70-354 Exam
Top 10 torrent 70-354 for IT examinee (1 to 10)
It is impossible to pass Microsoft 70-354 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed Microsoft 70-354 practice questions. You will get a surprising result by our Leading Universal Windows Platform – App Architecture and UX/UI practice guides.
Q1. - (Topic 5)
You need to design the authentication solution for the NorthRide app. Which solution should you use?
A. Azure Active Directory Basic with multi-factor authentication for the cloud and on-premises users.
B. Active Directory Domain Services with mutual authentication
C. Azure Active Directory Premium and add multi-factor authentication the for cloud users
D. Active Directory Domain Services with multi-factor authentication
Answer: C
Explanation: * Scenario: The NorthRide app must use an additional level of authentication other than the employee's password.
* Azure Multi-Factor Authentication is the multi-factor authentication service that requires users to also verify sign-ins using a mobile app, phone call or text message. It is available to use with Azure Active Directory, to secure on-premise resources with the Azure Multi-Factor Authentication Server, and with custom applications and directories using the SDK.
Reference: What is Azure Multi-Factor Authentication?
https://azure.microsoft.com/en-us/documentation/articles/multi-factor-authentication/
Reference: Azure Active Directory Pricing
http://azure.microsoft.com/en-gb/pricing/details/active-directory/
Q2. - (Topic 4)
You need to recommend an appropriate solution for the data mining requirements. Which solution should you recommend?
A. Design a schedule process that allocates tasks to multiple virtual machines, and use the Azure Portal to create new VMs as needed.
B. Use Azure HPC Scheduler Tools to schedule jobs and automate scaling of virtual machines.
C. Use Traffic Manager to allocate tasks to multiple virtual machines, and use the Azure Portal to spin up new virtual machines as needed.
D. Use Windows Server HPC Pack on-premises to schedule jobs and automate scaling of virtual machines in Azure.
Answer: C
Explanation: * Microsoft Azure Traffic Manager allows you to control the distribution of user traffic to your specified endpoints, which can include Azure cloud services, websites, and other endpoints. Traffic Manager works by applying an intelligent policy engine to Domain Name System (DNS) queries for the domain names of your Internet resources. Your Azure cloud services or websites can be running in different datacenters across the world.
* Scenario:
Virtual machines:
. The data mining solution must support the use of hundreds to thousands of processing cores. . Minimize the number of virtual machines by using more powerful virtual machines. Each virtual machine must always have eight or more processor cores available. . Allow the number of processor cores dedicated to an analysis to grow and shrink automatically based on the demand of the analysis. . Virtual machines must use remote memory direct access to improve performance.
Task scheduling:
The solution must automatically schedule jobs. The scheduler must distribute the jobs based on the demand and available resources.
Reference: https://azure.microsoft.com/sv-se/documentation/articles/traffic-manager-overview/
Q3. DRAG DROP - (Topic 5)
You need to provide a data access solution for the NorthRide app.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q4. DRAG DROP - (Topic 6)
You are the Azure architect for an organization. You are working with C-level management to assign Azure role-based access control roles to a team within the organization. A single
director oversees two teams, a development team and a test team. The director is wholly responsible for the organization's Azure account, including billing, infrastructure, and access control. The director is the only member of the team with the ability to alter access controls.
You have the following requirements:
. Members of the development team must be able to view or alter Azure infrastructure to support application development. . Members of the test team must be able to view Azure infrastructure to support test cases.
You need to assign built-in Azure role-based access control roles to team members within the organization.
Which role should you assign to each team member? To answer, drag the appropriate role to the correct team member. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q5. - (Topic 6)
You design an Azure web application. The web application is accessible by default as a standard cloudapp.net URL.
You need to recommend a DNS resource record type that will allow you to configure access to the web application by using a custom domain name.
Which DNS record type should you recommend?
A. SRV
B. MX
C. CNAME
D. A
Answer: C
Explanation: A CNAME record maps a specific domain, such as contoso.com or www.contoso.com, to a canonical domain name. In this case, the canonical domain name is the <myapp>.cloudapp.net domain name of your Azure hosted application. Once created, the CNAME creates an alias for the <myapp>.cloudapp.net. The CNAME entry will resolve to the IP address of your <myapp>.cloudapp.net service automatically, so if the IP address of the cloud service changes, you do not have to take any action.
Incorrect: Not D:
*
Since an A record is mapped to a static IP address, it cannot automatically resolve changes to the IP address of your Cloud Service.
*
An A record maps a domain, such as contoso.com or www.contoso.com, or a wildcard domain such as *.contoso.com, to an IP address. In the case of an Azure Cloud Service, the virtual IP of the service. So the main benefit of an A record over a CNAME record is that you can have one entry that uses a wildcard, such as *.contoso.com, which would handle requests for multiple sub-domains such as mail.contoso.com, login.contoso.com, or
www.contso.com.
Reference: Configuring a custom domain name for an Azure cloud service
http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-custom-domain-name/
Q6. - (Topic 6)
You are designing an Azure application that provides online backup storage for hundreds of media files. Each file is larger than 1GB.
The data storage solution has the following requirements:
It must be capable of storing an average of 1TB of data for each user. It must support sharing of data between all Windows Azure instances. It must provide random read/write access.
You need to recommend a durable data storage solution.
What should you recommend?
A. Azure Drive
B. Azure Page Blob service
C. Azure Block Blob service
D. Local storage on an Azure instance
Answer: B
Reference: Understanding Block Blobs and Page Blobs https://msdn.microsoft.com/en-us/library/azure/ee691964.aspx
Q7. HOTSPOT - (Topic 6)
You have an Azure website that runs on several instances. You have a WebJob that provides additional functionality to the website.
The WebJob must run on all instances of the website.
You need to ensure that the WebJob runs even when the website is idle for long periods of time.
How should you create and configure the WebJob object? To answer, select the appropriate options in the answer area.
Answer:
Q8. - (Topic 6)
A company hosts a website and exposes web services on the company intranet.
The intranet is secured by using a firewall. Company policies prohibit changes to firewall
rules.
Devices outside the firewall must be able to access the web services.
You need to recommend an approach to enable inbound communication.
What should you recommend?
A. The Azure Access Control Service
B. Windows Azure Pack
C. The Azure Service Bus
D. A web service in an Azure role that relays data to the internal web services
Answer: C
Explanation: The Service Bus Relay is designed for the use-case of taking existing Windows Communication Foundation (WCF) web services and making those services securely accessible to solutions that reside outside the corporate perimeter without requiring intrusive changes to the corporate network infrastructure. Such Service Bus relay services are still hosted inside their existing environment, but they delegate listening for incoming sessions and requests to the cloud-hosted Service Bus.
Reference: .NET On-Premises/Cloud Hybrid Application Using Service Bus Relay
http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-dotnet-hybrid-app-using-service-bus-relay/
Q9. - (Topic 6)
You have business services that run on an on-premises mainframe server.
You must provide an intermediary configuration to support existing business services and Azure. The business services cannot be rewritten. The business services are not exposed externally.
You need to recommend an approach for accessing the business services.
What should you recommend?
A. Connect to the on-premises server by using a custom service in Azure.
B. Expose the business services to the Azure Service Bus by using a custom service that uses relay binding.
C. Expose the business services externally.
D. Move all business service functionality to Azure.
Answer: B
Explanation: The Service Bus relay service enables you to build hybrid applications that run in both an Azure datacenter and your own on-premises enterprise environment. The Service Bus relay facilitates this by enabling you to securely expose Windows Communication Foundation (WCF) services that reside within a corporate enterprise network to the public cloud, without having to open a firewall connection, or require intrusive changes to a corporate network infrastructure.
Reference: How to Use the Service Bus Relay Service
http://azure.microsoft.com/en-gb/documentation/articles/service-bus-dotnet-how-to-use-relay/
Q10. - (Topic 1)
You are designing a plan to deploy a new application to Azure. The solution must provide a
single sign-on experience for users.
You need to recommend an authentication type.
Which authentication type should you recommend?
A. SAML credential tokens
B. Azure managed access keys
C. Windows Authentication
D. MS-CHAP
Answer: A
Explanation: A Microsoft cloud service administrator who wants to provide their Azure Active Directory (AD) users with sign-on validation can use a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / identity provider. This is useful where the solution implementer already has a user directory and password store on-premises that can be accessed using SAML 2.0. This existing user directory can be used for sign-on to Office 365 and other Azure AD-secured resources.
Reference: Use a SAML 2.0 identity provider to implement single sign-on
https://msdn.microsoft.com/en-us/library/azure/dn641269.aspx?f=255&MSPPError=-2147217396