After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure IoT solution that includes an Azure IoT hub, a Device Provisioning Service instance, and 1,000 connected IoT devices.
All the IoT devices are provisioned automatically by using one enrollment group.
You need to temporarily disable the IoT devices from the connecting to the IoT hub.
Solution: From the Device Provisioning Service, you disable the enrollment group, and you disable device entries in the identity registry of the IoT hub to which the
IoT devices are provisioned.
Does the solution meet the goal?

A. Yes

B. No

You need to update the IoT Edge runtime by using rolling tags.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. On the IoT Edge device, remove the edgeHub and edgeAgent container images.

B. Modify the systemModules section of the deployment manifest JSON file.

C. On the IoT Edge device, update the security daemon.

D. Add an update tag to the IoT Edge device twin.

You have 10 IoT devices that connect to an Azure IoT hub named Hub1.
From Azure Cloud Shell, you run az iot hub monitor-events --hub-name Hub1 and receive the following error message: "az iot hub: 'monitor-events' is not in the 'az iot hub' command group. See 'az iot hub --help'."
You need to ensure that you can run the command successfully.
What should you run first?

A. az iot hub monitor-feedback –hub-name Hub1

B. az iot hub generate-sas-token –hub-name Hub1

C. az iot hub configuration list –hub-name Hub1

D. az extension add -name azure-cli-iot-ext

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Standard tier Azure IoT hub and a fleet of IoT devices.
The devices connect to the IoT hub by using either Message Queuing Telemetry Transport (MQTT) or Advanced Message Queuing Protocol (AMQP).
You need to send data to the IoT devices and each device must respond. Each device will require three minutes to process the data and respond.
Solution: You use direct methods and check the response.
Does this meet the goal?

A. Yes

B. No

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains an Azure IoT hub named Hub1 and an Azure IoT Edge device named Device1.
You need to configure Device1 to operate in extended offline mode and to support modifying the configuration of modules deployed to Device1 while the device offline.
Solution: From Azure Cloud Shell, you run the following Azure CLI command.
az lot edge set-modules --device-id Device1 --hub-name Hub1 --content deployment.json
Does this meet the goal?

A. Yes

B. No

DRAG DROP
-
You have an Azure IoT hub.
You need to deploy a Device Provisioning Service instance that uses X.509 attestation to support new IoT devices.
Which three actions should you perform in sequence in the Azure portal? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
 

You have 10,000 IoT devices that connect to an Azure IoT hub. The devices do not support over-the-air (OTA) updates.
You need to decommission 1,000 devices. The solution must prevent connections and autoenrollment for the decommissioned devices.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Update the connectionState device twin property on all the devices.

B. Blacklist the X.509 root certification authority (CA) certificate for the enrollment group.

C. Delete the enrollment entry for the devices.

D. Remove the identity certificate from the hardware security module (HSM) of the devices.

E. Delete the device identity from the device registry of the IoT hub.

How should you complete the GROUP BY clause to meet the Streaming Analytics requirements?

A. GROUP BY HoppingWindow(Second, 60, 30)

B. GROUP BY TumblingWindow(Second, 30)

C. GROUP BY SlidingWindow(Second, 30)

D. GROUP BY SessionWindow(Second, 30, 60)

You have ab Azure subscription that contains an Azure IoT hub named Hub1, 50 IoT devices, and an Azure Blob storage account named storage1.
Hub1 will be used to route data from the IoT devices to storage1.
You enable private endpoint access for Hub1.
You need to ensure that Hub1 can route the data to storage1.
What should you do?

A. On Hub1, create a shared access policy.

B. On Hub1, add an X.509 certificate.

C. Deploy an Azure IoT Edge gateway device.

D. On Hub1, configure a system-assigned managed identity.

You plan to deploy an Azure IoT hub. The solution must ensure that when connecting to the IoT hub, IoT devices can only authenticate by presenting a certificate that is encrypted with a 256-bit AES key and uses a SHA384 hash.
You need to configure the Azure Resource Manager (ARM) template to deploy the IoT hub.
Which property should you configure?

A. disableLocalAuth

B. authenticationType

C. minTlsVersion

D. authorizationPolicies

You have an existing Azure IoT hub.
You use IoT Hub jobs to schedule long running tasks on connected devices.
Which two operations do the IoT Hub jobs support directly? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Trigger Azure functions.

