CCNA Data Storage Solutions Questions

75 of 233 questions · Page 1/4 · Data Storage Solutions topic · Answers revealed

1
MCQmedium

Refer to the exhibit. An organization deploys this ARM template to create a storage account. They need to ensure that data is replicated synchronously across two Azure regions. Does this template meet the requirement?

A.No, the template uses RA-GRS
B.Yes, GRS provides synchronous replication
C.No, the template uses LRS
D.No, GRS provides asynchronous replication
AnswerD

GRS replicates asynchronously to a secondary region.

Why this answer

The template uses GRS (Geo-Redundant Storage), which replicates data asynchronously from the primary region to the secondary region. Because the replication is asynchronous, there is a potential for data loss if a regional disaster occurs before the secondary region is fully updated. The requirement specifies synchronous replication across two Azure regions, which is only provided by Azure Storage’s geo-zone-redundant storage (GZRS) with read-access (RA-GZRS) or by using Azure Files with synchronous replication via Azure File Sync or a third-party solution.

Therefore, GRS does not meet the synchronous requirement.

Exam trap

The trap here is that candidates often confuse GRS’s geo-redundancy with synchronous replication, not realizing that GRS uses asynchronous replication to the secondary region, while synchronous replication is only available within a single region (LRS, ZRS) or across availability zones (ZRS).

How to eliminate wrong answers

Option A is wrong because RA-GRS (Read-Access Geo-Redundant Storage) is not used in the template; the template specifies GRS, and RA-GRS also uses asynchronous replication, so it would not meet the synchronous requirement either. Option B is wrong because GRS provides asynchronous replication, not synchronous; synchronous replication across regions is not a feature of standard Azure Storage replication options. Option C is wrong because the template does not use LRS (Locally Redundant Storage); it uses GRS, which replicates to a secondary region, but the core issue is that GRS is asynchronous, not synchronous.

2
MCQmedium

A company runs a data analytics application that stores large volumes of structured data in a relational format. The data is write-intensive and the application needs to scale horizontally for high throughput. The solution must support SQL queries, including joins and ACID transactions. Which Azure database service should they choose?

A.Azure Database for PostgreSQL - Hyperscale (Citus)
B.Azure SQL Database Hyperscale
C.Azure Cosmos DB (SQL API)
D.Azure Synapse Analytics
AnswerA

Citus is a managed PostgreSQL service that scales out horizontally across multiple nodes and supports full SQL, joins, and ACID transactions.

Why this answer

Azure Database for PostgreSQL - Hyperscale (Citus) is correct because it provides horizontal scaling (sharding) across multiple nodes while preserving full SQL support, including JOINs and ACID transactions. Citus distributes data across worker nodes using a coordinator node, enabling write-intensive workloads to achieve high throughput through parallelized writes. This makes it ideal for large-volume, relational, write-heavy analytics applications that require relational integrity.

Exam trap

The trap here is that candidates often confuse Azure SQL Database Hyperscale's 'scale-out' read replicas with true horizontal write scaling, or they assume Cosmos DB's SQL API supports relational queries and transactions, when in fact it is a NoSQL store with limited consistency and no JOIN support.

How to eliminate wrong answers

Option B (Azure SQL Database Hyperscale) is wrong because it scales compute and storage vertically, not horizontally for write throughput; it is designed for large databases with high read scalability, not write-intensive horizontal scaling. Option C (Azure Cosmos DB SQL API) is wrong because it is a NoSQL database that does not support SQL JOINs or ACID transactions across multiple documents; it uses eventual consistency by default and lacks relational integrity. Option D (Azure Synapse Analytics) is wrong because it is a massively parallel processing (MPP) data warehouse optimized for analytical queries on large datasets, not for transactional, write-intensive workloads with ACID compliance; it uses a columnar store and does not support point-write transactions with the same isolation levels as a relational OLTP database.

3
MCQeasy

You have an Azure SQL Database that stores sales data. You need to ensure that the database can recover to any point in time within the last 35 days. What should you configure?

A.Configure the point-in-time restore (PITR) retention period to 35 days
B.Configure long-term retention (LTR) backups with a retention of 35 days
C.Create a secondary database in the same region
D.Enable geo-replication with a readable secondary
AnswerA

PITR allows restoring to any point within the retention period.

Why this answer

Point-in-time restore (PITR) for Azure SQL Database allows you to restore a database to any point within the configured retention period. The default retention is 7 days, but you can increase it up to 35 days. By setting the PITR retention period to 35 days, you meet the requirement to recover to any point in time within the last 35 days.

Exam trap

The trap here is confusing long-term retention (LTR) with point-in-time restore (PITR); candidates often think LTR provides point-in-time recovery, but LTR only retains full backups at fixed intervals and cannot restore to an arbitrary point within the retention window.

How to eliminate wrong answers

Option B is wrong because long-term retention (LTR) backups are designed for retaining full backups for extended periods (up to 10 years) and do not support point-in-time recovery; they only allow restoration to specific full backup timestamps, not any point in time. Option C is wrong because creating a secondary database in the same region provides high availability and failover capability but does not enable point-in-time recovery to any arbitrary time within the last 35 days. Option D is wrong because geo-replication with a readable secondary provides disaster recovery and read-scale out, but it does not offer point-in-time restore functionality; it replicates data asynchronously and cannot recover to an arbitrary past point.

4
MCQeasy

You need to store semi-structured data from IoT devices in Azure. The data has varying schemas and high write throughput. Which Azure service should you use?

A.Azure Blob Storage.
B.Azure SQL Database.
C.Azure Cosmos DB.
D.Azure Table Storage.
AnswerC

Supports varying schemas and high throughput.

Why this answer

Option D is correct because Azure Cosmos DB supports semi-structured data with flexible schemas and high write throughput. Option A is wrong because Azure SQL Database is relational and less flexible for varying schemas. Option B is wrong because Azure Blob Storage is for unstructured data.

Option C is wrong because Azure Table Storage has limited throughput and schema flexibility.

5
Multi-Selecthard

Which TWO options can be used to automatically replicate Azure SQL Database to a secondary region for disaster recovery with no data loss in the event of a regional outage?

Select 2 answers
A.Use auto-failover groups with data synchronization.
B.Enable active geo-replication for the database.
C.Set up log shipping to a secondary server.
D.Deploy Azure Site Recovery to replicate the SQL Server VM.
E.Configure failover groups with automatic failover policy.
AnswersA, E

Auto-failover groups replicate data synchronously and handle automatic failover.

Why this answer

Auto-failover groups with data synchronization (Option A) and failover groups with automatic failover policy (Option E) are both correct because failover groups in Azure SQL Database provide automatic, synchronous replication of data to a secondary region, ensuring zero data loss during a regional outage. The automatic failover policy triggers a failover without manual intervention, and the synchronous commit mode guarantees that transactions are committed on both primary and secondary before acknowledging success, meeting the RPO=0 requirement.

Exam trap

The trap here is that candidates often confuse active geo-replication with failover groups, assuming both provide zero data loss, but only failover groups with synchronous replication and automatic failover policy guarantee RPO=0, while active geo-replication is asynchronous and thus allows data loss.

6
MCQhard

An organization is migrating on-premises Oracle databases to Azure. They require minimal code changes and support for Oracle PL/SQL stored procedures. Which Azure data service best meets these requirements?

A.Azure Database for MySQL
B.Azure Database for PostgreSQL with Oracle compatibility
C.Azure SQL Database
D.Azure Cosmos DB
AnswerB

Supports PL/SQL with extension.

Why this answer

Azure Database for PostgreSQL with the Oracle compatibility extension (e.g., orafce) provides support for Oracle PL/SQL stored procedures and syntax, minimizing code changes during migration. This service is designed to handle Oracle workloads with minimal re-engineering, unlike other Azure database options that lack native Oracle compatibility.

Exam trap

The trap here is that candidates often assume Azure SQL Database is the natural choice for Oracle migrations due to its relational nature, but it lacks native PL/SQL support, whereas PostgreSQL with Oracle compatibility is the correct service for minimizing code changes.

How to eliminate wrong answers

Option A is wrong because Azure Database for MySQL does not support Oracle PL/SQL stored procedures or Oracle-specific syntax, requiring significant code rewrites. Option C is wrong because Azure SQL Database uses T-SQL, not PL/SQL, and lacks direct compatibility with Oracle stored procedures, necessitating manual conversion. Option D is wrong because Azure Cosmos DB is a NoSQL database that does not support relational Oracle PL/SQL stored procedures or schema-based migrations.

7
MCQhard

You deploy the above ARM template. The deployment succeeds. However, you cannot access the storage account from the Azure portal. What is the most likely reason?

A.The storage account is configured to require HTTPS traffic only.
B.The network ACLs deny all traffic by default, and no allow rules are configured.
C.The minimum TLS version is set to TLS 1.2, which is not supported by the portal.
D.The encryption key source is set to Microsoft.Storage, which prevents portal access.
AnswerB

Default action is Deny with no IP or virtual network rules, blocking portal access.

Why this answer

Option B is correct because the ARM template likely includes a network ACL configuration that, by default, denies all traffic. Without explicit allow rules for the Azure portal's IP ranges or the 'Allow trusted Microsoft services' exception, the portal cannot reach the storage account's management endpoints, resulting in an inability to access it from the portal despite a successful deployment.

Exam trap

The trap here is that candidates often overlook network ACLs as a cause for portal access failure, mistakenly focusing on TLS versions or encryption settings, which do not affect basic connectivity from the Azure portal.

How to eliminate wrong answers

Option A is wrong because requiring HTTPS traffic only does not block portal access; the portal uses HTTPS to communicate with storage accounts, so this setting would not prevent access. Option C is wrong because the Azure portal fully supports TLS 1.2; setting the minimum TLS version to 1.2 does not block portal access, as the portal uses TLS 1.2 or higher. Option D is wrong because setting the encryption key source to Microsoft.Storage is the default and does not affect portal access; portal connectivity is independent of encryption key management.

8
MCQmedium

A media company needs to store large video files that are frequently accessed for the first month, then infrequently after that. They want to minimize storage costs while ensuring files are instantly accessible when needed. Which storage strategy should they implement?

A.Store all files in the hot access tier
B.Manually move files between tiers using AzCopy
C.Store all files in the archive access tier
D.Use Azure Blob Storage lifecycle management to move files from hot to cool after 30 days
AnswerD

Lifecycle management automates tiering to optimize cost and access.

Why this answer

Option D is correct because Azure Blob Storage lifecycle management allows you to define rules that automatically transition blobs from the hot tier (frequent access) to the cool tier (infrequent access) after a specified number of days. This meets the requirement of instant accessibility for the first month and cost minimization thereafter, as the cool tier offers lower storage costs with the same low-latency access as the hot tier.

Exam trap

The trap here is that candidates may choose manual tiering (Option B) thinking it offers more control, but the exam tests the understanding that Azure's built-in lifecycle management is the automated, cost-optimized solution for predictable access patterns, and that archive tier (Option C) is not instantly accessible.

How to eliminate wrong answers

Option A is wrong because storing all files in the hot access tier incurs higher storage costs for the infrequently accessed period after the first month, failing to minimize costs. Option B is wrong because manually moving files between tiers using AzCopy is not a scalable or automated solution; it requires ongoing operational overhead and does not provide a policy-driven, cost-effective strategy for large volumes of files. Option C is wrong because the archive access tier has a retrieval latency of several hours (up to 15 hours for rehydration), which violates the requirement for instant accessibility when files are needed.

9
MCQeasy

You are reviewing the data protection settings of an Azure Blob Storage container using the above JSON. Which of the following is true?

A.Deleted blobs are retained for 30 days
B.Blobs can be restored to any point within the last 7 days
C.Previous versions of blobs are retained
D.Versioning is disabled
AnswerC

Versioning is enabled.

Why this answer

Option C is correct because the JSON shows that the `versioning` property is set to `Enabled` for the Blob Storage container. When versioning is enabled, every modification to a blob creates a new version, and previous versions are retained indefinitely (or until explicitly deleted or a lifecycle management policy removes them). This directly supports the statement that previous versions of blobs are retained.

Exam trap

The trap here is that candidates may confuse versioning with soft delete or point-in-time restore, assuming that versioning alone provides a specific retention period or point-in-time recovery capability, when in fact versioning retains all versions indefinitely unless a lifecycle policy is applied.

How to eliminate wrong answers

Option A is wrong because the JSON does not specify a soft-delete retention period; the `deleteRetentionPolicy` is not shown or is set to a different value, and the default soft-delete retention for blobs is 7 days, not 30 days. Option B is wrong because point-in-time restore requires both versioning and change feed to be enabled, and the JSON does not indicate that change feed is enabled; additionally, point-in-time restore has a maximum retention period of 30 days, not 7 days. Option D is wrong because the JSON explicitly shows `"versioning": "Enabled"`, meaning versioning is enabled, not disabled.

10
MCQmedium

A software company hosts 100 small Azure SQL databases for different clients. Each database has low average usage but experiences unpredictable spikes. The company wants to minimize costs while allowing each database to burst up to a maximum resource limit during spikes. They also need to easily add new databases without manual sizing. Which Azure SQL Database deployment option should they use?

A.Elastic pools
B.Single databases with DTU-based tiers
C.Managed Instance
D.Hyperscale single database
AnswerA

Elastic pools allow sharing resources among databases, support bursting to a per-database max, and make adding databases easy.

Why this answer

Elastic pools allow multiple databases with low average usage and unpredictable spikes to share a fixed pool of resources (eDTUs or eVCores), enabling each database to burst up to a maximum limit while minimizing overall cost. This model also supports easy addition of new databases without manual sizing, as they are simply added to the pool and share its allocated resources.

Exam trap

The trap here is that candidates may choose single databases with DTU-based tiers because they think 'bursting' requires dedicated resources, but they overlook the cost inefficiency and manual sizing overhead of managing many small databases individually.

How to eliminate wrong answers

Option B is wrong because single databases with DTU-based tiers require individual sizing and do not share resources, leading to higher costs for many low-usage databases that need burst capacity. Option C is wrong because Managed Instance is designed for lift-and-shift scenarios with full SQL Server instance-level features, not for cost-efficient multi-tenant database management with burst behavior. Option D is wrong because Hyperscale single database is optimized for very large databases (up to 100 TB) with high throughput and fast scaling, not for many small databases with unpredictable spikes where resource sharing is more cost-effective.

11
MCQmedium

A company stores unstructured data such as documents and images in Azure Blob Storage. The data is accessed frequently for the first month, then only rarely for the next year, and after that must be retained for 10 years for compliance. The company wants to minimize storage costs by automatically moving data to the most cost-effective storage tiers. Which Azure Blob Storage feature should they implement?

A.Lifecycle management policies
B.Azure Data Lake Storage access tiers
C.Soft delete
D.Immutability policies
AnswerA

Azure Blob Storage lifecycle management policies enable automatic transition of blobs to cooler tiers (Cool, Archive) based on age. The policy can move data from Hot to Cool after 30 days, then to Archive after one year, meeting the access pattern and minimizing costs.

Why this answer

Lifecycle management policies in Azure Blob Storage allow you to automatically transition blobs to cooler tiers (e.g., from Hot to Cool, then to Archive) based on age or last modification time. This directly matches the requirement to move data from frequent access (first month) to rare access (next year) and then to long-term retention (10 years) while minimizing costs.

Exam trap

The trap here is that candidates confuse storage tiers (Hot, Cool, Archive) with the automation feature (lifecycle management) that moves data between them, assuming tiers alone handle cost optimization without explicit policies.

How to eliminate wrong answers

Option B is wrong because Azure Data Lake Storage access tiers (Hot, Cool, Archive) are storage tiers themselves, not an automated policy; they require manual tier selection or lifecycle rules to move data between them. Option C is wrong because soft delete is a data protection feature that recovers accidentally deleted blobs, not a cost-optimization mechanism for tier transitions. Option D is wrong because immutability policies (WORM) prevent data modification or deletion for compliance, but do not automate tier transitions or reduce storage costs.

12
MCQhard

Refer to the exhibit. Your team deploys this ARM template to a resource group in West US. After deployment, you need to ensure the storage account is geo-redundant. What is the most efficient way to modify the template to achieve this?

A.Add a second storage account resource with Geo-redundant replication.
B.Change the 'kind' property to 'BlobStorage'.
C.Change the 'apiVersion' to a newer version.
D.Change the 'sku.name' property from 'Standard_LRS' to 'Standard_GRS'.
AnswerD

Standard_GRS provides geo-redundant storage.

Why this answer

Option D is correct because changing the 'sku.name' property from 'Standard_LRS' to 'Standard_GRS' directly modifies the replication type of the existing storage account to geo-redundant storage (GRS). This is the most efficient approach as it updates the single resource in-place without adding extra resources or altering the storage account's kind or API version.

Exam trap

The trap here is that candidates may think adding a new resource or changing the API version is necessary, but the most efficient way is to modify the existing resource's 'sku.name' property, which directly controls replication redundancy.

How to eliminate wrong answers

Option A is wrong because adding a second storage account with Geo-redundant replication does not make the existing storage account geo-redundant; it creates a separate resource, which is inefficient and does not meet the requirement. Option B is wrong because changing the 'kind' property to 'BlobStorage' changes the storage account type to blob-only storage, which does not affect replication redundancy; replication is controlled by the 'sku.name' property. Option C is wrong because changing the 'apiVersion' to a newer version does not alter the replication setting; the 'apiVersion' only defines the schema version for the template and does not impact resource properties like redundancy.

13
Multi-Selecteasy

Which TWO of the following Azure storage services support hosting static websites?

Select 2 answers
A.Azure Storage Account (general-purpose v2)
B.Azure Cosmos DB
C.Azure NetApp Files
D.Azure Blob Storage
E.Azure Files
AnswersA, D

General-purpose v2 accounts support static websites.

Why this answer

Azure Storage Account (general-purpose v2) supports hosting static websites by enabling the 'Static website' feature, which configures a container named '$web' to serve static content (HTML, CSS, JS) directly via a public endpoint. This feature is built into the storage account's blob service and provides automatic routing for index and error documents, making it a cost-effective solution for static site hosting.

Exam trap

The trap here is that candidates often confuse Azure Blob Storage (which supports static websites when part of a general-purpose v2 account) with Azure Files or Azure NetApp Files, assuming any storage service can serve web content, but only the blob service with the static website feature enabled provides the necessary HTTP endpoint and routing logic.

14
MCQmedium

A company is migrating on-premises SQL Server databases to Azure. They need to minimize administrative overhead for patching and backups while ensuring high availability. The solution must support automatic failover within the same Azure region. Which Azure service should they choose?

A.SQL Server on Azure Virtual Machines
B.Azure SQL Database Hyperscale
C.Azure SQL Database (single database)
D.Azure SQL Database Managed Instance
AnswerD

Managed Instance offers automated maintenance and built-in high availability with auto-failover.

Why this answer

Azure SQL Database Managed Instance is correct because it provides near-100% compatibility with on-premises SQL Server, automated patching and backups, and built-in high availability with automatic failover within the same region via Always On availability groups. This minimizes administrative overhead while meeting the high availability requirement without manual configuration.

Exam trap

The trap here is that candidates often confuse Azure SQL Database Managed Instance with Azure SQL Database single database, assuming both offer the same high availability and compatibility, but Managed Instance provides full SQL Server instance-level features and automatic failover within the region without additional configuration.

How to eliminate wrong answers

Option A is wrong because SQL Server on Azure Virtual Machines requires manual patching and backup management, increasing administrative overhead, and high availability requires manual configuration of Windows Server Failover Clustering or SQL Server Always On. Option B is wrong because Azure SQL Database Hyperscale is designed for large databases with fast scaling and read scale-out, but its high availability model uses page servers and a log-based service, not automatic failover within the same region in the same way as Managed Instance; it also lacks full SQL Server agent and CLR support. Option C is wrong because Azure SQL Database (single database) offers automated patching and backups but does not support automatic failover within the same region without configuring active geo-replication or failover groups, which adds complexity and cost; it also has limited compatibility for existing SQL Server features like SQL Agent jobs and cross-database queries.

15
MCQmedium

A company uses Azure SQL Database for a line-of-business application. They need to implement a disaster recovery solution across Azure regions with RPO of 5 seconds and RTO of 30 seconds. Which feature should they use?

A.Active geo-replication
B.Geo-restore
C.Azure SQL Database zone-redundant configuration
D.Auto-failover groups
AnswerA

Active geo-replication offers fast replication with RPO < 5 seconds and RTO < 30 seconds.

Why this answer

Active geo-replication for Azure SQL Database provides a continuous replication mechanism with an RPO of 5 seconds and an RTO of 30 seconds when using a readable secondary replica in a paired region. It replicates transactions asynchronously but with very low latency, meeting the strict RPO/RTO requirements for cross-region disaster recovery.

Exam trap

The trap here is that candidates often confuse auto-failover groups with active geo-replication, assuming the managed failover group provides faster RTO, but in reality, auto-failover groups have a longer RTO (typically 1 hour) due to DNS propagation and health probe intervals, while active geo-replication allows manual failover with sub-minute RTO.

How to eliminate wrong answers

Option B (Geo-restore) is wrong because it restores a database from geo-replicated backups with an RPO of 1 hour and an RTO of 12+ hours, far exceeding the required 5-second RPO and 30-second RTO. Option C (Azure SQL Database zone-redundant configuration) is wrong because it protects against datacenter failures within a single region, not across Azure regions, and does not provide cross-region disaster recovery. Option D (Auto-failover groups) is wrong because, while it uses active geo-replication under the hood, it adds a DNS-level routing layer that introduces additional failover latency, typically achieving an RTO of 1 hour, not the required 30 seconds.

16
MCQeasy

A company runs a line-of-business application on Azure VMs that requires a highly available, low-latency SMB file share with support for active-active access from multiple VMs. The application requires high IOPS and throughput, and the file share must be mountable on both Linux and Windows VMs. Which Azure file storage solution should they recommend?

A.A
B.B
C.C
D.D
AnswerB

Azure NetApp Files is a high-performance, enterprise-grade file storage service that supports SMB (both Windows and Linux) and can deliver thousands of IOPS with low latency.

Why this answer

Azure Premium File Shares (using SMB 3.0 protocol) provide a fully managed, highly available SMB file share with low latency and high IOPS/throughput. They support active-active access from multiple VMs and can be mounted on both Linux and Windows VMs, meeting all the requirements.

Exam trap

The trap here is that candidates often confuse Azure Blob Storage (which is object storage) with file shares, or incorrectly assume that Azure Disk Shared Disks provide an SMB mountable share, when in fact they are block-level and require cluster-aware applications.

How to eliminate wrong answers

Option A is wrong because Azure Blob Storage (including Premium Blob) does not support SMB protocol natively; it uses REST/API access and cannot be mounted as an SMB file share for active-active access from VMs. Option C is wrong because Azure NetApp Files uses NFS or SMB but is a third-party service with higher cost and complexity, and it is not the native Azure file storage solution for SMB shares. Option D is wrong because Azure Disk Storage (managed disks) can only be attached to a single VM at a time (except for shared disks with SCSI-3 Persistent Reservations, which are not SMB-based and have limited OS support), and it does not provide a file share mountable over SMB.

17
MCQhard

A company ingests millions of IoT events per second from sensors around the world. Each event is a JSON message with timestamp, device ID, and readings. They need to support real-time analytics dashboards and also store all raw data for long-term historical analysis. They want to minimize operational overhead. Which Azure data storage solution should they recommend?

A.Azure Data Lake Storage Gen2 for all data.
B.Azure Event Hubs with Capture to Azure Data Lake Storage.
C.Azure Cosmos DB for both real-time and historical data.
D.Azure Time Series Insights (TSI) Standard.
AnswerB

Event Hubs can handle millions of events per second. The Capture feature automatically writes ingested events to Data Lake Storage in Avro format (or JSON). For real-time dashboards, you can use Stream Analytics to query the Event Hubs stream. This provides a seamless, low-operational-overhead solution.

Why this answer

Azure Event Hubs is designed for high-throughput data ingestion, capable of handling millions of events per second. By enabling the Capture feature, data is automatically and durably persisted to Azure Data Lake Storage in Avro format, providing a serverless, low-latency pipeline for real-time dashboards while storing raw data for long-term analytics. This minimizes operational overhead by eliminating the need to manage separate ingestion and storage infrastructure.

Exam trap

The trap here is that candidates often confuse Azure Data Lake Storage as a complete solution for both ingestion and storage, overlooking the need for a dedicated event ingestion service like Event Hubs to handle high-throughput streaming data before persisting it to the lake.

How to eliminate wrong answers

Option A is wrong because Azure Data Lake Storage Gen2 is a scalable storage service but lacks native real-time ingestion capabilities; it would require an additional service like Event Hubs to handle the high-velocity IoT stream, adding complexity. Option C is wrong because Azure Cosmos DB is a NoSQL database optimized for low-latency reads/writes and transactional workloads, not for ingesting millions of events per second as a streaming buffer; using it for both real-time and historical data would incur high costs and operational overhead for raw event storage. Option D is wrong because Azure Time Series Insights (TSI) Standard is purpose-built for time-series data visualization and analysis, but it has limited throughput and retention compared to Event Hubs with Capture, and it is not designed to store raw JSON events for long-term historical analysis at this scale.

18
MCQmedium

A global e-commerce platform uses Azure Cosmos DB for its product catalog. The application requires multi-region writes to provide low-latency updates from any geographic location. Two users may update the same product item concurrently, so the solution must automatically resolve conflicts. For real-time inventory checks, reads must be strongly consistent, while product description reads can be eventually consistent. Which Cosmos DB configuration should they choose?

A.SQL API with multi-region writes, last-writer-wins conflict resolution, and per-request strong consistency
B.MongoDB API with multi-region writes and automatic conflict resolution
C.Table API with multi-region writes and strong consistency
D.Cassandra API with multi-region writes and strong consistency
AnswerA

SQL API supports multi-master writes, customizable conflict resolution, and the ability to set strong consistency on a per-request basis.

Why this answer

Option A is correct because the SQL API in Cosmos DB supports multi-region writes with last-writer-wins (LWW) conflict resolution using a timestamp or custom property, which automatically resolves concurrent updates to the same product item. Per-request strong consistency allows inventory reads to achieve linearizability by setting the consistency level at the request level, while product description reads can use the default session or eventual consistency for performance. This combination meets all requirements: multi-region writes, automatic conflict resolution, and the ability to mix strong and eventual consistency on a per-request basis.

Exam trap

The trap here is that candidates assume all Cosmos DB APIs support multi-region writes and per-request strong consistency equally, but only the SQL API (and the Table API with specific limitations) offers the full flexibility to mix consistency levels per request, while the MongoDB, Cassandra, and Table APIs have fixed account-level consistency or lack multi-region write support entirely.

How to eliminate wrong answers

Option B is wrong because the MongoDB API in Cosmos DB does not support per-request strong consistency; it only offers a fixed set of consistency levels at the account level, and its automatic conflict resolution is limited to LWW without the flexibility to mix consistency levels per request. Option C is wrong because the Table API does not support multi-region writes; it is designed for single-region writes with read-only replicas, and it lacks per-request strong consistency. Option D is wrong because the Cassandra API does not support multi-region writes in Cosmos DB; it is limited to single-region writes, and its consistency model is based on Cassandra's tunable consistency (e.g., QUORUM) rather than Cosmos DB's per-request strong consistency.

19
MCQhard

A company is designing a hybrid storage solution to connect on-premises file shares to Azure. They need to cache frequently accessed files locally for low-latency access while storing all files in Azure. The solution must support SMB protocol and integrate with existing Windows file servers. Which Azure service should they use?

A.Azure Blob Storage with NFS 3.0 support
B.Azure Files
C.Azure File Sync
D.Azure NetApp Files
AnswerC

Azure File Sync provides cloud tiering and local caching with SMB.

