by itself.

All Describe Azure management and governance questions

A company deploys a web application on Azure App Service. During a marketing campaign, they expect traffic to double. The app uses a Standard tier App Service plan. They want to ensure that the additional load is handled without performance degradation while keeping costs minimal. Which action should they take?

Scale out the App Service plan by increasing the instance count.

Scaling out adds more VM instances to handle increased load, is cost-effective, and can be done manually or via autoscale.

Scale up the App Service plan to a Premium tier for more resources.

Enable autoscale on the existing plan to let Azure handle scaling automatically.

Deploy Azure CDN to cache static content.

Why: App Service plans can be scaled out by increasing the number of VM instances (scale out) or scaled up by moving to a larger plan (scale up). Scaling out is generally more cost-effective for handling variable load as you can add instances and remove them as needed. The Standard tier supports manual scale out (or autoscale). The Premium tier is more expensive. Autoscale is a feature of the plan but requires configuration. The correct immediate action for minimal cost is to manually scale out the app by increasing instance count, or configure autoscale to handle the expected traffic. However, the best answer among the options is to scale out the plan by increasing the number of instances (option A). Option B (scale up to Premium) increases cost unnecessarily, option C (enable autoscale) requires an upfront configuration but not an action to handle immediate doubling, option D (add a CDN) improves latency but does not increase compute capacity.

Want more Describe Azure architecture and services practice?

Practice this domain

Domain 3: Describe Azure management and governance

A company has multiple Azure subscriptions for different departments. They want to enforce consistent policies across all subscriptions regarding allowed virtual machine sizes and require compliance reporting. Which Azure feature should they use?

Azure Blueprints

Azure Resource Manager templates

Azure Policy

Azure Policy enforces rules on resources across subscriptions and provides compliance dashboards and reports.

Role-Based Access Control (RBAC)

Why: Azure Policy allows you to create, assign, and manage policies that enforce rules for resources. It can be applied at the management group level to affect multiple subscriptions and provides compliance reporting.

A company uses Azure and wants to ensure that their IT team receives alerts when virtual machines are deallocated unexpectedly. Which Azure service should they use to create a rule that triggers an action when a VM is deallocated?

Azure Service Health

Azure Monitor

Azure Monitor with Activity Log alerts can notify you when VMs are deallocated.

Azure Advisor

Azure Policy

Why: Azure Monitor can collect and analyze metrics and logs, and with Activity Log Alerts, it can trigger actions (e.g., email, SMS) when specific operations like VM deallocation occur. Azure Service Health provides alerts about service issues, not resource events.

A company needs to track and optimize costs across multiple Azure subscriptions. They want to allocate budgets and receive notifications when spending exceeds forecasted amounts. Which Azure tool should they use?

Azure Advisor

Azure Cost Management

Cost Management allows you to create budgets, monitor spending, and configure alerts when costs exceed thresholds.

Azure Policy

Azure Budgets

Why: Azure Cost Management provides tools to set budgets, analyze spending, and receive alerts. It integrates with Azure Advisor for optimization recommendations, but the primary tool for budget alerts is Cost Management.