CCNA Design business continuity solutions Questions

75 of 201 questions · Page 2/3 · Design business continuity solutions · Answers revealed

76
MCQhard

You are designing a business continuity solution for a globally distributed SaaS application that uses Azure Cosmos DB for its operational store. The application must survive a complete regional outage with zero data loss and automatic failover. What should you use?

A.Configure a single write region in Cosmos DB with eventual consistency and manual failover.
B.Configure Cosmos DB with a single write region, strong consistency, and enable automatic failover to a secondary region.
C.Enable multi-region writes in Cosmos DB with eventual consistency and automatic failover.
D.Use Azure SQL Database with active geo-replication and automatic failover.
AnswerB

Strong consistency ensures RPO=0, and automatic failover meets RTO.

Why this answer

Option D is correct because Cosmos DB multi-region writes with the strong consistency mode in a single-region write configuration ensures no data loss (RPO=0) and automatic failover via the service-managed failover policy. Option A is wrong because multi-region writes with eventual consistency can result in data loss. Option B is wrong because a single-region write with eventual consistency has an RPO > 0.

Option C is wrong because Azure SQL Database geo-replication is not the right service.

77
MCQhard

You are reviewing a recovery plan for Azure Site Recovery. The exhibit shows a snippet of the recovery plan configuration. What is the purpose of the script action defined in the exhibit?

A.To run a custom script on the recovered VMs after they boot up during test and unplanned failover.
B.To run a script before the VMs shut down during failover.
C.To update the Azure DNS records after failover.
D.To run a script only during planned failover from the primary to the recovery region.
AnswerA

The script action is defined in the Boot group and applies to TestFailover and UnplannedFailover types.

Why this answer

The script action runs a PowerShell script after the VMs boot (during the Boot group) for test and unplanned failovers. This script is typically used to perform post-failover tasks such as updating DNS records or configuring application settings. Option A is incorrect because the script runs after boot, not before shutdown.

Option C is incorrect because the script runs only for specific failover directions. Option D is incorrect because the script is not limited to planned failover.

78
MCQmedium

A database workload has an RPO of 15 minutes and an RTO of 4 hours. Cost is more important than near-zero data loss. Which design is usually more appropriate than synchronous multi-region replication?

A.Use scheduled backups or asynchronous replication aligned to the RPO/RTO.
B.Use synchronous replication across every Azure region.
C.Run the database on a single VM with no backups.
D.Use a public DNS CNAME only.
AnswerA

The requirement does not justify the cost and complexity of synchronous multi-region replication.

Why this answer

Option A is correct because the workload's RPO of 15 minutes and RTO of 4 hours, combined with a cost-sensitive requirement that deprioritizes near-zero data loss, makes synchronous multi-region replication overkill. Scheduled backups (e.g., every 15 minutes using Azure SQL Database automated backups with point-in-time restore) or asynchronous replication (e.g., Azure SQL Database active geo-replication with a recovery point objective of up to 5 seconds, but here we can tune it to meet 15 minutes) provide sufficient protection at a lower cost, avoiding the latency and expense of synchronous replication across regions.

Exam trap

The trap here is that candidates often assume synchronous replication is always the best choice for business continuity, but the question explicitly prioritizes cost over near-zero data loss, making asynchronous replication or scheduled backups the more appropriate and cost-effective design.

How to eliminate wrong answers

Option B is wrong because synchronous replication across every Azure region would incur high latency, significant cost, and unnecessary complexity for a workload that tolerates up to 15 minutes of data loss and 4 hours of downtime; it is designed for near-zero RPO scenarios, which the question explicitly de-emphasizes. Option C is wrong because running the database on a single VM with no backups provides no recovery point or recovery time guarantee, violating the stated RPO of 15 minutes and RTO of 4 hours entirely. Option D is wrong because a public DNS CNAME only provides DNS-level redirection, not any database replication, backup, or failover capability, so it cannot meet the RPO or RTO requirements.

79
MCQhard

Refer to the exhibit. The JSON snippet shows the properties of a replication-protected item in Azure Site Recovery. What is the MOST LIKELY reason for the replication health being 'Critical'?

A.The replication storage account is misconfigured
B.There is a network connectivity issue between the on-premises site and Azure
C.A planned failover was completed, stopping replication
D.A test failover was initiated but not cleaned up
AnswerC

After a planned failover, replication stops, causing critical health until replication is resumed.

Why this answer

Option B is correct because the 'currentProtectionState' is 'PlannedFailoverCompleted', which means a planned failover has been executed and the replication from on-premises to Azure has stopped. After a planned failover, replication is no longer active, leading to a critical health state. Option A is wrong because a pending test failover would show a different state (e.g., 'TestFailoverInitiated' or 'TestFailoverCompleted').

Option C is wrong because network connectivity issues would likely show a different state like 'InitialReplicationPending' or 'ReplicationNotStarting'. Option D is wrong because a storage account misconfiguration would cause replication errors, not a completed planned failover state.

80
Multi-Selectmedium

Which THREE Azure services can be used to implement a disaster recovery plan for Azure Virtual Desktop (AVD) that meets an RTO of 2 hours and an RPO of 30 minutes? (Select THREE.)

Select 3 answers
A.Azure Database for MySQL
B.Azure Migrate
C.Azure Site Recovery
D.Azure Backup
E.Azure Files with geo-redundant storage
AnswersC, D, E

Replicates session host VMs cross-region.

Why this answer

Options A, C, and E are correct. Azure Site Recovery can replicate AVD session host VMs. Azure Files can store FSLogix profiles in a geo-redundant storage account.

Azure Backup can back up the AVD configuration and user data. Options B and D are wrong: Azure Migrate is for migration, not DR; Azure Database for MySQL is not typically part of AVD.

81
MCQmedium

A company runs a critical application that uses Azure SQL Managed Instance in the West Europe region. They need to ensure that the database remains available if a regional failure occurs. The solution must provide automatic failover with an RPO of less than 5 seconds and an RTO of less than 1 minute. The secondary region must also be able to serve read-only queries for reporting purposes. Which Azure service should they use?

A.Configure Azure SQL Managed Instance with an auto-failover group to a secondary instance in North Europe.
B.Enable read-access geo-redundant storage (RA-GRS) on the storage account hosting the database files.
C.Deploy SQL Server Always On Availability Groups with a synchronous replica in North Europe.
D.Use Azure Site Recovery to replicate the SQL Managed Instance to a secondary region as a virtual machine.
AnswerA

Auto-failover groups provide synchronous replication with automatic failover, low RPO/RTO, and allow read-only queries on the secondary.

Why this answer

Azure SQL Managed Instance supports auto-failover groups, which enable automatic, synchronous replication of databases to a secondary instance in a paired region (North Europe). This provides an RPO of less than 5 seconds (synchronous commit) and an RTO of under 1 minute, while the secondary can be used for read-only queries by adding the `-AllowReadOnlyFailoverToSecondary` parameter or using the listener's read-only endpoint. This meets all stated requirements for regional failover, low RPO/RTO, and read-only reporting.

Exam trap

The trap here is that candidates often confuse Azure SQL Managed Instance's auto-failover groups with SQL Server Always On Availability Groups on IaaS VMs, or mistakenly think storage-level replication (RA-GRS) can provide database-level failover with sub-minute RTO.

How to eliminate wrong answers

Option B is wrong because RA-GRS is a storage redundancy option for Azure Blob Storage or Azure Files, not for SQL Managed Instance databases; it does not provide automatic failover for the database engine or meet the sub-5-second RPO requirement. Option C is wrong because SQL Server Always On Availability Groups with synchronous replicas require manual configuration and management on virtual machines, not on Azure SQL Managed Instance, and the RTO would exceed 1 minute due to manual failover steps. Option D is wrong because Azure Site Recovery replicates the entire VM, not the SQL Managed Instance service directly, and it introduces RTOs typically measured in minutes to hours, not under 1 minute, and does not support read-only query routing to the secondary.

82
MCQmedium

A company runs critical Azure virtual machines (VMs) in the West US region. They need a disaster recovery solution that replicates VMs to East US. The recovery point objective (RPO) must be 15 minutes and the recovery time objective (RTO) must be 2 hours. The VMs use managed disks and the application requires consistent state across multiple VMs. They want to test failover without impacting production. Which Azure service should they use?

A.Azure Backup with backup policies set to 15-minute frequency
B.Azure Site Recovery with crash-consistent replication
C.Azure Site Recovery with app-consistent replication
D.Azure Backup with application-consistent snapshot
AnswerC

App-consistent replication ensures data integrity across VMs, meets the 15-minute RPO, and supports test failover without impact.

Why this answer

Azure Site Recovery with app-consistent replication (Option C) is correct because it meets the RPO of 15 minutes and RTO of 2 hours while ensuring consistent state across multiple VMs. App-consistent replication uses Volume Shadow Copy Service (VSS) to quiesce applications and flush memory writes to disk, guaranteeing that the recovered VMs are in a crash-consistent state at the application level. This is essential for multi-VM applications that require transaction consistency, and Azure Site Recovery supports planned and unplanned failover testing without impacting production via isolated test failover networks.

Exam trap

The trap here is that candidates confuse Azure Backup (which is for point-in-time backups with longer RTO) with Azure Site Recovery (which is for continuous replication and failover), and they may incorrectly assume crash-consistent replication is sufficient for multi-VM application consistency when app-consistent replication is explicitly required.

How to eliminate wrong answers

Option A is wrong because Azure Backup with a 15-minute frequency is designed for backup and restore, not replication for disaster recovery; it cannot achieve the required RTO of 2 hours for multi-VM failover and does not support orchestrated failover across VMs. Option B is wrong because Azure Site Recovery with crash-consistent replication only guarantees that the VM is in a state as if it had crashed, which does not ensure application-consistent state across multiple VMs, violating the requirement for consistent state. Option D is wrong because Azure Backup with application-consistent snapshot is a backup solution, not a replication service; it does not provide continuous replication or the ability to failover to a secondary region with the required RPO and RTO, and it lacks the orchestration for multi-VM consistency.

83
Multi-Selecthard

You are designing a business continuity solution for a global SaaS application that runs on Azure Kubernetes Service (AKS) with Azure Cosmos DB as the database. The solution must support multi-region writes and automatic failover with zero data loss. Which THREE components should you include in your design? (Choose three.)

Select 3 answers
A.Deploy Azure Cache for Redis Enterprise with active geo-replication.
B.Deploy Azure Front Door with origin groups for the AKS clusters.
C.Use Azure Traffic Manager to route traffic to the primary region.
D.Configure Azure Cosmos DB with multiple write regions.
E.Use Azure SQL Database with failover groups for the database tier.
AnswersA, B, D

Active geo-replication for Redis Enterprise supports multi-region writes and automatic failover for cache data.

Why this answer

Option A, Option C, and Option D are correct. Azure Cosmos DB with multi-region writes supports zero data loss during failover. Azure Front Door provides global load balancing and automatic failover for the AKS clusters.

Azure Cache for Redis Enterprise with active geo-replication provides low-latency cache with multi-region writes. Option B is wrong because Azure Traffic Manager is not required when using Front Door. Option E is wrong because Azure SQL Database does not support multi-region writes natively like Cosmos DB.

84
Multi-Selecthard

Which THREE components are required to implement a disaster recovery solution for Azure Virtual Desktop (AVD) using active-passive model?