Why this answer

Azure File Sync is the correct choice because it enables caching of frequently accessed files on-premises via a sync agent installed on Windows Server, while all files are stored in Azure Files. This provides low-latency access for local users and supports SMB protocol, seamlessly integrating with existing Windows file servers through a cloud tiering feature that keeps only hot files locally.

Exam trap

The trap here is that candidates often confuse Azure Files (a cloud-only SMB share) with Azure File Sync (which adds local caching and sync capabilities), leading them to select Azure Files without recognizing the requirement for on-premises low-latency access.

How to eliminate wrong answers

Option A is wrong because Azure Blob Storage with NFS 3.0 support does not natively support SMB protocol and cannot integrate with existing Windows file servers as a cached file share; it is designed for POSIX-compliant workloads. Option B is wrong because Azure Files alone provides a cloud-based SMB share but does not cache files locally on-premises; it requires direct network connectivity and does not offer local caching for low-latency access. Option D is wrong because Azure NetApp Files supports SMB but is a fully managed, high-performance file service that does not provide local caching on existing Windows file servers; it is intended for enterprise workloads requiring dedicated throughput, not hybrid caching.

20
MCQeasy

A company is designing a data storage solution for a globally distributed application that requires low-latency read access to frequently accessed data and high throughput for write operations. The data is non-relational and can be stored as key-value pairs. Which Azure service should they use?

A.Azure Table Storage
B.Azure Cosmos DB
C.Azure SQL Database
D.Azure Blob Storage
AnswerB

Azure Cosmos DB provides global distribution, low-latency reads, and high throughput for key-value data.

Why this answer

Azure Cosmos DB is the correct choice because it is a globally distributed, multi-model database service that provides guaranteed low-latency reads (under 10 ms at the 99th percentile) and high throughput for write operations, with automatic indexing and turnkey global distribution. It natively supports key-value data models, making it ideal for non-relational, frequently accessed data requiring consistent performance across regions.

Exam trap

The trap here is that candidates often confuse Azure Table Storage as a sufficient key-value store for global scenarios, overlooking its lack of global distribution and guaranteed low-latency SLAs, which Cosmos DB uniquely provides.

How to eliminate wrong answers

Option A is wrong because Azure Table Storage is a NoSQL key-value store but lacks global distribution, automatic indexing, and guaranteed low-latency SLAs; it is designed for simpler, less demanding workloads and cannot match Cosmos DB's throughput and latency guarantees. Option C is wrong because Azure SQL Database is a relational database that requires a fixed schema and does not natively support key-value pair storage; it is optimized for structured, relational data and ACID transactions, not for high-throughput, low-latency key-value access. Option D is wrong because Azure Blob Storage is an object storage service for unstructured data (e.g., images, videos) and does not provide key-value pair semantics or the sub-10 ms read latency and high write throughput required for a globally distributed application; it is designed for bulk storage and streaming, not transactional key-value operations.

21
Multi-Selectmedium

Which TWO of the following Azure services support storing JSON documents without requiring a predefined schema? (Select two.)

Select 2 answers
A.Azure Purview
B.Azure Blob Storage
C.Azure Cosmos DB
D.Azure Analysis Services
E.Azure SQL Database
AnswersB, C

Blob Storage can store JSON files as blobs without schema enforcement.

Why this answer

Azure Blob Storage is correct because it can store JSON documents as blobs (block blobs) without requiring a predefined schema. The service treats the JSON as opaque binary data, allowing you to upload, download, and manage JSON files with no schema enforcement, making it suitable for schema-less document storage.

Exam trap

The trap here is that candidates may mistakenly think Azure SQL Database's JSON support (e.g., OPENJSON, JSON_VALUE) means it can store JSON without a schema, but in reality, the JSON must be inserted into a predefined table column, so the table schema is still required.

22
MCQhard

A financial services company needs to store sensitive transaction records in Azure for 7 years to meet regulatory compliance. The data must be immutable and cannot be deleted or modified during the retention period. Which Azure storage feature should you enable?

A.Blob versioning with lifecycle management
B.Soft delete for blob storage
C.Immutable blob with time-based retention policy
D.Legal hold on the storage container
AnswerC

Immutable blob policies guarantee data cannot be deleted or modified for a specified period.

Why this answer

Option C is correct because immutable blob storage with a time-based retention policy enforces WORM (Write Once, Read Many) compliance, ensuring that data cannot be deleted or modified for a specified retention period. This meets the 7-year regulatory requirement for sensitive transaction records, as the policy locks the data at the blob level and prevents any overwrite or deletion, even by administrators with elevated permissions.

Exam trap

The trap here is that candidates confuse soft delete or versioning with immutability, not realizing that only immutable blob storage provides true WORM protection that prevents any modification or deletion during the retention period.

How to eliminate wrong answers

Option A is wrong because blob versioning with lifecycle management preserves previous versions of blobs but does not prevent deletion or modification of the current version; it only allows recovery of older versions, not immutability. Option B is wrong because soft delete for blob storage retains deleted blobs for a configurable period but does not prevent deletion in the first place; data can still be deleted (and later recovered), which violates the immutable requirement. Option D is wrong because a legal hold on the storage container prevents deletion of blobs only while the hold is active, but it does not enforce a fixed retention period and can be removed by an authorized user, failing the 7-year compliance mandate.

23
MCQhard

Refer to the exhibit. You run a KQL query against Azure Cosmos DB diagnostics logs. The query shows increasing latency for Query operations over time. Which is the most likely root cause?

A.A query is consuming increasing RU over time, possibly due to a hot partition
B.The Cosmos DB account has reached its storage limit
C.The Cosmos DB account is being throttled due to insufficient RUs
D.There is network latency between the client and the Cosmos DB endpoint
AnswerA

Increasing latency indicates inefficient queries or hot partitions consuming more RUs.

Why this answer

The query latency increase over time, combined with the fact that the query is consuming more Request Units (RU) per execution, strongly indicates a hot partition. In Azure Cosmos DB, a hot partition occurs when a disproportionate amount of traffic hits a single physical partition, causing that partition's RU budget to be exhausted while others remain underutilized. This leads to increased latency for queries targeting that partition, as the partition's resources become saturated.

Exam trap

The trap here is that candidates often confuse throttling (Option C) with latency degradation, but throttling is an immediate rejection (HTTP 429), not a gradual latency increase; the key clue is the 'increasing latency over time' combined with 'increasing RU consumption,' which points to a hot partition, not a capacity issue.

How to eliminate wrong answers

Option B is wrong because Cosmos DB has no fixed storage limit; it scales horizontally, and storage limits are tied to provisioned throughput, not a hard cap that would cause increasing latency. Option C is wrong because throttling (HTTP 429) would cause immediate errors or retries, not a gradual increase in latency over time; the query would either succeed or fail, not slowly degrade. Option D is wrong because network latency between client and endpoint would manifest as a constant baseline delay, not a trend of increasing latency; it would not correlate with query RU consumption.

24
MCQmedium

A company is building a big data analytics platform that will process structured, semi-structured, and unstructured data using Azure Synapse Analytics and other tools. They need a storage layer that supports hierarchical namespaces and fine-grained access control at the directory level. Which Azure storage solution should they use?

A.Azure Blob Storage
B.Azure Data Lake Storage Gen2
C.Azure Files
D.Azure Cosmos DB
AnswerB

ADLS Gen2 provides a hierarchical namespace and ACL support, enabling efficient data management and security at the directory level for big data analytics.

Why this answer

Azure Data Lake Storage Gen2 (ADLS Gen2) is the correct choice because it combines Azure Blob Storage with a hierarchical namespace, enabling directory-level access control lists (ACLs) and POSIX-compliant permissions. This is essential for the big data analytics platform described, as it must support structured, semi-structured, and unstructured data with fine-grained access control at the directory level, which Azure Synapse Analytics can directly query via ABFS (Azure Blob File System) driver.

Exam trap

The trap here is that candidates often confuse Azure Blob Storage with ADLS Gen2, assuming blob storage supports hierarchical namespaces natively, but it requires explicit enabling of the hierarchical namespace feature, which is only available in ADLS Gen2 accounts.

How to eliminate wrong answers

Option A is wrong because Azure Blob Storage does not support a hierarchical namespace by default; it uses a flat namespace, which prevents directory-level ACLs and requires workarounds for folder-like structures. Option C is wrong because Azure Files provides SMB file shares with directory-level access, but it is designed for lift-and-shift file shares and lacks the hierarchical namespace and POSIX ACLs needed for big data analytics with Azure Synapse. Option D is wrong because Azure Cosmos DB is a NoSQL database for globally distributed, low-latency applications, not a storage layer for hierarchical namespace and directory-level ACLs; it uses a document or graph model, not a file system.

25
MCQhard

Your company is designing a data lake solution using Azure Data Lake Storage Gen2. The solution must support hierarchical namespace for efficient directory operations, and must provide encryption at rest using customer-managed keys stored in Azure Key Vault. Which steps must you take to enable customer-managed key encryption for the storage account?

A.Create the storage account with a user-assigned managed identity, then enable hierarchical namespace, and configure encryption.
B.Create the storage account without hierarchical namespace, then enable it later, and configure encryption with Key Vault.
C.Create the storage account and specify customer-managed key encryption during creation using the Azure portal.
D.Create the storage account with hierarchical namespace enabled, then assign a system-assigned managed identity, and configure encryption with Azure Key Vault.
AnswerD

This is the correct order: create account, enable identity, configure encryption.

Why this answer

Option D is correct because Azure Data Lake Storage Gen2 requires hierarchical namespace to be enabled at account creation time, and customer-managed key encryption with Azure Key Vault requires a system-assigned managed identity to be assigned to the storage account after creation. The system-assigned identity is used to authenticate to Key Vault for key access, and encryption with customer-managed keys can be configured post-creation via the Azure portal or PowerShell.

Exam trap

The trap here is that candidates assume customer-managed key encryption can be configured during storage account creation, but Azure requires it to be set post-creation after a managed identity is assigned, and hierarchical namespace must be enabled at creation time.

How to eliminate wrong answers

Option A is wrong because a user-assigned managed identity is not required; a system-assigned managed identity is the correct identity type for customer-managed key encryption with Key Vault, and hierarchical namespace must be enabled during creation, not after. Option B is wrong because hierarchical namespace cannot be enabled after the storage account is created; it must be specified at creation time. Option C is wrong because customer-managed key encryption cannot be specified during storage account creation in the Azure portal; it must be configured after the account is created, and a managed identity must be assigned first.

26
MCQmedium

A company uses Azure Redis Cache to improve the performance of a web application. They need to ensure that cached data survives a failover to a secondary region. Which Azure Redis Cache tier should they choose?

A.Standard tier
B.Basic tier
C.Premium tier
D.Enterprise tier
AnswerC

Premium tier includes geo-replication for cross-region data persistence.

Why this answer

Azure Redis Cache Premium tier supports geo-replication for cross-region disaster recovery. Standard tier only replicates within a datacenter. Basic tier has no replication.

Enterprise tier also supports geo-replication but is more expensive and complex.

27
Multi-Selectmedium

A company is designing a solution for storing sensitive financial records that must be retained for 7 years. The solution must meet the following requirements: - Data must be immutable during the retention period. - After the retention period, data must be automatically deleted. - The solution must minimize storage costs. Which two Azure services should the company use? (Choose two.)

Select 2 answers
A.Microsoft Purview Data Map
B.Azure Blob Storage lifecycle management
C.Azure NetApp Files with replication
D.Azure Blob Storage with immutable storage policy
E.Azure Files with snapshots
AnswersB, D

Lifecycle management can delete blobs after a defined period.

Why this answer

Option A is correct because Azure Blob Storage provides immutable storage with time-based retention policies. Option C is correct because Azure Blob Storage lifecycle management can automatically delete blobs after a specified period. Option B is wrong because Azure Files does not support immutable storage natively.

Option D is wrong because Azure NetApp Files does not have built-in immutability or lifecycle management. Option E is wrong because Azure Purview is a data governance service, not for storage.

28
MCQmedium

An enterprise data platform must store petabytes of raw files for analytics and support fine-grained access control through Microsoft Entra ID. Which storage solution should be selected?

A.Azure Queue Storage
B.Azure Disk Storage attached to one VM
C.Azure Cache for Redis
D.Azure Data Lake Storage Gen2
AnswerD

ADLS Gen2 combines Blob Storage scalability with hierarchical namespace and Entra ID-based ACLs.

Why this answer

Azure Data Lake Storage Gen2 (ADLS Gen2) combines a hierarchical namespace with Azure Blob Storage, enabling petabyte-scale storage for raw files and fine-grained access control via POSIX-like ACLs integrated with Microsoft Entra ID (formerly Azure AD). This makes it the ideal solution for enterprise analytics requiring both massive capacity and granular security.

Exam trap

The trap here is that candidates may confuse Azure Blob Storage (which lacks a hierarchical namespace and fine-grained ACLs) with ADLS Gen2, or assume that any Azure storage service can handle petabyte-scale analytics, ignoring the specific requirements for Entra ID integration and granular permissions.

How to eliminate wrong answers

Option A is wrong because Azure Queue Storage is a messaging service for asynchronous communication between application components, not a storage solution for raw analytics files, and it lacks the hierarchical namespace and Entra ID-based ACLs needed for fine-grained access control. Option B is wrong because Azure Disk Storage attached to a single VM is limited to the VM's capacity (typically terabytes, not petabytes), is not designed for multi-user analytics access, and requires the VM's OS to manage access, which does not natively integrate with Entra ID for fine-grained control. Option C is wrong because Azure Cache for Redis is an in-memory data store for caching and low-latency access, not a durable storage system for petabytes of raw files, and it does not support Entra ID-based ACLs for file-level permissions.

29
Multi-Selecthard

Which THREE of the following are considerations when designing a storage solution for a high-availability application on Azure?

