NEW QUESTION 1
DRAG DROP
You develop a gateway solution for a public facing news API.
The news API back end is implemented as a RESTful sen/ice and hosted in an Azure App Service instance.
You need to configure back-end authentication for the API Management service instance.
Which target and gateway credential type should you use? To answer, drag the appropriate values to the correct parameters. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 2
You need to meet the scaling requirement for Policy Service. What should you store in Azure Redis Cache?

• A. HttpContext.Items
• B. ViewState
• C. Session state
• D. TempData

Answer: C

NEW QUESTION 3
You need to construct the link to the summary report for the email that is sent to users.
What should you do?

• A. Create a SharedAccessBlobPolicy and add it to the containers SharedAccessPolicie
• B. Call GetSharedAccessSignature on the blob and use the resulting link.
• C. Create a SharedAccessBlobPolicy and set the expiry time to two weeks from toda
• D. Call GetSharedAccessSignature on the blob and use the resulting link.
• E. Create a SharedAccessAccountPolicy and call GetsharedAccessSignature on storage account and use the resulting link.
• F. Create a SharedAccessBlobPolicy and set the expiry time to two weeks from toda
• G. Call GetSharedAccessSignature on the container and use the resulting link.

Answer: B

NEW QUESTION 4
DRAG DROP
You need to deploy a new version of the LabelMaker application.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: Each correct selection is worth one point.

Answer:

Explanation: Step 1: Build a new application image by using dockerfile
Step 2: Create an alias if the image with the fully qualified path to the registry
Before you can push the image to a private registry, you’ve to ensure a proper image name. This can be achieved using the docker tag command. For demonstration purpose, we’ll use Docker’s hello world image, rename it and push it
to ACR.
# pulls hello-world from the public docker hub
$ docker pull hello-world
# tag the image in order to be able to push it to a private registry
$ docker tag hello-word <REGISTRY_NAME>/hello-world
# push the image
$ docker push <REGISTRY_NAME>/hello-world Step 3: Log in to the registry and push image
In order to push images to the newly created ACR instance, you need to login to ACR form the Docker CLI. Once logged in, you can push any existing docker image to your ACR instance.
Scenario:
Coho Winery plans to move the application to Azure and continue to support label creation.
LabelMaker app
Azure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).
You must use Azure Container Registry to publish images that support the AKS deployment.
References:
https://thorsten-hans.com/how-to-use-a-private-azure-container-registry-with- kubernetes-9b86e67b93b6
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-tutorial- quick-task

NEW QUESTION 5
HOTSPOT
You are creating an app that uses Event Grid to connect with other services. Your app's event data will be sent to a serverless function that checks compliance. This function is maintained by your company.
You write a new event subscription at the scope of your resource. The event must be invalidated after 3 specific period of time. You need to configure Event Grid to ensure security.
What should you implement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point

Answer:

Explanation: Box 1: SAS tokens
Custom topics use either Shared Access Signature (SAS) or key authentication. Microsoft recommends SAS, but key authentication provides simple programming, and is compatible with many existing webhook publishers.
In this case we need the expiration time provided by SAS tokens. Box 2: ValidationCode handshake
Event Grid supports two ways of validating the subscription:
ValidationCode handshake (programmatic) and ValidationURL handshake (manual).
If you control the source code for your endpoint, this method is recommended. Incorrect Answers:
ValidationURL handshake (manual): In certain cases, you can't access the source code of the endpoint to implement the ValidationCode handshake. For example, if you use a third-party service (like Zapier or IFTTT), you can't programmatically respond with the validation code.
References:
https://docs.microsoft.com/en-us/azure/event-grid/security-authentication

NEW QUESTION 6
Create a DataSource instance and set its Container property to the DataContainer.

Answer:

NEW QUESTION 7
HOTSPOT
You need to ensure that security requirements are met.
What value should be used for the ConnectionString field on line DB03 in the Database class? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer:

Explanation: Box 1: Integrated Security=SSPI
Integrated security: For all data source types, connect using the current user account.
For SqlClient you can use Integrated Security=true; or Integrated Security=SSPI; Scenario: All access to Azure Storage and Azure SQL database must use the application’s Managed Service Identity (MSI)
Box 2: Encrypt = True
Scenario: All data must be protected in transit. References:
https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/connection-string- syntax

NEW QUESTION 8
DRAG DROP
You need to add code at line PC32 in Processing.es to implement the GetCredentials method in the Processing class.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 9
You develop an Azure web app. You monitor performance of the web app by using Application Insights. You need to ensure the cost for Application Insights does not exceed a preset budget. What should you do?

• A. Implement ingestion sampling using the Azure portal.
• B. Set a daily cap for the Application Insights instance.
• C. Implement adaptive sampling using the Azure portal.
• D. Implement adaptive sampling using the Application Insights SDK.
• E. Implement ingestion sampling using the Application Insights SDK.

Answer: B

NEW QUESTION 10
DRAG DROP
You need to add code at line EG15 in EventGridController.cs to ensure that the Log policy applies to all services.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation: Box 1: Status
Box 2: Succeded
Box 3: operationName Scenario: Policy service
You develop and deploy a stateful ASP.NET Core 2.1 web application named Policy service to an Azure App Service Web App. The application reacts to events from Azure Event Grid and performs policy actions based on those events.
The application must include the Event Grid Event ID field in all Application Insights telemetry.

NEW QUESTION 11
Note: In this section you will see one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem, and you must determine whether the solution meets the stated goals. More than one solution might solve the problem. It is also possible that none of the solutions solve the problem.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
You need to meet the vendor notification requirement.
Solution: Update the Delivery API to send emails by using a Microsoft Office 365 SMTP server.
Does the solution meet the goal?

• A. Yes
• B. No

Answer: B

Explanation: Use a custom outbound Azure API Management policy. Scenario:
If a vendor is nearing the number of calls or bandwidth limit, the API must trigger email notifications to the vendor.
(API usage must not exceed 5,000 calls and 50,000 kilobytes of bandwidth per hour per vendor.)
References:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto- policies

NEW QUESTION 12
You need to meet the LabelMaker security requirement. What should you do?

• A. Create a conditional access policy and assign it to the Azure Kubernetes Service duster
• B. Place the Azure Active Directory account into an Azure AD grou
• C. Create a ClusterRoleBinding and assign it to the group.
• D. Create a Microsoft Azure Active Directory service principal and assign it to the Azure Kubernetes Service (AKS) duster.
• E. Create a RoleBinding and assign it to the Azure AD account.

Answer: D

NEW QUESTION 13
HOTSPOT
You have an Azure Batch project that processes and converts files and stores the
files in Azure storage. You are developing a function to start the batch job. You add the following parameters to the function:

You must ensure that converted files are placed in the container referenced by the outputContainerSasUrl parameter. Files which fail to convert are placed in the container referenced by the failedContainerSasUrt parameter.
You need to ensure the files are correctly processed.
How should you complete the code segment? To answer, select the appropriate options in the answer area.

Answer:

Explanation: EnableJob
TaskFailure
Taskcompletion
ResourceFiles

NEW QUESTION 14
You need to update the chatbot to greet the user when they sign in.
Which two rich card formats can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point

• A. Thumbnail
• B. Adaptive
• C. Sign-in
• D. Hero
• E. Animation

Answer: AC

Explanation: Scenario: The chatbot greeting interface must match the formatting of the following example:

A message exchange between user and bot can contain one or more rich cards rendered as a list or carousel. The Attachments property of the Activity object contains an array of Attachment objects that represent the rich cards and media attachments within the message.
The Bot Framework currently supports eight types of rich cards:
Thumbnail Card. A card that typically contains a single thumbnail image, one or more buttons, and text.
SignIn Card. A card that enables a bot to request that a user sign-in. It typically contains text and one or more buttons that the user can click to initiate the sign-in process.
Incorrect Answers:
B: Animation Card. A card that can play animated GIFs or short videos.
C Hero Card. A card that typically contains a single large image, one or more buttons, and text.
E: Adaptive Card. A customizable card that can contain any combination of text, speech, images, buttons, and input fields.
Note:
Receipt Card. A card that enables a bot to provide a receipt to the user. It typically contains the list of items to include on the receipt, tax and total information, and other text.
Video Card. A card that can play videos. References:
https://docs.microsoft.com/en-us/azure/bot-service/dotnet/bot-builder-dotnet-add- rich-card-attachments?view=azure-bot-service-3.0

