Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. HOTSPOT
You manage two cloud services named Service1 and Service2. The development team updates the code for each application and notifies you that the services are packaged and ready for deployment.
Each cloud service has specific requirements for deployment according to the following table.
In the table below, identify the deployment method for each service. Make only one selection in each column.
Answer:
Q2. DRAG DROP
Your development team has created a new solution that is deployed in a virtual network named fabDevVNet.
Your testing team wants to begin testing the solution in a second Azure subscription.
You need to create a virtual network named fabTestVNet that is identical to fabDevVNet. You want to achieve this goal by using the least amount of administrative effort.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q3. Your company plans to migrate from On-Premises Exchange to Exchange Online in Office
365.
You plan to integrate your existing Active Directory Domain Services (AD DS) infrastructure with Azure AD.
You need to ensure that users can log in by using their existing AD DS accounts and passwords. You need to achieve this goal by using minimal additional systems.
Which two actions should you perform? Each answer presents part of the solution.
A. Configure Password Sync.
B. Set up a DirSync Server.
C. Set up an Active Directory Federation Services Server.
D. Set up an Active Directory Federation Services Proxy Server.
Answer: A,B
Explanation: Directory Sync with Password Sync Scenario' Applies To: Azure, Office 365, Windows Intune
Password sync is an extension to the Directory Sync Scenario. With directory sync, you can manage the entire lifecycle of your cloud user and group accounts using your on-premise Active Directory management tools.
When password sync is enabled on your directory sync computer, your users will be able to sign into Microsoft cloud services, such as Office 365, Dynamics CRM, and Windows InTune, using the same password as they use when logging into your on-premises network. When your users change their passwords in your corporate network, those changes are synchronized to the cloud.
Reference: Directory Sync with Password Sync Scenario'
URL: http://technet.microsoft.com/en-us/library/dn441214.aspx
Q4. DRAG DROP
You manage a solution deployed in two Azure subscriptions for testing and production. Both subscriptions have virtual networks named fabVNet.
You plan to add two new virtual machines (VMs) in a new subnet.
You have the following requirements:
...
Deploy the new VMs to the virtual network in the testing subscription.
Minimize any errors in defining the network changes.
Minimize the work that will be required when the change is made to the production
virtual network.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q5. DRAG DROP
You publish a multi-tenant application named MyApp to Azure Active Directory (Azure AD).
You need to ensure that only directory administrators from the other organizations can access MyApp's web API.
How should you configure MyApp's manifest JSON file? To answer, drag the appropriate PowerShell command to the correct location in the application's manifest JSON file. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q6. Your company network has two physical locations configured in a geo-clustered environment. You create a Blob storage account in Azure that contains all the data associated with your company.
You need to ensure that the data remains available in the event of a site outage.
Which storage option should you enable?
A. Locally redundant storage
B. Geo-redundant storage
C. Zone-redundant storage
D. Read-only geo-redundant storage
Answer: D
Explanation: Introducing Read-only Access to Geo Redundant Storage (RA-GRS):
RA-GRS allows you to have higher read availability for your storage account by providing “read only” access to the data replicated to the secondary location. Once you enable this feature, the secondary location may be used to achieve higher availability in the event the data is not available in the primary region. This is an “opt-in” feature which requires the storage account be geo-replicated.
Reference: Windows Azure Storage Redundancy Options and Read Access Geo Redundant Storage
Q7. DRAG DROP
Your company manages several Azure Web Sites that are running in an existing web-hosting plan named plan1.
You need to move one of the websites, named contoso, to a new web-hosting plan named plan2.
Which Azure PowerShell cmdlet should you use with each PowerShell command line? To answer, drag the appropriate Azure PowerShell cmdlet to the correct location in the PowerShell code. Each PowerShell cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q8. Your network includes a legacy application named LegacyApp1. The application only runs in the Microsoft .NET 3.5 Framework on Windows Server 2008.
You plan to deploy to Azure Cloud Services.
You need to ensure that LegacyApp1 will run correctly in the new environment.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Upload a VHD with Windows Server 2008 installed.
B. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 2.
C. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 1.
D. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 3.
Answer: B,C
Explanation: Guest OS Family 1 and Guest OS Family 2 supports .NET 3.5 and .Net 4.0. Guest OS Family 3 and Guest OS Family 4 supports .NET 4.0 and .Net 4.5.
Reference: Azure Guest OS Releases and SDK Compatibility Matrix
URL: http://msdn.microsoft.com/en-us/library/azure/ee924680.aspx
Q9. HOTSPOT
You manage a public-facing web application which allows authenticated users to upload and download large files. On the initial public page there is a promotional video.
You plan to give users access to the site content and promotional video.
In the table below, identify the access method that should be used for the anonymous and authenticated parts of the application. Make only one selection in each column.
Answer:
Q10. Your company has two cloud services named CS01 and CS02. You create a virtual machine (VM) in CS02 named Accounts.
You need to ensure that users in CS01 can access the Accounts VM by using port 8080.
What should you do?
A. Create a firewall rule.
B. Configure load balancing.
C. Configure port redirection.
D. Configure port forwarding.
E. Create an end point.
Answer: E
Explanation: All virtual machines that you create in Azure can automatically communicate using a private network channel with other virtual machines in the same cloud service or virtual network. However, other resources on the Internet or other virtual networks require endpoints to handle the inbound network traffic to the virtual machine.
Reference: How to Set Up Endpoints to a Virtual Machine
URL: http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/
Q11. You manage a cloud service that utilizes data encryption.
You need to ensure that the certificate used to encrypt data can be accessed by the cloud service application.
What should you do?
A. Upload the certificate referenced in the application package.
B. Deploy the certificate as part of the application package.
C. Upload the certificate's public key referenced in the application package.
D. Use RDP to install the certificate.
Answer: C
Explanation: The developer must deploy the public key with their application so that, when Windows Azure spins up role instances, it will match up the thumbprint in the service definition with the uploaded service certificate and deploy the private key to the role instance. The private key is intentionally non-exportable to the .pfx format, so you won’t be able to grab the private key through an RDC connection into a role instance.
Reference: Field Note: Using Certificate-Based Encryption in Windows Azure Applications
Q12. You manage two datacenters in different geographic regions and one branch office.
You plan to implement a geo-redundant backup solution.
You need to ensure that each datacenter is a cold site for the other.
You create a recovery vault. What should you do next?
A. Install the provider.
B. Upload a certificate to the vault.
C. Generate a vault key.
D. Set all virtual machines to DHCP.
E. Prepare System Center Virtual Machine Manager (SCVMM) servers.
F. Create mappings between the virtual machine (VM) networks.
Answer: C
Explanation: . Within the Azure Portal screen, scroll down to Recovery Services (on the left menu), and click on “Create a New Vault” (this is where your VMs will be replicated to) which will bring up a Data Services / Recovery Services / Site Recovery Vault option, select Quick Create . For the name of the Vault, give it something you’d remember, in my case, I’ll call it RandsVault, and I’ll choose the Region West US since I’m in the Western United States, then click Create Vault . Once the Vault has been created, click on the Right Arrow next to the name of your vault. Under Setup Recovery, choose “Between an on-premise site and Microsoft Azure” so that you are telling the configuration settings that you are going to be replicating between your on-premise datacenter and Azure in the cloud. . You will now see a list of things you need to do which the first thing is to create a key exchange of certificates between Microsoft Azure and your VMM server.
Reference: Leveraging Microsoft Azure as your disaster recovery/failover data center
Q13. You administer a solution deployed to a virtual machine (VM) in Azure. The VM hosts a web service that is used by several applications. You are located in the US West region and have a worldwide user base.
Developers in Asia report that they experience significant delays when they execute the services.
You need to verify application performance from different locations.
Which type of monitoring should you configure?
A. Disk Read
B. Endpoint
C. Network Out
D. CPU
E. Average Response Time
Answer: E
Explanation:
Example:
Incorrect:
Not B: Health Endpoint Monitoring Pattern is used for checking the health of the program:
Implement functional checks within an application that external tools can access through
exposed endpoints at regular intervals. This pattern can help to verify that applications and
services are performing correctly.
Reference: How to Monitor and Analyze Performance of the Windows Azure Storage
Service
Q14. You administer an Azure Web Site named contoso. The development team has implemented changes to the website that need to be validated.
You need to validate and deploy the changes with minimum downtime to users.
What should you do first?
A. Create a new Linked Resource.
B. Configure Remote Debugging on contoso.
C. Create a new website named contosoStaging.
D. Create a deployment slot named contosoStaging.
E. Back up the contoso website to a deployment slot.
Answer: D
Explanation: When you deploy your application to Azure Websites, you can deploy to a separate deployment slot instead of the default production slot, which are actually live sites with their own hostnames.
Furthermore, you can swap the sites and site configurations between two deployment slots, including the production slot. Deploying your application to a deployment slot has the following benefits:
* You can validate website changes in a staging deployment slot before swapping it with the production slot.
* After a swap, the slot with previously staged site now has the previous production site. If the changes swapped into the production slot are not as you expected, you can perform the same swap immediately to get your "last known good site" back.
* Deploying a site to a slot first and swapping it into production ensures that all instances of the slot are warmed up before being swapped into production. This eliminates downtime when you deploy your site. The traffic redirection is seamless, and no requests are dropped as a result of swap operations.
Reference: Staged Deployment on Microsoft Azure Websites
Q15. You manage a virtual Windows Server 2012 web server that is hosted by an on-premises Windows Hyper-V server. You plan to use the virtual machine (VM) in Azure.
You need to migrate the VM to Azure Storage to add it to your repository.
Which Azure Power Shell cmdlet should you use?
A. Import-AzureVM
B. New-AzureVM
C. Add-AzureDisk
D. Add-AzureWebRole
E. Add-AzureVhd
Answer: E
Explanation: * How do I move an existing virtual machine to the cloud? The steps are pretty basic:
Create a place to store your hard disk in Windows Azure
Prepare your virtual hard disk
Upload your virtual hard disk
.Create your machine in Windows Azure
* Add-AzureVhd Uploads a virtual hard disk (in .vhd file format) from an on-premises virtual machine to a blob in a cloud storage account in Azure.
The Add-AzureVhd cmdlet allows you to upload on-premises virtual hard disks (in .vhd file format) to a blob storage account as fixed virtual hard disks. You can configure the number of uploader threads that will be used or overwrite an existing blob in the specified destination URI. Also supported is the ability to upload a patched version of an on-premises .vhd file: When a base virtual hard disk has already been uploaded, you can upload differencing disks that use the base image as the parent. Shared access signature (SAS URI) is supported as well.
Reference: Add-AzureVhd
URL: http://msdn.microsoft.com/en-us/library/dn495173.aspx