Microsoft AZ-900 Microsoft Azure Fundamentals Exam Dumps and Practice Test Questions Set 10 Q136-150

Visit here for our full Microsoft AZ-900 exam dumps and practice test questions.

Question 136

Which Azure service provides centralized security management and threat protection across Azure resources?

A) Azure Security Center
B) Azure Functions
C) Azure Virtual Machines
D) Azure Blob Storage

Answer: A) Azure Security Center

Explanation:

Azure provides a wide range of services that help organizations build, deploy, and manage applications in the cloud. However, not all Azure services are designed to handle security monitoring, threat detection, or centralized protection of cloud resources. Understanding the purpose and limitations of each service is essential when selecting the correct solution for comprehensive security management.

Azure Functions is a serverless compute service that allows developers to run event-driven code without managing servers or infrastructure. While it is highly efficient for running small pieces of logic in response to triggers, it is not designed to offer centralized security oversight. Azure Functions focuses solely on executing code and does not include native features for monitoring threats, evaluating vulnerabilities, or applying broad security policies across an Azure environment. As a result, it cannot serve as a unified platform for resource protection.

Azure Virtual Machines provide infrastructure-as-a-service capabilities, giving users full control over the operating system, software, and configurations. Although this flexibility is valuable for running workloads requiring custom environments, it also means that security responsibilities fall heavily on the user. Virtual machines require separate tools and configurations to handle threat detection, vulnerability scanning, and security assessment. Without additional solutions, virtual machines alone cannot deliver the centralized or automated security coverage needed to protect an entire cloud environment.

Azure Blob Storage is designed for storing large amounts of unstructured data, such as files, logs, images, and backups. While it includes features like encryption and access controls, it is not intended to function as a security monitoring system. It cannot detect threats, evaluate compliance, or provide insights into the security posture of other Azure resources. Its role is purely storage-focused, not security-driven, so it does not meet the requirement for centralized threat protection or security management.

Azure Security Center, now known as Microsoft Defender for Cloud, is the service specifically built to provide unified security management and advanced threat protection across Azure resources. It continuously monitors workloads to identify vulnerabilities, misconfigurations, and compliance gaps. Through ongoing assessment, it helps organizations maintain a strong security posture. Security Center integrates seamlessly with Azure Defender, enabling enhanced threat detection for virtual machines, databases, containers, storage accounts, and more.

One of the key advantages of Azure Security Center is its ability to aggregate security information from multiple services and provide actionable insights in one location. It generates alerts when suspicious activities or potential attacks are detected, helping administrators respond quickly. In addition, it offers security recommendations that guide users on how to reduce risk by fixing configuration issues or enabling protective features. The service also supports regulatory compliance by mapping the environment against industry standards and producing compliance reports.

Because Azure Security Center brings together threat protection, vulnerability scanning, compliance monitoring, and security recommendations, it enables organizations to proactively manage risks across their cloud environment. Its unified approach simplifies the process of maintaining strong security and ensures that threats can be identified and mitigated before causing damage. For these reasons, Azure Security Center is the correct and most effective choice for centralized security management across Azure resources.

Question 137

Which Azure service automates operational tasks such as patching, configuration, and backup?

A) Azure Automation
B) Azure Functions
C) Azure Virtual Machines
D) Azure Blob Storage

Answer: A) Azure Automation

Explanation:

Azure Functions executes serverless code but does not automate infrastructure tasks. Azure Virtual Machines provide compute resources but require manual patching and backups. Azure Blob Storage stores data but does not offer operational automation. Azure Automation is a fully managed service that allows administrators to automate repetitive operational tasks such as patch management, configuration enforcement, and backup scheduling. It uses runbooks, integrates with monitoring, and reduces human error. Azure Automation is the correct choice because it streamlines operations and ensures consistent management across Azure resources.

Question 138

Which Azure service provides a content delivery network to reduce latency and improve global performance?

A) Azure Content Delivery Network (CDN)
B) Azure Virtual Machines
C) Azure SQL Database
D) Azure Blob Storage

Answer: A) Azure Content Delivery Network (CDN)

Explanation:

Azure offers a broad range of services for computing, data storage, and application management, but not all of these services are optimized for delivering content to users around the world. In today’s digital environment, end users expect web pages, images, videos, and other application content to load quickly and reliably, regardless of their location. To meet these expectations, organizations must employ solutions that provide global distribution and reduce latency for end users.

