CCNA Monitor, troubleshoot, and optimize Azure solutions Questions

75 of 116 questions · Page 1/2 · Monitor, troubleshoot, and optimize Azure solutions · Answers revealed

1
MCQeasy

You manage a web application on Azure App Service. You need to monitor its availability from multiple geographic locations, checking that the homepage loads and returns HTTP 200 within 5 seconds. You want an alert if any location fails. Which type of Application Insights test should you create?

A.Availability test (URL ping test)
B.Multi-step web test
C.Standard test
D.Custom metric test
AnswerA

A URL ping test from multiple locations checks the HTTP status and response time, meeting the requirement.

Why this answer

A URL ping test is the correct choice because it is the simplest availability test in Application Insights, designed to check that a single URL returns an HTTP 200 response within a specified timeout (here, 5 seconds). It can be configured to run from multiple geographic locations, and you can set an alert to fire if any location reports a failure, meeting the requirement exactly.

Exam trap

The trap here is that candidates may confuse the 'standard test' (which is a newer, feature-rich availability test) with the simpler 'URL ping test', but the question explicitly asks for the simplest test that meets the basic HTTP 200 and timeout requirements, making the URL ping test the correct answer.

How to eliminate wrong answers

Option B is wrong because a multi-step web test is used for validating a sequence of user actions (e.g., login, navigate, submit) across multiple URLs, not for a single homepage check. Option C is wrong because a standard test is a newer, more advanced availability test that supports SSL certificate validation and request headers, but it is not the simplest option for a basic HTTP 200 check and is not required here. Option D is wrong because a custom metric test is not a type of availability test; it is used to send custom metrics to Application Insights via the TrackMetric API, not for monitoring URL availability from multiple locations.

2
MCQmedium

Your Azure web app is running in a production environment. Users report that the app is slow. You need to identify the root cause without impacting production traffic. Which approach should you use?

A.Enable Application Insights Profiler
B.Enable Application Insights sampling at 100%
C.Run a load test in a staging slot
D.Review server logs in the web app
AnswerA

Correct. Profiler runs with low overhead and captures detailed traces, allowing you to pinpoint slow dependencies or code paths in production.

Why this answer

Application Insights Profiler provides detailed, per-request performance traces that pinpoint which code paths are consuming the most time, enabling root cause analysis of slow responses without altering production traffic. Unlike sampling or logs, Profiler captures execution data on-demand or automatically with minimal overhead, making it ideal for diagnosing latency issues in a live environment.

Exam trap

The trap here is that candidates often confuse high-level monitoring (logs, metrics) with diagnostic profiling, assuming that more data (100% sampling) or separate testing (staging slot) will solve the problem, when in fact Profiler is the only tool designed for low-overhead, code-level latency analysis in production.

How to eliminate wrong answers

Option B is wrong because enabling sampling at 100% would capture every telemetry event, significantly increasing data volume and cost, and could impact app performance due to the overhead of transmitting all telemetry, which defeats the goal of not affecting production traffic. Option C is wrong because running a load test in a staging slot tests synthetic traffic, not the actual production workload causing user-reported slowness, so it cannot identify the real root cause. Option D is wrong because reviewing server logs provides high-level error and request counts but lacks the granular, code-level timing details needed to pinpoint specific slow code paths, making it insufficient for root cause analysis of performance issues.

3
MCQmedium

You are monitoring an Azure Web App using Application Insights. You need to track the duration and status code of an external API call made by the app. Which Application Insights feature should you use?

A.Built-in request telemetry (server-side requests)
B.Dependency tracking feature
C.Custom events (TrackEvent)
D.Page view tracking
AnswerB

Dependency tracking automatically captures outbound HTTP calls (and other dependencies like databases) with duration, result code, and exception details.

Why this answer

Dependency tracking in Application Insights is specifically designed to monitor calls made by your application to external services, such as APIs, databases, or HTTP endpoints. It automatically captures the duration, success/failure status, and response code of outbound HTTP requests, making it the correct choice for tracking an external API call's duration and status code.

Exam trap

The trap here is that candidates confuse 'request telemetry' (incoming calls to the app) with 'dependency telemetry' (outgoing calls from the app), leading them to incorrectly select built-in request telemetry for monitoring external API calls.

How to eliminate wrong answers

Option A is wrong because built-in request telemetry (server-side requests) tracks incoming HTTP requests to your web app, not outbound calls to external APIs. Option C is wrong because custom events (TrackEvent) are used for logging custom business events or user actions, not for automatically capturing the duration and status code of HTTP calls. Option D is wrong because page view tracking monitors client-side page loads and user navigation, not server-side outbound API call metrics.

4
MCQmedium

Your e-commerce application sends telemetry to Application Insights. You need to reduce ingestion costs while preserving the ability to detect trends in performance metrics. Which sampling type should you configure?

A.Fixed-rate sampling
B.Adaptive sampling
C.Ingestion sampling
D.Head-based sampling
AnswerB

Correct. Adaptive sampling dynamically adjusts to keep the telemetry volume within a budget while preserving statistical accuracy for trends.

Why this answer

Adaptive sampling is the correct choice because it automatically adjusts the volume of telemetry data collected based on the application's activity level, ensuring that performance trends are preserved while reducing ingestion costs. Unlike fixed-rate sampling, adaptive sampling dynamically increases or decreases the sampling rate to maintain a target volume, making it ideal for e-commerce applications with variable traffic patterns.

Exam trap

The trap here is that candidates often confuse 'adaptive sampling' with 'fixed-rate sampling' because both are head-based, but only adaptive sampling dynamically adjusts to reduce costs without losing trend visibility.

How to eliminate wrong answers

Option A is wrong because fixed-rate sampling applies a constant sampling percentage regardless of traffic volume, which can either over-sample during low activity (wasting cost) or under-sample during high activity (losing trend data). Option C is wrong because ingestion sampling occurs at the ingestion endpoint after telemetry is sent, meaning it does not reduce network bandwidth or storage costs at the source, and it cannot preserve trends as effectively as client-side sampling. Option D is wrong because head-based sampling is a general category that includes fixed-rate and adaptive sampling; it is not a specific sampling type, and the question asks for a specific configuration that reduces costs while preserving trends.

5
MCQeasy

You are using Application Insights to monitor a web application. You notice that a specific request is slow. You want to see the complete end-to-end transaction details, including all dependency calls and exceptions for that single request. Which feature should you use?

A.Metrics Explorer
B.Transaction Search (End-to-End Transaction Details)
C.Application Map
D.Live Metrics Stream
AnswerB

This feature provides a timeline view of every operation within a single request, helping pinpoint the cause of slowness.

Why this answer

Transaction Search (End-to-End Transaction Details) is the correct feature because it allows you to view the complete trace of a single request, including all dependency calls (e.g., SQL, HTTP, Azure services), exceptions, and logs associated with that specific operation. This is achieved by correlating telemetry using the operation_Id field, which groups all telemetry items from the same request into a single end-to-end view. Other features like Metrics Explorer or Application Map provide aggregated or topological views, not per-request drill-down.

Exam trap

The trap here is that candidates often confuse the aggregated monitoring features (Metrics Explorer, Application Map) with the diagnostic drill-down capability of Transaction Search, mistakenly believing that a high-level view can reveal per-request details.

How to eliminate wrong answers

Option A is wrong because Metrics Explorer provides aggregated, time-series metrics (e.g., average response time, request count) and cannot show individual request-level details or dependency call trees. Option C is wrong because Application Map offers a topological view of application components and their dependencies, but it does not provide per-request transaction details or exception traces. Option D is wrong because Live Metrics Stream shows real-time, near-instantaneous metrics (e.g., request rate, CPU usage) for monitoring live traffic, but it does not support querying historical or specific slow requests with full dependency and exception details.

6
MCQmedium

You have an Azure Front Door Premium instance with a Web Application Firewall (WAF) policy. The exhibit shows a custom rule. What is the effect of this rule?

A.Allows all traffic
B.Blocks traffic from 192.168.1.0/24 and 10.0.0.0/8
C.Blocks traffic that does NOT originate from 192.168.1.0/24 or 10.0.0.0/8
D.Allows traffic from 192.168.1.0/24 and 10.0.0.0/8
AnswerC

NegateCondition true inverts the match, so the rule blocks non-matching IPs.

Why this answer

Option C is correct because the rule blocks requests that do NOT originate from the specified IP ranges (negateCondition: true). Option A is wrong because it allows those IPs. Option B is wrong because it blocks only those IPs.

Option D is wrong because it allows all traffic, which is opposite.

7
MCQhard

Application Insights ingestion cost is rising because a high-traffic app emits large telemetry volume. The team needs statistically useful telemetry while reducing ingestion. What should be configured?

A.Move the app to a larger App Service plan
B.Adaptive sampling
C.Disable all exception telemetry
D.Increase log verbosity to debug
AnswerB

Adaptive sampling reduces telemetry volume while preserving representative diagnostic data.

Why this answer

Adaptive sampling is the correct solution because it automatically adjusts the volume of telemetry data sent to Application Insights, retaining only a representative subset that preserves statistical accuracy for analysis. This reduces ingestion costs while ensuring the sampled data remains statistically useful for detecting trends and anomalies in high-traffic applications.

Exam trap

The trap here is that candidates may think increasing resources (larger plan) or disabling entire telemetry categories (exceptions) is a valid cost-control measure, but the exam tests understanding that adaptive sampling is the designed Azure feature for reducing telemetry volume while preserving statistical significance.

How to eliminate wrong answers

Option A is wrong because moving the app to a larger App Service plan increases compute resources and cost, but does not reduce telemetry ingestion volume or address the root cause of rising Application Insights costs. Option C is wrong because disabling all exception telemetry would eliminate critical diagnostic data needed for monitoring application health, and it does not provide a balanced approach to reducing ingestion while maintaining statistical usefulness. Option D is wrong because increasing log verbosity to debug would generate even more telemetry data, exacerbating the ingestion cost problem rather than solving it.

8
Multi-Selectmedium

Which TWO actions should you take to optimize costs for an Azure SQL Database that is underutilized? (Choose two.)

Select 2 answers
A.Enable geo-replication
B.Increase the DTU or vCore limit
C.Purchase reserved capacity
D.Enable read scale-out
E.Scale down to a lower service tier
AnswersC, E

Reserved capacity provides significant discounts.

Why this answer

Option B (scale down) and Option D (use reserved capacity) are correct because scaling down reduces compute costs and reserved capacity offers discounts. Option A (increase DTU) increases cost. Option C (geo-replication) adds cost.

Option E (read scale-out) adds cost.

9
MCQhard

You are a developer for a large e-commerce company. The company has a global customer base and runs a critical web application on Azure App Service (Premium v3 plan) deployed in multiple regions. The application uses Azure Cosmos DB (multi-region writes enabled) for product catalog and session state. Recently, the operations team reported that during peak shopping hours (e.g., Black Friday), the application becomes slow and some users experience timeouts. You have implemented Application Insights to collect telemetry. After analyzing the data, you find that the Cosmos DB write operations are experiencing high latency (average 200ms) and occasional throttling (429 errors). The read latency is acceptable. The App Service instances are scaled out to 20 instances during peak, and CPU usage is around 70%. You need to optimize the solution to reduce write latency and eliminate throttling without over-provisioning resources. The solution must be cost-effective and require minimal code changes. What should you do?

A.Scale up the App Service plan to a higher tier to increase CPU capacity
B.Implement Azure Cache for Redis to cache Cosmos DB read and write operations
C.Increase the provisioned RU/s manually before peak hours and decrease after
D.Enable autoscale on the Cosmos DB container with a maximum throughput limit
AnswerD

Autoscale dynamically adjusts RU/s based on demand, preventing throttling.

Why this answer

Option C is correct because enabling Cosmos DB request unit (RU) autoscale allows the database to automatically scale up throughput during peak times, preventing throttling. This is cost-effective when traffic is variable. Option A is wrong because scaling up the App Service plan may help CPU but does not address Cosmos DB throttling.

Option B is wrong because increasing RU/s manually could lead to over-provisioning during off-peak. Option D is wrong because enabling Azure Cache for Redis would reduce read latency, not write latency.

10
MCQhard

You need to emit a custom metric in Application Insights that tracks the number of page views per browser. You expect high volume (millions of events per day). Which API should you use to ensure efficient pre-aggregation and avoid performance issues?

A.TrackEvent
B.TrackMetric
C.GetMetric
D.TrackDependency
AnswerC

GetMetric is designed for high-volume metrics with dimensions and performs client-side aggregation for efficiency.

Why this answer

C is correct because the GetMetric API (previously known as Pre-Aggregated Metric API) is designed for high-volume telemetry scenarios. It pre-aggregates metrics on the client side before sending them to Application Insights, significantly reducing network traffic and storage costs while avoiding performance bottlenecks from millions of individual events.

Exam trap

The trap here is that candidates often confuse TrackEvent (for custom events) with metric tracking, or assume TrackMetric is the correct choice because of its name, not realizing it is deprecated and lacks client-side pre-aggregation.

How to eliminate wrong answers

Option A is wrong because TrackEvent sends each event individually, which would generate millions of separate telemetry records, causing excessive network overhead and ingestion costs. Option B is wrong because TrackMetric is deprecated and also sends individual metric values without client-side aggregation, leading to similar performance issues. Option D is wrong because TrackDependency is used to track external dependency calls (e.g., HTTP, SQL), not custom metrics like page views per browser.

11
Multi-Selecteasy

You are monitoring an Azure App Service web app that is experiencing intermittent high CPU usage. You need to configure alerts and troubleshoot the issue. Which TWO actions should you take? (Choose two.)

Select 2 answers
A.Create a metric alert rule that triggers when average CPU exceeds 90% over 5 minutes.
B.Scale up the App Service plan to a higher tier to ensure sufficient resources.
C.Create a Log Analytics workspace and configure diagnostic settings to send platform logs.
D.Enable Application Insights and configure autoscale based on custom metrics.
E.Create an autoscale rule for the App Service plan to scale out when CPU > 80%.
AnswersC, E

A Log Analytics workspace is required to collect and analyze diagnostic logs for troubleshooting.

Why this answer

Option A is correct: A Log Analytics workspace is required to collect and analyze diagnostic logs for troubleshooting. Option D is correct: An autoscale rule based on CPU percentage can help handle intermittent high CPU usage by scaling out. Option B is wrong: Application Insights is for application performance monitoring, not for autoscaling based on custom metrics easily.

Option C is wrong: Scaling up increases resources but does not automatically scale based on load; autoscale is needed. Option E is wrong: While Log Analytics helps, the question asks for actions to configure alerts and troubleshoot, and creating an autoscale rule is a proactive action.

12
MCQhard

You have an Azure Logic App that processes orders. Occasionally, the Logic App fails due to a transient error from a downstream API. You want to automatically retry the failed action after 10 seconds, up to 3 times, with exponential backoff. Which configuration should you set on the action?

A.Set retry policy to default with interval of 10 seconds and count of 3
B.Set retry policy to fixed interval with 10-second delay and 3 retries
C.Set retry policy to none and implement custom retry logic
D.Set retry policy to custom with exponential interval and 3 retries
AnswerA

Default retry policy uses exponential backoff.

Why this answer

Option B is correct because the default retry policy uses exponential backoff with settings for interval and count. Option A (fixed interval) is not exponential. Option C (none) disables retries.

Option D (custom) requires explicit backoff calculation.

13
Multi-Selecthard

A production API needs proactive alerting for high telemetry cost. Which two elements are required for a useful Azure Monitor alert?

Select 2 answers
A.A signal or metric/log query that detects the condition
B.A public IP address on the app
C.A manually exported CSV report
D.An action group for notification or automation
AnswersA, D

The alert rule must evaluate a metric or query that represents the problem.

Why this answer

Option A is correct because an Azure Monitor alert requires a signal—either a metric (e.g., number of API calls) or a log query (e.g., Application Insights traces)—that defines the condition to detect high telemetry cost. Without this signal, the alert has no data source to evaluate against a threshold or pattern, making proactive detection impossible.

Exam trap

The trap here is that candidates often confuse the components needed for an alert (signal and action group) with unrelated infrastructure details like IP addresses or manual exports, leading them to select options that are not part of the alert definition.

14
MCQeasy

You are using Application Insights to monitor a web application. The business team wants to track how many users click a specific button on the page. You need to send custom telemetry data from the client-side JavaScript. Which Application Insights JavaScript SDK method should you call?

A.appInsights.trackTrace
B.appInsights.trackEvent
C.appInsights.trackPageView
D.appInsights.trackException
AnswerB

trackEvent is the correct method to send custom events, such as button clicks, along with properties and measurements.

Why this answer

The correct method is `trackEvent` because it is specifically designed for capturing user interactions, such as button clicks, as custom events in Application Insights. Unlike other methods, `trackEvent` allows you to attach custom properties and measurements, making it ideal for business metrics like click tracking. This method sends the data as a custom event telemetry item, which can be analyzed in the Azure portal under 'Events'.

Exam trap

The trap here is that candidates often confuse `trackEvent` with `trackTrace` or `trackPageView`, thinking that any custom data can be sent via `trackTrace`, but `trackEvent` is the only method designed for user-defined business events like button clicks.

How to eliminate wrong answers

Option A is wrong because `trackTrace` is used for logging diagnostic trace messages, not for tracking user interactions or custom business events. Option C is wrong because `trackPageView` is designed to track page loads and views, not individual button clicks on a page. Option D is wrong because `trackException` is used to report exceptions and errors, not to track user actions or custom telemetry events.

15
Multi-Selectmedium

Which TWO Azure Monitor features can help troubleshoot a web app that returns slow response times intermittently?

Select 2 answers
A.Sentinel incidents
B.Advisor recommendations
C.Live Metrics
D.Application Map
E.Policy compliance
AnswersC, D

Real-time monitoring of response times.

Why this answer

Options A and D are correct. Live Metrics shows real-time performance; Application Map visualizes dependencies and latency. Option B is wrong because it's for cost.

Option C is wrong because it's for security. Option E is wrong because it's for policy compliance.

16
MCQhard

You have an Azure Policy as shown in the exhibit. The roleDefinitionId corresponds to the 'Contributor' role. What does this policy do?

A.Denies Contributors from creating or modifying virtual machines
B.Allows Contributors to create virtual machines
C.Audits when Contributors create virtual machines
D.Deploys a virtual machine when a Contributor action occurs
AnswerA

The policy denies specified actions on VMs for the Contributor role.

Why this answer

Option B is correct because the policy denies actions from Contributors on VMs. Option A (allows) is wrong because effect is deny. Option C (audits) is wrong because effect is deny.

Option D (deploys) is wrong because effect is deny.

17
MCQhard

You are optimizing an Azure API Management instance that handles 10,000 requests per second. You notice that caching is not effective. The cache hit ratio is below 10%. You need to increase the cache hit ratio. What should you do?

A.Use external Azure Cache for Redis
B.Configure cache key to include only relevant query parameters
C.Disable caching for low-traffic APIs
D.Increase the cache size to 5 GB
AnswerB

Proper cache key design increases cache hits by avoiding unnecessary variations.

Why this answer

Option D is correct because implementing a cache key strategy that includes only relevant query parameters avoids cache fragmentation. Option A (increasing cache size) doesn't address fragmentation. Option B (using external Redis) adds latency.

Option C (removing caching) is counterproductive.

18
MCQmedium

You are troubleshooting an Azure Function that intermittently throws exceptions. You have enabled Application Insights. You need to capture the exact line of code that caused the exception, even for exceptions that occur during high load. Which feature should you use?

A.Snapshot Debugger
B.Application Insights Profiler
C.Live Metrics Stream
D.SQL Insights
AnswerA

Correct. Snapshot Debugger automatically collects debug snapshots on exceptions, providing the call stack and local variables at the moment of failure.

Why this answer

Snapshot Debugger is the correct choice because it captures a point-in-time snapshot of the call stack and local variables at the exact line where an exception occurs, even under high load. This allows you to see the precise line of code and state that caused the failure, which is essential for diagnosing intermittent exceptions. Application Insights integrates Snapshot Debugger to automatically collect these snapshots for thrown exceptions without requiring manual instrumentation.

Exam trap

The trap here is that candidates confuse Profiler (performance tracing) with Snapshot Debugger (exception debugging), assuming both capture code-level details, but only Snapshot Debugger provides the exact line of code and variable state at the moment of failure.

How to eliminate wrong answers

Option B is wrong because Application Insights Profiler traces performance bottlenecks by sampling CPU and request durations, not capturing exception call stacks or line-level details. Option C is wrong because Live Metrics Stream provides real-time monitoring of metrics like request rate and failure count, but it does not capture snapshots or line-of-code details for individual exceptions. Option D is wrong because SQL Insights focuses on diagnosing database query performance and deadlocks, not application-level exception line numbers.

19
MCQmedium

You are a developer for a company that runs a critical e-commerce application on Azure. The application consists of an Azure App Service web app, an Azure SQL Database, and an Azure Cache for Redis. The web app experiences occasional performance degradation that you suspect is due to inefficient database queries caused by caching issues. You have enabled Application Insights on the web app. You need to identify the root cause of the performance issues and optimize the solution. The solution must minimize cost and administrative overhead. You have the following options: Option A: Configure Azure SQL Database Intelligent Insights to automatically tune database queries. Option B: Use Application Insights Profiler to capture and analyze database query performance. Option C: Implement Redis cache-aside pattern and ensure that all database queries check the cache first. Option D: Enable Azure SQL Database Query Performance Insight to identify the most costly queries and then implement caching. Which option should you recommend?

A.Implement Redis cache-aside pattern and ensure that all database queries check the cache first.
B.Configure Azure SQL Database Intelligent Insights to automatically tune database queries.
C.Enable Azure SQL Database Query Performance Insight to identify the most costly queries and then implement caching.
D.Use Application Insights Profiler to capture and analyze database query performance.
AnswerC

Query Performance Insight identifies the most resource-intensive queries, allowing targeted optimization. Then implementing caching (like cache-aside) will reduce database load efficiently.

Why this answer

Option D is the recommended approach. Query Performance Insight provides detailed information about the most resource-intensive queries, helping to identify which queries are causing performance issues. Once identified, you can implement caching (e.g., Redis cache-aside) to reduce database load.

Option A (Intelligent Insights) is helpful but focuses on automatic tuning, not direct identification of costly queries. Option B (Application Insights Profiler) is useful for profiling but may not give specific database query details as effectively as Query Performance Insight. Option C (implement caching) is a general solution but without first identifying the problematic queries, you might not target the right ones, leading to inefficient use of cache and increased complexity.

Therefore, Option D provides the best path: first diagnose, then optimize.

20
MCQhard

Your Azure Functions app uses Durable Functions to orchestrate a workflow. The orchestration sometimes fails with a 'FunctionRuntimeException' due to a timeout. You need to increase the maximum orchestration time. What should you modify?

A.Add an app setting 'AzureFunctionsJobHost__functionTimeout'
B.Change the Azure Storage account to a Premium account
C.Increase the 'functionTimeout' in host.json
D.Set 'maxOrchestrationTimeout' in the host.json file
AnswerD

This setting controls the maximum duration of an orchestration.

Why this answer

Option A is correct because the max orchestration time is controlled by the 'maxOrchestrationTimeout' setting in host.json. Option B is wrong because functionTimeout is for individual functions, not orchestrations. Option C is wrong because the storage account connection is for state persistence, not timeout.

Option D is wrong because the app setting 'AzureFunctionsJobHost__functionTimeout' is not a standard setting.

21
MCQhard

Three microservices collaborate on a single user transaction: an App Service API, an Azure Function that processes a Service Bus message, and a downstream storage service. Traces appear separately in Application Insights with no parent-child relationship. What is needed to correlate all three into a single end-to-end trace?

A.Install the Application Insights SDK on all three services and ensure W3C Trace Context header propagation is enabled for both HTTP calls and Service Bus messages
B.Use the same Application Insights instrumentation key for all three services — no additional configuration is needed
C.Add a custom x-correlation-id header in each service and log it with TelemetryClient.TrackEvent
D.Enable Azure Monitor cross-resource queries and write a KQL join across all three services' logs
AnswerA

The SDK propagates the traceparent header on outgoing HTTP requests automatically. For Service Bus, the SDK injects and reads correlation properties in the message's ApplicationProperties collection. With the same operation ID flowing through all three services, Application Insights assembles the calls into a single end-to-end trace in the Application Map and end-to-end transaction view.

Why this answer

Option A is correct because distributed tracing across HTTP and asynchronous messaging requires the Application Insights SDK on each service and propagation of the W3C Trace-Context standard (traceparent and tracestate headers). This ensures that the App Service API, Azure Function, and downstream storage service share a single trace ID, enabling Application Insights to correlate all telemetry into one end-to-end transaction view.

Exam trap

The trap here is that candidates assume sharing an instrumentation key is sufficient for correlation, overlooking the necessity of W3C Trace-Context header propagation across both synchronous HTTP and asynchronous messaging protocols.

How to eliminate wrong answers

Option B is wrong because sharing the same instrumentation key only sends telemetry to the same Application Insights resource but does not automatically correlate spans without trace context propagation; each service's traces remain disconnected. Option C is wrong because a custom x-correlation-id header and manual TrackEvent calls do not create parent-child span relationships; the SDK's built-in distributed tracing relies on standardized W3C headers and automatic telemetry correlation. Option D is wrong because cross-resource queries and KQL joins can combine logs after the fact but do not establish the real-time parent-child trace hierarchy needed for a single end-to-end view; they also require manual correlation logic.

22
Multi-Selecthard

A production API needs proactive alerting for failed dependency calls. Which two elements are required for a useful Azure Monitor alert?

Select 2 answers
A.A manually exported CSV report
B.A signal or metric/log query that detects the condition
C.A public IP address on the app
D.An action group for notification or automation
AnswersB, D

The alert rule must evaluate a metric or query that represents the problem.

Why this answer

Option B is correct because Azure Monitor alerts require a signal—either a metric, log query, or activity log event—to define the condition that triggers the alert. For failed dependency calls, you would use a log query (e.g., from Application Insights) or a custom metric to detect when the dependency failure rate exceeds a threshold. Without a signal, the alert has no basis to evaluate or fire.

Exam trap

The trap here is that candidates confuse the alert's detection mechanism (the signal) with the response mechanism (the action group), often thinking a static report or network configuration is sufficient for proactive alerting.

23
MCQmedium

Your team monitors Azure Functions with Application Insights. After a recent deployment, cold start latency increased. Which feature should you enable to mitigate this?

A.Set FUNCTIONS_WORKER_RUNTIME to 'dotnet-isolated'
B.Migrate from Consumption plan to Premium plan
C.Enable Azure Monitor alerts on function execution count
D.Enable Always On in the function app configuration
AnswerB

Premium plan keeps instances warm.

Why this answer

Option C is correct because Premium plan keeps instances warm, reducing cold starts. Option A is wrong because Always On is for App Service, not Functions. Option B is wrong because it's a general setting, not specifically for cold starts.

Option D is wrong because it's a debugging tool, not a mitigation for cold starts.

24
MCQhard

You need to analyze all exceptions that occurred in the last 24 hours from an application monitored by Application Insights. You want to group them by exception type, and for each type show the URL where it occurred and the count. Which Log Analytics Kusto query should you use?

A.exceptions | where timestamp > ago(24h) | summarize count() by type, cloud_RoleInstance
B.exceptions | where timestamp > ago(24h) | summarize count() by type, url
C.exceptions | where timestamp > ago(24h) | summarize count() by type, operation_Name
D.exceptions | where timestamp > ago(24h) | summarize count() by type
AnswerB

This query correctly filters the last 24 hours and groups by exception type and URL with a count of occurrences.

Why this answer

Option B is correct because the query filters exceptions from the last 24 hours using `timestamp > ago(24h)`, groups them by `type` (exception type) and `url` (the URL where the exception occurred), and then counts occurrences per group with `summarize count()`. This directly matches the requirement to show, for each exception type, the URL and the count.

Exam trap

The trap here is that candidates may confuse `url` with `operation_Name` or `cloud_RoleInstance`, thinking those columns also represent the URL, but only `url` directly captures the request URL where the exception occurred.

How to eliminate wrong answers

Option A is wrong because it groups by `cloud_RoleInstance`, which identifies the server or instance, not the URL where the exception occurred; this would show counts per server per exception type, not per URL. Option C is wrong because it groups by `operation_Name`, which is the name of the operation (e.g., a controller action), not the URL; this would show counts per operation per exception type, not per URL. Option D is wrong because it only groups by `type`, omitting the URL entirely; this would show total counts per exception type but not break them down by URL as required.

25
MCQeasy

You need to monitor the performance of an Azure App Service web app. Which metric indicates high CPU usage?

A.Data In/Out
B.Requests per second
C.CPU Time
D.Memory working set
AnswerC

Directly measures CPU consumption.

Why this answer

Option C is correct because CPU Time measures the amount of CPU consumed by the app. Option A is wrong because it measures memory. Option B is wrong because it measures HTTP requests.

Option D is wrong because it measures network traffic.

26
MCQeasy

You are monitoring an Azure App Service using Application Insights. You want to alert when the average server response time exceeds 2 seconds over a 5-minute window. What should you create?

A.An availability alert
B.A log alert with a custom KQL query
C.A metric alert with 'Server response time' as the signal
D.An activity log alert
AnswerC

Metric alerts are ideal for numeric thresholds over time.

Why this answer

Option A is correct because a metric alert on the 'Server response time' metric can trigger when the threshold is exceeded. Option B (log alert) requires log queries. Option C (activity log alert) is for resource events.

Option D (availability alert) is for endpoint availability.

