• Home
  • Articles
  • 100% Free AZ-220 Exam Dumps to Pass Exam Easily from ExamTorrent [Q95-Q119]

100% Free AZ-220 Exam Dumps to Pass Exam Easily from ExamTorrent [Q95-Q119]

Share

100% Free AZ-220 Exam Dumps to Pass Exam Easily from ExamTorrent

Free AZ-220 Exam Questions AZ-220 Actual Free Exam Questions

NEW QUESTION # 95
You are troubleshooting device connections to and disconnections from an Azure IoT hub.
You configure diagnostic logging for the IoT hub to send to Log Analytics.
You need to generate a report that displays the device connection and disconnection events.
How should you complete the query? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text Description automatically generated

Box 1: ResourceProvider ==
Query to monitor your IoT hub connectivity Errors: Identify device connection errors.
AzureDiagnostics
| where ResourceProvider == "MICROSOFT.DEVICES" and ResourceType == "IOTHUBS"
| where Category == "Connections" and Level == "Error"
Box 2: ResourceType ==
Box 3: Category ==
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/monitor-iot-hub


NEW QUESTION # 96
You have an IoT device that has the following configurations:
Hardware: Raspberry Pi Operating system: Raspbian
You need to deploy Azure IoT Edge to the device.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Run the Deploy-IoTEdge PowerShell cmdlet on the IoT Edge device.
  • B. Update the IoT Edge runtime.
  • C. Install the container runtime.
  • D. Install the IoT Edge security daemon.

Answer: B,D

Explanation:
The Azure IoT Edge runtime is what turns a device into an IoT Edge device. The runtime can be deployed on devices as small as a Raspberry Pi or as large as an industrial server.
The IoT Edge security daemon provides and maintains security standards on the IoT Edge device. The daemon starts on every boot and bootstraps the device by starting the rest of the IoT Edge runtime.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/how-to-install-iot-edge


NEW QUESTION # 97
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure IoT solution that includes an Azure IoT hub, a Device Provisioning Service instance, and
1,000 connected IoT devices.
All the IoT devices are provisioned automatically by using one enrollment group.
You need to temporarily disable the IoT devices from connecting to the IoT hub.
Solution: You disconnect the Device Provisioning Service from the IoT hub.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Explanation
Instead, from the Device Provisioning Service, you disable the enrollment group, and you disable device entries in the identity registry of the IoT hub to which the IoT devices are provisioned.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/iot-dps/how-to-unprovision-devices


NEW QUESTION # 98
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have devices that connect to an Azure IoT hub. Each device has a fixed GPS location that includes latitude and longitude.
You discover that a device entry in the identity registry of the IoT hub is missing the GPS location.
You need to configure the GPS location for the device entry. The solution must prevent the changes from being propagated to the physical device.
Solution: You add tags to the device twin. Does the solution meet the goal?

  • A. No
  • B. Yes

Answer: A


NEW QUESTION # 99
You have 10,000 IoT devices that connect to an Azure IoT hub. The devices do not support over-the-air (OTA) updates.
You need to decommission 1,000 devices. The solution must prevent connections and autoenrollment for the decommissioned devices.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Blacklist the X.509 root certification authority (CA) certificate for the enrollment group.
  • B. Delete the device identity from the device registry of the IoT hub.
  • C. Update the connectionState device twin property on all the devices.
  • D. Remove the identity certificate from the hardware security module (HSM) of the devices.
  • E. Delete the enrollment entry for the devices.

Answer: A,E

Explanation:
B: X.509 certificates are typically arranged in a certificate chain of trust. If a certificate at any stage in a chain becomes compromised, trust is broken. The certificate must be blacklisted to prevent Device Provisioning Service from provisioning devices downstream in any chain that contains that certificate.
C: Individual enrollments apply to a single device and can use either X.509 certificates or SAS tokens (in a real or virtual TPM) as the attestation mechanism. (Devices that use SAS tokens as their attestation mechanism can be provisioned only through an individual enrollment.) To blacklist a device that has an individual enrollment, you can either disable or delete its enrollment entry.
To blacklist a device that has an individual enrollment, you can either disable or delete its enrollment entry. Reference:
https://docs.microsoft.com/en-us/azure/iot-dps/how-to-revoke-device-access-portal


NEW QUESTION # 100
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Stream Analytics job that receives input from an Azure IoT hub and sends the outputs to Azure Blob storage. The job has compatibility level 1.1 and six streaming units.
You have the following query for the job.

You plan to increase the streaming unit count to 12.
You need to optimize the job to take advantage of the additional streaming units and increase the throughput.
Solution: You change the compatibility level of the job to 1.2.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Explanation
Max number of Streaming Units with one step and with no partitions is 6.
Reference:
https://docs.microsoft.com/en-us/azure/stream-analytics/stream-analytics-parallelization


NEW QUESTION # 101
You have an Azure IoT solution that contains an Azure IoT hub.
You need to ensure that the IoT hub configuration is compliant with the Health Insurance Portability and Accountability Act (HIPAA) audit logging requirements.
What should you use?

  • A. Azure Advisor recommendations
  • B. Azure Monitor alerts
  • C. an Azure Sentinel workspace
  • D. an Azure Policy definition

Answer: D

Explanation:
Regulatory Compliance in Azure Policy provides Microsoft created and managed initiative definitions, known as built-ins, for the compliance domains and security controls related to different compliance standards, including HIPAA auditing logging.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/security-controls-policy


NEW QUESTION # 102
You have 100 devices that connect to an Azure IoT hub.
You plan to use Azure functions to process all the telemetry messages from the devices before storing the messages.
You need to configure the functions binding for the IoT hub.
Which two configuration details should you use to configure the binding? Each Answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. the connection string of the Azure Event Hub-compatible endpoint from the IoT Hub built-in endpoints
  • B. the Azure Event-Hub compatible name
  • C. the name of the resource group that contains the IoT hub
  • D. the IoT hub's connection string shared access key that has Service connect permissions

Answer: A,B

Explanation:
Explanation
EventHubName: Functions 2.x and higher. The name of the event hub. When the event hub name is also present in the connection string, that value overrides this property at runtime.
Connection: The name of an app setting that contains the connection string to the event hub's namespace.
Copy this connection string by clicking the Connection Information button for the namespace, not the event hub itself. This connection string must have send permissions to send the message to the event stream.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-event-iot-output


NEW QUESTION # 103
You have an Azure IoT hub that uses a Device Provision Service instance.
You plan to deploy 100 IoT devices.
You need to confirm the identity of the devices by using the Device Provision Service.
Which three device attestation mechanisms can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Device Identity Composition Engine (DICE)
    D18912E1457D5D1DDCBD40AB3BF70D5D
  • B. X.509 certificates
  • C. Trusted Platform Module (TPM) 1.2
  • D. Symmetric key
  • E. Trusted Platform Module (TPM) 2.0

Answer: B,D,E

Explanation:
Explanation
The Device Provisioning Service supports the following forms of attestation:
* X.509 certificates based on the standard X.509 certificate authentication flow.
* Trusted Platform Module (TPM) based on a nonce challenge, using the TPM 2.0 standard for keys to present a signed Shared Access Signature (SAS) token. This does not require a physical TPM on the device, but the service expects to attest using the endorsement key per the TPM spec.
* Symmetric Key based on shared access signature (SAS) Security tokens, which include a hashed signature and an embedded expiration.
Reference:
https://docs.microsoft.com/en-us/azure/iot-dps/concepts-service#attestation-mechanism


NEW QUESTION # 104
You have 1,000 devices that connect to an Azure IoT hub.
You are performing a scheduled check of deployed IoT devices. You plan to run the following command from the Azure CLI prompt.
aziot hub query --hub-name hub1 --query-command "SELECT * FROM devices WHERE connectionState = 'Disconnected'" What does the command return?

  • A. the Device Disconnected events
  • B. the device twins
  • C. the Connections logs
  • D. the device credentials

Answer: A

Explanation:
The IoT Hub publishes the Microsoft.Devices.DeviceDisconnected event type, which is published when a device is disconnected from an IoT hub.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-event-grid#event-types


NEW QUESTION # 105
You create an Azure Stream Analytics job that has the following query.