Select 3 answers
A.Configure Azure Files geo-replication for the profile share.
B.Replicate FSLogix profile containers using Azure File Sync.
C.Deploy AVD host pool in the primary region only.
D.Deploy an AVD host pool in the secondary region.
E.Configure Azure Backup for the AVD session hosts.
AnswersA, B, D

Geo-replication ensures profile data is available in secondary.

Why this answer

Options A (FSLogix profile container replication), C (AVD host pool in secondary region), and E (Azure Files geo-replication) are required. Option B (single region) not. Option D (Azure Backup) not primary.

85
MCQmedium

You are designing a disaster recovery solution for a tier-1 application that runs on Azure SQL Managed Instance. The application has a Recovery Time Objective (RTO) of 30 seconds and a Recovery Point Objective (RPO) of 10 seconds. The solution must also support failover during planned maintenance. What should you recommend?

A.Configure auto-failover groups with a readable secondary in another region for Azure SQL Database.
B.Implement Azure Site Recovery to replicate the SQL Managed Instance to a secondary region.
C.Use active geo-replication for Azure SQL Managed Instance with a secondary in another region.
D.Set up a failover group for Azure SQL Managed Instance between two regions with a secondary replica.
AnswerD

Failover groups for SQL Managed Instance provide synchronous replication, RPO of 0, and RTO of about 10 seconds, meeting the requirements.

Why this answer

Option B is correct because failover groups for Azure SQL Managed Instance provide automatic failover with RPO of 0 (no data loss) and RTO of about 10 seconds, meeting the strict requirements. Option A is wrong because auto-failover groups for SQL Database are different and not for Managed Instance. Option C is wrong because active geo-replication is for SQL Database, not Managed Instance.

Option D is wrong because Azure Site Recovery does not replicate SQL Managed Instance natively and cannot meet the low RPO/RTO.

86
MCQhard

You are designing a business continuity solution for a critical application that uses Azure Cosmos DB with multiple write regions. The application is deployed in the East US and West Europe regions. The business requires that if one region fails, the application can continue to serve writes in the remaining region with no data loss. Which consistency level should you use?

A.Strong
B.Eventual
C.Session
D.Bounded staleness
AnswerA

Strong consistency ensures no data loss.

Why this answer

Option A is correct because strong consistency guarantees linearizability and no data loss during regional failover. However, it may affect write performance. Option B is wrong because bounded staleness can lose data if the staleness window is exceeded.

Option C is wrong because session consistency may lose data. Option D is wrong because eventual consistency can lose data.

87
MCQmedium

Your company runs a critical web application on Azure Virtual Machines in a single region. You need to design a disaster recovery solution that meets a Recovery Point Objective (RPO) of 15 minutes and a Recovery Time Objective (RTO) of 1 hour. The solution must be cost-effective for a planned failover test. What should you do?

A.Configure Azure Site Recovery (ASR) with replication to a paired secondary region and perform regular test failovers.
B.Create a read-only replica of the VMs in another region using Azure SQL Database geo-replication.
C.Deploy the VMs across two Azure Availability Zones within the same region.
D.Use Azure Backup with daily backups to a Recovery Services vault in a paired region.
AnswerA

ASR supports low RPO and RTO, and test failovers are cost-effective.

Why this answer

Option C is correct because Azure Site Recovery with replication intervals as low as 30 seconds can meet the RPO of 15 minutes, and with pre-staged resources, the RTO of 1 hour is achievable. It is cost-effective for testing because replication can be paused and test failover uses isolated networks without affecting production. Option A is wrong because Azure Backup's typical RPO is 1 day and RTO is hours.

Option B is wrong because Availability Zones protect within a region, not across regions. Option D is wrong because read-only replicas do not provide failover capability for compute.

88
Multi-Selecteasy

Your company is developing an application that will store transactional data in Azure SQL Database. The application has a Recovery Point Objective (RPO) of 5 seconds and a Recovery Time Objective (RTO) of 30 seconds. Which TWO Azure features should you recommend? (Choose two.)

Select 2 answers
A.Use Azure Site Recovery to replicate the SQL Database to a secondary region.
B.Create an auto-failover group with a readable secondary in another Azure region.
C.Deploy the Azure SQL Database across availability zones in the primary region.
D.Perform Azure SQL Database backups every 5 seconds using Azure Backup.
E.Configure active geo-replication for the Azure SQL Database.
AnswersB, E

Auto-failover groups provide automatic failover with synchronous replication, achieving RPO of 0 and RTO of about 30 seconds.

Why this answer

Option A and Option D are correct. Auto-failover groups with active geo-replication provide synchronous replication with RPO of 0 and RTO of about 30 seconds. Option B is wrong because Azure Backup has an RPO of 5 minutes for SQL Database (full backup frequency).

Option C is wrong because Azure Site Recovery does not replicate SQL Database natively. Option E is wrong because zone-redundant availability zones protect against datacenter failures, not regional failures, and RTO is not guaranteed.

89
Drag & Dropmedium

Drag and drop the steps to configure an Azure Application Gateway with end-to-end TLS encryption into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

First, have the certificate. Upload it, configure the backend, set up HTTP settings with TLS, then create the rule.

90
MCQeasy

A company runs a critical application on Azure VMs. They need to ensure that if an entire Azure region fails, the application can be recovered in another region with minimal data loss. They have a recovery point objective (RPO) of 1 hour and a recovery time objective (RTO) of 4 hours. What should they implement?

A.Azure Traffic Manager
B.Azure Front Door
C.Azure Site Recovery
D.Azure Backup
AnswerC

Provides VM replication with low RPO and RTO.

Why this answer

Option A is correct because Azure Site Recovery provides VM replication to a secondary region with an RPO of as low as 5 minutes and RTO of a few hours, meeting the 1-hour RPO and 4-hour RTO. Option B is wrong because Azure Backup has an RPO of at least 12 hours. Option C is wrong because Azure Traffic Manager does not replicate data.

Option D is wrong because Azure Front Door is for global load balancing, not VM replication.

91
MCQeasy

A company wants to back up on-premises SQL Server databases to Azure and be able to restore them to an on-premises server in case of a disaster. The backup must be encrypted and retained for 7 years for compliance. Which Azure service should they use?

A.Azure Backup with the MARS agent.
B.Azure Site Recovery.
C.Azure Database Migration Service.
D.Azure Storage with incremental snapshots.
AnswerA

The MARS agent can back up on-premises SQL Server databases to a Recovery Services vault in Azure. It supports encryption with a user-provided passphrase and allows long-term retention (7 years is easily configurable). Restores can be done to the original or alternate on-premises server.

Why this answer

Azure Backup with the MARS agent is the correct choice because it is specifically designed to back up on-premises SQL Server databases directly to Azure, supports encryption at rest using a passphrase, and allows long-term retention (up to 99 years) to meet the 7-year compliance requirement. The MARS agent performs file- and application-consistent backups and can restore data to an on-premises server, fulfilling the disaster recovery scenario.

Exam trap

The trap here is that candidates often confuse Azure Site Recovery (a replication/failover tool) with Azure Backup (a backup/restore tool), overlooking that Site Recovery does not support long-term retention or granular database restore to on-premises servers.

How to eliminate wrong answers

Option B (Azure Site Recovery) is wrong because it is a disaster recovery service that replicates entire workloads for failover, not a backup solution; it does not support long-term retention for compliance or granular database restore to on-premises. Option C (Azure Database Migration Service) is wrong because it is designed for migrating databases to Azure, not for ongoing backup and restore operations, and it does not provide encryption or retention policies for backups. Option D (Azure Storage with incremental snapshots) is wrong because while it can store backup files, it lacks native integration with SQL Server for application-consistent backups, does not provide built-in encryption management for compliance, and requires custom scripting to manage retention and restore processes.

92
MCQeasy

A company runs a stateless web application on multiple Azure VMs behind a load balancer. They want to ensure that if a VM fails, traffic is automatically redirected to healthy VMs. Which Azure service provides this functionality with health probes?

A.Azure Traffic Manager
B.Azure Front Door
C.Azure Application Gateway
D.Azure Load Balancer
AnswerD

Load Balancer uses health probes to route traffic only to healthy VMs.

Why this answer

Option A is correct because Azure Load Balancer uses health probes to detect unhealthy backend instances and stops sending traffic to them. Option B is wrong because Azure Traffic Manager is DNS-based and does not use health probes in the same way. Option C is wrong because Azure Front Door is an application delivery controller but is more suited for global scenarios.

Option D is wrong because Azure Application Gateway also supports health probes, but the question specifies 'load balancer' and the simplest correct answer is Azure Load Balancer.

93
MCQmedium

Refer to the exhibit. You are reviewing the replication health of an on-premises Hyper-V VM replicated to Azure using Azure Site Recovery. The JSON output shows the properties of the replicated item. The replication health is 'Normal', but the last recovery point is from 2 hours ago. You need to ensure the Recovery Point Objective (RPO) of 15 minutes is met. What is the most likely cause of the issue?

A.The VM's application-consistent snapshot is failing.
B.The target region is not correctly configured in the recovery plan.
C.The Hyper-V host is not registered with the Recovery Services vault.
D.The replication frequency is set to 30 minutes or more.
AnswerD

The 2-hour old recovery point suggests replication is not running at the required frequency; the setting likely exceeds 15 minutes.

Why this answer

Option B is correct because the 'currentRecoveryPoint' timestamp being 2 hours old indicates that replication is not occurring frequently enough. Azure Site Recovery for Hyper-V VMs uses a replication frequency that can be set to 30 seconds, 5 minutes, or 15 minutes. If the last recovery point is 2 hours old, the replication frequency is likely set to a longer interval or there is a connectivity issue.

Option A is wrong because the replication health is Normal, so provider registration is fine. Option C is wrong because a failed snapshot would show a different health status. Option D is wrong because the exhibit shows the recovery site is EastUS, indicating configuration is set.

94
MCQhard

A company runs a mission-critical application on Azure VMs in West US. They need a disaster recovery plan with an RPO of 5 minutes and an RTO of 30 minutes. The application consists of multiple VMs that must be recovered in a specific order: the database VM first, then the front-end VMs. They also need to ensure that after failover, the IP addresses of the VMs are retained to avoid DNS propagation delays. The company wants to test the recovery process periodically without affecting production. Which Azure Site Recovery features should they use?

A.Use recovery plans with virtual machine group ordering and failover network settings to assign static IPs.
B.Use failover settings with retention IP and test failover.
C.Use recovery plans with custom scripts for ordering and Azure Traffic Manager for IP retention.
D.Use Azure Site Recovery with Application Consistent Snapshots and ignore IP retention.
AnswerA

Recovery plans allow you to create groups of VMs and specify the order of failover. Failover network settings enable you to assign static IP addresses to the recovered VMs. Test failover is supported for drills.

Why this answer

Option A is correct because Azure Site Recovery recovery plans allow you to define the order of VM recovery using groups, and you can assign static IP addresses via failover network settings to retain IPs after failover. This meets the RPO of 5 minutes (via continuous replication) and RTO of 30 minutes (via orchestrated failover), while test failover can be performed without impacting production.

Exam trap

The trap here is that candidates often confuse Azure Traffic Manager (a DNS-based traffic routing service) with Site Recovery's built-in IP retention capabilities, or they assume that 'retention IP' is a standalone feature rather than a configuration within failover network settings.

How to eliminate wrong answers

Option B is wrong because 'retention IP' is not a valid Azure Site Recovery feature; IP retention is achieved through failover network settings, not a separate 'retention IP' option, and test failover alone does not address VM ordering. Option C is wrong because Azure Traffic Manager is used for global load balancing and DNS-based traffic routing, not for IP retention in Site Recovery; custom scripts in recovery plans can help with ordering but are not the primary feature for static IP assignment. Option D is wrong because ignoring IP retention would cause IP address changes after failover, leading to DNS propagation delays, which contradicts the requirement to avoid such delays; Application Consistent Snapshots address data consistency but not IP retention or VM ordering.

