0
0
Azurecloud~20 mins

Policy assignments and compliance in Azure - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Azure Policy Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Understanding Azure Policy Assignment Scope

In Azure, when you assign a policy, you must specify the scope. Which of the following scopes is not valid for a policy assignment?

AA resource group
BA subscription
CA management group
DAn individual virtual machine instance
Attempts:
2 left
💡 Hint

Think about the levels at which Azure policies can be applied.

service_behavior
intermediate
2:00remaining
Effect of a Deny Policy on Resource Creation

You have an Azure policy assigned with the effect set to Deny for creating storage accounts in a specific region. What happens when a user tries to create a storage account in that region?

AThe creation request is blocked and the storage account is not created.
BThe storage account is created but marked as non-compliant.
CThe storage account is created and a warning is sent to the administrator.
DThe storage account is created but with limited features.
Attempts:
2 left
💡 Hint

Consider what the Deny effect means in Azure Policy.

Architecture
advanced
2:30remaining
Designing Policy Compliance Reporting

You want to design a solution to monitor compliance of multiple subscriptions under a management group using Azure Policy. Which approach will provide a centralized compliance report for all subscriptions?

AAssign policies at the management group level and use Azure Policy compliance dashboard at management group scope.
BUse Azure Monitor logs to track compliance without assigning policies.
CAssign policies individually to each subscription and check compliance per subscription.
DAssign policies at the resource group level and aggregate reports manually.
Attempts:
2 left
💡 Hint

Think about how Azure Policy inheritance works and where compliance data is aggregated.

security
advanced
2:30remaining
Impact of Policy Exemptions on Compliance

You have a policy assigned to a subscription that restricts public IP addresses. You create an exemption for a specific resource group. What is the impact of this exemption on compliance reporting?

AThe exemption disables the policy for the entire subscription.
BResources in the exempted resource group are excluded from compliance evaluation for that policy.
CThe exemption causes all resources to be marked non-compliant.
DThe exemption only applies to new resources created after the exemption is set.
Attempts:
2 left
💡 Hint

Consider how policy exemptions affect compliance evaluation scope.

Best Practice
expert
3:00remaining
Optimizing Policy Assignments for Large Environments

In a large Azure environment with hundreds of subscriptions, what is the best practice to efficiently manage and enforce policies while minimizing administrative overhead?

AAssign policies only at the resource group level to limit scope.
BAssign policies individually to each subscription to maintain granular control.
CUse management groups to assign policies at higher levels and leverage inheritance.
DAvoid using Azure Policy and rely on manual audits.
Attempts:
2 left
💡 Hint

Think about how Azure Policy inheritance and management groups help scale policy management.