Prepare AZ-220 Exam Questions [2024] Recently Updated Questions [Q32-Q54]

Prepare AZ-220 Exam Questions [2024] Recently Updated Questions

Give push to your success with AZ-220 exam questions

NEW QUESTION # 32
You plan to deploy an Azure IoT hub.
The IoT hub must support the following:
* Three Azure IoT Edge devices
* 2,500 IoT devices
Each IoT device will spend a 6 KB message every five seconds.
You need to size the IoT hub to support the devices. The solution must minimize costs.
What should you choose?

• A. one unit of the B1 tier
• B. one unit of the S1 tier
• C. one unit of the B2 tier
• D. one unit of the S3 tier

Answer: D

Explanation:
2500* 6 KB * 12 = 180,000 KB/minute = 180 MB/Minute.
B3, S3 can handle up to 814 MB/minute per unit.
Incorrect Answers:
A, C: B1, S1 can only handle up to 1111 KB/minute per unit
B: B2, S2 can only handle up to 16 MB/minute per unit.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-scaling

NEW QUESTION # 33
You need to enable telemetry message tracing through the entire IoT solution.
What should you do?

• A. Monitor device lifecycle events.
• B. Implement distributed tracing.
• C. Enable the DeviceTelemetry diagnostic log and stream the log data to an Azure event hub.
• D. Upload IoT device logs by using the File upload feature.

Answer: B

Explanation:
IoT Hub is one of the first Azure services to support distributed tracing. As more Azure services support distributed tracing, you'll be able trace IoT messages throughout the Azure services involved in your solution.
Note:
Enabling distributed tracing for IoT Hub gives you the ability to:
* Precisely monitor the flow of each message through IoT Hub using trace context. This trace context includes correlation IDs that allow you to correlate events from one component with events from another component. It can be applied for a subset or all IoT device messages using device twin.
* Automatically log the trace context to Azure Monitor diagnostic logs.
* Measure and understand message flow and latency from devices to IoT Hub and routing endpoints.
Start considering how you want to implement distributed tracing for the non-Azure services in your IoT solution.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-distributed-tracing Monitor, troubleshoot, and optimize IoT solutions Question Set 2

NEW QUESTION # 34
You have an Azure subscription that contains a resource group named RG1.
You need to deploy the Device Provisioning Service. The solution must ensure that the Device Provisioning Service can accept new device enrollments.
You create a Device Provisioning Service instance.
Which two actions should you perform next? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. From the Manage allocation policy blade of the Device Provisioning Service, configure an allocation policy.
• B. From the Azure portal, create a new Azure IoT hub.
• C. From the Linked IoT hubs blade of the Device Provisioning Service, link an Azure IoT hub.
• D. From the Certificates blade of the Device Provisioning Service, upload an X.509 certificate to the Device Provisioning Service.

Answer: A,C

Explanation:
A: The Device Provisioning Service can only provision devices to IoT hubs that have been linked to it.
C: Allocation policy. The service-level setting that determines how Device Provisioning Service assigns devices to an IoT hub. There are three supported allocation policies:
* Lowest latency: devices are provisioned to an IoT hub with the lowest latency to the device.
* Evenly weighted distribution
* Static configuration via the enrollment list
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/iot-dps/concepts-service

NEW QUESTION # 35
You have an Azure IoT hub that uses a Device Provisioning Service instance.
You have 1,000 legacy IoT devices that only support MAC address or serial number identities. The device do NOT have a security feature that can be used to securely identify the device or a hardware security module (HSM).
You plan to deploy the devices to a secure environment.
You need to configure the Device Provisioning Service instance to ensure that all the devices are identified securely before they receive updates.
Which attestation mechanism should you choose?

• A. X.509 certificates
• B. Trusted Platform Module (TPM) 1.2 attestation
• C. symmetric key attestation

Answer: C

Explanation:
Explanation
A common problem with many legacy devices is that they often have an identity that is composed of a single piece of information. This identity information is usually a MAC address or a serial number. Legacy devices may not have a certificate, TPM, or any other security feature that can be used to securely identify the device.
The Device Provisioning Service for IoT hub includes symmetric key attestation. Symmetric key attestation can be used to identify a device based off information like the MAC address or a serial number.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/iot-dps/how-to-legacy-device-symm-key

NEW QUESTION # 36
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Standard tier Azure IoT hub and a fleet of IoT devices.
The devices connect to the IoT hub by using either Message Queuing Telemetry Transport (MQTT) or Advanced Message Queuing Protocol (AMQP).
You need to send data to the IoT devices and each device must respond. Each device will require three minutes to process the data and respond.
Solution: You use cloud-to-device messages and watch the cloud-to-device feedback endpoint for successful acknowledgement.
Does this meet the goal?

• A. No
• B. Yes

Answer: A

Explanation:
IoT Hub provides three options for device apps to expose functionality to a back-end app:
* Twin's desired properties for long-running commands intended to put the device into a certain desired state.
For example, set the telemetry send interval to 30 minutes.
* Direct methods for communications that require immediate confirmation of the result. Direct methods are often used for interactive control of devices such as turning on a fan.
* Cloud-to-device messages for one-way notifications to the device app.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-c2d-guidance Implement Edge Question Set 1

NEW QUESTION # 37
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Standard tier Azure IoT hub and a fleet of IoT devices.
The devices connect to the IoT hub by using either Message Queuing Telemetry Transport (MQTT) or Advanced Message Queuing Protocol (AMQP).
You need to send data to the IoT devices and each device must respond. Each device will require three minutes to process the data and respond.
Solution: You use direct methods and check the response.
Does this meet the goal?

• A. No
• B. Yes

Answer: A

Explanation:
Explanation
IoT Hub provides three options for device apps to expose functionality to a back-end app:
* Twin's desired properties for long-running commands intended to put the device into a certain desired
* state. For example, set the telemetry send interval to 30 minutes.
* Direct methods for communications that require immediate confirmation of the result. Direct methods are often used for interactive control of devices such as turning on a fan.
* Cloud-to-device messages for one-way notifications to the device app.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-c2d-guidance

NEW QUESTION # 38
You have 1,000 devices that connect to an Azure IoT hub.
You are performing a scheduled check of deployed IoT devices.
You plan to run the following command from the Azure CLI prompt.
az iot hub query --hub-name hub1 --query-command "SELECT * FROM devices WHERE connectionState = 'Disconnected'" What does the command return?

• A. the device twins
• B. the Connections logs
• C. the Device Disconnected events
• D. the device credentials

Answer: C

Explanation:
The IoT Hub publishes the Microsoft.Devices.DeviceDisconnected event type, which is published when a device is disconnected from an IoT hub.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-event-grid#event-types

NEW QUESTION # 39
You have an Azure IoT Edge module named SampleModule that runs on a device named Device1.
You make changes to the code of SampleModule by using Microsoft Visual Studio Code.
You need to push the code to the container registry and then deploy the module to Device1.
Which two actions should you perform from Visual Studio Code? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Build and push the SampleModule code to the registry.
• B. Build an loT Edge solution.
• C. Create a deployment for a single device.
• D. Generate a shared access signature (SAS) token for Device 1.
• E. Upload to Azure Storage.

Answer: B,C

Explanation:
Explanation
D: Once you create IoT Edge modules with your business logic, you want to deploy them to your devices to operate at the edge.
B: Configure a deployment manifest. A deployment manifest is a JSON document that describes which modules to deploy, how data flows between the modules, and desired properties of the module twins.
You deploy modules to your device by applying the deployment manifest that you configured with the module information.
* In the Visual Studio Code explorer view, expand the Azure IoT Hub section, and then expand the Devices node.
* To confirm that the device you've chosen is an IoT Edge device, select it to expand the list of modules and verify the presence of $edgeHub and $edgeAgent. Every IoT Edge device includes these two modules.
* Select Create Deployment for Single Device.
* Navigate to the deployment manifest JSON file that you want to use, and click Select Edge Deployment Manifest.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/how-to-deploy-modules-vscode

NEW QUESTION # 40
You have an Azure IoT solution that includes an Azure IoT hub and 100 Azure IoT Edge devices.
You plan to deploy the IoT Edge devices to external networks. The firewalls of the external networks only allow traffic on port 80 and port 443.
You need to ensure that the devices can connect to the IoT hub. The solution must minimize costs.
What should you do?

• A. Connect the external networks to the loT solution by using ExpressRoute.
• B. Configure the upstream protocol of the devices to use AMQP over WebSocket.
• C. Integrate cellular communication hardware onto the devices and avoid the use of the external networks.
• D. Configure the upstream protocol of the devices to use MQTT over TCP.

Answer: B

Explanation:
AMQP over WebSockets uses port 443.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-protocols

NEW QUESTION # 41
You have three Azure IoT hubs named Hub1, Hub2, and Hub3, a Device Provisioning Service instance, and an IoT device named Device1.
Each IoT hub is deployed to a separate Azure region.
Device enrollment uses the Lowest latency allocation policy.
The Device Provisioning Service uses the Lowest latency allocation policy.
Device1 is auto-provisioned to Hub1 by using the Device Provisioning Service.
Device1 regularly moves between regions.
You need to ensure that Device1 always connects to the IoT hub that has the lowest latency.
What should you do?

• A. Disenroll and reenroll Device1.
• B. Configure the re-provisioning policy.
• C. Implement device certificate rolling.
• D. Configure device attestation that uses X.509 certificates.

Answer: B

Explanation:
Automated re-provisioning support.
Microsoft added first-class support for device re-provisioning which allows devices to be reassigned to a different IoT solution sometime after the initial solution assignment. Re-provisioning support is available in two options:
* Factory reset, in which the device twin data for the new IoT hub is populated from the enrollment list instead of the old IoT hub. This is common for factory reset scenarios as well as leased device scenarios.
* Migration, in which device twin data is moved from the old IoT hub to the new IoT hub. This is common for scenarios in which a device is moving between geographies.
Reference:
https://azure.microsoft.com/en-us/blog/new-year-newly-available-iot-hub-device-provisioning-service-features/

NEW QUESTION # 42
From the Device Provisioning Service, you create an enrollment as shown in the exhibit. (Click the Exhibittab.)

You need to deploy a new IoT device.
What should you use as the device identity during attestation?

• A. the random string of alphanumeric characters
• B. the endorsement key of the device's Trusted Platform Module (TPM)
• C. a self-signed X.509 certificate
• D. the HMACSHA256 hash of the device's registration ID

Answer: D

Explanation:
Each device uses its derived device key with your unique registration ID to perform symmetric key attestation with the enrollment during provisioning. To generate the device key, use the key you copied from your DPS enrollment to compute an HMAC-SHA256 of the unique registration ID for the device and convert the result into Base64 format.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/how-to-auto-provision-symmetric-keys

NEW QUESTION # 43
You have an Azure IoT solution.
You need to test that the solution remains functional if IoT Hub is affected by a regional outage.
What should you do?

• A. From the loT hub, start a manual failover.
• B. From the loT hub, set Allow public network access to Disabled.
• C. From the Device Provisioning Service (DPS), unlink the loT hub.
• D. From the loT hub, select Disable fallback route.

Answer: A

Explanation:
Manual failover is a feature of the IoT Hub service that allows customers to failover their hub's operations from a primary region to the corresponding Azure geo-paired region. Manual failover can be done in the event of a regional disaster or an extended service outage. You can also perform a planned failover to test your disaster recovery capabilities, although we recommend using a test IoT hub rather than one running in production.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/tutorial-manual-failover

NEW QUESTION # 44
You have an Azure loT hub and an Azure virtual network.
You configure a private endpoint for the IoT hub.
You need to ensure that the loT hub can send data to downstream services What should you create first?

• A. a managed identity
• B. a consumer group
• C. a message route
• D. an IP filter rule

Answer: D

NEW QUESTION # 45
You have 100 devices that connect to an Azure IoT hub.
You need to be notified about failed local logins to a subnet of the devices.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

Step 1: Enable Azure Security Center for IoT
Security alerts, such as failed local IoT hub logins, are stored in AzureSecurityOfThings.SecurityAlert table in the Log Analytics workspace configured for the Azure Security Center for IoT solution.
Step 2: Select a device security group
Update a device security group..
Step 3: Create a custom alert rule
by creating a custom alert rule
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/asc-for-iot/how-to-security-data-access
https://docs.microsoft.com/en-us/rest/api/securitycenter/devicesecuritygroups/createorupdate

NEW QUESTION # 46
You need to install the Azure IoT Edge runtime on a new device that runs Windows 10 IoT Enterprise.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

1 - From Azure IoT Hub, create an IoT Edge Device
2 - Deploy-IoTEdge
3 - Initialize-IoTEdge
4 - Enter the IoT Edge device connection string.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/module-composition

NEW QUESTION # 47
You have an Azure subscription that contains the resources shown in the following table.

You create a group enrollment in DPS1 and enroll 100 loT devices. Each device is issued a leaf certificate from CAT. You need to deprovision a single loT device from the group enrollment. The solution must not affect the other devices. Solution: You delete the device entry from the device registry of Hub1. Does this meet the goal?

• A. No
• B. Yes

Answer: A

NEW QUESTION # 48
You have an Azure IoT solution.
You need to test that the solution remains functional if IoT Hub is affected by a regional outage.
What should you do?

• A. From the loT hub, start a manual failover.
• B. From the loT hub, set Allow public network access to Disabled.
• C. From the Device Provisioning Service (DPS), unlink the loT hub.
• D. From the loT hub, select Disable fallback route.

Answer: A

Explanation:
Explanation
Manual failover is a feature of the IoT Hub service that allows customers to failover their hub's operations from a primary region to the corresponding Azure geo-paired region. Manual failover can be done in the event of a regional disaster or an extended service outage. You can also perform a planned failover to test your disaster recovery capabilities, although we recommend using a test IoT hub rather than one running in production.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/tutorial-manual-failover

NEW QUESTION # 49
You have an Azure IoT hub and three Azure IoT Edge devices. The device twin code for each device is shown in the following table.

A standard automatic deployment is already applied.
You have three layered deployments. The deployment code for each deployment is shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION # 50
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure IoT solution that includes an Azure IoT hub, a Device Provisioning Service instance, and
1,000 connected IoT devices.
All the IoT devices are provisioned automatically by using one enrollment group.
You need to temporarily disable the IoT devices from the connecting to the IoT hub.
Solution: From the Device Provisioning Service, you disable the enrollment group, and you disable device entries in the identity registry of the IoT hub to which the IoT devices are provisioned.
Does the solution meet the goal?

• A. No
• B. Yes

Answer: B

Explanation:
You may find it necessary to deprovision devices that were previously auto-provisioned through the Device Provisioning Service.
In general, deprovisioning a device involves two steps:
1. Disenroll the device from your provisioning service, to prevent future auto-provisioning. Depending on whether you want to revoke access temporarily or permanently, you may want to either disable or delete an enrollment entry.
2. Deregister the device from your IoT Hub, to prevent future communications and data transfer. Again, you can temporarily disable or permanently delete the device's entry in the identity registry for the IoT Hub where it was provisioned.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/iot-dps/how-to-unprovision-devices

NEW QUESTION # 51
You need to enable telemetry message tracing through the entire IoT solution.
What should you do?

• A. Monitor device lifecycle events.
• B. Implement distributed tracing.
• C. Enable the DeviceTelemetry diagnostic log and stream the log data to an Azure event hub.
• D. Upload IoT device logs by using the File upload feature.

Answer: B

Explanation:
Explanation
IoT Hub is one of the first Azure services to support distributed tracing. As more Azure services support distributed tracing, you'll be able trace IoT messages throughout the Azure services involved in your solution.
Note:
Enabling distributed tracing for IoT Hub gives you the ability to:
Precisely monitor the flow of each message through IoT Hub using trace context. This trace context includes correlation IDs that allow you to correlate events from one component with events from another component. It can be applied for a subset or all IoT device messages using device twin.
Automatically log the trace context to Azure Monitor diagnostic logs.
Measure and understand message flow and latency from devices to IoT Hub and routing endpoints. Start considering how you want to implement distributed tracing for the non-Azure services in your IoT solution.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-distributed-tracing

NEW QUESTION # 52
You have an Azure IoT Central application that monitors 100 IoT devices.
You need to generate alerts when the temperature of a device exceeds 100 degrees. The solution must meet the following requirements:
* Minimize costs
* Minimize deployment time
What should you do?

• A. Perform a data export to Azure Service Bus.
• B. Create a rule that uses an email action.
• C. Perform a data export to Azure Blob storage and create an Azure function.
• D. Create an email property in the device templates.

Answer: B

Explanation:
Explanation
Explanation:
You can create rules in IoT Central that trigger actions, such as sending an email, in response to telemetry- based conditions, such as device temperature exceeding a threshold.
Reference:
https://docs.microsoft.com/en-us/azure/iot-central/core/howto-configure-rules-advanced Implement security Question Set 1

NEW QUESTION # 53
You have 1,000 IoT devices that connect to an Azure IoT hub.
Each device has a property tag named city that is used to store the location of the device.
You need to update the properties on all the devices located at an office in the city of Seattle as quickly as possible. Any new devices in the Seattle office that are added to the IoT hub must receive the updated properties also.
What should you do?

• A. From Automatic Device Management, create an IoT device configuration.
• B. Create a scheduled job by using the IoT Hub service SDKs.
• C. Deploy an Azure IoT Edge transparent gateway to the Seattle office and deploy an Azure Stream Analytics edge job.
• D. From the IoT hub, generate a query for the target devices.

Answer: A

Explanation:
Automatic device management in Azure IoT Hub automates many of the repetitive and complex tasks of managing large device fleets. With automatic device management, you can target a set of devices based on their properties, define a desired configuration, and then let IoT Hub update the devices when they come into scope. This update is done using an automatic device configuration or automatic module configuration, which lets you summarize completion and compliance, handle merging and conflicts, and roll out configurations in a phased approach.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-automatic-device-management

NEW QUESTION # 54
......

Get AZ-220 Actual Free Exam Q&As to Prepare Certification: https://www.itpass4sure.com/AZ-220-practice-exam.html

AZ-220 100% Guarantee Download AZ-220 Exam PDF Q&A: https://drive.google.com/open?id=1_X-KxNJ2Yh-737gssw43zMIa4BN_QDb0