70-532

Ace your homework & exams now with Quizwiz!

Which of the below Azure services is a cloud identity management solution for your web and mobile applications? A. Azure AD B2C B. Azure DocumentDB C. Azure API Management D. Azure App Service

Answer: A Explanation: Azure AD B2C is a cloud identity management solution for your web and mobile applications. It is a highly available global service that scales to hundreds of millions of identities. Built on an enterprise-grade secure platform, Azure AD B2C keeps your applications, your business, and your customers protected. With minimal configuration, Azure AD B2C enables your application to authenticate: Social Accounts (such as Facebook, Google, LinkedIn, and more) Enterprise Accounts (using open standard protocols, OpenID Connect or SAML) Local Accounts (email address and password, or username and password)

You need to debug the Azure solution. Which tool should you use? A. Emulator Express B. Remote debugging C. Compute emulator D. IntelliTrace E. Profiling

Answer: A Explanation: By using Emulator Express, you can test and debug a cloud service without running Visual Studio as an administrator. You can set your project settings to use either Emulator Express or the full emulator, depending on the requirements of your cloud service.

You need to control user traffic distribution to your Azure service endpoints. Which of the following options can help in this case? A. Azure Traffic Manager B. Virtual networks C. NSGs and UDRs D. None of the above

Answer: A Explanation: Microsoft Azure Traffic Manager allows you to control the distribution of user traffic for service endpoints in different datacenters. Service endpoints supported by Traffic Manager include Azure VMs, Web Apps, and cloud services. You can also use Traffic Manager with external, non-Azure endpoints.

Which Azure service provides programmatic access to Azure AD through REST API endpoints? A. Azure AD Graph API B. Azure Search C. Azure Service Bus D. Azure AD

Answer: A Explanation: The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects

There is a requirement to store audit logs for an application hosted in Azure. Which of the following Azure Storage service options can be used for this purpose. A. Append Blob B. Page Blob C. Block Blob D. Normal Blob

Answer: A Explanation: The append blob gives the ability to append data to an existing Blob. This blob type is ideal for storing data that is relevant to logging and auditing.

A table called demo is hosted in Azure Storage with an account name of example. What is the url by which the table can be accessed A. http://example.table.core.windows.net/demo B. http://demo.table.core.windows.net/example C. http://example/demo D. http://example.core.windows.net/demo

Answer: A Explanation: This is given in the Microsoft documentation.

If you want to move your email and Skype workload in Azure, what is your best option? Choose the 2 correct answers from the options below. A. Cannot move workload to Azure B. Explore Microsoft Office 365 C. Move your existing email (Exchange) virtual machines D. Move Skype as Virtual machines on Azure

Answer: A, B Explanation: For Skype and Office it's better to move the workload to the PaaS option of Office 365.

You need to secure the website, which 3 actions would you perform? A. Configure the website to use standard hosting plan. B. Add the SSL settings to the web.config file of the website. C. Upload a wildcard SSL certificate D. Select the name of the domain that the SSL certificate secures

Answer: A, C, D Explanation: The 3 steps for secure a website are: 1. Configure the website to use standard hosting plan. 2. Upload a wildcard SSL certificate. 3. Select the name of the domain that the SSL certificate secures.

What are the different communication mechanisms available with the Azure Service Bus? Choose 3 answers from the options given below A. Queues B. Stacks C. Topics D. Relays​

Answer: A, C, D Explanation: The following are the different mechanisms available 1. Queues, which allow one-directional communication. 2. Topics, which provide one-directional communication using subscriptions-a single topic can have multiple subscriptions. 3. Relays, which provide bi-directional communication.

Which of the following VM series have a high compute to Memory ratio? A. Av2 Series B. F Series C. GS Series D. Ls Series

Answer: B Explanation: As per the documentation, the F Series is the one that has a high compute to Memory ratio.

Which of the following is not a setting for the disk caching policy on premium storage disks? A. Read Only B. Write Only C. None D. Read/Write

Answer: B Explanation: There are three cache options: 1. None - No caching is performed. 2. Read Only - Assuming an empty cache or the desired data is not found in the local cache, reads read from Azure Storage and are then cached in local cache. Writes go directly to Azure Storage. 3. Read/Write - Assuming an empty cache or the desired data is not found in the local cache, reads read from Azure Storage and are then cached in local cache.

You are configuring a web job that needs to run based on the response from a service queue. How would you configure the web job? A. Configure the web job to run on demand. B. Configure the web job to run continuously. C. Configure the web job to run on a schedule. D. Configure the web job to run on a schedule and on demand.

Answer: B Explanation: Web jobs can run on-demand (when run from the portal), continuously (and possibly in response to input from a Storage blob, Storage queue, or Service Bus queue), on a scheduled date and time, or at certain recurring intervals within a specified date range. The schedule to use depends on your scenario. Scenarios that run only occasionally may work best as on-demand; scenarios that run in response to input from storage or service queues should run continuously; others may need to be scheduled according to the calendar.

Which of the below connections should be adopted when you have a few number of clients who want to connect to your Azure infrastructure? A. Site-to-Site B. Point-to-Site C. ExpressRoute D. DirectConnect

Answer: B Explanation: When you have a few number of clients who want to connect to your Azure infrastructure, the best option is to go for the Point-to-site VPN connection. And since the connection is only required for a brief period of time, it makes more sense than having a dedicated connection.

Which of the following commands can be used to see the first message in the queue without removing the message from the queue? A. CallMessage B. PeekMessage C. DeleteMessage D. GetMessage

Answer: B Explanation: You can peek at the message in the front of a queue without removing it from the queue by calling the PeekMessage method.

What are the 2 types of keys provided by Azure Storage? Choose 2 answers from the options below A. Private Key B. Primary Key(Key1) C. Secondary Key(Key2) D. Public Key​

Answer: B, C Explanation: The reason for having 2 keys is if you need to regenerate the keys for any one of the following reasons: You might regenerate them on a regular basis for security reasons. You would regenerate your storage account keys if someone managed to hack into an application and retrieve the key that was hardcoded or saved in a configuration file, giving them full access to your storage account. Another case for key regeneration is if your team is using a Storage Explorer application that retains the storage account key, and one of the team members leaves.

What task does the below Azure CLI carry out az vmss scale -g resourcegroupname -n scalesetname --new-capacity 10 A. Scale a cloud service to 10 accounts B. Scale out an Azure SQL database to 10 instances. C. Scale out a scale set to a capacity of 10 VM's D. None of the above​

Answer: C Explanation: To change scale set capacity on the command line, use the scale command in Azure CLI.

Which of the following can be indexed and searched by the Azure Search service? A. PDF Files B. Word Files C. Azure SQL Database D. All of the above

Answer: D Explanation: Azure Search is a powerful search service that is provided on Azure. Apart from having a full text search feature, it can also be used along with the Azure SQL Indexer to index and search for data in Azure SQL Databases.

When you create an Azure virtual network, you configure which of the following properties? Choose the correct answer from the options below. A. IP address blocks B. DNS settings C. Security policies D. All of the above

Answer: D Explanation: The Azure Virtual Network service enables you to securely connect Azure resources to each other with virtual networks (VNets). A VNet is a representation of your own network in the cloud. A VNet is a logical isolation of the Azure cloud dedicated to your subscription. You can also connect VNets to your on-premises network.

What does the below PowerShell command do? $pip = New-AzureRmPublicIpAddress -Name $pipName -ResourceGroupName $rgName ` -AllocationMethod Static -DomainNameLabel $dnsName -Location $location A. Create a Public IP Address B. Create a Dynamic IP Address C. Create a Private IP Address D. Create a Static IP Address

Answer: D Explanation: You can create virtual machines (VMs) in Azure and expose them to the public Internet by using a public IP address. By default, Public IPs are dynamic and the address associated to them may change when the VM is deleted. To guarantee that the VM always uses the same public IP address, you need to create a static Public IP.

There is a requirement to configure the Azure storage for storing data that is accessed frequently. Which of the following should be used? A. Hot storage tier B. Cold storage tier C. Primary storage tier D. Secondary storage tier

Answer: A Explanation: Azure Storage offers two storage tiers for Blob object storage so that you can store your data most cost-effectively depending on how you use it. The Azure hot storage tier is optimized for storing data that is accessed frequently. The Azure cool storage tier is optimized for storing data that is infrequently accessed and long-lived. Data in the cool storage tier can tolerate slightly lower availability, but still requires high durability and similar time to-access and throughput characteristics as hot data. For cool data a slightlylower availability SLA and higher access costs are acceptable trade-offs for much lower storage costs.

You create a VM named cVM_005 for a newly hired contractor. The contractor reports that the VM runs out of memory when the contractor attempts to test the mobile applications. You need to double the memory that is available for the VM. Which Windows PowerShell command should you use? A. SetAzureVMSize -ServiceName "cVM_005" -VMSize "A4" B. Add-DataDiskstoVM.ps1 - ServiceName "cVM 005" - VMName "MyVM" -Location "West US" -NumberOfDisks 2 - DiskSizeInGB 16 C. SetAzureVMSize -ServiceName "cVM_005" -VMSize "Medium" D. SetAzureVMSize -ServiceName "cVM_005" -VMSize "A6"

Answer: A Explanation: If you go to the Azure documentation, the next VM which is double in size of Memory to the size of the A3 machine is the A4 machine. Note that as per the case study the contractors are provided with the A3 machine.

When it comes to recovery from data corruption, what is one of the best practices when it comes to storage? A. Consider using the snapshot feature of blobs. B. There is no need to worry since Azure will always ensure there is no data corruption C. Use Active/passive storage D. Create more virtual machines

Answer: A Explanation: Note that while Azure Storage provides data resiliency through automated replicas, this does not prevent your application code (or developers/users) from corrupting data through accidental or unintended deletion, update, and so on. Maintaining data fidelity in the face of application or user error requires more advanced techniques, such as copying the data to a secondary storage location with an audit log. Developers can take advantage of the blob snapshot capability, which can create read-only point-in- time snapshots of blob contents. This can be used as the basis of a data-fidelity solution for Azure Storage blobs.

You are defining an Autoscale trigger for your web site hosted in Azure. You want to ensure the web site scales if the Memory usage exceeds 60% for 5 minutes. How would you configure autoscaling? A. Define the Metric as Memory Percentage, threshold as 60 and Period as Over the last 5 minutes. B. Define the Metric as Memory Percentage, threshold as 60. C. Define the Metric as Memory Percentage, threshold as 5 minutes. D. Define the Metric as Memory Percentage, threshold as 5 minutes and peak as 60.

Answer: A Explanation: See the Microsoft documentation on how an alert would be configured for Autoscaling.

You need to implement data storage for patient information. What should you do? A. Use the Update Entity operation of the Table Service REST API. B. Use the Put Blob operation of the Blob Service REST API. C. Use the Put Message operation of the Create Queue REST API. D. Use the Set Share Metadata operation of the File Service REST API.

Answer: A Explanation: Since the requirement is to have a NoSQL solution, the only one that fits this option is the Table Service from Azure, hence Option A is the right option

The website does not receive alerts quickly enough. You need to resolve the issue. What should you do? A. Enable automatic scaling for the website. B. Manually Increase the instance count for the worker role. C. Increase the amount of swap memory for the VM instance. D. Set the monitoring level to Verbose for the worker role. E. Enable automatic scaling for the worker role.

Answer: A Explanation: Since the website is experiencing slowness, the best option would be to enable automatic scaling for the web site. There are two workflows for scaling, scale up and scale out, and this article explains the scale up workflow. Scale up: Get more CPU, memory, disk space, and extra features like dedicated virtual machines (VMs), custom domains and certificates, staging slots, autoscaling, and more. You scale up by changing the pricing tier of the App Service plan that your app belongs to. Scale out: Increase the number of VM instances that run your app. You can scale out to as many as 20 instances, depending on your pricing tier. App Service Environments in Premium tier will further increase your scale-out count to 50 instances

You have a cloud service that runs an external process that is named MyStartupTask.cmd. The cloud service runs this external process when the web role starts. The external process writes information to the Windows registry. You set the value of an environment variable named MyIDto the deployment ID for the current web role instance. The external process must complete writing the information to the Windows registry before the web role starts to accept web traffic. You need to configure the cloud service. <Startup> <Task commandLine=""MyStartupTask.cmd"" AA <Environment> <Variable name=""MyId""> <RoleInstanceValue><path=""/RoleEnvironment/Deployment/@id""/> </Variable> </Environment> </Task> </Startup> What is the right statement which should take the AA placeholder in the above code? A. executionContext="elevated" taskType="simple" B. executionContext="limited" taskType="foreground" C. executionContext="elevated" taskType="foreground" D. executionContext="elevated" taskType="background"

Answer: A Explanation: Startup tasks are actions that are taken before your roles begin and are defined in the ServiceDefinition.csdef file by using the Task element within the Startup element. Frequently startup tasks are batch files, but they can also be console applications, or batch files that start PowerShell scripts.

Which of the following is incorrect when it comes to the features of Azure Disk Encryption service? A. The Disk encryption service only works with Windows virtual machine disks. B. It integrates with Azure Key vault to manage the encryption keys. C. It ensures that all data on virtual machine disks are encrypted at rest. D. It is available in all regions.

Answer: A Explanation: The Azure Disk encryption facility is available for both Windows and Linux based IaaS virtual machines. Azure Disk Encryption leverages the industry standard BitLocker feature of Windows and the DM-Crypt feature of Linux to provide volume encryption for the OS and the data disks.

What is the primary purpose of the Azure compute emulator? A. It can be used to debug your cloud service. B. It can be used to deploy your cloud service. C. It can be used to autoscale your cloud service. D. It can be used to backup your cloud service.

Answer: A Explanation: The Azure compute emulator can be used to debug the cloud service on the local machine. This helps in the debugging process , because instead of deploying to Azure and then debugging the solution, it can be checked on the local machine before it can be deployed to Azure.

In order to run a webjob every 15 minutes, which of the following cron expression would be put in the setting.job file? A. { ""schedule"": ""0 */15 * * * *"" } B. { ""schedule"": ""0 * */15 * * *"" } C. { ""schedule"": ""* * */15 * * *"" } D. { ""schedule"": ""* */15 * * * *"" }

Answer: A Explanation: The CRON expression is composed of 6 fields: {second} {minute} {hour} {day} {month} {day of the week}. To trigger your WebJob every 15 minutes, your settings.job would have { ""schedule"": ""0 */15 * * * *"" }

The Azure Queue service hosts a queue named userRegistrationQueue. You are developing a web job to process messages from the queue. You create a new console application by using Microsoft Visual Studio. You also create an Azure storage connection string and store the connection string in the application configuration file. All trigger listeners and jobs must run on the current thread. You need to ensure that the web job processes the messages from the queue. How should you complete the relevant code? A. static void Main() { var cloudQueue=CreateCloudQueue(); AddMessageToQueue(cloudQueue); var host = new Microsoft.Azure.Jobs.JobHost(); host.RunAndBlock(); } B. static void Main() { var cloudQueue=CreateCloudQueue(); AddMessageToQueue(cloudQueue); var host = new Microsoft.Azure.Jobs.JobHostConfiguration(); host.RunAndBlock(); } C. static void Main() { var cloudQueue=CreateCloudQueue(); AddMessageToQueue(cloudQueue); var host = new Microsoft.Azure.Jobs.JobHostConfiguration(); host.RunOnBackgroundThread(); } D. static void Main() { var cloudQueue=CreateCloudQueue(); AddMessageToQueue(cloudQueue); var host = new Microsoft.Azure.Jobs.JobHost(); host.RunOnBackgroundThread(); }

Answer: A Explanation: The JobHost object is a container for a set of background functions. The JobHost object monitors the functions, watches for events that trigger them, and executes the functions when trigger events occur. You call a JobHost method to indicate whether you want the container process to run on the current thread or a background thread. The RunAndBlock method runs the process continuously on the current thread.

An azure account has a storage account name of demo. It is hosting a file storage service. Which one of the following url would be used to access a file called Log.txt in a directory called logs/CustomLogs? A. http://demo.file.core.windows.net/logs/CustomLogs/Log.txt B. http://file.core.windows.net/logs/CustomLogs/Log.txt C. http://demo.core.windows.net/logs/CustomLogs/Log.txt D. http://demo.windows.net/logs/CustomLogs/Log.txt

Answer: A Explanation: The URL format for a file in the storage account is as follows URL format: Files are addressable using the following URL format: https://<storage account>.file.core.windows.net/<share>/<directory/directories>/<file>

You develop a web application that uses table storage in Azure. You create a storage account named Contoso that stores a table named CityPopulationData. The web application stores entities in this table. You need to query the table data by using OData. Which ULR should you use? A. http://contoso.table.core.windows.net/citypopulationdata B. http://contoso.table.core.windows.net/odata/citypopulationdata C. http://azurestorage.table.core.windows.net/contoso D. http://microsoft.table.core.windows.net/contoso E. http://azure.table.core.windows.net/contoso/citypopulationdata

Answer: A Explanation: The default URL for tables in Azure is given below URL: https://myaccount.table.core.windows.net/Tables

Which of the below are scaling workflows which are available in the Azure App service: A. Scale up and Scale out B. Primary and Secondary scaling C. Virtual scale in and Virtual scale out D. Azure scale in and Azure scale out

Answer: A Explanation: The following scaling mechanisms are present in the Azure App Service: 1. Scale up - Get more CPU, memory, disk space, and extra features like dedicated virtual machines (VMs), custom domains and certificates, staging slots, autoscaling, and more. You scale up by changing the pricing tier of the App Service plan that your app belongs to. 2. Scale out - Increase the number of VM instances that run your app. You can scale out to as many as 20 instances, depending on your pricing tier.

