70-533 Exam
How to win with microsoft azure 70 533
It is more faster and easier to pass the Microsoft exam ref 70 533 exam by using Tested Microsoft Implementing Microsoft Azure Infrastructure Solutions questuins and answers. Immediate access to the Up to the minute azure exam 70 533 Exam and find the same core area 70 533 pdf questions with professionally verified answers, then PASS your exam with a high score now.
Q11. DRAG DROP
You administer two virtual machines (VMs) that are deployed to a cloud service. The VMs are part of a virtual network.
The cloud service monitor and virtual network configuration are configured as shown in the exhibits. (Click the Exhibits button.)
You need to create an internal load balancer named fabLoadBalancer that has a static IP address of 172.16.0.100.
Which value should you use in each parameter of the Power Shell command?
To answer, drag the appropriate value to the correct location in the Power Shell command. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q12. You manage a software-as-a-service application named SaasApp1 that provides user management features in a multi-directory environment.
You plan to offer SaasApp1 to other organizations that use Azure Active Directory.
You need to ensure that SaasApp1 can access directory objects.
What should you do?
A. Configure the Federation Metadata URL
B. Register SaasApp1 as a native client application.
C. Register SaasApp1 as a web application.
D. Configure the Graph API.
Answer: D
Explanation: The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For example, the Graph API supports the following common operations for a user object: / Create a new user in a directory / Get a user’s detailed properties, such as their groups / Update a user’s properties, such as their location and phone number, or change their password / Check a user’s group membership for role-based access / Disable a user’s account or delete it entirely
Reference: Azure AD Graph API
URL: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx
Q13. DRAG DROP
You have a solution deployed into a virtual network in Azure named fabVNet. The fabVNet virtual network has three subnets named Apps, Web, and DB that are configured as shown in the exhibit. (Click the Exhibits button.)
You want to deploy two new VMs to the DB subnet.
You need to modify the virtual network to expand the size of the DB subnet to allow more IP addresses.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q14. Your company is launching a public website that allows users to stream videos.
You upload multiple video files to an Azure storage container.
You need to give anonymous users read access to all of the video files in the storage container.
What should you do?
A. Edit each blob's metadata and set the access policy to Public Blob.
B. Edit the container metadata and set the access policy to Public Container.
C. Move the files into a container sub-directory and set the directory access level to Public Blob.
D. Edit the container metadata and set the access policy to Public Blob.
Answer: C
Explanation:
By default, the container is private and can be accessed only by the account owner. To allow public read access to the blobs in the container, but not the container properties and metadata, use the "Public Blob" option. To allow full public read access for the container and blobs, use the "Public Container" option.
Q15. You manage a cloud service that has a web role named fabWeb. You create a virtual
network named fabVNet that has two subnets defined as Web and Apps.
You need to be able to deploy fabWeb into the Web subnet.
What should you do?
A. Modify the service definition (csdef) for the cloud service.
B. Run the Set-AzureSubnet PowerShell cmdlet.
C. Run the Set-AzureVNetConfig PowerShell cmdlet.
D. Modify the network configuration file.
E. Modify the service configuration (cscfg) for the fabWeb web role.
Answer: A
Explanation: Azure Service Definition Schema (.csdef File)
The service definition file defines the service model for an application. The file contains the
definitions for the roles that are available to a cloud service, specifies the service
endpoints, and establishes configuration settings for the service.
Q16. Your company network includes two branch offices. Users at the company access internal virtual machines (VMs).
You want to ensure secure communications between the branch offices and the internal VMs and network.
You need to create a site-to-site VPN connection.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. a private IPv4 IP address and a compatible VPN device
B. a private IPv4 IP address and a RRAS running on Windows Server 2012
C. a public-facing IPv4 IP address and a compatible VPN device
D. a public-facing IPv4 IP address and a RRAS running on Windows Server 2012
Answer: C,D
Explanation: C (not A): VPN Device IP Address.- This is public facing IPv4 address of your on-premises VPN device that you’ll use to connect to Azure. The VPN device cannot be located behind a NAT. D (Not B): At least one or preferably two publicly visible IP addresses: One of the IP addresses is used on the Windows Server 2012 machine that acts as the VPN device by using RRAS. The other optional IP address is to be used as the Default gateway for out-bound traffic from the on-premises network. If the second IP address is not available, it is possible to configure network address translation (NAT) on the RRAS machine itself, to be discussed in the following sections. It is important to note that the IP addresses must be public. They cannot be behind NAT and/or a firewall.
Reference: Configure a Site-to-Site VPN in the Management Portal
Site-to-Site VPN in Azure Virtual Network using Windows Server 2012 Routing and Remote Access Service (RRAS)
Q17. Your company network has two physical locations configured in a geo-clustered environment. You create a Blob storage account in Azure that contains all the data associated with your company.
You need to ensure that the data remains available in the event of a site outage.
Which storage option should you enable?
A. Locally redundant storage
B. Geo-redundant storage
C. Zone-redundant storage
D. Read-only geo-redundant storage
Answer: D
Explanation: Introducing Read-only Access to Geo Redundant Storage (RA-GRS):
RA-GRS allows you to have higher read availability for your storage account by providing “read only” access to the data replicated to the secondary location. Once you enable this feature, the secondary location may be used to achieve higher availability in the event the data is not available in the primary region. This is an “opt-in” feature which requires the storage account be geo-replicated.
Reference: Windows Azure Storage Redundancy Options and Read Access Geo Redundant Storage
Q18. HOTSPOT
You administer an Azure Active Directory (Azure AD) tenant.
You add a custom application to the tenant.
The application must be able to:
. Read data from the tenant directly.
. Write data to the tenant on behalf of a user. In the table below, identify the permission that must be granted to the application. Make only one selection in each column.
Answer:
Q19. You manage a cloud service that hosts a customer-facing application. The application allows users to upload images and create collages. The cloud service is running in two medium instances and utilizes Azure Queue storage for image processing. The storage account is configured to be locally redundant.
The sales department plans to send a newsletter to potential clients. As a result, you expect a significant increase in global traffic.
You need to recommend a solution that meets the following requirements:
. Configure the cloud service to ensure the application is responsive to the traffic increase. . Minimize hosting and administration costs.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Configure the cloud service to run in two Large instances.
B. Configure the cloud service to auto-scale to three instances when processor utilization is above 80%.
C. Configure the storage account to be geo-redundant
D. Deploy a new cloud service in a separate data center. Use Azure Traffic Manager to load balance traffic between the cloud services.
E. Configure the cloud service to auto-scale when the queue exceeds 1000 entries per machine.
Answer: B,E
Explanation: * An autoscaling solution reduces the amount of manual work involved in dynamically scaling an application. It can do this in two different ways: either preemptively by setting constraints on the number of role instances based on a timetable, or reactively by adjusting the number of role instances in response to some counter(s) or measurement(s) that you can collect from your application or from the Azure environment.
Reference: Autoscaling and Microsoft Azure
Q20. HOTSPOT
You manage two cloud services named Service1 and Service2. The development team updates the code for each application and notifies you that the services are packaged and ready for deployment.
Each cloud service has specific requirements for deployment according to the following table.
In the table below, identify the deployment method for each service. Make only one selection in each column.
Answer: