Free Microsoft AZ-220 Exam Actual Questions

The questions for AZ-220 were last updated On Nov 7, 2024

Question No. 1

You need to recommend a solution to keep device properties synced to IoT Hub. The solution must minimize data loss caused by the connectivity issues.

What should you include in the recommendation?

Show Answer Hide Answer
Correct Answer: C

Scenario: You discover connectivity issues between the IoT gateway devices and iothub1, which cause IoT devices to lose connectivity and messages.

To synchronize state information between a device and an IoT hub, you use device twins. A device twin is a JSON document, associated with a specific device, and stored by IoT Hub in the cloud where you can query them. A device twin contains desired properties, reported properties, and tags.


https://docs.microsoft.com/en-us/azure/iot-hub/tutorial-device-twins

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next sections of the exam. After you begin a new section, you cannot return to this section.

Question No. 2

You have an Azure loT solution that includes an Azure loT hub named Hub! and an Azure Edge loT device named iotedge1.

You need to review the modules deployed to iotedge1.

Which Azure Command-Line Interface (CLI) command should you run?

Show Answer Hide Answer
Correct Answer: B

Question No. 3

You have 10,000 IoT devices that connect to an Azure IoT hub. The devices do not support over-the-air (OTA) updates.

You need to decommission 1,000 devices. The solution must prevent connections and autoenrollment for the decommissioned devices.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Answer Hide Answer
Correct Answer: B, C

B: X.509 certificates are typically arranged in a certificate chain of trust. If a certificate at any stage in a chain becomes compromised, trust is broken. The certificate must be blacklisted to prevent Device Provisioning Service from provisioning devices downstream in any chain that contains that certificate.

C: Individual enrollments apply to a single device and can use either X.509 certificates or SAS tokens (in a real or virtual TPM) as the attestation mechanism. (Devices that use SAS tokens as their attestation mechanism can be provisioned only through an individual enrollment.) To blacklist a device that has an individual enrollment, you can either disable or delete its enrollment entry.

To blacklist a device that has an individual enrollment, you can either disable or delete its enrollment entry. Reference:

https://docs.microsoft.com/en-us/azure/iot-dps/how-to-revoke-device-access-portal


Question No. 4

You have an Azure loT Central solution

You need to verify that telemetry messages from devices arrive to loT Central.

What should you use?

Show Answer Hide Answer
Correct Answer: B

Question No. 5

You have an Azure loT solution that contains a Device Provisioning Service (DPS) instance and 100 loT devices.

You plan to configure firewall rules to ensure that the loT devices only communicate with Azure loT Hub DPS endpoints.

You need to retrieve the current IP address prefixes for the loT Hub DPS endpoints.

What should you query?

Show Answer Hide Answer
Correct Answer: C