70-533 Exam
70 533 implementing microsoft azure infrastructure solutions (41 to 50)
We provide real 70 533 exam dumps exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Microsoft 70 533 book Exam quickly & easily. The 70 533 pdf PDF type is available for reading and printing. You can print more and practice many times. With the help of our Microsoft azure exam 70 533 dumps pdf and vce product and material, you can easily pass the 70 533 book exam.
Q41. You administer a solution deployed to a virtual machine (VM) in Azure. The VM hosts a web service that is used by several applications. You are located in the US West region and have a worldwide user base.
Developers in Asia report that they experience significant delays when they execute the services.
You need to verify application performance from different locations.
Which type of monitoring should you configure?
A. Disk Read
B. Endpoint
C. Network Out
D. CPU
E. Average Response Time
Answer: E
Explanation:
Example:
Incorrect:
Not B: Health Endpoint Monitoring Pattern is used for checking the health of the program:
Implement functional checks within an application that external tools can access through
exposed endpoints at regular intervals. This pattern can help to verify that applications and
services are performing correctly.
Reference: How to Monitor and Analyze Performance of the Windows Azure Storage
Service
Q42. HOTSPOT
You create a virtual network named fabVNet01.
You design the virtual network to include two subnets, one named DNS-subnet and one named Apps-subnet, as shown in the exhibit. (Click the Exhibits button.)
In the table below, identify the number of IP addresses that will be available for virtual machines (VMs) or cloud services in each subnet. Make only one selection in each column.
Answer:
Q43. You administer an Azure Active Directory (Azure AD) tenant where Box is configured for: . Application Access . Password Single Sign-on An employee moves to an organizational unit that does not require access to Box through
the Access Panel.
You need to remove only Box from the list of applications only for this user.
What should you do?
A. Delete the user from the Azure AD tenant.
B. Delete the Box Application definition from the Azure AD tenant.
C. From the Management Portal, remove the user's assignment to the application.
D. Disable the user's account in Windows AD.
Answer: C
Explanation: Note: Use Azure AD to manage user access, provision user accounts, and enable single sign-on with Box. Requires an existing Box subscription.
Q44. You manage a virtual Windows Server 2012 web server that is hosted by an on-premises Windows Hyper-V server. You plan to use the virtual machine (VM) in Azure.
You need to migrate the VM to Azure Storage to add it to your repository.
Which Azure Power Shell cmdlet should you use?
A. Import-AzureVM
B. New-AzureVM
C. Add-AzureDisk
D. Add-AzureWebRole
E. Add-AzureVhd
Answer: E
Explanation: * How do I move an existing virtual machine to the cloud? The steps are pretty basic:
Create a place to store your hard disk in Windows Azure
Prepare your virtual hard disk
Upload your virtual hard disk
.Create your machine in Windows Azure
* Add-AzureVhd Uploads a virtual hard disk (in .vhd file format) from an on-premises virtual machine to a blob in a cloud storage account in Azure.
The Add-AzureVhd cmdlet allows you to upload on-premises virtual hard disks (in .vhd file format) to a blob storage account as fixed virtual hard disks. You can configure the number of uploader threads that will be used or overwrite an existing blob in the specified destination URI. Also supported is the ability to upload a patched version of an on-premises .vhd file: When a base virtual hard disk has already been uploaded, you can upload differencing disks that use the base image as the parent. Shared access signature (SAS URI) is supported as well.
Reference: Add-AzureVhd
URL: http://msdn.microsoft.com/en-us/library/dn495173.aspx
Q45. You manage a cloud service that utilizes data encryption.
You need to ensure that the certificate used to encrypt data can be accessed by the cloud service application.
What should you do?
A. Upload the certificate referenced in the application package.
B. Deploy the certificate as part of the application package.
C. Upload the certificate's public key referenced in the application package.
D. Use RDP to install the certificate.
Answer: C
Explanation: The developer must deploy the public key with their application so that, when Windows Azure spins up role instances, it will match up the thumbprint in the service definition with the uploaded service certificate and deploy the private key to the role instance. The private key is intentionally non-exportable to the .pfx format, so you won’t be able to grab the private key through an RDC connection into a role instance.
Reference: Field Note: Using Certificate-Based Encryption in Windows Azure Applications
Q46. DRAG DROP
Your company network includes a single forest with multiple domains. You plan to migrate from On-Premises Exchange to Exchange Online.
You want to provision the On-Premises Windows Active Directory (AD) and Azure Active Directory (Azure AD) service accounts.
You need to set the required permissions for the Azure AD service account.
Which settings should you use? To answer, drag the appropriate permission to the service account. Each permission may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q47. Your company has recently signed up for Azure.
You plan to register a Data Protection Manager (DPM) server with the Azure Backup service.
You need to recommend a method for registering the DPM server with the Azure Backup vault.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Import a self-signed certificate created using the makecert tool.
B. Import a self-signed certificate created using the createcert tool.
C. Import an X.509 v3 certificate with valid clientauthentication EKU.
D. Import an X.509 v3 certificate with valid serverauthentication EKU.
Answer: A,C
Explanation: A: You can create a self-signed certificate using the makecert tool, or use any valid SSL certificate issued by a Certification Authority (CA) trusted by Microsoft, whose root certificates are distributed via the Microsoft Root Certificate Program.
C: The certificate must have a valid ClientAuthentication EKU.
Reference: Prerequisites for Azure Backup
URL: http://technet.microsoft.com/en-us/library/dn296608.aspx
Q48. You administer of a set of virtual machine (VM) guests hosted in Hyper-V on Windows Server 2012 R2.
The virtual machines run the following operating systems:
Windows Server 2008 Windows Server 2008 R2 Linux (openSUSE 13.1)
All guests currently are provisioned with one or more network interfaces with static bindings and VHDX disks. You need to move the VMs to Azure Virtual Machines hosted in an Azure subscription.
Which three actions should you perform? Each correct answer presents part of the solution.
A. Install the WALinuxAgent on Linux servers.
B. Ensure that all servers can acquire an IP by means of Dynamic Host Configuration Protocol (DHCP).
C. Upgrade all Windows VMs to Windows Server 2008 R2 or higher.
D. Sysprep all Windows servers.
E. Convert the existing virtual disks to the virtual hard disk (VHD) format.
Answer: A,C,D
Explanation: * A: Azure Linux Agent
This agent is installed on the Linux VM and is responsible to communicate with the Azure Frabric Controller.
* UPLOADING A VIRTUAL MACHINE TO WINDOWS AZURE
Assumption: A Windows Server (2008 R2 or 2012) is created and running as a virtual machine in Hyper-V. (C) Log onto the Windows Server hosted in Hyper-V you’d like to upload to Windows Azure
and open and command prompt (I’m using Windows Server 2012 R2).
Navigate to c:\Windows\System32\Sysprep
Type in sysprep.exe and select enter: (D)
Q49. You administer an Azure Storage account named contosostorage. The account has a blob container to store image files.
A user reports being unable to access an image file.
You need to ensure that anonymous users can successfully read image files from the
container.
Which log entry should you use to verify access?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Explanation:
Check for GetBlob and for AnonymousSuccess.
Example: Get Blob AnonymousSuccess:
1.0;2011-07-28T18:52:40.9241789Z;
GetBlob;AnonymousSuccess;200;18;10;anonymous;;sally;blob;"htt
p://
sally.blob.core.windows.net/thumbnails/lake.jpg?timeout=30000";"/sally/thumbnails/lake.jpg
";a84aa705-8a85-48c5-b064-b43bd22979c3;0;123.100.2.10;2009-09-19;252;0;265;100;0;;;"0x8CE1B6EA95033D5";Thursday, 28-Jul-11 18:52:40
GMT;;;;"7/28/2011 6:52:40 PM ba98eb12-700b-4d53-9230-33a3330571fc"
Incorrect:
Not C: Check for AnonymousSuccess not Access.
Not B, not D: Check for GetBlob not GetBlobProperties
nce: Windows Azure Storage Logging: Using Logs to Track Storage Requests
URL: http://blogs.msdn.com/b/windowsazurestorage/archive/2011/08/03/windows-azure-storage-logging-using-logs-to-track-storage-requests.aspx
Q50. Click Configure Directory Partitions, and then click Containers, as shown in the below screen capture.