Implementing Microsoft Azure Infrastructure Solutions (70-533_Part-II)
I
am starting a blog to learn Implementing Microsoft Azure Infrastructure
Solutions (70-533). For this purpose I am posting practice questions
with answers from different dumps. The objective to achieve is to
discuss if the answers are correct or incorrect. I need input (comments) from you
people and it will also be helpful for those who intends to take this
exam. First question with its topic is as follows;
QUESTION-34: You use Azure Resource Manager (ARM) templates to deploy resources.
You need to ensure that storage resources defined in templates cannot be deleted.
Solution: You define the following JSON in the temp
“resources”: [
{
“name”: “[concat(parameters(‘lockedResource’), ‘/Microsoft.Authorization/myLock’)]”,
“type”: “Microsoft.Storage/storageAccounts/providers/locks”,
“apiVersion”: “2015-01-01”,
“properties”: {
“level”: “ReadOnly”
}
}
Answer: NO
{
“name”: “[concat(parameters(‘lockedResource’), ‘/Microsoft.Authorization/myLock’)]”,
“type”: “Microsoft.Storage/storageAccounts/providers/locks”,
“apiVersion”: “2015-01-01”,
“properties”: {
“level”: “ReadOnly”
}
}
Answer: NO
Applying ReadOnly can
lead to unexpected results because some operations that seem like read
operations actually require additional actions. For example, placing a ReadOnly lock on a storage account prevents all
users from listing the keys.
QUESTION-35: You use Azure
Resource Manager (ARM) templates to deploy resources.
You need to ensure that storage resources defined in templates cannot be deleted.
Solution: You define the following JSON in the temp
You need to ensure that storage resources defined in templates cannot be deleted.
Solution: You define the following JSON in the temp
“resources”: [
{
“name”: “[concat(parameters(‘lockedResource’), ‘/Microsoft.Authorization/myLock’)]”,
“type”: “Microsoft.Authorization/locks”,
“apiVersion”: “2015-01-01”,
“properties”: {
“level”: “CannotDelete”
}
}
]
{
“name”: “[concat(parameters(‘lockedResource’), ‘/Microsoft.Authorization/myLock’)]”,
“type”: “Microsoft.Authorization/locks”,
“apiVersion”: “2015-01-01”,
“properties”: {
“level”: “CannotDelete”
}
}
]
Answer:YES
QUESTION-36: A company has an Azure subscription and plans to deploy virtual machines (VMS), he company needs to use an Azure Active Directory Domain Services (Azure AD DS) domain with the VMS.You need to ensure that you can join the VMS to the Azure AD DS domain.
solution: Create an on-premises AD DS domain.
Does the solution meet the goal?
Answer:NO
Azure AD Domain Services must be enabled for the Azure AD directory. If you haven't done so, follow all the tasks outlined in the Getting Started guide.
QUESTION-37: A Company has an Azure subscription and plans to deploy virtual machines (VMS). company needs to use an Azure Active Directory Domain Services (Azure AD DS) domain with the VMS.You need to ensure that you can join the VMS to the Azure AD DS domain.
Solution Create a dedicated virtual network for Azure AD DS.
the solution meet the goal?
Answer:NO
No need for dedicated network, Ensure that you have configured the IP addresses of the managed domain as the DNS servers for the virtual network
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-join-windows-vm-template
QUESTION-38: A company uses Azure to virtual machines (VMS) and web apps. You have an app service named Appl that uses tre Basic app service tier.
to ensure that diagnostic data for Appl is permanently stored.
Scale the app service to the Standard tier
Does the solution meet the goal?
Answer: YES
QUESTION-39: The VM environment must provide 99.95 % uptime.The VM must not be offline due to installation of an update that requires a reboot
Solution:create an availability set with two VM’s.Place the VM in the same update domain YES/NO
Answer:NO
QUESTION-40: The VM environment must provide 99.95 % uptime.The VM must not be offline due to installation of an update that requires a reboot
Solution:create an availability set with two VM’s.Place the VM in the same Fault domain YES/NO
Answer:NO
The VM environment must provide 99.95 % uptime.The VM must not be offline due to
installation of an update that requires a reboot
Solution:create an availability set with two VM’s.Place the VM in the different update and fault domain YES/NO
Answer:YES
QUESTION-41: A company uses Azure to host virtual machines (VMS) and web apps. You have
an app service named Appl that uses the Basic app service tier.
