Implementing Microsoft Azure Infrastructure Solutions (70-533_Part-III)
I am starting a blog to learn Implementing Microsoft Azure Infrastructure Solutions (70-533). For this purpose I am posting practice questions with answers from different dumps. The objective to achieve is to discuss if the answers are correct or incorrect. I need input (comments) from you people and it will also be helpful for those who intends to take this exam. First question with its topic is as follows;
QUESTION-1: You create
an Azure Recovery Services vault and download the backup agent installation
file.
You need
to complete the installation of the backup agent.
What
should you do first?
A. Configure
network throttling.
B. Set the
storage replication option.
C. Download
the vault credentials file.
D. Select the
data to back up.
Answer: C
Explanation:
After you
have created the vault, prepare your infrastructure to back up files and
folders by downloading and installing the Microsoft Azure Recovery Services
agent, downloading vault credentials, and then using those credentials to
register the agent with the vault. You can install the agent after you have
downloaded the vault credentials.
Note: On
the Prepare infrastructure blade, click Download.
QUESTION-2: Note: This question is part of a series of
questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct
solution.
After you answer a question in this sections,
you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You manage
an Azure SQL Database. The database has weekly backups that are stored in an
Azure Recovery Services vault.
You need
to maximize the time that previous backup versions are stored.
Solution:
You configure a retention policy that is set to 20 years.
Does the
solution meet the goal?
A.
Yes
B.
No
Answer: B
Explanation:
Store
Azure SQL Database backups for up to 10 years.
Many
applications have regulatory, compliance, or other business purposes that
require you to retain database backups beyond the 7-35 days provided by Azure
SQL Database automatic backups. By using the long-term backup retention
feature, you can store your SQL database backups in an Azure Recovery Services
vault for up to 10 years. https://docs.microsoft.com/en-us/azure/sql-database/sql-database-long-term-retention
QUESTION-3:A company
deploys Microsoft SQL Server on an Azure Standard_DS3 virtual machine (VM).
You need
to modify the disk caching policy.
Which
Azure PowerShell cmdlet should you run?
A.
Set-AzureRmVmOperatingSystem
B.
Set-AzureRmVmDataDisk
C.
Update-Disk
D.
Update-AzureDisk
Answer: B
QUESTION-4: Note: This question is part of a series of
questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct
solution.
After you answer a question in this sections,
you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You manage
an Azure SQL Database. The database has weekly backups that are stored in an
Azure Recovery Services vault.
You need
to maximize the time that previous backup versions are stored.
Solution:
You configure a retention policy that is set to one year.
Does the
solution meet the goal?
A.
Yes
B.
No
Answer: B
Explanation:
Store
Azure SQL Database backups for up to 10 years.
Many
applications have regulatory, compliance, or other business purposes that require
you to retain database backups beyond the 7-35 days provided by Azure SQL
Database automatic backups. By using the long-term backup retention feature,
you can store your SQL database backups in an Azure Recovery Services vault for
up to 10 years. https://docs.microsoft.com/en-us/azure/sql-database/sql-database-long-term-retention
QUESTION-5: Note: This question is part of a series of
questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct
solution.
After you answer a question in this sections,
you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You manage
an Azure SQL Database.
The
database has weekly backups that are stored in an Azure Recovery Services
vault.
You need
to maximize the time that previous backup versions are stored.
Solution:
You configure a retention policy that is set to 10 years.
Does the
solution meet the goal?
A.
Yes
B.
No
Answer: A
Explanation:
Store
Azure SQL Database backups for up to 10 years.
Many
applications have regulatory, compliance, or other business purposes that
require you to retain database backups beyond the 7-35 days provided by Azure
SQL Database automatic backups. By using the long-term backup retention
feature, you can store your SQL database backups in an Azure Recovery Services
vault for up to 10 years.
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-long-term-retention
QUESTION-6: You manage
the on-premises and cloud for a company. Employees use Microsoft Office 365 to
collaborate and manage product development.
They
authenticate to Azure Active Directory (Azure AD) to access all on-premises and
cloud-based resources.
You must
grant employees access to several custom-built applications.
You need
to ensure that you can automatically add or remove employee access to Office 365
based on employee group memberships or attributes. What should you use?
A.
Active Directory Configuration
B.
Advanced Rules for an Active Directory Group.
C.
Application Access to Active Directory
D.
The Users group in Active Directory
Answer: B
QUESTION-7: You have
an Azure subscription.
You create
an Azure Active Directory (Azure AD) tenant named Tenant1.
You plan
to integrate Tenant1 and the on-premises Active Directory.
You need
to create a user account that can be used to synchronize changes from the on-premises
Active Directory.
The
solution must use the principle of least privilege.
Which
organizational role should you assign to the user account?
A.
Service administrator
B.
Global administrator
C.
Password administrator
D.
User administrator
Answer: B
QUESTION-8: You have
an existing classic virtual network.
You need
to export the virtual network settings to an XML file to make modifications.
Which
Azure PowerShell cmdlet should you use?
A.
Get-AzureVNetSite
B.
Get-AzureVNetConnection
C.
Get-AzureVNetGateway
D. Get-AzureVNetConfig
Answer: D
QUESTION-9: You manage
Azure Web Apps for a company.
You
migrate an on-premises web app to Azure.
You plan
to update the Azure Web App by modifying the connection string and updating the
files that have changed since previous revision.
The
deployment process must use Secure Socket Layer (SSL) and occur during off-peak
hours as an automated batch process.
You need
to update the Azure Web App.
What should
you do?
A.
Configure a File Transfer Protocol (FTP)
transfer script.
B.
Deploy the project from Microsoft Visual Studio.
C.
Run theNew-AzureRMWebAppAzure PowerShell cmdlet.
D.
Run theNew-AzureRmResouceGroupDeploymentAzure
PowerShell cmdlet.
Answer: D
QUESTION-10: You manage
an on-premises monitoring platform.
You plan
to deploy virtual machines (VMs) in Azure.
You must
use existing on-premises monitoring solutions for Azure VMs.
You must
maximize security for any communication between Azure and the on-premises
environment.
You need
to ensure that Azure alerts are sent to the on-premises solution.
What
should you do?
A.
Enable App Service Authentication for the VMs.
B.
Configure a basic authorization webhook.
C.
Deploy an HDInsight cluster.
D.
Configure a token-based authorization webhook.
Answer: D
QUESTION-11: You
administer an Azure subscription for your company.
You have
an application that updates text files frequently.
The text
files will not exceed 20 gigabytes (GB) in size. Each write operation must not
exceed 4 megabytes (MB).
You need
to allocate storage in Azure for the application.
Which
three storage types will achieve the goal? Each correct answer presents a
complete solution.
A.
page blob
B.
queue
C.
append blob
D.
block blob
E.
file share
Answer: ACD
QUESTION-12: You have
an application that uses SQL Server in an Azure virtual machine (VM) to store
data.
If the VM
running the primary instance of SQL Server fails:
- The application must automatically begin using a
backup copy of the SQL Server data.
- The recovery solution must guarantee that no data
is lost.
If the
primary datacenter fails:
- There must be a way to manually switch to a
secondary data center.
- Some data loss is acceptable.
You create
an active datacenter named AD1 and a passive datacenter named PD1.
AD1 has
two SQL Server instances. PD1 has one SQL Server instance.
You need
to implement the replication and failover solutions for the application.
What
should you do?
A.
In AD1, configure asynchronous replication and
automatic failover. In PD1, configure synchronous replication and manual
failover from AD1.
B.
In AD1, configure synchronous replication and
automatic failover. In PD1, configure synchronous replication and manual
failover from AD1.
C.
In AD1, configure synchronous replication and
manual failover. In PD1, configure asynchronous replication and manual failover
from AD1.
D.
In AD1, configure asynchronous replication and
manual failover. In PD1, configure asynchronous replication and manual failover
from AD1.
QUESTION-13: You
are the architect for a software company that provides application servers to
customers. The application servers are Azure virtual machines (VMs) running
Windows Server 2012 R2 under your company's Azure subscription.
The VMs
are administrated by customers, and each customer customizes the system to meet
its specific needs.
You
identify the following requirements:
- The customer must not modify the LocalSystem
service account on the VMs.
- The customer must run the Azure VM Agent.
- You must set the value of the PowerShell execution
policy to
RemoteSigned for all customers.
When a
critical security issue is discovered, the application servers must be updated
with a security update as quickly as possible, without waiting for customer
action.
You need
to design a strategy that allows for security issues to be updated as quickly
as possible. What should you do?