95
Multi-Selectmedium

Which TWO of the following Azure services can be used to enable automatic failover of a web application across Azure regions?

Select 2 answers
A.Azure DNS
B.Azure Load Balancer
C.Azure Front Door
D.Azure Traffic Manager
E.Azure Application Gateway
AnswersC, D

Front Door monitors endpoint health and routes traffic away from failed regions.

Why this answer

Options A and B are correct. Azure Front Door provides global load balancing with automatic failover. Azure Traffic Manager can also route traffic based on priority and automatically fail over.

Option C (Azure Load Balancer) is regional. Option D (Azure Application Gateway) is regional. Option E (Azure DNS) does not provide health-based failover.

96
MCQmedium

A financial services company runs a critical application on Azure VMs with SQL Server Always On availability groups. The primary region is East US, and the secondary region is West US. The business requires automatic failover with zero data loss in case of a regional disaster. Which configuration should you recommend for the availability group?

A.Use synchronous commit mode with manual failover
B.Use asynchronous commit mode with automatic failover
C.Use synchronous commit mode with automatic failover
D.Use asynchronous commit mode with manual failover
AnswerC

Synchronous commit ensures zero data loss; automatic failover meets RTO.

Why this answer

Option D is correct because synchronous commit mode with automatic failover ensures zero data loss and automatic failover. Option A is wrong because asynchronous commit can have data loss. Option B is wrong because manual failover does not meet automatic requirement.

Option C is wrong because asynchronous commit with automatic failover can cause data loss.

97
MCQhard

A company runs a critical application using Azure SQL Database in the West US region. They need a disaster recovery solution that automatically fails over to a secondary region (East US) with a recovery point objective (RPO) of 5 seconds and a recovery time objective (RTO) of 1 minute. The secondary region must also be able to serve read-only queries for reporting purposes. Which Azure SQL Database feature should they implement?

A.Azure SQL Database active geo-replication with auto-failover group
B.Azure SQL Database geo-restore
C.Azure SQL Database copy
D.Azure SQL Managed Instance failover group
AnswerA

Active geo-replication replicates data asynchronously with an RPO of 5 seconds. The auto-failover group enables automatic failover with an RTO of 1 minute, and the secondary can be used for read-only access.

Why this answer

Active geo-replication with auto-failover groups is the correct choice because it provides automatic, synchronous failover to a secondary region with an RPO of 5 seconds and an RTO of 1 minute. Additionally, the secondary database can be used for read-only reporting by connecting with the 'ApplicationIntent=ReadOnly' connection string, meeting both the disaster recovery and reporting requirements.

Exam trap

The trap here is that candidates often confuse geo-restore (which is manual and has high RPO/RTO) with active geo-replication, or they mistakenly think that SQL Managed Instance failover groups support read-only secondaries for Azure SQL Database, when in fact they are for Managed Instance only.

How to eliminate wrong answers

Option B (geo-restore) is wrong because it is a manual recovery process that restores a database from geo-replicated backups, resulting in an RPO of 1 hour and an RTO of several hours, far exceeding the required 5-second RPO and 1-minute RTO. Option C (copy) is wrong because it creates a point-in-time snapshot copy of the database, which is not a continuous replication solution and cannot provide automatic failover or meet the low RPO/RTO requirements. Option D (Azure SQL Managed Instance failover group) is wrong because it applies to Azure SQL Managed Instance, not Azure SQL Database, and while it supports auto-failover, it does not natively allow the secondary to serve read-only queries for reporting without additional configuration.

98
MCQmedium

A company runs a critical SQL Server database on an Azure VM. The database is used by a line-of-business application that requires minimal data loss (RPO of 5 seconds) and fast recovery (RTO of 15 minutes). The VM is in a single region. What should you recommend to meet the RPO and RTO requirements?

A.Use Azure Storage geo-redundant storage (GRS) for the VM's managed disks.
B.Migrate the database to Azure SQL Managed Instance and configure a failover group with a secondary in another region.
C.Deploy the VM in an Availability Set and use SQL Server Always On Availability Groups.
D.Configure Azure Backup for the VM with application-consistent backups every 5 minutes.
AnswerB

Failover group provides automated replication with RPO of seconds and RTO of ~1 minute.

Why this answer

Option D (Azure SQL Managed Instance with failover group) provides automated replication with RPO of seconds and RTO of minutes. Option A (backup to Azure Blob) has higher RPO/RTO. Option B (Availability Set) protects against host failure but not region failure.

Option C (geo-redundant storage) does not protect against database corruption.

99
Multi-Selectmedium

You are designing a disaster recovery plan for an Azure virtual machine running a critical application. The solution must meet an RPO of 1 hour and an RTO of 4 hours. Which TWO actions should you take? (Choose TWO.)

Select 2 answers
A.Deploy the VM in an Availability Set and use premium storage.
B.Configure Azure Backup with daily snapshots stored in a Recovery Services vault.
C.Enable Azure Site Recovery for the VM with replication to a secondary region.
D.Create a Recovery Services vault in the secondary region with geo-redundant storage (GRS).
E.Use Azure Front Door to distribute traffic between the primary and secondary regions.
AnswersC, D

ASR provides low RPO and meets RTO.

Why this answer

Options B and D are correct. Azure Site Recovery can replicate VMs with an RPO as low as 30 seconds and RTO of a few hours. Using a Recovery Services vault with GRS ensures geo-redundancy.

Option A is wrong because Azure Backup has a higher RPO. Option C is wrong because Availability Zones do not provide cross-region DR. Option E is wrong because Azure Front Door is for traffic distribution, not VM replication.

100
MCQhard

You are reviewing a Bicep template that deploys two App Service Environments (ASE) and an Azure Traffic Manager profile. The exhibit shows the template snippet. What is the expected behavior when the primary ASE becomes unhealthy?

A.Traffic is stopped until an administrator updates the DNS manually.
B.Traffic is load-balanced between both ASEs based on performance.
C.Traffic is automatically routed to the secondary ASE with priority 2.
D.Traffic continues to be sent to the primary ASE because priority routing only uses the primary.
AnswerC

Priority routing fails over to the next priority when the primary is unhealthy.

Why this answer

The Traffic Manager profile uses priority routing with primary endpoint priority 1 and secondary priority 2. When the primary endpoint is unhealthy, Traffic Manager automatically routes traffic to the secondary endpoint. Option A is incorrect because it says primary continues.

Option C is incorrect because priority routing does not distribute traffic. Option D is incorrect because it mentions manual intervention.

101
Multi-Selectmedium

Which TWO actions should you take to ensure business continuity for an Azure SQL Managed Instance? (Choose two.)

Select 2 answers
A.Use Azure Site Recovery to replicate the instance to another region
B.Configure a readable secondary replica in the same region
C.Enable automated backups with a retention period that meets your RPO
D.Configure a failover group with a secondary instance in a different region
E.Enable long-term retention (LTR) for backups
AnswersC, D

Automated backups allow point-in-time restore within retention period.

Why this answer

Options B and D are correct. Azure SQL Managed Instance supports automated backups with point-in-time restore (B) and failover groups for geo-replication (D). Option A is wrong because configuring a readable secondary is not directly supported; failover groups handle that.

Option C is wrong because Azure Site Recovery is for VMs, not managed instances. Option E is wrong because long-term retention is for backup storage, not failover.

102
MCQhard

A financial services company runs a critical SQL Server database on Azure VMs. They require a failover solution that provides automatic detection of database health issues and automatically fails over to a secondary replica in another Azure region with no data loss and sub-minute RPO. What should they use?

A.Azure SQL Database geo-replication
B.SQL Server Always On Availability Groups with automatic failover
C.Azure SQL Managed Instance failover groups
D.Azure Backup for SQL Server
AnswerB

Always On AGs with synchronous commit and automatic failover meet the requirements.

Why this answer

Option C is correct because SQL Server Always On Availability Groups with automatic failover can provide synchronous replication between VMs in different regions, offering no data loss and sub-minute RPO. Option A is wrong because Azure SQL Managed Instance failover groups provide automatic failover but with a maximum of one hour RPO for geo-replication. Option B is wrong because Azure SQL Database geo-replication has an RPO of up to 5 seconds, but the scenario specifies VMs, not PaaS.

Option D is wrong because Azure Backup does not provide real-time replication.

103
MCQmedium

A company runs a stateless web application on Azure VMs. They need to ensure the application remains available in the event of an entire Azure datacenter failure. They want to achieve a 99.99% SLA. Which deployment option should they recommend?

A.A
B.B
C.C
D.D
AnswerB

Deploying VMs across at least two availability zones in the same region protects against an entire datacenter failure and meets the 99.99% SLA.

Why this answer

To survive an entire Azure datacenter failure and achieve a 99.99% SLA, the stateless web application must be deployed across at least two Azure Availability Zones within a region. Availability Zones are physically separate datacenters within the same region, each with independent power, cooling, and networking. Deploying VMs in a zone-redundant configuration ensures that if one datacenter fails, the application continues running in another zone, meeting the 99.99% SLA (which requires a minimum of two zones).

Exam trap

The trap here is that candidates often confuse Availability Sets (which protect against rack failures) with Availability Zones (which protect against datacenter failures), leading them to choose an option that only provides 99.95% SLA instead of the required 99.99%.

How to eliminate wrong answers

Option A is wrong because deploying VMs in an Availability Set protects against rack-level failures within a single datacenter, not against an entire datacenter failure, and it offers only a 99.95% SLA. Option C is wrong because deploying VMs in a single Availability Zone still leaves the application vulnerable to a datacenter failure within that zone, and the SLA for a single zone is 99.95%. Option D is wrong because deploying VMs in a single region without zone redundancy does not protect against a full datacenter failure, and the SLA for a single VM is 99.9%.

104
MCQmedium

A company runs a critical application on Azure Kubernetes Service (AKS) in a single region. The application is stateless and uses an Azure SQL Database with active geo-replication for database DR. They need to ensure the AKS cluster can failover to a secondary region with an RTO of 15 minutes and an RPO of 5 seconds for the database. What should they recommend for the AKS cluster?

A.Deploy AKS clusters in two regions and use Azure Traffic Manager to route traffic.
B.Deploy a single AKS cluster with pods spread across availability zones within the region.
C.Use Azure Site Recovery to replicate the AKS cluster to another region.
D.Back up the AKS cluster configuration and container images to a geo-redundant storage account.
AnswerA

Traffic Manager provides DNS-based global load balancing. With AKS clusters in two regions, Traffic Manager can direct users to the healthy region, achieving the required RTO. The database DR is handled separately by active geo-replication.

Why this answer

Option A is correct because deploying AKS clusters in two regions with Azure Traffic Manager enables active-passive or active-active failover. Traffic Manager uses DNS-based routing to direct traffic to the secondary region when the primary fails, meeting the RTO of 15 minutes. The stateless application can be redeployed or scaled in the secondary cluster, while the Azure SQL Database with active geo-replication ensures an RPO of 5 seconds by continuously replicating transactions.

Exam trap

The trap here is that candidates often confuse Azure Site Recovery as a solution for AKS DR, but Site Recovery only supports IaaS VMs, not managed Kubernetes services, making multi-region AKS clusters with Traffic Manager the correct approach.

How to eliminate wrong answers

Option B is wrong because spreading pods across availability zones within a single region protects against zonal failures but not against a regional outage, which is required for cross-region DR. Option C is wrong because Azure Site Recovery does not support replicating AKS clusters; it is designed for IaaS VMs, not managed Kubernetes services. Option D is wrong because backing up cluster configuration and container images to geo-redundant storage provides data backup but does not enable automated failover or meet the RTO of 15 minutes, as manual restoration would be required.

105
MCQeasy

A company runs a web application on Azure VMs in a single region. They need to ensure that if the region fails, the VMs are replicated to another region and can be started automatically. Which Azure service should they use?

A.Azure Site Recovery
B.Azure Backup
C.Azure Traffic Manager
D.Azure Load Balancer
AnswerA

Azure Site Recovery replicates VMs to another region and supports automated failover and startup.

Why this answer

Azure Site Recovery (ASR) orchestrates replication, failover, and failback of Azure VMs from one region to another. It continuously replicates VM disks to the target region and, upon failover, automatically starts the replicated VMs, meeting the requirement for regional disaster recovery with automated startup.

Exam trap

The trap here is that candidates confuse Azure Backup (which provides point-in-time restores but not automated regional failover) with Azure Site Recovery (which provides continuous replication and automated VM startup), or they mistakenly think Traffic Manager or Load Balancer can handle VM replication and startup when they only manage traffic routing.

How to eliminate wrong answers

Option B (Azure Backup) is wrong because it is designed for backup and restore of VM data to a Recovery Services vault, not for continuous replication and automated startup of VMs in another region; it requires manual restore and does not provide automatic VM startup after failover. Option C (Azure Traffic Manager) is wrong because it is a DNS-based traffic load balancer that routes incoming traffic to healthy endpoints across regions, but it does not replicate VMs or start them automatically after a regional failure. Option D (Azure Load Balancer) is wrong because it distributes traffic within a single region at the transport layer (Layer 4) and does not provide cross-region replication or automated VM startup.

106
MCQmedium

A company runs several Azure virtual machines (VMs) that host SQL Server databases. The databases are stored on data disks attached to the VMs. The company needs to back up the databases and VMs separately. They require application-consistent backups for SQL Server to ensure transactional integrity. Additionally, they need to retain backups for up to 7 years to meet compliance requirements. The solution must minimize administrative overhead and support long-term retention of database backups. Which Azure service or feature should they use for the database backups?

A.Azure Backup for Azure VMs with application-consistent snapshots
B.Azure Backup for SQL Server in Azure VMs
C.Azure Site Recovery
D.Azure Files
AnswerB

This offers true application-consistent backups for SQL Server databases, supports granular point-in-time restore, and allows retention of backups for up to 10 years using the archive tier, meeting the 7-year requirement.

Why this answer

Azure Backup for SQL Server in Azure VMs is the correct choice because it provides native, application-consistent backups specifically for SQL Server databases running on Azure VMs. It integrates directly with SQL Server VSS writer to ensure transactional integrity, supports long-term retention up to 10 years (exceeding the 7-year requirement), and minimizes administrative overhead by automating backup scheduling, retention management, and point-in-time restore. This service is purpose-built for SQL Server database backups, separate from VM-level backups.

Exam trap

The trap here is that candidates often confuse 'application-consistent snapshots' at the VM level with true SQL Server–aware database backups, overlooking that VM-level backups do not guarantee SQL Server transactional integrity or support database-level restore and long-term retention policies.

How to eliminate wrong answers

Option A is wrong because Azure Backup for Azure VMs with application-consistent snapshots backs up the entire VM (including OS and data disks) but does not provide SQL Server–aware, database-level backup granularity or transactional integrity for SQL Server databases; it only ensures file-system consistency, not application consistency for SQL Server. Option C is wrong because Azure Site Recovery is a disaster recovery solution focused on replication and failover for business continuity, not a backup service for long-term retention or application-consistent database backups. Option D is wrong because Azure Files is a managed file share service for storing files, not a backup solution; it lacks SQL Server–aware backup capabilities, application-consistent snapshot support, and long-term retention policies for databases.

107
Multi-Selectmedium

Your organization has a critical application running on Azure Virtual Machines. You need to design a backup and disaster recovery strategy. Which TWO options should you include in your design to meet a Recovery Point Objective (RPO) of 15 minutes and a Recovery Time Objective (RTO) of 1 hour? (Choose two.)

Select 2 answers
A.Store data in Azure Files and use Azure File Sync for replication.
B.Implement Azure Site Recovery with replication to a secondary region.
C.Use Azure Traffic Manager to distribute traffic between regions.
D.Configure Azure Backup for daily backups with geo-redundant storage.
E.Enable application-consistent snapshots for the VMs within the replication policy.
AnswersB, E

Azure Site Recovery can achieve an RPO of 15 seconds to 15 minutes and an RTO of minutes, meeting the requirements.

Why this answer

Option B and Option D are correct. Azure Site Recovery can replicate VMs with an RPO as low as 15 minutes and an RTO of minutes to hours. Azure Backup can be used for additional long-term retention, but to meet the RPO/RTO requirements, Site Recovery is necessary.

Option A is wrong because Azure Backup has a default RPO of 1 hour for VMs. Option C is wrong because Traffic Manager does not provide RPO/RTO guarantees. Option E is wrong because Azure Files is not a VM backup solution.

108
Multi-Selectmedium

Which TWO of the following are valid strategies for achieving high availability for Azure SQL Database?

Select 2 answers
A.Deploy Azure SQL Database in a zone-redundant configuration within a single region.
B.Enable read scale-out to distribute read queries to a secondary replica.
C.Enable active geo-replication with a readable secondary in the same region.
D.Use Azure Backup to copy database backups to another region.
E.Configure auto-failover groups with a secondary in another region.
AnswersA, C

Zone-redundant configuration replicates across availability zones for HA.

Why this answer

Options B and D are correct. Active geo-replication provides readable secondaries and supports manual failover. Zone-redundant configuration protects against datacenter failure within a region.

Option A (auto-failover groups) is a strategy but is a superset; the question asks for strategies. Option C (backup to another region) is for disaster recovery, not high availability. Option E (read scale-out) is for read scalability, not availability.

109
MCQhard

You are designing a business continuity plan for a financial services company that uses Azure SQL Database for its transactional workloads. The solution must meet an RPO of 5 seconds and an RTO of 30 seconds during a regional outage. What should you use?

A.Azure Database for PostgreSQL with read replicas in another region
B.Azure SQL Database auto-failover group with a secondary in a paired region
C.Azure SQL Database with active geo-replication and automatic failover
D.Azure SQL Managed Instance with failover group
AnswerC

Active geo-replication in a failover group provides exactly 5 sec RPO and ~30 sec RTO.

Why this answer

Option C is correct because Azure SQL Database failover groups with active geo-replication provide an RPO of 5 seconds and RTO of about 30 seconds when using automatic failover. Option A is wrong because auto-failover groups have an RPO of 5 seconds. Option B is wrong because Azure SQL Managed Instance failover groups have a higher RTO.

Option D is wrong because Azure Database for PostgreSQL is not the same service.

110
MCQeasy

Your company has a hybrid infrastructure with on-premises servers and Azure virtual machines. You need to design a backup strategy that includes on-premises file servers and Azure VMs. The solution must support long-term retention for compliance (7 years) and provide immediate recovery for recent versions. What should you include in the design?

A.Use Azure Storage account snapshots for on-premises files and Azure VM snapshots for VMs.
B.Deploy Azure Backup with the Microsoft Azure Recovery Services (MARS) agent for on-premises and the Azure Backup extension for VMs.
C.Set up Azure File Sync to sync on-premises files to Azure Files, then back up the Azure file shares.
D.Use Azure Site Recovery for both on-premises servers and Azure VMs.
AnswerB

Azure Backup supports both on-premises (MARS agent) and Azure VMs (extension) with configurable retention policies up to 99 years, meeting the 7-year compliance requirement.

Why this answer

Option C is correct because Azure Backup provides a unified backup solution for both on-premises (via MARS agent) and Azure VMs, with support for long-term retention using Backup Vault and Recovery Services vault. Option A is wrong because Azure Site Recovery is for disaster recovery, not backup. Option B is wrong because Azure File Sync syncs files but does not provide backup capabilities.

Option D is wrong because Azure Storage snapshots are not a comprehensive backup solution with centralized management.

111
MCQhard

A company uses Azure Cosmos DB with a single write region. They need to ensure business continuity with an RPO of 5 seconds and RTO of 1 minute in case of a regional outage. What configuration should they use?

A.Enable multi-region writes with automatic failover
B.Enable automatic failover from a single write region to a read region
C.Deploy Cosmos DB in an availability zone-enabled region
D.Use manual failover to a secondary read region
AnswerA

Multi-region writes provide near-zero RPO and automatic failover with low RTO.

Why this answer

Option C is correct because Cosmos DB multi-region writes with automatic failover provides the lowest RPO and RTO. With multiple write regions, if one region fails, the other region continues to accept writes with no data loss. Option A is wrong because single-region writes with automatic failover has higher RPO (up to 15 minutes).

Option B is wrong because manual failover has higher RTO. Option D is wrong because availability zones protect within a region, not cross-region.

112
MCQmedium

A financial services company runs a critical SQL Server database on Azure Virtual Machines. They require a disaster recovery solution with an RPO of less than 15 seconds and an RTO of less than 1 hour. Which technology should they implement?

A.Azure Site Recovery
B.SQL Server Always On Availability Groups
C.Azure Backup for SQL Server
D.Geo-redundant backups
AnswerB

Correct. Always On Availability Groups with synchronous replication can provide an RPO of zero and an RTO of seconds to minutes, satisfying the disaster recovery requirements.

Why this answer

SQL Server Always On Availability Groups provide synchronous data replication at the database level, enabling an RPO of less than 15 seconds by committing transactions on both primary and secondary replicas simultaneously. With automatic failover and a secondary replica in a different Azure region, the RTO can be under 1 hour, meeting the critical requirements for a SQL Server workload on Azure VMs.

Exam trap

The trap here is that candidates often confuse Azure Site Recovery's VM-level replication with database-level replication, assuming it can meet low RPO/RTO for SQL Server, but it cannot achieve sub-15-second RPO because it replicates at the hypervisor level with inherent lag.

How to eliminate wrong answers

Option A is wrong because Azure Site Recovery replicates entire VMs at the hypervisor level, not the database level, and its typical RPO is around 30 seconds to several minutes, failing to meet the sub-15-second requirement. Option C is wrong because Azure Backup for SQL Server is a backup solution, not a real-time replication or disaster recovery technology; it provides point-in-time restores with RPOs measured in minutes or hours, not seconds. Option D is wrong because geo-redundant backups (e.g., GRS) offer recovery points that are typically hours old (due to backup schedules and replication lag), and they require a full restore process, resulting in RTOs far exceeding 1 hour.

113
MCQhard

Refer to the exhibit. You are reviewing an Azure Site Recovery replicated item for a VM. The replication health is Normal, and the last recovery point is at 10:30 AM. The primary region experiences a failure at 10:35 AM. You initiate a failover at 10:40 AM. What is the maximum potential data loss?

A.5 minutes of data
B.15 minutes of data
C.0 minutes of data
D.10 minutes of data
AnswerA

Data between 10:30 and 10:35 is lost.

Why this answer

Option A is correct because the last recovery point is at 10:30 AM, and the failure occurred at 10:35 AM. The data loss is up to 5 minutes of data (between 10:30 and 10:35). Option B is wrong because the RPO is defined by the policy, but the actual loss is based on the last recovery point.

Options C and D are incorrect.

114
MCQeasy

A company needs to protect an Azure App Service web app from regional outages. The web app uses Azure SQL Database. They need to ensure that users are automatically redirected to a secondary region if the primary region fails. What should you configure?

A.Configure Azure Backup for the web app and restore in a secondary region.
B.Deploy the web app in two regions and use Azure Traffic Manager with priority routing.
C.Deploy the web app in a single region with a Standard Load Balancer and backend pool.
D.Deploy the web app in two regions and use Azure Front Door with an origin group and health probes.
AnswerD

Azure Front Door monitors health and redirects traffic automatically.

Why this answer

Option A (Azure Front Door with origin groups and health probes) provides automatic failover. Option B (Traffic Manager) does not integrate with App Service health. Option C (App Service backup) does not provide automatic failover.

Option D (Standard Load Balancer) is not regional.

115
MCQhard

An Azure SQL Database supports a customer-facing application. The company requires automatic failover to a paired region with minimal administrative action. Which feature should be recommended?

A.Zone-redundant storage only
B.Auto-failover group
C.SQL elastic pool only
D.Azure Backup vault only
AnswerB

Auto-failover groups provide geo-replication and listener endpoints for failover across regions.

Why this answer

Auto-failover groups in Azure SQL Database enable automatic, synchronous or asynchronous replication of databases to a paired region, with a built-in listener endpoint that handles transparent failover. This meets the requirement for minimal administrative action because failover can be triggered automatically based on the built-in grace period and health monitoring, without manual intervention.

Exam trap

The trap here is that candidates often confuse zone-redundant storage (which protects against zone failures within a region) with cross-region failover, or mistakenly think an elastic pool provides disaster recovery capabilities when it is only a management unit for performance and cost.

How to eliminate wrong answers

Option A is wrong because zone-redundant storage only protects against an availability zone failure within a single region, not a full regional outage, and does not provide automatic failover to a paired region. Option C is wrong because an SQL elastic pool is a resource management construct for scaling and managing multiple databases within a single server, not a disaster recovery or failover feature. Option D is wrong because Azure Backup vault is used for long-term backup retention and point-in-time restore, not for automatic failover or continuous replication to a paired region.

116
MCQmedium

A company runs a critical SQL Server database on Azure Virtual Machines in a single region. They need a disaster recovery solution across regions with a recovery point objective (RPO) of zero. The database is update-intensive with frequent writes. Which configuration should they implement?

A.SQL Server Always On Availability Group with asynchronous commit.
B.SQL Server Always On Availability Group with synchronous commit across regions.
C.Azure Site Recovery to another region.
D.Deploy the VMs in a different availability zone within the same region.
AnswerB

Synchronous commit ensures all transactions are committed on both the primary and secondary replicas before acknowledging the commit to the application. If configured across regions, this provides zero data loss (RPO=0). But network latency can affect write performance.

Why this answer

SQL Server Always On Availability Group with synchronous commit across regions ensures zero data loss because transactions are committed on both the primary and secondary replicas before the primary acknowledges the commit. This meets the RPO of zero, even though it introduces latency due to cross-region synchronization. For an update-intensive workload, synchronous commit is the only option that guarantees no data loss at the cost of increased write latency.

Exam trap

The trap here is that candidates often choose asynchronous commit (Option A) thinking it is sufficient for DR, but the RPO of zero explicitly requires synchronous commit, despite the performance trade-off.

How to eliminate wrong answers

Option A is wrong because asynchronous commit does not guarantee zero data loss; it allows transactions to be committed on the primary without waiting for the secondary, so the secondary can lag behind, violating the RPO of zero. Option C is wrong because Azure Site Recovery replicates at the VM level using crash-consistent or app-consistent snapshots, which cannot achieve an RPO of zero for a high-write database due to replication intervals and potential data loss between snapshots. Option D is wrong because deploying in different availability zones within the same region does not provide cross-region disaster recovery; it only protects against zonal failures within the same region, not a regional outage.

117
MCQhard

A company runs a critical application on Azure VMs in a single region. They need to implement disaster recovery using Azure Site Recovery (ASR) with a recovery point objective (RPO) of 15 minutes and a recovery time objective (RTO) of 2 hours. The database VMs have a very high data change rate, and the company wants to minimize replication costs. They also need to ensure that in the recovery plan, database VMs start before application VMs, and a script updates DNS records after failover. Which combination of ASR configurations should they use?

A.Enable multi-VM consistency groups and use recovery plans with manual ordering.
B.Enable app-consistent replication and use deployment plans with pre- and post-actions.
C.Enable replication with high churn protection and use recovery plans with availability groups.
D.Enable crash-consistent replication and use recovery plans with pre- and post-actions.
AnswerD

Crash-consistent replication meets the RPO and reduces costs. Recovery plans support pre-actions to control VM startup order and post-actions to run scripts after failover.

Why this answer

Option D is correct because crash-consistent replication is the most cost-effective ASR option for VMs with high data change rates, as it replicates only the data that has changed since the last snapshot without requiring application-level consistency. The RPO of 15 minutes and RTO of 2 hours can be met with crash-consistent replication, and recovery plans with pre- and post-actions allow you to specify that database VMs start before application VMs and run a script to update DNS records after failover.

Exam trap

The trap here is that candidates often assume app-consistent replication is always required for database VMs, but the question explicitly prioritizes minimizing replication costs and only requires a 15-minute RPO, making crash-consistent replication the correct choice despite the high data change rate.

How to eliminate wrong answers

Option A is wrong because multi-VM consistency groups are used to ensure crash-consistent or app-consistent replication across multiple VMs, but they do not address the need to minimize replication costs for high-churn VMs; they also do not provide the ability to run scripts after failover. Option B is wrong because app-consistent replication requires application-level snapshots (e.g., using VSS on Windows), which increases replication overhead and cost, and is not necessary for meeting a 15-minute RPO with high data change rates; deployment plans are not a valid ASR feature. Option C is wrong because 'high churn protection' is not a standard ASR configuration; ASR does not have a specific setting for high churn, and availability groups are a SQL Server feature, not an ASR recovery plan feature.

118
MCQeasy

Your company has an Azure subscription with a single virtual network. You need to design a solution to back up Azure VMs to meet a 7-day retention policy. The backup data must be stored in a separate region for compliance. What should you use?

A.Azure Backup with cross-region restore (CRR) enabled
B.Azure Site Recovery with replication to a secondary region
C.Azure File Share snapshots stored in a different region
D.Azure Backup with default geo-redundant storage (GRS) in the same region
AnswerA

CRR stores backup metadata and data in the secondary region.

Why this answer

Option D is correct because Azure Backup can be configured with cross-region restore (CRR) to store backup data in a paired region. Option A is wrong because Azure Site Recovery is for replication, not backup. Option B is wrong because Azure Backup's default is geo-redundant storage (GRS) which replicates to a paired region.

Option C is wrong because Azure Files snapshots are for file shares, not VMs.

119
MCQeasy

A company runs a critical application on Azure virtual machines (VMs) in the West US region. They need a disaster recovery solution that replicates the VMs to East US with a recovery point objective (RPO) of 15 minutes and a recovery time objective (RTO) of 2 hours. The application consists of multiple VMs, and the company needs to be able to fail over a single VM without impacting others during an actual disaster. They also want to periodically test the recovery process without affecting the production environment. Which Azure Site Recovery feature should they use to enable non-disruptive testing?

A.Recovery Plans
B.Planned failover
C.Test failover
D.Network mapping
AnswerC

Test failover creates an isolated copy of replicated VMs in a separate virtual network for validation purposes, without affecting ongoing replication or production. It is designed exactly for non-disruptive disaster recovery drills.

Why this answer

Test failover (Option C) is the correct feature because it allows you to validate your disaster recovery process by creating an isolated copy of your replicated VMs in a separate test network, without impacting the ongoing replication or the production environment. This directly meets the requirement for periodic, non-disruptive testing while maintaining the RPO of 15 minutes and RTO of 2 hours.

Exam trap

The trap here is that candidates often confuse 'Test failover' with 'Planned failover' or 'Recovery Plans,' mistakenly thinking that any failover action must impact production, when in fact Test failover is specifically designed to be isolated and non-disruptive.

How to eliminate wrong answers

Option A is wrong because Recovery Plans are used to orchestrate the failover sequence of multiple VMs and run custom scripts, but they do not provide a mechanism for non-disruptive testing; they are executed during actual failover or test failover, not as a testing feature themselves. Option B is wrong because Planned failover is designed for zero-data-loss migration or maintenance scenarios where both sites are healthy and no data loss is tolerated, but it requires stopping production VMs and is not a testing mechanism—it disrupts production. Option D is wrong because Network mapping defines how source and target networks correspond for failover, but it is a configuration prerequisite, not a feature for executing a non-disruptive test.

120
MCQmedium

A company runs a file server on Azure VMs using Windows Server. The server stores business-critical documents. You need to design a backup strategy that meets a recovery point objective (RPO) of 1 hour and recovery time objective (RTO) of 4 hours. The solution must be cost-effective. Which backup solution should you use?

A.Azure Site Recovery
B.Azure Backup for Azure Blobs
C.Azure Backup for Azure VMs
D.Azure File Sync
AnswerC

Azure Backup provides VM-level backups with customizable frequency and retention.

Why this answer

Option D is correct because Azure Backup for Azure VMs provides application-consistent backups with a frequency of up to every hour, meeting RPO of 1 hour, and RTO of a few hours for file-level restore. Option A (Azure Site Recovery) is for replication, more costly. Option B (Azure File Sync) syncs files, not backup.

Option C (Azure Backup for blobs) is for blobs, not VMs.

121
Multi-Selectmedium

Which TWO Azure services can be used together to provide a disaster recovery solution for an on-premises SQL Server database with an RPO of 5 minutes and an RTO of 30 minutes? (Select TWO.)

Select 2 answers
A.Azure SQL Database failover groups
B.Azure Backup for SQL Server
C.Azure SQL Managed Instance failover groups
D.SQL Server Log Shipping to Azure
E.Azure Site Recovery
AnswersA, C

Provides automatic geo-replication and failover.

Why this answer

Options A and D are correct. Azure SQL Managed Instance has a failover group feature that can replicate the database to a secondary region with automatic failover, meeting RPO/RTO. Alternatively, SQL Server Stretch Database is outdated; the correct answer is Azure SQL Database Managed Instance failover groups.

Option B is wrong because Azure Site Recovery replicates VMs, not databases directly. Option C is wrong because Azure Backup has a higher RPO. Option E is wrong because Log Shipping is an on-premises feature.

122
MCQmedium

You are reviewing a PowerShell script for Azure SQL Database. The exhibit shows the script that sets backup retention. What is the effect of running this script?

A.It sets the short-term backup retention to 7 days, enabling point-in-time restore within that period.
B.It enables geo-redundant backups for the database.
C.It sets the long-term retention (LTR) backup policy to 7 days.
D.It increases the backup retention from 7 to 35 days.
AnswerA

Short-term retention applies to point-in-time restore backups.

Why this answer

The script sets the short-term backup retention policy to 7 days for the database 'mydb'. This means point-in-time restore (PITR) backups are retained for 7 days. Option A is incorrect because it says 14 days.

Option D is incorrect because it only affects short-term retention.

123
MCQeasy

A company has a disaster recovery plan that requires testing failover of Azure VMs regularly without impacting the production environment. Which feature of Azure Site Recovery should they use?