You need to ensure that diagnostic data for Appl is permanently stored.
Solution: You specify a storage account in the Diagnostics,xml file.
Does the solution meet the goal?
Answer:NO
You specify the storage account that you want to use in the ServiceConfiguration.cscfg
QUESTION-36: A company has an Azure subscription and plans to deploy virtual machines (VMS), he company needs to use an Azure Active Directory Domain Services (Azure AD DS) domain with the VMS.You need to ensure that you can join the VMS to the Azure AD DS domain.
solution: Create an on-premises AD DS domain.
Does the solution meet the goal?
Answer:NO
Azure AD Domain Services must be enabled for the Azure AD directory. If you haven't done so, follow all the tasks outlined in the Getting Started guide.
QUESTION-37: A Company has an Azure subscription and plans to deploy virtual machines (VMS). company needs to use an Azure Active Directory Domain Services (Azure AD DS) domain with the VMS.You need to ensure that you can join the VMS to the Azure AD DS domain.
Solution Create a dedicated virtual network for Azure AD DS.
the solution meet the goal?
Answer:NO
No need for dedicated network, Ensure that you have configured the IP addresses of the managed domain as the DNS servers for the virtual network
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-join-windows-vm-template
QUESTION-38: A company uses Azure to virtual machines (VMS) and web apps. You have an app service named Appl that uses tre Basic app service tier.
to ensure that diagnostic data for Appl is permanently stored.
Scale the app service to the Standard tier
Does the solution meet the goal?
Answer: YES
QUESTION-39: The VM environment must provide 99.95 % uptime.The VM must not be offline due to installation of an update that requires a reboot
Solution:create an availability set with two VM’s.Place the VM in the same update domain YES/NO
Answer:NO
QUESTION-40: The VM environment must provide 99.95 % uptime.The VM must not be offline due to installation of an update that requires a reboot
Solution:create an availability set with two VM’s.Place the VM in the same Fault domain YES/NO
Answer:NO
The VM environment must provide 99.95 % uptime.The VM must not be offline due to
installation of an update that requires a reboot
Solution:create an availability set with two VM’s.Place the VM in the different update and fault domain YES/NO
Answer:YES
VMs
Need to be in different update/fault domains
in order to avoid reboot
You need to ensure that diagnostic data for Appl is permanently stored.
Solution: You specify a storage account in the Diagnostics,xml file.
Does the solution meet the goal?
Answer:NO
You specify the storage account that you want to use in the ServiceConfiguration.cscfg
QUESTION-42: A company has an existing on-premises Active Directory environment that is synchronized using DirSync. They plan to transition the DirSync deployment to Azure Active Directory (Azure AD) Connect.
What
should you do?
A.
Install a new on-premises domain controller.
B.
Create a new Azure AD instance.
C.
Upgrade the on-premises Active Directory Domain
Service (AD DS) forest functional level to Windows Server 2016.
D.
Deploy Azure AD Connect in parallel.
Answer: D
Explanation: https://docs.microsoft.com/gl-es/azure/active-directory/connect/active-directory-aadconnect-dirsync-deprecated#how-to-transition-to-azure-ad-connect
QUESTION-43: A company
uses Azure to host virtual machines (VMs) and web apps.
A line of
business (LOB) application that runs on a VM uses encrypted storage.
You need
to ensure that the VMs support the LOB application.
What
should you do?
A.
Run the Set-AzureRmVMDiskEncryptionExtension
Azure PowerShell cmdlet.
B.
Use a Premium Storage disk for the VM.
C.
Run the Add-AzureRmVmssSecret Azure PowerShell
cmdlet.
D.
Scan the environment from the Azure Security
Manager.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/powershell/module/azurerm.compute/set-
azurermvmdiskencryptionextension?view=azurermps-4.4.1
QUESTION-44: Note: This question is part of a series of
questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct
solution. After you answer a question in this sections, you will NOT be able to
return to it. As a result, these questions will not appear in the review
screen.
You manage
an Azure SQL Database. The database has weekly backups that are stored in an
Azure Recovery Services vault.
You need
to maximize the time that previous backup versions are stored.
Solution:
You configure a retention policy that is set to three years.
Does the
solution meet the goal?
A.
Yes
B.
No
Answer: B
You need
to maximize the time that previous backup versions are stored.
Why play around?
just max it to 10 years,so no it doesn’t meet the goal.
QUESTION-45: A company
uses Azure to host virtual machines (VMs) and web apps. You plan to deploy a
new web app in the Shared App Service tier.
The web
app must support running up to 25 instances concurrently.
You need
to ensure that you can configure HTTPS for the new web app.
What
should you do?
A.
Configure the domain name mapping.
B.
Set the deployment credentials for the app
service.
C.
Create a new app service.
D.
Scale up to the Premium App Service tier.
Answer: A
Explanation: https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-domain
QUESTION-46: You are
the Azure administrator for your company.
The
company has developed a mobile application used to support sales people in the
field.
The application
uses Azure Active Directory (Azure AD) accounts for authentication.
The
application sends and receives HTTP requests on publicly accessible endpoints.
You need
to provide the ability to authenticate the application using Azure.
Which tool
should you use?
A.
OAuth 2.0 authorization code grant
B.
Azure AD Connect
C.
Azure Portal
D.
Azure AD Graph API
The
simplest way to assign RBAC permissions is via the Azure portal. Open the
'Access control (IAM)' blade for the resource group, then click 'Add', then
select the 'DNS Zone Contributor' role and select the required users or groups
to grant permissions.
You can
search the directory with display names, email addresses, and object
identifiers.
https://docs.microsoft.com/en-us/azure/dns/dns-protect-zones-recordsets
QUESTION-47: You are an
administrator of the Azure subscription for your company.
You are
updating an Azure Resource Manager (ARM) template.
You need
to ensure that the JSON file uses the latest version available.
Which
template element should you modify?
A.
parameters
B.
resources
C.
$schema
D.
variables
Answer: C
Explanation:
$schema Yes
Location of the JSON schema file that
describes the version of the template language. Use the URL shown in the
preceding example.
QUESTION-48:A company
uses Azure to host virtual machines (VMs) and web apps.
You need
to ensure that you can configure a schedule to scale app services.
How should
you configure the app service?
A.
Set the scale by metric setting to Queue.
B.
Set the scale up by instances setting to 5.
C.
Set the scale down by instances setting to 5.
D.
Ensure that linked resources are also scaled.
E.
Set the scale by metric setting to None.
Answer: A
Explanation:
The
Automatic scale - Queue mode automatically scales if the number of messages in
a queue
goes above
or below a specified threshold. Role instances are created or deleted when this
happens.
Incorrect
Answers:
B, C: To
set the scale up/scale down by instances setting you must first set the scale
by metric setting to CPU.
D: Scale
linked resources
Often when
you scale a role, it's beneficial to scale the database that the application is
using also.
If you
link the database to the cloud service, you can access the scaling settings for
that
resource.
https://docs.microsoft.com/en-us/azure/cloud-services/cloud-services-how-to-scale
QUESTION-49: You plan
to use Azure Monitor with AutoScale Services.
You create
a URI to be used with the monitoring service.
You need
to configure an alert that specifies the URI.
Which
Azure Command-Line Interface (CLI) command or Azure PowerShell cmdlet should
you run?
A.
New-AzureRmAlertRuleEmail
B.
azure insights logprofile add
C.
New-AzureRmAlertRuleWebhook
D.
New-AzureRmAutoscaleRule
Answer: C
Explanation:
The
New-AzureRmAlertRuleWebhook cmdlet creates an alert rule webhook.
Syntax:
QUESTION-50: You create
an Azure Recovery Services vault and download the backup agent installation
file.
You need
to complete the installation of the backup agent.
What
should you do first?
A.
Configure network throttling.
B.
Set the storage replication option.
C.
Download the vault credentials file.
D.
Select the data to back up.
Answer: C
Explanation:
After you
have created the vault, prepare your infrastructure to back up files and
folders by downloading and installing the Microsoft Azure Recovery Services
agent, downloading vault credentials, and then using those credentials to
register the agent with the vault. You can install the agent after you have
downloaded the vault credentials.
Note: On
the Prepare infrastructure blade, click Download.
I liked your blog.Thanks for your interest in sharing your ideas.keep doing more.
ReplyDeleteMS Azure Online Training
Thanks for your marvelous posting! I seriously enjoyed reading it, you will be a great author.I have one more post related with roblox.Robloxplayer exe
ReplyDelete