Cloud Platform Solutions - D084
270 QUESTIONS AND ANSWERS
WELL VERIFIED AND GRADED
A+
1. What is a service administrator?: The person responsible for managing the
services within a subscription.
2. How many account co-administrators can there be per subscription?: Up to
200.
3. What does RBAC stand for?: Role-Based Access Control
4. What are the two types of roles in RBAC?: Builtin and custom roles
5. What can the Owner role do in RBAC?: Manage resources, security, and role
assignments
6. What are the scopes where RBAC can be applied?: Management Group,
Subscription, Resource Group, Resources
, .
7. What happens when you give permissions at the management group level in
RBAC?: They inherit access to subscriptions, resource groups, and resources 8.
Which role assignment takes precedence in RBAC?: The one with the highest
scope (subscription level)
9. What is the maximum number of role assignments per subscription in
RBAC?: 2000
10. What is the maximum number of role assignments per management group
in RBAC?: 500
11. What roles are required to create/remove role assignments in RBAC?: -
Owner or User Access Administrator roles (or a custom role)
12. Can custom roles be shared between subscriptions?: Yes, if they share the
same AD directory
13. What is the maximum number of custom roles per directory?: 5000 14. What
are the three ways to create custom roles in RBAC?: Clone from existing
roles, start from scratch, or use a JSON file
15. What are the elements of a JSON role definition in RBAC?: Name, Id,
Description, Iscustom, Actions/NotActions, AssignableScopes
16. What is a subscription in Azure?: A billing boundary
17. What is a resource in Azure?: A service instance
18. Can resource groups be renamed in Azure?: No
19. What is Azure Policy used for?: To create, assign, and manage policies for
governance in Azure environment
, .
20. What is the difference between Policy and RBAC in Azure?: Policy allows by
default and must explicitly deny, while RBAC denies by default and must
explicitly allow
21. What are initiative definitions in Azure Policy?: A set of policies applied to a
scope
22. What is an initiative assignment in Azure Policy?: The scope where the
initiative definition is applied
23 What are the elements of a policy definition in Azure Policy?: Mode,
Parameters, Display Name, Description, Policy Rule
24. What are the scopes in Azure Policy?: Management Group, Subscription,
Resource Group, Resource
25. What is a Management Group?: Applies to all child management groups and
subscriptions.
26. What is a Subscription?: Applies to all child resource groups.
27. What is a Resource Group?: Applies to all child resources.
28. What are Excluded Scopes?: Scopes excluded from a policy scope.
29. What is a CanNotDelete lock?: Prevents deletions of a resource.
30. What is a ReadOnly lock?: Prevents deletions and modification of a resource.
31. What are the Resource Lock Scopes?: Subscription, Resource Group,
Resources.
270 QUESTIONS AND ANSWERS
WELL VERIFIED AND GRADED
A+
1. What is a service administrator?: The person responsible for managing the
services within a subscription.
2. How many account co-administrators can there be per subscription?: Up to
200.
3. What does RBAC stand for?: Role-Based Access Control
4. What are the two types of roles in RBAC?: Builtin and custom roles
5. What can the Owner role do in RBAC?: Manage resources, security, and role
assignments
6. What are the scopes where RBAC can be applied?: Management Group,
Subscription, Resource Group, Resources
, .
7. What happens when you give permissions at the management group level in
RBAC?: They inherit access to subscriptions, resource groups, and resources 8.
Which role assignment takes precedence in RBAC?: The one with the highest
scope (subscription level)
9. What is the maximum number of role assignments per subscription in
RBAC?: 2000
10. What is the maximum number of role assignments per management group
in RBAC?: 500
11. What roles are required to create/remove role assignments in RBAC?: -
Owner or User Access Administrator roles (or a custom role)
12. Can custom roles be shared between subscriptions?: Yes, if they share the
same AD directory
13. What is the maximum number of custom roles per directory?: 5000 14. What
are the three ways to create custom roles in RBAC?: Clone from existing
roles, start from scratch, or use a JSON file
15. What are the elements of a JSON role definition in RBAC?: Name, Id,
Description, Iscustom, Actions/NotActions, AssignableScopes
16. What is a subscription in Azure?: A billing boundary
17. What is a resource in Azure?: A service instance
18. Can resource groups be renamed in Azure?: No
19. What is Azure Policy used for?: To create, assign, and manage policies for
governance in Azure environment
, .
20. What is the difference between Policy and RBAC in Azure?: Policy allows by
default and must explicitly deny, while RBAC denies by default and must
explicitly allow
21. What are initiative definitions in Azure Policy?: A set of policies applied to a
scope
22. What is an initiative assignment in Azure Policy?: The scope where the
initiative definition is applied
23 What are the elements of a policy definition in Azure Policy?: Mode,
Parameters, Display Name, Description, Policy Rule
24. What are the scopes in Azure Policy?: Management Group, Subscription,
Resource Group, Resource
25. What is a Management Group?: Applies to all child management groups and
subscriptions.
26. What is a Subscription?: Applies to all child resource groups.
27. What is a Resource Group?: Applies to all child resources.
28. What are Excluded Scopes?: Scopes excluded from a policy scope.
29. What is a CanNotDelete lock?: Prevents deletions of a resource.
30. What is a ReadOnly lock?: Prevents deletions and modification of a resource.
31. What are the Resource Lock Scopes?: Subscription, Resource Group,
Resources.