Azure Virtual Machines provide infrastructure-as-a-service, offering compute power for running applications, databases, and custom workloads. While virtual machines are highly flexible and allow organizations to deploy virtually any type of application or software stack, they do not inherently provide capabilities for global content delivery. Users accessing applications hosted on a single virtual machine may experience slower load times if they are geographically distant from the VM’s location, because Virtual Machines do not include edge caching or distribution mechanisms.

Azure SQL Database is a fully managed relational database service designed to store structured data and support transactional workloads. It ensures high availability, security, and scalability for relational applications, but it is not intended for distributing content globally. Although SQL Database can serve data to applications, every request must be processed by the database, which may introduce latency for users located far from the database’s region. It does not include mechanisms to cache or replicate content at edge locations closer to users, making it unsuitable as a solution for high-performance content delivery.

Azure Blob Storage provides durable and scalable storage for unstructured data such as files, images, videos, and backups. While Blob Storage can hold vast amounts of content reliably, it does not inherently optimize delivery to end users through global caching. Users accessing Blob Storage directly may experience latency if they are far from the storage region, and repeated requests for popular content can create performance bottlenecks. Without edge distribution, Blob Storage alone cannot meet the needs of applications that require fast, global content delivery.

Azure Content Delivery Network (CDN) addresses these challenges by caching content in strategically located edge servers around the world. When users request content, the CDN delivers it from the nearest edge location rather than the origin server, significantly reducing latency and improving load times. Azure CDN is particularly well suited for static content such as images, videos, style sheets, scripts, and web pages. It integrates seamlessly with services like Azure Blob Storage and Azure App Services, enabling organizations to accelerate content delivery without modifying their applications.

In addition to reducing latency, Azure CDN improves reliability and scalability by offloading traffic from the origin servers, preventing overload during traffic spikes. It also provides analytics and monitoring tools that help track performance and user access patterns, allowing organizations to optimize content delivery further. By combining caching, edge distribution, and integration with other Azure services, Azure CDN ensures that users experience fast, responsive access to applications and media content no matter where they are located.

For these reasons, Azure CDN is the correct choice for scenarios that require global content delivery. It provides high performance, reduces load on origin servers, and ensures that end users receive content quickly and reliably, enhancing the overall experience of cloud-hosted applications and media.

Question 139

Which Azure service collects telemetry, monitors applications, and provides visualization dashboards?

A) Azure Monitor
B) Azure Functions
C) Azure Blob Storage
D) Azure Virtual Machines

Answer: A) Azure Monitor

Explanation:

Azure provides a wide range of services that support application development, data storage, and infrastructure management. However, not all of these services are designed to deliver comprehensive monitoring or observability across an environment. When the goal is to track performance, collect logs, and maintain visibility across applications and infrastructure, it is important to understand what each service can and cannot do.

Azure Functions is a serverless compute service that allows users to run event-driven code without managing infrastructure. While it is efficient for executing small pieces of code in response to triggers, it does not provide centralized monitoring capabilities on its own. It can generate logs related to its execution, but these logs must be sent to an external monitoring tool for analysis. The service is focused on code execution rather than system-wide visibility, so it cannot fulfill the requirement of collecting and analyzing telemetry across an entire environment.

Azure Blob Storage is designed to store large volumes of unstructured data and is commonly used for backups, files, logs, and media. Although it offers features such as redundancy, encryption, and access control, it is not intended to operate as a monitoring or observability solution. Blob Storage does not provide telemetry capabilities, system-level metrics, or integrated dashboards. Its role is purely storage-focused, and it cannot track application performance, monitor system health, or generate alerts for operational issues.

Azure Virtual Machines supply infrastructure-as-a-service capabilities, offering full control over operating systems, software, and configurations. While virtual machines can be monitored, they require additional tools or agents to collect logs, metrics, and performance data. On their own, they do not serve as a centralized monitoring platform. Any visibility into their behavior must be achieved by integrating them with a broader solution designed for observability. Without such integration, virtual machines cannot provide unified insights or consolidated telemetry across multiple resources.

Azure Monitor is the service specifically designed to address these needs. It provides end-to-end observability across applications, infrastructure, networks, and hybrid environments. Azure Monitor collects metrics, logs, diagnostics, and performance data from a wide range of Azure resources, enabling users to gain deep insights into how their systems are operating. It supports visualizations through customizable dashboards, allowing teams to track trends, understand system behavior, and identify anomalies.

One of the key strengths of Azure Monitor is its alerting capability. It can automatically generate alerts when metrics cross thresholds or when logs indicate potential issues, enabling faster response to performance problems or failures. Azure Monitor also integrates with analytics tools such as Log Analytics and Application Insights, providing advanced querying and analysis to support troubleshooting and root cause investigation. This makes it easier for teams to maintain system health, optimize performance, and ensure reliability.

Because Azure Monitor brings together metrics, logs, dashboards, alerting, and analytics in one centralized platform, it offers a comprehensive solution for observability. It simplifies monitoring across Azure and hybrid environments, providing actionable insights and supporting proactive management. For these reasons, Azure Monitor is the correct choice when an organization needs unified performance tracking and system-wide visibility.

Question 140

Which Azure service allows defining and enforcing rules for resource compliance and governance?

A) Azure Policy
B) Azure Monitor
C) Azure Functions
D) Azure Virtual Machines

Answer: A) Azure Policy

Explanation:

Azure provides a wide array of services for running workloads, storing data, and collecting operational insights, but not all of these services are designed to enforce governance or ensure compliance across an organization’s cloud environment. In modern cloud deployments, it is critical to maintain consistent compliance with organizational policies, industry regulations, and security standards. Understanding the capabilities of different Azure services is essential for selecting the right tool for governance and policy enforcement.

Azure Monitor is a service that collects metrics, logs, and diagnostic data from applications and Azure resources. It provides visualization through dashboards, enables alerting, and supports advanced analytics for performance monitoring and troubleshooting. While Azure Monitor is highly effective for tracking system health, identifying performance issues, and investigating operational anomalies, it does not enforce governance rules or ensure that resources adhere to regulatory or organizational standards. Monitor provides visibility but cannot prevent non-compliant resource configurations or automate policy enforcement.

Azure Functions is a serverless compute platform that allows developers to execute code in response to events such as HTTP requests, messages in queues, or scheduled timers. It is designed to execute workloads without requiring server management, enabling rapid development and deployment. However, Azure Functions does not manage compliance, enforce policies, or audit resource configurations. While functions can interact with resources and potentially trigger compliance-related workflows, the service itself does not provide governance capabilities or prevent misconfigurations that violate organizational standards.

Azure Virtual Machines provide flexible infrastructure to host applications, databases, and custom workloads. While virtual machines give complete control over the operating system and installed software, they do not inherently enforce compliance or governance policies. Administrators can deploy scripts or third-party tools to monitor configurations, but ensuring consistent compliance across multiple VMs and resource groups requires additional effort. Without a centralized governance tool, managing compliance in a large Azure environment can become complex, error-prone, and difficult to scale.

Azure Policy is specifically designed to address these challenges by defining and enforcing rules across Azure resources. It allows organizations to implement governance controls that ensure resources are deployed and configured according to established standards and regulatory requirements. Azure Policy can audit existing resources, prevent the creation of non-compliant resources, and automatically remediate configurations that do not meet policy requirements. It provides centralized visibility across subscriptions and resource groups, generating compliance reports and allowing administrators to track adherence to policies over time.

With Azure Policy, organizations can enforce standards for security, naming conventions, resource tagging, networking configurations, and more. It integrates seamlessly with other Azure services, making it possible to automatically evaluate and enforce rules as resources are deployed or modified. This automation reduces the risk of human error, ensures consistent policy application, and supports regulatory compliance for industries that require strict adherence to standards.

Because Azure Policy provides automated governance, auditing, and enforcement of organizational rules, it is the correct choice for maintaining compliance in Azure environments. It ensures that resources are deployed securely, consistently, and in alignment with internal and external standards, reducing operational risk and simplifying the management of large-scale cloud deployments. Azure Policy helps organizations achieve reliable governance and maintain compliance across their entire cloud ecosystem.

Question 141

Which Azure service provides a fully managed relational database with high availability and automated backups?

A) Azure SQL Database
B) Azure Cosmos DB
C) Azure Blob Storage
D) Azure Functions

Answer: A) Azure SQL Database

Explanation:

Azure provides a wide range of data and compute services, each designed for specific use cases. When selecting a solution for managing structured, relational data, it is important to understand the capabilities and limitations of each service. Not all Azure offerings support relational features, transactional consistency, or the ability to run SQL queries. By examining what each service provides, it becomes clear why Azure SQL Database is the most suitable choice for workloads that rely on relational data structures.

Azure Cosmos DB is a globally distributed NoSQL database service intended for high-performance, low-latency applications that require flexible data models. It supports multiple APIs and data formats, such as document, key-value, graph, and column-family structures. While it excels in distributed environments and offers impressive scalability and global replication, it does not provide the traditional relational capabilities found in SQL-based systems. Cosmos DB is not designed to handle structured relational schemas, complex joins, or transactional consistency in the same way as a relational database. For applications built around structured tables, defined relationships, and SQL queries, Cosmos DB does not meet the necessary requirements.

Azure Blob Storage is another service often used for storing large volumes of unstructured data. It is ideal for files, media, backups, logs, and other content that does not require a relational structure. Although Blob Storage offers reliable and cost-effective data storage, it cannot process relational queries or enforce data integrity. It does not support tables, relationships, or transactions, making it unsuitable for applications that rely on well-defined relational models. Its purpose is strictly storage-oriented, without features that facilitate relational database management.

Azure Functions is a serverless compute service used to execute event-driven code without managing servers. It is designed to run small units of logic in response to triggers such as HTTP requests, timers, or messaging events. While Azure Functions can interact with databases, it does not store or manage data itself. It cannot replace a database service or provide capabilities such as indexing, transactional consistency, automated backups, or query optimization. Its role is limited to executing code, not managing relational data, so it cannot serve as a substitute for a relational database platform.

Azure SQL Database, on the other hand, is a fully managed relational database service that offers extensive capabilities for building and maintaining structured data applications. It provides high availability through built-in redundancy, automated backups, security features, and seamless patching. The service supports traditional SQL features such as tables, relationships, constraints, stored procedures, and transactions. Developers can rely on familiar SQL tools and principles, making it straightforward to build and maintain relational applications. Azure SQL Database also provides scalability options, performance tuning, and monitoring tools that simplify both development and operations.

By handling infrastructure tasks such as patching, updating, and maintaining database availability, Azure SQL Database allows developers and organizations to focus on the data and application logic rather than the underlying hardware or server configurations. Its reliability, performance, and full support for relational workloads make it the ideal choice for structured data management. For these reasons, Azure SQL Database stands out as the correct solution when relational capabilities and managed database services are required.

Question 142

Which Azure service improves application performance by caching frequently accessed data in memory?

A) Azure Cache for Redis
B) Azure Blob Storage
C) Azure SQL Database
D) Azure Functions

Answer: A) Azure Cache for Redis

Explanation:

Azure provides a variety of services to handle storage, computation, and application logic, but not all of these services are suitable for improving application performance through in-memory caching. Understanding the role of each service is important when designing a solution that requires fast access to frequently used data and reduced latency. Some services excel in storage or computation but lack the capability to act as a caching layer, which is essential for high-performance applications.

Azure Blob Storage is primarily a service for storing unstructured data, including files, images, videos, backups, and logs. It is highly scalable and provides reliable long-term storage, but it does not support in-memory caching. Data retrieval from Blob Storage involves disk-based operations, which can introduce latency for frequently accessed data. While Blob Storage is ideal for storing large volumes of data cost-effectively, it is not suitable for scenarios that require rapid, repeated access to the same data to improve application responsiveness.

Azure SQL Database is a fully managed relational database service that is designed to store structured data and maintain transactional integrity. It offers features such as automated backups, high availability, and scalability for relational workloads. However, it is fundamentally a persistent data store rather than a caching solution. Every query to Azure SQL Database involves disk access and transaction processing, which can result in higher latency for repeated requests. Although SQL Database can handle high-volume workloads efficiently, it is not intended to serve as a fast, in-memory layer for frequently accessed data.

Azure Functions is a serverless compute service that allows developers to execute event-driven code without managing infrastructure. It is ideal for running small units of logic in response to triggers such as HTTP requests, timers, or message queues. However, Azure Functions does not provide caching capabilities on its own. Any data processed or generated by functions must typically be stored in another service, such as SQL Database or Blob Storage. This makes it unsuitable for use as a caching layer to reduce data retrieval times or offload frequent queries from backend databases.

Azure Cache for Redis is a fully managed, in-memory caching service that addresses the need for high-speed access to frequently used data. By storing data in memory rather than on disk, it significantly reduces latency and improves overall application performance. Azure Cache for Redis supports high-throughput operations, making it suitable for scenarios like session storage, real-time analytics, leaderboard tracking, and caching frequently accessed database queries. It also integrates seamlessly with other Azure services, allowing applications to offload repeated queries from persistent databases, freeing up resources and improving scalability.

The use of Azure Cache for Redis enables applications to provide faster responses to users and reduces the load on backend systems. By keeping hot data in memory, applications can minimize repetitive disk I/O operations, resulting in improved performance, lower latency, and enhanced user experience. Its ability to handle large volumes of concurrent requests makes it particularly valuable for high-traffic applications, ensuring both reliability and responsiveness.

For these reasons, Azure Cache for Redis is the correct choice when the goal is to enhance application performance through in-memory caching. It provides a specialized, managed solution that complements persistent storage and database services while enabling applications to scale efficiently and respond quickly to user demands.

Question 143

Which Azure service provides a serverless platform for executing small, event-driven code units?

A) Azure Functions
B) Azure Virtual Machines
C) Azure Blob Storage
D) Azure SQL Database

Answer: A) Azure Functions

Explanation:

Azure Virtual Machines provide compute infrastructure but are not event-driven or serverless. Azure Blob Storage stores data but does not execute code. Azure SQL Database stores relational data and cannot run serverless functions. Azure Functions allows developers to execute code in response to triggers such as HTTP requests, messages, or timers. It automatically scales with demand and abstracts infrastructure management. Azure Functions is the correct choice because it provides lightweight, event-driven code execution without requiring management of underlying servers.

Question 144

Which Azure service enables orchestration and automation of workflows across multiple services?

A) Azure Logic Apps
B) Azure Functions
C) Azure Virtual Machines
D) Azure Blob Storage

Answer: A) Azure Logic Apps

Explanation:

Azure offers a diverse set of services for running code, managing infrastructure, and storing data, but not all of these services are designed to provide orchestration or automation across multiple applications and systems. In modern cloud environments, organizations often need to automate complex workflows that span multiple services, integrate with external applications, and handle conditional logic or error management. Understanding the capabilities and limitations of different Azure services is essential for selecting the right tool for workflow orchestration.

Azure Functions is a serverless compute service that allows developers to execute code in response to events such as HTTP requests, messages, or scheduled triggers. While Azure Functions is highly effective for executing individual pieces of logic without the need to manage servers, it does not provide visual workflow orchestration. Developers can build sequences of function calls using code, but there is no built-in platform for designing, monitoring, or automating complex workflows across multiple services. Functions are focused on code execution rather than managing multi-step processes with dependencies and error handling.

Azure Virtual Machines offer full infrastructure control, enabling users to run operating systems, install software, and host applications. While VMs provide the compute power necessary to run applications, they do not include automation for workflows that involve multiple services or systems. Orchestrating a process across multiple virtual machines, databases, storage accounts, and external applications requires custom scripts or third-party automation tools. This adds complexity and operational overhead, making virtual machines unsuitable for seamless workflow automation out of the box.

Azure Blob Storage is a service designed for storing large amounts of unstructured data, such as files, images, logs, or backups. While Blob Storage is reliable and highly scalable, it does not have features for task orchestration, workflow automation, or process monitoring. It serves primarily as a storage platform and cannot manage dependencies, trigger actions across other services, or implement complex logic required for automated workflows.

Azure Logic Apps is a cloud-based, low-code platform built specifically for designing, automating, and orchestrating workflows across cloud and on-premises systems. It enables users to create workflows using a visual designer, allowing for clear visualization of triggers, actions, loops, conditions, and error-handling mechanisms. Logic Apps provides connectors to a wide range of services, including Azure services, Microsoft 365, SaaS applications, and on-premises systems, enabling seamless integration and automation of tasks that span multiple platforms. Users can automate repetitive processes, enforce business rules, and ensure consistent execution without writing extensive code.

One of the key advantages of Logic Apps is its ability to reduce manual intervention and streamline complex workflows. By automating processes, organizations can improve efficiency, minimize errors, and maintain consistency in operations. Logic Apps also provides monitoring and logging capabilities, making it easier to track workflow execution, identify failures, and implement corrective actions quickly. Its low-code approach allows both developers and non-developers to create sophisticated automation solutions, accelerating digital transformation initiatives.

Because Azure Logic Apps combines visual workflow design, extensive integration capabilities, error handling, and monitoring, it is the ideal choice for orchestrating processes across multiple systems. It enables organizations to automate business processes efficiently, reduce operational complexity, and ensure reliable execution of tasks. Logic Apps provides a powerful and scalable platform for workflow automation, making it the correct solution for organizations that need to integrate and manage complex workflows across diverse services.

Question 145

Which Azure service protects web applications from threats such as SQL injection and cross-site scripting?

A) Azure Web Application Firewall (WAF)
B) Azure Blob Storage
C) Azure Functions
D) Azure Virtual Machines

Answer: A) Azure Web Application Firewall (WAF)

Explanation:

Azure offers a variety of services for data storage, compute, and application hosting, but not all of these services provide security at the application level. While services like storage, virtual machines, and serverless compute are essential for running workloads, they do not inherently protect applications from attacks. Understanding the security capabilities of each service is critical when designing solutions that require protection against common web threats and vulnerabilities.

Azure Blob Storage is primarily designed for storing unstructured data, including files, backups, images, videos, and logs. It provides durable, scalable, and cost-effective storage but does not include features to protect web applications from attacks. While access control, encryption, and network-level security can be applied to storage accounts, these measures do not secure applications themselves or prevent web-based attacks such as cross-site scripting or SQL injection. Blob Storage focuses on protecting the data at rest rather than providing a shield against threats targeting application logic or user interactions.

Azure Functions is a serverless compute platform that allows developers to run code in response to events without managing infrastructure. It is highly flexible and efficient for executing event-driven workloads, but it does not include built-in protection against application-level attacks. While developers can implement security measures within their code, Azure Functions does not automatically filter malicious requests or monitor web traffic for threats. This lack of inherent application-layer security makes it unsuitable for scenarios where safeguarding applications from external attacks is a priority.

Azure Virtual Machines provide infrastructure for running applications with complete control over the operating system, networking, and installed software. While VMs allow the deployment of security tools and firewalls, they do not inherently provide protection for the applications themselves. Administrators must configure and maintain additional security layers to detect and prevent attacks targeting web applications. Without these additional measures, applications running on virtual machines remain exposed to common vulnerabilities, leaving organizations responsible for the full security configuration.

Azure Web Application Firewall (WAF) is specifically designed to address these challenges. WAF protects web applications by filtering and monitoring HTTP traffic between clients and application endpoints. It safeguards against a wide range of threats, including SQL injection, cross-site scripting, and other vulnerabilities identified in the OWASP Top 10. WAF can be deployed in conjunction with services such as Azure Front Door or Azure Application Gateway, providing global distribution, load balancing, and secure entry points for web traffic. It also generates logs and alerts for suspicious activity, helping administrators monitor potential threats and respond proactively.

By inspecting incoming requests and blocking malicious traffic, Azure WAF significantly reduces the risk of application compromise. It simplifies security management by providing centralized rulesets, customizable policies, and automatic protection against newly discovered vulnerabilities. This allows developers and administrators to focus on application functionality and performance rather than building and maintaining custom security measures.