You need to move the VM. What should you do? A. Use the Blob Service REST API B. Use the Service Management REST API C. Run the Azure PowerShell Convert VHD cmdlet. D. Run the Azure PowerShell New AzureVMcmdlet

Answer: A Explanation: The overall steps to move a VM using the Blob storage API: 1. Stop the Virtual Machine. 2. Copy the VHD blob from a storage account in the source region to a storage account in the destination region. 3. Create an Azure Disk from the blob. 4. Boot the Virtual Machine from the Disk.

Which of the following components is used for accepting API calls and routing them to backend systems in the Azure API Management system? A. API Gateway B. Publisher Portal C. API Portal D. Publisher portal

Answer: A Explanation: The system is made up of the following components: The API gateway is the endpoint that: Accepts API calls and routes them to your backends. Verifies API keys, JWT tokens, certificates, and other credentials. Enforces usage quotas and rate limits. Transforms your API on the fly without code modifications. Caches backend responses where set up. Logs call metadata for analytics purposes. The publisher portal is the administrative interface where you set up your API program. Use it to: Define or import API schema. Package APIs into products. Set up policies like quotas or transformations on the APIs. Get insights from analytics. Manage users. The developer portal serves as the main web presence for developers, where they can: Read API documentation. Try out an API via the interactive console. Create an account and subscribe to get API keys. Access analytics on their own usage.

You need to configure the virtual network. What are two possible ways to achieve this goal? Each correct answer presents a complete solution. A. Configure a point to site virtual network. B. Configure a site to site virtual network. C. Configure a multi site virtual network. D. Configure a cloud only virtual network.

Answer: A, B Explanation: A Site-to-Site (S2S) VPN gateway connection is a connection over IPsec/IKE (IKEv1 or IKEv2) VPN tunnel. This type of connection requires a VPN device located on-premises that has a public IP address assigned to it and is not located behind a NAT. S2S connections can be used for cross-premises and hybrid configurations. A Point-to-Site (P2S) VPN gateway connection allows you to create a secure connection to your virtual network from an individual client computer. P2S is a VPN connection over SSTP (Secure Socket Tunneling Protocol).

What are the 2 types of availability tests available in Azure? A. URL ping test B. Multi-Step web test C. Load test D. Single-Step web test

Answer: A, B Explanation: There are two types of availability tests in Azure. 1. URL ping test - This is a simple test that you can create in the Azure portal. 2. Multi-step web test - These are test in which you create in Visual Studio Enterprise and upload to the portal.

Azure has the facility to provide Diagnostics for the backend VM's in an Application gateway. Which of the following are part of this monitoring capability? Provide 3 answers from the options given below. A. Backend health B. Logging C. Metrics D. Frontend Health

Answer: A, B, C Explanation: Azure provides the following diagnostics available at the application gateway layer: 1. Backend health - You can monitor the health of the backend servers. 2. Logging - Here you can see the various logs generated by the Application gateway. 3. Metrics - You can see the throughput of the Application gateway.

What are the 3 tiers available for Azure Redis? A. Basic B. Standard C. Premium D. Shared

Answer: A, B, C Explanation: Microsoft Azure Redis Cache is available in the following tiers: Basic - Single node. Multiple sizes up to 53 GB. Standard - Two-node Primary/Replica. Multiple sizes up to 53 GB. 99.9% SLA. Premium - Two-node Primary/Replica with up to 10 shards. Multiple sizes from 6 GB to 530 GB. All Standard tier features and more including support for Redis cluster, Redis persistence, and Azure Virtual Network. 99.9% SLA.

You need to create the VM to replace the on-premises server. Which 3 actions are required to fulfil this requirement? A. Generalize the on-premise server using Sysprep utility. Create an Azure storage account. Create a container in the storage account. B. Connect Windows PowerShell to Azure, and upload the VHD C. Use the Azure management portal to create a new VM. D. Create a new VHD

Answer: A, B, C Explanation: The 3 steps to move a VM from on-premise to Azure: 1. Generalize the on-premise server using Sysprep utility. Create an Azure storage account. Create a container in the storage account. 2. Connect Windows PowerShell to Azure, and upload the VHD. 3. Use the Azure management portal to create a new VM.

Which of the following trigger are available when scheduling Webjobs using the Azure Web Apps service. Choose 3 answers from the options below: A. Using the "Run continuously" trigger B. Using the "Run on a schedule" trigger C. Using the "Run on demand" trigger D. Using the "Run on Autoscale" trigger

Answer: A, B, C Explanation: The below triggers are available for Webjobs: 1. Run continuously - Here the job will respond to an event driven trigger. 2. Run on a schedule - Here the job will respond to an schedule driven trigger. 3. Run on demand - Here the job will execute as soon as you start it.

You need to configure a VM for a new contractor. Which three actions should you perform? Choose 3 answers from the options below: A. Create an endpoint and configure the ports that the VM will use. B. Obtain the radio frequency identification (RFID) information from the contractor and import the secure key from the RFID device. C. Add the contractor's user name and remote IP address to the list of permitted users and addresses in the ACL. D. Copy the endpoint port addresses to an NFC tag for the contractor.

Answer: A, B, C Explanation: You can open a port, or create an endpoint, to a virtual machine (VM) in Azure by creating a network filter on a subnet or VM network interface. You place these filters, which control both inbound and outbound traffic, on a Network Security Group attached to the resource that receives the traffic. The Network access control policy can limit access to the remote IP address. A user can configured on the VM for the contractor to log in. The secure key can be used for remote login purposes.

You create a new web application by using a single Azure website deployment. The deployment uses the shared web hosting plan. User activity varies significantly and unpredictably. The application must automatically scale to a maximum of eight virtual machines based on CPU utilization. You need to configure the environment. In the Azure management portal, which three actions should you perform? A. Change the value of the web hosting plan to Standard B. Enable the Scale by Metric option C. Configure autoscaling to support scaling by metrics based on CPU utilization D. Change the value of the web hosting plan to Basic

Answer: A, B, C Explanation: You need to update to the Standard tier, you can then scale by metric in the portal.

You need to complete the domain configuration for the website. Which four actions should you perform? A. On the Azure dashboard page for websites,obtain the IP address. B. Point the DNS root domain record IP address to the website. C. Create a CNAME resource resource record that points from the custom domain to <websitename>.azurewebsites.net D. In the Azure management portal create a new virtual network. E. In the Azure management portal, configure the website to use the custom domain.

Answer: A, B, C, E Explanation: None.

You create a web application. You publish the source code of the web application to a GitHub repository by using Microsoft Visual Studio. You create a website by using the Azure management portal. You must continuously deploy the web application from the GitHub repository website to the Azure website. You need to deploy the source code of the web application. Which four actions should you perform? A. In the Azure management portal, choose the option to set up deployment from source control. B. Select GitHub as the source control method. C. Sign into GitHub by using your deployment credentials. D. Configure the Azure website to use the Always On option. E. Select the repository and the branch from which to deploy the Azure website.

Answer: A, B, C, E Explanation: The overall steps for this are: 1. In the Azure management portal, choose the option to set up deployment from source control. 2. Select GitHub as the source control method. 3. Sign into GitHub by using your deployment credentials. 4. Select the repository and the branch from which to deploy the Azure website.

What are the 3 main architectural components of Chef? A. Chef Server B. Chef Client C. Chef Cloud D. Chef Workstation

Answer: A, B, D Explanation: Chef has three main architectural components: Chef Server, Chef Client (node), and Chef Workstation. 1. The Chef Server is our management point and there are two options for the Chef Server: a hosted solution or an on-premises solution. We will be using a hosted solution. 2. The Chef Client (node) is the agent that sits on the servers you are managing. 3. The Chef Workstation is our admin workstation where we create our policies and execute our management commands.

With which of the following resources can you assign Public addresses in the Azure Resource Manager. Choose 3 answers from the options below: A. Virtual Machines B. Internet facing load balancers C. Azure Web Apps D. VPN gateways

Answer: A, B, D Explanation: In Azure Resource Manager, a public IP address is a resource that has its own properties. You can associate a public IP address resource with any of the following resources: Virtual machines (VM) Internet-facing load balancers VPN gateways Application gateways

To which of the following services can Shared Access Signature be used to delegate access to. Choose 3 answers from the options below. A. Containers B. Queues C. DocumentDB D. File shares

Answer: A, B, D Explanation: The Storage resources for which you can delegate access with a service Shared Access Signature include the following: 1. Containers and blobs 2. File shares and files 3. Queues 4. Tables and ranges of table entities.

Which of the following metrics can be used for monitoring redis cache to decide on when scaling of the cache is required. Choose 3 answers from the options below: A. Redis Server Load B. Memory Usage C. Disk Usage D. CPU Usage

Answer: A, B, D Explanation: You can monitor the following metrics to help determine if you need to scale. Redis Server Load Memory Usage Network Bandwidth CPU Usage

You deployed your virtual machines to Azure. Which of the following options provide you with the ability to perform configuration management of these deployments? Choose the 2 correct answers from the options below. A. Azure Desired State Configuration B. Remote debug configuration C. Chef and Puppet D. VM extensions

Answer: A, C Explanation: Deploying and maintaining the desired state of your servers and application resources can be tedious and error prone. With Azure Automation Desired State Configuration (DSC), you can consistently deploy, reliably monitor, and automatically update the desired state of all your IT resources, at scale from the cloud. Built on PowerShell DSC, Automation DSC can align machine configuration with a specific state across physical and virtual machines (VMs), using Windows or Linux, and in the cloud or on-premises.

What are the 3 primary components of PowerShell Desired state configuration? A. Configurations B. Templates C. Resources D. Local Configuration Manager

Answer: A, C, D Explanation: 1. Configurations are declarative PowerShell scripts which define and configure instances of resources. Upon running the configuration, DSC (and the resources being called by the configuration) will simply "make it so", ensuring that the system exists in the state laid out by the configuration. DSC configurations are also idempotent: the Local Configuration Manager (LCM) will continue to ensure that machines are configured in whatever state the configuration declares. 2. Resources are the ""make it so"" part of DSC. They contain the code that put and keep the target of a configuration in the specified state. Resources reside in PowerShell modules and can be written to model something as generic as a file or a Windows process, or as specific as an IIS server or a VM running in Azure. 3. The Local Configuration Manager (LCM) is the engine by which DSC facilitates the interaction between resources and configurations. The LCM regularly polls the system using the control flow implemented by resources to ensure that the state defined by a configuration is maintained. If the system is out of state, the LCM makes calls to the code in resources to "make it so" according to the configuration.

Which of the following are immutable system groups available in the Azure API management service. Choose 3 answers from the options below: A. Administrators B. Power Users C. Developers D. Guests

Answer: A, C, D Explanation: Groups are used to manage the visibility of products to developers. API Management has the following immutable system groups. Administrators - Azure subscription administrators are members of this group. Administrators manage API Management service instances, creating the APIs, operations, and products that are used by developers. Developers - Authenticated developer portal users fall into this group. Developers are the customers that build applications using your APIs. Developers are granted access to the developer portal and build applications that call the operations of an API. Guests - Unauthenticated developer portal users, such as prospective customers visiting the developer portal of an API Management instance fall into this group. They can be granted certain read-only access, such as the ability to view APIs but not call them.

Which of the following are available for web server diagnostics with the Azure web app feature. Choose 3 answers from the options given below: A. Detailed Error Logging B. Database logging C. Failed Request Tracing D. Web Server Logging

Answer: A, C, D Explanation: The following are available for the web server diagnostics with the Azure web app feature: 1. Detailed Error Logging - Detailed error information for HTTP status codes that indicate a failure (status code 400 or greater). This may contain information that can help determine why the server returned the error code. 2. Failed Request Tracing - Detailed information on failed requests, including a trace of the IIS components used to process the request and the time taken in each component. This can be useful if you are attempting to increase site performance or isolate what is causing a specific HTTP error to be returned. 3. Web Server Logging - Information about HTTP transactions using the W3C extended log file format. This is useful when determining overall site metrics such as the number of requests handled or how many requests are from a specific IP address.

Which of the following is provided in the web server diagnostics provided by the Azure App Service. Choose 3 answers from the options below: A. Detailed Error Logging B. Virtual Server Logging C. Failed Request Tracing D. Web Server Logging

Answer: A, C, D Explanation: The following is possible with the web server diagnostics: 1. Detailed Error Logging - Detailed error information for HTTP status codes that indicate a failure. 2. Failed Request Tracing - Detailed information on failed requests, including a trace of the IIS components used to process the request and the time taken in each component. 3. Web Server Logging - Information about HTTP transactions using the W3C extended log file format.

You need to meet the high availability and business continuity requirements. Which 3 actions would you perform? A. Create a primary databases on the Standard service tier B. Configure a secondary database to use the same region than the primary database is deployed to. C. In the Azure management portal, enable geo-replication D. Configure a secondary database to use a different region than the primary database is deployed to.

Answer: A, C, D Explanation: When building and deploying highly available services on Azure SQL Database, you use failover groups and active geo-replication to provide resilience to regional failures and catastrophic outages and enable fast recovery to the secondary databases.

Which of the below are the main parts of the Graph API. Choose 4 answers from the options below. A. Service Root B. Post Parameters C. Tenant Identifier7 D. Resource path E. Query parameters

Answer: A, C, D, E Explanation: The URLs used in Graph API consist of four main parts: service root, tenant identifier, resource path, and query string options: https://graph.windows.net/{tenant-identifier}/{resource-path}?[queryparameters] 1. Service Root: In Azure AD Graph API, the service root is always https://graph.windows.net. 2. Tenant identifier: This section can be a verified (registered) domain name, in the preceding example, contoso.com. It can also be a tenant object ID or the "myorganization" or "me" alias. 3. Resource path: This section of a URL identifies the resource to be interacted with (users, groups, a particular user, or a particular group, etc.) In the example above, it is the top level "groups" to address that resource set. You can also address a specific entity, for example "users/{objectId}" or "users/userPrincipalName". 4. Query parameters: A question mark (?) separates the resource path section from the query parameters section. The "api-version" query parameter is required on all requests in the Graph API. The Graph API also supports the following OData query options: $filter, $orderby, $expand, $top, and $format. The following query options are not currently supported: $count, $inlinecount, and $skip.

An application sends Azure push notifications to a client application that runs on Windows Phone, IOS and Android devices. Users cannot use the application on some devices. The authentication mechanisms that the application uses are the source of the problem. You need to monitor the number of notifications that failed because of authentication errors. Which three metrics should you monitor? Each correct answer presents part of the solution. A. Microsoft Push Notification Service (MPNS) authentication errors. B. External notification system errors. C. Apple Push Notification Service (APNS) authentication errors. D. Channel errors E. Windows Push Notification Services (WNS) authentication errors. F. Google Cloud Messaging (GCM) authentication errors

Answer: A, C, F Explanation: The authentication by the mobile app will first happen with the respective notification provider. If the authentication configured in the hub is not properly then this can result in notification issues. So you need to monitor for notification issues with each provider.

You have an existing server that runs Windows Server. You plan to create a base image of this server. You will use this base image to prepare several virtual servers for future use. After the base image is prepared, you will capture it by using the Azure management portal. You must use the System Preparation Tool (Sysprep) to prepare the server so that the base image can be captured. You need to prepare the server so that the base image can be captured. What should you do? Choose 3 answers from the options below? A. Enter System Out-of-Box Experience e(OOBE) B. Enter System Audit Mode C. Generalize D. Reboot E. Quit F. Shutdown

Answer: A, C, F Explanation: The steps for preparing the server are given below: 1. Sign in to the Windows virtual machine. 2. Open the Command Prompt window as an administrator. Change the directory to %windir%\system32\sysprep, and then run sysprep.exe. 3. In the System Preparation Tool dialog box, select Enter System Out-of-Box Experience (OOBE), and make sure that the Generalize check box is selected. 4. In Shutdown Options, select Shutdown. 5. Click OK.

Which of the following settings are not copied when a swap is made in deployment slots in the web app service of Azure. Choose 2 answers from the options given below: A. Publishing endpoints B. App settings C. Handler mappings D. Custom Domain names

Answer: A, D Explanation: Doc shows the settings that are swapped and not swapped. Settings that are swapped: General settings - such as framework version, 32/64-bit Web sockets App settings (can be configured to stick to a slot) Connection strings (can be configured to stick to a slot) Handler mappings Monitoring and diagnostic settings WebJobs content Settings that are not swapped: Publishing endpoints Custom Domain Names SSL certificates and bindings Scale settings WebJobs schedulers

You connect to an existing service over the network by using HTTP. The service listens on HTTP port 80. You plan to create a test environment for this existing service by using an Azure virtual machine (VM) that runs Windows Server. The service must be accessible from the public Internet over HTTP port 8080. You need to configure the test environment. Which two actions should you take? Each correct answer presents part of the solution. A. Configure an endpoint to route traffic from port 8080 to port 80 B. Configure an endpoint to route traffic from port 80 to port 8080. C. Ensure that the public IP address is configured as a static IP address. D. Configure the Windows Server firewall to allow incoming and outgoing traffic on port 8080 E. Configure the Windows Server firewall to allow incoming and outgoing traffic on port 80.

Answer: A, E Explanation: Since the port 8080 needs to be exposed to the internet, this needs to be defined as a rule and mapped to port 80. Also incoming traffic on port 80 should be allowed on the virtual machine.

Which of the following is true with regards to API Apps and Azure API Managemen? A. API Apps is about managing APIs and API Management is about hosting AP. B. API Management is about managing APIs and API Apps is about hosting AP. C. API Apps allows for monitoring, throttling, manipulating API's. D. API Apps can consolidate several APIs into one endpoint.

Answer: B Explanation: API Apps and Azure API Management are complementary services: API Management is about managing APIs. You put an API Management front end on an API to monitor and throttle usage, manipulate input and output, consolidate several APIs into one endpoint, and so forth. The APIs being managed can be hosted anywhere. API Apps is about hosting APIs. The service includes features that facilitate developing and consuming APIs, but it doesn't do the kinds of monitoring, throttling, manipulating, or consolidating that API Management does. If you don't need API Management features, you can host APIs in API apps without using API Management.

Which of the following is false with regards to the Azure Queue Storage service: A. It is used to store a large number of messages. B. The single queue message size can be upto 128KB in size C. The queue can contain millions of messages D. Both HTTP and HTTPS calls can be made to the Queue service

Answer: B Explanation: Azure Queue storage is a service for storing large numbers of messages that can be accessed from anywhere in the world via authenticated calls using HTTP or HTTPS. A single queue message can be up to 64 KB in size, and a queue can contain millions of messages, up to the total capacity limit of a storage account.

Which of the following is true for Storage Service Encryption for managed Disks? A. SSE is disabled by default for all Managed Disks, Snapshots and Images in all the regions where managed disks is available B. SSE is enabled by default for all Managed Disks, Snapshots and Images in all the regions where managed disks is available C. SSE is enabled by default for only Managed Disks in all the regions where managed disks is available D. SSE is enabled by default for only Managed Snapshots in all the regions where managed disks is available

Answer: B Explanation: Azure Storage Service Encryption provides encryption-at-rest and safeguard your data to meet your organizational security and compliance commitments. SSE is enabled by default for all Managed Disks, Snapshots and Images in all the regions where managed disks is available. Starting June 10th, 2017, all new managed disks/snapshots/images and new data written to existing managed disks are automatically encrypted-at-rest with keys managed by Microsoft.

Chef and Puppet are what kind of tools to perform what types of tasks? Choose the correct answer from the options below. A. Manage VM performance management B. Configure, deploy, and manage VMs C. Monitor VM perform D. All of the above

Answer: B Explanation: Both Chef and Puppet are popular and powerful cloud automation tools; their advantage is that they can be used across platforms and they're backed by strong user communities. Designed specifically for heterogeneous cloud environments, the two automation frameworks aim to help accelerate time to market.

You need to configure role instances. Which size should you specify for the VM? A. Use Small for Off Peak mode. B. Use Large for On Peak mode. C. Use Extra Large for On Peak mode. D. Use Extra Small for Off Peak mode.

Answer: B Explanation: If you look at the VM sizes: Standard_A2 is Medium - 3.5 GB Memory Standard_A3 is Large - 7 GB memory And the requirement is to have 6GB memory for on-peak, hence large instances will suffice.

In Azure what are the two types of roles available for cloud services? A. Web and Azure B. Web and Worker C. Primary and Secondary D. Web and Client

Answer: B Explanation: In the Azure cloud service, you have the following types of roles: 1. Web role - This is a normal ASP.Net application deployed to Azure 2. Worker Role - This can be any code that is translated to a process to do some sort of work. For example, you could have a worker role that listens to a queue for any messages posted.

You are using Azure Active Directory (Azure AD) for OAuth 2.0 to enable you to authorize access to web applications and web APIs in your Azure AD tenant. The token issuance endpoint returns. The HTTP code returned by token issuance endpoint returns is 401. What could be the possible issue? A. It is a common error, Fix and resubmit the request. B. The Authentication failed because the request is missing the client_secret parameter. C. The Authorization failed because the user does not have permission to access the resource. D. An internal error has occurred at the service. Retry the request.

Answer: B Explanation: None.

Which of the following can be used to implement Azure Functions on an on premise environment? A. Azure Functions Development B. Azure Functions runtime C. Visual Studio Functions Development D. Visual Studio Functions runtime

Answer: B Explanation: The Azure Functions Runtime provides a new way for you to take advantage of the simplicity and flexibility of the Azure Functions programming model on-premises. Built on the same open source roots as Azure Functions, Azure Functions Runtime is deployed on-premises to provide a nearly identical development experience as the cloud service.

When defining a service model for an application, it becomes necessary to include a .csdef File. What does this file stand for? A. Azure Service Configuration Schema B. Azure Service Definition Schema C. Azure Service Definition File D. Azure Service Declaration Schema

Answer: B Explanation: The Azure Service Definition Schema contains the following information: 1. Definitions of the roles that are available for your cloud service 2. The service endpoints for the application 3. The configuration settings for the service

What is the tool in place that provides a cross-platform command line interface for managing, deploying, configuring and developing Microsoft Azure applications and services? A. PowerShell B. Xplat-CLI C. Azure CLI D. Microsoft CLI

Answer: B Explanation: The Microsoft Azure Xplat-CLI provides a cross-platform command line interface for managing, deploying, configuring and developing Microsoft Azure applications and services. While the browser based Management Portal works great, you can't script and automate it. Using the Xplat-CLI you can do just that! Unlike PowerShell, that only supports Windows, the Xplat-CLI supports Windows, Mac OSX and Linux.

Which of the following REST command is used to create a new blob within a container? A. Create Blob B. Put Blob C. Get Blob D. New Blob

Answer: B Explanation: The Put Blob operation creates a new block, page, or append blob, or updates the content of an existing block blob. Updating an existing block blob overwrites any existing metadata on the blob. Partial updates are not supported with Put Blob; the content of the existing blob is overwritten with the content of the new blob. To perform a partial update of the content of a block blob, use the Put Block List operation.

Which of the following is not supported by the Azure App Service virtual network integration feature? A. Support for TCP and UDP B. Support for AD Integration C. Support for Web and Mobile apps D. Works with both the Classic and Resource Manager VNET

Answer: B Explanation: The VNet integration features that are supported are: 1. Works with Classic(V1) or Resource Manager(V2) VNET 2. Supports TCP and UDP 3. Works with Web, Mobile and API apps The ones not supported are: 1. Mounting a drive 2. AD integration 3. NetBios 4. Private site access

Which of the following is not immutable group defined in the API Management service? A. Administrator B. Testers C. Developers D. Guests

Answer: B Explanation: The following are the immutable groups defined in the API management service: 1. Administrators - Here users can manage API Management service instances, creating the APIs, operations, and products that are used by developers. 2. Developers - Developers are granted access to the developer portal and build applications that call the operations of an API. 3. Guests - These are for unauthenticated developer portal users, such as prospective customers visiting the developer portal of an API Management instance.

What are the overall steps for getting started with the Azure Search Service? A. Provision the service, Index the data, Create the index, Issue Search queries B. Provision the service, Create the index, Index the data, Issue Search queries C. Provision the service, Create the index, Issue Search queries, Index the data D. Provision the service, Issue Search queries, Create the index, Index the data

Answer: B Explanation: The overall steps for getting started with the Azure Search Service: 1. Provision the service- You can spin up an Azure Search service in the Azure portal or through the Azure Resource Management API. You can choose either the free service shared with other subscribers, or a paid tier that dedicates resources used only by your service. 2. Create the index - Before you can upload searchable content, you must first define an Azure Search index. 3. Index the data - Once you have defined an index, you're ready to upload content. You can use either a push or pull model. 4. Issue Search queries - After populating an index, you can issue search queries to your service endpoint using simple HTTP requests with REST API or the .NET SDK.

Which Azure queue provides the purpose of holding messages that cannot be delivered to any receiver? A. Secondary Queue B. Dead Letter Queue C. First in First out Queue D. Default Queue

Answer: B Explanation: The purpose of the dead-letter queue is to hold messages that cannot be delivered to any receiver, or messages that could not be processed. Messages can then be removed from the DLQ and inspected. An application might, with help of an operator, correct issues and resubmit the message, log the fact that there was an error, and take corrective action.

Which is the first step when planning to migrate a SQL server database to Azure SQL Databases. A. Prepare the fixes for the databases B. Use the DMA tool C. Export the BACPAC file D. Copy the database

Answer: B Explanation: There are steps when planning to migrate a SQL server database to Azure SQL Databases. You need to ensure that the source database is compatible with Azure SQL Database using the Data Migration Assistant (DMA).

You deploy a website to Azure. When the website starts, it loads and caches the common data. Updates to the website must occur without downtime or performance degradation that is noticeable to users. You need to upgrade to a new version of the website code. What should you do? A. Create a staging slot for the new version of the website. Run the following Windows PowerShell command and then deploy the new code Switch-AzureWEbsiteSlot -Name ""MyWebSiteName"" B. Create a staging slot for the new version of the website. Deploy the new code to that slot. Run the following Windows PowerShell command Switch-AzureWEbsiteSlot -Name ""MyWebSiteName"" C. Run the following Windows PowerShell command new-AzureWebSite -Name ""Staging"" -Location ""East US"" Deploy the new code to the staging site. Then run the following Windows PowerShell command Switch-AzureWEbsiteSlot -Name ""MyWebSiteName"" D. Create a staging slot for the new version of the website Run the following Windows PowerShell command Switch-AzureWEbsiteSlot -Name ""MyWebSiteName"" Deploy the new code to the staging site.

Answer: B Explanation: When you deploy your web app, web app on Linux, mobile back end, and API app to App Service, you can deploy to a separate deployment slot instead of the default production slot when running in the Standard or Premium App Service plan mode. Deployment slots are actually live apps with their own hostnames. App content and configurations elements can be swapped between two deployment slots, including the production slot.

You need to implement the web application deployment workflow. In the Azure management portal, what should you do? A. Set the web hosting plan to Shared. Increase the instance count to 2. Publish the incremental updates to the new instance. B. Set the web hosting plan to Standard. Use Windows PowerShell to create a new deployment slot to publish the incremental updates. Swap the deployment slot after the business users have validated the updates. C. Set the web hosting plan to Standard. Create a new website to host the updated web application. Create a Windows PowerShell script to move the contents of the new website to the production website location after the business users have validated the updates. D. Download the publish profile. Use Visual Studio to import the publish profile. Deploy the web application by using the Visual Studio Publish Web wizard after the business users have validated the updates.

Answer: B Explanation: When you deploy your web app, web app on Linux, mobile back end, and API app to App Service, you can deploy to a separate deployment slot instead of the default production slot when running in the Standard or Premium App Service plan mode. Deployment slots are actually live apps with their own hostnames. App content and configurations elements can be swapped between two deployment slots, including the production slot.

A storage account has been created in Azure with the ZRS replication option. How can one convert the storage account to LRS. A. Use the Azure Poral B. This cannot be done C. Use the Azure CLI D. Use Azure PowerShell

Answer: B Explanation: You can change the geo replication type of your storage account between LRS, GRS, and RA-GRS using the Azure portal, Azure PowerShell or programmatically using one of our many Storage Client Libraries. Please note that ZRS accounts cannot be converted LRS or GRS. Similarly, an existing LRS or GRS account cannot be converted to a ZRS account.

Which of the below are emulators which are installed with the Azure SDK. A. Virtual Machine Emulator B. Storage Emulator C. SQL Database Emulator D. Azure DB Emulator​

Answer: B Explanation: The Microsoft Azure storage emulator provides a local environment that emulates the Azure Blob, Queue, and Table services for development purposes. Using the storage emulator, you can test your application against the storage services locally, without creating an Azure subscription or incurring any costs.

Which of the following are incorrect when it comes the load balancing options available in Azure A. Traffic Manager works at the DNS level B. Azure Load Balancer works at the application layer C. Application Gateway works at the application layer D. Azure Load Balancer works at the transport layer​

Answer: B Explanation: The following is true when it comes to load balancing options in Azure 1. Azure Load Balancer works at the transport layer.It provides network-level distribution of traffic across instances of an application running in the same Azure data center. 2. Application Gateway works at the application layer. It acts as a reverse-proxy service, terminating the client connection and forwarding requests to back-end endpoints. 3. Traffic Manager works at the DNS level. It uses DNS responses to direct end-user traffic to globally distributed endpoints. Clients then connect to those endpoints directly.

File Tax Related Document Background You are developing an Azure solution that individuals and small businesses will use to prepare and file tax related documents. Business Requirements General The solution must provide a way for customers to enter personal and demographic information. Customers must be able to upload income documents and related documents to the solution. The solution must provide reports and summary documents for customers in PDF format. Scope and Device Accessibility The solution must support two operational modes: On Peak and Off Peak. On Peak is defined as the first quarter of a year. Off Peak is defined as the other three quarters of a year. Customers must be able to access the solution by using desktop computers, laptop computers, mobile devices, and tablets. High Availability and Business Continuity The solution must be available at all times. When the solution transitions between Off Peak mode and On Peak mode, solution availability must not be affected. Disaster recovery must be established for the customers' stored data. Diagnostics - The solution must log relevant diagnostic data that can be used to troubleshoot the cloud service. Scalability - The solution must scale out while transitioning from Off Peak mode to On Peak mode. Cost - The solution must use cloud resources optimally to minimize operating costs. Storage and Security - The solution must be secure to prevent any anonymous access (including read access) to the customers' tax documents. Cross Premises Networking - The solution must extend the developers' on premises network into Azure. Technical Requirements Platform as a Service (PaaS) The solution must have two roles: a web role and worker role. The web interface of the solution uses a web role to accept and send user input and any related documents. The worker role must access the stored data and prepare the tax documents in the background. Compute The solution must support a minimum of 10 role instances. When the solution is in On Peak mode, each role instance must be allocated at least 6 GB of memory. The memory can be scaled down to 3 GB when the solution is in Off Peak mode. The solution must cache documents locally. The cache does not need to be refreshed during the lifecycle of the worker role. Role instances that are running should not be affected by topology changes such as an increase in instance count. Storage The web role must store documents in blob storage. A SQL database is used to store customer information. The worker role must use queues to process the final tax documents. Performance and Scalability When the solution is in Off Peak mode, it must support at least 150 concurrent database sessions, and the maximum size of the database is 50 GB. When the solution is in On Peak mode, it must support 750 concurrent database sessions, and the maximum size of the database is 300 GB. Geo replication must be enabled and must be configurable by using the Azure management portal. Software Prerequisites - The solution must install the software that is necessary to generate PDF documents on the server. The software will be provided as a Windows Installer package. Debugging - Solution errors and warnings that occur in a web role must be logged. The worker role must log any crash dump files. Detailed information about errors and their context must be collected so that the environment in which errors occurred can be simulated locally. Security - At the time that a customer's tax information and documents are accepted, the solution must send an email to the customer. The email contains a secure hyperlink that the customer can use to upload any additional necessary documents. The customer is asked to upload these documents within 48 hours. If the customer does not upload the documents within 48 hours, the solution should not issue a new hyperlink. The solution must send an email to the customer to remind the customer to use the original hyperlink to upload any additional necessary documents. Network Services - The solution must use a cross premises secure network. The network must be configurable by using the Azure management portal. Social Structure - Relevant portions of the solution files are shown in the following code segments. Line numbers in the code segments are included for reference only and include a two character prefix that denotes the specific file to which they belong. Find the Service Definition File You need to configure diagnostics for the Azure solution. Which two types of diagnostic data should you collect? Each correct answer presents part of the solution. A. Application logs B. Event logs C. Crash dumps D. Infrastructure logs E. IIS logs F. Performance counters

Answer: B, C Explanation: Azure Diagnostic Logs are logs emitted by a resource that provide rich, frequent data about the operation of that resource. The content of these logs varies by resource type. For example, Windows event system logs are one category of Diagnostic Log for VMs and blob, table, and queue logs are categories of Diagnostic Logs for storage accounts. Since the case study specifies that Crash dumps must be recorded, hence option B and C are right.

You have an ASP.NET application that runs in a cloud service. A new version of the application is ready for release. The new version contains code changes and new SSL certificates. The application consists of six instances of a web role and four instances of a worker role. The application performs at or near full capacity. The cloud service uses the default number of fault domains and upgrade domains. You plan to deploy the new version of the application. The performance and capacity of the web roles must not degrade during the deployment. Temporary degradation of the worker roles is acceptable. The deployment must take a maximum of six hours. You need to deploy the new version of the ASP.NET application to the cloud service. Which two approaches will achieve the goal? Each correct answer presents a complete solution. A. Increase the number of web role instances to eight, and then deploy the new version of the application by using an in place update. Reduce the number of web role instances to six after the upgrade is completed. B. Deploy the new version of the application by using an in place update. Use upgrade domains to ensure that there is sufficient capacity during the upgrade. C. Deploy the new version of the application into the staging slot for the cloud service. Then activate the new version of the application by swapping virtual IP (VIP) addresses. D. Delete the old version of the application, and deploy the new version of the application.

Answer: B, C Explanation: When you deploy your web app, web app on Linux, mobile back end, and API app to App Service, you can deploy to a separate deployment slot instead of the default production slot when running in the Standard or Premium App Service plan mode. Deployment slots are actually live apps with their own hostnames. App content and configurations elements can be swapped between two deployment slots, including the production slot.

You need to debug the website remotely. Which 3 actions should you take? A. In the Azure management portal, configure a monitoring endpoint. B. In the Azure management portal, set remote debugging to On and set the Visual Studio version to 2013. C. Install the Azure SDK for .Net on the computer that runs Visual Studio D. In the web.config for the website, set the debug attribute of the compilation element to true. E. In the Azure portal, set the web hosting plan to Standard.

Answer: B, C, D Explanation: The 3 steps for remote debugging is: 1. In the Azure management portal, set remote debugging to On and set the Visual Studio version to 2013. 2. Install the Azure SDK for .Net on the computer that runs Visual Studio 3. In the web.config for the website, set the debug attribute of the compilation element to true.

You need to debug the website remotely. Which three actions should you take? Each correct answer presents part of the solution. A. In the Azure management portal, configure a monitoring endpoint. B. In the Azure management portal, set remote debugging to on and set the Visual Studio version to 2013. C. Install the Azure SDK for.NET on the computer that runs Visual Studio. D. In the web .config file for the website, set the debug attribute of the compilation element to true. E. In the Azure management portal, set the web hosting plan to Standard.

Answer: B, C, D Explanation: You need to ensure the following steps are applied for debugging: 1. In the Azure management portal, set remote debugging to On and set the Visual Studio version to 2013. 2. Install the Azure SDK for.NET on the computer that runs Visual Studio. 3. In the web .config file for the website, set the debug attribute of the compilation element to true.

What are the certificate requirements when enabling SSL for your web site hosted in Azure? Choose all that apply. A. The certificate must contain only the private key. B. The certificate needs to be created for key exchange and ultimately must be exportable to a *.pfx file. C. The subject name in the certificate must match the domain used to access the website. D. The certificate needs to use 2,048-bit encryption at minimum.

Answer: B, C, D Explanation: The following are the minimum requirements for an SSL certificate in Azure: 1. The certificate must contain both the public and private keys. 2. The certificate needs to be created for key exchange and ultimately must be exportable to a *.pfx file. 3. The subject name in the certificate must match the domain used to access the website. 4. The certificate needs to use 2,048-bit encryption at minimum.

You plan to deploy an application as a cloud service. The application uses a virtual network to extend your on premises network into Azure. You need to configure a site to site VPN for cross premises network connections. Which two objects should you configure? Each correct answer presents part of the solution. A. Dynamic routing gateway B. VPN gateway C. External facing IPv6 address D. External facing IPv4 address

Answer: B, D Explanation: A Site-to-Site VPN gateway connection is used to connect your on-premises network to an Azure virtual network over an IPsec/IKE (IKEv1 or IKEv2) VPN tunnel. This type of connection requires a VPN device located on premises that has an externally facing public IP address assigned to it.

You need to configure session affinity for the website. Which 2 actions will achieve this goal? A. In the Azure portal, create a new traffic manager. Configure the traffic manager to use round-robin load balancing and the HTTP monitoring protocol. Add a new service endpoint to the traffic manager. Configure the endpoint to use the Web Site service type. Configure the website to use the endpoint. B. Add the following code to Global.asax.cs file: protected void Application_PreSendRequestHeaders() { Response.Headers.Add(""Arr-Disable-Session-Affinity"",""True""); } C. Add the following code to Global.asax.cs file protected void Application_Start() { var affinityCookie=new HttpCookie(""Arr-Disable-Session-Affinity"") { Value=""True"",HttpOnly=true }; Response.Cookies.Add(affinityCookie); } D. Add the following markup to the web.config file <system.webServer> <httpProtocol> <customHeaders> <add name=""Arr-Disable-Session-Affinity"" value=""true""/> </customHeaders> </httpProtocol> </system.webServer>

Answer: B, D Explanation: Azure app service allows you to auto scale your web app by dynamically adding web server instances to handle the traffic to your web app. Azure app service uses Application Request Routing (ARR) IIS Extension to distribute your connecting users between your active instances serving up the content. ARR cleverly identifies the user by assigning them a special cookie (known as an affinity cookie), which allows the service to choose the right instance the user was using to serve subsequent requests made by that user. This means, a client establishes a session with an instance and it will keep talking to the same instance until his session has expired.

You are creating a set of load-balanced virtual machines that are hosted in Azure. You run the following Windows PowerShell script: Add-AzureInternalLoadBalancer -ServiceName ""Contoso-Chicago"" -InternalLoadBalancer ""Data-LB"" -SubnetName ""DataFarm1"" -StaticVNetIPAddress 192.168.100.10 Get-AzureVM -ServiceName ""Contoso-Chicago"" -Name ""DATA1"" | Add-AzureEndPoint -Name ""DataFarm"" -Protocol ""TCP"" -LocalPort 1433 -PublicPort 1337 -DefaultProbe -InternalLoadBalancer ""Data-LB"" | Update_AzureVM Get_AzureService -ServiceName ""Contoso-Chicago"" | Get-AzureInternalLoadBalancer Which of the following statements are true? Select 2 options: A. The internal IP address of the VM named DATA1 is 192.168.100.10 B. The endpoint named DataFarm can be accessed by using external port 1337 C. The internal load balancer for the Contoso-Chicago service is named Data-LB D. The static IP address assigned to the virtual network is 192.168.100.10

Answer: B, D Explanation: The Add-AzureInternalLoadBalancer cmdlet adds an internal load balancer configuration to an Azure service. For a virtual network, you can specify a subnet or the IP address of the internal load balancer.

Which of the following ExpressRoute connectivity models is not provided? A. Co-located at a cloud exchange B. Point-to-point Ethernet connections C. Site-to-Site Ethernet connections D. Any-to-any (IPVPN) networks

Answer: C Explanation: 1. Co-located at a cloud exchange - If you are co-located in a facility with a cloud exchange, you can order virtual cross-connections to the Microsoft cloud through the co-location provider's Ethernet exchange. 2. Point-to-point Ethernet connections - You can connect your on-premises datacenters/offices to the Microsoft cloud through point-to-point Ethernet links. Point-to-point Ethernet providers can offer Layer 2 connections, or managed Layer 3 connections between your site and the Microsoft cloud. 3. Any-to-any (IPVPN) networks - You can integrate your WAN with the Microsoft cloud. IPVPN providers (typically MPLS VPN) offer any-to-any connectivity between your branch offices and datacenters. The Microsoft cloud can be interconnected to your WAN to make it look just like any other branch office.

Which feature of Azure App Service enables JavaScript clients to make cross-domain calls to APIs that are hosted in API APPS? A. Azure Web Role B. Azure Worker Role C. Cross Origin Resource Sharing D. Cross Origin Azure Sharing

Answer: C Explanation: App Service offers built-in support for Cross Origin Resource Sharing (CORS), which enables JavaScript clients to make cross-domain calls to APIs that are hosted in API apps. App Service lets you configure CORS access to your API without writing any code in your API.

Which of the following service can be used to easily run small pieces of code? A. Azure Service Bus B. Azure VM's C. Azure Functions D. Azure Event Hubs

Answer: C Explanation: Azure Functions is a solution for easily running small pieces of code, or "functions," in the cloud. You can write just the code you need for the problem at hand, without worrying about a whole application or the infrastructure to run it. Functions can make development even more productive, and you can use your development language of choice, such as C#, F#, Node.js, Python or PHP. Pay only for the time your code runs and trust Azure to scale as needed. Azure Functions lets you develop server less applications on Microsoft Azure.

Which of the below services allows you to easily add a robust search experience to your applications? A. Azure Service Bus B. Azure Virtual Machines C. Azure Search D. Azure DocumentDB

Answer: C Explanation: Azure Search is a cloud search-as-a-service solution that delegates server and infrastructure management to Microsoft, leaving you with a ready-to-use service that you can populate with your data and then use to add search to your web or mobile application. Azure Search allows you to easily add a robust search experience to your applications using a simple REST API or .NET SDK without managing search infrastructure or becoming an expert in search.

Which of the below Azure services helps in building distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices? A. Azure App Service B. Azure Web Service C. Azure Service Fabric D. Azure API Management

Answer: C Explanation: Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices. Service Fabric also addresses the significant challenges in developing and managing cloud applications. Developers and administrators can avoid complex infrastructure problems and focus on implementing mission-critical, demanding workloads that are scalable, reliable, and manageable. Service Fabric represents the next-generation middleware platform for building and managing these enterprise-class, tier-1, cloud-scale applications.

You need to debug the Azure solution. Which tool should you use? A. Compute emulator B. Remote debugging C. Emulator express D. Intelli Trace E. Profiling

Answer: C Explanation: By using Emulator Express, you can test and debug a cloud service without running Visual Studio as an administrator. You can set your project settings to use either Emulator Express or the full emulator, depending on the requirements of your cloud service.

There is a requirement to have a Redis cache with 2 primary nodes, with up to 10 shards. Which of the following tiers would fulfil this requirement? A. Basic B. Standard C. Premium D. Extended

Answer: C Explanation: Microsoft Azure Redis Cache is available in the following tiers: Basic - Single node. Multiple sizes up to 53 GB. Standard - Two-node Primary/Replica. Multiple sizes up to 53 GB. 99.9% SLA. Premium - Two-node Primary/Replica with up to 10 shards. Multiple sizes from 6 GB to 530 GB.

Which of the following enables applications to authenticate to Service Bus using an access key configured on the namespace? A. Consumers B. Azure vault C. Shared Access Signatures D. CORS

Answer: C Explanation: SAS authentication enables applications to authenticate to Service Bus using an access key configured on the namespace, or on the messaging entity (queue or topic) with which specific rights are associated. You can then use this key to generate a SAS token that clients can in turn use to authenticate to Service Bus.

You configure alerts in Azure. The metrics shown in the following exhibit represent the average values for each five minute period. Which performance counter will generate an alert? A. CPU Percentage B. Network In(bytes) C. Network Out(bytes) D. Disk Write(bytes/sec) E. Disk Read(bytes/sec)

Answer: C Explanation: Since the Network Out is configured for over 2KB over 10 minutes, this will generate the alert since the statistics show that it is above 2KB between 13:40 and 13:50.

You need to choose an Azure storage service solution. Which solution should you choose? A. Queue storage B. Blob storage C. File storage D. Table storage

Answer: C Explanation: Since the Storage requirements say that file system API is required, the File Storage is preferable. Azure File storage is a service that offers file shares in the cloud using the standard Server Message Block (SMB) Protocol. Both SMB 2.1 and SMB 3.0 are supported. With Azure File storage, you can migrate legacy applications that rely on file shares to Azure quickly and without costly rewrites. Applications running in Azure virtual machines or cloud services or from on premises clients can mount a file share in the cloud, just as a desktop application mounts a typical SMB share. Any number of application components can then mount and access the File storage share simultaneously.

You are now configuring the scaling metric for the Plagiarism detection service. What should be the metric for the Target per machine? A. 100 B. 300 C. 500 D. 1000

Answer: C Explanation: Since the case study says that the queue should increase with 500 work items in the queue, the right option is 500.

Which of the following tool can be used to copy all blobs from one container to another container under different storage account? A. AzureCopy B. StorageCopy C. AzCopy D. CloudCopy

Answer: C Explanation: The AzCopy command copies all blobs from one container to another container under different storage account. AzCopy https://<sourceaccount>.blob.core.windows.net/<sourcecontainer>/ https://<destaccount>.blob.core.windows.net/<destcontainer>/ /sourcekey:<key> /destkey:<key> /S The above command will copy all blobs from the container named "sourcecontainer" in storage account "sourceaccount" to another container named "destcontainer" in storage account "destaccount."

Which of the following traffic routing methods can be used to ensure that traffic is evenly distributed across a set of endpoints in Azure? A. Priority B. Performance C. Weighted D. Geographic

Answer: C Explanation: The weighted routing method is best for ensuring traffic can be evenly routed between multiple endpoints. Each endpoint can be assigned a weight from 1 to a 1000. To ensure even distribution you can assign equal weights to each end point.

Which of the following is optional when creating a virtual machine scale set using the Azure CLI: A. Resource Group B. Operating System Image C. Virtual Network D. Authentication Information

Answer: C Explanation: To create a virtual machine scale set, you must specify the following: Resource group Name Operating system image Authentication information With Azure CLI, you can create a virtual machine scale set with minimal effort. If you omit default values, they are provided for you. For example, if you don't specify any virtual network information, a virtual network is created for you. If you omit the following parts, they are created for you: A load balancer A virtual network A public IP address

Which of the following is a wrong practice when it comes to debugging Azure web sites? A. Debugging Azure web sites in development environment. B. Debugging Azure web sites in test environment. C. Debugging Azure web sites in production environment. D. Debugging Azure web sites in backup environment.

Answer: C Explanation: When you attach the debugger and pause at a break point, you are stopping the deployed Azure website for all requests, so it is not a good idea to rely on this technique for production debugging because users will think your website is down.

There is a requirement to enable anonymous requests for containers and blob data. What is the type of access that can be given for this requirement? A. Public read access for containers B. Public read access for blob data C. Full public read access D. Partial read access

Answer: C Explanation: You can configure a container with the following permissions: No public read access: The container and its blobs can be accessed only by the storage account owner. This is the default for all new containers. Public read access for blobs only: Blobs within the container can be read by anonymous request, but container data is not available. Anonymous clients cannot enumerate the blobs within the container. Full public read access: All container and blob data can be read by anonymous request. Clients can enumerate blobs within the container by anonymous request, but cannot enumerate containers within the storage account.

You need to implement tracing for the website after the website is deployed. Which of the below code lines would you add to the ControllerFile.cs file? A. System.Diagnotics.Trace.WriteIf(false,usename + "is on page at " + DateTime.UtcNow.ToShortDateString(),"Error"); B. System.Diagnotics.Trace.TraceInformation(usename + "is on page at " + DateTime.UtcNow.ToShortDateString(),"Error"); C. System.Diagnotics.Trace.TraceError(usename + "is on page at " + DateTime.UtcNow.ToShortDateString(),"Error"); D. System.Diagnotics.Trace.WriteLineIf(false,usename + "is on page at " + DateTime.UtcNow.ToShortDateString(),"Error");

Answer: C Explanation: You can use the properties and methods in the Trace class to instrument release builds. Instrumentation allows you to monitor the health of your application running in real-life settings. Tracing helps you isolate problems and fix them without disturbing a running system. Since the question does not specifically ask for detailed trace information, the basic trace error will suffice.

Tailspin Toys uses a website to manage its inventory. The website is hosted on Azure. You are writing a Windows Store app that uses data from the blob storage. You need to retrieve an image from the following URI: https://tailspintoys.blob.core.windows.net/Trains/Demo2jpg. How should you complete the relevant code? Which function will take place of the AA placeholder? CloudStorageAccount storageAccount=CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting(""StorageConnectionString"")); CloudBlobClient blobClient=storageAccount.AA(); cloudBlobContainer blobContainer=blobClient.GetContainerReference(""trains""); CloudBlockBlob myBlob=blobContainer.GetBlockBlobReference(""Demo2.jpg""); using(var fileStream = System.IO.File.OpenWrite (@""path\myfile"")) { myBlob.DownloadToStream(fileStream); } A. BlobEndpoint B. FileEndpoint C. CreateCloudBlobClient D. CreateCloudFileClient

Answer: C Explanation: None.

You are maintaining an application that uses the Azure Content Delivery Network (CDN) to serve terabytes of content that is stored in page blobs. Your bill for CDN services is higher than you expect. You need to monitor the application to find issues that increase costs. Which two operations should you monitor? Each correct answer presents part of the solution. A. The Time-To-Live (TTL) of the blobs B. The country of origin for the client computer and the CDN region C. The number of requests that result in an HTTP status code over 400 D. The allocated size of page blobs E. The expiration date of the blobs

Answer: C, D Explanation: Costs are incurred for the CDN service for 304 and 404 requests. Also when it comes to storage, costs are incurred as shown below: Storage - actual GB used (the actual storage of your source objects) Storage - transfer in GB (amount of data transferred to fill the CDN caches) Storage - transactions (as needed to fill the cache)

Which of the following is false with regards to the Azure App Service? A. App Service plans represent a set of features and capacity that you can share across your apps B. App Service plans give you the flexibility to allocate specific apps to a set of resources C. App Service Plans helps to maximize throughput for your production environment by scaling it across multiple regions and plans D. App Service plans that have no apps associated will not incur any charges.

Answer: D Explanation: App Service plans represent a set of features and capacity that you can share across your apps. App Service plans give you the flexibility to allocate specific apps to a set of resources and further optimize your Azure resource utilization. This way, if you want to save money on your testing environment, you can share a plan across multiple apps. You can also maximize throughput for your production environment by scaling it across multiple regions and plans. App Service plans that have no apps associated to them still incur charges since they continue to reserve the compute capacity.

You are creating virtual machines (VMs) that are hosted on Azure. You must be able to change the Remote Desktop access settings for the VMs. You must also be able to change the password for the built in administrator account on all VMs. You identify the VMAccess VM extensions that have the required capabilities. You need to enable the VMAccess VM extensions. Which approach should you use? A. Download and install the Microsoft Installer file to enable the VM Agent on each VM. B. Use the Azure management portal to restart each VM. C. When you configure the new VMs, use the Azure management portal to install the VM Agent. D. For each VM, use Windows PowerShell cmdlets to enable the VM Agent and the VMAccess VM extensions.

Answer: D Explanation: Azure virtual machine extensions are small applications that provide postdeployment configuration and automation tasks on Azure virtual machines. For example, if a virtual machine requires software installation, anti-virus protection, or Docker configuration, a VM extension can be used to complete these tasks. Azure VM extensions can be run by using the Azure CLI, PowerShell, Azure Resource Manager templates, and the Azure portal. Extensions can be bundled with a new virtual machine deployment or run against any existing system.

Question 127 When using the Azure Monitoring service for Webapps in Azure, which of the below logging facilities can be turned on. A. Application Logging(File Syetem) B. Application Logging(Table Storage) C. Application Logging(Blob Storage) D. All of the above

Answer: D Explanation: By default the following Application Diagnostics are disabled for a Webapp service, but can be enabled whenever required. 1. Application Logging(File system) - The logs are collected by the file system of the web app. 2. Application Logging(Table Storage) - The logs are collected in the Table storage that is specified under Manage Table Storage. 3. Application Logging(Blob Storage) - The logs are collected in the Blob container that is specified under Manage Blob Storage.

Users report that after periods of inactivity the website is slow to render pages and to process sign in attempts. You need to ensure that the website is always responsive. What should you do? A. Add the following markup at line WC14: <sessionState timeout "86400" /> B. Add the following markup at line WC08: <add key="timeout" value="null" /> C. Add the following markup at line WC14: <sessionState timeout="fl" /> D. In the Azure management portal, enable Always On support for the website. E. In the Azure management portal, disable Always On support for the website.

Answer: D Explanation: By default, web apps are unloaded if they are idle for some period of time. This lets the system conserve resources. In Basic or Standard mode, you can enable Always On to keep the app loaded all the time. If your app runs continuous web jobs, you should enable Always On, or the web jobs may not run reliably.

Which of the following is true about the features related to Azure Functions service. A. You can combine Azure Active Directory for OAuth. B. You can write functions in a wide variety of features C. It is completely open source D. All of the above

Answer: D Explanation: Currently the Azure Function service boasts the following features: 1. You can write functions using C#, F#, Node.js, Python, PHP, batch, bash, or any executable. 2. It is available on Github as open source. 3. You can protect resource using OAuth providers such as Azure Active Directory, Facebook, Google, Twitter, and Microsoft Account.

Which of the following is not a default TAG available for using as the source and destination address prefix in Network Security Groups in Azure Virtual Networks? A. VIRTUAL_NETWORK B. AZURE_LOADBALANCER C. INTERNET D. INTRANET

Answer: D Explanation: Default tags are system-provided identifiers to address a category of IP addresses. You can use default tags in the source address prefix and destination address prefix properties of any rule. There are three default tags you can use: 1. VirtualNetwork (Resource Manager) (VIRTUAL_NETWORK for classic): This tag includes the virtual network address space (CIDR ranges defined in Azure), all connected on-premises address spaces, and connected Azure VNets (local networks). 2. AzureLoadBalancer (Resource Manager) (AZURE_LOADBALANCER for classic): This tag denotes Azure's infrastructure load balancer. The tag translates to an Azure datacenter IP where Azure's health probes originate. 3. Internet (Resource Manager) (INTERNET for classic): This tag denotes the IP address space that is outside the virtual network and reachable by public Internet. The range includes the Azure owned public IP space.

Consider the following use case scenario Mortgage Loan Background A company is developing a website that supports mortgage loan processing. You use the Azure management portal to create a website. You initially configure the website to use the Basic hosting plan. You register a custom domain for the website with a valid registrar. Customers complete mortgage applications and upload supporting documents to the website. A custom executable named FileProcessor.exe processes all of the information received. An on premises server that runs Windows Server hosts the executable. You create a virtual hard disk (VHD) image of the on premises server. You plan to use this VHD to replace the on premises server with a new virtual machine (VM) that is hosted in Azure. Business Requirements Business stakeholders have identified the following requirements for the mortgage loan processing website: • The website must provide a secure mortgage application process for the customer. • Business users must validate new versions of the website before you publish them to the production site. You must be able to revert to the previous version easily when issues arise. • The website must remain available to users while new features and bug fixes are deployed. • Network traffic must be monitored on all ports that the website uses. Technical Requirements General: • You must develop the website by using Microsoft Visual Studio 2013. • The website must be stateless. Subsequent requests from a user might or might not be routed back to the website instance that the user initially connected to. Security: You must secure the custom domain and all subdomains by using SSL. Storage: • The custom executable must use native file system APIs to share data between different parts of the website. • The custom executable must continue to use a network file share to access files. Monitoring: The website must use port 6000 with UDP to submit information to another process. This port must be actively monitored by using the same external port number. Deployment: • You must deploy the VM and the associated VHD. You will need to move this VM to a different Azure subscription after deployment. • You must establish a continuous deployment process that uses staged publishing. • The custom domain must handle requests for multiple subdomains. • The custom domain must use a www CNAME record that points to the domain's @ A record. • The custom executable must run continuously and must be deployed as an Azure web job named FileProcessor • Application Request Routing (ARRJ affinity must be disabled for the website. You need to implement end-point monitoring in the Classic Deployment Model. Which of the following options would be used to configure end point monitoring? A. Protocol : TCP , Public Port:80 , Private Port:80 B. Protocol : UDP , Public Port:80 , Private Port:80 C. Protocol : TCP , Public Port:6000 , Private Port:6000 D. Protocol : UDP , Public Port:6000 , Private Port:6000

Answer: D Explanation: Each endpoint has a public port and a private port: The public port is used by the Azure load balancer to listen for incoming traffic to the virtual machine from the Internet. The private port is used by the virtual machine to listen for incoming traffic, typically destined to an application or service running on the virtual machine. Since the case study clearly mentions "The website must use port 6000 with UDP to submit information to another process", the only valid option is D.

What are the key elements in the Azure Event Hubs. Choose an answer from the options below: A. Event producers B. Event consumers C. Patitions D. All of the above

Answer: D Explanation: Event Hubs contains the following key elements: Event producers/publishers: An entity that sends data to an event hub. An event is published via AMQP 1.0 or HTTPS. Partitions: Enables each consumer to only read a specific subset, or partition, of the event stream. SAS tokens: used to identify and authenticate the event publisher. Event consumers: An entity that reads event data from an event hub. Event consumers connect via AMQP 1.0. Consumer groups: Provides each multiple consuming application with a separate view of the event stream, enabling those consumers to act independently. Throughput units: Pre-purchased units of capacity. A single partition has a maximum scale of one throughput unit.

You need to meet the performance and scalability requirements. Which SQL Database configuration should you use? A. Use the S1 performance level for On Peak mode. B. Use the P2 performance level for On Peak mode. C. Use the S2 performance level for On Peak mode. D. Use the PI performance level for On Peak mode.

Answer: D Explanation: If you look at the documentation for the Premium tier , the P1 suits the requirement for On-peak usage.

You are creating virtual machines (VMs) that are hosted on Azure. You must be able to change the Remote Desktop access settings for the VMs. You must also be able to change the password for the built-in administrator account on all VMs. You identify the VMAccess VM extensions that have the required capabilities. You need to enable the VMAccess VM extensions. Which approach should you use? A. Download and install the Microsoft Installer file to enable the VM Agent on each VM. B. Use the Azure management portal to restart each VM. C. When you configure the new VMs, use the Azure management portal to install the VM Agent. D. For each VM, use Windows PowerShell cmdlets to enable the VM Agent and the VM Access VM extensions.

Answer: D Explanation: If you want a virtual machine instance to use one or more VM extensions, the instance must have an installed VM Agent. This can be done via PowerShell. Using Azure PowerShell cmdlets is the easiest way to add and update extensions. When you use the extension cmdlets, most of the configuration of the extension is done for you.

Which of the following OSI Model layers are supported by the Azure Application Gateway: A. Layer 3 B. Layer 4 C. Layer 5 D. Layer 7

Answer: D Explanation: Microsoft Azure Application Gateway is a dedicated virtual appliance providing application delivery controller (ADC) as a service, offering various layer 7 load balancing capabilities for your application. It allows customers to optimize web farm productivity by offloading CPU intensive SSL termination to the application gateway. It also provides other layer 7 routing capabilities including round robin distribution of incoming traffic, cookie based session affinity, URL path-based routing, and the ability to host multiple websites behind a single Application Gateway.

What are the activities that can be performed by Desired State Configuration? A. Deploying new software Managing environment variables B. Starting, stopping, and managing processes and services C. Install or remove windows roles and features D. All of the above

Answer: D Explanation: The Desired state configuration has numerous features. Some of them are listed below: 1. Install or remove windows roles and features 2. Running Windows PowerShell scripts 3. Managing registry settings Managing files and directories 4. Starting, stopping, and managing processes and services 5. Managing groups and user accounts 6. Deploying new software managing environment variables

You have an application that is high on disk throughput and I/O consumption. This application was hosted on premise and is now is being planned to be hosted on Azure. Which of the following classes of VM's would be ideal for hosting this application. Choose an answer from the options given below. A. D Series B. A Series C. Av2 Series D. L Series

Answer: D Explanation: The L Series VM's are ideal for hosting applications which have a high I/O and disk throughput considerations. These series of VM's are ideal for database loads such as MySQL or Oracle which have a high I/O requirement.

When configuring a health probe, which of the below settings can help ensure that there is enough time for an HTTP call to be made to ensure the backend health page is available? A. Interval B. Healthy threshold C. Unhealthy threshold D. Timeout

Answer: D Explanation: The Timeout which is in seconds is the amount of time the probe will wait when hitting the health page on the backend VM's before timing out. Obviously, you need to ensure that sufficient time is given to ensure the probe can detect the health page, else it will always give a timeout and the backend VM's will always remain as unhealthy.

Which of the following files types are acceptable for Webjobs? A. .cmd B. .ps1 C. .py D. All of the above

Answer: D Explanation: The following file types are accepted for files as web jobs: .cmd, .bat, .exe (using windows cmd) .ps1 (using PowerShell) .sh (using bash) .php (using php) .py (using python) .js (using node) .jar (using java)

A company has a custom domain name called demo.com. They want to map this domain and all sub domains to the website's IP address hosted in Azure. Which of the following should be done? A. Ensure the type of record used is 'CNAME' type record and the record name should be *. B. Ensure the type of record used is 'A' type record and the record name should be @. C. Ensure the type of record used is 'CNAME' type record and the record name should be @. D. Ensure the type of record used is 'A' type record and the record name should be *.

Answer: D Explanation: The two types of DNS records that can be mapped to a web app: 1. A records, or address records, map your domain name to the IP address of your website. 2. CNAME records, or alias records, map a subdomain of your custom domain name to the canonical name of your website, expressed as <yoursitename>.azurewebsites.net. Since here the IP address needs to be mapped, we use the A type record and since all domains and sub domains need to be mapped, we use the * record name.

You run the following Windows PowerShell script. Which of the following statements holds true after you run the PowerShell script? Get-AzureSubscription -SubscriptionName ContosoPt1 Switch-AzureWebsiteSlot -Name ContosoPt1_2 Remove-AzureWebsite -Name ContosoPt1_2 -Slot staging Get-AzureDeployment -ServiceName ContosoPt1_2 -Slot Production | Get-AzureDNS $MyAzureCert = Get-AzureCertificate -ServiceName ContosoPT | Remove-AzureCertificate A. After you run the script, a new certificate will be applied to the web site. B. After you run the script, a new certificate will be applied to the staging web site. C. After you run the script you must update the custom domain names. D. After you run the script you must recreate the staging slot.

Answer: D Explanation: When you deploy your web app, web app on Linux, mobile back end, and API app to App Service, you can deploy to a separate deployment slot instead of the default production slot when running in the Standard or Premium App Service plan mode. Deployment slots are actually live apps with their own hostnames. App content and configurations elements can be swapped between two deployment slots, including the production slot. The Remove-AzureWebsite cmdlet removes the specified website from Azure, either with or without a prompt for confirmation. So after getting the production slot, you need to recreate the staging slot.

Which of the following can be configured when a metric alert is triggered? A. Send email notifications. B. Call a webhook. C. Start the execution of an Azure runbook. D. All of the above.

Answer: D Explanation: You can configure a metric alert to do the following when it triggers: 1. Send email notifications to the service administrator and co-administrators. 2. Send email to additional emails that you specify. 3. Call a webhook. 4. Start execution of an Azure runbook.

Which of the following role can be given for a user that needs to manage users and groups in Azure AD? A. Billing Administrator B. Global Administrator C. Password Administrator D. User Account Administrator​

Answer: D Explanation: Users with this role can create and manage all aspects of users and groups. Additionally, this role includes the ability to manage support tickets and monitors service health. Some restrictions apply. For example, this role does not allow deleting a global administrator, and while it does allow changing passwords for non-admins, it does not allow changing passwords for global administrators or other privileged administrators.

You have configured autoscaling for your web site in Azure. You notice however that the instances are scaling up quite rapidly and when the traffic is low, they are not scaling down efficiently. What could be the issue? A. The cool-down period for the scaling operation is not defined properly. B. This is by default how Azure scaling works. C. You need to define another Autoscaling trigger since the current one is corrupt. D. Check the application code, there could be an issue with the code.

Answer: A Explanation: It could be a possibility that the cool down period mentioned is very low. A cool-down period is the period after a scaling operation has taken place during which the application block will not perform any further scaling operations. A cool-down period is enabled via the optimizing stabilizer feature of the application block. You can define different cool-down periods for scale-up and scale-down operations, and specify default cool-down periods that individual roles can override. The shorter the cool-down period, the more aggressive the application block will be in issuing scaling requests. However, by setting short cool-down periods for both scale-up and scaledown operations, you risk introducing an oscillation whereby the application block repeatedly scales up and then scales down a role.

You create a software-as-a-service (SaaS) application. Websites, cloud services, and virtual machines (VMs) read common data values from the database for the application. The application does not scale efficiently. All VMs, websites, and cloud services must read from the same data source. You need to design a cache solution for the SaaS application. What should you do? A. Deploy a cache by using Azure Redis Cache. Access the cache from the websites, cloud services, and VMs B. Configure a cache by using ASP NET. Access the cache from the websites, cloud services, and VMs C. Use Azure Redis Cache to deploy one cache for each website, one cache for each cloud service, and one cache for each VM. Configure each cache to ensure that data is consistent in all the cache instances. D. Deploy a cache by using Azure Redis Cache. Configure the cache to use database connection strings.

Answer: A Explanation: Azure Redis Cache helps your application become more responsive even as customer load increases. It takes advantage of the low-latency, high throughput capabilities of the Redis engine. This separate, distributed cache layer allows your data tier to scale independently for more efficient use of compute resources in your application layer.

Which of the following can be used for Autoscaling in Azure. A. \Processor(_Total)\% Processor Time B. \Process(_Total)\Thread Count C. \PhysicalDisk(_Total)\% Disk Time D. All of the above​

Answer: A Explanation: "Autoscaling in Azure is possible for a ton of metrics out of which some of them are \Processor(_Total)\% Processor Time \Processor(_Total)\% Privileged Time \Processor(_Total)\% User Time \Processor Information(_Total)\Processor Frequency \System\Processes \Process(_Total)\Thread Count \Process(_Total)\Handle Count \Memory\% Committed Bytes In Use \Memory\Available Bytes \Memory\Committed Bytes \Memory\Commit Limit \Memory\Pool Paged Bytes \Memory\Pool Nonpaged Bytes \PhysicalDisk(_Total)\% Disk

How many fault and update domains are assigned by Azure when you provision multiple Virtual Machines to an availability set with ARM deployment? Choose the correct answer from the options below. A. 2 or 3 fault domains, depending on the region, and 5 update domains B. 4 fault domains and 8 update domains C. 5 fault domains and 10 update domains D. 5 fault domains and 15 update domains

Answer: A Explanation: Each virtual machine in your availability set is assigned an update domain and a fault domain by the underlying Azure platform. For a given availability set, five non-user-configurable update domains are assigned by default (Resource Manager deployments can then be increased to provide up to 20 update domains) to indicate groups of virtual machines and underlying physical hardware that can be rebooted at the same time. When more than five virtual machines are configured within a single availability set, the sixth virtual machine is placed into the same update domain as the first virtual machine, the seventh in the same update domain as the second virtual machine, and so on. The order of update domains being rebooted may not proceed sequentially during planned maintenance, but only one update domain is rebooted at a time.

