Design identity, governance, and monitoring solutions Questions
Practice questions for Design identity, governance, and monitoring solutions topic in Microsoft Certified: Azure Solutions Architect Expert. 56 questions covering this domain.
Which Azure Monitor capability is specifically the application performance monitoring feature for distributed applications?
Which Azure service stores secrets, keys, and certificates for centralized secure access?
A company wants to authorize an operations team to manage only one application resource group and nothing else. Which Azure RBAC scope best matches th...
A developer needs a place to query collected Azure log data by using Kusto Query Language. What should the architect recommend?
A governance team needs to route platform logs and metrics from Azure resources to a Log Analytics workspace and Event Hubs. Which Azure Monitor featu...
A company has thousands of subscriptions and wants consistent governance inheritance from the tenant root downward. Which design fact should guide the...
A platform team wants just-in-time, time-bound privileged access for administrators with approval and multifactor authentication during activation. Wh...
A security team wants to control data-plane access to a Key Vault by using Azure role assignments instead of classic vault permissions. Which statemen...
An architect needs to centralize metrics, logs, traces, and alerts for Azure and non-Azure assets in one design. Which platform should anchor the solu...
An architect is comparing Azure Policy and Azure RBAC. Which statement is correct?
A security architect needs to describe an Azure role assignment precisely. Which three elements make up an Azure RBAC role assignment?
A logging design requires long-term archive in storage, near-real-time analytics in a workspace, and downstream streaming integration. Which combinati...
A company wants a governance container above subscriptions so policy and access can be inherited across many subscriptions. Which Azure feature should...
Which Azure service evaluates resources against JSON policy definitions to enforce or assess compliance?
A platform team plans observability with Azure Monitor and wants per-resource control of which logs and metrics get collected. Which feature should th...
Which Microsoft Entra capability lets external partner users sign in with their own organization credentials to access shared apps?
A regulated company needs a centralized log archive for 7 years (compliance), interactive query for 30 days, and the ability to rehydrate older data w...
An architect must enforce that any new App Service deployed without diagnostic settings is automatically remediated to send logs to a central workspac...
An architect needs to design a landing zone with consistent baseline policies, RBAC, and tagging across many subscriptions. Which Microsoft framework ...
An architect wants Azure resources logs collected to a workspace and also exported continuously to a SIEM via Event Hubs. Which design fits?
Sign in to see all 56 questions
Create a free account to browse all questions — completely free during our launch phase.