70-534 Exam
Getting Smart with: 70 534 pdf
Want to know Exambible exam ref 70 534 Exam practice test features? Want to lear more about Microsoft Architecting Microsoft Azure Solutions certification experience? Study Approved Microsoft 70 534 exam dumps answers to Refresh 70 534 book questions at Exambible. Gat a success with an absolute guarantee to pass Microsoft 70 534 vce (Architecting Microsoft Azure Solutions) test on your first attempt.
Q51. HOTSPOT - (Topic 6)
Your company plans to migrate its on-premises Microsoft SQL Server databases to Azure.
You are considering using SQL Server 2014 on Azure virtual machines and Azure SQL Database. The planned migration must support the following data security features:
*Database-level firewall rules
*Dynamic Data Masking
*Transparent data encryption (TDE)
You need to identify the data security features supported by each product.
Which features should you identify? To answer, select the appropriate options in the answer area.
Answer:
Q52. HOTSPOT - (Topic 3)
You need implement tools at the client's location for monitoring and deploying Azure resources.
Which tools should you use? To answer, select the appropriate on-premises tool for each task in the answer area.
Answer:
Explanation:
* System Center Virtual Machine Manager (SCVMM) enables rapid provisioning of new virtual machines by the administrator and end users using a self-service provisioning tool.
* System Center Operations Manager (SCOM) is a cross-platform data center management system for operating systems and hypervisors. It uses a single interface that shows state, health and performance information of computer systems. It also provides alerts generated according to some availability, performance, configuration or security situation being identified.
The basic idea is to place a piece of software, an agent, on the computer to be monitored. The agent watches several sources on that computer, including the Windows Event Log, for specific events or alerts generated by the applications executing on the monitored computer.
* Scenario:
Leverage familiarity with Microsoft server management tools. Manage hosted resources by using on-premises tools.
Mitigate the need to purchase additional tools for monitoring and debugging.
Use advanced monitoring features and reports of workloads in Azure by using existing Microsoft tools.
Q53. - (Topic 2)
You need to configure identity synchronization. What should you create?
A. a second Azure Active Directory Connect sync server
B. backups of all on-premises server farms
C. backups of all Azure VMs
D. a second Azure Active Directory Connect staging server
E. a second Azure Active Directory directory
Answer: D
Q54. - (Topic 6)
Contoso, Ltd., uses Azure websites for public-facing customer websites. The company has a mobile app that requires customers sign in by using a Contoso customer account.
Customers must be able to sign on to the websites and mobile app by using a Microsoft, Facebook, or Google account. All transactions must be secured in-transit regardless of device.
You need to configure the websites and mobile app to work with external identity providers. Which three actions should you perform? Each correct answer presents part of the
solution.
A. Request a certificate from a domain registrar for the website URL, and enable TLS/SSL.
B. Configure IPsec for the websites and the mobile app.
C. Configure the KerberosTokenProfile 1.1 protocol.
D. Configure OAuth2 to connect to an external authentication provider.
E. Build an app by using MVC 5 that is hosted in Azure to provide a framework for the underlying authentication.
Answer: A,D,E
Explanation: DE: This tutorial shows you how to build an ASP.NET MVC 5 web application that enables users to log in using OAuth 2.0 with credentials from an external authentication provider, such as Facebook, Twitter, LinkedIn, Microsoft, or Google.
A:
* You will now be redirected back to the Register page of the MvcAuth application where you can register your Google account. You have the option of changing the local email registration name used for your Gmail account, but you generally want to keep the default email alias (that is, the one you used for authentication). Click Register.
* To connect to authentication providers like Google and Facebook, you will need to set up IIS-Express to use SSL.
Reference: Code! MVC 5 App with Facebook, Twitter, LinkedIn and Google OAuth2 Sign- on (C#)
http://www.asp.net/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and- google-oauth2-and-openid-sign-on
Q55. DRAG DROP - (Topic 6)
You have a website that displays text, pictures, video files, and audio files. The website processes requests from countries and regions all over the world. You plan to migrate the website to the Azure platform.
The website has the following requirements:
✑ Encode, store, and stream audio and video at scale.
✑ Load-balance communications with the website instance that is closest to the user's location.
✑ Deliver content with high-bandwidth and low latency.
You need to recommend the technologies to implement the solution.
Which technologies should you recommend? To answer, drag the appropriate technology to the correct requirement. Each technology may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Explanation:
* MediaServices
Azure Media Services is being used to power consumer and enterprise streaming solutions worldwide. Combining powerful and highly scalable cloud-based encoding, encryption and steaming components, Azure Media Services is helping customers with valuable and premium video content to easily reach larger audiences on today’s most popular digital devices, such as tablets and mobile phones.
Q56. HOTSPOT - (Topic 6)
A company uses Azure for several virtual machine (VM) and website workloads. The company plans to assign administrative roles to a specific group of users. You have a resource group named GROUP1 and a virtual machine named VM2.
The users have the following responsibilities:
You need to assign the appropriate level of privileges to each of the administrators by using the principle of least privilege.
What should you do? To answer, select the appropriate target objects and permission levels in the answer area.
Answer:
Explanation:
* Owner can manage everything, including access.
* Contributors can manage everything except access.
Note: Azure role-based access control allows you to grant appropriate access to Azure AD users, groups, and services, by assigning roles to them on a subscription or resource group or individual resource level.
Q57. DRAG DROP - (Topic 2)
You need to ensure that customer data is secured both in transit and at rest.
Which technologies should you recommend? To answer, drag the appropriate technology to the correct security requirement. Each technology may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Explanation:
* Azure Rights Management service
Azure Rights Management service uses encryption, identity, and authorization policies to help secure your files and email, and it works across multiple devices—phones, tablets, and PCs. Information can be protected both within your organization and outside your organization because that protection remains with the data, even when it leaves your organization’s boundaries.
* Transparent Data Encryption
Transparent Data Encryption (often abbreviated to TDE) is a technology employed by both Microsoft and Oracle to encrypt database files. TDE offers encryption at file level. TDE solves the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media.
* TLS/SSL
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to negotiate a symmetric key.
Q58. DRAG DROP - (Topic 6)
You need to automate tasks with Azure by using Azure PowerShell workflows.
How should you complete the Azure PowerShell script? To answer, drag the appropriate cmdlet to the correct location. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Explanation:
workflow Use-WorkflowCheckpointSample
{
# An exception occurs if 'HasBeenSuspended' does not already exist.
# Exceptions that are not caught with a try/catch will cause the runbook to suspend.
Set-AutomationVariable -Name 'HasBeenSuspended' -Value $False
# This line occurs before the checkpoint. When the runbook is resumed after
# suspension, 'Before Checkpoint' will not be output a second time. Write-Output "Before Checkpoint"
# A checkpoint is created. Checkpoint-Workflow
# This line occurs after the checkpoint. The runbook will start here on resume. Write-Output "After Checkpoint"
$HasBeenSuspended = Get-AutomationVariable -Name 'HasBeenSuspended'
# If branch only executes if the runbook has not previously suspended. if (!$HasBeenSuspended) {
Set-AutomationVariable -Name 'HasBeenSuspended' -Value $True
# This will cause a runtime exception. Any runtime exception in a runbook
# will cause the runbook to suspend. 1 + "abc"
}
Write-Output "Runbook Complete"
}
Q59. DRAG DROP - (Topic 5)
You need to provide a data access solution for the NorthRide app.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Box 1: Create a service namespace under Service Bus
Box 2: Obtain the default management credentials for the namespace. Box 3: Configure the application to use Service Bus Relay
Box 4: Configure Service Bus Queue
Note:
Box 1: Create a service namespace under Service Bus
To begin using Service Bus queues in Azure, you must first create a service namespace. A namespace provides a scoping container for addressing Service Bus resources within your
application.
Box 2: Obtain the default management credentials for the namespace.
In order to perform management operations, such as creating a queue on the new namespace, you must obtain the management credentials for the namespace. Box 3: Configure the application to use Service Bus Relay
When you create an application that uses Service Bus, you must add a reference to the Service Bus assembly and include the corresponding namespaces.
The Service Bus NuGet package is the easiest way to get the Service Bus API and to configure your application with all of the Service Bus dependencies.
After installing this package you are now ready to write code for Service Bus. Box 4: Configure Service Bus Queue
This would include:
* set up a Service Bus connection string
* create a queue
* provide code to send/receive messages from the queue
Q60. - (Topic 5)
You need to design the authentication solution for the NorthRide app. Which solution should you use?
A. Azure Active Directory Basic with multi-factor authentication for the cloud and on- premises users.
B. Active Directory Domain Services with mutual authentication
C. Azure Active Directory Premium and add multi-factor authentication the for cloud users
D. Active Directory Domain Services with multi-factor authentication
Answer: C
Explanation: * Scenario: The NorthRide app must use an additional level of authentication other than the employee's password.
* Azure Multi-Factor Authentication is the multi-factor authentication service that requires users to also verify sign-ins using a mobile app, phone call or text message. It is available to use with Azure Active Directory, to secure on-premise resources with the Azure Multi- Factor Authentication Server, and with custom applications and directories using the SDK.
Reference: What is Azure Multi-Factor Authentication? https://azure.microsoft.com/en-us/documentation/articles/multi-factor-authentication/
Reference: Azure Active Directory Pricing http://azure.microsoft.com/en-gb/pricing/details/active-directory/