70-534 Exam
Advanced Guide: 70 534 dumps
It is more faster and easier to pass the Microsoft 70 534 dumps exam by using High value Microsoft Architecting Microsoft Azure Solutions questuins and answers. Immediate access to the Refresh exam ref 70 534 pdf Exam and find the same core area 70 534 book questions with professionally verified answers, then PASS your exam with a high score now.
Q1. - (Topic 1)
You need to design the system that alerts project managers to data changes in the contractor information app.
Which service should you use?
A. Azure Mobile Service
B. Azure Service Bus Message Queueing
C. Azure Queue Messaging
D. Azure Notification Hub
Answer: C
Explanation: * Scenario:
/ Mobile Apps: Event-triggered alerts must be pushed to mobile apps by using a custom Node.js script.
/ The service level agreement (SLA) for the solution requires an uptime of 99.9%
* If you are already using Azure Storage Blobs or Tables and you start using queues, you are guaranteed 99.9% availability. If you use Blobs or Tables with Service Bus queues, you will have lower availability.
Note: Microsoft Azure supports two types of queue mechanisms: Azure Queues and Service Bus Queues.
/ Azure Queues, which are part of the Azure storage infrastructure, feature a simple REST- based Get/Put/Peek interface, providing reliable, persistent messaging within and between services.
/ Service Bus queues are part of a broader Azure messaging infrastructure that supports queuing as well as publish/subscribe, Web service remoting, and integration patterns.
Reference: Azure Queues and Service Bus Queues - Compared and Contrasted https://msdn.microsoft.com/en-us/library/azure/hh767287.aspx
Q2. - (Topic 1)
You need to ensure that users do not need to re-enter their passwords after they authenticate to cloud applications for the first time.
What should you do?
A. Enable Microsoft Account authentication.
B. Set up a virtual private network (VPN) connection between the VanArsdel premises and Azure datacenter. Set up a Windows Active Directory domain controller in Azure VM. Implement Integrated Windows authentication.
C. Deploy ExpressRoute.
D. Configure Azure Active Directory Sync to use single sign-on (SSO).
Answer: D
Explanation: Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them.
Reference: http://en.wikipedia.org/wiki/Single_sign-on
Q3. - (Topic 6)
You are preparing an application to run on Azure virtual machines (VMs). The VMs will be backed up using Azure Backup.
The application maintains its state in three binary files stored on disk. Changes in application state require that all three files be updated on disk. If only one or two of the files are updated on disk, work is lost and the system is in an inconsistent state.
You need to ensure that when a backup occurs, the application's data is always in a consistent state.
What should you do?
A. Disable caching for the VM’s virtual hard disks.
B. Use Premium Storage for the VM’s virtual hard disks.
C. Implement the Volume Shadow Copy Service (VSS) API in the application.
D. Store the application files on an Azure File Service network share.
Answer: A
Q4. HOTSPOT - (Topic 6)
Resources must authenticate to an identity provider. You need to configure the Azure Access Control service.
What should you recommend? To answer, select the appropriate responses for each requirement in the answer area.
Answer:
Explanation:
Box 1:
* Token - A user gains access to an RP application by presenting a valid token that was issued by an authority that the RP application trusts.
* Identity Provider (IP) - An authority that authenticates user identities and issues security tokens, such as Microsoft account (Windows Live ID), Facebook, Google, Twitter, and Active Directory. When Azure Access Control (ACS) is configured to trust an IP, it accepts and validates the tokens that the IP issues. Because ACS can trust multiple IPs at the same time, when your application trusts ACS, you can your application can offer users the option to be authenticated by any of the IPs that ACS trusts on your behalf.
Q5. ic 1, VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because the company recognizes that this usage enables employee productivity. Employees also access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix. The company continues to evaluate and adopt more SaaS applications for its business. VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as Multi-Factor Authentication (MFA). Management enjoys the ease with which MFA can be enabled and disabled for employees who use cloud-based services. VanArsdel's on-premises directory contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email messages to all its employees about the helpdesk group and how to contact it. Configuring employee access for SaaS applications is often a time-consuming task. It is not always obvious to the helpdesk group which users should be given access to which SaaS applications. The helpdesk group must respond to many phone calls and email messages to solve this problem, which takes up valuable time. The helpdesk group is unable to meet the needs of VanArsdel's employees.
However, many employees do not work with the helpdesk group to solve their access problems. Instead, these employees contact their co-workers or managers to find someone who can help them. Also, new employees are not always told to contact the helpdesk group for access problems. Some employees report that they cannot see all the applications in the Access Panel that they have access to. Some employees report that they must re-enter their passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the company is concerned about how to protect corporate assets that are stored on these devices. The company does not have a strategy to ensure that its data is removed from the devices when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company would like to keep track of all its previous, current, and future customers worldwide. A profile system using third-party authentication is required as well as feedback and support sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements Hybrid Solution:
✑ A single account and credentials for both on-premises and cloud applications
✑ Certain applications that are hosted both in Azure and on-site must be accessible to both VanArsdel employees and partners
✑ The service level agreement (SLA) for the solution requires an uptime of 99.9%
✑ The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile app has the following requirements:
✑ The app must display partner information.
✑ The app must alert project managers when changes to the partner information occur.
✑ The app must display project information including an image gallery to view pictures of construction projects.
✑ Project managers must be able to access the information remotely and securely.
Security:
✑ VanArsdel must control access to its resources to ensure sensitive services and information are accessible only by authorized users and/or managed devices.
✑ Employees must be able to securely share data, based on corporate policies, with other VanArsdel employees and with partners who are located on construction job sites.
✑ VanArsdel management does NOT want to create and manage user accounts for partners.
Technical Requirements Architecture:
✑ VanArsdel requires a non-centralized stateless architecture fonts data and services where application, data, and computing power are at the logical extremes of the network.
✑ VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance.
✑ A mobile service that is used to access contractor information must have automatically scalable, structured storage
✑ Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
✑ VanArsdel mobile app must authenticate employees to the company's Active Directory.
✑ Event-triggered alerts must be pushed to mobile apps by using a custom Node.js script.
✑ The customer support app should use an identity provider that is configured by using the Access Control Service for current profile registration and authentication.
✑ The customer support team will adopt future identity providers that are configured through Access Control Service.
Security:
✑ Active Directory Federated Server (AD FS) will be used to extend AD into Azure.
✑ Helpdesk administrators must have access to only the groups of Azure resources they are responsible for. Azure administration will be performed by a separate group.
✑ IT administrative overhead must be minimized.
✑ Permissions must be assigned by using Role Based Access Control (RBAC).
✑ Line of business applications must be accessed securely.
Q6. - (Topic 6)
You are designing an Azure application that processes graphical image files. The graphical Images are processed in batches by remote applications that run on multiple servers.
You have the following requirements:
✑ The application must remain operational during batch-processing operations.
✑ Users must be able to roll back each image to a previous version.
You need to ensure that each remote application has exclusive access to an image while the application processes the image. Which type of storage should you use to store the images?
A. Table service
B. Queue service
C. Blob service
D. A single Azure VHD that is attached to the web role
Answer: C
Explanation: * Blob Leases allow you to claim ownership to a Blob. Once you have the lease you can then update the Blob or delete the Blob without worrying about another process changing it underneath you. When a Blob is leased, other processes can still read it, but any attempt to update it will fail. You can update Blobs without taking a lease first, but you do run the chance of another process also attempting to modify it at the same time.
* You can opt to use either optimistic or pessimistic concurrency models to manage access to blobs and containers in the blob service.
Reference: Azure Blob Storage Part 8: Blob Leases
http://justazure.com/azure-blob-storage-part-8-blob-leases/
Reference: Using Blob Leases to Manage Concurrency with Table Storage http://www.azurefromthetrenches.com/?p=1371
Q7. - (Topic 6)
A company uses Azure to host all resources and uses Microsoft Visual Studio Team Services to manage product life cycles.
You need to ensure the team can start runbooks from Visual Studio Team Services. Which solution should you use?
A. Azure Portal
B. Hybrid Runbook Workers
C. Azure Automation API
D. Schedule
E. Webhook
Answer: C
Q8. - (Topic 4)
You need to upload video to the company's Azure environment. What should you do?
A. Create a site-to-site VPN connection.
B. Write directly to the storage REST APIs.
C. Create an ExpressRoute connection.
D. Use the Azure Import/Export service to move the data.
Answer: B
Q9. - (Topic 1)
You need to assign permissions for the Virtual Machine workloads that you migrate to Azure.
The solution must use the principal of least privileges. What should you do?
A. Create all VMs in the cloud service named Groupl and then connect to the Azure subscription. Run the following Windows PowerShell command:
New-AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName Contributor -ResourceGroupName group1
B. In the Azure portal, select an individual virtual machine and add an owner.
C. In the Azure portal, assign read permission to the user at the subscription level.
D. Create each VM in a separate cloud service and then connect to the Azure subscription. Run the following Windows PowerShell command:
Get-AzureVM | New-AzureRoleAssignment -Mail userl@vanarsdelltd.com - RoleDefinitionName Contributor
Answer: A
Explanation: * Scenario: Permissions must be assigned by using Role Based Access Control (RBAC).
* Role-Based access control (RBAC) in the Azure Portal and Azure Resource Management
API allows you to manage access to your subscription at a fine-grained level. With this feature, you can grant access for Active Directory users, groups, or service principals by assigning some roles to them at a particular scope.
Create a role assignment
Use New-AzureRoleAssignment to create a role assignment.
Example: This will create a role assignment for a group at a resource group level.
PS C:\> New-AzureRoleAssignment -ObjectID <group object ID> -RoleDefinitionName Reader -ResourceGroupName group1
Reference: Managing Role-Based Access Control with Windows PowerShell https://azure.microsoft.com/en-gb/documentation/articles/role-based-access-control-
powershell/
Q10. DRAG DROP - (Topic 2)
You need to implement testing for the DataManager mobile application.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Topic 3, Contoso, Ltd
Background
Overview
Contoso, Ltd., manufactures and sells golf clubs and golf balls. Contoso also sells golf accessories under the Contoso Golf and Odyssey brands worldwide.
Most of the company's IT infrastructure is located in the company's Carlsbad, California, headquarters. Contoso also has a sizable third-party colocation datacenter that costs the company USD $30,000 to $40,000 a month. Contoso has other servers scattered around the United States.
Contoso, Ltd., has the following goals:
✑ Move many consumer-facing websites, enterprise databases, and enterprise web services to Azure.
✑ Improve the performance for customers and resellers who are access company websites from around the world.
✑ Provide support for provisioning resources to meet bursts of demand.
✑ Consolidate and improve the utilization of website- and database-hosting resources.
✑ Avoid downtime, particularly that caused by web and database server updating.
✑ Leverage familiarity with Microsoft server management tools.
Infrastructure
Contoso's datacenters are filled with dozens of smaller web servers and databases that run on under-utilized hardware. This creates issues for data backup. Contoso currently backs up data to tape by using System Center Data Protection Manager. System Center Operations Manager is not deployed in the enterprise.
All of the servers are expensive to acquire and maintain, and scaling the infrastructure takes significant time. Contoso conducts weekly server maintenance, which causes
downtime for some of its global offices. Special events, such as high-profile golf tournaments, create a large increase in site traffic. Contoso has difficulty scaling the web- hosting environment fast enough to meet these surges in site traffic.
Contoso has resellers and consumers in Japan and China. These resellers must use applications that run in a datacenter that is located in the state of Texas, in the United States. Because of the physical distance, the resellers experience slow response times and downtime.
Business Requirements Management and Performance Management
✑ Web servers and databases must automatically apply updates to the operating
system and products.
✑ Automatically monitor the health of worldwide sites, databases, and virtual machines.
✑ Automatically back up the website and databases.
✑ Manage hosted resources by using on-premises tools.
Performance
✑ The management team would like to centralize data backups and eliminate the use of tapes.
✑ The website must automatically scale without code changes or redeployment.
✑ Support changes in service tier without reconfiguration or redeployment.
✑ Site-hosting must automatically scale to accommodate data bandwidth and number of connections.
✑ Scale databases without requiring migration to a larger server.
✑ Migrate business critical applications to Azure.
✑ Migrate databases to the cloud and centralize databases where possible.
Business Continuity and Support Business Continuity
✑ Minimize downtime in the event of regional disasters.
✑ Recover data if unintentional modifications or deletions are discovered.
✑ Run the website on multiple web server instances to minimize downtime and support a high service level agreement (SLA).
Connectivity
✑ Allow enterprise web services to access data and other services located on- premises.
✑ Provide and monitor lowest latency possible to website visitors.
✑ Automatically balance traffic among all web servers.
✑ Provide secure transactions for users of both legacy and modern browsers.
✑ Provide automated auditing and reporting of web servers and databases.
✑ Support single sign-on from multiple domains.
Development Environment
You identify the following requirements for the development environment:
✑ Support the current development team's knowledge of Microsoft web development and SQL Service tools.
✑ Support building experimental applications by using data from the Azure deployment and on-premises data sources.
✑ Mitigate the need to purchase additional tools for monitoring and debugging.
✑ System designers and architects must be able to create custom Web APIs without requiring any coding.
✑ Support automatic website deployment from source control.
✑ Support automated build verification and testing to mitigate bugs introduced during builds.
✑ Manage website versions across all deployments.
✑ Ensure that website versions are consistent across all deployments.
Technical Requirement Management and Performance Management
✑ Use build automation to deploy directly from Visual Studio.
✑ Use build-time versioning of assets and builds/releases.
✑ Automate common IT tasks such as VM creation by using Windows PowerShell workflows.
✑ Use advanced monitoring features and reports of workloads in Azure by using existing Microsoft tools.
Performance
✑ Websites must automatically load balance across multiple servers to adapt to varying traffic.
✑ In production, websites must run on multiple instances.
✑ First-time published websites must be published by using Visual Studio and scaled to a single instance to test publishing.
✑ Data storage must support automatic load balancing across multiple servers.
✑ Websites must adapt to wide increases in traffic during special events.
✑ Azure virtual machines (VMs) must be created in the same datacenter when applicable.
Business Continuity and Support Business Continuity
✑ Automatically co-locate data and applications in different geographic locations.
✑ Provide real-time reporting of changes to critical data and binaries.
✑ Provide real-time alerts of security exceptions.
✑ Unwanted deletions or modifications of data must be reversible for up to one month, especially in business critical applications and databases.
✑ Any cloud-hosted servers must be highly available.
Enterprise Support
✑ The solution must use stored procedures to access on-premises SQL Server data from Azure.
✑ A debugger must automatically attach to websites on a weekly basis. The scripts
that handle the configuration and setup of debugging cannot work if there is a delay in attaching the debugger.