Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 6)
You are designing an Azure web application that includes many static content files.
The application is accessed from locations all over the world by using a custom domain name.
You need to recommend an approach for providing access to the static content with the least amount of latency.
Which two actions should you recommend? Each correct answer presents part of the solution.
A. Place the static content in Azure Table storage.
B. Configure a CNAME DNS record for the Azure Content Delivery Network (CDN) domain.
C. Place the static content in Azure Blob storage.
D. Configure a custom domain name that is an alias for the Azure Storage domain.
Answer: B,C
Explanation: B: There are two ways to map your custom domain to a CDN endpoint.
1. Create a CNAME record with your domain registrar and map your custom domain and subdomain to the CDN endpoint
2. Add an intermediate registration step with Azure cdnverify
C: The Azure Content Delivery Network (CDN) offers developers a global solution for delivering high-bandwidth content by caching blobs and static content of compute instances at physical nodes in the United States, Europe, Asia, Australia and South America.
The benefits of using CDN to cache Azure data include:
/ Better performance and user experience for end users who are far from a content source, and are using applications where many 'internet trips' are required to load content
/ Large distributed scale to better handle instantaneous high load, say, at the start of an event such as a product launch
Reference: Using CDN for Azure
https://azure.microsoft.com/en-gb/documentation/articles/cdn-how-to-use/
Reference: How to map Custom Domain to Content Delivery Network (CDN) endpoint https://github.com/Azure/azure-content/blob/master/articles/cdn-map-content-to-custom-
domain.md
https://github.com/Azure/azure-content/blob/master/articles/cdn-map-content-to-custom- domain.md
Q2. DRAG DROP - (Topic 7)
You need to deploy the WGBLoanMaster app by using Azure PowerShell.
Which four Azure PowerShell cmdlets should you run in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q3. - (Topic 1)
You need to design the system that alerts project managers to data changes in the contractor information app.
Which service should you use?
A. Azure Mobile Service
B. Azure Service Bus Message Queueing
C. Azure Queue Messaging
D. Azure Notification Hub
Answer: C
Explanation: * Scenario:
/ Mobile Apps: Event-triggered alerts must be pushed to mobile apps by using a custom Node.js script.
/ The service level agreement (SLA) for the solution requires an uptime of 99.9%
* If you are already using Azure Storage Blobs or Tables and you start using queues, you are guaranteed 99.9% availability. If you use Blobs or Tables with Service Bus queues, you will have lower availability.
Note: Microsoft Azure supports two types of queue mechanisms: Azure Queues and Service Bus Queues.
/ Azure Queues, which are part of the Azure storage infrastructure, feature a simple REST- based Get/Put/Peek interface, providing reliable, persistent messaging within and between services.
/ Service Bus queues are part of a broader Azure messaging infrastructure that supports queuing as well as publish/subscribe, Web service remoting, and integration patterns.
Reference: Azure Queues and Service Bus Queues - Compared and Contrasted https://msdn.microsoft.com/en-us/library/azure/hh767287.aspx
Q4. DRAG DROP - (Topic 5)
You need to design the notification service for the customer-facing mobile app.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Azure Notification Hubs provide an easy-to-use infrastructure that enables you to send mobile push notifications from any backend (in the cloud or on-premises) to any mobile platform.
Configuration steps include:
1. Configure your Notification Hub
2. Connecting your app to the Notification Hub
3. Send notification from your back-end
You can send notifications using Notification Hubs from any back-end using the REST interface. You do this through a script, not a configuration of Mobile Services. Use Java or PHP for the script.
Q5. DRAG DROP - (Topic 6)
You have a web application on Azure.
The web application does not employ Secure Sockets Layer (SSL).
You need to enable SSL for your production deployment web application on Azure. Which four actions should you perform in sequence? To answer, move the appropriate
actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q6. - (Topic 8)
You need to support web and mobile application secure logons. Which technology should you use?
A. Azure Active Directory B2B
B. OAuth 1.0
C. LDAP
D. Azure Active Directory B2C
Answer: D
Q7. - (Topic 6)
You design an Azure web application. The web application is accessible by default as a standard cloudapp.net URL.
