Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
P.S. Refined 70-535 vce are available on Google Drive, GET MORE: https://drive.google.com/open?id=1a3jY_O18fLTsf5DPoxjQlATdfrQ9sKg6
Question No: 1
You administer an Azure Active Directory (Azure AD) tenant where Box is configured for:
* Application Access
* Password Single Sign-on
An employee moves to an organizational unit that does not require access to Box through the Access Panel. You need to remove only Box from the list of applications only for this user. What should you do?
A. Delete the user from the Azure AD tenant
B. Delete the Box Application definition from the Azure AD tenant
C. From the Management Portal, remove the user's assignment to the application.
D. Disable the user's account in Windows AD
Answer: C
Explanation:
References: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-apps-permissions-consent
Question No: 2
You manage a cloud service that hosts a customer-facing application. The application allows users to upload images and create collages. The cloud service is running in two medium instances and utilizes Azure Queue storage for image processing.
The storage account is configured to be locally redundant. The sales department plans to send a newsletter to potential clients. As a result, you expect a significant increase in global traffic.
You need to recommend a solution that meets the following requirements:
* Configure the cloud service to ensure the application is responsive to the traffic increase.
* Minimize hosting and administration costs.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution
A. Configure the cloud service to run in two Large instances.
B. Configure the cloud service to auto-scale to three instances when processor utilization is above 80%.
C. Configure the storage account to be geo-redundant
D. Deploy a new cloud service in a separate data center.Use Azure Traffic Manager to load balance traffic between the cloud services.
E. Configure the cloud service to auto-scale when the queue exceeds 1000 entries per machine.
Answer: B,E
Explanation:
An autoscaling solution reduces the amount of manual work involved in dynamically scaling an application. It can do this in two different ways: either preemptively by setting constraints on the number of role instances based on a timetable, or reactively by adjusting the number of role instances in response to some counter(s) or measurement(s) that you can collect from your application or from the Azure environment.
References: https://msdn.microsoft.com/en-us/library/hh680945(v=pandp.50).aspx
Question No: 3
You need to prepare the implementation of data storage for the contractor information app. What should you?
A. Create a storage account and implement multiple data partitions.
B. Create a Cloud Service and a Mobile Service. Implement Entity Group transactions.
C. Create a Cloud Service and a Deployment group. Implement Entity Group transactions.
D. Create a Deployment group and a Mobile Service. Implement multiple data partitions.
Answer: B
Explanation:
* Scenario:
/ VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance.
/ A mobile service that is used to access contractor information must have automatically scalable, structured storage
* The basic unit of deployment and scale in Azure is the Cloud Service. References: https://msdn.microsoft.com/en-us/library/azure/dd894038.aspx
Question No: 4
You administer an Azure Web Site named contosoweb that is used to sell various products. Contosoweb experiences heavy traffic during weekends.
You need to analyze the response time of the product catalog page during peak times, from different locations. What should you do?
A. Configure endpoint monitoring
B. Add the Requests metric
C. Turn on Failed Request Tracing
D. Turn on Detailed Error Messages
Answer: A
Explanation:
As we want to analyze response times from different locations, we should use endpoint monitoring.
References: https://docs.microsoft.com/en-us/azure/app-service-web/web-sites-monitor#webendpointstatus
Question No: 5
You need to recommend a data storage solution that meets the business continuity requirements. Which two features should you recommend? Each correct answer presents part of the solution.
A. SQL Database Standard
B. Azure Backup
C. SQL Database Premium
D. SQL Database Express
Answer: A,B
Explanation:
From scenario: Disaster recovery and business continuity plans must use a single, integrated service that supports the following features:
* All VMs must be backed up to Azure.
* All on-premises data must be backed up off-site and available for recovery in the event of a disaster.
* Disaster testing must be performed to ensure that recovery times meet management guidelines.
* Fail-over testing must not impact production.
Question No: 6
You manage an Azure virtual network that hosts 15 virtual machines (VMs) on a single subnet, which is used for testing a line of business (LOB) application.
The application is deployed to a VM named TestWebServiceVM. You need to ensure that TestWebServiceVM always starts by using the same IP address.
You need to achieve this goal by using the least amount of administrative effort. What should you do?
A. Use the Management Portal to configure TestWebServiceVM
B. Use RDP to configure TestWebServiceVM.
C. Run the Set-AzureStaticVNetIP PowerShell cmdlet.
D. Run the Get-AzureReservedIP PowerShell cmdlet.
Answer: C
Explanation:
The Set-AzureStaticVNetIP cmdlet sets the static virtual network (VNet) IP address information for a virtual machine object.
References: https://docs.microsoft.com/en-us/powershell/module/azure/set-azurestaticvnetip?view=azuresmps-4.0.0
Question No: 7
You work for a company named Contoso, Ltd. The network contains an on premises Active Directory domain that has Active Directory Federation Services (AD FS). Contoso uses an internally developed claims App1. You implement directory synchronization with Azure Active Directory (Azure AD).
You need to recommend which configuration should be performed to Single-Sign-On to App1 to authenticated by Azure AD. Which two configuration should you include in the recommendation?
A. Azure AD as claims provided trust
B. App1 as a claims provider
C. Azure AD as relying party trust
D. App1 as relying party trust
Answer: B,C
Question No: 8
You administer a cloud service. You plan to host two web applications named contosoweb and contosowebsupport. You need to ensure that you can host both applications and qualify for the Azure Service Level Agreement.
You want to achieve this goal while minimizing costs. How should you host both applications?
A. in different web roles with two instances in each web role
B. in the same web role with two instances
C. in different web roles with one instance in each web role
D. in the same web role with one instance
Answer: B
Explanation:
For Cloud Services, we guarantee that when you deploy two or more role instances in different fault and upgrade domains, your Internet facing roles will have external connectivity at least 99.95% of the time.
References: https://azure.microsoft.com/en-us/support/legal/sla/cloud-services/v1_0/
Question No: 9
You need to assign permissions for the Virtual Machine (VM) workloads that you migrate to Azure.
The solution must use the principal of least privileges. What should you do?
A. Create all VMs in the cloud service named Groupl and then connect to the Azure subscription. Run the following Windows PowerShell command: New- AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName Contributor - ResourceGroupName group1
B. In the Azure portal, select an individual virtual machine and add an owner.
C. In the Azure portal, assign read permission to the user at the subscription level.
D. Create each VM in a separate cloud service and then connect to the Azure subscription. Run the following Windows PowerShell command:Get-AzureVM | New- AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName Contributor
Answer: A
Explanation:
* Scenario: Permissions must be assigned by using Role Based Access Control (RBAC).
* Role-Based access control (RBAC) in the Azure Portal and Azure Resource Management API allows you to manage access to your subscription at a fine-grained level. With this feature, you can grant access for Active Directory users, groups, or service principals by assigning some roles to them at a particular scope.
Create a role assignment
Use New-AzureRoleAssignment to create a role assignment.
Example: This will create a role assignment for a group at a resource group level.
PS C:\> New-AzureRoleAssignment -ObjectID <group object ID> -RoleDefinitionName Reader -ResourceGroupName group1
References: https://azure.microsoft.com/en-gb/documentation/articles/role-based-access-control-powershell/
Question No: 10
You are developing a web application that connects to an existing virtual network. The web application needs to access a database that runs on a virtual machine.
In the Azure portal, you use the virtual network integration user interface to select from a list of virtual networks. The virtual network that the web application needs to connect to is not selectable.
You need to update the existing virtual network so you can connect to it. What should you do?
A. Enable ExpressRoute.
B. Enable site-to-site VPN.
C. Enable point-to-site VPN with a dynamic routing gateway.
D. Enable point-to-site VPN with a static routing gateway.
Answer: B
P.S. Easily pass 70-535 Exam with Examcollection Refined Dumps & pdf vce, Try Free: http://www.examcollectionuk.com/70-535-vce-download.html ( New Questions)