A.Planned failover
B.Test failover
C.Unplanned failover
D.Failback
AnswerB

Test failover creates a non-production copy for validation.

Why this answer

Test failover (also known as drill) allows you to validate your disaster recovery plan without affecting production. Option A is incorrect because planned failover is for actual migration. Option C is incorrect because unplanned failover is for actual disasters.

Option D is incorrect because failback is for returning to primary after failover.

124
MCQeasy

A company wants to ensure that their Azure SQL Database can continue to serve read-write traffic if the primary region becomes unavailable. They require minimal data loss. What should they implement?

A.Use Azure Backup with cross-region restore
B.Deploy the database across two Availability Zones
C.Configure an auto-failover group with a secondary in another region
D.Read-scale replicas in the same region
AnswerC

Auto-failover groups provide automated failover.

Why this answer

Option C is correct because an auto-failover group with active geo-replication provides automated failover with minimal data loss. Option A is wrong because read-scale replicas are for read-only. Option B is wrong because Azure SQL Database does not use Availability Zones for cross-region DR.

Option D is wrong because Azure Backup does not provide failover.

125
Drag & Dropmedium

Drag and drop the steps to implement Azure Backup for an Azure virtual machine into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Create vault, define policy, assign VM, enable backup, test.

126
MCQeasy

A company deploys a critical multi-tier application on Azure VMs. The application includes a database tier that must be recovered to the same point in time as the application tier after a disaster. They use Azure Site Recovery (ASR) for disaster recovery to a secondary region. They also need to run a custom script after failover to update connection strings. Which ASR feature should they use?

A.Recovery plans with pre-actions and post-actions
B.Replication policies with application-consistent snapshots
C.Multi-VM consistency groups
D.Azure Backup with cross-region restore
AnswerA

Recovery plans enable ordering of VM groups and execution of scripts via pre- and post-actions.

Why this answer

Recovery plans in Azure Site Recovery allow you to define pre-actions and post-actions, which can run custom scripts (e.g., PowerShell) after failover to update connection strings. This ensures the application tier can connect to the recovered database tier, meeting the requirement for a custom script execution after failover. The other options do not provide the ability to run custom scripts as part of the failover sequence.

Exam trap

The trap here is that candidates often confuse multi-VM consistency groups (which ensure crash-consistent recovery across VMs) with the ability to run post-failover scripts, but only recovery plans provide the orchestration layer for custom actions like updating connection strings.

How to eliminate wrong answers

Option B is wrong because replication policies with application-consistent snapshots ensure data consistency for crash-consistent recovery but do not allow running custom scripts after failover. Option C is wrong because multi-VM consistency groups ensure all VMs in a group fail over to a consistent point in time, but they do not provide a mechanism to execute post-failover scripts. Option D is wrong because Azure Backup with cross-region restore provides backup-based recovery, not real-time replication, and does not support custom script execution as part of a failover orchestration.

127
MCQhard

You manage a globally distributed application using Azure Cosmos DB. You need to design a business continuity strategy that ensures zero data loss and automatic failover in case of a regional outage. The application must continue to serve reads and writes during a region failure. What should you recommend?

A.Use Azure Cosmos DB accounts with a single write region and enable service-managed failover.
B.Use Azure Cosmos DB accounts with multi-region writes but disable automatic failover and rely on manual failover.
C.Configure single-region writes with strong consistency and enable automatic failover.
D.Configure multi-region writes with eventual consistency and enable automatic failover.
AnswerD

Multi-region writes with automatic failover provide zero data loss and continuous availability for both reads and writes.

Why this answer

Azure Cosmos DB multi-region writes with automatic failover ensures zero data loss and continuous availability for both reads and writes. Option A is incorrect because single-region writes with eventual consistency may result in data loss. Option B is incorrect because it does not guarantee zero data loss.

Option D is incorrect because manual failover does not meet automatic failover requirement.

128
MCQhard

Contoso Ltd. runs a mission-critical application on Azure VMs in the West US region. They require an RPO of 15 minutes and an RTO of 1 hour in case of a regional disaster. They plan to use Azure Site Recovery. The application stores data on managed disks and uses a Premium SSD v2 disk for the database. The application also uses Azure SQL Database for some transactional data. What should Contoso do to meet the recovery objectives for the entire solution?

A.Configure Azure Site Recovery for the VMs with Premium SSD v2 disks and configure active geo-replication with auto-failover groups for Azure SQL Database.
B.Use Azure Backup for the VMs and configure long-term retention for the Azure SQL Database backups.
C.Configure Azure Site Recovery for the VMs and also for the Azure SQL Database by adding it to the replication group.
D.Deploy the application across two Azure regions using Azure Front Door and active geo-replication for Azure SQL Database.
AnswerA

ASR supports Premium SSD v2 disks; Azure SQL Database active geo-replication with auto-failover groups meets the RPO/RTO.

Why this answer

Option D is correct because Azure Site Recovery supports Premium SSD v2 disks for replication, and for Azure SQL Database, active geo-replication with a failover group can achieve RPO of 5 seconds and RTO of 1 hour. Option A is wrong because Azure SQL Database replication is not part of ASR; ASR does not replicate Azure SQL Database. Option B is wrong because Azure Backup is for data backup, not replication with the required RPO/RTO.

Option C is wrong because the application requires both VM and database recovery; only focusing on one component fails the overall solution.

129
Multi-Selectmedium

You are designing a disaster recovery solution for a multi-tier web application on Azure VMs. The solution must meet an RPO of 15 minutes and an RTO of 1 hour. The application includes a SQL Server database. Which THREE actions should you take? (Choose THREE.)

Select 3 answers
A.Use Azure Backup for the SQL Server database with 1-hour backup frequency.
B.Use Azure Premium SSD managed disks for the VMs to ensure low latency replication.
C.Configure SQL Server Always On Availability Groups with synchronous commit between regions.
D.Deploy read-scale replicas of the SQL Server in the secondary region.
E.Configure Azure Site Recovery to replicate the web and app tier VMs to a secondary region.
AnswersB, C, E

Premium disks support higher IOPS and lower latency for replication.

Why this answer

Options A, C, and E are correct. Azure Site Recovery can replicate the VMs with low RPO. For SQL Server, Always On Availability Groups provide automatic failover with minimal data loss.

Using premium storage ensures performance. Option B is wrong because Azure Backup has a higher RPO. Option D is wrong because read-scale replicas do not provide failover.

130
Multi-Selectmedium

Which TWO actions should you take to ensure business continuity for an Azure Functions app that processes messages from an Azure Service Bus queue?

Select 2 answers
A.Implement the event source pattern to replay messages in case of failure.
B.Enable geo-replication on the Service Bus namespace.
C.Use a single Service Bus namespace to simplify management.
D.Deploy the Functions app in a single region.
E.Configure Azure Backup for the Functions app.
AnswersA, B

Event source allows reprocessing of messages.

Why this answer

Option A (geo-replication) and Option C (event source pattern) ensure messages are not lost and can be replayed. Option B (single region) not resilient. Option D (backup) not needed.

Option E (single namespace) not resilient.

131
MCQhard

Your company runs a mission-critical application on Azure VMs in a single region. The application requires an RPO of 5 minutes and an RTO of 30 minutes. You plan to use Azure Site Recovery (ASR) to replicate the VMs to a secondary region. The VMs use managed disks. However, during a disaster recovery drill, you discover that the failover takes longer than expected. What is the most likely cause?

A.The replication policy is set to 30 minutes.
B.The Azure Hybrid Benefit is not applied to the VMs.
C.The recovery plan includes too many manual steps.
D.The VMs have large attached data disks that require significant time to synchronize.
AnswerD

Large disks increase failover time due to data synchronization.

Why this answer

Option B (large disk size) is a common cause of slow failover due to replication latency. Option A (network) is less likely if configured correctly. Option C (recovery plan) does not affect failover time.

Option D (hybrid benefit) irrelevant.

132
MCQhard

Refer to the exhibit. You are deploying an ARM template to configure backup for an Azure Web App. The deployment fails with an error: 'The resource 'Microsoft.Web/sites/config' cannot be nested under a parent resource that is not deployed.' What is the MOST LIKELY cause?

A.The parent web app resource is not defined in the template
B.The storageAccountUrl property uses a reference() that cannot be resolved
C.The apiVersion '2022-03-01' is not supported for this resource type
D.The backup schedule frequency interval is invalid
AnswerA

The backup config resource requires the parent web app to be present in the template.

Why this answer

Option D is correct because the backup configuration resource is defined as a child resource of the web app, but the parent web app ('Microsoft.Web/sites') is not included in the template. In ARM templates, child resources must be nested under their parent or the parent must be deployed in the same template. Since the web app is not defined, the deployment fails.

Option A is wrong because the backup schedule is valid. Option B is wrong because the storage account URL is obtained using reference(), which works if the storage account is deployed or exists. Option C is wrong because the apiVersion is correct for the resource type.

133
MCQeasy

A company has an Azure SQL Database instance that is used by a critical application. They need to ensure business continuity with an RPO of 0 (zero data loss) and an RTO of less than 1 minute in case of a regional outage. The solution must be cost-effective. What should you recommend?

A.Use Azure SQL Database automatic failover groups with manual failover.
B.Use Azure SQL Database zone-redundant configuration.
C.Use Azure SQL Database geo-restore from geo-redundant backups.
D.Use Azure SQL Database failover groups with active geo-replication.
AnswerD

Failover groups with active geo-replication provide an RPO of 0 and an RTO of less than 1 minute.

Why this answer

Azure SQL Database failover groups with active geo-replication and automatic failover provide an RPO of 0 and an RTO of less than 1 minute. Option A is incorrect because Azure SQL Database backup and restore has an RPO of 5 minutes. Option C is incorrect because Azure SQL Database zone-redundant configuration protects only within a region.

Option D is incorrect because manual failover does not meet the RTO requirement.

134
MCQhard

A company runs a critical SQL Server database on an Azure virtual machine. They need a high-availability solution within a single region that provides automatic failover, zero data loss (synchronous replication), and support read-only routing for reporting workloads. Which solution should they implement?

A.SQL Server Always On Availability Group with synchronous replication across availability zones
B.SQL Server Always On Failover Cluster Instance (FCI) with shared disks
C.Azure SQL Database Managed Instance with active geo-replication
D.Azure SQL Database with active geo-replication
AnswerA

Correct. This configuration provides automatic failover, synchronous commit for zero data loss, and readable secondary replicas for reporting.

Why this answer

SQL Server Always On Availability Group with synchronous replication across availability zones meets all requirements: it provides automatic failover, zero data loss through synchronous commit mode, and supports read-only routing by directing reporting workloads to readable secondary replicas. This solution operates within a single Azure region using availability zones for high availability.

Exam trap

The trap here is that candidates confuse synchronous replication (used in Always On Availability Groups) with asynchronous replication (used in geo-replication), and fail to recognize that read-only routing is a feature exclusive to Availability Groups, not Failover Cluster Instances or geo-replication solutions.

How to eliminate wrong answers

Option B is wrong because a Failover Cluster Instance (FCI) with shared disks does not support read-only routing for reporting workloads; FCI provides a single instance with no readable secondary replicas. Option C is wrong because Azure SQL Database Managed Instance with active geo-replication uses asynchronous replication, which cannot guarantee zero data loss, and it is designed for cross-region disaster recovery, not single-region high availability. Option D is wrong because Azure SQL Database with active geo-replication also uses asynchronous replication, resulting in potential data loss, and it is a cross-region solution, not a single-region high-availability solution.

135
MCQmedium

A company runs a critical SQL Server database on an Azure virtual machine. They need a backup strategy that supports point-in-time restore down to the second and long-term retention of backups for 7 years to meet compliance. They want to offload backup management to Azure. Which backup solution should they use?

A.Azure Backup for SQL Server on Azure VM
B.Azure Site Recovery
C.SQL Server managed backup to Azure
D.Azure Disk Backup
AnswerA

Azure Backup provides a fully managed backup solution for SQL Server VMs, including point-in-time restore and long-term retention, meeting all requirements.

Why this answer

Azure Backup for SQL Server on Azure VM provides native integration that supports point-in-time restore down to the second for SQL Server databases and allows configuring long-term retention (LTR) for up to 10 years, meeting the 7-year compliance requirement. It offloads backup management to Azure by automating backup schedules, retention policies, and restore operations without requiring manual scripting or third-party tools.

Exam trap

The trap here is that candidates often confuse Azure Site Recovery (disaster recovery) with backup, or assume SQL Server managed backup to Azure provides the same integrated point-in-time and long-term retention capabilities as Azure Backup, when in fact Azure Backup offers a fully managed, portal-integrated solution with native SQL Server awareness.

How to eliminate wrong answers

Option B is wrong because Azure Site Recovery is a disaster recovery solution that replicates entire VMs for failover, not a backup service; it does not support point-in-time restore for SQL Server databases or long-term retention for compliance. Option C is wrong because SQL Server managed backup to Azure is a feature that manages backups to Azure Blob storage but requires manual configuration of retention policies and does not offer native point-in-time restore down to the second or integrated long-term retention management within the Azure portal. Option D is wrong because Azure Disk Backup provides crash-consistent backups of managed disks at the VM level, not application-consistent backups for SQL Server, and cannot perform point-in-time restore for database transactions or log backups.

136
MCQmedium

A company has an on-premises Hyper-V environment with 20 virtual machines running various workloads. They want to use Azure as a disaster recovery site. The required recovery point objective (RPO) is 15 minutes, and the recovery time objective (RTO) is 2 hours. They want to automate failover and failback. Which Azure service should they use?

A.Azure Site Recovery
B.Azure Migrate
C.Azure Backup
D.Azure Recovery Services Vault
AnswerA

Azure Site Recovery orchestrates replication, failover, and failback for Hyper-V VMs to Azure. It supports near-synchronous replication and custom RPOs down to 30 seconds.

Why this answer

Azure Site Recovery (ASR) is the correct service because it provides orchestrated replication, failover, and failback for Hyper-V VMs to Azure as a DR site. It supports the required RPO of 15 minutes (using near-synchronous replication with change tracking) and RTO of 2 hours (via automated recovery plans), and it natively automates both failover and failback processes without additional scripting.

Exam trap

The trap here is that candidates confuse the Recovery Services Vault (a storage container) with the actual DR service (Azure Site Recovery), or they mistakenly think Azure Backup can meet low RPO/RTO requirements for disaster recovery when it is designed for backup, not replication with automated failover.

How to eliminate wrong answers

Option B (Azure Migrate) is wrong because it is designed for discovery, assessment, and migration of on-premises workloads to Azure, not for ongoing disaster recovery replication or automated failover/failback. Option C (Azure Backup) is wrong because it provides backup-based recovery with typical RPOs of 12-24 hours and RTOs measured in hours to days, and it does not support automated failover or failback orchestration. Option D (Azure Recovery Services Vault) is wrong because it is a storage container that holds backup data and replication settings, not a service that performs replication, failover, or failback; it is the underlying vault used by both Azure Backup and Azure Site Recovery, but the question asks for the service that automates DR, which is ASR.

137
MCQmedium

You have an Azure Storage account that stores critical data. You need to ensure that the data remains accessible if the primary region fails. The solution must minimize data loss and automatically failover. What should you configure?

A.Zone-redundant storage (ZRS) with customer-managed failover.
B.Locally redundant storage (LRS) with soft delete.
C.Read-access geo-zone-redundant storage (RA-GZRS).
D.Geo-redundant storage (GRS) with manual failover.
AnswerC

RA-GZRS provides automatic failover and read access in secondary region.

Why this answer

Option C (RA-GZRS) provides read access to secondary region and automatic failover if Microsoft initiates. Option A (LRS) no failover. Option B (GRS) failover but no read access.

Option D (ZRS) same region.

138
MCQmedium

A company uses Azure Kubernetes Service (AKS) to run a containerized microservices application. They need a disaster recovery solution that can automatically fail over to a secondary region if the primary region fails. The solution must minimize data loss for stateful workloads. What should they implement?

A.Azure Backup for AKS
B.Azure Front Door
C.Azure Traffic Manager
D.Azure Site Recovery
AnswerD

Site Recovery can replicate AKS workloads and persistent volumes for DR.

Why this answer

Option C is correct because AKS with Azure Disks using zone-redundant storage (ZRS) provides replication across zones within a region, but for cross-region DR, they need to pair with Azure Site Recovery or use a multi-region AKS with Velero for backup and restore. However, among the options, Azure Site Recovery is the only one that provides cross-region failover for AKS with persistent volumes. Option A is wrong because Azure Traffic Manager only routes traffic, does not replicate data.

Option B is wrong because Azure Front Door is for global load balancing, not DR. Option D is wrong because Azure Backup for AKS is backup-only, not failover.

139
MCQmedium

A company has several Azure Virtual Machines running Windows Server with critical applications. They need to back up these VMs to a secondary Azure region to protect against regional disasters. The backup must be application-consistent and support file-level restore. Which solution should they implement?

A.Azure Backup with geo-redundant storage (GRS) in a Recovery Services vault
B.Azure Site Recovery
C.Azure Snapshot of managed disks stored in a different region
D.Azure Managed Disk with incremental snapshots and manual cross-region copy
AnswerA

Azure Backup offers VM-level application-consistent backups, supports GRS for cross-region durability, and allows file-level restore from recovery points.

Why this answer

Azure Backup with geo-redundant storage (GRS) in a Recovery Services vault is the correct solution because it provides application-consistent backups of Windows Server VMs using the Volume Shadow Copy Service (VSS) to ensure data integrity, and it supports file-level restore by allowing you to mount the backup as a drive to recover individual files. The GRS option replicates backup data to a paired secondary region, meeting the disaster recovery requirement without additional manual steps.

Exam trap

The trap here is that candidates confuse Azure Site Recovery (a replication/failover tool) with Azure Backup (a backup/restore tool), or assume that crash-consistent snapshots (Options C and D) are sufficient for application consistency and file-level restore, which they are not.

How to eliminate wrong answers

Option B (Azure Site Recovery) is wrong because it is designed for replication and failover of VMs for disaster recovery, not for backup—it does not support file-level restore from backup snapshots and is not a backup solution. Option C (Azure Snapshot of managed disks stored in a different region) is wrong because snapshots are crash-consistent, not application-consistent, and they do not support file-level restore natively; you would need to create a new disk from the snapshot to access files. Option D (Azure Managed Disk with incremental snapshots and manual cross-region copy) is wrong because incremental snapshots are also crash-consistent and require manual cross-region copy, which adds complexity and does not guarantee application consistency or built-in file-level restore capabilities.

140
MCQmedium

Your company has an on-premises database running SQL Server 2019. You plan to migrate to Azure SQL Managed Instance. The business requires a recovery point objective (RPO) of 15 minutes and a recovery time objective (RTO) of 4 hours for a regional disaster. You need to design the disaster recovery solution. What should you use?

A.Configure a failover group between two Azure SQL Managed Instances in different regions with automatic failover.
B.Use SQL Server log shipping from on-premises to Azure SQL Managed Instance in a secondary region.
C.Configure geo-restore of Azure SQL Managed Instance backups to a secondary region.
D.Configure a failover group between two Azure SQL Managed Instances in different regions with manual failover.
AnswerD

Failover groups replicate data synchronously or asynchronously; manual failover ensures control.

Why this answer

Option A is correct because Azure SQL Managed Instance failover group with manual failover meets RPO of 15 minutes (replication delay typically less than 10 seconds) and RTO of 4 hours (manual failover takes minutes). Option B has RTO of 12 hours for geo-restore. Option C auto-failover may cause unwanted failovers.

Option D log shipping is not supported in managed instance.

141
MCQhard

A company runs a critical application on Azure VMs in the West US region. They want to protect against a regional disaster by replicating VMs to East US using Azure Site Recovery. They have both managed and unmanaged disks. They need to ensure that after failover, the recovery VMs are automatically placed in a specific availability set to support the application's multi-tier architecture. Additionally, they want to minimize downtime during planned failover. Which configuration should they use?

A.Configure a recovery plan that includes the VMs and specifies the target availability set and failover order
B.Set the target availability set in each VM's replication settings individually without a recovery plan
C.Use Azure Traffic Manager to route traffic to the secondary region after manual failover
D.Enable consistency groups across the VMs using a replication policy
AnswerA

A recovery plan allows you to group VMs into logical groups, specify the order of failover, and set target settings like availability sets. It also supports automation to minimize downtime during planned failover.

Why this answer

Option A is correct because a recovery plan in Azure Site Recovery allows you to group VMs, specify the target availability set, and define the failover order. This ensures that after failover, the recovery VMs are automatically placed in the specified availability set, supporting the application's multi-tier architecture. Additionally, recovery plans enable you to automate and sequence failover steps, minimizing downtime during planned failover by orchestrating the process efficiently.

Exam trap

The trap here is that candidates often confuse replication settings (like target availability set per VM) with recovery plans, not realizing that only recovery plans can enforce failover order and group-level placement, which is critical for multi-tier applications.

How to eliminate wrong answers

Option B is wrong because setting the target availability set in each VM's replication settings individually does not allow you to define a failover order or group VMs into a recovery plan, which is necessary for multi-tier application consistency and minimizing downtime. Option C is wrong because Azure Traffic Manager is a DNS-based traffic routing service that does not handle VM placement into availability sets or orchestrate failover sequencing; it only redirects traffic after failover is manually completed. Option D is wrong because consistency groups (multi-VM consistency) ensure crash-consistent or app-consistent recovery points across VMs but do not control target availability set placement or failover order; they are a replication policy feature, not a recovery plan substitute.

142
MCQhard

Refer to the exhibit. You deploy this ARM template to create a storage account in the West US region. The business continuity requirement states that if the primary region becomes unavailable, the storage account must be readable within 1 hour. What is the most important limitation of this configuration?

A.The storage account does not support read access in the secondary region, so manual failover is required, which may exceed the 1-hour RTO
B.The storage account uses GRS, which replicates data only to a secondary region within the same geography, not to a different region
C.The storage account only supports HTTPS traffic, which blocks replication
D.The storage account is configured with the Hot access tier, which prevents failover
AnswerA

GRS requires manual failover and no read access.

Why this answer

Option A is correct because GRS (geo-redundant storage) does not provide read access to the secondary region; failover is manual and may take longer than 1 hour. Option B is wrong because the access tier does not affect DR. Option C is wrong because HTTPS enforcement does not affect DR.

Option D is wrong because GRS replicates data to a paired region, but without read access.

143
MCQhard

Refer to the exhibit. An administrator runs the PowerShell script to enable replication for a VM. The script fails with an error that the VM is not found. What is the most likely cause?

A.The Recovery Services vault does not exist.
B.The protection container is not available.
C.The replication policy is not valid.
D.The Azure PowerShell context is not set to the subscription that contains the VM.
AnswerD

The script does not use Set-AzContext to switch to the production subscription.

Why this answer

Option A is correct because the Get-AzVM cmdlet is run against the current Azure context, which might be set to the DR subscription, but the VM is in the PROD-RG in the production subscription. The script does not switch the context to the production subscription, so the VM is not found. Option B is wrong because the vault is found (Get-AzRecoveryServicesVault succeeds).

Option C is wrong because the fabric and protection container are retrieved successfully. Option D is wrong because the policy is retrieved successfully.

144
MCQmedium

A company runs a critical line-of-business application on Azure VMs within a single region. The application tier is deployed across multiple VMs. They need to protect against a failure of an entire Azure datacenter within that region. The solution should automatically distribute the VMs across physically separate locations with independent power, cooling, and networking. The company also requires the lowest possible latency between application and database tiers within the same location. Which deployment strategy should they use?

A.Deploy the VMs across multiple availability zones
B.Deploy the VMs in an availability set
C.Use Azure Site Recovery to replicate VMs to a paired region
D.Use Azure Proximity Placement Groups
AnswerA

Availability zones provide datacenter-level redundancy within a region. By placing VMs in different zones, the application can survive a single datacenter failure. This also allows low latency within the same zone for the database tier.

Why this answer

Availability zones are physically separate datacenters within an Azure region, each with independent power, cooling, and networking. Deploying the application tier VMs across multiple zones protects against an entire datacenter failure while keeping all resources within the same region, ensuring the lowest possible latency between application and database tiers when they are placed in the same zone.

Exam trap

The trap here is that candidates often confuse availability sets (which protect against rack failures) with availability zones (which protect against datacenter failures), or they incorrectly assume that cross-region replication via Site Recovery is the only way to achieve datacenter fault tolerance, ignoring the lower-latency option of multiple zones within the same region.

How to eliminate wrong answers

Option B is wrong because an availability set only protects against rack-level failures within a single datacenter, not against the failure of an entire datacenter. Option C is wrong because Azure Site Recovery to a paired region introduces cross-region latency, which does not meet the requirement for the lowest possible latency within the same location. Option D is wrong because Proximity Placement Groups are designed to reduce latency by co-locating VMs, but they do not provide protection against a full datacenter failure.

145
MCQmedium

Refer to the exhibit. An administrator reviews the backup status of a VM. The last backup failed. What is the most likely cause?

A.The Recovery Services vault is in a different region.
B.The backup policy does not exist.
C.The source resource ID is missing.
D.The VM was deallocated at the time of backup.
AnswerD

Azure Backup cannot back up deallocated VMs.

Why this answer

Option C is correct because the last backup failure could be due to the VM being deallocated at the time of backup. Azure Backup cannot back up VMs that are in a deallocated state. Option A is wrong because the backup policy is referenced by policyId, so it exists.

Option B is wrong because the sourceResourceId is present and valid. Option D is wrong because the vault is not shown to be in a different region; besides, cross-region backup is supported.

146
MCQmedium

A company runs a critical application on Azure VMs in a single region. They need to ensure business continuity with an RPO of 1 hour and RTO of 4 hours. The application has dependencies on virtual networks, storage accounts, and other Azure resources. They want to use Azure Backup as the primary disaster recovery tool and must be able to restore the entire application in a secondary region if the primary region fails. Which backup strategy should they recommend?

A.Azure Backup for VMs with daily backups and cross-region restore
B.Azure Site Recovery with replication to a secondary region
C.Azure Backup for VMs with hourly backups and cross-region restore
D.Azure Backup for files with daily backups and geo-redundant storage
AnswerC

Hourly backups achieve an RPO of 1 hour, and cross-region restore allows recovery in a secondary region. Azure Backup can also protect dependent resources using the same Recovery Services Vault.

Why this answer

Option C is correct because Azure Backup for VMs supports hourly backups (up to every 4 hours for VM backups, but with application-consistent snapshots and cross-region restore, you can achieve an RPO of 1 hour by combining frequent backups with the ability to restore in a secondary region. The cross-region restore feature allows you to restore VMs and their dependencies (VNet, storage accounts) to a paired secondary region, meeting the RTO of 4 hours when using Azure Backup's restore capabilities.

Exam trap

The trap here is that candidates confuse Azure Backup with Azure Site Recovery, assuming Site Recovery is required for cross-region failover, but Azure Backup's cross-region restore can meet the RPO/RTO when combined with hourly backups, and the question explicitly restricts the tool to Azure Backup.

How to eliminate wrong answers

Option A is wrong because daily backups cannot achieve an RPO of 1 hour; the maximum backup frequency for daily backups is once per day, which would result in an RPO of up to 24 hours. Option B is wrong because Azure Site Recovery is a separate disaster recovery tool, not Azure Backup, and the question explicitly states they want to use Azure Backup as the primary disaster recovery tool. Option D is wrong because Azure Backup for files only protects file-level data, not the entire application including VMs, virtual networks, and storage accounts, and daily backups cannot meet the 1-hour RPO requirement.

147
MCQmedium

A company deploys a multi-tier application on Azure virtual machines. They need to implement disaster recovery using Azure Site Recovery. The recovery plan must ensure that the database VMs are started before the application VMs, and the application VMs before the web VMs. They also need to run a script after failover to update DNS records. Which ASR feature should they use?

A.Recovery Plan with manual steps
B.Recovery Plan with custom groups and script actions
C.Replication policy with crash-consistent snapshots
D.Azure Automation runbook
AnswerB

Custom groups define ordering, and script actions allow running PowerShell or Azure Automation after failover.

Why this answer

Azure Site Recovery (ASR) Recovery Plans allow you to orchestrate the order of VM failover by grouping VMs into custom groups and adding pre- and post-actions. By placing database VMs in Group 1, application VMs in Group 2, and web VMs in Group 3, you enforce the required startup sequence. Script actions (e.g., Azure Automation runbooks or PowerShell scripts) can be inserted at specific points in the plan to update DNS records after failover, making option B the correct choice.

Exam trap

The trap here is that candidates confuse a standalone Azure Automation runbook (which can run scripts but cannot enforce VM startup order) with a script action embedded in a Recovery Plan (which combines both ordering and script execution).

How to eliminate wrong answers

Option A is wrong because manual steps require human intervention during failover, which contradicts the need for an automated, reliable recovery plan that runs scripts to update DNS records. Option C is wrong because a replication policy with crash-consistent snapshots only controls the consistency of replicated data (ensuring crash-consistent recovery points) and does not provide any orchestration of VM startup order or post-failover scripting. Option D is wrong because an Azure Automation runbook is a script execution tool, but by itself it cannot define the multi-group startup sequence; it must be used as a script action within a Recovery Plan to achieve both ordering and automation.

148
MCQhard

A company runs a containerized application on Azure Container Instances (ACI) in a single region. The application uses Azure Cosmos DB (SQL API) with a single write region. You need to design a disaster recovery solution that meets an RPO of 0 seconds and RTO of 10 minutes for a regional outage. The solution must be cost-optimized. What should you include in the design?

A.Use Azure Container Instances with container groups across availability zones, and configure Cosmos DB geo-replication with manual failover.
B.Deploy ACI containers in two regions, use Azure Traffic Manager, and configure Cosmos DB with automatic failover.
C.Migrate the application to Azure Kubernetes Service (AKS) deployed in two regions, use Azure Front Door, and configure Cosmos DB with multi-region writes.
D.Deploy ACI containers in two regions, use Azure Front Door, and configure Cosmos DB with multi-region writes.
AnswerC

AKS supports multi-region deployment with automatic failover; Cosmos DB multi-region writes provide RPO=0.

Why this answer

Option D is correct because ACI does not support built-in multi-region deployment; using AKS with Azure Front Door and Cosmos DB multi-region writes provides RPO=0 and fast failover. Option A uses Azure Container Registry for replication but not compute failover. Option B uses Cosmos DB conflict resolution but ACI is single-region.

Option C uses manual steps which exceed RTO.

149
MCQhard

A company runs a multi-tier application on Azure virtual machines (VMs) in the West US region. The application consists of a web tier, an application tier, and a database tier. They need to implement a disaster recovery plan to a secondary region (East US) with a recovery point objective (RPO) of 5 minutes and a recovery time objective (RTO) of 15 minutes. The VMs must be recovered in the correct order: database tier first, then application tier, then web tier. The company also wants to test the recovery process periodically without affecting production. They need to ensure that after failover, the VMs retain their IP addresses to minimize DNS propagation delays. Which combination of Azure Site Recovery features should they use?

A.Use Azure Site Recovery with a replication policy of 5-minute frequency, configure a recovery plan with manual ordering, and rely on default IP assignment
B.Use Azure Site Recovery with a replication policy of 30-second frequency, create multi-VM consistency groups for each tier, build a recovery plan with script actions for ordering and static IP mapping, and use test failover for drills
C.Use Azure Site Recovery with a replication policy of 15-minute frequency and configure manual IP mapping after failover
D.Use Azure Backup with daily snapshots and a geo-restore option, then manually restore VMs in order
AnswerB

This combination meets all requirements: 30-second replication achieves <5-minute RPO; consistency groups ensure cross-VM consistency; recovery plan enforces order and runs scripts for IP mapping; test failover supports non-disruptive drills.

Why this answer

Option B is correct because it meets all requirements: a 30-second replication policy achieves the 5-minute RPO, multi-VM consistency groups ensure crash-consistent recovery across tiers, script actions in the recovery plan enforce the correct startup order (database first, then app, then web), static IP mapping retains IP addresses after failover, and test failover allows non-disruptive drills. This combination of features directly addresses the RPO, RTO, ordering, IP retention, and testing needs.

Exam trap

The trap here is that candidates often confuse replication frequency with RPO (e.g., thinking a 5-minute replication policy guarantees a 5-minute RPO) or assume manual ordering in a recovery plan is sufficient without understanding that script actions are needed for precise tier sequencing and IP retention.

How to eliminate wrong answers

Option A is wrong because a 5-minute replication policy does not guarantee the 5-minute RPO (it only replicates every 5 minutes, not within 5 minutes), manual ordering lacks script actions for precise tier sequencing, and default IP assignment does not retain IP addresses after failover. Option C is wrong because a 15-minute replication policy exceeds the 5-minute RPO requirement, and manual IP mapping after failover introduces delays that violate the 15-minute RTO. Option D is wrong because Azure Backup with daily snapshots cannot achieve a 5-minute RPO (snapshots are typically daily), geo-restore does not provide automated failover with ordering, and manual restoration cannot meet the 15-minute RTO.

150
Multi-Selecthard

A company runs an application on Azure VMs that uses Azure SQL Database. They need a disaster recovery solution that ensures the application can fail over to a secondary region with minimal data loss. The solution must include automatic failover for the database and manual failover for the VMs. Which TWO Azure services should they use? (Choose two.)

Select 2 answers
A.Azure SQL Database auto-failover groups
B.Azure Traffic Manager
C.Azure Front Door
D.Azure Site Recovery
E.Azure SQL Database active geo-replication
AnswersA, D

Provides automatic failover for the database.

Why this answer

Options B and D are correct. Azure SQL Database auto-failover groups provide automatic failover for the database. Azure Site Recovery replicates the VMs to the secondary region and allows manual failover.

Option A is wrong because Azure SQL active geo-replication does not automatically failover; it requires manual action. Option C is wrong because Azure Traffic Manager is for routing, not VM replication. Option E is wrong because Azure Front Door is for global load balancing.

← PreviousPage 2 of 3 · 201 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Design business continuity solutions questions.