Based on the codes which of the following XML segments need to be part of the XML configuration file for defining the storage for the solution? A. <LocalResources> <LocalStorage name=""ComputeResults"" cleanOnRoleRecycle=""true"" Status=""true"" sizeInMB=""123"" /> <LocalResources/> B. <LocalStorage> <LocalResources name=""ComputeResults"" cleanOnRoleRecycle=""true"" Status=""true"" sizeInMB=""123"" /> <LocalStorage/> C. <LocalResources> <LocalStorage name=""ComputeResults"" ignoreRoleInstanceStatus=""true"" Status=""true"" sizeInMB=""123"" /> <LocalResources/> D. <LocalStorage> <LocalResources name=""ComputeResults"" ignoreRoleInstanceStatus =""true"" Status=""true"" sizeInMB=""123"" /> <LocalStorage/>

Answer: A Explanation: The Local storage is a temporary file system storage area. Local Storage also available to a single role instance and cannot be shared across multiple role instances. Local Storage is on the same VM where the role instance is running, therefore you're going to have less latency. The XML is defined in the .csdef files as a sample shown below: <WebRole name=""LocalWeb""> <LocalResources> <LocalStorage name=""Storage"" sizeInMB=""20/> </LocalResources> </WebRole> The "Clean on Role Recycle" property means that the temporary data will be deleted when the role is recycled.

A company plans to increase its virtual network capacity by adding virtual network subscriptions. You must increase the number of subscriptions from 3 to 15. You need to configure the virtual networks. What should you do? A. Export and modify the network configuration file. Then import the modified file. B. Export and modify the service definition file. Then import the modified file. C. Create and import a new network configuration file. D. Create a multi-site virtual network.

Answer: A Explanation: This is clearly given in the Microsoft documentation

What does the following CLI command do in Azure? azure site create --git webappslotstest --slot staging A. Creates a new deployment slot with Git as the source code control repository for the new slot. B. Creates a new deployment slot with Git as the name of the slot. C. Duplicates an existing deployment slot with Git as the name of the slot. D. Duplicates an existing deployment slot with Git as the source code control repository for the new slot.

Answer: A Explanation: To create a deployment slot, call azure site create and specify the name of an existing app and the name of the slot to create. To enable source control for the new slot, use the --git option.

Which of the following features is used when scaling out databases on SQL Azure? A. Shard Map Manager B. Azure Database Manager C. Microsoft SQL Manager D. System Center

Answer: A Explanation: To easily scale out databases on SQL Azure, use a shard map manager. The shard map manager is a special database that maintains global mapping information about all shards (databases) in a shard set. The metadata allows an application to connect to the correct database based upon the value of the sharding key. In addition, every shard in the set contains maps that track the local shared data (known as shardlets).

A company is planning to host a set of web servers and database servers in an availability set. Which of the following is recommended? A. Place the web servers in one availability set and the database servers in another. B. Place the web servers and database servers in one availability set. C. Just place the web servers in one availability set. D. Just place the database servers in one availability set.

Answer: A Explanation: When designing your application infrastructure, plan the application tiers that you use. Group VMs that serve the same purpose in to availability sets, such as an availability set for your front-end VMs running IIS. Create a separate availability set for your back-end VMs running SQL Server. The goal is to ensure that each component of your application is protected by an availability set and at least once instance always remains running.

In your Azure web site hosted using the web app feature, you have defined a connection string called constr. Which of the below pieces of .Net code is the right one to get the value of this connection string. A. string key = ""constr""; string value = ConfigurationManager.ConnectionStrings[key].ConnectionString B. string key = ""constr""; string value = ConfigurationManager.ConnectionStrings[key] C. string constr = ""key""; string value = ConfigurationManager.ConnectionStrings[key].ConnectionString D. string key = ""constr""; string value = ConfigurationManager.ConnectionStrings[constr].ConnectionString

Answer: A Explanation: Windows Azure Web Sites has a handy capability whereby developers can store key-value string pairs in Azure as part of the configuration information associated with a website. At runtime, Windows Azure Web Sites automatically retrieves these values for you and makes them available to code running in your website. Developers can store plain vanilla key-value pairs as well as key-value pairs that will be used as connection strings.

There is a requirement to update the portion of the website that contains biographical information about students. You need to provide data for testing the updates to the website. Which approach should you use? A. Use SQL Server data synchronization B. Use the Active Geo-Replication feature of Azure SQL database C. Use SQL Replication D. Use the Geo-Replication feature of Azure storage

Answer: A Explanation: With Azure SQL Data Sync users can easily synchronize data bi-directionally between multiple Azure SQL Databases and/or on-premises SQL Databases.

Which of the following are incorrect when it comes the load balancing options available in Azure? A. The Azure Load Balancer supports user defined probes. B. The Azure Load Balancer supports URL based routing. C. The Azure Load balancer supports IP reservation. D. The Azure Load balancer supports SSL offloading.

Answer: D

A company is planning on hosting a web site on a set of virtual machines. They want to achieve as minimum downtime as possible in case of planned or unplanned events. How can they achieve this? A. Create an availability set and assign each virtual machine to the availability set. B. Create multiple availability sets and assign each virtual machine to the one availability set. C. Copy Virtual machines and keep them ready incase the primary virtual machines go down. D. Copy the storage of the virtual machines so that they can be transferred to other virtual machines incase the primary one goes down.

Answer: A Explanation: In Azure, virtual machines (VMs) can be placed in to a logical grouping called an availability set. When you create VMs within an availability set, the Azure platform distributes the placement of those VMs across the underlying infrastructure. Should there be a planned maintenance event to the Azure platform or an underlying hardware / infrastructure fault, the use of availability sets ensures that at least one VM remains running.

A company is developing a web site in Azure. Below are the requirements for the web site: • The service runs Node.js in a worker role. • The service must use at least 2048-bit encryption and must use port 8888. • All patient information must be encrypted and stored by using a NoSQL data store. • Data must be stored and retrieved securely by using RESTful endpoints. • Data must NOT be stored within a virtual machine. • You need to implement data storage for patient information. What should you do? A. Use the Update Entity operation of the Table Service REST API. B. Use the Put Blob operation of the Blob Service REST API C. Use the Put Message operation of the Create Queue REST API D. Use the Set Share Metadata operation of the File Service REST API​​

Answer: A Explanation: Since a NoSQL solution is required, the only one that fits the bill is the Table storage which is a NoSQL solution.

Which of the following can be used to have provides programmatic access to Azure AD through REST API endpoints A. Graph API B. Azure API C. Program API D. Microsoft API​

Answer: A Explanation: The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects.

In your Azure web site hosted using the web app feature, you have defined an app settings which has a key of environment. Which of the below pieces of .Net code is the right one to get the value of this key A. string key = "environment" string value = ConfigurationManager.AppSettings[key]; B. string key = "key" string value = ConfigurationManager.AppSettings[key]; C. string environment = "key" string value = ConfigurationManager.AppSettings[key]; D. string environment = "key"​

Answer: A Explanation: Windows Azure Web Sites has a handy capability whereby developers can store key-value string pairs in Azure as part of the configuration information associated with a website. At runtime, Windows Azure Web Sites automatically retrieves these values for you and makes them available to code running in your website.

You have a requirement to control the flow of network communication between VMs in the same subnet, between VNets, and between your servers and the Internet. How can we apply specific traffic routing rules without a VPN gateway? Choose the 2 correct answers from the options below. A. NSGs B. UDRs C. Subnets D. VNET

Answer: A, B Explanation: A network security group (NSG) contains a list of security rules that allow or deny network traffic to resources connected to Azure Virtual Networks (VNet). NSGs can be associated to subnets, individual VMs (classic), or individual network interfaces (NIC) attached to VMs (Resource Manager). When an NSG is associated to a subnet, the rules apply to all resources connected to the subnet. Traffic can further be restricted by also associating an NSG to a VM or NIC. User-defined routes are applied to traffic leaving a subnet from any resource (such as network interfaces attached to VMs) in the subnet.

How do you make sure you get the most application resiliency when you're designing your app for high availability? Choose the 2 correct answers from the options below. A. Azure Load Balancer B. Availability set C. Storage accounts D. Azure Balancer

Answer: A, B Explanation: Azure Load Balancer delivers high availability and network performance to your applications. It is a Layer 4 (TCP, UDP) load balancer that distributes incoming traffic among healthy instances of services defined in a load balanced set. To provide redundancy to your application, we recommend that you group two or more virtual machines in an availability set. This configuration ensures that during either a planned or unplanned maintenance event, at least one virtual machine is available and meets the 99.95% Azure SLA.

One wants to ensure that using autoscale features of Azure can be used to balance virtual machines performance with the overall operational budget. Which of the below 2 options can be used in this regard? A. Identify your overall scale and performance requirements B. Use Azure Cost Estimator to balance performance with budget C. Use scale out/scale in rules to manage cost and performance D. Use scale up/scale down rules to increase the size of your virtual machine

Answer: A, B Explanation: One can use the below price calculator to see the cost of resources and this is based on the requirements of the organization.

How do you secure your virtual network using rules like limiting incoming IP ranges or allowing a port range to apply port forwarding? Choose the 3 correct answers from the options below. A. Network Security Groups B. Rules C. Subnet D. VNet default settings

Answer: A, B, C Explanation: A network security group (NSG) contains a list of security rules that allow or deny network traffic to resources connected to Azure Virtual Networks (VNet). NSGs can be associated to subnets, individual VMs (classic), or individual network interfaces (NIC) attached to VMs (Resource Manager). When an NSG is associated to a subnet, the rules apply to all resources connected to the subnet. Traffic can further be restricted by also associating an NSG to a VM or NIC.

For web application and web server logging, which of the following locations are possible for storing the application diagnostics. Choose 3 answers from the options given below A. FileSystem B. Blob Storage C. Table Storage D. Azure SQL Database

Answer: A, B, C Explanation: The following options are available for storage 1. File system - stores the application diagnostics information to the web app file system. These files can be accessed by FTP, or downloaded as a Zip archive by using the Azure PowerShell or Azure Command-Line Interface (Azure CLI). 2. Table storage - stores the application diagnostics information in the specified Azure Storage Account and table name. 3. Blob storage - stores the application diagnostics information in the specified Azure Storage Account and blob container.

What are the different routing methods available in the Azure Traffic manager? Choose 3 answers from the options below. A. Performance method B. Priority method C. Weighted method D. Shared method

Answer: A, B, C Explanation: There are four traffic routing methods available in Traffic Manager: Priority: Select Priority when you want to use a primary service endpoint for all traffic and provide backups in case the primary or the backup endpoints are unavailable. Weighted: Select Weighted when you want to distribute traffic across a set of endpoints, either evenly or according to weights, which you define. Performance: Select Performance when you have endpoints in different geographic locations and you want end users to use the ""closest"" endpoint in terms of the lowest network latency. Geographic: Select Geographic so that users are directed to specific endpoints (Azure, External, or Nested) based on which geographic location their DNS query originates from.

With which of the following can you assign a public IP address. Choose 3 answers from the options given below A. Virtual Machines B. Internet-facing load balancers C. Application Gateways D. Azure SQL Server databases​

Answer: A, B, C Explanation: In Azure Resource Manager, a public IP address is a resource that has its own properties. You can associate a public IP address resource with any of the following resources: Virtual machines (VM) Internet-facing load balancers VPN gateways Application gateways

Which of the below profiling collection methods are available for a cloud service in Azure. Choose 3 answers from the options given below A. CPU sampling B. Instrumentation C. NET Memory Allocation D. Network Sampling​

Answer: A, B, C Explanation: The following profiling collection methods are available 1. CPU sampling - This method collects application statistics that are useful for initial analysis of CPU utilization issues. 2. Instrumentation - This method collects detailed timing data that is useful for focused analysis and for analyzing input/output performance issues. 3. .NET Memory Allocation - This method collects .NET Framework memory allocation data by using the sampling profiling method. 4. Concurrency - This method collects resource contention data, and process and thread execution data that is useful in analyzing multi-threaded and multi-process application

What types of performance tiers are available when creating your Virtual Machine storage disks? Choose the 2 correct answers from the options below. A. Premium Storage B. Ultra Premium Storage C. Standard D. Basic Storage

Answer: A, C Explanation: A general-purpose storage account gives you access to Azure Storage services such as Tables, Queues, Files, Blobs and Azure virtual machine disks under a single account. This type of storage account has two performance tiers: A standard storage performance tier which allows you to store Tables, Queues, Files, Blobs and Azure virtual machine disks. A premium storage performance tier which currently only supports Azure virtual machine disks.

What are the 2 performance tiers for the general purpose storage account? Choose 2 answers from the options given below A. Standard B. Basic C. Premium D. Special

Answer: A, C Explanation: The general purpose storage account has the below performance tiers 1. A standard storage performance tier which allows you to store Tables, Queues, Files, Blobs and Azure virtual machine disks. 2. A premium storage performance tier which currently only supports Azure virtual machine disks.

Which of the following are limitations of Multi Virtual IP address? Choose 2 answers from the options given below: A. They can only be used for cloud services that contain VM's. B. They can only be used for PaaS scenarios with roles instances. C. They can be managed via PowerShell. D. They can be managed via the Azure Portal.

Answer: A, C Explanation: This is currently specified in the Microsoft documentation.

There are two types of IP addresses assigned to resources in Azure, what are the 2 right ones from the options given below? A. Public B. Static C. Private D. None of the above

Answer: A, C Explanation: You can assign IP addresses to Azure resources to communicate with other Azure resources, your on-premises network, and the Internet. There are two types of IP addresses you can use in Azure: Public IP addresses: Used for communication with the Internet, including Azure public-facing services. Private IP addresses: Used for communication within an Azure virtual network (VNet), and your on-premises network when you use a VPN gateway or ExpressRoute circuit to extend your network to Azure.

Each virtual machine is provided 2 domains in an availability set. What are these domains called? Choose 2 answers from the options given below A. Update Domains B. Primary Domains C. Fault Domains D. Secondary Domains​

Answer: A, C Explanation: Each virtual machine in your availability set is assigned an update domain and a fault domain by the underlying Azure platform. For a given availability set, five non-user-configurable update domains are assigned by default (Resource Manager deployments can then be increased to provide up to 20 update domains) to indicate groups of virtual machines and underlying physical hardware that can be rebooted at the same time.

You have a web app hosted using the web app feature on Azure. You want to map a custom domain name to this web app. Which of the below DNS record names can be used for this purpose A. CNAME B. TXT C. A D. MX​

Answer: A, C Explanation: The two types of DNS records that can be mapped to a web app 1. A records, or address records, map your domain name to the IP address of your website. 2. CNAME records, or alias records, map a subdomain of your custom domain name to the canonical name of your website, expressed as <yoursitename>.azurewebsites.net.

Which of the below permissions can be assigned when configuring them for a container in Azure Storage A. No public read access B. Private access C. Public read access for blobs only D. Full public read access​

Answer: A, C, D Explanation: A container can be configured with the following permissions 1. No public read access - The container and its blobs can be accessed only by the storage account owner. This is the default for all new containers. 2. Public read access for blobs only - Blobs within the container can be read by anonymous request, but container data is not available. Anonymous clients cannot enumerate the blobs within the container. 3. Full public read access - All container and blob data can be read by anonymous request.

Which of the following are useful scenarios when using the deployment slots feature in Azure web apps. Choose all that apply A. Staged deployment B. Virtual deployment C. Incremental deployment D. Rolling back deployment​

Answer: A, C, D Explanation: Below are useful scenarios for deployment 1. Staged deployment - In a staged deployment, you deploy to a non-production slot that is acting as a staging environment. 2. Incremental deployment If your website deployment includes incremental steps that you need to take post-deployment, you can deploy to a non-production slot, make those changes, and then swap with the production slot to make the updated website live. 3. Rolling back deployment If, after swapping a non-production slot into production, you need to roll back the deployment, you can swap the production slot again with the slot that contains the previous production content and configuration, thereby rolling back the deployment.

Which of the following are system properties defined as part of the properties collection for an entity in Azure tables A. PartitionKey B. Sort Key C. RowKey D. Timestamp​

Answer: A, C, D Explanation: Entities must define the following three system properties as part of the property collection 1. PartitionKey - The PartitionKey property stores string values that identify the partition that an entity belongs to. 2. RowKey - The RowKey property stores string values that uniquely identify entities within each partition. The PartitionKey and the RowKey together form the primary key for the entity 3. Timestamp - The Timestamp property provides traceability for an entity. A timestamp is a DateTime value that tells you the last time the entity was modified.

What are the 3 components required to deploy an application as a cloud service in Azure A. Service Definition B. Service Deployment C. Service Configuration D. Service Package​

Answer: A, C, D Explanation: The below are required to deploy a cloud service to Azure 1. Service Definition - The cloud service definition file (.csdef) defines the service model, including the number of roles. 2. Service Configuration - The cloud service configuration file (.cscfg) provides configuration settings for the cloud service and individual roles, including the number of role instances. 3. Service Package - The service package (.cspkg) contains the application code and configurations and the service definition file.

You host an application on an Azure virtual machine (VM) that uses a data disk. The application performs several input and output operations per second. You need to disable disk caching for the data disk. Which two actions will achieve the goal? Each answer presents a complete solution. A. Use the Azure Resource Manager REST API B. Use the Service Management REST API C. Run the following Windows PowerShell cmdlet: Remove-AzureDataDisk D. Run the following Windows PowerShell cmdlet: Set-AzureDataDisk

Answer: A, D Explanation: The Set-AzureDataDisk modifies the host caching of an existing data disk on an Azure virtual machine. The Azure REST API can be used to manage resources in Azure via API calls.

You have a website that is hosted on Azure. You connect to the site by using the URL: http://www.contoso.com. You plan to publish a new version of the website. You need to acquire the publishing profile for the website. Which two actions will achieve the goal? Each correct answer presents a complete solution. A. Run the following Windows PowerShell cmdlet: Get-AzurePublishSettingsFile B. Run the following Windows PowerShell cmdlet: Get-AzureSubscription C. Navigate to the following URL: https://www.contoso.com/download/publishprofile.aspx D. Navigate to the following URL: https://windows.azure.com/download/publishprofile.aspx

Answer: A, D Explanation: This is clearly given in the Microsoft documentation.

What are the 2 types of roles available for Azure cloud services. Choose 2 answers from the options given below A. Web Role B. Primary Role C. Secondary Role D. Worker Role​

Answer: A, D Explanation: Cloud Services in Azure supports 2 kinds of roles 1. Web roles Used for web server applications hosted in IIS, such as an ASP.NET MVC application or a Web API application 2. Worker roles Used for running a compute workload. It can be used to launch an executable process or for background worker implementations that work in a similar manner to a Windows service.

Which of the following blobs are ideal for storing log data? A. Block Blobs B. Append Blobs C. Page Blobs D. All of the above

Answer: B Explanation: An append blob is comprised of blocks and is optimized for append operations. When you modify an append blob, blocks are added to the end of the blob only, via the Append Block operation. Updating or deleting of existing blocks is not supported. Unlike a block blob, an append blob does not expose its block IDs. These are most suited for log files since they append the data to the Blob storage.

What is the purpose of the AzCopy tool? A. It is designed for copying virtual machines. B. It is designed for copying Azure Storage. C. It is designed for copying Azure Queues. D. It is designed for copying Azure Databases.

Answer: B Explanation: AzCopy is a Windows command-line utility designed for copying data to and from Microsoft Azure Blob, File, and Table storage using simple commands with optimal performance. You can copy data from one object to another within your storage account, or between storage.

You are developing a messaging solution to integrate two applications named WeatherSummary and WeatherDetails. The WeatherSummary application displays a summary of weather information for major cities. The WeatherDetails application displays weather details for a specific city. You need to ensure that the WeatherDetails application displays the weather details for the city that the user selects in the WeatherSummary application. What should you do? A. Create an Azure Service Bus Queue communication. In the WeatherDetails application, implement the PeekLock method. B. Create an Azure Service Bus Topics object. In the WeatherDetails application, create a filter. C. Create an Azure Service Bus Relay object. In the WeatherDetails application, create a filter. D. Create an Azure Service Bus Queue communication. In the WeatherDetails application, implement the ReceiveAndDelete method.

Answer: B Explanation: For this purpose, you can create multiple topics, so you can have topics for both WeatherSummary and WeatherDetails. When submitting a request for the WeatherDetail queue, the filter can be used to specify the city.

Which of the following feature of VNETs enables resources connected to different Azure VNets within the same Azure location to communicate with each other? A. Subnet connection B. Peering C. Primary connection D. Load Balancer

Answer: B Explanation: The Peering option enables resources connected to different Azure VNets within the same Azure location to communicate with each other. The bandwidth and latency across the VNets is the same as if the resources were connected to the same VNet.

You an Azure administrator of a company. You have been instructed that you need to create generalized VM so that instances can be created out of it. What is the general sequence of steps in this process? 1. Capture the VM image 2. Create the source VM 3. Create instances from the VM image 4. Generalize the VM A. 3, 4, 1, and 2 B. 2, 4, 1, and 3 C. 2, 1, 4, and 3 D. 3, 1, 4, and 2

Answer: B Explanation: The general steps involved are: 1. Create the source VM - Start with a VM you created from an existing image, such as one from the Marketplace. 2. Generalize the VM - To create a generalized image, you must take specific steps to prepare the VM before you create an image from it. You do not perform these steps to create a specialized VM. 3. Capture the VM image - With the VM in the desired state, take a snapshot of it by capturing a VM image. 4. Instantiate instances of the image.

You now need to find all works about World History that are overdue and are stored in the repository. What is the right code that can be used to achieve this purpose? A. var root=Storage.Account().TableStorageUri; var query=root+""library()?$filter="" + ""Late%20gt%200"" + ""%20and%20WorkID%20eq%20'World History'""; B. var root=Storage.Account().TableStorageUri; var query=root+""library()?$filter="" + ""Late%20gt%200"" + ""%20and%20RowKey%20eq%20'World History'""; C. var root=Storage.Account().TableStorageUri; var query=root+""library()?$filter="" + ""Late%20gt%200"" + ""%20and%20PartitionKey%20eq%20'World History'""; D. var root=Storage.Account().TableStorageUri; var query=root+""library()?$filter="" + ""Late%20gt%200"" + ""%20and%20Subject%20eq%20'World History'"";

Answer: B Explanation: The row key is a unique identifier for an entity within a given partition. Together the PartitionKey and RowKey uniquely identify every entity within a table. The row key is a string value that may be up to 1 KB in size. In the code of Work.cs, the Subject is denoted by the RowKey, hence we need to filter via the RowKey.

When my Azure virtual machine administrator logs on to any Windows VM, what can be done to make sure the desktop has details of the instance name, and IP address for quick reference and convenience. What can be done in this case? A. Enable VM debugging B. Enable Azure VM BgInfo extension C. Disable Azure VM BgInfo extension D. None of the above

Answer: B Explanation: This is clearly given in the Azure Blogs.

You are creating a two-layered application architecture: Web applications that connect to a databases running on virtual machines in Azure. Which of the below is the ideal network configuration? A. A single VNet with a web and database server in it. B. One VNet with two subnets. First subnet running web server VMs and a second subnet with database VMs C. VNets are not required and the servers can be hosted as they are D. None of the above options are valid

Answer: B Explanation: VMs that need to be placed in different Azure locations. VNets in Azure are regional. They cannot span locations. Therefore you need at least one VNet for each Azure location you want to host VMs in. Workloads that need to be completely isolated from one another. You can create separate VNets that even use the same IP address spaces, to isolate different workloads from one another.

You store data by using table storage in Azure. The storage analytics logs do not contain any data. You must configure the Azure storage account to retain logs for the maximum length of time that Azure permits. In the Azure management portal, what should you do? A. Set the monitoring level to Minimal, and set the number of days the data in the logs is retained to 0 B. Set the monitoring level to Verbose, and set the number of days the data in the logs is retained to 365 C. Set the monitoring level to Minimal, and set the number of days the data in the logs is retained to 99 D. Set the monitoring level to Verbose, and set the number of days the data in the logs is retained to 30.

Answer: B Explanation: You can configure two data retention policies: one for logging and one for metrics. When enabled for both, Storage Analytics will delete logs and table entries older than the specified number of days. The maximum retention period is 365 days (1 year).

You have a web site hosted in Azure using the Azure web app service. You expect high traffic over the next few weeks since there is a promotion running on the web site. Which of the following is the best recommended to do to ensure the web site can take the traffic in the next coming weeks A. Create a new virtual machine to offload all the traffic to. B. Define Autoscaling for the web site. Set the Condition, CPU threshold and Period accordingly. C. Create a new web site and run it in parallel. D. Use the activity log to check for any alerts.​ A

Answer: B Explanation: "Autoscale allows you to have the right amount of resources running to handle the load on your application. It allows you to add resources to handle increases in load and also save money by removing resources that are sitting idle. You specify a minimum and maximum number of instances to run and add or remove VMs automatically based on a set of rules. Having a minimum makes sure your application is always running even under no load.

Which of the following can be used to permit or deny traffic for a virtual machine endpoint A. Security Groups B. Network access control lists C. Azure CDN D. Azure Redis​

Answer: B Explanation: A network access control list (ACL) allows you to restrict access to your VMs to specific ranges of IP addresses by defining a list of permit or deny rules. They perform packet filtering on the host node running your VM, controlling what external traffic is allowed to reach it via the endpoint.

Which of the following is false with regards to Azure Queue storage? A. Can be accessed via HTTP and HTTPS B. A single queue can be up to 128KB in size C. A queue can contain millions of messages D. Queues can be used to decouple applications​

Answer: B Explanation: Azure Queue storage is a service for storing large numbers of messages that can be accessed from anywhere in the world via authenticated calls using HTTP or HTTPS. A single queue message can be up to 64 KB in size, and a queue can contain millions of messages, up to the total capacity limit of a storage account.

A company creates an API and makes it accessible on an Azure website. External partners use the API occasionally. The website uses the Standard web hosting plan. Partners report that the first API call in a sequence of API calls occasionally takes longer than expected to run. Subsequent API calls consistently perform as expected. You need to ensure that all API calls perform consistently. What should you do? A. Configure the website to use the Basic web hosting plan. B. Enable Always On support C. Configure the website to automatically scale D. Add a trigger to the web config file for the website that causes the website to recycle periodically.

Answer: B Explanation: By default, web apps are unloaded if they are idle for some period of time. This lets the system conserve resources. In Basic or Standard mode, you can enable Always On to keep the app loaded all the time. If your app runs continuous web jobs, you should enable Always On, or the web jobs may not run reliably.

You are managing an application. The application uses data that is stored in an Azure SQL database in the Premium tier. You must be able to reset the application to the state that existed on any day in the previous 35 days. You need to choose a backup solution. What should you do? A. Run SQL replication on the SQL database once a day. B. Use Microsoft Azure SQL Database Point in Time Restore C. Use the SQL Server Data- Tier Application Framework to build a data-tier application (DAC) file once a day. D. Use the bcp utility to export data to an Azure page blob once a day.​​

Answer: B Explanation: The Azure SQL Database service protects all databases with an automated backup system. These backups are retained for 7 days for Basic, 14 days for Standard and 35 days for Premium. Point-in-time restore is a self-service capability, allowing customers to restore a Basic, Standard or Premium database from these backups to any point within the retention period. Point-in-time restore always creates a new database.

A company is developing a mortgage loan processing website. The Business stakeholders have identified the following requirements for the mortgage loan processing website: • The website must provide a secure mortgage application process for the customer. • Business users must validate new versions of the website before you publish them to the production site. You must be able to revert to the previous version easily when issues arise. • The website must remain available to users while new features and bug fixes are deployed. You need to implement the web application deployment workflow. In the Azure management portal, what should you do? A. Set the web hosting plan to Shared. Increase the instance count to 2. Publish the incremental updates to the new instance. B. Set the web hosting plan to Standard. Use Windows PowerShell to create a new deployment slot to publish the incremental updates. Swap the deployment slot after the business users have validated the updates. C. Set the web hosting plan to Standard. Create a new website to host the updated web application. Create a Windows PowerShell script to move the contents of the new website to the production website location after the business users have validated the updates. D. Download the publish profile. Use Visual Studio to import the publish profile. Deploy the web application by using the Visual Studio Publish Web wizard after the business users have validated the updates.

Answer: B Explanation: When you deploy your web app, web app on Linux, mobile back end, and API app to App Service, you can deploy to a separate deployment slot instead of the default production slot when running in the Standard or PremiumApp Service plan mode. Deployment slots are actually live apps with their own hostnames. App content and configurations elements can be swapped between two deployment slots, including the production slot .

What's the purpose of a jumpbox when you deploy multiple virtual machines? Choose the 2 correct answers from the options below A. It monitors application performance B. One or more VMs to control access to scale sets C. Enables access security D. None of the above

Answer: B, C Explanation: Connectivity to your Azure IaaS VMs will either be via PowerShell using WS-Management or Remote Desktop Protocol (RDP). Ideally your VMs are on a virtual network in Azure and that virtual network is connected to your on-premises network using site-to-site VPN or ExpressRoute. This means to access the Azure VMs you RDP to their Dynamic IP (DIP, which is the internal IP used in the virtual network) from your on-premises network and not ports need to be exposed to the Internet. If you do not have connectivity to your virtual network from on-premises and don't use point-to-site VPN then you need to create endpoints/NAT Rules/PIP to the VMs to enable connectivity from the Internet however this exposes a lot of different VMs directly to the Internet. Another approach is to create a single VM in Azure which has RDP connectivity to the Internet and then from this box you connect to your other Azure VMs from the DIPs on the virtual network.

Which of the following Azure networking services are Layer 7 and Layer 4 balancers? Choose the 2 correct answers from the options below. A. Azure Traffic Manager B. Azure Application Gateway C. Azure Load Balancer D. Azure Balancer

Answer: B, C Explanation: Microsoft Azure Application Gateway is a dedicated virtual appliance providing application delivery controller (ADC) as a service, offering various layer 7 load balancing capabilities for your application. Azure Load Balancer delivers high availability and network performance to your applications. It is a Layer 4 (TCP, UDP) load balancer that distributes incoming traffic among healthy instances of services defined in a load balanced set.

You have an ASP.NET application that runs in a cloud service. A new version of the application is ready for release. The new version contains code changes and new SSL certificates. The application consists of six instances of a web role and four instances of a worker role. The application performs at near full capacity. The cloud service uses the default number of fault domains and upgrade domains. You plan to deploy the new version of the application. The performance and capacity of the web roles must not degrade during the deployment. Temporary degradation of the worker roles is acceptable. The deployment must take a maximum of six hours. You need to deploy the new version of the ASP.NET application to the cloud service. Which two approaches will achieve the goal? Each correct answer presents a complete solution. A. Increase the number of web role instances to eight, and then deploy the new version of the application by using an in-place update. Reduce the number of web role instances to six after the upgrade is completed. B. Deploy the new version of the application by using an in-place update. Use upgrade domains to ensure that there is sufficient capacity during the upgrade. C. Deploy the new version of the application into the staging slot for the cloud service. Then activate the new version of the application by swapping virtual IP (VIP) addresses. D. Delete the old version of the application, and deploy the new version of the application.

Answer: B, C Explanation: When you deploy your web app on Linux, mobile back end, and API app to App Service, you can deploy to a separate deployment slot instead of the default production slot when running in the Standard or Premium App Service plan mode. Deployment slots are actually live apps with their own hostnames. App content and configurations elements can be swapped between two deployment slots, including the production slot. Update domains can be ensured availability of VM's during planned and unplanned events.

Identify the types of disks available when creating and operating Azure Virtual Machines? Choose the 3 correct answers from the options below. A. Shared disk B. Data disk C. Operating system disk D. Temporary disk

Answer: B, C, D Explanation: All Azure virtual machines have at least two disks - a Linux operating system disk and a temporary disk. The operating system disk is created from an image, and both the operating system disk and the image are actually virtual hard disks (VHDs) stored in an Azure storage account The data disk can be added to store additional data on the disks.

You develop a web application that will use the Azure Table service. The web application will store entities in the form of XML data within a single table. The web application must support high traffic throughput. You need to avoid exceeding the throttle limit for the table. Which two actions should you take? Each correct answer presents part of the solution. A. Add additional partition keys to the table. B. Batch transactions for entities that are in the same partition group in the table. C. Compress the entities before storing them in the table. D. Store the entities in JSON format​

Answer: B, D Explanation: These recommendations are provided in the Microsoft documentation. Beginning with storage service version 2013-08-15, the table service supports using JSON instead of the XML-based AtomPub format for transferring table data. This can reduce payload sizes by as much as 75% and can significantly improve the performance of your application. Batch transactions are known as Entity Group Transactions (EGT) in Azure Storage; all the operations within an EGT must be on a single partition in a single table. Where possible, use EGTs to perform inserts, updates, and deletes in batches. This reduces the number of round trips from your client application to the server, reduces the number of billable transactions (an EGT counts as a single transaction for billing purposes and can contain up to 100 storage operations), and enables atomic updates (all operations succeed or all fail within an EGT).

You plan to deploy an application as a cloud service. The application uses a virtual network to extend your on-premises network into Azure. You need to configure a site-to-site VPN for cross-premises network connections. Which two objects should you configure? Each correct answer presents part of the solution. A. Dynamic routing gateway B. VPN gateway C. External-facing IPv6 address D. External-facing IPv4 address

Answer: B, D Explanation: This is clearly given in the Microsoft documentation.

A company has a web app hosted in Azure. They want to implement SSL for this web app. Which of the following can be done to implement SSL for the web app. Choose 2 answers from the options given below A. You can use the build in certificate for azurewebsites.net B. You can use the build in certificate for *.azurewebsites.net C. You can use any custom certificate D. Use the certificate issues by a third party authority

Answer: B, D Explanation: With Azure Websites, you can use an SSL certificate with your website in one of two ways 1. You can use the "built-in" wildcard SSL certificate that is associated with the *.azurewebsites.net domain. 2. You can use a certificate you purchase for your custom domain from a third-party certificate authority.

The Compute method in the PlagiarismCalculation class takes a significant amount of time to load the existing works from blob storage. To improve performance the service must load existing works from the cache. Which of the following code snippets show be used in the class PlagiarismCalculation? A. var existingWorks= cloudTableClient.GetTableReference(""library"").CreateQuery<Work>(); var cache=new DataCache(essay.Subject); foreach(var work in existingWorks.Execute()) { work.Body=cache.Get(work.Body.toString()); score=compute(essay,work,score); } B. var existingWorks= cloudTableClient.GetTableReference(""library"").CreateQuery<Work>(); var cache=new DataCache(essay.Subject); foreach(var work in existingWorks.Execute()) { work.Body=cache.Get(work.RowKey.toString()); score=compute(essay,work,score); } C. var existingWorks= cloudTableClient.GetTableReference(""library"").CreateQuery<Work>(); var cache=new DataCache(essay.Subject); foreach(var work in existingWorks.Execute()) { work.Body=cache.Get(work.PartitionKey.toString()); score=compute(essay,work,score); } D. var existingWorks= cloudTableClient.GetTableReference(""library"").CreateQuery<Work>(); var cache=new DataCache(essay.Subject); foreach(var work in existingWorks.Execute()) { work.Body=cache.Get(work.Author.toString()); score=compute(essay,work,score); }

Answer: C Explanation: The DataCache is the object that is used by cache-enabled applications for storing and retrieving objects from the cache. An instance of this object is referred to as the cache client. The DataCache with the string parameter creates a DataCache that accesses the specified cache name; uses settings in the ""default"" cache client configuration.

You deploy an application as a cloud service in Azure. The application consists of five instances of a web role. You need to move the web role instances to a different subnet. Which file should you update? A. Service definition B. Diagnostics configuration C. Service configuration D. Network configuration

Answer: C Explanation: The Service configuration file has the necessary network settings which can be specified for the new subnet. <ServiceConfiguration serviceName=""<service-name>"" osFamily=""<osfamily-number>"" osVersion=""<os-version>"" schemaVersion=""<schema-version>""> <Role...> ... </Role> <NetworkConfiguration> ... </NetworkConfiguration>

What can be done to ensure that one is billed only for storage of the VM's disk space that is being used using rather than the entire disk? Choose the correct answer from the options below. A. Run perform tool and monitor usage B. Clean up disks ongoing basis C. Run fsutil and check usage* D. None of the above

Answer: C Explanation: The command fsutil performs tasks that are related to file allocation table (FAT) and NTFS file systems, such as managing reparse points, managing sparse files, or dismounting a volume.

A company has a web site hosted in Azure using the web app feature. They want to roll out updates but at the same time want to test the updates thoroughly before updating the production web site. Which of the below are the preferred methods for doing this. A. Create a new web site, deploy the updates and give the new link to the users. B. Create a new virtual machine, deploy the web site with the updates and give the new link to the users. C. Create a separate deployment slot, test the updates and swap the slots. D. Create a new set of virtual machines, deploy the web site with the updates and give the new link to the users.

Answer: C Explanation: When you deploy your web app, web app on Linux, mobile back end, and API app to App Service, you can deploy to a separate deployment slot instead of the default production slot when running in the Standard or Premium App Service plan mode. Deployment slots are actually live apps with their own hostnames. App content and configurations elements can be swapped between two deployment slots, including the production slot.

Which of the following DSC configuration would be used to install IIS as a feature on a Windows Server 2012 machine A. configuration IISInstall { WindowsFeature IIS { Ensure = ""Present"" Name = ""Web-Server"" } } B. configuration IISInstall { node ""localhost"" { WindowsFeature IIS } } C. configuration IISInstall { node ""localhost"" { WindowsFeature IIS { Ensure = ""Present"" Name = ""Web-Server"" } } } D. node ""localhost"" { WindowsFeature IIS { Ensure = ""Present"" Name = ""Web-Server"" } }

Answer: C Explanation: "A DSC configuration should ideally have the following information 1. Configuration - A DSC configuration document. 2. Node - A target for a DSC configuration. In this document, ""node"" always refers to an Azure VM. 3. Configuration Data - A .psd1 file containing environmental data for a configuration The correct answer is: configuration IISInstall { node ""localhost"" { WindowsFeature IIS { Ensure = ""Present"" Name = ""Web-Server"" } } }

You have a requirement to share some artifacts in your Azure storage with external clients. But you don't want to share the storage keys with them. What can be done to provide secure access? A. Use multiple storage accounts so if one is compromised, another one can be used B. Provide access via a Virtual machine C. Use Shared Access signatures D. Use multiple subscriptions for the multiple storage accounts​

Answer: C Explanation: A shared access signature provides delegated access to resources in your storage account. With a SAS, you can grant clients access to resources in your storage account, without sharing your account keys. This is the key point of using shared access signatures in your applications--a SAS is a secure way to share your storage resources without compromising your account keys.

You are migrating an existing solution to Azure. The solution includes a user interface tier and a database tier. The user interface tier runs on multiple virtual machine (VMs). The user interface tier has a website that uses Node.js. The user interface tier has a background process that uses Python. This background process runs as a scheduled job. The user interface tier is updated frequently. The database tier uses a self-hosted MySQL database. The user interface tier requires up to 25 CPU cores. You must be able to revert the user interface tier to a previous version if updates to the website cause technical problems. The database requires up to 50 GB of memory. The database must run in a single VM. You need to deploy the solution to Azure. What should you do first? A. Deploy the entire solution to an Azure website. Use a web job that runs continuously to host the database. B. Deploy the database to a VM that runs Windows Server on the Standard tier. C. Deploy the entire solution to an Azure website. Run the database by using the Azure data management services. D. Deploy the user interface tier to a VM. Use multiple availability sets to continuously deploy updates from Microsoft Visual Studio Online.

Answer: C Explanation: Azure websites can provide so many features such as scaling, monitoring etc. Hence this is ideal for hosting the web application. Also Azure websites support Node.js.

You are configuring the Traffic Manager service for your endpoint in Azure. You want to ensure that the Traffic Manager provides the endpoint to the user based on the lowest latency for the client. Which of the below options should be chosen to do this A. Ensure the Traffic Manager has the Failover setting enabled B. Ensure the Traffic Manager has the Round Robin setting enabled C. Ensure the Traffic Manager has the Performance setting enabled D. Ensure the Traffic Manager has the Threshold setting enabled​

Answer: C Explanation: The Traffic Manager has the following settings available 1. Failover - When a DNS query comes in from a client, Traffic Manager picks the first endpoint from the ordered list of endpoints that it determines is healthy based on periodic monitoring of the endpoints. 2. Round robin - Traffic Manager treats each active endpoint in its list of endpoints equally and tries to evenly distribute traffic among the endpoints in a round-robin fashion. 3. Performance - Traffic Manager picks the "closest" endpoint from the configured list of endpoints that should have the lowest latency for the client.

You maintain an application that is used by local food delivery companies. When a customer requests a delivery, the application sends a message to all of the delivery companies. One company accepts the request and fulfills the order. The application currently supports orders of 100 products or fewer. Some of the delivery companies can now deliver large orders that contain up to 500 products. You must modify the application so that it supports both small orders and large orders. Messages about large orders should be sent to only delivery companies that can fulfill them. Messages about small orders should be sent to all delivery companies. Which service should you use? A. Azure Service Bus Queue B. Azure Service Bus Relay C. Azure Service Bus Topics D. Azure Service Bus Namespace​

Answer: C Explanation:​ For this purpose, you can create multiple topics, so you can have one topic for the large orders and one for the small orders. The companies that can fulfill the large orders can pull the messages from the corresponding queue.

What advantages does encrypting Azure Virtual Machine disks have? Choose the 2 correct answers from the options below. A. VMs perform better B. VMs boot faster C. VMs are secure at rest D. VMs boot under customer controlled keys and policies

Answer: C, D Explanation: Azure Disk Encryption is a new capability that helps you encrypt your Windows and Linux IaaS virtual machine disks. Azure Disk Encryption leverages the industry standard BitLocker feature of Windows and the DMCrypt feature of Linux to provide volume encryption for the OS and the data disks. The solution is integrated with Azure Key Vault to help you control and manage the disk-encryption keys and secrets in your key vault subscription. The solution also ensures that all data on the virtual machine disks are encrypted at rest in your Azure storage.

You store data in an Azure blob. Data accumulates at a rate of 0.10 GB per day. You must use storage analytics data to verify that the service level agreement (SLA) has been met and to analyze the performance of VHDs, including the pattern of usage. Analytics data must be deleted when it is older than 100 days or when the total amount of data exceeds 10 GB. You need to configure storage analytics and access the storage analytics data. Which two approaches will achieve the goal? Each correct answer presents part of the solution. A. Disable the data retention policy B. Access analytics data by using the Service Management REST APL C. Access analytics data by using the APIs used to read blob and table data. D. Configure a data retention policy of 100 days

Answer: C, D Explanation: You can configure two data retention policies: one for logging and one for metrics. When enabled for both, Storage Analytics will delete logs and table entries older than the specified number of days. The maximum retention period is 365 days (1 year).

You create a VM named cVM _005 for a newly hired contractor with 14GB Memory. The contractor reports that the VM runs out of memory when the contractor attempts to test the mobile applications. You need to double the memory that is available for the VM. Which Windows PowerShell command should you use? A. SetAzureVMSize - ServiceName "cVM_005" -VMSize "A4" B. Add-DataDisksToVM.ps1 -ServiceName "cVM 005" -VMName "MyVM" - Location "West US" -NumberOfDisks 2 - DiskSizeInGB 16 C. SetAzureVMSize - ServiceName "cVM_005" -VMSize "Medium" D. SetAzureVMSize - ServiceName "cVM_005" -VMSize "A6"

Answer: D Explanation: As per the Microsoft documentation , below are the valid values for SetAzureVMSize Also the A6 VM has the required configuration.

When I enable diagnostics what types of diagnostics can be collected? Choose a correct answer from the options below. A. Performance counters B. Application Logs C. Windows Events Logs D. All of the above

Answer: D Explanation: Azure Diagnostics is the capability within Azure that enables the collection of diagnostic data on a deployed application. You can use the diagnostics extension from a number of different sources. Currently supported are Azure Cloud Service Web and Worker Roles, Azure Virtual Machines running Microsoft Windows and Service Fabric. Other Azure services have their own separate diagnostics.

Which of the following is true about Azure Load Balancers? A. Azure Load Balancers can balance incoming Internet traffic to virtual machines B. Azure Load Balancers can balance traffic between virtual machines in a VNET C. Forward external traffic to a specific virtual machine D. All of the above

Answer: D Explanation: Azure Load Balancer can be configured to: 1. Load balance incoming Internet traffic to virtual machines. This configuration is known as Internet-facing load balancing. 2. Load balance traffic between virtual machines in a virtual network, between virtual machines in cloud services, or between on-premises computers and virtual machines in a cross-premises virtual network. This configuration is known as internal load balancing. 3. Forward external traffic to a specific virtual machine.

What are the different functions that can be performed by PowerShell DSC? Choose the right answer from the options below. A. Enable or disable server roles and features B. Help manage registry settings C. Manage files and directories D. All of the above

Answer: D Explanation: DSC is a management platform in PowerShell that enables you to manage your IT and development infrastructure with configuration as code.

What are examples of built-in resources that you can configure using PowerShell DSC? A. Install or remove server roles and features B. Manage registry settings C. Manage files and directories D. All of the above

Answer: D Explanation: Powershell DSC gives the ability to perform a variety of tasks which include • Install or remove server roles and features • Manage registry settings • Manage files and directories • Start, stop, and manage processes and services • Manage local groups and user accounts • Install and manage packages such as .msi and .exe • Manage environment variables • Run Windows PowerShell scripts • Fix a configuration that has drifted away from the desired state • Discover the actual configuration state on a given node

You are developing a REST API service that provides data about products. The service will be hosted in an Azure virtual machine (VM). The product data must be stored in Azure tables and replicated to multiple geographic locations. API calls that use the HPPT GET operation must continue to function when the data tables at the primary Azure datacenter are not accessible. You need to configure storage for the service. Which type of replication should you choose? A. Locally Redundant Storage replication B. Geo-Redundant Storage replication C. Zone-Redundant Storage replication D. Read-Access Geo-Redundant Storage replication

Answer: D Explanation: Read-access geo-redundant storage (RA-GRS) maximizes availability for your storage account, by providing read-only access to the data in the secondary location, in addition to the replication across two regions provided by GRS.

You are deploying the same web based solution in the West Europe region. You need to copy the repository of existing works that the plagiarism detection service uses. You must achieve this goal by using the least amount of time. What should you do? A. Copy the files from the source file share to a local hard disk. Ship the hard disk to the West Europe data center by using the Azure Import/Export service. B. Create an Azure virtual network to connect to the West Europe region. Then use Robocopy to copy the files from the current region to the West Europe region. C. Provide access to the blobs by using the Microsoft Azure Content Delivery Network (CDN). Modify the plagiarism detection service so that the files from the repository are loaded from the CDN. D. Use the Asynchronous Blob Copy API to copy the blobs from the source storage account to a storage account in the West Europe region.

Answer: D Explanation: The Asynchronous Blob Copy API allows you to copy blobs between storage accounts. This enables some interesting scenarios like: • Backup your blobs to another storage account without having to retrieve the content and saving it yourself. • Migrate your blobs from one account to another efficiently with respect to cost and time.

A company has a solution hosted in Azure in the US West region. The solution stores master copies of data in Azure blob storage. A daily process synchronizes files between blob storage and a file share on a virtual machine (VM). You now want to deploy the web-based solution to the West Europe region. You must achieve this goal by using the least amount of time. What should you do? A. Copy the files from the source file share to a local hard disk. Ship the hard disk to the West Europe data center by using the Azure Import/Export service. B. Create an Azure virtual network to connect to the West Europe region. Then use Robocopy to copy the files from the current region to the West Europe region. C. Provide access to the blobs by using the Microsoft Azure Content Delivery Network (CDN). Modify the plagiarism detection service so that the files from the repository are loaded from the CDN. D. Use the Asynchronous Blob Copy API to copy the blobs from the source storage account to a storage account in the West Europe region.

Answer: D Explanation: The Blob copy API can be used to copy the data between regions.

Which of the below will be the relevant code to implement the GetWork method? A. while(true) { var messages=queue.GetMessages(numofMessages:8,operationContext:TimeSpan.FromHours(foreach(var message in messages) yield return message; } B. while(true) { var messages=queue.PeekMessages(numofMessages:8,visibilityTimeout:TimeSpan.FromHours(foreach(var message in messages) yield return message; } C. while(true) { var messages=queue.PeekMessages(numofMessages:8,operationContext:TimeSpan.FromHours(foreach(var message in messages) yield return message; } D. while(true) { var messages=queue.GetMessages(numofMessages:8,visibilityTimeout:TimeSpan.FromHours(foreach(var message in messages) yield return message; }

Answer: D Explanation: The Get Messages operation retrieves one or more messages from the front of the queue. The visibilityTimeout parameter specifies the new visibility timeout value, in seconds, relative to server time. The default value is 30 seconds. A specified value must be larger than or equal to 1 second, and cannot be larger than 7 days, or larger than 2 hours on REST protocol versions prior to version 2011-08-18. The visibility timeout of a message can be set to a value later than the expiry time.

Which of the following are Azure-supported Workloads? Choose an answer from the options below. A. Exchange Server B. Active Directory C. Sharepoint Farms D. All of the above

Answer: D Explanation: You can place all of the workloads specified on Azure virtual machines.

Which of the following tools are used to generalize a VM A. Generalize B. Nuget C. app-get D. Sysprep​

Answer: D Explanation: "Sysprep is a tool that is designed for system administrators, Original Equipment Manufacturers (OEMs), and others who must automatically deploy an operating system on multiple computers. After you perform the initial setup steps on a single computer, you can run the Sysprep tool to prepare the sample computer for cloning.

As a developer you are developing a .Net application that needs to authenticate with Azure AD and to achieve single sign-on. Which of the following protocols can be used for this purpose A. Federation protocol B. OAuth 2.0 C. OpenID Connect D. SAML​

Answer: D Explanation: Azure Active Directory (Azure AD) uses the SAML 2.0 protocol to enable applications to provide a single sign-on experience to their users. The Single Sign-On and Single Sign-Out SAML profiles of Azure AD explain how SAML assertions, protocols and bindings are used in the identity provider service.

What are the replication options available for Azure Storage? A. Locally redundant storage (LRS) B. Zone-redundant storage (ZRS) C. Geo-redundant storage (GRS)​ D. All of the above​

Answer: D Explanation: Replication ensures that your storage account meets the Service-Level Agreement (SLA) for Storage even in the face of failures. See the SLA for information about Azure Storage guarantees for durability and availability. When you create a storage account, you can select one of the following replication options Locally redundant storage (LRS) Zone-redundant storage (ZRS) Geo-redundant storage (GRS) Read-access geo-redundant storage (RA-GRS).


Related study sets

Physiology - Muscles, Body Movement, Blood & Cardiovascular

View Set

ECON131 Chapter 6: Measuring Inflation and Unemployment

View Set

Lab Manual Ch. 17 (Ears) & 18 (Mouth, Nose, Sinuses, Throat)

View Set

3b. Test Review - Represent Data

View Set

Syracuse University EAR 111 Exam 1

View Set