The job is configured to have an Azure IoT Hub input and an output to an Azure function.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/stream-analytics-query/time-management-azure-stream-analytics


NEW QUESTION # 106
You have an Azure IoT hub that uses a Device Provisioning Service instance to automate the deployment of Azure IoT Edge devices.
The IoT Edge devices have a Trusted Platform Module (TPM) 2.0 chip.
From the Azure portal, you plan to add an individual enrollment to the Device Provisioning Service that will use the TPM of the IoT Edge devices as the attestation mechanism.
Which detail should you obtain before you can create the enrollment.

  • A. the X.509 device certificate and the certificate chain
  • B. the endorsement key and the registration ID
  • C. the primary key of the Device Provisioning Service shared access policy and the global device endpoint
  • D. the scope ID and the Device Provisioning Service endpoint

Answer: B

Explanation:
The TPM simulator's Registration ID and the Endorsement key, are used when you create an individual enrollment for your device.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/how-to-auto-provision-simulated-device-linux Implement Edge Question Set 1


NEW QUESTION # 107
You need to configure a gateway for the child devices. The solution must meet the networking requirements. Which gateway pattern should you use?

  • A. identity translation
  • B. protocol translation
  • C. transparent

Answer: C


NEW QUESTION # 108
You have the devices shown in the following table.

You are implementing a proof of concept (POC) for an Azure IoT solution.
You need to deploy an Azure IoT Edge device as part of the POC.
On which two devices can you deploy IOT Edge? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Device2
  • B. Device1
  • C. Device4
  • D. Device3

Answer: A,D

Explanation:
Explanation
Azure IoT Edge runs great on devices as small as a Raspberry Pi3 to server grade hardware.
Tier 1.
The systems listed in the following table are supported by Microsoft, either generally available or in public preview, and are tested with each new release.

Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/support


NEW QUESTION # 109
You need to configure a digital twin to accept device telemetry data from the loT hub Which four actions should you perform m sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

1 - Deploy an Azure Digital Twins instance.
2 - Create a digital twin.
3 - Upload the digital twin model.
4 - Configuration a system-assigned managed identity for Azure Digital Twins.


NEW QUESTION # 110
You have an Azure IoT hub that uses a Device Provisioning Service instance.
You have 1,000 legacy IoT devices that only support MAC address or serial number identities. The device do NOT have a security feature that can be used to securely identify the device or a hardware security module (HSM).
You plan to deploy the devices to a secure environment.
You need to configure the Device Provisioning Service instance to ensure that all the devices are identified securely before they receive updates.
Which attestation mechanism should you choose?

  • A. symmetric key attestation
  • B. Trusted Platform Module (TPM) 1.2 attestation
  • C. X.509 certificates

Answer: A

Explanation:
Explanation
A common problem with many legacy devices is that they often have an identity that is composed of a single piece of information. This identity information is usually a MAC address or a serial number. Legacy devices may not have a certificate, TPM, or any other security feature that can be used to securely identify the device.
The Device Provisioning Service for IoT hub includes symmetric key attestation. Symmetric key attestation can be used to identify a device based off information like the MAC address or a serial number.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/iot-dps/how-to-legacy-device-symm-key


NEW QUESTION # 111
You have an Azure 10T solution that includes an loT device named Device1.
You need to enable an loT Plug and Play app for Device1.
How should you complete the device connection? To answer select the appropriate options m the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 112
You have 1,000 devices that connect to a standard tier Azure IoT hub.
All the devices are commissioned and send telemetry events to the built-in IoT Hub endpoint. You configure message enrichment on the events endpoint and set the enrichment value to $twin.tags.ipV4.
When you inspect messages on the events endpoint, you discover that all the messages are stamped with a string of "$twin.tags.ipV4".
What are two possible causes of the issue? Each Answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. The device twin property value used for message enrichment is set to "$twin.tags.ipV4".
  • B. A standard tier IoT hub does not support device twin properties in message enrichments.
  • C. Message enrichment cannot be added to messages going to a built-in endpoint.
  • D. The device twin path used for the value of the enrichment does not exist.
  • E. The ipV4 tag is a restricted twin property that is unavailable for message enrichment.
  • F. The device sending the message has no device twin.

Answer: D,F

Explanation:
Explanation
In some cases, if you are applying an enrichment with a value set to a tag or property in the device twin, the value will be stamped as a string value. For example, if an enrichment value is set to $twin.tags.field, the messages will be stamped with the string "$twin.tags.field" rather than the value of that field from the twin.
This happens in the following cases:
(C) Your IoT Hub is in the standard tier, but the device sending the message has no device twin.
(E) Your IoT Hub is in the standard tier, but the device twin path used for the value of the enrichment does not exist. For example, if the enrichment value is set to $twin.tags.location, and the device twin does not have a location property under tags, the message is stamped with the string "$twin.tags.location".
Your IoT Hub is in the basic tier. Basic tier IoT hubs do not support device twins.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-message-enrichments-overview


NEW QUESTION # 113
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure IoT solution that includes an Azure IoT hub, a Device Provisioning Service instance, and 1,000 connected IoT devices.
All the IoT devices are provisioned automatically by using one enrollment group. You need to temporarily disable the IoT devices from the connecting to the IoT hub. Solution: You delete the enrollment group from the Device Provisioning Service. Does the solution meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Instead, from the Device Provisioning Service, you disable the enrollment group, and you disable device entries in the identity registry of the IoT hub to which the IoT devices are provisioned.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/iot-dps/how-to-unprovision-devices


NEW QUESTION # 114
You have the following device twin for the IoT device.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-device-twins


NEW QUESTION # 115
You plan to develop modules for an Azure IoT Edge solution.
You need to recommend a development tool that supports the following:
* Node.js
* Module templates
* Development on Linux workstations
What should you recommend?

  • A. the Azure loT explorer
  • B. Microsoft Visual Studio Code
  • C. Microsoft Visual Studio
  • D. Microsoft Visual Studio Online

Answer: D

Explanation:
Explanation
Use Visual Studio Code to develop Node.js code and deploy it to a device running Azure IoT Edge.
You can use IoT Edge modules with Linux containers to deploy code that implements your business logic directly to your IoT Edge devices.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/tutorial-node-module?view=iotedge-2020-11


NEW QUESTION # 116
You have an Azure IoT hub.
You plan to deploy 1,000 IoT devices by using automatic device management.
The device twin is shown below.

You need to configure automatic device management for the deployment.
Which target Condition and Device Twin Path should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-automatic-device-management


NEW QUESTION # 117
You create a new IoT device named device1 on iothub1. Device1 has a primary key of Uihuih76hbHb.
How should you complete the device connection string? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/quickstart-control-device-dotnet


NEW QUESTION # 118
You are developing an Azure IoT Central application.
You add a new custom device template to the application.
You need to add a fixed location value to the device template. The value must be updated by the physical IoT device, read-only to device operators, and not graphed by IoT Central.
What should you add to the device template?

  • A. a Cloud property
  • B. a Location property
  • C. a Location telemetry

Answer: B

Explanation:
For example, a builder can create a device template for a connected fan that has the following characteristics:
Sends temperature telemetry
Sends location property
Reference:
https://docs.microsoft.com/en-us/azure/iot-central/core/howto-set-up-template


NEW QUESTION # 119
......


Microsoft AZ-220 exam is a certification offered by Microsoft that validates the skills required to design and develop IoT solutions using Microsoft Azure technologies. AZ-220 exam is aimed at developers who want to demonstrate their expertise in building and deploying IoT solutions on the Azure platform. Passing AZ-220 exam can help you advance your career as a certified Azure IoT Developer.

 

Latest 100% Passing Guarantee - Brilliant AZ-220 Exam Questions PDF: https://www.examtorrent.com/AZ-220-valid-vce-dumps.html

Verified AZ-220 dumps and 205 unique questions: https://drive.google.com/open?id=1sw241lWJTrYqZiMs-3V0MIpt0zds_n9u

Related Articles

more
Microsoft AZ-220 Certification Practice Exam

ExamTorrent offers you the best exam torrent, excellent test torrent and valid exam dumps. Choose us, 100% pass for sure! We provide one-stop service and full package of exam torrent that helps you pass exams and acquire the certificates successfully.

Latest Test Dump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
ExamTorrent.com does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. ExamTorrent does not own or claim any ownership on any of the brands.