- (Exam Topic 1)
Which Azure service should you use to store certificates?

1. A. Azure Security Center
2. B. an Azure Storage account
3. C. Azure Key Vault
4. D. Azure Information Protection

Correct Answer: C
Azure Key Vault is a secure store for storage various types of sensitive information including passwords and certificates.
Azure Key Vault can be used to Securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets.
Secrets and keys are safeguarded by Azure, using industry-standard algorithms, key lengths, and hardware security modules (HSMs). The HSMs used are Federal Information Processing Standards (FIPS) 140-2 Level 2 validated.
Access to a key vault requires proper authentication and authorization before a caller (user or application) can get access. Authentication establishes the identity of the caller, while authorization determines the operations that they are allowed to perform.
References:
https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview

- (Exam Topic 3)
You plan to deploy a service to Azure virtual machines.
You need to ensure that the service will be available if a datacenter fails.
What should you use as part of the virtual machine deployment?

1. A. availability sets
2. B. proximity placement groups
3. C. host groups
4. D. availability zones

Correct Answer: D

- (Exam Topic 2)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Solution:
Box 1: No
Azure Advisor does not generate a list of virtual machines that ARE protected by Azure Backup. Azure Advisor does however, generate a list of virtual that ARE NOT protected by Azure Backup. You can view a list of virtual machines that are protected by Azure Backup by viewing the Protected Items in the Azure Recovery Services Vault.
Box 2: No
If you implement the security recommendations, you company’s score will increase, not decrease. Box 3: No
There is no requirement to implement the security recommendations provided by Azure Advisor. The recommendations are just that, ‘recommendations’. They are not ‘requirements’.
References:
https://azure.microsoft.com/en-gb/blog/advisor-backup-recommendations/ https://docs.microsoft.com/en-us/azure/advisor/advisor-overview https://microsoft.github.io/AzureTipsAndTricks/blog/tip173.html

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 3)
Azure distributed denial of service (DDoS) protection is an example of protection that is implemented at the ( ___________ ).
Solution:
networking layer

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 3)
What are two benefits of cloud computing? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

1. A. enables the rapid provisioning of resources
2. B. has increased administrative complexity
3. C. has the same configuration options as on-premises
4. D. shifts capital expenditures (CAPEX) to operating expenditures (OPEX)

Correct Answer: AD