Select 3 answers
A.Recovery Point Objective (RPO) and Recovery Time Objective (RTO)
B.Use of zone-redundant storage (ZRS) for within-region resilience
C.Data encryption at rest using Azure Storage Service Encryption
D.Data striping with RAID 0 for performance
E.Use of geo-redundant storage (GRS) for cross-region disaster recovery
AnswersA, B, E

These metrics guide the replication and failover design.

Why this answer

Option A is correct because RPO and RTO are fundamental design considerations for any high-availability application. RPO defines the maximum acceptable data loss (measured in time), which directly influences the choice of backup frequency and replication type (e.g., synchronous vs. asynchronous). RTO defines the maximum acceptable downtime, which dictates the failover mechanism and infrastructure redundancy (e.g., active-passive vs. active-active).

Both metrics must be explicitly defined before selecting a storage redundancy tier or disaster recovery strategy.

Exam trap

The trap here is confusing security features (encryption at rest) or performance optimizations (RAID 0) with high-availability design requirements, leading candidates to select options that are valid in other contexts but irrelevant to uptime and disaster recovery.

30
MCQmedium

A gaming company is developing a multiplayer online game that requires a low-latency data store for player profiles, inventory, and session state. The data is accessed globally, and the solution must support millions of concurrent players. The company expects write-heavy workloads with occasional reads. The solution must provide single-digit millisecond latency for reads and writes. The company also needs to run analytics on the data to understand player behavior, but analytics queries can tolerate higher latency (minutes). Which Azure data storage solution should the company recommend for the transactional data?

A.Azure SQL Database with active geo-replication
B.Azure Redis Cache with persistence
C.Azure Cosmos DB with multiple write regions
D.Azure Table Storage with geo-redundancy
AnswerC

Provides single-digit ms latency globally with multi-master writes.

Why this answer

Option B is correct because Azure Cosmos DB with multi-master writes provides global low-latency access and high throughput. Option A is wrong because Azure SQL Database with geo-replication may have higher latency for writes due to replication. Option C is wrong because Azure Redis Cache is a caching layer, not a durable data store.

Option D is wrong because Azure Table Storage is not designed for single-digit millisecond latency and global distribution.

31
MCQeasy

A media company stores raw video files and processed output in Azure. These files are accessed via REST APIs by a processing application. After processing, the files are rarely accessed but must be retained. To minimize costs, the company wants to automatically move files to a cheaper storage tier after 30 days and archive them after 90 days. Which Azure storage solution and feature should they use?

A.Azure Blob Storage with lifecycle management policies
B.Azure Files with snapshot schedules
C.Azure Disk Storage with incremental snapshots
D.Azure NetApp Files with snapshot policies
AnswerA

Blob Storage offers multiple tiers and lifecycle management can automate tier transitions (e.g., cool after 30 days, archive after 90 days).

Why this answer

Azure Blob Storage with lifecycle management policies is correct because it allows you to define rules that automatically transition blobs from the hot tier to the cool tier after 30 days and then to the archive tier after 90 days. This directly meets the cost-minimization requirement for rarely accessed files that must be retained, as lifecycle management automates tier transitions without manual intervention.

Exam trap

The trap here is that candidates may confuse Azure Files or Azure NetApp Files with object storage, not realizing that only Azure Blob Storage supports REST API access and automated lifecycle tiering to cool and archive tiers.

How to eliminate wrong answers

Option B is wrong because Azure Files is a fully managed file share accessed via SMB or NFS, not REST APIs, and snapshot schedules provide point-in-time recovery, not automated tiering between storage tiers. Option C is wrong because Azure Disk Storage provides block-level storage for VMs with incremental snapshots for backup, not object storage with lifecycle tiering, and it does not support REST API access for media files. Option D is wrong because Azure NetApp Files offers high-performance NFS/SMB volumes with snapshot policies for data protection, but it lacks built-in lifecycle management to automatically move data to cheaper tiers like cool or archive.

32
MCQeasy

A company needs to store video files for a media streaming application. The files are accessed frequently for the first 30 days, then rarely after that. The solution must minimize storage costs while ensuring low-latency access during the initial period. Which storage tier should be used for the first 30 days?

A.Azure Blob Storage Hot tier
B.Azure Blob Storage Cool tier
C.Azure Premium Blob Storage
D.Azure Blob Storage Archive tier
AnswerA

Hot tier is optimized for frequent access with low latency, suitable for first 30 days.

Why this answer

Azure Blob Storage Hot tier is designed for data that is accessed frequently, offering low-latency access (typically under 10 milliseconds for first-byte read) and the highest storage cost but lowest access cost. Since the video files require low-latency access during the first 30 days, the Hot tier meets the performance requirement while minimizing overall cost compared to Premium Blob Storage, which is optimized for sub-millisecond latency and higher IOPS scenarios.

Exam trap

The trap here is that candidates often choose the Cool tier thinking it balances cost and access, but they overlook that Cool tier has higher access costs and a 30-day early deletion penalty, making it more expensive than Hot for frequent access during the first 30 days.

How to eliminate wrong answers

Option B is wrong because the Cool tier has higher access costs and a 30-day early deletion penalty, making it suboptimal for frequent access during the first 30 days; it is designed for data accessed infrequently (about once a month or less). Option C is wrong because Azure Premium Blob Storage provides sub-millisecond latency via SSDs and is intended for high-transaction workloads, not for minimizing storage costs for frequently accessed video files; it would be significantly more expensive than the Hot tier. Option D is wrong because the Archive tier has the lowest storage cost but the highest access latency (hours to rehydrate) and is intended for data that is rarely accessed (less than once a year); it cannot provide low-latency access during the first 30 days.

33
Multi-Selecthard

Which TWO options are valid ways to enforce data residency in Azure Storage to ensure data does not leave a specific Azure region?

Select 2 answers
A.Use Azure Policy to deny storage accounts with geo-redundant storage (GRS) or read-access geo-redundant storage (RA-GRS).
B.Use Azure Data Lake Storage Gen2 with hierarchical namespace.
C.Enable Azure Front Door with caching.
D.Use read-access geo-redundant storage (RA-GRS).
E.Configure Azure Storage firewall and virtual network service endpoints with a deny-all default rule.
AnswersA, E

Azure Policy can enforce that storage accounts are only LRS or ZRS, keeping data in region.

Why this answer

Azure Policy can enforce data residency by denying the creation of storage accounts that use geo-redundant storage (GRS) or read-access geo-redundant storage (RA-GRS), as these replication options replicate data to a paired secondary region. By applying a policy that blocks these SKUs, you ensure that all storage account data remains within a single Azure region, meeting data residency requirements.

Exam trap

The trap here is that candidates often confuse data residency with data security or access control, mistakenly thinking that firewall rules (Option E) or network restrictions alone prevent data from leaving a region, when in fact replication settings (GRS/RA-GRS) are the primary mechanism that moves data across regions.

34
MCQmedium

Your company is designing a data storage solution for a global e-commerce platform. The solution must support high-frequency read and write operations with sub-millisecond latency, and must be able to handle schema-less JSON documents. Which Azure data service should you recommend?

A.Azure SQL Database
B.Azure Blob Storage
C.Azure Cosmos DB
D.Azure Table Storage
AnswerC

Cosmos DB provides schema-less NoSQL storage with guaranteed sub-millisecond latency globally.

Why this answer

Azure Cosmos DB is the correct choice because it is a globally distributed, multi-model database service that offers guaranteed single-digit-millisecond latency for both reads and writes at the 99th percentile, making it ideal for high-frequency operations. It natively supports schema-less JSON documents through its SQL API, allowing flexible data models without requiring schema definitions or migrations.

Exam trap

The trap here is that candidates often confuse Azure Table Storage's schema-less nature with Cosmos DB's capabilities, overlooking the critical requirement for sub-millisecond latency and global distribution that only Cosmos DB guarantees.

How to eliminate wrong answers

Option A is wrong because Azure SQL Database is a relational database that requires a fixed schema and does not natively support schema-less JSON documents; while it has JSON functions, it is not optimized for sub-millisecond latency at scale. Option B is wrong because Azure Blob Storage is an object storage service designed for unstructured binary data and large files, not for high-frequency read/write operations on individual JSON documents with sub-millisecond latency. Option D is wrong because Azure Table Storage is a NoSQL key-value store that supports schema-less entities, but it does not provide sub-millisecond latency guarantees and lacks the rich querying capabilities and global distribution features of Cosmos DB.

35
Multi-Selecteasy

Which TWO of the following are valid replication options for Azure Blob Storage?

Select 2 answers
A.GRS (Geo-Redundant Storage)
B.RA-GRS (Read-Access Geo-Redundant Storage)
C.LRS (Locally Redundant Storage)
D.ZRS (Zone-Redundant Storage)
E.ASR (Azure Site Recovery)
AnswersA, C

GRS replicates data to a secondary region.

Why this answer

Azure Blob Storage offers multiple redundancy options to protect data against failures. GRS (Geo-Redundant Storage) replicates your data synchronously three times within a single primary region using LRS, then asynchronously replicates to a secondary region hundreds of miles away, ensuring durability even during a regional outage. LRS (Locally Redundant Storage) replicates data three times within a single datacenter in the same region, providing protection against server and drive failures but not against datacenter-level disasters.

Exam trap

The trap here is that candidates often confuse RA-GRS as a separate replication option rather than recognizing it as an access feature of GRS, and they may overlook that ZRS is also a valid replication option but the question specifically expects GRS and LRS based on the classic redundancy tiers emphasized in the AZ-305 exam.

36
MCQmedium

A company ingests IoT sensor data into Azure Blob Storage. Data is written frequently and accessed rarely after the first 24 hours. The company must retain the data for exactly 90 days for compliance. They want to minimize storage costs by automatically moving data to cheaper tiers as soon as possible. Which lifecycle management policy should they implement?

A.Move to Cool tier immediately (0 days) and then to Archive after 30 days
B.Move to Cool tier after 1 day and then to Archive after 30 days
C.Move to Archive tier after 1 day
D.Move to Cool tier after 30 days and to Archive after 90 days
AnswerB

This policy moves data to Cool after 1 day (when access frequency drops) and then to Archive after 30 days, minimizing costs while meeting the 90-day retention requirement. Archive is the cheapest tier for long-term storage.

Why this answer

Option B is correct because it aligns with the access pattern: data is frequently accessed only in the first 24 hours, so moving to Cool tier after 1 day (when access drops) saves costs, then moving to Archive after 30 days meets the 90-day retention requirement while minimizing storage costs. The lifecycle policy must ensure data is not moved to Archive before the compliance period ends, and moving to Cool immediately (0 days) would incur unnecessary write costs for frequently written data.

Exam trap

The trap here is that candidates often choose Option A (move to Cool immediately) thinking it saves the most money, but they overlook the frequent write pattern and the fact that Cool tier has higher write costs, making a 1-day delay more cost-effective.

How to eliminate wrong answers

Option A is wrong because moving to Cool tier immediately (0 days) does not account for the frequent writes in the first 24 hours, potentially incurring higher write costs and not aligning with the access pattern. Option C is wrong because moving directly to Archive after 1 day violates the 90-day retention requirement, as Archive tier has a minimum 180-day retention policy (early deletion fee) and data would be inaccessible for compliance needs. Option D is wrong because moving to Cool after 30 days and to Archive after 90 days fails to minimize costs—data should be moved to Cool sooner (after 1 day) to reduce costs during the low-access period, and moving to Archive at 90 days does not take advantage of cheaper Archive storage for the remaining 60 days.

37
MCQmedium

A company wants to analyze IoT sensor data from millions of devices in near real-time and store the raw data for batch processing. Which combination of Azure services should they use?

A.Azure Event Hubs and Azure Synapse Analytics
B.Azure IoT Hub and Azure Cosmos DB
C.Azure Data Lake Storage and Azure Stream Analytics
D.Azure Event Hubs and Azure Blob Storage
AnswerD

Ingests and stores raw data efficiently.

Why this answer

Azure Event Hubs is a highly scalable data streaming platform and event ingestion service capable of ingesting millions of events per second from IoT devices in near real-time. Azure Blob Storage provides cost-effective, durable object storage for the raw data, which can then be used for batch processing with services like Azure Data Lake Analytics or Azure Synapse. This combination directly meets the requirements for near real-time ingestion and raw data storage for batch processing.

Exam trap

The trap here is that candidates often confuse Azure IoT Hub with Azure Event Hubs, assuming IoT Hub is required for all IoT scenarios, but Event Hubs is the correct choice for high-throughput, near real-time event ingestion without device management overhead.

How to eliminate wrong answers

Option A is wrong because Azure Synapse Analytics is primarily a data warehouse for structured analytics, not optimized for storing raw, unstructured IoT data for batch processing; using it for raw storage would be costly and unnecessary. Option B is wrong because Azure IoT Hub is a device management and messaging service, not a high-throughput event ingestion pipeline for near real-time analytics, and Azure Cosmos DB is a NoSQL database for transactional workloads, not designed for storing massive volumes of raw data for batch processing. Option C is wrong because Azure Data Lake Storage is a storage service, not an ingestion service; it cannot ingest and buffer streaming data in near real-time, and Azure Stream Analytics is a real-time processing engine, not a storage solution for raw data.

38
MCQeasy

A company needs to store and retrieve large binary files (e.g., images and videos) for a web application. The data must be accessible via HTTPS URLs and support both public read access for anonymous users and private access for administrators. The solution must be highly durable and cost-effective for storing terabytes of data. Which Azure storage solution should they recommend?

A.Azure Blob Storage
B.Azure Files
C.Azure Queue Storage
D.Azure Table Storage
AnswerA

Blob Storage is optimized for storing large amounts of unstructured data and supports both public and private access levels.

Why this answer

Azure Blob Storage is the correct choice because it is designed for storing large amounts of unstructured data, such as images and videos, and supports both public anonymous read access (via a public container or blob-level access policy) and private access (via shared access signatures or Azure AD authentication). It provides HTTPS URL access for direct retrieval, offers 99.9999999999% (11 nines) durability for hot and cool tiers, and is cost-effective for terabytes of data due to its tiered storage options (hot, cool, archive).

