Download Architecture Microsoft Azure Part 2 and more Exams MS Microsoft PowerPoint skills in PDF only on Docsity!
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
Vendor: Microsoft
Exam Code: 70- 534
Exam Name: Architecting Microsoft Azure Solutions
Question 81 -- Question 10 0
Visit PassLeader and Download Full Version 70-534 Exam Dumps
QUESTION 81
Drag and Drop Question You are converting an existing ASP.NET web application to use the Azure Active Directory (AD) Access Control service for authentication. The application will authenticate users by using their Yahoo account credentials. You need to determine the correct payload for each stage of the authentication process. What should you do? To answer, drag the appropriate payload format to the correct location on the dialog box. Each payload format may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
QUESTION 82
Hotspot Question You have a cloud service that runs an external process that is named MyStartupTask.cmd. The cloud service runs this external process when the web role starts. The external process writes information to the Windows registry. You set the value of an environment variable named MyID to the deployment ID for the current web role instance. The external process must complete writing the information to the Windows registry before the web role starts to accept web traffic. You need to configure the cloud service. How should you complete the relevant markup? To answer, select the appropriate option or options in the answer area.
Answer:
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
QUESTION 84
You manage a virtual Windows Server 2012 web server that is hosted by an on-premises Windows Hyper-V server. You plan to use the virtual machine (VM) in Azure. You need to migrate the VM to Azure Storage to add it to your repository. Which Azure Power Shell cmdlet should you use?
A. Import-AzureVM B. New-AzureVM C. Add-AzureDisk D. Add-AzureWebRole E. Add-AzureVhd
Answer: C Explanation: http://msdn.microsoft.com/en-us/library/azure/dn495252.aspx
QUESTION 85 Your company network has two physical locations configured in a geo-clustered environment. You create a Blob storage account in Azure that contains all the data associated with your company. You need to ensure that the data remains available in the event of a site outage. Which storage option should you enable?
A. Locally redundant storage B. Geo-redundant storage C. Zone-redundant storage D. Read-only geo-redundant storage
Answer: D Explanation: Introducing Read-only Access to Geo Redundant Storage (RA-GRS): RA-GRS allows you to have higher read availability for your storage account by providing "read only" access to the data replicated to the secondary location. Once you enable this feature, the secondary location may be used to achieve higher availability in the event the data is not available in the primary region. This is an "opt-in" feature which requires the storage account be geo- replicated.
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
A. Option A B. Option B C. Option C D. Option D
Answer: A Explanation: Check for GetBlob and for AnonymousSuccess. Example: Get Blob AnonymousSuccess: 1.0;2011-07- 28T18:52:40.9241789Z;GetBlob;AnonymousSuccess;200;18;10;anonymous;;sally;blob;"htt p://sally.blob.core.windows.net/thumbnails/lake.jpg?timeout=30000";"/sally/thumbnails/lake.jpg ";a84aa705-8a85-48c5-b064-b43bd22979c3;0;123.100.2.10;2009-09- 19;252;0;265;100;0;;;"0x8CE1B6EA95033D5";Thursday, 28-Jul-11 18:52:40 GMT;;;;"7/28/ 6:52:40 PM ba98eb12-700b-4d53-9230-33a3330571fc" Incorrect: Not C: Check for AnonymousSuccess not Access. Not B, not D: Check for GetBlob not GetBlobProperties
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
http://blogs.msdn.com/b/windowsazurestorage/archive/2011/08/03/windows-azure-storage- logging-using-logs-to-track-storage-requests.aspx
QUESTION 88 You manage a software-as-a-service application named SaasApp1 that provides user management features in a multi-directory environment. You plan to offer SaasApp1 to other organizations that use Azure Active Directory. You need to ensure that SaasApp1 can access directory objects. What should you do?
A. Configure the Federation Metadata URL B. Register SaasApp1 as a native client application. C. Register SaasApp1 as a web application. D. Configure the Graph API.
Answer: D Explanation: The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For example, the Graph API supports the following common operations for a user object: / Create a new user in a directory / Get a user's detailed properties, such as their groups / Update a user's properties, such as their location and phone number, or change their password / Check a user's group membership for role-based access / Disable a user's account or delete it entirely http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx
QUESTION 89 Drag and Drop Question You plan to deploy a cloud service named contosoapp that has a web role named contosoweb and a worker role named contosoimagepurge. You need to ensure the service meets the following requirements:
- Contosoweb can be accessed over the Internet by using http.
- Contosoimagepurge can only be accessed through tcp port 5001 from contosoweb.
- Contosoimagepurge cannot be accessed directly over the Internet. Which configuration should you use? To answer, drag the appropriate configuration setting to the correct location in the service configuration file. Each configuration setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
C. Move the files into a container sub-directory and set the directory access level to Public Blob. D. Edit the container metadata and set the access policy to Public Blob.
Answer: C Explanation: By default, the container is private and can be accessed only by the account owner. To allow public read access to the blobs in the container, but not the container properties and metadata, use the "Public Blob" option. To allow full public read access for the container and blobs, use the "Public Container" option.
QUESTION 91 Drag and Drop Question Your development team has created a new solution that is deployed in a virtual network named fabDevVNet. Your testing team wants to begin testing the solution in a second Azure subscription. You need to create a virtual network named fabTestVNet that is identical to fabDevVNet. You want to achieve this goal by using the least amount of administrative effort. Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
QUESTION 92
Drag and Drop Question You have a solution deployed into a virtual network in Azure named fabVNet. The fabVNet virtual network has three subnets named Apps, Web, and DB that are configured as shown in the exhibit. (Click the Exhibits button.)
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
QUESTION 93
Your network environment includes remote employees. You need to create a secure connection for the remote employees who require access to your Azure virtual network. What should you do?
A. Deploy Windows Server 2012 RRAS. B. Configure a point-to-site VPN. C. Configure an ExpressRoute. D. Configure a site-to-site VPN.
Answer: B Explanation: New Point-To-Site Connectivity With today's release we've added an awesome new feature that allows you to setup VPN connections between individual computers and a Windows Azure virtual network without the need for a VPN device. We call this feature Point-to-Site Virtual Private Networking. This feature greatly simplifies setting up secure connections between Windows Azure and client machines, whether from your office environment or from remote locations. It is especially useful for developers who want to connect to a Windows Azure Virtual Network (and to the individual virtual machines within it) from either behind their corporate firewall or a remote location. Because it is point-to-site they do not need their IT staff to perform any activities to enable it, and no VPN hardware needs to be installed or configured. Instead you can just use the built-in Windows VPN client to tunnel to your Virtual Network in Windows Azure.
QUESTION 94
Hotspot Question A company creates an Azure worker role to manage products.
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
The number of customers who inquire about how many products are in inventory rapidly increases. You need to ensure that the worker role can scale to accommodate the increased workload. How should you complete the relevant code? To answer, select the appropriate option or options in the answer area.
Answer:
QUESTION 95
You administer an Azure Storage account with a blob container. You enable Storage account logging for read, write and delete requests. You need to reduce the costs associated with storing the logs. What should you do?
A. Execute Delete Blob requests over https. B. Create an export job for your container. C. Set up a retention policy. D. Execute Delete Blob requests over http.
Answer: C Explanation: To ease the management of your logs, we have provided the functionality of retention policy which will automatically cleanup `old' logs without you being charged for the cleanup. It is recommended that you set a retention policy for logs such that your analytics data will be within the 20TB limit allowed for analytics data (logs and metrics combined). http://blogs.msdn.com/b/windowsazurestorage/archive/2011/08/03/windows-azure-storage- logging-using-logs-to-track-storage-requests.aspx
QUESTION 96 You connect to an existing service over the network by using HTTP. The service listens on HTTP port 80. You plan to create a test environment for this existing service by using an Azure virtual
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
QUESTION 98
Hotspot Question You manage an Azure Web Site for a consumer-product company. The website runs in Standard mode on a single medium instance. You expect increased traffic to the website due to an upcoming sale during a holiday weekend. You need to ensure that the website performs optimally when user activity is at its highest. Which option should you select? To answer, select the appropriate option in the answer area.
Answer:
QUESTION 99
Your company network includes two branch offices. Users at the company access internal virtual machines (VMs). You want to ensure secure communications between the branch offices and the internal VMs and network. You need to create a site-to-site VPN connection. What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. a private IPv4 IP address and a compatible VPN device B. a private IPv4 IP address and a RRAS running on Windows Server 2012 C. a public-facing IPv4 IP address and a compatible VPN device D. a public-facing IPv4 IP address and a RRAS running on Windows Server 2012
Answer: CD Explanation: C (not A): VPN Device IP Address - This is public facing IPv4 address of your on-premises VPN device that you'll use to connect to Azure. The VPN device cannot be located behind a NAT. D (Not B): At least one or preferably two publicly visible IP addresses: One of the IP addresses is used on the Windows Server 2012 machine that acts as the VPN device by using RRAS. The other optional IP address is to be used as the Default gateway for out- bound traffic from the on-premises network. If the second IP address is not available, it is possible to configure network address translation (NAT) on the RRAS machine itself, to be discussed in the following sections. It is important to note that the IP addresses must be public. They cannot be behind NAT and/or a firewall.
70-534 Exam Dumps 70-534 Exam Questions 70-534 PDF Dumps 70-534 VCE Dumps
QUESTION 100
You administer a DirSync server configured with Azure Active Directory (Azure AD). You need to provision a user in Azure AD without waiting for the default DirSync synchronization interval. What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Restart the DirSync server. B. Run the Start-OnlineCoexistenceSync PowerShell cmdlet. C. Run the Enable-SyncShare PowerShell cmdlet. D. Run the Azure AD Sync tool Configuration Wizard. E. Replicate the Directory in Active Directory Sites and Services.
Answer: BD Explanation: If you don't want to wait for the recurring synchronizations that occur every three hours, you can force directory synchronization at any time. B: Force directory synchronization using Windows PowerShell You can use the directory synchronization Windows PowerShell cmdlet to force synchronization. The cmdlet is installed when you install the Directory Sync tool. On the computer that is running the Directory Sync tool, start PowerShell, type Import- Module DirSync, and then press ENTER. Type Start-OnlineCoexistenceSync, and then press ENTER. D: Azure Active Directory Sync Services (AAD Sync) In September 2014 the Microsoft Azure AD Sync tool was released. This changed how manual sync requests are issued. To perform a manual update we now use the DirectorySyncClientCmd.exe tool. The Delta and Initial parameters are added to the command to specify the relevant task. This tool is located in: C:\Program Files\Microsoft Azure AD Sync\Bin You can use the directory synchronization Windows PowerShell cmdlet to force synchronization. The cmdlet is installed when you install the Directory Sync tool. On the computer that is running the Directory Sync tool, start PowerShell, type Import- Module DirSync, and then press ENTER. Type Start-OnlineCoexistenceSync, and then press ENTER.
Visit PassLeader and Download Full Version 70-534 Exam Dumps