27
MCQhard

Your application uses Azure Cosmos DB with the SQL API. You notice that read requests are being throttled (HTTP 429) during peak hours. You need to improve read performance without changing the application code. Which action should you take?

A.Add a composite index to the container
B.Increase the provisioned throughput (RU/s) for the container
C.Enable multi-region writes for the Cosmos DB account
D.Change the default consistency level to Strong
AnswerB

More RU/s means more capacity for reads and writes.

Why this answer

Option B is correct because increasing RU/s for the container directly increases throughput, reducing throttling. Option A is wrong because adding a global index is not a standard Cosmos DB concept; indexing is automatic. Option C is wrong because changing consistency to Strong reduces performance.

Option D is wrong because enabling multi-region writes improves write availability, not read performance.

28
MCQeasy

You are using Azure Monitor to collect logs from multiple Azure resources. You need to query logs to find all error events from the last 24 hours. Which query language should you use?

A.Transact-SQL (T-SQL)
B.PromQL
C.PowerShell
D.Kusto Query Language (KQL)
AnswerD

KQL is the native query language for Azure Monitor Logs.

Why this answer

Option A is correct because Kusto Query Language (KQL) is the query language for Azure Monitor Logs. Option B (SQL) is for relational databases. Option C (PowerShell) is for scripting.

Option D (PromQL) is for Prometheus.

29
MCQeasy

You are monitoring an Azure Function app that processes messages from an Event Hub. You want to be alerted if the function is failing to process messages (e.g., exceptions) and automatically restart the function host. Which Azure service should you use?

A.Azure Monitor alerts with a metric alert on exception count.
B.Application Insights availability tests.
C.Azure Service Health alerts.
D.Azure Advisor recommendations.
AnswerA

A metric alert on exception count can trigger an action group that restarts the function app, providing automated recovery.

Why this answer

Azure Monitor metric alerts on exception count can trigger when the function app throws exceptions during message processing. By configuring an alert rule that fires on the 'Exceptions' metric, you can then set up an action group that includes an auto-remediation step, such as restarting the function app host via a webhook or Azure Automation runbook. This directly addresses the requirement to be alerted and automatically restart the host.

Exam trap

The trap here is that candidates often confuse Application Insights availability tests (which only check HTTP endpoint availability) with the need to monitor internal function exceptions, or they mistakenly think Azure Service Health alerts cover application-level errors instead of Azure platform issues.

How to eliminate wrong answers

Option B is wrong because Application Insights availability tests are designed to monitor the availability and responsiveness of HTTP endpoints, not to detect processing failures or exceptions within an Azure Function. Option C is wrong because Azure Service Health alerts notify you about service-level issues, outages, or planned maintenance affecting Azure services, not application-level exceptions in your function code. Option D is wrong because Azure Advisor provides proactive recommendations for best practices (e.g., performance, cost, reliability) but does not offer real-time alerting or automated restart capabilities based on exception metrics.

30
MCQhard

Refer to the exhibit. You deployed an Azure Storage account with this ARM template. Users outside the allowed IP range receive '403 Forbidden' errors. What is the MOST likely cause?

A.The access tier is Cool
B.The minimum TLS version is set to TLS1_2
C.The IP rule allows only 203.0.113.0/24
D.The network ACL default action is Deny
AnswerD

Denies all traffic except from allowed IPs.

Why this answer

Option B is correct because the defaultAction is Deny, so only traffic from the specified IP range is allowed. Option A is wrong because TLS version is correct. Option C is wrong because Cool access tier doesn't affect access.

Option D is wrong because the IP rule allows the range.

31
MCQmedium

You are using Application Insights to monitor an ASP.NET Core web API. Users report that a specific endpoint is slow, but you cannot reproduce the issue in development. You need to identify which line of code is causing the delay in production. Which Application Insights feature should you use?

A.Use the Application Insights Map to visualize dependencies.
B.Enable Application Insights Profiler.
C.Use the Snapshot Debugger to capture debug snapshots on exceptions.
D.Create a custom telemetry event in the slow endpoint to log timing data.
AnswerB

Correct. Profiler captures detailed execution traces for requests and shows the time spent in each method, enabling you to pinpoint the slow code path.

Why this answer

Application Insights Profiler is designed specifically to trace code-level performance issues in production without requiring code changes or reproducing the problem. It captures detailed call stacks and timing for each request, allowing you to identify exactly which line of code is causing the delay. This makes it the correct choice for diagnosing a slow endpoint that cannot be reproduced in development.

Exam trap

The trap here is that candidates often confuse the Snapshot Debugger (for exceptions) with the Profiler (for performance), or assume custom telemetry is the only way to get timing data, missing that the Profiler provides automatic, line-level diagnostics without code changes.

How to eliminate wrong answers

Option A is wrong because the Application Insights Map visualizes dependencies between services (e.g., databases, external APIs) but does not provide line-by-line code execution timing. Option C is wrong because the Snapshot Debugger captures debug snapshots only when exceptions are thrown, not for slow performance without exceptions. Option D is wrong because creating a custom telemetry event requires modifying the application code and redeploying, which is not a built-in feature for diagnosing existing production slowness without prior instrumentation.

32
MCQeasy

You are deploying a microservices application on Azure Kubernetes Service (AKS). You need to monitor the resource consumption of each pod and set up alerts when CPU usage exceeds 80% for 5 minutes. What should you use?

A.Azure Monitor VM Insights
B.Application Insights
C.Azure Service Health
D.Azure Monitor Container Insights
AnswerD

Container Insights is designed for AKS and supports metric alerts.

Why this answer

Option A is correct because Container Insights provides monitoring of AKS clusters and supports metric alerts. Option B (Azure Monitor VM Insights) is for VMs. Option C (Application Insights) is for application-level telemetry.

Option D (Azure Service Health) monitors Azure service availability.

33
MCQeasy

You are monitoring an Azure web application with Application Insights. You want to create a custom dashboard that shows the number of requests over time and the average server response time. Which Application Insights feature should you use to create this dashboard?

A.Metrics Explorer
B.Log Analytics
C.Application Map
D.Smart Detection
AnswerA

Correct. Metrics Explorer is designed for creating charts from metric data and pinning to dashboards.

Why this answer

Metrics Explorer in Application Insights is designed for visualizing pre-aggregated metrics like request count and server response time over time. It allows you to create custom charts and pin them to an Azure dashboard, making it the correct choice for this monitoring requirement.

Exam trap

The trap here is that candidates often confuse Log Analytics (which can also create charts from log queries) with Metrics Explorer, but Metrics Explorer is the correct tool for pre-aggregated, real-time metric visualization without writing KQL queries.

How to eliminate wrong answers

Option B is wrong because Log Analytics is used for querying raw log data with Kusto Query Language (KQL), not for directly creating real-time metric dashboards from pre-aggregated metrics. Option C is wrong because Application Map provides a visual topology of service dependencies and transaction flow, not time-series charts of request counts or response times. Option D is wrong because Smart Detection uses machine learning to automatically detect anomalies and performance issues, but it does not allow you to build custom metric dashboards.

34
MCQeasy

You have an Azure Cosmos DB container with a high number of physical partitions. You observe that some partitions are hitting the request unit (RU) limit while others are underutilized. What should you do to better distribute the workload?

A.Add more composite indexes
B.Increase the total provisioned throughput
C.Choose a different partition key that evenly distributes workload
D.Change the default consistency level to eventual
AnswerC

A well-chosen partition key avoids hot partitions.

Why this answer

Option A is correct because a good partition key ensures even distribution of RU consumption. Option B (increasing throughput) doesn't fix skew. Option C (changing consistency) affects performance but not distribution.

Option D (adding indexes) increases RU consumption.

35
MCQeasy

Your web app hosted on Azure App Service is experiencing high memory usage. You need to capture a memory dump for analysis without restarting the app. Which diagnostic feature should you use?

A.Application Insights Profiler
B.Snapshot Debugger
C.Diagnostic settings
D.Azure App Service Diagnostics (Diagnose and solve problems)
AnswerD

The 'Diagnose and solve problems' blade allows you to collect memory dumps and analyze memory issues without restarting the app.

Why this answer

Azure App Service Diagnostics (Diagnose and solve problems) provides a built-in 'Memory Dump' tool that allows you to capture a full or mini memory dump of your app's process without requiring a restart. This is accessed through the Azure portal under the 'Diagnose and solve problems' blade, specifically via the 'Collect Memory Dump' diagnostic tool, which uses the Windows Debugging Tools to snapshot the w3wp.exe process while the app continues running.

Exam trap

The trap here is that candidates often confuse the 'Diagnose and solve problems' blade with 'Diagnostic settings' or assume that only Application Insights tools (Profiler or Snapshot Debugger) can capture runtime diagnostic data, but the memory dump feature is a distinct, restart-free tool available directly under the App Service's diagnostic portal.

How to eliminate wrong answers

Option A is wrong because Application Insights Profiler is designed to trace and analyze performance bottlenecks by capturing CPU and request execution timelines, not to capture memory dumps for analyzing memory leaks or high memory usage. Option B is wrong because Snapshot Debugger captures snapshots of application state when exceptions occur, focusing on debugging code logic errors, not on collecting full memory dumps for memory analysis. Option C is wrong because Diagnostic settings are used to stream platform logs and metrics to destinations like Storage Accounts, Event Hubs, or Log Analytics, but they do not provide a mechanism to capture on-demand memory dumps of the running process.

36
MCQmedium

You are running an Azure App Service web app on the Basic tier. Users report slow initial responses due to cold starts. You need to keep the app warm without upgrading the hosting plan. Which feature should you enable?

A.Enable 'Always On' in the App Service configuration.
B.Upgrade to a Premium plan to get pre-warmed instances.
C.Implement an auto-scaling rule to maintain a minimum instance count.
D.Reduce the web app's idle timeout via application code.
AnswerA

Always On ensures the app is continuously running, eliminating cold starts. It is available on Basic tier.

Why this answer

The 'Always On' feature prevents the App Service from being unloaded after periods of inactivity, eliminating cold starts by keeping the application loaded in memory. This is available on the Basic tier and above, so it solves the problem without requiring a plan upgrade.

Exam trap

The trap here is that candidates often confuse auto-scaling (which handles load distribution) with keeping a single instance warm, or incorrectly assume that 'Always On' requires a Premium plan when it is actually available from the Basic tier upward.

How to eliminate wrong answers

Option B is wrong because upgrading to a Premium plan is unnecessary and violates the constraint of not upgrading the hosting plan; 'Always On' is already available on the Basic tier. Option C is wrong because auto-scaling rules maintain a minimum instance count but do not prevent individual instances from being unloaded due to idle timeouts; cold starts still occur on each instance after idle. Option D is wrong because reducing idle timeout via application code does not affect the App Service platform's idle unloading behavior, which is controlled by the 'Always On' setting.

37
Matchingmedium

Match each Azure monitoring tool to its purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Collect, analyze, and act on telemetry data

Application performance monitoring (APM)

Query and analyze log data

Personalized recommendations for best practices

Why these pairings

These tools help monitor and optimize Azure resources and applications.

38
MCQeasy

You need to monitor the real-time CPU utilization of an Azure virtual machine. Which Azure Monitor feature is designed for this purpose?

A.Metrics
B.Logs
C.Alerts
D.Workbooks
AnswerA

Metrics provide real-time numerical values such as CPU usage, ideal for monitoring performance.

Why this answer

Azure Monitor Metrics is the correct feature because it collects and stores numeric time-series data from Azure resources, including CPU utilization, at near-real-time intervals (typically every 1 minute for Azure VMs). Metrics are lightweight, low-latency, and designed for real-time monitoring and alerting, making them ideal for tracking CPU usage without the overhead of log ingestion.

Exam trap

The trap here is that candidates often confuse 'real-time monitoring' with 'log-based analysis' and select Logs (Option B), not realizing that Metrics are specifically designed for low-latency, numeric performance data like CPU utilization, while Logs are for text-based events with higher latency.

How to eliminate wrong answers

Option B (Logs) is wrong because Azure Monitor Logs collects and stores textual, event-based data (e.g., system logs, application traces) with higher latency and is not optimized for real-time numeric performance counters like CPU utilization; it requires Log Analytics queries and is better suited for troubleshooting and historical analysis. Option C (Alerts) is wrong because Alerts are a notification mechanism that can be triggered by metric thresholds or log queries, but they are not a data collection or visualization feature themselves—they depend on Metrics or Logs as data sources. Option D (Workbooks) is wrong because Workbooks are interactive dashboards that combine data from multiple sources (Metrics, Logs, etc.) for visualization and reporting, but they do not natively collect or provide real-time CPU utilization data on their own.

39
Drag & Dropmedium

Arrange the steps to configure auto-scaling for an Azure App Service in the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

First navigate to App Service, then scale out, enable autoscale, configure rules, set limits.

40
MCQmedium

Your Azure Functions app (running on the Consumption plan) processes messages from an Azure Storage queue. Occasionally, the function fails due to a timeout after 5 minutes. You need to increase the maximum execution time without changing the plan. What should you do?

A.Set the functionTimeout property in host.json to 10 minutes
B.Migrate the function app to the Premium or Dedicated plan
C.Use Durable Functions to split the work
D.Increase the visibility timeout of the queue message
AnswerB

Premium and Dedicated plans support longer execution times.

Why this answer

Option C is correct because on the Consumption plan, the maximum execution time is 5 minutes by default and cannot be increased; you must upgrade to the Premium or Dedicated plan to have longer timeouts. Option A is wrong because the Consumption plan does not allow increasing functionTimeout beyond 10 minutes (actually 5 minutes for the Consumption plan). Option B is wrong because adjusting the queue message visibility timeout does not affect function execution time.

Option D is wrong because Azure Durable Functions can orchestrate longer workflows but the function itself still has a timeout.

41
Matchingmedium

Match each Azure container service to its primary use case.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Run containers on demand without orchestration

Managed Kubernetes cluster for orchestration

Serverless containers for microservices

Platform for building and managing microservices

Why these pairings

Azure provides multiple container services for different scenarios.

42
MCQmedium

You are monitoring a web application with Application Insights. The application occasionally returns HTTP 500 errors. You want to be notified immediately when the error rate exceeds 5% of all requests in a rolling 5-minute window. Which feature of Application Insights should you configure?

A.Create a Smart Detection rule for anomalous failures.
B.Create a metric alert on the 'Failed requests' metric with a threshold of 5%.
C.Create a log alert using a Kusto query that calculates the percentage of failed requests over the last 5 minutes, with an alert condition when the result exceeds 0.05.
D.Create an availability test that checks for HTTP 200 responses and alert on failures.
AnswerC

Log alerts allow complex queries. For example: 'requests | where timestamp > ago(5m) | summarize total=count(), failures=countif(success == false) | extend percent = failures * 100.0 / total | where percent > 5'. This triggers an alert when the condition is met.

Why this answer

Option C is correct because a log alert using a Kusto query allows you to calculate the exact percentage of failed requests over a rolling 5-minute window and trigger when that percentage exceeds 0.05 (5%). This is the only option that supports a dynamic, percentage-based threshold on a rolling time window, which is required for the stated condition. Metric alerts on 'Failed requests' measure absolute counts, not percentages, and Smart Detection does not allow custom percentage thresholds.

Exam trap

The trap here is that candidates confuse metric alerts (which work on absolute counts or rates) with log alerts (which can compute custom ratios like percentages), leading them to choose Option B without realizing that the 'Failed requests' metric cannot be configured to alert on a percentage threshold.

How to eliminate wrong answers

Option A is wrong because Smart Detection for anomalous failures uses machine learning to detect unusual patterns in failure rates, not a fixed 5% threshold over a 5-minute window; it cannot be configured to alert on a specific percentage. Option B is wrong because a metric alert on the 'Failed requests' metric measures the absolute count or rate of failed requests, not the percentage of failed requests relative to total requests; you cannot set a threshold of 5% on this metric directly. Option D is wrong because an availability test checks specific URLs for HTTP 200 responses and alerts on individual test failures, not on the aggregate error rate across all requests in a rolling time window.

43
MCQhard

You deploy a microservices architecture on Azure Kubernetes Service (AKS). Some pods report OOMKilled errors. Which diagnostic step should you take first?

A.Enable cluster autoscaler to add more nodes
B.Review container resource requests and limits in the pod YAML
C.Check node memory utilization with kubectl top nodes
D.Configure horizontal pod autoscaler based on memory
AnswerB

OOMKilled indicates the container exceeded its memory limit.

Why this answer

Option D is correct because reviewing container resource limits in the pod spec directly addresses memory constraints. Option A is wrong because nodes may have enough memory. Option B is wrong because cluster autoscaler adds nodes, not memory to existing pods.

Option C is wrong because HPA scales replicas, not memory limits.

44
MCQeasy

You are using Azure Application Insights to monitor a web application. You need to create a custom dashboard that shows the number of failed requests per endpoint over the last 24 hours. Which query language should you use?

A.Python
B.Kusto Query Language (KQL)
C.SQL
D.PowerShell
AnswerB

KQL is the query language for Azure Data Explorer and Application Insights.

Why this answer

Option B is correct because Application Insights uses Kusto Query Language (KQL) for querying telemetry. Options A, C, D are wrong because SQL, PowerShell, and Python are not supported in Application Insights for querying.

45
MCQeasy

You need to diagnose why an Azure App Service web app returns HTTP 503 errors during peak traffic. Which Application Insights feature should you use?

A.Availability tests
B.Log Analytics query for failed requests
C.Application Map
D.Live Metrics
AnswerD

Monitors real-time performance and errors.

Why this answer

Option B is correct because Live Metrics shows real-time performance and can pinpoint issues. Option A is wrong because it's for code-level exceptions. Option C is wrong because it's for deployment-related issues.

Option D is wrong because it's for log search, not real-time monitoring.

46
MCQhard

You deploy a microservices application to Azure Kubernetes Service (AKS). The application uses Azure Cache for Redis to store session state. Users report that they are frequently logged out. You suspect that the session data is being evicted from the cache. Which configuration change should you make to reduce evictions?

A.Enable clustering for the cache
B.Enable data persistence using RDB or AOF
C.Increase the maxmemory-reserved setting or change eviction policy
D.Upgrade to a higher-tier Azure Cache for Redis
AnswerC

Increasing reserved memory or using a more suitable eviction policy reduces evictions.

Why this answer

Option B is correct because increasing the maxmemory-policy to 'allkeys-lru' or increasing memory allocation reduces evictions. Option A is wrong because enabling persistence (RDB/AOF) does not prevent evictions. Option C is wrong because enabling clustering adds complexity and does not directly reduce evictions.

Option D is wrong because using a different tier with more memory is a valid solution, but the question asks for a configuration change within the existing cache instance.

47
MCQmedium

You are investigating a slow API call in your Azure web app. Application Insights shows that the request took 10 seconds. You need to view all the dependencies (database calls, external HTTP requests) that contributed to this request. What should you use?

A.Application Map
B.Live Metrics
C.Transaction Search
D.Usage Analysis
AnswerC

Transaction Search lets you find a specific request by its ID or properties and view the full transaction trace including all dependencies.

Why this answer

Transaction Search (now part of the 'Search' experience in Application Insights) allows you to query individual requests and drill into their correlated dependency calls, such as SQL queries or external HTTP requests, showing the exact duration and sequence of each dependency. This is the correct tool to identify which specific dependencies contributed to the 10-second request latency.

Exam trap

The trap here is that candidates often confuse Application Map (a high-level topology view) with the detailed dependency drill-down available in Transaction Search, leading them to choose A when they need to see the specific calls and timings for a single request.

How to eliminate wrong answers

Option A is wrong because Application Map provides a topological view of your application's components and their health, but it does not show the detailed dependency call list or timing for a specific request. Option B is wrong because Live Metrics shows real-time performance data (e.g., request rate, failure count) but does not allow you to inspect historical dependency details for a past slow request. Option D is wrong because Usage Analysis focuses on user behavior metrics (e.g., page views, sessions) and is not designed for diagnosing dependency-level performance issues.

48
MCQmedium

You are troubleshooting an Azure App Service that runs a Node.js application. The application returns HTTP 500 errors intermittently. Application Insights is configured. Which telemetry item should you examine first to find the root cause?

A.Exceptions
B.Traces
C.Dependencies
D.Requests
AnswerA

Exceptions telemetry captures detailed error information.

Why this answer

Option D is correct because exceptions telemetry captures unhandled exceptions and stack traces. Option A (traces) may not include errors. Option B (requests) shows success/failure but not details.

Option C (dependencies) shows external calls.

49
Multi-Selecthard

Which THREE actions should you take to optimize cost for an Azure Functions app that processes messages from a queue?

Select 3 answers
A.Use Consumption plan instead of Premium
B.Implement batch processing to reduce the number of function executions
C.Use Premium plan only during peak hours with auto-scale
D.Enable Always On to keep the app warm
E.Increase function timeout to reduce retries
AnswersA, B, C

Pay-per-execution is cost-effective for variable workloads.

Why this answer

Options A, C, and E are correct. Using Consumption plan scales costs with usage, batching reduces executions, and using Premium only when needed avoids fixed costs. Option B is wrong because Always On keeps app running.

Option D is wrong because increased timeout doesn't reduce cost.

50
MCQhard

You are optimizing an Azure SQL Database that runs a heavy reporting workload. Queries are slow due to high logical reads. Which index strategy should you recommend?

A.Use columnstore indexes on fact tables
B.Create nonclustered indexes with included columns
C.Disable auto-update statistics
D.Rebuild clustered indexes with higher fill factor
AnswerB

Included columns create covering indexes that reduce logical reads.

Why this answer

Option D is correct because covering indexes include all columns needed by queries, reducing reads. Option A is wrong because it's for key lookups, not covering. Option B is wrong because clustered index doesn't cover all columns.

Option C is wrong because columnstore indexes are for large scans, not OLTP.

51
Multi-Selecthard

Which THREE metrics should you monitor to determine if an Azure Kubernetes Service (AKS) cluster is running optimally? (Choose three.)

Select 3 answers
A.Node CPU usage percentage
B.API server request latency
C.Network bytes sent and received
D.Disk I/O throughput
E.Pod memory usage percentage
AnswersA, D, E

High CPU may indicate need to scale.

Why this answer

Option A (Node CPU), Option B (Pod memory), and Option D (Disk I/O) are correct because they directly affect pod performance and cluster health. Option C (API server latency) is important but not a direct indicator of cluster workload optimization. Option E (Network bytes) is less critical for optimization.

52
MCQmedium

Your Azure Kubernetes Service (AKS) cluster experiences node failures. Which Azure service provides automated node repair?

A.Azure Sentinel
B.Microsoft Defender for Cloud
C.AKS node auto-repair
D.Azure Monitor
AnswerC

Automatically repairs unhealthy nodes.

Why this answer

Option B is correct because AKS node auto-repair is a built-in feature. Option A is wrong because Azure Monitor only provides observability. Option C is wrong because it's a security solution.

Option D is wrong because it's a SIEM/SOAR solution.

53
MCQeasy

An application uses Azure Application Insights for monitoring. You need to write a query to analyze the number of failed requests and exceptions over the past hour. Which query language should you use?

A.SQL
B.Kusto Query Language (KQL)
C.PowerShell
D.Azure CLI
AnswerB

KQL is the native query language for Azure Monitor Logs and Application Insights.

Why this answer

Azure Application Insights stores telemetry data in a Log Analytics workspace, which is queried using Kusto Query Language (KQL). KQL is the native query language for Azure Data Explorer and is specifically designed for time-series analysis, filtering, and aggregation of log data. To analyze failed requests and exceptions over the past hour, you would use KQL operators like `where`, `summarize`, and `bin` to filter by timestamp and count events.

Exam trap

The trap here is that candidates may confuse KQL with SQL due to superficial similarities in syntax (e.g., `where` clauses), but Azure Application Insights exclusively uses KQL, not SQL, for log queries.

How to eliminate wrong answers

Option A is wrong because SQL is not supported for querying Application Insights data; the underlying storage is a column-store optimized for KQL, not a relational database. Option C is wrong because PowerShell is a scripting language used for automation and resource management, not for querying telemetry data directly from Application Insights. Option D is wrong because Azure CLI is a command-line tool for managing Azure resources, not a query language for analyzing log data.

54
MCQmedium

You have an Azure Function app that uses Durable Functions. You notice that some orchestrations are taking longer than expected. You need to monitor the history of orchestration instances. What should you use?

A.Application Insights
B.Azure Monitor Metrics
C.Azure Storage Explorer
D.Durable Functions HTTP management APIs
AnswerD

The management APIs provide orchestration instance history.

Why this answer

Option B is correct because the Durable Functions management APIs provide instance history. Option A (Application Insights) can show telemetry but not orchestration history directly. Option C (Azure Monitor) is for infrastructure.

Option D (Azure Storage Explorer) shows raw storage data.

55
MCQhard

You query Application Insights with the KQL query in the exhibit. The chart shows a spike in 500 errors at 2:00 PM. What is the next step to diagnose the cause?

A.Check availability tests for the same period
B.Query exceptions and traces for the 2:00 PM hour
C.Scale up the App Service plan
D.Run a profiler on the 2:00 PM time range
AnswerB

Correlating exceptions and traces helps find the root cause of errors.

Why this answer

Option C is correct because drilling into traces and exceptions around that time can pinpoint the specific error. Option A (profiler) is for slow requests. Option B (availability tests) check endpoints.

Option D (scaling) is not diagnostic.

56
MCQmedium

Your team is using Azure DevOps to deploy an Azure Kubernetes Service (AKS) cluster. You want to automatically roll back a deployment if the new version causes a high error rate. Which Azure service should you use to implement this?

A.Azure Service Health
B.Azure Monitor
C.Azure Traffic Manager
D.Azure Policy
AnswerB

Azure Monitor can detect error rates and trigger alerts that can be used by Azure DevOps for rollback.

Why this answer

Option D is correct because Azure Monitor autoscale is not for rollback; you need to use a deployment strategy with health probes and maybe a tool like Azure Deployment Manager or progressive exposure in Azure DevOps. However, the most direct answer for automated rollback based on metrics is to configure a canary deployment with Azure App Configuration or use Azure DevOps release gates. The question asks for a service, and Azure Monitor can detect errors, but for automated rollback, you typically use Azure DevOps with monitoring.

Among the options, Azure Monitor combined with Azure DevOps release gates is the best. But given the limited options, 'Azure Monitor' is the core service for error detection. The correct answer is 'Azure Monitor' because it provides the metrics that trigger the rollback.

Option A is wrong because Azure Policy is for compliance. Option B is wrong because Azure Service Health is for Azure platform issues. Option C is wrong because Azure Traffic Manager is for DNS traffic routing.

57
Multi-Selectmedium

Which TWO Azure services can be used to monitor and diagnose performance issues in an Azure Kubernetes Service (AKS) cluster?

Select 2 answers
A.Microsoft Defender for Cloud
B.Azure Network Watcher
C.Application Insights for AKS
D.Azure SQL Analytics
E.Azure Monitor Container Insights
AnswersC, E

Provides distributed tracing and diagnostics.

Why this answer

Options A and C are correct. Container Insights monitors container workload performance, and Azure Monitor for AKS (part of Container Insights) provides diagnostics. Option B is wrong because it's for databases.

Option D is wrong because it's a security solution. Option E is wrong because it's for network management.

58
MCQmedium

You are monitoring an Azure App Service using Application Insights. You notice that the server response time is high for certain requests. You need to drill down to see which external dependencies (like databases or APIs) are causing the delay. Which Application Insights feature should you use?

A.Live Metrics
B.Application Map
C.Profiler
D.Snapshot Debugger
AnswerC

Profiler captures per-request execution traces, including time spent in external dependencies, helping identify which dependency is slow.

Why this answer

Profiler (C) is correct because it provides a detailed, code-level view of request processing, including the time spent on each external dependency call (e.g., SQL queries, HTTP calls to APIs). It captures execution traces that break down the total server response time into individual dependency durations, allowing you to pinpoint which external service is causing the delay.

Exam trap

The trap here is that candidates confuse Application Map (which shows dependency relationships) with Profiler (which shows per-request timing), leading them to select a visualization tool instead of a performance-analysis tool.

How to eliminate wrong answers

Option A is wrong because Live Metrics shows real-time telemetry (e.g., request rate, failure count) but does not provide dependency-level breakdowns or call-duration details. Option B is wrong because Application Map visualizes the topology of your application and its dependencies but does not drill into per-request timing or trace individual dependency calls. Option D is wrong because Snapshot Debugger captures debug snapshots on exceptions, not for analyzing response-time delays caused by dependencies.

59
MCQhard

Refer to the exhibit. You run these Azure CLI commands for an Azure Function app. When the app is accessed from https://app.contoso.com, what is the expected behavior?

A.Only GET requests are allowed
B.Requests from the allowed origin are accepted
C.Requests are blocked because FTPS is required
D.All requests are blocked because no origins are allowed
AnswerB

CORS allows requests from https://app.contoso.com.

Why this answer

Option B is correct because CORS allows the origin, so requests from that origin will succeed. Option A is wrong because FTPS is not related to CORS. Option C is wrong because CORS allows all methods by default.

Option D is wrong because CORS is configured correctly.

60
Drag & Dropmedium

Arrange the steps to create a CI/CD pipeline using Azure DevOps for an Azure App Service in the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

First create repo and push code, then build pipeline, release pipeline, CI trigger, approval gates.

61
MCQmedium

A developer needs to run a Kusto query against application request data to identify 95th percentile latency by operation. Where should the query be run? The architecture review board prefers a managed AWS-native control.

A.Logs in Application Insights or the associated Log Analytics workspace
B.Microsoft Entra audit logs
C.Azure Key Vault diagnostic settings
D.Azure Resource Graph only
AnswerA

Application Insights stores telemetry that can be queried with KQL in Logs.

Why this answer

Application Insights stores telemetry data, including request latency, in a Log Analytics workspace. Kusto queries against this data can compute percentiles (e.g., 95th) using the `percentile()` function. This is the correct location because the architecture review board prefers a managed AWS-native control, and Log Analytics is the native Azure monitoring service for running such queries.

Exam trap

The trap here is that candidates may confuse Azure Resource Graph with Log Analytics, thinking it can query telemetry data, but Resource Graph only returns resource inventory and configuration state, not performance metrics.

How to eliminate wrong answers

Option B is wrong because Microsoft Entra audit logs contain sign-in and directory activity, not application request latency data. Option C is wrong because Azure Key Vault diagnostic settings capture vault access logs (e.g., get, list, delete operations), not application performance metrics like latency. Option D is wrong because Azure Resource Graph only queries Azure resource metadata and configurations, not telemetry or performance data from applications.

62
MCQmedium

You have a web application monitored by Application Insights. You want to receive an alert when the average server response time exceeds 2 seconds for a rolling 5-minute period. Which alert rule type should you create?

A.Application Insights metric alert on 'Server response time' with condition 'Greater than 2' and evaluation frequency 5 minutes
B.Log alert based on a Kusto query that measures average response time in 5-minute windows
C.Smart Detection alert on response time degradation
D.Availability test alert for HTTP response time
AnswerA

Metric alerts are designed for threshold-based monitoring; this configuration will fire if the 5-minute average exceeds 2 seconds.

Why this answer

A metric alert on 'Server response time' is the correct choice because it continuously evaluates the average server response time over a rolling 5-minute window and triggers when the value exceeds 2 seconds. Metric alerts are designed for near-real-time monitoring of performance counters like response time, with a fixed evaluation frequency that matches the aggregation window, making them ideal for this scenario.

Exam trap

The trap here is confusing metric alerts (which evaluate pre-aggregated performance counters in near-real-time) with log alerts (which require querying raw telemetry data and have higher latency), leading candidates to incorrectly choose the log-based option for a simple threshold-based metric condition.

How to eliminate wrong answers

Option B is wrong because a Log alert based on a Kusto query is designed for analyzing log data (e.g., traces, exceptions) and incurs ingestion latency, making it unsuitable for low-latency, rolling-window performance thresholds like server response time. Option C is wrong because Smart Detection alerts use machine learning to detect anomalies in response time patterns, not a fixed threshold of 2 seconds over a 5-minute period. Option D is wrong because Availability test alerts monitor the availability and responsiveness of an endpoint from multiple locations, not the average server response time for all requests over a rolling window.

63
MCQeasy

You deploy a web app to Azure App Service. Users report intermittent 500 errors. How should you enable detailed error logging?

A.Configure Azure Storage account diagnostics
B.Set up Azure DNS logging
C.Enable Application Insights for the web app
D.Enable Azure Front Door logging
AnswerC

Captures exceptions and traces.

Why this answer

Option A is correct because Application Insights provides detailed error tracking. Option B is wrong because it's for storage. Option C is wrong because it's a CDN.

Option D is wrong because it's for DNS.

64
MCQmedium

You are monitoring an Azure web app using Application Insights. You need to create a query that returns the average duration of requests for each HTTP method (GET, POST, etc.) over the last hour, sorted by duration. Which Kusto query should you use?

A.requests | summarize avg(duration) by method | order by avg_duration desc
B.requests | summarize avg(duration) by method | sort by method asc
C.requests | where timestamp > ago(1h) | summarize avg(duration) by method | order by avg_duration desc
D.requests | where timestamp > ago(1h) | summarize avg(duration) by method | sort by method
AnswerC

Correct. Filters to the last hour, summarizes by method with average duration, and orders descending by that average.

Why this answer

Option C is correct because it first filters requests to only those from the last hour using `where timestamp > ago(1h)`, then calculates the average duration grouped by HTTP method with `summarize avg(duration) by method`, and finally orders the results by the computed average duration in descending order using `order by avg_duration desc`. This matches the requirement exactly: last hour, average duration per method, sorted by duration.

Exam trap

The trap here is that candidates often forget to apply the time filter (`where timestamp > ago(1h)`) or mistakenly sort by the method name instead of the computed average duration, because the question explicitly says 'sorted by duration' but the options include plausible but incorrect sort columns.

How to eliminate wrong answers

Option A is wrong because it omits the time filter (`where timestamp > ago(1h)`), so it would return average durations across all historical data, not just the last hour. Option B is wrong because it also lacks the time filter and sorts by method name ascending instead of by average duration, which does not satisfy the 'sorted by duration' requirement. Option D is wrong because although it correctly filters to the last hour and summarizes by method, it sorts by the method name (alphabetically) rather than by the average duration, failing the 'sorted by duration' condition.

65
MCQmedium

You are monitoring an Azure Web App with Application Insights. You notice that the dependency duration for a SQL database call has significantly increased. You need to identify the specific SQL query that is causing the slowness. Which Application Insights feature should you use?

A.Application Map
B.Performance blade and drill into Dependencies
C.Live Metrics Stream
D.Smart Detection
AnswerB

The Performance blade shows dependency details including SQL query text, duration, and count, allowing you to identify slow queries.

Why this answer

The Performance blade in Application Insights allows you to drill into specific operations, including dependencies. By selecting the SQL dependency with increased duration, you can view the 'Dependencies' tab to see the exact SQL query text, duration, and other details. This directly identifies the slow query without needing to instrument code changes.

Exam trap

The trap here is that candidates often confuse the high-level monitoring view (Application Map) or real-time streaming (Live Metrics) with the diagnostic drill-down capability of the Performance blade, which is specifically designed for root-cause analysis of slow operations.

How to eliminate wrong answers

Option A is wrong because Application Map provides a visual overview of component interactions and dependency health, but it does not show the specific SQL query text or allow drilling into individual slow queries. Option C is wrong because Live Metrics Stream shows real-time performance data but does not retain historical query details or allow deep analysis of specific slow dependencies. Option D is wrong because Smart Detection proactively alerts on anomalies but does not provide the raw query text or a drill-down interface to identify the specific SQL statement causing slowness.

66
MCQmedium

You have an App Service web app with Application Insights configured. You want to create an alert that fires when the server response time exceeds 2 seconds for a rolling 10-minute window. Which type of alert rule should you create?

A.Log alert
B.Metric alert
C.Activity log alert
D.Smart detection alert
AnswerB

Correct. Metric alerts monitor a single metric (like server response time) over a rolling window and trigger when the threshold is breached.

Why this answer

Metric alerts in Azure Monitor evaluate resource-level performance counters at regular intervals, making them ideal for threshold-based conditions like server response time. Application Insights automatically collects server response time as a pre-aggregated metric, so a metric alert can check whether the average exceeds 2 seconds over a rolling 10-minute window without needing to query raw log data.

Exam trap

The trap here is that candidates confuse log-based queries (Log Analytics) with metric-based thresholds, assuming that any Application Insights data must be queried via logs, when in fact common performance counters like server response time are exposed as metrics for simpler and faster alerting.

How to eliminate wrong answers

Option A is wrong because log alerts run Kusto queries against log data (e.g., requests table) and are better suited for complex patterns or correlation across multiple signals, not for simple, low-latency threshold checks on a single metric. Option C is wrong because activity log alerts fire only on Azure resource management events (e.g., create, delete, scale) and cannot monitor application performance metrics like server response time. Option D is wrong because smart detection alerts use machine learning to automatically detect anomalies in telemetry patterns (e.g., sudden failure spikes) and cannot be configured with a fixed threshold of 2 seconds.

67
MCQmedium

An Azure web app is experiencing high memory usage. You want to collect memory dumps periodically to analyze the issue without restarting the app. Which Azure App Service diagnostic feature should you use?

A.Application Insights Profiler
B.Diagnostic Settings
C.Application Snapshot Debugger
D.Auto-healing
AnswerC

Application Snapshot Debugger captures memory snapshots or dumps on demand without restarting the app, enabling analysis of memory issues.

Why this answer

The Application Snapshot Debugger is the correct feature because it captures memory dumps (snapshots) of a production web app at the point of an exception or high memory usage without restarting the app. It is specifically designed for debugging memory leaks and high CPU/memory issues in Azure App Service, providing a periodic snapshot of the process heap.

Exam trap

The trap here is that candidates confuse Application Insights Profiler (which profiles CPU/request timing) with the Snapshot Debugger (which captures memory dumps), or they assume Diagnostic Settings can collect in-process memory dumps when it only handles log streaming.

How to eliminate wrong answers

Option A is wrong because Application Insights Profiler is a performance tracing tool that captures CPU and request execution time profiles, not memory dumps; it does not capture heap snapshots. Option B is wrong because Diagnostic Settings is used to stream platform logs and metrics to destinations like Log Analytics or Storage, not to collect in-process memory dumps. Option D is wrong because Auto-healing is a recovery feature that restarts or recycles the app based on conditions like memory thresholds, but it does not collect memory dumps for analysis and would restart the app, which contradicts the requirement to avoid restarting.

68
MCQeasy

You are monitoring an Azure App Service with Application Insights. You need to create a custom dashboard that shows the number of requests over time and the average server response time. Which Application Insights feature should you use to create this dashboard?

A.Live Metrics Stream
B.Metrics Explorer
C.Analytics (Logs)
D.Availability Tests
AnswerB

Metrics Explorer lets you select metrics like 'Requests' and 'Average server response time', configure aggregation, and chart them over a time range. Charts can be pinned to a dashboard for continuous monitoring.

Why this answer

Metrics Explorer is the correct feature because it allows you to create custom charts and dashboards by selecting specific metrics like 'Requests' and 'Server response time' from your Application Insights resource. You can aggregate these metrics over time and pin them to an Azure dashboard for monitoring. Live Metrics Stream shows real-time data but cannot be used for historical charting or dashboard pinning, while Analytics (Logs) requires Kusto queries for custom visualizations and is not optimized for simple metric dashboards.

Exam trap

The trap here is that candidates often confuse Live Metrics Stream (real-time) with Metrics Explorer (historical and dashboard-capable), or assume that Analytics (Logs) is the only way to create custom visualizations, overlooking the simpler and more appropriate Metrics Explorer for pre-aggregated metric dashboards.

How to eliminate wrong answers

Option A is wrong because Live Metrics Stream displays real-time telemetry with near-zero latency but does not support historical data aggregation or pinning to a persistent dashboard; it is designed for live debugging, not for creating a dashboard of requests over time. Option C is wrong because Analytics (Logs) uses Kusto Query Language (KQL) to query raw log data and can build charts, but it is not the primary feature for simple metric-based dashboards; Metrics Explorer is the dedicated tool for pre-aggregated metrics with built-in charting and dashboard integration. Option D is wrong because Availability Tests are used to monitor the uptime and responsiveness of your web application from multiple locations, generating test results and alerts, but they do not provide the request count or server response time metrics needed for the described dashboard.

69
MCQhard

Your team uses Azure DevOps to deploy a web app to Azure App Service. The deployment fails intermittently with a '500 Internal Server Error' after successful code upload. You want to capture a memory dump of the process when the error occurs. What should you configure?

A.Configure an autoscale rule in Azure Monitor
B.Use App Service Diagnostics to collect a memory dump
C.Set up Azure API Management policies
D.Enable Application Insights Snapshot Debugger
AnswerB

App Service Diagnostics can capture memory dumps on demand.

Why this answer

Option D is correct because App Service Diagnostics provides the ability to collect memory dumps and procdumps for crash analysis. Options A, B, C are wrong because Application Insights Snapshot Debugger, Azure Monitor autoscale, and Azure API Management do not capture memory dumps on the App Service.

70
MCQeasy

You are troubleshooting a slow web application hosted on Azure App Service. The application uses Azure SQL Database. You suspect that the database queries are taking too long. Which Azure Monitor feature should you use to identify slow queries?

A.Azure Activity Log
B.Azure Advisor
C.Azure Monitor Metrics
D.Azure SQL Analytics
AnswerD

Azure SQL Analytics provides query performance insights.

Why this answer

Option C is correct because Azure SQL Analytics (now part of Azure Monitor) provides query performance insights. Option A is wrong because Azure Monitor Metrics does not include query details. Option B is wrong because Azure Activity Log tracks control plane operations.

Option D is wrong because Azure Advisor provides recommendations, not detailed query performance.

71
MCQmedium

You are monitoring an e-commerce application with Application Insights. You need to analyze all exceptions that occurred in the last 24 hours, grouped by the exception type. You also need to include the URL where each exception was triggered and the number of times each type occurred. Which Log Analytics Kusto query should you use?

A.exceptions | where timestamp > ago(24h) | join kind=inner requests on operation_Id | extend exceptionType = tostring(innermostType) | summarize Count=count() by exceptionType, url
B.exceptions | where timestamp > ago(24h) | extend exceptionType = tostring(customDimensions.['ExceptionType']) | summarize Count=count() by exceptionType, url = tostring(customDimensions.['Url'])
C.requests | where timestamp > ago(24h) and success == false | extend exceptionType = tostring(resultCode) | summarize Count=count() by exceptionType, url
D.exceptions | where timestamp > ago(24h) | extend exceptionType = tostring(innermostType) | summarize Count=count() by exceptionType
AnswerA

This query joins the exceptions table with the requests table on operation_Id to get the URL (from requests table), then groups by exceptionType (innermostType) and url, counting occurrences.

Why this answer

Option A is correct because it uses the `exceptions` table to filter exceptions from the last 24 hours, joins with the `requests` table on `operation_Id` to correlate each exception with the request URL, and then summarizes the count by exception type (extracted from `innermostType`) and URL. This meets all requirements: grouping by exception type, including the URL, and counting occurrences.

Exam trap

The trap here is that candidates might think exception details (like type and URL) are stored directly in the `exceptions` table, but the URL is only available via a join with the `requests` table, and the exception type is in `innermostType`, not custom dimensions.

How to eliminate wrong answers

Option B is wrong because it attempts to extract exception type and URL from `customDimensions`, but the standard Application Insights schema stores the exception type in `innermostType` (or `type`) and the request URL in the `requests` table, not in custom dimensions. Option C is wrong because it queries the `requests` table for failed requests (success == false) and uses `resultCode` as the exception type, which only gives HTTP status codes (e.g., 500) rather than actual exception types (e.g., NullReferenceException). Option D is wrong because it summarizes by exception type only, omitting the URL column that the question explicitly requires.

72
MCQeasy

The team needs to receive an email when an App Service's HTTP 5xx error rate exceeds 5 percent for more than five consecutive minutes. No custom code should be written. What combination of Azure Monitor features implements this requirement?

A.Create a metric alert on the Http5xxErrors metric with a 5-percent threshold, a 5-minute evaluation window, and an action group that sends email
B.Create a log alert that queries the App Service diagnostic log table every 5 minutes and emails the team if the 5xx count exceeds a threshold
C.Enable Application Insights availability tests and configure an alert on test failure rate
D.Configure a diagnostic setting to stream logs to Azure Storage, then write a Function that reads the storage file and sends email when errors are found
AnswerA

App Service emits Http5xxErrors as a platform metric. A metric alert configured with a 5-percent threshold and a PT5M evaluation window checks the condition every minute and fires after the threshold is breached continuously for 5 minutes. The action group routes the alert to the team's email.

Why this answer

Option A is correct because Azure Monitor metric alerts can directly evaluate the Http5xxErrors metric over a specified time window (e.g., 5 minutes) and trigger an action group when the threshold (5%) is breached. This requires no custom code and uses the native metric alert pipeline, which polls the metric every minute and aggregates over the evaluation window to detect sustained violations.

Exam trap

The trap here is that candidates often confuse metric alerts (which work on platform metrics like Http5xxErrors) with log alerts (which require querying diagnostic logs), or mistakenly think Application Insights availability tests are the correct tool for server-side error monitoring.

How to eliminate wrong answers

Option B is wrong because log alerts query diagnostic logs, which are not real-time and incur additional ingestion costs; they also require custom KQL queries and are not as straightforward as metric alerts for simple threshold-based monitoring. Option C is wrong because Application Insights availability tests measure endpoint responsiveness (e.g., HTTP 200/404) and failure rates, not server-side HTTP 5xx errors from App Service; they are designed for synthetic transaction monitoring, not server error rate alerts. Option D is wrong because it requires writing a custom Azure Function to read storage blobs and send emails, violating the 'no custom code' requirement; it also introduces unnecessary complexity and latency compared to built-in metric alerts.

73
MCQmedium

A developer needs to run a Kusto query against application request data to identify 95th percentile latency by operation. Where should the query be run? The design must avoid adding custom operational scripts.

A.Logs in Application Insights or the associated Log Analytics workspace
B.Microsoft Entra audit logs
C.Azure Key Vault diagnostic settings
D.Azure Resource Graph only
AnswerA

Application Insights stores telemetry that can be queried with KQL in Logs.

Why this answer

Application Insights and its associated Log Analytics workspace store application request data and support Kusto Query Language (KQL) queries. Running a Kusto query against the `requests` table in the Logs workspace allows you to calculate percentile latency (e.g., using the `percentiles()` function) without custom operational scripts, as this is a built-in capability.

Exam trap

The trap here is that candidates may confuse Azure Resource Graph (which queries resource metadata) with Log Analytics (which queries telemetry data), leading them to choose Option D despite its inability to handle application performance queries.

How to eliminate wrong answers

Option B is wrong because Microsoft Entra audit logs contain sign-in and directory activity, not application request latency data. Option C is wrong because Azure Key Vault diagnostic settings capture vault access and management events, not application request performance metrics. Option D is wrong because Azure Resource Graph is designed for querying Azure resource inventory and configuration across subscriptions, not for analyzing application telemetry like request latency.

74
MCQmedium

You are using Application Insights to monitor a web app. You want to automatically analyze and alert on sudden increases in request failure rates, without manually setting static thresholds. Which Application Insights feature should you use?

A.Smart Detection
B.Application Insights Profiler
C.Live Metrics Stream
D.Continuous Export
AnswerA

Smart Detection uses machine learning to detect anomalies like failure rate increases and sends alerts automatically.

Why this answer

Smart Detection in Application Insights automatically analyzes telemetry from your web app to detect anomalies, such as sudden increases in request failure rates, without requiring manual static thresholds. It uses machine learning models to adapt to your app's normal behavior and alert on deviations, making it ideal for dynamic monitoring scenarios.

Exam trap

The trap here is that candidates often confuse Live Metrics Stream (real-time but no analysis) with Smart Detection (which provides automatic anomaly detection and alerting), leading them to choose the wrong option for failure rate analysis.

How to eliminate wrong answers

Option B (Application Insights Profiler) is wrong because it is designed for performance profiling and tracing slow requests, not for analyzing failure rates or setting alerts. Option C (Live Metrics Stream) is wrong because it provides real-time monitoring of metrics but does not include automatic anomaly detection or alerting on failure rate changes. Option D (Continuous Export) is wrong because it exports telemetry data to storage for long-term analysis, but it does not analyze data or generate alerts for sudden failure rate increases.

75
MCQmedium

Your application running on Azure App Service is experiencing intermittent timeouts. You have configured Application Insights to collect telemetry. Which metric should you analyze in the Azure portal to identify the slowest dependencies?

A.Request Duration
B.Failed Requests
C.Dependency Duration
D.Availability
AnswerC

Dependency Duration shows the time spent on external service calls.

Why this answer

Option C is correct because the 'Dependency Duration' metric in Application Insights shows the duration of calls to external dependencies. Option A is wrong because 'Request Duration' only measures the total time for requests, not specific dependencies. Option B is wrong because 'Availability' measures uptime, not performance.

Option D is wrong because 'Failed Requests' tracks errors, not duration.

Page 1 of 2 · 116 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Monitor, troubleshoot, and optimize Azure solutions questions.