For these reasons, Azure WAF is the correct choice for securing web applications. It enhances protection against common attacks, provides real-time monitoring and alerts, and integrates seamlessly with other Azure services to deliver a comprehensive application-layer security solution. By implementing WAF, organizations can ensure that their applications are safeguarded against threats, maintain compliance, and provide a secure experience for users.

Question 146

Which Azure service delivers content globally with low latency using edge caching?

A) Azure Content Delivery Network (CDN)
B) Azure Virtual Machines
C) Azure SQL Database
D) Azure Blob Storage

Answer: A) Azure Content Delivery Network (CDN)

Explanation:

Azure Virtual Machines provide compute but do not deliver content globally. Azure SQL Database stores relational data but is not optimized for content delivery. Azure Blob Storage stores data but does not provide global edge caching. Azure Content Delivery Network (CDN) caches content in distributed edge locations, reducing latency and improving performance for users worldwide. It is ideal for static content such as images, videos, and web pages. Azure CDN is the correct choice because it ensures fast and reliable content delivery globally.

Question 147

Which Azure service collects telemetry, monitors applications, and provides visualization dashboards?

A) Azure Monitor
B) Azure Functions
C) Azure Blob Storage
D) Azure Virtual Machines

Answer: A) Azure Monitor

Explanation:

Azure provides a variety of services that support application development, storage, and infrastructure management, but not all of these services are designed to provide comprehensive monitoring or centralized observability. When managing complex environments that include multiple applications and resources, visibility into system performance, resource utilization, and operational health is critical. Understanding the capabilities of each service is essential for selecting the solution that ensures effective monitoring and management of workloads.

Azure Functions is a serverless compute service that allows developers to run event-driven code without managing infrastructure. It is well-suited for executing small tasks in response to events such as HTTP requests, messages in queues, or timers. However, Azure Functions does not provide centralized monitoring by itself. While it can produce execution logs and telemetry, these outputs must be collected and analyzed using external tools to gain meaningful insights. On its own, Azure Functions lacks built-in dashboards, alerting mechanisms, or metrics aggregation for comprehensive observability across multiple applications or resources.

Azure Blob Storage is a service designed for storing unstructured data, including files, logs, images, videos, and backups. It provides durable and scalable storage for large volumes of data but does not include monitoring or analytics features. While data can be retrieved and processed as needed, Blob Storage does not offer insights into access patterns, performance metrics, or potential operational issues. Any visibility into system health or usage requires integration with external monitoring solutions, making Blob Storage unsuitable as a standalone tool for observability or performance tracking.

Azure Virtual Machines provide infrastructure-as-a-service, offering full control over the operating system, installed software, and network configuration. VMs are highly flexible and can host a wide range of applications, but they do not inherently provide centralized monitoring. Administrators must deploy additional tools or agents to collect logs, metrics, and diagnostic data. This often involves integrating virtual machines with monitoring services to visualize performance, track resource utilization, and detect anomalies. Without such integration, monitoring and troubleshooting across multiple virtual machines becomes complex and time-consuming.

Azure Monitor is the service specifically designed to provide centralized observability across Azure resources, applications, and even hybrid environments. It collects telemetry data, metrics, and logs from a wide variety of sources, enabling administrators to gain deep insights into the performance, reliability, and health of their systems. Azure Monitor offers visualization through customizable dashboards, allowing teams to track trends, identify anomalies, and detect potential issues proactively. It also provides alerting capabilities, automatically notifying administrators when metrics exceed defined thresholds or when abnormal patterns are detected.

Azure Monitor integrates with analytics services, enabling advanced querying, correlation of data across multiple sources, and root cause analysis. It supports performance tracking, troubleshooting, and operational management, helping teams maintain system stability and ensure a positive user experience. By centralizing monitoring data, Azure Monitor reduces complexity, improves visibility, and enables proactive management of both Azure-based and hybrid applications.

For these reasons, Azure Monitor is the correct choice when comprehensive monitoring and observability are required. It provides end-to-end insights, centralized telemetry collection, alerting, and integration with analytics tools, making it a robust solution for maintaining system health and performance across diverse environments.

Question 148

Which Azure service allows defining and enforcing rules for compliance and governance?

A) Azure Policy
B) Azure Monitor
C) Azure Functions
D) Azure Virtual Machines

Answer: A) Azure Policy

Explanation:

Azure Monitor collects metrics and logs but does not enforce compliance. Azure Functions executes code but does not manage governance. Azure Virtual Machines provide infrastructure without built-in compliance enforcement. Azure Policy enables defining and enforcing rules to ensure resources meet organizational or regulatory standards. It audits resource configurations, blocks non-compliant deployments, and generates compliance reports across subscriptions and resource groups. Azure Policy is the correct choice because it automates governance and ensures consistent compliance across Azure environments.

Question 149

Which Azure service provides fully managed relational databases with automated backups and high availability?

A) Azure SQL Database
B) Azure Cosmos DB
C) Azure Blob Storage
D) Azure Functions

Answer: A) Azure SQL Database

Explanation:

Azure Cosmos DB is a NoSQL database designed for distributed workloads but does not provide relational features. Azure Blob Storage stores unstructured data and does not manage relational queries. Azure Functions executes code but does not manage databases. Azure SQL Database is a fully managed relational database offering high availability, automated backups, scalability, and security features. It allows developers to focus on using the database rather than managing infrastructure. Azure SQL Database is the correct choice because it provides a reliable, fully managed relational database platform suitable for structured workloads.

Question 150

Which Azure service improves application performance by caching frequently accessed data in memory?

A) Azure Cache for Redis
B) Azure Blob Storage
C) Azure SQL Database
D) Azure Functions

Answer: A) Azure Cache for Redis

Explanation:

Azure provides a broad ecosystem of services for managing data, running applications, and supporting cloud workloads, but not all of these services are designed to improve application performance through caching. Caching is a critical technique for reducing latency and ensuring that frequently accessed data can be retrieved quickly, which directly impacts user experience and system efficiency. Understanding the capabilities and limitations of each Azure service helps determine the most suitable solution for caching requirements.

Azure Blob Storage is a service designed for storing large volumes of unstructured data, including files, media, logs, and backups. While it provides highly durable and scalable storage, it does not offer low-latency access or in-memory caching. Every data retrieval operation from Blob Storage involves disk-based reads, which can result in higher latency compared to memory-based solutions. This makes Blob Storage ideal for long-term storage and archival purposes, but not suitable for scenarios where rapid, repeated access to the same data is required to enhance application responsiveness.

Azure SQL Database is a fully managed relational database service that ensures durability, transactional consistency, and high availability for structured data. It is optimized for persistent storage of relational data and supports complex queries, joins, and transactional operations. However, it is not designed as a caching layer. Queries against SQL Database, particularly those that are repeated frequently, involve disk I/O and transaction processing, which can introduce latency and reduce responsiveness. Although SQL Database performs well for traditional relational workloads, it cannot match the performance of in-memory caching solutions for high-frequency data retrieval.

Azure Functions is a serverless compute service that allows developers to execute event-driven code without managing infrastructure. It is highly effective for running small pieces of logic in response to triggers such as HTTP requests, message queues, or timers. However, Azure Functions does not include built-in caching capabilities. Any data that needs to be accessed repeatedly must be retrieved from external storage or databases, which can increase latency and reduce overall performance. Functions can integrate with caching solutions, but they do not provide caching inherently.

Azure Cache for Redis is a fully managed, in-memory caching service that addresses these challenges. By storing frequently accessed data in memory, it provides extremely low-latency access compared to disk-based storage systems. Redis supports high-throughput workloads, making it ideal for session management, leaderboards, real-time analytics, and caching results of repeated database queries. It helps offload work from backend databases, reducing load and improving overall application performance. Redis also offers features like data persistence, replication, and clustering, which support scalability and reliability in production environments.

Using Azure Cache for Redis allows applications to retrieve data quickly, handle high levels of concurrent requests, and maintain responsiveness even under heavy load. By keeping hot data in memory, Redis reduces the need to repeatedly query slower storage systems, enabling faster response times and more efficient use of resources. This improves user experience and supports scalable, high-performance cloud applications.

For these reasons, Azure Cache for Redis is the correct choice for scenarios requiring low-latency, in-memory caching. It enhances application responsiveness, reduces the burden on backend databases, and provides a robust, scalable solution for high-performance workloads in the cloud.