You need to recommend a DNS resource record type that will allow you to configure access to the web application by using a custom domain name.
Which DNS record type should you recommend?
A. SRV
B. MX
C. CNAME
D. A
Answer: C
Explanation: A CNAME record maps a specific domain, such as contoso.com or www.contoso.com, to a canonical domain name. In this case, the canonical domain name is the <myapp>.cloudapp.net domain name of your Azure hosted application. Once
created, the CNAME creates an alias for the <myapp>.cloudapp.net. The CNAME entry will resolve to the IP address of your <myapp>.cloudapp.net service automatically, so if the IP address of the cloud service changes, you do not have to take any action.
Incorrect: Not D:
* Since an A record is mapped to a static IP address, it cannot automatically resolve changes to the IP address of your Cloud Service.
* An A record maps a domain, such as contoso.com or www.contoso.com, or a wildcard domain such as *.contoso.com, to an IP address. In the case of an Azure Cloud Service, the virtual IP of the service. So the main benefit of an A record over a CNAME record is that you can have one entry that uses a wildcard, such as *.contoso.com, which would handle requests for multiple sub-domains such as mail.contoso.com, login.contoso.com, or www.contso.com.
Reference: Configuring a custom domain name for an Azure cloud service http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-custom-domain-
name/
Q8. - (Topic 6)
You are the administrator for a company named Contoso, Ltd.
Contoso also has an Azure subscription and uses many on-premises Active Directory products as roles in Windows Server including the following:
✑ Active Directory Domain Services (AD DS)
✑ Active Directory Certificate Services (AD CS)
✑ Active Directory Rights Management Services (AD RMS)
✑ Active Directory Lightweight Directory Services (AD LDS)
✑ Active Directory Federation Services (AD FS).
Contoso must use the directory management services available in Azure Active Directory.
You need to provide information to Contoso on the similarities and differences between Azure Active Directory and the Windows Server Active Directory family of services.
Which feature does Azure Active Directory and on-premises Active Directory both support?
A. Using the GraphAPI to query the directory
B. Issuing user certificates
C. Supporting single sign-on (SSO)
D. Querying the directory with LDAP
Answer: C
Explanation: AD FS supports Web single-sign-on (SSO) technologies, and so does Azure Active Directory.
If you want single sign on we usually suggest using ADFS if you’re a Windows shop. Going forward though, Azure Active Directory is another alternative you can use.
Reference: Using Azure Active Directory for Single Sign On with Yammer https://samlman.wordpress.com/2015/03/02/using-azure-active-directory-for-single-sign-on-with-yammer/
Q9. - (Topic 6)
You are evaluating an Azure application. The application includes the following elements:
✑ A web role that provides the ASP.NET user interface and business logic
✑ A single SQL database that contains all application data
Each webpage must receive data from the business logic layer before returning results to the client. Traffic has increased significantly. The business logic is causing high CPU usage.
You need to recommend an approach for scaling the application. What should you recommend?
A. Store the business logic results in Azure Table storage.
B. Vertically partition the SQL database.
C. Move the business logic to a worker role.
D. Store the business logic results in Azure local storage.
Answer: C
Explanation: For Cloud Services in Azure applications need both web and worker roles to
scale well.
Reference: Application Patterns and Development Strategies for SQL Server in Azure Virtual Machines
https://msdn.microsoft.com/en-us/library/azure/dn574746.aspx
Topic 7, Woodgrove Bank
Overview
Woodgrove Bank has 20 regional offices and operates 1,500 branch office locations. Each regional office hosts the servers, infrastructure, and applications that support that region. Woodgrove Bank plans to move all of Their on-premises resources to Azure, including virtual machine (VM)-based, line-of-business workloads, and SQL databases. You are the owner of the Azure subscription that Woodgrove Bank is using. Your team is using Git repositories hosted on GitHub for source control.
Security
Currently, Woodgrove Bank's Computer Security Incident Response Team (CSIRT) has a problem investigating security issues due to the lack of security intelligence integrated with their current incident response tools. This lack of integration introduces a problem during the detection (too many false positives), assessment, and diagnose stages. You decide to use Azure Security Center to help address this problem.
Woodgrove Bank has several apps with regulated data such as Personally Identifiable Information (PU) that require a higher level of security. All apps are currently secured by using an on-premises Active Directory Domain Services (AD DS). The company depends on following mission-critical apps: WGBLoanMaster, WGBLeaseLeader, and WGBCreditCruncher apps. You plan to move each of these apps to Azure as part of an app migration project.
Apps
The WGBLoanMaster app has been audited for transaction loss. Many transactions have been lost in processing and monetary write-offs have cost the bank. The app runs on two VMs that include several public end points.
The WGBteaseLeader app has been audited for several data breaches. The app includes a SQL Server database and a web-based portal. The portal uses an ASP.NET Web API function to generate a monthly aggregate report from the database.
The WGBCreditCruncher app runs on a VM and is load balanced at the network level. The app includes several stateless components and must accommodate scaling of increased credit processing. The app runs on a nightly basis to process credit transactions that are batched during the day. The app includes a web-based portal where customers can check their credit information. A mobile version of the app allows users to upload check images.
Business Requirements: WGBLoanMasterApp
The app audit revealed a need for zero transaction loss. The business is losing money due to the app losing and not processing loan information. In addition, transactions fail to process after running for a long time. The business has requested the aggregation processing to be scheduled for 01:00 to prevent system slowdown.
WGBLeaseLeader App
The app should be secured to stop data breaches. It the data is breached, it must not be readable. The app is continuing to see increased volume and the business does not want the issues presented in the WGBLoanMaster app. Transaction loss is unacceptable, and although the lease monetary amounts are smaller than loans, they are still an important profit center for Woodgrove Bank. The business would also like the monthly report to be automatically generated on the first of the month. Currently, a user must log in to the portal and click a button to generate the report.
WGBCreditCruncher app
The web-based portal area of the app must allow users to sign in with their Facebook credentials. The bank would like to allow this feature to enable more users to check their credit within the app.
Woodgrove Bank needs to develop a new financial risk modeling feature that they can include in the WGBCreditCruncher app. The financial risk modeling feature has not been developed due to costs associated with processing, transforming, and analyzing the large volumes of data that are collected. You need to find a way to implement parallel processing to ensure that the features runs efficiently, reliably, and quickly. The feature must scale based on computing demand to process the large volumes of data and output several financial risk models.
Technical Requirements: WGBLoanMaster App
The app uses several compute-intensive tasks that create long-running requests to the system. The app is critical to the business and must be scalable to increased loan processing demands. The VMs that run the app include a Windows Task Scheduler task that aggregates loan information from the app to send to a third party. This task runs a console app on the VM.
The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:
*Allow messages to reside in the queue for up to a month
*Be able to publish and consume batches of messages
*Allow full integration with the Windows Communication Foundation (WCF) communication stack
*Provide a role-based access model to the queues, including different permissions for senders and receivers
You develop an Azure Resource Manager (ARM) template to deploy the VMs used to support the app. The template must be deployed to a new resource group and you must validate your deployment settings before creating actual resources.
WGBLeaseLeader App
The app must use Azure SQL Databases as a replacement to the current Microsoft SQL Server environment. The monthly report must be automatically generated.
The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:
*Require server-side logs of all of the transactions run against your queues
*Track progress of a message within the queue
*Process the messages within 7 days
*Provide a differing timeout value per message
WGBCreditCruncher app
The app must
*Secure inbound and outbound traffic
*Analyze inbound network traffic for vulnerabilities.
*Use an instance-level public IP and allow web traffic on port 443 only.
*Upgrade the portal to a Single Page Application (SPA) that uses JavaScript Azure Active Directory (Azure AD), and the OAuth 2.0 implicit authorization grant to secure the Web API back end.
*Cache authentication and host the Web API back end using the Open Web Interface for
.NET (OWIN) middleware.
*Immediately compress check images received from the mobile web app.
*Schedule processing of the batched credit transactions on a nightly basis.
*Provide parallel processing and scalable computing resources to output financial risk models.
*Use simultaneous compute nodes to enable high performance computing and updating of the financial risk models.
Key Security Areas
Q10. DRAG DROP - (Topic 6)
You are designing the deployment for Linux virtual machines (VMs) in Azure. The VMs will be used for a web app that will run in Azure.
The web app must be able to run Bash scripts on demand. Parallel workloads must also be set to scale automatically based on use.
You need to design the environment for the Bash scripts and parallel workloads. Which processing type should you use for each component? To answer, drag the
appropriate processing types to the correct components. Each processing type may be
used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Answer:
Q11. - (Topic 4)
You need to recommend an appropriate solution for the data mining requirements. Which solution should you recommend?
A. Design a schedule process that allocates tasks to multiple virtual machines, and use the Azure Portal to create new VMs as needed.
B. Use Azure HPC Scheduler Tools to schedule jobs and automate scaling of virtual machines.
C. Use Traffic Manager to allocate tasks to multiple virtual machines, and use the Azure Portal to spin up new virtual machines as needed.
D. Use Windows Server HPC Pack on-premises to schedule jobs and automate scaling of virtual machines in Azure.
Answer: C
Explanation: * Microsoft Azure Traffic Manager allows you to control the distribution of user traffic to your specified endpoints, which can include Azure cloud services, websites, and other endpoints. Traffic Manager works by applying an intelligent policy engine to Domain Name System (DNS) queries for the domain names of your Internet resources. Your Azure cloud services or websites can be running in different datacenters across the world.
* Scenario:
Virtual machines:
✑ The data mining solution must support the use of hundreds to thousands of processing cores.
✑ Minimize the number of virtual machines by using more powerful virtual machines.
Each virtual machine must always have eight or more processor cores available.
✑ Allow the number of processor cores dedicated to an analysis to grow and shrink automatically based on the demand of the analysis.
✑ Virtual machines must use remote memory direct access to improve performance.
Task scheduling:
The solution must automatically schedule jobs. The scheduler must distribute the jobs based on the demand and available resources.
Reference: https://azure.microsoft.com/sv-se/documentation/articles/traffic-manager- overview/
Q12. - (Topic 6)
You are designing a web app deployment in Azure.
You need to ensure that inbound requests to the web app are routed based on the endpoint that has the lowest latency.
What should you use?
A. Azure health probes
B. Azure Fabric Controller
C. Azure Load Balancer
D. Azure Traffic Manager
Answer: D
Q13. - (Topic 6)
An application currently resides on an on-premises virtual machine that has 2 CPU cores, 4 GB of RAM, 20 GB of hard disk space, and a 10 megabit/second network connection.
You plan to migrate the application to Azure. You have the following requirements:
✑ You must not make changes to the application.
✑ You must minimize the costs for hosting the application.
You need to recommend the appropriate virtual machine instance type. Which virtual machine tier should you recommend?
A. Network Optimized (A Series)
B. General Purpose Compute, Basic Tier (A Series)
C. General Purpose Compute, Standard Tier (A Series)
D. Optimized Compute (D Series)
Answer: B
Explanation: General purpose compute: Basic tier
An economical option for development workloads, test servers, and other applications that don't require load balancing, auto-scaling, or memory-intensive virtual machines.
CPU core range: 1-8 RAM range: 0.75 – 14 GB
Disk size: 20-240 GB
Reference: Virtual Machines Pricing. Launch Windows Server and Linux in minutes
http://azure.microsoft.com/en-us/pricing/details/virtual-machines/
Q14. DRAG DROP - (Topic 6)
You manage a large number of on-premises applications. You plan to migrate the applications to Azure.
You need to implement Azure Storage for each type of data that the applications use.
For each type of data, which storage mechanism should you use? To answer, drag the appropriate storage mechanism to the correct type of data. Each storage mechanism may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q15. HOTSPOT - (Topic 6)
You have an on-premises Active Directory Domain Services domain. You are considering moving your infrastructure to Azure Active Directory.
You need describe the features that each directory service provides.
For each feature, what should you implement? To answer, select the appropriate option from each list in the answer area.
Answer: