Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 6)
You have business services that run on an on-premises mainframe server.
You must provide an intermediary configuration to support existing business services and
Azure. The business services cannot be rewritten. The business services are not exposed externally.
You need to recommend an approach for accessing the business services. What should you recommend?
A. Connect to the on-premises server by using a custom service in Azure.
B. Expose the business services to the Azure Service Bus by using a custom service that uses relay binding.
C. Expose the business services externally.
D. Move all business service functionality to Azure.
Answer: B
Explanation: The Service Bus relay service enables you to build hybrid applications that run in both an Azure datacenter and your own on-premises enterprise environment. The Service Bus relay facilitates this by enabling you to securely expose Windows Communication Foundation (WCF) services that reside within a corporate enterprise network to the public cloud, without having to open a firewall connection, or require intrusive changes to a corporate network infrastructure.
Reference: How to Use the Service Bus Relay Service
http://azure.microsoft.com/en-gb/documentation/articles/service-bus-dotnet-how-to-use- relay/
Q2. DRAG DROP - (Topic 6)
Contoso, Ltd., uses Azure websites for their company portal sites.
Admin users need enough access to effectively perform site monitoring or management tasks.
You need to grant admin access to a group of 10 users.
How should you configure the connection? To answer, drag the role or object to the correct connection setting. Each item may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q3. - (Topic 7)
You need to generate the report for the WGBLeaseLeader app. Which Azure service should you use?
A. Azure Scheduler
B. Azure Data Lake Store
C. Azure Storage Queue
D. Azure Stream Analytics
Answer: A
Q4. DRAG DROP - (Topic 2)
You need to allow network traffic to the Trey Research subversion system.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q5. - (Topic 4)
You need to recommend an appropriate solution for the data mining requirements. Which solution should you recommend?
A. Design a schedule process that allocates tasks to multiple virtual machines, and use the Azure Portal to create new VMs as needed.
B. Use Azure HPC Scheduler Tools to schedule jobs and automate scaling of virtual machines.
C. Use Traffic Manager to allocate tasks to multiple virtual machines, and use the Azure Portal to spin up new virtual machines as needed.
D. Use Windows Server HPC Pack on-premises to schedule jobs and automate scaling of virtual machines in Azure.
Answer: C
Explanation: * Microsoft Azure Traffic Manager allows you to control the distribution of user traffic to your specified endpoints, which can include Azure cloud services, websites, and other endpoints. Traffic Manager works by applying an intelligent policy engine to Domain Name System (DNS) queries for the domain names of your Internet resources. Your Azure cloud services or websites can be running in different datacenters across the world.
* Scenario:
Virtual machines:
✑ The data mining solution must support the use of hundreds to thousands of processing cores.
✑ Minimize the number of virtual machines by using more powerful virtual machines.
Each virtual machine must always have eight or more processor cores available.
✑ Allow the number of processor cores dedicated to an analysis to grow and shrink automatically based on the demand of the analysis.
✑ Virtual machines must use remote memory direct access to improve performance.
Task scheduling:
The solution must automatically schedule jobs. The scheduler must distribute the jobs based on the demand and available resources.
Reference: https://azure.microsoft.com/sv-se/documentation/articles/traffic-manager- overview/
Q6. - (Topic 6)
A company hosts a website and exposes web services on the company intranet.
The intranet is secured by using a firewall. Company policies prohibit changes to firewall rules.
Devices outside the firewall must be able to access the web services. You need to recommend an approach to enable inbound communication. What should you recommend?
A. The Azure Access Control Service
B. Windows Azure Pack
C. The Azure Service Bus
D. A web service in an Azure role that relays data to the internal web services
Answer: C
Explanation: The Service Bus Relay is designed for the use-case of taking existing Windows Communication Foundation (WCF) web services and making those services securely accessible to solutions that reside outside the corporate perimeter without requiring intrusive changes to the corporate network infrastructure. Such Service Bus relay services are still hosted inside their existing environment, but they delegate listening for incoming sessions and requests to the cloud-hosted Service Bus.
Reference: .NET On-Premises/Cloud Hybrid Application Using Service Bus Relay http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-dotnet-hybrid-app-using-service-bus-relay/
Q7. - (Topic 4)
You need to encrypt a media file.
Which type of encryption should you use?
A. secure token service
B. envelope
C. PlayReady
D. storage
Answer: C
Q8. HOTSPOT - (Topic 6)
You are migrating an on-premises application to Azure. The application requires secure storage of database connection strings. When the application is running locally, the connection strings are encrypted with an X509 certificate prior to being stored on disk. The X509 certificate is part of a trust chain to allow the certificate to be revoked by the Certificate Authority if a security breech is suspected.
The application must run on Azure. The X509 certificate must never be stored on disk or in RAM memory. A Certificate Authority must be able to revoke the certificate.
You need to configure Azure Key value.
How should you construct the Azure PowerShell script? To answer, select the appropriate A?ure PowerShell commands in the answer area.
Answer:
Q9. HOTSPOT - (Topic 4)
The company has two corporate offices. Customers will access the websites from datacenters around the world.
You need to architect the global website strategy to meet the business requirements. Use the drop-down menus to select the answer choice that answers each question.
Answer:
Explanation:
* Scenario: The customer-facing website must have access to all ad copy and media.
Q10. - (Topic 6)
You design an Azure web application. The web application is accessible by default as a standard cloudapp.net URL.
You need to recommend a DNS resource record type that will allow you to configure access to the web application by using a custom domain name.
Which DNS record type should you recommend?
A. SRV
B. MX
C. CNAME
D. A
Answer: C
Explanation: A CNAME record maps a specific domain, such as contoso.com or www.contoso.com, to a canonical domain name. In this case, the canonical domain name is the <myapp>.cloudapp.net domain name of your Azure hosted application. Once
created, the CNAME creates an alias for the <myapp>.cloudapp.net. The CNAME entry will resolve to the IP address of your <myapp>.cloudapp.net service automatically, so if the IP address of the cloud service changes, you do not have to take any action.
Incorrect: Not D:
* Since an A record is mapped to a static IP address, it cannot automatically resolve changes to the IP address of your Cloud Service.
* An A record maps a domain, such as contoso.com or www.contoso.com, or a wildcard domain such as *.contoso.com, to an IP address. In the case of an Azure Cloud Service, the virtual IP of the service. So the main benefit of an A record over a CNAME record is that you can have one entry that uses a wildcard, such as *.contoso.com, which would handle requests for multiple sub-domains such as mail.contoso.com, login.contoso.com, or www.contso.com.
Reference: Configuring a custom domain name for an Azure cloud service http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-custom-domain-
name/
Q11. DRAG DROP - (Topic 6)
You are designing the deployment of Azure Site Recovery with Hyper-V Replica. The environment does not have System Center Virtual Machine Manager (VMM) deployed.
You need to instruct an implementation team to prepare the Azure environment for deployment.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
Answer:
Q12. - (Topic 6)
You are the administrator for a company named Contoso, Ltd.
Contoso also has an Azure subscription and uses many on-premises Active Directory products as roles in Windows Server including the following:
✑ Active Directory Domain Services (AD DS)
✑ Active Directory Certificate Services (AD CS)
✑ Active Directory Rights Management Services (AD RMS)
✑ Active Directory Lightweight Directory Services (AD LDS)
✑ Active Directory Federation Services (AD FS).
Contoso must use the directory management services available in Azure Active Directory.
You need to provide information to Contoso on the similarities and differences between Azure Active Directory and the Windows Server Active Directory family of services.
Which feature does Azure Active Directory and on-premises Active Directory both support?
A. Using the GraphAPI to query the directory
B. Issuing user certificates
C. Supporting single sign-on (SSO)
D. Querying the directory with LDAP
Answer: C
Explanation: AD FS supports Web single-sign-on (SSO) technologies, and so does Azure Active Directory.
If you want single sign on we usually suggest using ADFS if you’re a Windows shop. Going forward though, Azure Active Directory is another alternative you can use.
Reference: Using Azure Active Directory for Single Sign On with Yammer https://samlman.wordpress.com/2015/03/02/using-azure-active-directory-for-single-sign-on-with-yammer/
Q13. - (Topic 1)
You need to prepare the implementation of data storage for the contractor information app. What should you?
A. Create a storage account and implement multiple data partitions.
B. Create a Cloud Service and a Mobile Service. Implement Entity Group transactions.
C. Create a Cloud Service and a Deployment group. Implement Entity Group transactions.
D. Create a Deployment group and a Mobile Service. Implement multiple data partitions.
Answer: B
Explanation:
* Scenario:
/ VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance.
/ A mobile service that is used to access contractor information must have automatically scalable, structured storage
* The basic unit of deployment and scale in Azure is the Cloud Service. Reference: Performing Entity Group Transactions
https://msdn.microsoft.com/en-us/library/azure/dd894038.aspx
Q14. DRAG DROP - (Topic 6)
You have a web application on Azure.
The web application does not employ Secure Sockets Layer (SSL).
You need to enable SSL for your production deployment web application on Azure. Which four actions should you perform in sequence? To answer, move the appropriate
actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q15. - (Topic 2)
You need to configure the distribution tracking application. What should you do?
A. Map each role to a single upgrade domain to optimize resource utilization.
B. Design all services as stateless services.
C. Configure operations to queue when a role reaches its capacity.
D. Configure multiple worker roles to run on each virtual machine.
Answer: D
Explanation: * Scenario: distribution tracking application
The system is processor intensive and should be run in a multithreading environment.
Reference: Running multiple workers inside one Windows Azure Worker Role http://mark.mymonster.nl/2013/01/29/running-multiple-workers-inside-one-windows-azure-worker-role