Practice Free AZ-900 Exam Online Questions
Which cloud computing model includes on-premises and cloud-based resources?
- A . private
- B . public
- C . hybrid
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Explanation:
Box 1: Yes
Azure Monitor maximizes the availability and performance of your applications and services by delivering a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments.
Box 2: Yes
Alerts in Azure Monitor proactively notify you of critical conditions and potentially attempt to take corrective action.
Box 3: Yes
Azure Monitor uses Target Resource, which is the scope and signals available for alerting. A target can be any Azure resource. Example targets: a virtual machine, a storage account, a virtual machine scale set, a Log Analytics workspace, or an Application Insights resource.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/overview
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-overview
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select Mo. NOTE:
Each correct selection is worth one point.

HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Explanation:
Box 1: No
It is not true that you must deploy a federation solution or sync on-premises identities to the cloud.
You can have a cloud-only environment and use MFA.
Box 2: No
Picture identification and passport numbers are not valid MFA authentication methods. Valid methods include: Password, Microsoft Authenticator App, SMS and Voice call.
Box 3:
You can configure MFA to be required for administrator accounts only or you can configure MFA for any user account.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
You plan to deploy a website to Azure. The website will be accessed by users worldwide and will host large video files. You need to recommend which Azure feature must be used to provide the best video playback experience.
What should you recommend?
- A . an Azure Traffic Manager profile
- B . a content delivery network (CDN)
- C . an Azure ExpressRoute circuit
- D . an application gateway
What can Azure Information Protection encrypt?
- A . an Azure Storage account
- B . documents and email messages
- C . an Azure SQL database
- D . network traffic
B
Explanation:
Azure Information Protection can encrypt documents and emails.
Azure Information Protection is a cloud-based solution that helps an organization to classify and optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations.
The protection technology uses Azure Rights Management (often abbreviated to Azure RMS). This technology is integrated with other Microsoft cloud services and applications, such as Office 365 and Azure Active Directory.
This protection technology uses encryption, identity, and authorization policies. Similarly to the labels that are applied, protection that is applied by using Rights Management stays with the documents and emails, independently of the location―inside or outside your organization, networks, file servers, and applications.
Reference:
https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection
https://docs.microsoft.com/en-us/azure/information-protection/quickstart-label-dnf-protectedemail
DRAG DROP
Match the resources to the appropriate descriptions.
To answer, drag the appropriate resource from the column on the left to its description on the right, Each resource may be used once, more than once, or not at all. NOTE: Each correct match is worth one point.

You have an Azure environment that contains multiple Azure virtual machines.
You plan to implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines.
You need to recommend which Azure resources must be created for the planned solution.
Which two Azure resources should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . a virtual network gateway
- B . a load balancer
- C . an application gateway
- D . a virtual network
- E . a gateway subnet
A, E
Explanation:
To implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines, you need to configure a VPN (Virtual Private Network) to connect the on-premises network to the Azure virtual network.
The Azure VPN device is known as a Virtual Network Gateway. The virtual network gateway needs to be located in a dedicated subnet in the Azure virtual network. This dedicated subnet is known as a gateway subnet and must be named ‘GatewaySubnet’.
Note: a virtual network (answer D) is also required. However, as we already have virtual machines deployed in a Azure, we can assume that the virtual network is already in place.
Reference: https://docs.microsoft.com/en-us/office365/enterprise/connect-an-on-premises-network-to-a-microsoft-azure-virtual-network
You need to migrate an on-premises server by using a lift-and-shift migration, lo which type of cloud service should you migrate?
- A . infrastructure as a service (laaS)
- B . software as a service (SaaS)
- C . platform as a service (PaaS)