Exam trap

The trap here is that candidates may confuse Azure Files (a managed file share) with Blob Storage because both can store files, but Azure Files uses SMB/NFS protocols and is not designed for direct HTTPS URL access or public anonymous read for large binary objects.

How to eliminate wrong answers

Option B (Azure Files) is wrong because it provides fully managed file shares accessible via SMB and NFS protocols, not HTTPS URLs for direct binary object retrieval, and is optimized for shared file access rather than large-scale unstructured blob storage. Option C (Azure Queue Storage) is wrong because it is a messaging service for asynchronous communication between application components, not for storing or retrieving binary files. Option D (Azure Table Storage) is wrong because it is a NoSQL key-value store for structured data, not for large binary files like images and videos.

39
MCQhard

You are designing a data storage solution for a healthcare application that stores patient records. The solution must meet compliance requirements that data in the US must be stored in US regions, and data in the EU must be stored in EU regions. Additionally, the solution must support global queries with low latency. What should you use?

A.Azure Blob Storage with RA-GRS storage accounts in each region
B.Azure SQL Database with active geo-replication and a failover policy
C.Azure Cosmos DB with multi-region writes and conflict resolution policy based on region
D.Azure SQL Managed Instance with failover groups
AnswerC

Cosmos DB allows you to configure write regions per compliance and resolve conflicts.

Why this answer

Azure Cosmos DB with multi-region writes is the correct choice because it provides active-active replication across multiple regions, enabling low-latency global queries by allowing writes and reads from any region. The conflict resolution policy based on region ensures that data sovereignty requirements are met by prioritizing writes from the region where the data originates (e.g., US writes win in US regions, EU writes win in EU regions), which aligns with the compliance requirement that data must stay within its respective geographic boundary.

Exam trap

The trap here is that candidates often confuse active geo-replication (which has a single writable primary) with multi-region writes (which allow multiple writable regions), and they may overlook the need for a conflict resolution policy to enforce data sovereignty, assuming that simply replicating data across regions meets compliance requirements.

How to eliminate wrong answers

Option A is wrong because Azure Blob Storage with RA-GRS provides read-only access to a secondary region and does not support multi-region writes or active-active replication, so it cannot ensure low-latency global writes or enforce data sovereignty for patient records across US and EU regions. Option B is wrong because Azure SQL Database with active geo-replication supports only one writable primary region and readable secondaries, which means writes must go to a single primary region, causing higher latency for remote users and failing to meet the low-latency global query requirement; it also lacks native conflict resolution based on region for data sovereignty. Option D is wrong because Azure SQL Managed Instance with failover groups provides only one writable primary instance and manual or automatic failover to a secondary, which does not support multi-region writes or active-active replication, leading to increased write latency for users outside the primary region and insufficient support for global low-latency queries.

40
MCQhard

A data platform must support analytical queries over petabytes of files in a data lake, while preserving hierarchical namespaces and fine-grained ACLs. Which storage service should you design around?

A.Azure Data Lake Storage Gen2.
B.Azure Files premium shares.
C.Azure Table Storage.
D.Azure Queue Storage.
AnswerA

It provides hierarchical namespace and data lake semantics for analytics workloads.

Why this answer

Azure Data Lake Storage Gen2 (ADLS Gen2) is the correct choice because it combines a hierarchical namespace with POSIX-like ACLs, enabling fine-grained access control at the file and directory level while supporting petabyte-scale analytical workloads. It is built on Azure Blob Storage, providing high-throughput and parallel processing for big data analytics engines like Azure Synapse, Spark, and Hadoop.

Exam trap

The trap here is that candidates may confuse Azure Files (which also supports ACLs) with ADLS Gen2, overlooking that Azure Files is optimized for shared file access (SMB/NFS) and not for petabyte-scale analytical data lake workloads with hierarchical namespace and POSIX ACLs.

How to eliminate wrong answers

Option B is wrong because Azure Files premium shares provide SMB/NFS file shares with ACLs but are designed for low-latency, IOPS-intensive workloads (e.g., lift-and-shift apps), not for petabyte-scale analytical queries over a data lake. Option C is wrong because Azure Table Storage is a NoSQL key-value store for structured, semi-structured data at scale, but it lacks a hierarchical namespace and does not support file-level ACLs or analytical query patterns over files. Option D is wrong because Azure Queue Storage is a messaging service for decoupling application components, not a storage service for data lake analytics or hierarchical namespace management.

41
MCQmedium

A multinational company stores large amounts of unstructured data (documents, images) that must be read with low latency from multiple global regions. Data is written primarily in one region but read globally. Cost optimization is a key requirement. Which Azure storage replication option should they use?

A.Azure Blob Storage with geo-redundant storage (GRS)
B.Azure Blob Storage with read-access geo-redundant storage (RA-GRS)
C.Azure Files with premium shares
D.Azure NetApp Files
AnswerB

Correct. RA-GRS replicates data to a secondary region and provides a read-only endpoint, allowing low-latency reads from the secondary region without the cost of premium storage.

Why this answer

B is correct because RA-GRS provides geo-redundant storage with read access to the secondary region, enabling low-latency reads from multiple global regions while maintaining cost efficiency. The data is written primarily in one region, but RA-GRS allows read requests to be served from the secondary region without additional compute costs, meeting the global read requirement.

Exam trap

The trap here is that candidates often confuse GRS with RA-GRS, assuming geo-redundancy alone provides read access to the secondary region, but GRS requires a manual failover to enable reads, while RA-GRS allows reads from the secondary region at all times.

How to eliminate wrong answers

Option A is wrong because GRS provides geo-redundant storage but does not allow read access to the secondary region, so reads from other regions would still be served from the primary region, increasing latency. Option C is wrong because Azure Files with premium shares is designed for high-performance file shares with low latency but uses locally redundant storage (LRS) or zone-redundant storage (ZRS), not geo-replication, and is cost-prohibitive for large-scale unstructured data. Option D is wrong because Azure NetApp Files is a high-performance file service for enterprise workloads (e.g., SAP, HPC) with NFS/SMB protocols, not optimized for cost-effective global read access of unstructured data, and uses LRS or ZRS by default.

42
Matchingmedium

Match each Azure storage redundancy option to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

3 copies within a single datacenter

3 copies across 3 availability zones in a region

LRS in primary region + LRS in paired secondary region

GRS with read access to secondary region

ZRS in primary region + LRS in paired secondary region

Why these pairings

These are the standard Azure Storage redundancy levels.

43
Multi-Selectmedium

A company is designing a data storage solution for its IoT devices that generate telemetry data. The data is ingested at high velocity (millions of events per second) and must be stored for real-time dashboards and historical analysis. The solution must also support complex event processing and alerting. Which two Azure services should the company use together? (Choose two.)

Select 2 answers
A.Azure IoT Hub
B.Azure Event Hubs
C.Azure Stream Analytics
D.Azure Synapse Analytics
E.Azure Data Lake Storage Gen2
AnswersB, C

High-throughput event ingestion.

Why this answer

Azure Event Hubs is the correct choice because it is a high-throughput data ingestion service designed to handle millions of events per second from IoT devices, providing low-latency, durable event capture for real-time dashboards and historical analysis. Azure Stream Analytics is the correct companion service because it natively integrates with Event Hubs to perform complex event processing (CEP), such as pattern matching, aggregation, and alerting, on the streaming telemetry data in real time.

Exam trap

The trap here is that candidates often confuse Azure IoT Hub with Event Hubs, assuming IoT Hub is the default for all IoT data ingestion, but IoT Hub is for device management and lower-throughput scenarios, while Event Hubs is the correct choice for high-velocity, multi-million-events-per-second telemetry ingestion.

44
MCQeasy

A software company runs 50 small Azure SQL databases for different clients. Each database has low average usage but unpredictable spikes. The company wants to minimize cost while providing resources for peak loads and easily adding new databases without manual sizing. Which Azure data service should they use?

A.Azure SQL Database single databases
B.Azure SQL Database elastic pool
C.Azure SQL Managed Instance
D.SQL Server on Azure Virtual Machines
AnswerB

Elastic pools allow sharing of resources across databases, ideal for variable workloads. They provide cost efficiency and the ability to handle spikes without over-provisioning each database.

Why this answer

Azure SQL Database elastic pool is ideal for multiple databases with low average usage and unpredictable spikes because it allows them to share a fixed set of resources (eDTUs or vCores). This pooling model minimizes cost by only paying for the aggregate peak usage across all databases, not each database's individual peak, and automatically handles resource allocation without manual sizing for new databases.

Exam trap

The trap here is that candidates often choose single databases (Option A) thinking they can scale individually for spikes, but they overlook the cost inefficiency of provisioning each database for its peak load versus sharing resources in an elastic pool.

How to eliminate wrong answers

Option A is wrong because Azure SQL Database single databases would require each database to be sized for its own peak load, leading to over-provisioning and higher costs for 50 low-usage databases with spikes. Option C is wrong because Azure SQL Managed Instance is a fully managed instance of SQL Server with fixed resources, designed for lift-and-shift migrations, not for cost-efficient multi-tenant scenarios with variable loads. Option D is wrong because SQL Server on Azure Virtual Machines requires manual VM sizing, patching, and management, increasing operational overhead and cost, and does not provide the automatic resource sharing needed for unpredictable spikes.

45
MCQmedium

A healthcare organization needs to store patient records that must be immutable and auditable for compliance purposes. The records should be stored in a cost-effective manner with the ability to set retention policies. Which Azure storage solution should they implement?

A.Azure NetApp Files
B.Azure SQL Database
C.Azure Blob Storage with immutable storage
D.Azure Files
AnswerC

Azure Blob Storage with immutable storage (WORM) provides immutable and auditable records.

Why this answer

Azure Blob Storage with immutable storage (WORM policy) is the correct solution because it provides time-based retention policies and legal hold capabilities that make data non-erasable and non-modifiable, meeting compliance requirements for patient records. It is cost-effective for large volumes of data and integrates with Azure Policy for audit logging, making it ideal for healthcare compliance scenarios like HIPAA.

Exam trap

The trap here is that candidates often confuse Azure Files or Azure NetApp Files with immutable storage because they support snapshots, but snapshots can be deleted or overwritten, whereas Blob Storage immutable policies enforce true WORM compliance that cannot be bypassed.

How to eliminate wrong answers

Option A is wrong because Azure NetApp Files is a high-performance file share for NFS/SMB workloads, not designed for immutable storage or compliance retention policies. Option B is wrong because Azure SQL Database supports row-level security and auditing but does not offer native immutable storage capabilities; data can be modified or deleted unless using complex triggers or backups. Option D is wrong because Azure Files provides SMB file shares with snapshots but lacks built-in WORM (Write Once, Read Many) immutability and retention policy enforcement required for compliance.

46
MCQmedium

A startup is building a social media analytics platform that processes streaming data. They need a data store for time-series events with high write throughput and fast timestamp-based range queries. Which Azure data store is most suitable for this workload?

A.Azure Cosmos DB with SQL API
B.Azure SQL Database with columnstore index
C.Azure Table Storage
D.Azure Data Lake Storage Gen2
AnswerC

Correct. Azure Table Storage is designed for high-volume structured data and supports efficient point queries and range scans on PartitionKey and RowKey, making it ideal for time-series data at low cost.

Why this answer

Azure Table Storage is a NoSQL key-value store that supports high-volume, low-latency writes and efficient range queries on the PartitionKey and RowKey, which can be structured as a timestamp for time-series data. Its schema-less design and ability to scale to massive throughput without sharding overhead make it ideal for streaming event ingestion and timestamp-based retrieval.

Exam trap

The trap here is that candidates often choose Cosmos DB for its flexibility and global distribution, but for a simple, high-throughput time-series workload with timestamp-based queries, Azure Table Storage is the most cost-effective and performant choice, as Cosmos DB adds unnecessary complexity and cost.

How to eliminate wrong answers

Option A is wrong because Azure Cosmos DB with SQL API, while supporting time-series patterns, introduces higher latency and cost for simple key-value workloads compared to Table Storage, and its throughput is provisioned per container, requiring careful RU management that adds complexity for high-write streaming. Option B is wrong because Azure SQL Database with columnstore index is optimized for analytical queries on large datasets, not for high-write throughput of individual streaming events; its transactional overhead and indexing costs make it unsuitable for real-time ingestion. Option D is wrong because Azure Data Lake Storage Gen2 is a hierarchical file system designed for big data analytics and batch processing, not for low-latency point writes or timestamp-based range queries on individual events.

47
Multi-Selectmedium

Which TWO options are valid methods to secure access to Azure Cosmos DB?

Select 2 answers
A.X.509 certificate-based authentication
B.Azure Storage account keys
C.Azure RBAC roles
D.Primary and secondary keys
E.Shared access signatures (SAS)
AnswersC, D

RBAC can control access to Cosmos DB accounts.

Why this answer

Cosmos DB supports primary/secondary keys, Azure RBAC, managed identities, and Microsoft Entra ID authentication. Option A is correct because primary keys provide access. Option B is correct because RBAC can be used for fine-grained access control.

Option C is wrong because SAS tokens are not used for Cosmos DB; they are for Azure Storage. Option D is wrong because certificates are not a native authentication method. Option E is wrong because shared access signatures are for storage, not Cosmos DB.

48
MCQhard

You run the above PowerShell script to upload a blob to Azure Storage. The script fails with an error: 'The specified container does not exist.' What should you do first to resolve the issue?

A.Create the container using New-AzStorageContainer.
B.Use a different connection string with a SAS token.
C.Grant the storage account key access to the user.
D.Change the -StandardBlobTier parameter to Cool.
AnswerA

The container must exist before uploading a blob.

Why this answer

The error 'The specified container does not exist' indicates that the target container has not been created in the Azure Storage account. The PowerShell script uses the `Set-AzStorageBlobContent` cmdlet, which requires an existing container as the destination. Therefore, the first corrective action is to create the container using `New-AzStorageContainer` before uploading the blob.

Exam trap

The trap here is that candidates may confuse authentication/authorization issues (SAS tokens, key access) with the fundamental prerequisite of container existence, leading them to select options that address permissions rather than the missing resource.

How to eliminate wrong answers

Option B is wrong because using a different connection string with a SAS token does not create the missing container; it only changes authentication, and the container still does not exist. Option C is wrong because granting storage account key access to the user addresses permissions, not the absence of the container; the container must exist regardless of access level. Option D is wrong because changing the -StandardBlobTier parameter to Cool affects the blob's access tier, not the existence of the container; the container must be present before any blob can be uploaded.

49
MCQmedium

A company has 10 branch offices, each with Windows file servers. They want to centralize file storage in Azure and allow each branch office to cache files locally for fast access. The solution must support cloud tiering so that only frequently accessed files are kept locally. Which Azure service should they implement?

A.Azure File Sync
B.Azure Files
C.Azure Blob Storage with Azure File Sync
D.Azure NetApp Files
AnswerA

Correct. Azure File Sync synchronizes on-premises file servers with Azure Files and offers cloud tiering for local caching.

Why this answer

Azure File Sync is the correct choice because it enables centralizing file shares in Azure Files while providing local caching on Windows file servers at each branch office. It supports cloud tiering, which automatically keeps only frequently accessed files locally and moves cold data to the cloud, meeting the requirement for fast local access and efficient storage.

Exam trap

The trap here is that candidates often confuse Azure Files (a standalone cloud file share) with Azure File Sync (the hybrid caching and sync service), or incorrectly assume Azure Blob Storage can be used with File Sync, when in fact File Sync only integrates with Azure Files.

How to eliminate wrong answers

Option B (Azure Files) is wrong because it provides cloud-based file shares without native local caching or cloud tiering; it requires Azure File Sync to achieve those capabilities. Option C (Azure Blob Storage with Azure File Sync) is wrong because Azure File Sync works exclusively with Azure Files, not Azure Blob Storage; Blob Storage is designed for unstructured data and does not support the SMB protocol or file-level caching needed for branch office file servers. Option D (Azure NetApp Files) is wrong because it is a high-performance, enterprise-grade NFS/SMB file service for specialized workloads like HPC, not designed for distributed branch office caching with cloud tiering, and it lacks the integrated sync and tiering features of Azure File Sync.

50
MCQeasy

A company needs to store large amounts of unstructured data such as images and videos for a content management system. The data must be accessible via HTTPS and support tiered storage for cost optimization. Which Azure service should they use?

A.Azure Cosmos DB
B.Azure Blob Storage
C.Azure Data Lake Storage
D.Azure Files
AnswerB

Unstructured data, HTTPS, tiered storage.

Why this answer

Azure Blob Storage is the correct choice because it is designed for storing large amounts of unstructured data (such as images and videos) and provides HTTPS access. It also offers tiered storage (hot, cool, cold, and archive tiers) to optimize costs based on data access patterns, making it ideal for a content management system.

Exam trap

The trap here is that candidates often confuse Azure Data Lake Storage (which is built on Blob Storage) as a separate service for unstructured data, but it is specifically optimized for analytics workloads, not general-purpose content management with tiered storage.

How to eliminate wrong answers

Option A is wrong because Azure Cosmos DB is a NoSQL document database designed for structured or semi-structured data with low-latency queries, not for storing large unstructured blobs like images and videos. Option C is wrong because Azure Data Lake Storage is built on Blob Storage but is optimized for big data analytics workloads (e.g., Hadoop/Spark) and hierarchical namespaces, not for general-purpose content management with tiered storage. Option D is wrong because Azure Files provides SMB and NFS file shares for shared file access, not HTTPS-based blob storage, and its tiering is limited to transaction-optimized, hot, and cool tiers, lacking the full archive tier for deep cost optimization.

51
MCQmedium

Refer to the exhibit. You have an Azure Storage account with hierarchical namespace enabled. You create this JSON policy to assign to a container. Users report that they can access the container from any IP, not just the specified range. What is the most likely reason?

A.Hierarchical namespace disables IP-based restrictions
B.Anonymous access is enabled on the container
C.IP address conditions are not supported in RBAC for Azure Storage data plane operations
D.The resource scope is incorrect; RBAC cannot be assigned at the container level
AnswerC

RBAC conditions for IP are not evaluated; use storage account firewall instead.

Why this answer

The policy shown is an Azure RBAC role assignment JSON, but the correct way to restrict IP access is via a service endpoint or firewall rule on the storage account, not in RBAC. RBAC conditions for IP are not supported for data plane operations. Option A is correct because the Condition element does not work as intended; IP restrictions are set at the storage account firewall.

Option B is wrong because anonymous access is disabled by default. Option C is wrong because hierarchical namespace does not affect IP restriction. Option D is wrong because RBAC can be applied to containers.

52
MCQeasy

A company needs to store massive amounts of unstructured data, such as images and videos, for a media processing application. The data must be accessible via REST APIs and support tiered storage for cost optimization. Which Azure storage solution should they use?

A.Azure Blob Storage
B.Azure Files
C.Azure Data Lake Storage Gen2
D.Azure Disk Storage
AnswerA

Azure Blob Storage is designed for storing large amounts of unstructured data, supports REST API access, and offers tiered storage (hot, cool, archive) to optimize costs.

Why this answer

Azure Blob Storage is the correct choice because it is designed for massive amounts of unstructured data (images, videos) and provides REST API access via HTTP/HTTPS. It also supports tiered storage (Hot, Cool, Cold, Archive) to optimize costs based on data access patterns, making it ideal for media processing workloads.

Exam trap

The trap here is that candidates may choose Azure Data Lake Storage Gen2 because it also stores unstructured data, but they overlook that the question emphasizes REST API access and tiered storage for cost optimization, which are native to Blob Storage, while Data Lake Storage Gen2 is optimized for hierarchical namespace and analytics workloads, not general media storage.

How to eliminate wrong answers

Option B is wrong because Azure Files provides SMB and NFS file shares for structured file access, not REST APIs, and its tiering is limited to transaction-optimized, hot, and cool tiers, lacking the deep archive tier needed for cost optimization of massive unstructured data. Option C is wrong because Azure Data Lake Storage Gen2 is built on Blob Storage but adds a hierarchical namespace for big data analytics (e.g., with Hadoop/Spark), not specifically for REST API-based media processing, and its tiering is the same as Blob Storage but the primary use case is analytics, not general unstructured data storage. Option D is wrong because Azure Disk Storage provides block-level storage for VMs (iSCSI-based), not REST API access, and does not support tiered storage for cost optimization.

53
MCQhard

You are a cloud architect at a healthcare company. They have an existing application running on Azure VMs in a single region. The application uses SQL Server on a VM for its database. The company is migrating to Azure SQL Managed Instance for better manageability and compliance. The database is 2 TB and requires point-in-time restore (PITR) capability with a retention period of 35 days. The workload is critical with an RPO of 5 minutes and an RTO of 2 hours. The company wants to minimize costs while meeting these requirements. Which of the following should you recommend?

A.Use Azure SQL Managed Instance with automated backups configured for 35-day retention and a backup storage redundancy of Locally Redundant Storage (LRS)
B.Use Azure SQL Managed Instance with active geo-replication to a secondary region
C.Use Azure SQL Managed Instance with long-term retention (LTR) backups
D.Use Azure SQL Database with the Hyperscale service tier
AnswerA

Meets all requirements cost-effectively.

Why this answer

Azure SQL Managed Instance provides built-in automated backups with configurable retention. Option A is correct because it meets the RPO (backups every 5-10 min) and RTO (restore within hours) with PITR retention up to 35 days. Option B is wrong because geo-replication is for disaster recovery, not PITR.

Option C is wrong because long-term retention is for backups older than 35 days. Option D is wrong because cost savings are not guaranteed for the backup storage.

54
MCQeasy

Refer to the exhibit. A KQL query is run against Azure Storage logs. The result shows a high number of 404 errors for 'GetBlob' operations. What is the most likely cause?

A.The client does not have permission to access the blobs
B.The storage account is throttling requests
C.The blobs being requested do not exist
D.The client is using an incorrect authentication method
AnswerC

404 indicates resource not found.

Why this answer

A 404 (Not Found) error for 'GetBlob' operations in Azure Storage logs specifically indicates that the requested blob resource does not exist at the specified URI. This is distinct from authorization failures (which return 403) or throttling (which returns 503). The high number of 404 errors suggests the client is attempting to retrieve blobs that have been deleted, never created, or are referenced with an incorrect path.

Exam trap

The trap here is that candidates confuse 404 (Not Found) with 403 (Forbidden), assuming that a missing blob is caused by a permissions problem, but Azure strictly differentiates these status codes based on whether the resource exists versus whether access is denied.

How to eliminate wrong answers

Option A is wrong because permission issues (e.g., missing RBAC role or SAS token) result in a 403 (Forbidden) error, not 404. Option B is wrong because throttling by the storage account returns a 503 (Server Busy) or 429 (Too Many Requests) status code, not 404. Option D is wrong because an incorrect authentication method (e.g., using an invalid key or expired SAS) also leads to a 403 (Forbidden) error, as the request is authenticated but not authorized, or a 401 (Unauthorized) if the authentication header is missing or malformed.

55
MCQeasy

A company needs to store backup data from Azure Virtual Machines with a retention policy of 99 years to meet compliance requirements. The backups must be encrypted at rest and in transit. Which Azure storage solution should they use?

A.Azure Files
B.Azure NetApp Files
C.Azure Disk Storage
D.Azure Blob Storage with immutable storage
AnswerD

Supports long-term retention and encryption.

Why this answer

Azure Blob Storage with immutable storage (specifically, a WORM policy with a retention period of up to 99 years) is the correct choice because it meets the 99-year retention requirement and provides encryption at rest (via Azure Storage Service Encryption) and in transit (via HTTPS). Immutable storage prevents data from being deleted or modified during the retention period, which is essential for long-term compliance backups.

Exam trap

The trap here is that candidates often confuse Azure Backup's retention limits (max 10 years for VM backups) with the 99-year immutable retention capability of Blob Storage, leading them to incorrectly choose Azure Disk Storage or Azure Files.

How to eliminate wrong answers

Option A is wrong because Azure Files is a fully managed file share that does not support immutable storage policies for 99-year retention; its backup retention is limited by the backup policy (max 10 years for Azure Backup). Option B is wrong because Azure NetApp Files is a high-performance file service for enterprise workloads, not designed for long-term archival backup with immutable retention; it lacks built-in WORM capabilities for 99-year compliance. Option C is wrong because Azure Disk Storage provides persistent block storage for VMs but does not support immutable retention policies; disk snapshots have a maximum retention of 10 years via Azure Backup, and disks themselves can be deleted or modified.

56
MCQhard

A company runs large-scale analytics workloads using Apache Hadoop and Spark. They need a cloud storage solution that is fully compatible with the Hadoop Distributed File System (HDFS) and provides unlimited storage with high throughput for parallel processing. They also want to take advantage of tiered storage to reduce costs for older data. Which Azure data service should they use?

A.Azure Blob Storage
B.Azure Data Lake Storage Gen2
C.Azure Files
D.Azure Disk Storage
AnswerB

ADLS Gen2 combines Blob Storage with a hierarchical namespace and HDFS-compatible APIs, offering unlimited storage, high throughput, and lifecycle tiering for cost optimization.

Why this answer

Azure Data Lake Storage Gen2 (ADLS Gen2) is the correct choice because it combines a hierarchical namespace with Azure Blob Storage, providing full HDFS compatibility. This allows Apache Hadoop and Spark workloads to use the `wasbs://` or `abfss://` driver for unlimited storage and high throughput parallel processing, while also supporting tiered storage (hot, cool, archive) to reduce costs for older data.

Exam trap

The trap here is that candidates often confuse Azure Blob Storage (which is object storage without a hierarchical namespace) with ADLS Gen2, assuming both are equally HDFS-compatible, but only ADLS Gen2 provides the required HDFS semantics and the `abfss://` driver for native Hadoop/Spark integration.

How to eliminate wrong answers

Option A is wrong because Azure Blob Storage lacks a hierarchical namespace by default, making it incompatible with HDFS semantics (e.g., atomic directory operations) required by Hadoop/Spark; it also does not support the `abfss://` driver natively. Option C is wrong because Azure Files uses the SMB protocol and is designed for file shares, not for HDFS-compatible distributed storage; it cannot handle the massive throughput and parallel processing demands of large-scale analytics. Option D is wrong because Azure Disk Storage provides block-level storage attached to VMs, which is limited in capacity, not natively HDFS-compatible, and does not offer tiered storage for cost optimization of older data.

57
MCQhard

A multinational corporation needs to store and analyze petabytes of historical data for regulatory reporting. The data is rarely accessed but must be available for queries within 5 minutes. Which Azure storage solution should they choose to minimize cost?

A.Azure SQL Database
B.Azure Data Lake Storage Gen2
C.Azure Files
D.Azure Cosmos DB
AnswerB

ADLS Gen2 is cost-effective for large volumes of data and supports fast queries with query acceleration.

Why this answer

Azure Data Lake Storage Gen2 (ADLS Gen2) is the correct choice because it combines a hierarchical namespace with Azure Blob Storage's massive scalability, enabling petabyte-scale storage at low cost. It supports fast queries via tools like Azure Synapse or PolyBase, meeting the 5-minute query SLA for cold data, while its tiered storage (e.g., Cool or Archive access tiers) minimizes cost for rarely accessed historical data.

Exam trap

The trap here is that candidates often choose Azure SQL Database or Cosmos DB for 'query performance' without considering the massive cost and architectural mismatch for petabyte-scale cold data, or they pick Azure Files thinking 'file storage' implies analytical capability, ignoring its lack of native query engines and higher cost per GB.

How to eliminate wrong answers

Option A is wrong because Azure SQL Database is a relational OLTP service optimized for transactional workloads with structured data, not designed for petabyte-scale historical data storage and analysis, and its cost would be prohibitive for cold data. Option C is wrong because Azure Files provides SMB/NFS file shares for shared access, lacks native analytical query capabilities, and is not cost-effective for petabyte-scale archival storage. Option D is wrong because Azure Cosmos DB is a NoSQL database for low-latency, globally distributed real-time applications, not suited for petabyte-scale historical data analysis, and its provisioned throughput model would be excessively expensive for rarely accessed data.

58
MCQhard

Your company is designing a data lake solution for IoT telemetry data. The data is ingested continuously and must be stored cost-effectively while allowing occasional interactive queries. The data has a lifespan of 90 days for hot access and 3 years for archived access. Which Azure storage tiering strategy minimizes costs?

A.Use Azure Blob Storage with only Hot tier for 90 days, then delete
B.Use Azure Blob Storage with lifecycle management: Hot for 90 days, then Cool, then Archive after 3 years
C.Use Azure Blob Storage with Cool tier for all data
D.Use Azure Files with lifecycle management to Archive after 90 days
AnswerB

Lifecycle management optimizes cost by moving data through tiers.

Why this answer

Option B is correct because Azure Blob Storage lifecycle management can automatically transition data from Hot to Cool to Archive tiers based on age, minimizing costs for IoT telemetry that needs 90 days of hot access and 3 years of archival. The Hot tier provides low-latency access for interactive queries, Cool offers lower storage cost for infrequent access, and Archive provides the lowest cost for long-term retention. This tiering strategy aligns with the data's lifespan and access patterns, reducing overall storage expenses compared to keeping all data in a single tier.

Exam trap

The trap here is that candidates may assume Cool tier is sufficient for all data to save costs, but they overlook the need for hot access during the first 90 days and the even lower Archive tier for long-term retention, leading to higher overall costs.

How to eliminate wrong answers

Option A is wrong because deleting data after 90 days ignores the 3-year archival requirement, and storing all data in Hot tier for 90 days is more expensive than using Cool or Archive tiers for older data. Option C is wrong because using Cool tier for all data incurs higher costs for the first 90 days of hot access and does not provide the lowest-cost Archive tier for the 3-year retention period. Option D is wrong because Azure Files is not optimized for data lake scenarios with large-scale IoT telemetry ingestion; it uses SMB/NFS protocols and lacks the native tiering and lifecycle management capabilities of Blob Storage, plus archiving after 90 days does not meet the 3-year retention need.

59
MCQhard

You are reviewing the encryption settings of an Azure Storage account using the above JSON output. What is the current encryption status for files stored in Azure Files shares in this account?

A.Files are encrypted because defaultEncryption is false
B.Files are encrypted at rest using Azure Storage encryption
C.Files are encrypted using customer-managed keys
D.Files are not encrypted at rest
AnswerD

File service encryption is disabled.

Why this answer

The JSON output shows `"defaultEncryption": false` for the Azure Files share. In Azure Storage, when `defaultEncryption` is set to `false`, it means that server-side encryption (SSE) is not enabled by default for that file share. Therefore, files stored in this Azure Files share are not encrypted at rest.

Option D correctly identifies this unencrypted state.

Exam trap

The trap here is that candidates assume `defaultEncryption: false` means encryption is still applied by default at the storage account level, but in Azure Files, this property directly controls whether the share itself is encrypted, and a `false` value means no encryption is applied to that share.

How to eliminate wrong answers

Option A is wrong because `defaultEncryption: false` does not mean files are encrypted; it means the default encryption setting is disabled, so files are not encrypted at rest. Option B is wrong because Azure Storage encryption (SSE) is not automatically applied when `defaultEncryption` is false; SSE must be explicitly enabled. Option C is wrong because customer-managed keys (CMK) are a type of encryption key management, but the JSON shows no indication of CMK being used, and the `defaultEncryption: false` setting overrides any such assumption.

60
Matchingmedium

Match each Azure governance tool to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Enforce rules and compliance for resources

Define repeatable set of Azure resources and policies

Hierarchical structure for managing access and policies

Query and explore Azure resources across subscriptions

Monitor, allocate, and optimize cloud costs

Why these pairings

These are key governance and management capabilities.

61
MCQhard

A global e-commerce platform requires a database that supports multi-region writes with automatic conflict resolution and single-digit millisecond latency for reads and writes from any region. The application uses a flexible schema with JSON documents. They also need to enforce strong consistency for critical operations (e.g., order placement) while allowing eventual consistency for less critical reads. Which Azure data service and configuration should they choose?

A.Azure Cosmos DB with multi-region writes enabled on the account, using the SQL (Core) API, and applying strong consistency for the order placement operation via RequestOptions.
B.Azure SQL Database with active geo-replication across two regions and failover groups.
C.Azure Cache for Redis with geo-replication.
D.Azure Table Storage with geo-redundant storage (GRS) and read-access (RA-GRS).
AnswerA

Cosmos DB supports multi-region writes with automatic conflict resolution, multiple consistency levels (strong, bounded staleness, session, consistent prefix, eventual), and the SQL API works with JSON documents. Strong consistency can be requested per request.

Why this answer

Azure Cosmos DB with multi-region writes enabled and the SQL (Core) API meets all requirements: it supports multi-region writes with automatic conflict resolution (last-writer-wins or custom), offers single-digit millisecond latency for reads and writes from any region, and uses a flexible JSON document schema. The ability to enforce strong consistency for critical operations like order placement via RequestOptions (using session or strong consistency at the request level) while allowing eventual consistency for less critical reads directly addresses the mixed consistency needs.

Exam trap

The trap here is that candidates often assume Azure SQL Database's active geo-replication supports multi-region writes, but it only allows writes to a single primary region, making it unsuitable for the multi-region write requirement.

How to eliminate wrong answers

Option B is wrong because Azure SQL Database with active geo-replication supports only a single writable primary region; multi-region writes are not possible, and it uses a rigid relational schema, not flexible JSON documents. Option C is wrong because Azure Cache for Redis is an in-memory cache, not a durable database; it lacks native conflict resolution for multi-region writes and does not support flexible JSON document schemas or strong consistency guarantees for critical operations. Option D is wrong because Azure Table Storage with RA-GRS supports only a single writable region (the primary); read-access to the secondary is read-only, so multi-region writes are impossible, and it does not provide single-digit millisecond latency for writes from any region or automatic conflict resolution.

62
MCQmedium

Refer to the exhibit. Your Azure policy team has created the following policy definition. After assigning this policy to a subscription, a developer tries to create a new storage account with network ACLs default action set to 'Allow'. What will happen?

A.The storage account will be created if the developer uses a different resource group.
B.The storage account creation will be denied because it violates the policy.
C.The storage account will be created with a default action of 'Deny' automatically.
D.The storage account will be created successfully because the policy only audits.
AnswerB

The policy denies storage accounts with network ACL default action set to 'Allow'.

Why this answer

The policy definition uses the 'Deny' effect, which explicitly blocks any non-compliant resource creation. Since the developer attempts to set the network ACLs default action to 'Allow', this violates the policy's condition that requires the default action to be 'Deny'. Therefore, Azure Resource Manager will reject the deployment before the storage account is created.

Exam trap

The trap here is that candidates confuse the 'Deny' effect with 'Audit' or 'Modify', assuming the policy will either log the violation or auto-correct the setting, rather than understanding that 'Deny' blocks the operation outright.

How to eliminate wrong answers

Option A is wrong because the policy is assigned at the subscription scope, so it applies to all resource groups within that subscription; changing the resource group does not bypass the policy. Option C is wrong because the policy does not automatically modify the resource; the 'Deny' effect blocks creation entirely, and Azure does not silently alter the requested configuration to make it compliant. Option D is wrong because the policy uses the 'Deny' effect, not 'Audit'; an 'Audit' effect would log non-compliance but allow creation, whereas 'Deny' actively prevents it.

63
MCQhard

Refer to the exhibit. An Azure SQL Database is deployed in a VNet with a private endpoint at IP 10.0.1.4. The network security group rule shown is applied to the subnet of the private endpoint. A developer reports that they cannot connect to the database from a VM in the same VNet. What is the most likely cause?

A.The source address prefix is set to VirtualNetwork, which is incorrect.
B.The protocol should be UDP instead of TCP.
C.The rule is being blocked by a higher priority deny rule.
D.The rule is applied to the wrong direction (outbound instead of inbound).
AnswerC

A deny rule with lower number (higher priority) may be blocking traffic.

Why this answer

The exhibit shows a valid inbound NSG rule allowing TCP traffic from VirtualNetwork to the private endpoint IP. However, if a higher-priority deny rule exists (e.g., denying all traffic from VirtualNetwork or a specific source), it will override this allow rule. Since the developer cannot connect from a VM in the same VNet, the most likely cause is a conflicting deny rule with a lower priority number (higher priority) blocking the traffic.

Exam trap

The trap here is that candidates often assume a correctly configured allow rule guarantees connectivity, forgetting that higher-priority deny rules in the same NSG can silently block traffic.

How to eliminate wrong answers

Option A is wrong because 'VirtualNetwork' is a valid and commonly used service tag that correctly represents all VNet addresses, including the VM's source IP. Option B is wrong because Azure SQL Database uses TCP port 1433 for connections, not UDP. Option D is wrong because the exhibit shows the rule is applied to inbound traffic (as indicated by the 'Inbound' direction), which is correct for allowing incoming connections to the database.

64
MCQmedium

A media company is designing a storage solution for its large video files (average 50 GB each) that are edited by multiple users simultaneously. The solution must support SMB protocol for compatibility with existing editing software and provide low-latency access. The files must be stored in a highly available configuration across multiple availability zones in a single region. Which Azure storage solution should the company recommend?

A.Azure Files Premium tier with zone-redundant storage (ZRS)
B.Azure Blob Storage Premium tier with geo-redundant storage (GRS)
C.Azure Disk Storage with shared disks
D.Azure NetApp Files Premium tier with cross-zone replication
AnswerA

Supports SMB, low-latency, and ZRS for high availability.

Why this answer

Azure Files Premium tier supports SMB protocol natively, which is required for compatibility with existing editing software. Zone-redundant storage (ZRS) replicates data synchronously across three availability zones within a single region, providing high availability and low-latency access for simultaneous editing of large video files.

Exam trap

The trap here is that candidates may confuse Azure Blob Storage (which is object storage, not file storage) with Azure Files, or assume that geo-redundant storage (GRS) is required for high availability, when zone-redundant storage (ZRS) within a single region is sufficient and provides lower latency for real-time editing workloads.

How to eliminate wrong answers

Option B is wrong because Azure Blob Storage Premium tier does not support the SMB protocol; it uses REST APIs or NFS (preview), not SMB, and geo-redundant storage (GRS) adds asynchronous cross-region replication that increases latency and is unnecessary for single-region high availability. Option C is wrong because Azure Disk Storage with shared disks supports SMB but is designed for single-VM attached disks or shared block storage for clustered VMs, not for file-level sharing across multiple users; it lacks native SMB file-sharing semantics and is not optimized for concurrent user editing of large files. Option D is wrong because Azure NetApp Files Premium tier supports SMB and cross-zone replication, but cross-zone replication is asynchronous, which can introduce latency and potential data inconsistency for real-time editing; Azure NetApp Files is also more expensive and complex to manage compared to Azure Files for this use case.

65
Multi-Selectmedium

Which TWO data storage solutions in Azure provide built-in, automatic geo-redundancy for disaster recovery across paired regions?

Select 2 answers
A.Azure SQL Database (active geo-replication)
B.Azure Cosmos DB (default)
C.Azure Blob Storage (with GRS or RA-GRS)
D.Azure Data Lake Storage Gen2
E.Azure Files (standard tier)
AnswersA, C

Active geo-replication provides automatic replication to paired region.

Why this answer

Azure SQL Database's active geo-replication automatically creates a readable secondary database in a paired Azure region, enabling synchronous or asynchronous replication for disaster recovery. Azure Blob Storage with GRS or RA-GRS replicates data to a paired secondary region automatically, ensuring durability even during a regional outage. Both services provide built-in geo-redundancy without manual configuration beyond selecting the replication option.

Exam trap

The trap here is that candidates assume all Azure storage services have built-in geo-redundancy by default, but only specific services (like SQL Database with active geo-replication and Blob Storage with GRS/RA-GRS) offer it automatically without additional configuration.

66
MCQmedium

A company runs a custom analytics application that reads data using the NFS 3.0 protocol. The data consists of large files organized in a directory structure. The application also requires POSIX-like access control lists (ACLs) for fine-grained permissions. The solution must be fully managed and support high throughput for parallel reads. Which Azure data service should they use?

A.Azure Blob Storage
B.Azure Files
C.Azure NetApp Files
D.Azure Data Lake Storage Gen2
AnswerD

ADLS Gen2 provides a hierarchical namespace, POSIX ACLs, and supports NFS 3.0 access, making it ideal for analytics applications that require these features at cloud scale.

Why this answer

Azure Data Lake Storage Gen2 (ADLS Gen2) is the correct choice because it combines a hierarchical namespace with POSIX-like ACLs and supports the NFS 3.0 protocol for high-throughput parallel reads. It is fully managed and designed for big data analytics workloads that require fine-grained permissions and directory structure management.

Exam trap

The trap here is that candidates often confuse Azure Files (which supports NFS but only version 4.1) with the NFS 3.0 requirement, or they overlook that Azure NetApp Files, while technically capable, is not the fully managed, high-throughput parallel read solution optimized for analytics that ADLS Gen2 provides.

How to eliminate wrong answers

Option A is wrong because Azure Blob Storage does not natively support NFS 3.0 (it requires a preview feature or workaround) and lacks a true hierarchical namespace and POSIX ACLs, relying instead on flat storage and Azure RBAC. Option B is wrong because Azure Files supports SMB and NFS 4.1, not NFS 3.0, and its ACLs are based on Windows NTFS permissions, not POSIX-like ACLs. Option C is wrong because Azure NetApp Files is a fully managed file share service that supports NFS 3.0 and POSIX ACLs, but it is not the best fit for high-throughput parallel reads in a custom analytics application; it is more suited for enterprise workloads requiring low-latency access and is not as optimized for big data analytics as ADLS Gen2.

67
MCQeasy

You need to provide temporary shared access to a specific blob in Azure Storage for a contractor. The access must expire after 24 hours. Which feature should you use?

A.Managed identity
B.Azure role-based access control (RBAC)
C.Storage account access key
D.Shared access signature (SAS)
AnswerD

SAS provides time-limited, delegated access to a specific blob.

Why this answer

A shared access signature (SAS) provides delegated, time-limited access to a specific Azure Storage resource, such as a blob, without exposing the storage account key. By configuring the SAS with an expiration time of 24 hours, you grant the contractor temporary access that automatically revokes after that period, meeting the requirement precisely.

Exam trap

The trap here is that candidates often confuse managed identities or RBAC as suitable for temporary access, but neither provides time-bound, scoped delegation to a single blob without persistent permissions or full account access.

How to eliminate wrong answers

Option A is wrong because a managed identity is used for authenticating Azure resources (e.g., VMs, App Services) to Azure services without storing credentials, not for granting temporary external user access to a specific blob. Option B is wrong because Azure RBAC provides persistent, role-based access to storage account resources at the container or account level, not time-bound access to a single blob, and it cannot enforce a 24-hour expiration. Option C is wrong because the storage account access key grants full administrative access to the entire storage account, which violates the principle of least privilege and cannot be scoped to a single blob or set to expire automatically.

68
MCQmedium

A company needs a data storage solution for a global application that frequently accesses recent data and less frequently older data. Data is unstructured blobs. They want to automatically move blobs to cool storage after 30 days and to archive storage after 90 days. Additionally, blobs must be retained for 7 years and cannot be deleted or modified during that period. Which Azure Blob Storage features should they combine?

A.Use blob lifecycle management policies and legal hold (immutable blobs).
B.Use blob lifecycle management policies and time-based retention policies.
C.Use Azure Storage Analytics and immutability policies.
D.Use Azure File Sync and lifecycle management.
AnswerB

Lifecycle management automates tier transitions. Time-based retention allows you to set a policy that prevents deletion or modification for a specified period (e.g., 7 years).

Why this answer

Option B is correct because blob lifecycle management policies automatically transition blobs from hot to cool after 30 days and to archive after 90 days, while time-based retention policies enforce immutability for a fixed period (7 years), preventing deletion or modification. This combination meets both the tiering and retention requirements without manual intervention.

Exam trap

The trap here is confusing legal hold (which is indefinite and manually managed) with time-based retention (which has a fixed expiry), leading candidates to choose Option A when they need a defined retention period.

How to eliminate wrong answers

Option A is wrong because legal hold (immutable blobs) has no expiration date and must be manually cleared, making it unsuitable for a fixed 7-year retention period; it also does not support automatic tiering. Option C is wrong because Azure Storage Analytics provides metrics and logging, not lifecycle management or immutability policies. Option D is wrong because Azure File Sync is for syncing on-premises file shares with Azure Files, not for managing blob tiering or retention.

69
Multi-Selectmedium

Which TWO of the following are benefits of using Azure Files shares for lift-and-shift migrations of on-premises file servers?

Select 2 answers
A.Integration with Azure File Sync for hybrid scenarios
B.Block-level deduplication
C.Support for iSCSI protocol
D.Automatic tiering of data to archive storage
E.Support for SMB protocol
AnswersA, E

Azure File Sync enables syncing with on-premises file servers.

Why this answer

Azure Files shares provide fully managed SMB file shares in the cloud, which are directly compatible with on-premises file servers that use the SMB protocol. This makes them ideal for lift-and-shift migrations because applications can continue accessing files over SMB without code changes. Azure File Sync further extends this by enabling hybrid scenarios where on-premises servers can cache frequently accessed files while tiering to the cloud, simplifying the migration process.

Exam trap

The trap here is that candidates may confuse Azure Files with Azure NetApp Files or on-premises file server features, assuming block-level deduplication or iSCSI support are available, when in fact Azure Files is a managed SMB/NFS service without those capabilities.

70
MCQhard

A globally distributed application requires multi-region writes to a NoSQL database and must tolerate regional write outages. Which Azure service capability should be selected?

A.Azure Table Storage RA-GRS
B.Azure SQL Database serverless only
C.Azure Cosmos DB multi-region writes
D.Azure Files geo-redundant storage
AnswerC

Cosmos DB supports multi-region writes for globally distributed applications requiring write availability across regions.

Why this answer

Azure Cosmos DB multi-region writes is the correct choice because it provides active-active replication across multiple Azure regions, enabling writes to be accepted in any configured region and automatically replicated. This design ensures that if one region experiences a write outage, the application can continue writing to other regions without interruption, meeting the requirement for multi-region writes and regional write outage tolerance.

Exam trap

The trap here is that candidates often confuse geo-redundant storage options (like RA-GRS or GRS) with active-active multi-region write capabilities, not realizing that most Azure storage services (including Table Storage and Files) only support writes to a single primary region, whereas Cosmos DB is the only service that natively supports multi-region writes.

How to eliminate wrong answers

Option A is wrong because Azure Table Storage RA-GRS (Read-Access Geo-Redundant Storage) supports read access from a secondary region but only allows writes to the primary region, failing the multi-region write requirement. Option B is wrong because Azure SQL Database serverless is a compute tier for a single-region database; it does not support multi-region writes and cannot tolerate regional write outages. Option D is wrong because Azure Files geo-redundant storage replicates data to a secondary region for durability but only supports writes to the primary region, not multi-region writes.

71
MCQhard

A company needs to store large amounts of unstructured data (log files) for analytics. The data is accessed frequently for the first 30 days, then occasionally for the next 90 days, and rarely after that but must be retained for 7 years for compliance. The data must not be modified or deleted during the retention period, and administrative access must not be able to bypass this restriction. They want to minimize storage costs. Which combination of Azure Blob Storage features should they configure?

A.Configure a lifecycle management policy to move blobs to Cool tier after 30 days and to Archive tier after 120 days. Apply a time-based retention policy with a retention period of 2,555 days and lock it.
B.Enable soft delete and versioning on the storage account, and use a custom script to delete blobs after 7 years. Manually move blobs to Cool and Archive tiers using Azure PowerShell.
C.Set each blob's access tier to Cool on upload, then manually change to Archive after 30 days. Enable Azure Backup on the storage account for retention.
D.Apply a legal hold on the container to prevent deletion, and configure a lifecycle policy to move blobs to Archive after 30 days.
AnswerA

A locked time-based retention policy on the container ensures that blobs cannot be deleted or overwritten for the specified duration (7 years = 2555 days). Lifecycle management moves blobs to cost-efficient tiers. Locking prevents bypass.

Why this answer

Option A is correct because it combines a lifecycle management policy to automatically transition blobs from Hot to Cool after 30 days and to Archive after 120 days, minimizing storage costs. The time-based retention policy with a locked retention period of 2,555 days (7 years) ensures that blobs cannot be modified or deleted during the retention period, and locking the policy prevents administrative bypass, meeting the compliance requirement.

Exam trap

The trap here is that candidates often confuse soft delete or legal hold with immutable retention policies, not realizing that only a locked time-based retention policy provides true WORM protection that cannot be bypassed by administrators.

How to eliminate wrong answers

Option B is wrong because soft delete and versioning allow data recovery but do not prevent deletion or modification during the retention period; a custom script to delete blobs after 7 years violates the requirement that data must not be deleted during retention, and manual tier changes are not automated or cost-efficient. Option C is wrong because manually setting access tiers and using Azure Backup does not enforce a write-once-read-many (WORM) policy; Azure Backup retains backups but does not prevent modification or deletion of the original blobs, and manual operations are error-prone and do not meet the compliance requirement for immutability. Option D is wrong because a legal hold prevents deletion but does not prevent modification of blobs, and moving blobs to Archive after 30 days ignores the occasional access requirement for the next 90 days, leading to higher retrieval costs and potential access delays.

72
MCQmedium

A global e-commerce company uses Azure Cosmos DB for its product catalog. The write-heavy workload experiences high latency during peak hours. Which design change would most reduce write latency?

A.Change the default consistency level to eventual
B.Partition the container by a different key
C.Enable multiple write regions
D.Increase the request units (RUs) per container
AnswerC

Multiple write regions allow writes to be processed in the nearest region, reducing latency.

Why this answer

Enabling multiple write regions allows writes to be accepted by the nearest regional replica, reducing cross-region network latency for write-heavy workloads. This is the most direct architectural change to lower write latency globally, as it avoids the round-trip to a single write region.

Exam trap

The trap here is that candidates often confuse increasing RUs (Option D) as the universal fix for any latency issue, when in fact write latency in a globally distributed scenario is primarily a network distance problem solved by multi-region writes.

How to eliminate wrong answers

Option A is wrong because changing consistency to eventual reduces read latency and improves availability, but does not directly reduce write latency; writes still go to the primary region. Option B is wrong because repartitioning by a different key can improve throughput distribution and avoid hot partitions, but it does not inherently reduce per-write latency across regions. Option D is wrong because increasing RUs increases throughput capacity but does not reduce the network latency of each write operation; it only prevents throttling.

73
MCQeasy

A global e-commerce company needs a database solution that can handle high-velocity writes from user transactions across multiple regions. They require multi-region writes with automatic conflict resolution and single-digit millisecond latency for reads and writes. Which Azure data store should they use?

A.Azure Cosmos DB
B.Azure Table Storage
C.Azure SQL Database
D.Azure Redis Cache
AnswerA

Cosmos DB provides global distribution with multi-master support, automatic conflict resolution, and single-digit millisecond latency.

Why this answer

Azure Cosmos DB is the correct choice because it offers multi-region writes with automatic conflict resolution using last-writer-wins (LWW) or custom conflict resolution policies, and it guarantees single-digit millisecond latency for both reads and writes at the 99th percentile. Its globally distributed, multi-model design is purpose-built for high-velocity transactional workloads that require active-active replication across regions.

Exam trap

The trap here is that candidates often confuse Azure SQL Database's active geo-replication (which supports only read-scale secondaries) with true multi-region writes, or they assume Azure Table Storage's global replication is equivalent to Cosmos DB's active-active capability.

How to eliminate wrong answers

Option B (Azure Table Storage) is wrong because it does not support multi-region writes or automatic conflict resolution; it is a NoSQL key-value store designed for structured, non-relational data with eventual consistency only. Option C (Azure SQL Database) is wrong because it does not natively support multi-region writes; it uses active geo-replication for read-only secondaries and requires manual failover, not active-active writes. Option D (Azure Redis Cache) is wrong because it is an in-memory cache, not a durable database; it does not provide automatic conflict resolution for writes and is not designed for persistent, multi-region transactional storage.

74
MCQeasy

A company uses Azure Cosmos DB for a globally distributed e-commerce application. They need to ensure that write operations in one region are immediately visible in all other regions. Which consistency level should they choose?

A.Session
B.Eventual
C.Strong
D.Bounded staleness
AnswerC

Strong consistency ensures that reads see the latest write across all regions.

Why this answer

Strong consistency ensures that write operations are synchronously replicated across all regions before acknowledging the write. This guarantees that any read operation in any region returns the most recent write, providing linearizability. For a globally distributed e-commerce application requiring immediate visibility of writes, Strong consistency is the correct choice.

Exam trap

The trap here is that candidates often confuse 'immediate visibility' with 'Session' consistency, assuming that a single session's writes are enough, but the requirement is for all regions and all clients to see the write immediately, which only Strong consistency guarantees.

How to eliminate wrong answers

Option A is wrong because Session consistency guarantees monotonic reads and writes within a single client session but does not provide immediate cross-region visibility for all clients. Option B is wrong because Eventual consistency allows replicas to converge over time without any guarantee of immediate visibility, leading to stale reads. Option D is wrong because Bounded staleness allows reads to lag behind writes by a configurable time interval (e.g., 5 seconds) or number of versions, which does not meet the requirement for immediate visibility.

75
MCQhard

A global IoT platform ingests telemetry data from millions of devices. The application requires multi-region writes to support low-latency ingestion from any location. The schema uses JSON documents and fields often vary. The team needs automatic conflict resolution when the same document is updated concurrently from different regions. Additionally, read operations for device commands must use strong consistency, while user-facing dashboard queries can use eventual consistency. Which Azure Cosmos DB configuration should they choose?

A.Azure Cosmos DB with single-master and multiple read regions
B.Azure Cosmos DB with multi-master and default strong consistency
C.Azure Cosmos DB with multi-master and per-request consistency override
D.Azure Cosmos DB with multi-master and eventual consistency only
AnswerC

Multi-master allows writes in any region and automatic conflict resolution. Per-request consistency override enables the application to use strong consistency for critical device command reads and eventual consistency for other reads, meeting all requirements.

Why this answer

Option C is correct because the scenario requires multi-region writes (multi-master) for low-latency ingestion, automatic conflict resolution (which multi-master provides via last-writer-wins or custom conflict resolvers), and strong consistency for device command reads while allowing eventual consistency for dashboards. Per-request consistency override in Azure Cosmos DB lets the application set strong consistency on specific read operations (e.g., device commands) while defaulting to eventual consistency for others, meeting all requirements without sacrificing performance.

Exam trap

The trap here is that candidates often assume multi-master forces a single consistency level across all operations, but Azure Cosmos DB allows per-request overrides to mix consistency levels, which is the key to satisfying mixed requirements without over-provisioning.

How to eliminate wrong answers

Option A is wrong because single-master with multiple read regions only supports writes in one region, failing the multi-region write requirement for low-latency ingestion from any location. Option B is wrong because default strong consistency in a multi-master configuration would force all reads to use strong consistency, which is unnecessary for dashboard queries and would increase latency and RU costs. Option D is wrong because eventual consistency only does not allow the strong consistency needed for device command reads, violating the requirement for strong consistency on those operations.

Page 1 of 4 · 233 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Data Storage Solutions questions.