NEW QUESTION 15
DRAG DROP
You are developing a solution for a hospital to support the following use cases:
•The most recent patient status details must be retrieved even if multiple users in different locations have updated the patient record
•Patient health monitoring data retrieved must be the current version or the prior version.
•After a patient is discharged and all charges have been assessed, the patient billing record contains the final charges.
You provision a Cosmos D6 NoSQL database and set the default consistency level for the database account to Strong. You set the value for Indexing Mode to Consistent
You must minimize latency and any impact to the availability of the solution. You must override the default consistency level at the query level to meet the required consistency guarantees for the scenarios.
You need to configure the consistency levels to support each scenario.
Which consistency levels should you implement? To answer, drag the appropriate consistency levels to the correct requirements. Each consistency level may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 16
You need to ensure the security policies are met. What code do you add at line CS07?

• A. -PermissionsToKeys wrapkey, unwrapkey, get
• B. -PermissionsToKeys create, encrypt, decrypt
• C. -PermissionsToCertificates wrapkey, unwrapkey, get
• D. -PermissionsToCertificates create, encrypt, decrypt

Answer: D

Explanation: Case Study: 3
Proseware, Inc
Background
You are a developer for Proseware, Inc. You are developing an application that applies a set of governance policies for Proseware's internal services, external services, and applications. The application will also provide a shared library for common functionality.
Requirements Policy service
You develop and deploy a stateful ASP.NET Core 2.1 web application named Policy service to an Azure App Service Web App. The application reacts to events from Azure Event Grid and performs policy actions based on those events.
The application must include the Event Grid Event ID field in all Application Insights telemetry.
Policy service must use Application Insights to automatically scale with the number of policy actions that it is performing.
Policies Log policy
All Azure App Service Web Apps must write logs to Azure Blob storage. All log files should be saved to a container named logdrop. Logs must remain in the container for 15 days.
Authentication events
Authentication events are used to monitor users signing in and signing out. All authentication events must be processed by Policy service. Sign outs must be processed as quickly as possible.
Policylib
You have a shared library named PolicyLib that contains functionality common to all ASP.NET Core web services and applications. The Policy Lib library must
• Exclude non-user actions from Application Insights telemetry.
• Provide methods that allow a web service to scale itself.
• Ensure that scaling actions do not disrupt application usage.
Other
Anomaly detection service
You have an anomaly detection service that analyzes log information for anomalies. It is implemented as an Azure as a web service.
If an anomaly is detected, an Azure Function that emails administrators is called by using an HTTP WebHook.
Health monitoring
All web applications and services have health monitoring at the /health service endpoint.
Issues Policy loss
When you deploy Policy service, policies may not be applied if they were in the process of being applied during the deployment.
Performance issue
When under heavy load, the anomaly detection service undergoes slowdowns and rejects connections.
Notification latency
Users report that anomaly detection emails can sometimes arrive several minutes after an anomaly is detected.
App code EnventGridController.cs
Relevant portions of the app files are shown below. Line numbers are included for reference only and include a two-character prefix that denotes the specific file to which they belong.


LoginEvents.cs
Relevant portions of the app files are shown below. Line numbers are included for reference only and include a two-character prefix that denotes the specific file to which they belong.

NEW QUESTION 17
DRAG DROP
Contoso, Ltd. provides an API to customers by using Azure API Management (APIM). The API authorizes users with a JWT token.
You must implement response caching for the APIM cfeeway. The caching mechanism must detect the user ID of the client that accesses data for a given location and cache the response for that user ID.
You need to add the following policies to the policies file:
• a set-variable policy to store the detected user identity
• a cache-lookup-value policy
• a cache-store-value policy
• a find-and-replace policy to update the response body with the user profile information
To which policy section should you add the policies? To answer, drag the appropriate sections to the correct policies. Each section may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
NOTE: Each correct selection is worth one point

Answer:

Explanation: