Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. HOTSPOT
You manage an Azure Service Bus for your company. You plan to enable access to the Azure Service Bus for an application named ContosoLOB.
You need to create a new shared access policy for subscriptions and queues that has the following requirements:
Receives messages from a queue
Deadletters a message
Defers a message for later retrieval
Enumerates subscriptions
Gets subscription description
In the table below, identify the permission you need to assign to ensure that ContosoLOB is able to accomplish the above requirements. Make only one selection in each column.
Answer:
Q2. DRAG DROP
You administer an Azure SQL database named contosodb that is running in Standard/S1 tier. The database is in a server named server1 that is a production environment. You also administer a database server named server2 that is a test environment. Both database servers are in the same subscription and the same region but are on different physical clusters.
You need to copy contosodb to the test environment.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q3. You publish an application named MyApp to Azure Active Directory (Azure AD). You grant access to the web APIs through OAuth 2.0.
MyApp is generating numerous user consent prompts.
You need to reduce the amount of user consent prompts.
What should you do?
A. Enable Multi-resource refresh tokens.
B. Enable WS-federation access tokens.
C. Configure the Open Web Interface for .NET.
D. Configure SAML 2.0.
Answer: A
Explanation: When using the Authorization Code Grant Flow, you can configure the client to call multiple resources. Typically, this would require a call to the authorization endpoint for each target service. To avoid multiple calls and multiple user consent prompts, and reduce the number of refresh tokens the client needs to cache, Azure Active Directory (Azure AD) has implemented multi-resource refresh tokens. This feature allows you to use a single refresh token to request access tokens for multiple resources.
Reference:Azure, OAuth 2.0, Refresh Tokens for Multiple Resources
Q4. You manage a large datacenter that has limited physical space.
You plan to extend your datacenter to Azure.
You need to create a connection that supports a multiprotocol label switching (MPLS) virtual private network.
Which connection type should you use?
A. Site-to-site
B. VNet-VNet
C. ExpressRoute.
D. Site-to-peer
Answer: C
Explanation:
ExpressRoute provides even richer capabilities by allowing a dedicated MPLS connection to Azure. Reference:
ExpressRoute:
An MPLS Connection to Microsoft Azure
http://azure.microsoft.com/en-us/services/expressroute/
Q5. DRAG DROP
Your company network includes a single forest with multiple domains. You plan to migrate from On-Premises Exchange to Exchange Online.
You want to provision the On-Premises Windows Active Directory (AD) and Azure Active Directory (Azure AD) service accounts.
You need to set the required permissions for the Azure AD service account.
Which settings should you use? To answer, drag the appropriate permission to the service account. Each permission may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q6. You are migrating a local virtual machine (VM) to an Azure VM. You upload the virtual hard disk (VHD) file to Azure Blob storage as a Block Blob.
You need to change the Block blob to a page blob.
What should you do?
A. Delete the Block Blob and re-upload the VHD as a page blob.
B. Update the type of the blob programmatically by using the Azure Storage .NET SDK.
C. Update the metadata of the current blob and set the Blob-Type key to Page.
D. Create a new empty page blob and use the Azure Blob Copy Power Shell cmdlet to copy the current data to the new blob.
Answer: A
Explanation: * To copy the data files to Windows Azure Storage by using one of the following methods: AzCopy Tool, Put Blob (REST API) and Put Page (REST API), or Windows Azure Storage Client Library for .NET or a third-party storage explorer tool. Important: When using this new enhancement, always make sure that you create a page blob not a block blob.
* Azure has two main files storage format: Page blob : mainly used for vhd’s (CloudPageBlob) Block Blob : for other files (CloudBlockBlob)
ference: Move your data files to Windows Azure Storage
http://msdn.microsoft.com/en-us/library/dn466429.aspx
Q7. HOTSPOT
You manage an Azure Web Site named contosoweb.
Some users report that they receive the following error when they access contosoweb:
"http Status 500.0 - Internal Server Error."
You need to view detailed diagnostic information in XML format.
Which option should you enable? To answer, select the appropriate option in the answer
area.
Answer:
Q8. HOTSPOT
You manage a public-facing web application which allows authenticated users to upload and download large files. On the initial public page there is a promotional video.
You plan to give users access to the site content and promotional video.
In the table below, identify the access method that should be used for the anonymous and authenticated parts of the application. Make only one selection in each column.
Answer:
Q9. DRAG DROP
You manage an Azure Web Site named salessite1. You notice some performance issues with salessite1. You create a new database for salessite1.
You need to update salessite1 with the following changes, in the order shown:
1. Display the list of current connection strings.
2. Create a new connection string named conn1 with a value of: Server=tcp:samplel.database.windows.net,1433;Database=NewDB;User
ID=User@samplel;Password=Passwordl;Trusted_Connection=False;Encrypt=True;Connec tion Timeout=30;.
3. Download the application logs for analysis.
Which three xplat-cli commands should you perform in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
Answer:
Q10. You develop a set of Power Shell scripts that will run when you deploy new virtual machines (VMs).
You need to ensure that the scripts are executed on new VMs. You want to achieve this goal by using the least amount of administrative effort.
What should you do?
A. Create a new GPO to execute the scripts as a logon script.
B. Create a SetupComplete.cmd batch file to call the scripts after the VM starts.
C. Create a new virtual hard disk (VHD) that contains the scripts.
D. Load the scripts to a common file share accessible by the VMs.
E. Set the VMs to execute a custom script extension.
Answer: E
Explanation: After you deploy a Virtual Machine you typically need to make some changes before it’s ready to use. This is something you can do manually or you could use Remote PowerShell to automate the configuration of your VM after deployment for example.
But now there’s a third alternative available allowing you customize your VM: the CustomScript extension.
This CustomScript extension is executed by the VM Agent and it’s very straightforward: you specify which files it needs to download from your storage account and which file it needs to execute. You can even specify arguments that need to be passed to the script. The only requirement is that you execute a .ps1 file.
Reference: Customizing your Microsoft Azure Virtual Machines with the new CustomScript extension
http://fabriccontroller.net/blog/posts/customizing-your-microsoft-azure-virtual-machines-with-the-new-customscript-extension/
Q11. You manage a cloud service on two instances. The service name is Service1 and the role name is ServiceRole1.
Service1 has performance issues during heavy traffic periods.
You need to increase the existing deployment of Service1 to three instances.
Which Power Shell cmdlet should you use?
A. PS C:\>Set-AzureService -ServiceName "Service1” -Label "ServiceRole1' -Description "Instance count=3"
B. PS C:\>Set-AzureRole -ServiceName "Service1" -Slot "Production” -RoleName "ServiceRole1" -Count 3
C. PS C:\>Add-AzureWebRole -Name 'ServiceRole1" -Instances 3
D. PS C:\> $instancecount = New-Object Hashtable$settings['INSTANCECOUNT=3] PS C:\> Set-AzureWebsite -AppSettings $instancecount ServiceRole1
Answer: B
Explanation: The Set-AzureRole cmdlet sets the number of instances of a specified role to run in an Azure deployment
Example This command sets the "MyTestRole3" role running in production on the "MySvc1" service to three instances.
Windows PowerShell C:\PS>Set-AzureRole –ServiceName "MySvc1" –Slot "Production" –RoleName
"MyTestRole3" –Count 3 Reference: Set-AzureRole
Q12. HOTSPOT
Your company network has two branch offices. Some employees work remotely, including at public locations. You manage an Azure environment that includes several virtual networks.
All users require access to the virtual networks.
In the table below, identify which secure cross-premise connectivity option is needed for each type of user. Make only one selection in each column.
Answer:
Q13. You administer an Azure virtual network named fabrikamVNet.
You need to deploy a virtual machine (VM) and ensure that it is a member of the fabrikamVNet virtual network.
What should you do?
A. Run the New-AzureVM Power Shell cmdlet.
B. Run the New-AzureQuickVM Power Shell cmdlet.
C. Run the New-AzureAfhnityGroup Power Shell cmdlet.
D. Update fabrikamVNet's existing Availability Set.
Answer: B
Explanation: The New-AzureQuickVM cmdlet sets the configuration for a new virtual machine and creates the virtual machine. You can create a new Azure service for the virtual machine by specifying either the Location or AffinityGroup parameters, or deploy the new virtual machine into an existing service.
Reference: New-AzureQuickVM
URL: http://msdn.microsoft.com/en-us/library/dn495183.aspx
Q14. You develop a Windows Store application that has a web service backend.
You plan to use the Azure Active Directory Authentication Library to authenticate users to Azure Active Directory (Azure AD) and access directory data on behalf of the user.
You need to ensure that users can log in to the application by using their Azure AD credentials.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Create a native client application in Azure AD.
B. Configure directory integration.
C. Create a web application in Azure AD.
D. Enable workspace join.
E. Configure an Access Control namespace.
Answer: B,C
Explanation: B: An application that wants to outsource authentication to Azure AD must be
registered in Azure AD, which registers and uniquely identifies the app in the directory.
C (not A): NativeClient-WindowsStore
A Windows Store application that calls a web API that is secured with Azure AD.
Reference: AzureADSamples/NativeClient-WindowsStore Authentication Scenarios for Azure AD, Basics of Authentication in Azure AD http://msdn.microsoft.com/en-us/library/azure/dn499820.aspx#BKMK_Auth https://github.com/AzureADSamples/NativeClient-WindowsStore
Q15. Click Configure Directory Partitions, and then click Containers, as shown in the below screen capture.
Answer: