Here are 20 common questions and answers about Azure Databricks Platform Architect
This is a 20 questions quiz and exam that will test your knowledge about
concepts related to Databricks platform administration on
Azure. These questions will assess your knowledge about cloud-specific
elements of the platform, including integration with managed services
and security best practices.
Let's Test and practice Your Knowledge in Azure Databricks Platform Architect !!!
1) What are two benefits of Azure Databricks being a first-party service to Microsoft? (Choose two answers)
- It is supported by Microsoft’s SLAs.
- It is recommended to users when they create data resources.
- It is not part of Microsoft’s billing structure.
- It is covered by Microsoft’s Trust and Compliance assurances.
THE CORRECT ANSWER IS:
It is supported by Microsoft’s SLAs.
It is covered by Microsoft’s Trust and Compliance assurances.
2) Which three items are minimally required for creating an Azure Databricks workspace? (Choose three answers)
- A workspace name
- An Azure firewall
- A selected Azure region
- A resource group
- A pre-created VNet
THE CORRECT ANSWER IS:
A workspace name
A selected Azure region
A resource group
3) What is a service principal in Azure Databricks?
- A trusted identity object representing a separate resource that is controlled and provided permissions or restrictions in the same way as human users.
- A user object established specifically for non-human resources that will be using Azure Databricks for data analysis purposes.
- A data object representing a data resource in the Azure Portal environment that will be utilized by users within Azure Databricks.
THE CORRECT ANSWER IS:
A trusted identity object representing a separate resource that is controlled and provided permissions or restrictions in the same way as human users.
4) Why would you create a VNet injected Azure Databricks workspace?
- When you need a simple, ephemeral workspace.
- When you need to access the workspace from an external IP address.
- When you need additional control over the network.
THE CORRECT ANSWER IS:
When you need additional control over the network.
5) What is Secure Cluster Connectivity?
- A configuration setting that establishes the Azure Databricks workspace with no public IP address for maximum security and flexibility.
- A feature of Azure Databricks that adds an extra layer of security between the cluster nodes to prevent unauthorized traffic.
- A tool for securely connecting compute clusters with data storage resources to prevent data loss or exfiltration.
THE CORRECT ANSWER IS:
A configuration setting that establishes the Azure Databricks workspace with no public IP address for maximum security and flexibility.
6) What is one of the use cases for Azure Databricks Private Link?
- To create a private network connection between the Azure Databricks control plane and the Azure Databricks data plane or end user.
- To create a private access connector to securely connect an ADLS Gen2 storage account with an Azure Databricks control plane.
- To create a private subnet in the dedicated VNet for communication between compute cluster containers and VMs.
THE CORRECT ANSWER IS:
To create a private network connection between the Azure Databricks control plane and the Azure Databricks data plane or end user.
7) Which service allows tools like Terraform and ARM templates to work in Azure to deploy Azure Databricks workspaces?
- Being managed services.
- Azure Resource Manager.
- Azure Infrastructure as a Service Platform.
- Azure Databricks API offering.
THE CORRECT ANSWER IS:
Azure Resource Manager.
8) Azure Databricks is included and used in which three layers of the data reference architecture? (Choose three answers)
- Serve
- Ingest
- Process
- Store
THE CORRECT ANSWER IS:
ServeProcess
Store
9) What are the two designated subnets associated with an Azure Databricks workspace designed to do?
- To specify the Azure region the workspace belongs to and how the workspace communicates with other workspaces in that region.
- To allocate appropriate IP address ranges for communications between the control plane and data plane.
- To facilitate communication between the container nodes of the compute cluster and the VMs around those node containers.
THE CORRECT ANSWER IS:
To facilitate communication between the container nodes of the compute cluster and the VMs around those node containers.
10) In which location is local VNet Peering used in an Azure Databricks data ecosystem?
- Between the compute cluster container nodes and control plane.
- Between resources with local IP addresses in the cloud data infrastructure.
- Between two separate Azure Databricks workspaces in the same Azure account.
- Between the control plane and the data plane of the Azure Databricks account.
THE CORRECT ANSWER IS:
Between resources with local IP addresses in the cloud data infrastructure.
11) For which two reasons would you use UDRs for managing network traffic for an Azure Databricks workspace? (Choose two answers)
- To override BGP that may be confusing or incorrect.
- Blocking user traffic from accessing Azure Databricks when accessing the workspace from a non listed IP Address.
- To forbid ingress traffic from the public internet.
- To control and direct the network traffic between cloud resources, Azure Databricks, networks, or firewalls.
THE CORRECT ANSWER IS:
To override BGP that may be confusing or incorrect.
To control and direct the network traffic between cloud resources, Azure Databricks, networks, or firewalls.12) What is the purpose of an IP Access list?
- Controlling the approved IP addresses that can connect to an Azure Databricks workspace for security and DLP purposes.
- Controlling the VNet Peering options associated with an Azure Databricks workspace for ease of network traffic and bandwidth.
- Controlling the access points that are authorized for users to edit SQL warehouse configurations and cluster creation.
THE CORRECT ANSWER IS:
Controlling the approved IP addresses that can connect to an Azure Databricks workspace for security and DLP purposes.
13) Which two tools does Azure Databricks provide data governance and access control? (Choose two answers)
- Route Lists
- Firewalls
- Azure Active Directory
- Unity Catalog
- IP Access Lists
THE CORRECT ANSWER IS:
Unity Catalog
IP Access Lists
14) Which two records are required in an Azure DNS for a Private Link enabled Azure Databricks workspace? (Choose two answers)
- SRV Service records
- Azure DB AName record
- OAuth Callback CNames
- A record for the control plane
THE CORRECT ANSWER IS:
OAuth Callback CNames
A record for the control plane
15) What resource is necessary for connecting Azure Databricks control plane to a Unity Catalog external storage location?
- A Unity Catalog metastore
- An Azure Databricks Access Connector
- An Azure Storage Manager token
THE CORRECT ANSWER IS:
An Azure Databricks Access Connector
16) How does a service principal interact with an Azure Databricks environment?
- Through the Azure Databricks REST API
- Through identity passthrough
- Through a UI interface widget
THE CORRECT ANSWER IS:
Through the Azure Databricks REST API
17) Which three items can be managed by Unity Catalog? (Choose three answers)
- Notebooks
- Users
- Tables
- Service principals
- Cluster configurations
THE CORRECT ANSWER IS:
Users
Tables
Service principals
18) Which role does an access connector need in order to be used to access a storage account in Azure from within Azure Databricks?
- Owner
- Storage Blob Data Contributor
- Managed Application Contributor Role
- Contributor
THE CORRECT ANSWER IS:
Storage Blob Data Contributor
19) What is added to the end of your Azure Databricks workspace URL to access and create Secret Scopes for use with Azure Key Vaults?
- #secretScope
- #secrets/createScope
- #secretScopeCreate
- #create/secretScope
THE CORRECT ANSWER IS:
#secrets/createScope
20) What is a benefit of using an Unity Catalog metastore?
- A UC metastore can be assigned to multiple workspaces in a single region.
- A UC metastore provides a decentralized access control mechanism.
- Workspaces can have more than one metastore assigned through UC.
THE CORRECT ANSWER IS:
A UC metastore can be assigned to multiple workspaces in a single region.