B. Invoke direct methods.

C. Update desired properties.

D. Send cloud-to-device messages.

E. Disable IoT device registry entries.

You create an Azure IoT hub by running the following command. az iot hub create --resource-group MyResourceGroup --name MyIotHub --sku B1 --location westus --partition-count 4
What does MylotHub support?

A. Device Provisioning Service

B. cloud-to-device messaging

C. Azure IoT Edge

D. device twins

HOTSPOT
-
You are creating an Azure Digital Twins query.
You need to return all the digital twins that have a contains relationship with a digital twin that has an ID of twin1.
How should you complete the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

You need to visualize Azure IoT Hub telemetry data by using Microsoft Power BI.
Which service should you connect to the IoT hub?

A. Azure Event Grid

B. SendGrid

C. Azure Stream Analytics

D. Azure Notification Hubs

DRAG DROP -
You are troubleshooting device connections to and disconnections from an Azure IoT hub.
You configure diagnostic logging for the IoT hub to send to Log Analytics.
You need to generate a report that displays the device connection and disconnection events.
How should you complete the query? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
 

You have an Azure IoT solution that includes an Azure IoT hub named hub1.
You plan to deploy an Azure Time Series Insights Gen 2 environment and connect the environment to hub1.
You need to use the device ID from hub1 as the Time Series ID.
What should you set as the Time Series ID when creating the environment?

A. device-id

B. connection-device-id

C. iothub-connection-device-id

D. deviceId

You have an Azure IoT solution that contains an Azure IoT Edge device named Edge1.
Edge1 fails to start.
You connect to Edge1 and identify the following:
•	The IoT Edge agent is running.
•	The IoT Edge agent continually reports the following error: “Empty dconfig file.”
•	No modules have started.
You need to ensure that Edge1 starts successfully.
What should you do?

A. Update the /etc/hosts file for the host operating system and restart Edge1.

B. Reapply the iotedge config and restart Edge1.

C. Specify a DNS server for the container engine and restart Edge1.

D. Restart the Docker service.

You have an Azure IoT solution that contains 20 IoT devices. Each device typically sends five Message Queuing Telemetry Transport (MQTT) messages per minute.
You need to configure an alert to detect which devices have an anomalous MQTT message send rate.
What should you do?

A. Create an Azure IoT hub and an IoT alert that has the following settings:• Condition: C2D message deliveries completed• Threshold: Static• Threshold value: 15• Aggregation granularity: 5 minutes

B. Create an Azure IoT hub and an IoT alert that has the following settings:• Condition: C2D message deliveries completed• Threshold: Static• Operator: Greater than• Aggregation type: Average• Threshold value: 30

C. Enable Azure Defender for IoT and create a custom rule that has the following settings:• Custom Alert: Number of device to cloud messages (MQTT protocol) is not in allowed range• Minimal Threshold: 30• Maximum Threshold: 60• Time Window Size: 00:05:00

D. Enable Azure Defender for IoT and create a custom rule that has the following settings:• Custom Alert: Number of device to cloud messages (MQTT protocol) is not in allowed range• Minimal Threshold: 20• Maximum Threshold: 30• Time Window Size: 00:05:00

HOTSPOT
-
You have an Azure subscription that contains an Azure IoT hub named Hub1 and the IoT devices shown in the following table.
 
You have the automatic device configurations shown in the following table.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

You have an Azure Stream Analytics workspace that contains a Stream Analytics job.
You need to create a JavaScript user-defined aggregate (UDA) method that will recalculate the UDA state based on the previous state and the current event values. The UDA method must be called when an event leaves a SLIDINGWINDOW.
Which UDA method should you use?

A. deaccumulateState()

B. accumulate()

C. computeResult()

D. deaccumulate()

You have an Azure IoT solution.
You need to implement multi-factor device authentication by using custom device authentication.
What should you do first?

A. Create an Azure Policy definition for Azure IoT Hub.

B. Enable multi-factor authentication (MFA) for Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra.

C. Create a service endpoint policy.

D. Deploy a security token service.

You have an IoT device that has the following configurations:
✑ Hardware: Raspberry Pi
✑ Operating system: Raspbian
You need to deploy Azure IoT Edge to the device.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Update the IoT Edge runtime.

B. Install the IoT Edge security daemon.

C. Run the Deploy-IoTEdge PowerShell cmdlet on the IoT Edge device.

D. Install the container runtime.

You have an Azure IoT hub that uses a Device Provisioning Service instance to automate the deployment of Azure IoT Edge devices.
The IoT Edge devices have a Trusted Platform Module (TPM) 2.0 chip.
From the Azure portal, you plan to add an individual enrollment to the Device Provisioning Service that will use the TPM of the IoT Edge devices as the attestation mechanism.
Which detail should you obtain before you can create the enrollment?

A. the scope ID and the Device Provisioning Service endpoint

B. the primary key of the Device Provisioning Service shared access policy and the global device endpoint

C. the X.509 device certificate and the certificate chain

D. the endorsement key and the registration ID

HOTSPOT
-
You have an Azure IoT solution that includes an IoT device named Device1.
You need to enable an IoT Plug and Play app for Device1.
How should you complete the device connection? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

DRAG DROP -
You have 100 devices that connect to an Azure IoT hub.
You need to be notified about failed local logins to a subset of the devices.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have devices that connect to an Azure IoT hub. Each device has a fixed GPS location that includes latitude and longitude.
You discover that a device entry in the identity registry of the IoT hub is missing the GPS location.
You need to configure the GPS location for the device entry. The solution must prevent the changes from being propagated to the physical device.
Solution: You add the desired properties to the device twin.
Does the solution meet the goal?

A. Yes

B. No

DRAG DROP
-
You are building an IoT device management application by using the Azure IoT Hub Service SDK.
You need to configure the application to send instructions via an IoT hub to IoT devices.
How should you complete the code? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure IoT solution that includes an Azure IoT hub and an Azure IoT Edge device.
You plan to deploy 10 Bluetooth sensors. The sensors do not support MQTT, AMQP, or HTTPS.
You need to ensure that all the sensors appear in the IoT hub as a single device.
Solution: You configure the IoT Edge device as an IoT Edge identity translation gateway. You configure the sensors to connect to the device.
Does this meet the goal?

A. Yes

B. No

You have an Azure IoT solution that includes an Azure IoT hub.
You plan to deploy 10,000 IoT devices.
You need to validate the performance of the IoT solution while 10,000 concurrently connected devices stream telemetry. The solution must minimize effort.
What should you deploy?

A. an Azure IoT Device Simulation from Azure IoT Solution Accelerator

B. an Azure function, an IoT Hub device SDK, and a timer trigger

C. Azure IoT Central application and a template for the retail industry

D. an Azure IoT Edge gateway configured as a protocol translation gateway

You have an Azure IoT Hub deployment.
You plan to deploy 1,000 IoT devices that will have 1 MB of RAM. The devices will be deployed behind firewalls that block port 443.
You need to configure the communication protocol for the devices. The solution must ensure that each device uses unique credentials.
Which protocol should you use?

A. AMQP

B. MQTT over WebSockets

C. MQTT

D. AMQP over WebSockets

You enable Azure Security Center for IoT.
You need to onboard a device to Azure Security Center.
What should you do?

A. Add the azureiotsecurity module identity to the Azure IoT Hub device identity.

B. Open incoming TCP port 8883 on the device.

C. Modify the connection string of the device.

D. Install an X.509 certificate on the hardware security module (HSM) of the device.

HOTSPOT
-
You are planning a project that will use an Azure IoT hub.
You have two authentication certificates named Cert1 and Cert2. Cert1 is a CA signed certificate and Cert 2 is a leaf certificate.
You need to identify which certificates to use.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have an Azure IoT hub.
You have four Azure IoT Edge devices and the device twin code shown in the following table.
 
You have three deployments and the deployment code shown in the following table.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

You have an Azure subscription that contains an Azure IoT hub and two Azure IoT Edge devices named Device1 and Device2.
You need to ensure that the IoT hub only accepts connections from Device1 and Device2.
What should you configure?

A. Azure API Management

B. Azure Active Directory (Azure AD) Identity Protection

C. Azure Defender for IoT

D. an IP filter

You have an Azure subscription that contains an Azure IoT hub and two Azure IoT Edge devices named Device1 and Device2.
You need to ensure that the IoT hub only accepts connections from Device1 and Device2.
What should you configure?

A. Azure Defender for IoT

B. Azure Active Directory (Azure AD) External Identities

C. Azure Active Directory (Azure AD) Identity Protection

D. an IP filter

DRAG DROP -
You have an Azure IoT Central application that includes a Device Provisioning Service instance.
You need to connect IoT devices to the application without first registering the devices.
In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
 

HOTSPOT -
You have the following device twin for the IoT device.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have an Azure IoT Edge module named SampleModule that runs on a device named Device1.
You make changes to the code of SampleModule by using Microsoft Visual Studio Code.
You need to push the code to the container registry and then deploy the module to Device1.
Which two actions should you perform from Visual Studio Code? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Build and push the SampleModule code to the registry.

B. Create a deployment for a single device.

C. Upload to Azure Storage.

D. Build an IoT Edge solution.

E. Generate a shared access signature (SAS) token for Device1.

You have an Azure IoT hub that uses a Device Provisioning Service (DPS) instance.
For 100 legacy devices, you plan to create a new device enrollment that will use symmetric key attestation. The solution must minimize administrative effort.
What should you use to derive the device key?

A. the subscription ID

B. the IoT hub name

C. the group master key

D. the primary key of the DPS shared access policy

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have 20 IoT devices deployed across two floors of a building. The devices on the first floor must be set to 60 degrees. The devices on the second floor must be set to 80 degrees.
The device twins are configured to use a tag that identifies the floor on which the twins are located.
You create the following automatic configuration for the devices on the first floor.
 
You create the following automatic configuration for the devices on the second floor.
 
The IoT devices on the first floor report that the temperature is set to 80 degrees.
You need to ensure that the first-floor devices are set to the correct temperature.
Solution: In the automatic configuration for the second-floor devices, you set targetCondition to "tags.floor='second'".
Does this meet the goal?

A. Yes

B. No

HOTSPOT -
You create a new IoT device named device1 on iothub1. The primary key value assigned to device1 is Uihuih76hbHb.
How should you complete the device connection string? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have an Azure IoT hub and an Azure virtual network.
You configure a private endpoint for the IoT hub.
You need to ensure that the IoT hub can send data to downstream services.
What should you create first?

A. a consumer group

B. a managed identity

C. a message route

D. an IP filter rule

DRAG DROP
-
You have an Azure subscription that contains an Azure IoT hub and 100 IoT devices.
The devices connect to the IoT hub by using the Message Queuing Telemetry Transport (MQTT) protocol and authenticate to the IoT hub by using symmetric keys.
You need to configure the username and password for the MQTT connection.
What should you use? To answer, drag the appropriate components to the correct targets. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
 

You are developing an Azure IoT Central application.
You add a new custom device template to the application.
You need to add a fixed location value to the device template. The value must be updated by the physical IoT device, read-only to device operators, and not graphed by IoT Central.
What should you add to the device template?

A. a Location property

B. a Location telemetry

C. a Cloud property

You have an Azure subscription that contains an Azure IoT hub and two Azure IoT Edge devices named Device1 and Device2.
You need to ensure that the IoT hub only accepts connections from Device1 and Device2.
What should you configure?

A. a private endpoint connection

B. Azure API Management

C. Azure Active Directory (Azure AD) Identity Protection

D. a gateway device

HOTSPOT
-
You have an Azure IoT solution that includes an IoT device named Device1.
You are creating an IoT Plug and Play model for Device1.
On Device1, you create a device model file in a folder named dtmi/com/source/.
How should you complete the model? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You create an Azure IoT hub as shown in the following exhibit.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

You plan to deploy an Azure IoT hub.
The IoT hub must support the following:
✑ Three Azure IoT Edge devices
✑ 2,500 IoT devices
Each IoT device will spend a 6 KB message every five seconds.
You need to size the IoT hub to support the devices. The solution must minimize costs.
What should you choose?

A. one unit of the S1 tier

B. one unit of the B2 tier

C. one unit of the B1 tier

D. one unit of the S3 tier

DRAG DROP -
You have an Azure IoT solution that includes an Azure IoT hub, a Device Provisioning Service instance, and 1,000 connected IoT devices. The IoT devices are allocated to four enrollment groups. Each enrollment group is configured to use certificate attestation.
You need to decommission all the devices in a single enrollment group and the enrollment group itself.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
 

You have an Azure IoT Central solution.
You need to verify that telemetry messages from devices arrive to IoT Central.
What should you use?

A. the Azure IoT explorer

B. the az command in Azure CLI

C. Azure Service Bus Explorer

D. the Azure IoT Tools for VS Code extension pack