50 Microsoft Certified: Azure Developer Associate Practice Questions: Question Bank 2025

You develop an HTTP-triggered Azure Function that reads an environment variable named "ApiBaseUrl". In Azure, the function throws an error because the variable is null. You confirm the value exists in the Function App configuration. What should you do to make the value available to the function code at runtime?

A web API must store unstructured files and allow clients to download them via HTTPS. Files must be accessible without requiring the API to proxy the download. Which Azure Storage feature should you use?

You need to call a third-party REST API from an Azure App Service. The API key must not be stored in source control and should be rotatable without redeploying the app. Which approach is recommended?

An App Service is experiencing intermittent slow responses. You need to identify which downstream dependency calls are taking the most time and correlate them to specific requests. Which Azure service feature should you use?

You are building a containerized web API that needs to scale out automatically based on HTTP traffic and requires blue/green deployment support. You want to minimize infrastructure management. Which compute option should you choose?

An Azure Function processes messages from an Azure Storage Queue. You notice the same message is processed multiple times when the function instance restarts during processing. You need to ensure the business operation is applied only once. What should you implement?

A team uses Azure Cosmos DB (Core/SQL) and needs to reduce RU consumption for frequently-read data that rarely changes. The application is a .NET API. Which approach is recommended?

You have an Event Grid subscription delivering events to an Azure Function endpoint. Some deliveries fail due to transient errors, and you must ensure events are not lost and can be inspected later if delivery repeatedly fails. What should you configure?

You need to grant an Azure Function access to read secrets from an Azure Key Vault without storing any credentials in code or configuration. The Function App runs in Azure. What is the most secure configuration?

A microservice running on Azure Kubernetes Service (AKS) must call an internal Azure API Management (APIM) endpoint and authenticate using Azure AD. You want to avoid managing client secrets and support key rotation automatically. Which authentication approach should you implement?

You are developing an Azure Function that is triggered by an HTTP request. The function must restrict access so only callers authenticated by Microsoft Entra ID can invoke it. What should you configure?

A web app stores user-uploaded images in an Azure Blob Storage container. Users should only be able to upload new blobs, not list or read existing blobs. What is the simplest way to grant this access?

You need to call a third-party REST API from an Azure App Service. The API requires an API key that must not be stored in code or in source control. What is the recommended approach?

You are processing messages from an Azure Service Bus queue using an Azure Functions Service Bus trigger. Some messages fail due to transient downstream errors. You want the platform to retry automatically and, after repeated failures, move the message to the dead-letter queue. What should you do?

A containerized ASP.NET Core app runs in Azure Container Apps and must scale out based on the number of messages in an Azure Storage Queue. What should you configure?

An Azure Function uses an output binding to write documents to an Azure Cosmos DB container. The function intermittently receives HTTP 429 (Too Many Requests) errors from Cosmos DB during peak traffic. What is the best approach to reduce failures while maintaining throughput?

You have an ASP.NET Core Web API hosted on Azure App Service. You need to trace a single request end-to-end through multiple methods and dependency calls in Application Insights. What should you implement?

A function app reads blobs from a container and must ensure that each blob is processed exactly once. Duplicate processing occasionally occurs when the function scales out. Which approach is best?

You are building a multi-tenant API that calls Microsoft Graph on behalf of signed-in users. You must avoid storing refresh tokens and still obtain access tokens for downstream calls. Which authentication flow should you use?

You deploy a microservice to Azure Kubernetes Service (AKS). The service must securely retrieve secrets at runtime without storing them in Kubernetes Secrets or environment variables. The solution must also support automatic secret rotation. What should you use?

You are developing an Azure Function that is triggered by an HTTP request. The function must call an internal API and should not store any credentials in code or configuration files. The internal API is protected by Microsoft Entra ID (Azure AD). What should you use to obtain an access token?

You need to store user-uploaded files in Azure Blob Storage. The files must be encrypted with a key that your security team manages and rotates. The application must not have direct access to the encryption key material. Which configuration meets the requirements?

A developer is troubleshooting an Azure App Service that cannot reach a backend API hosted on an Azure Virtual Network. The backend API is only accessible via private IP addresses. Which App Service feature should be used to enable outbound access to resources in the VNet?

An application processes messages from an Azure Service Bus queue using an Azure Function. Some messages take longer than expected and are processed more than once. You need to reduce duplicate processing while preserving at-least-once delivery. What is the best approach?

You are building a .NET API that reads data from Azure Cosmos DB using the SQL API. The API is experiencing high latency and increased RU consumption for repeated point reads of frequently accessed documents. What should you implement to improve performance and reduce RU usage?

You are implementing a long-running workflow that coordinates several steps: validate an order, charge a payment provider, reserve inventory, and send a confirmation email. The workflow must survive restarts and provide built-in state management and retries. Which Azure service is best suited?

Your API uses HttpClient to call a third-party service from an Azure App Service. Under load, the app intermittently fails with socket exhaustion and DNS changes are not picked up quickly. What is the recommended fix in .NET?

You deploy an Azure Function that uses a system-assigned managed identity to read a secret from Azure Key Vault. The function fails with a 403 error when accessing the secret. Key Vault networking is configured to allow the Function App. What should you check first to resolve the issue?

A containerized microservice in Azure Container Apps must securely call an internal API hosted on Azure App Service without exposing the API publicly. The call should stay on Azure's private network. Which design best meets the requirement with minimal custom code?

You are instrumenting a distributed application with Application Insights. You need to correlate a single user request across an API, a background queue processor, and a downstream dependency call. Which approach provides end-to-end correlation with minimal effort?

You deploy an Azure Function with an HTTP trigger. You want to prevent the function from being accessed anonymously while still allowing calls from non-Azure clients. Which setting should you use?

You store images in an Azure Blob Storage container. The images must be publicly readable over HTTPS, but the storage account must not allow public access to other containers. What should you do?

An ASP.NET Core web app running in Azure App Service must retrieve secrets (connection strings and API keys) without storing them in code or configuration files. What is the recommended solution?

You have an Azure Queue Storage queue that triggers a background worker. You need to ensure that a message is not lost if processing fails, and that it becomes available again for retry after a short delay. Which Queue Storage behavior provides this?

A microservice running in a container needs to call another internal service. You want to avoid embedding any secrets in the container image and you want Azure to rotate credentials automatically. Which approach should you use?

You need to call an external REST API from an Azure Function. The API enforces per-client rate limits. You want to implement resilience with retries, exponential backoff, and a circuit breaker. What is the recommended approach?

Your application writes logs using Application Insights. You need to quickly find all requests that failed for a specific operation and correlate them to the related dependencies. Which feature should you use?

You are building an event-driven solution where messages must be processed in strict order and duplicates must be detected automatically. Which messaging option best meets these requirements with minimal custom code?

Your team uses Azure API Management (APIM) to expose an internal API. You must prevent a single client from calling the API more than 100 requests per minute, and you want APIM to enforce it without code changes to the backend. What should you configure?

You are using Azure Cosmos DB (SQL API) for an order-processing system. You must ensure that changes to the Orders container trigger processing with at-least-once delivery and that the processor can resume from where it left off after restarts. Which approach should you use?

You need to store application configuration values that are shared across multiple Azure Functions and must be versioned and centrally managed. The values should be retrievable at runtime without redeploying the app. What should you use?

An ASP.NET Core API hosted in Azure App Service must call another internal API protected by Microsoft Entra ID. You want to avoid storing client secrets and use a managed identity. What is the recommended approach?

You are writing an Azure Function that processes messages from an Azure Storage queue. The function fails intermittently, and you want to ensure messages are retried automatically without losing them. What should you rely on?

A web API must expose a POST endpoint that starts a long-running workflow (up to 15 minutes) and returns immediately with a status URL. Clients will poll for completion. Which compute option best fits this pattern with minimal custom state management?

You upload blobs to Azure Blob Storage and must ensure that a blob cannot be modified once written, to meet regulatory retention requirements. The solution must prevent deletion or overwrites for a defined period. What should you configure?

An Azure App Service uses a user-assigned managed identity to access a Key Vault secret. The code uses DefaultAzureCredential, but in production it intermittently acquires tokens for the wrong identity. What is the best fix?

You need to call a third-party REST API from an Azure Function. The API enforces strict rate limits and returns HTTP 429 responses. You must implement a resilient pattern with minimal code changes. What should you do?

You are troubleshooting an Azure Function that processes Event Hubs events. You notice duplicate processing during scale-out, and you must ensure per-partition ordering is preserved while allowing parallelism across partitions. What should you verify/configure?

A multi-tenant SaaS uses Azure API Management (APIM) in front of several microservices. Each tenant must have a separate rate limit and quota. Tenants are identified by subscription keys and should be managed without redeploying services. What should you implement in APIM?

You have an Azure Function app that must access Azure Storage using Azure AD authentication (no account keys). The function runs in a locked-down network and must not traverse the public internet. What is the best end-to-end design?