A.
Convert the application so that it runs under a
Hyper-V container, and run the security update script on the host system.
B.
Build the security update script into a new base
Windows Server 2012 R2 image and deploy the image by using a Virtual Machine
Scale Set.
C.
Use WinRM to run the security update script on
each customer VM.
D.
Create an AzureVMCustomScriptExtension to run
the security update on each VM.
Answer: D
QUESTION-14: Your
company has an Azure subscription.
You plan
to deploy 10 Web Apps.
You have
the following requirements:
- Each Web App has at least 15 GB of storage.
- All Web App can use azurewebsites.net.
You need
to deploy the 10 web apps while minimizing costs.
Which
pricing tier plan should you recommend?
A. Standard
B.
Free
C.
Basic
D.
Shared
Answer: A
Explanation:
https://azure.microsoft.com/en-us/pricing/details/app-service/
QUESTION-15: You deploy
an Azure Web App named ContosoApp. ContosoApp runs on five instances. You need
to run an application named App1.exe automatically as a background process for
ContosoApp. The solution must ensure that App1.exe runs in one instance only.
How should you deploy App1.exe?
A.
as a continuous web job
B.
in a new worker role instance
C.
as a scheduled web job
D.
as a virtual application
Answer: C
Explanation:
https://docs.microsoft.com/en-us/azure/app-service-web/web-sites-create-web-
jobs#CreateScheduled
QUESTION-16: You are
deploying an ASP.NET application to an Azure virtual machine (VM). The
application throws an exception when invalid data is entered.
When
exceptions occur, an administrator must log on to the system to remove the bad
data, and then restart the application.
You need
to gather information about application crashes.
What
should you do?
A.
View the IIS logs.
B.
View the Windows event system logs.
C.
View the Windows event application logs.
D.
Collect network and web metrics.
Answer: C
QUESTION-17: You are
the administrator for your company's Azure subscription.
Company
policy dictates that you must deploy new Azure Resource Manager (ARM) templates
using Azure Command-Line Interface (CLI). Parameters are included in a file
called azuredeploy.parameters.json and do not contain any password information.
All JSON files are located in the root of drive E.
You need
to ensure that password parameters are passed to the command.
Which two
commands are possible ways to achieve this goal? Each correct answer presents a
complete solution.
A.
Add the appropriate password parameters to the
azuredeploy.parameters.json file and then run the following CLI command:azure
group create -n “ARMBasic” -l “West US” -f “e:\azuredeploy.json” -e
“e:\azuredeploy.parameters.json”
B.
Run the following CLI command. Do not add additional
switches:azure group create -n
“ARMBasic”
-l “West US” -f “e:\azuredeploy.json” -e “e:\azuredeploy.parameters.json”
C.
Run the following CLI command. Add a switch to
include password parameters:azure group create -n “ARMBasic” -l “West US” -f
“e:\azuredeploy.json”
D.
Run the following CLI command. Add switches to
include all parameters:azure group create -n
“ARMBasic”
-l “West US” -f “e:\azuredeploy.json”
Answer: AD
QUESTION-18: You manage
the on-premises and cloud network for a company. The network includes an Azure
classic virtual network (VNet) on an East US server with two subnets that must
remain online until the end of the year.
You update
all other VNets to Azure Resource Manager (ARM) Vnets.
You need to set up communication between specific ARM VNets and the
classic Vnet
What should
you do?
A.
Create a Local VPN gateway for the classic VNet.
Create VPN gateways for any ARM VNets to communicate with the local gateway.
B.
Create Local VPN gateways for the ARM VNets.
Create a VPN gateway for the classic VNet to communicate with the local
gateways.
C.
Move the ARM VNets to the US East region. Update
the classic VNet to use a single subnet. Add the classic VNet as a subnet to
any ARM VNet that requires communication.
D.
Move the ARM VNets to a non US East region.
Update the classic VNet to use a single subnet. Add the classic VNet as a
subnet to any ARM VNet that requires communication.
E.
Set the resource group of the classic VNet to
use the same resource group that you use to create any ARM VNet that requires
communication.
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-connect-different-deployment-
models-portal
QUESTION-19: You are
the administrator for your company's virtual environment.
The
company plans to deploy an e- commerce application that will experience random
performance fluctuations.
The
application must be able to scale to meet temporary needs and be idle when the
needs disappear.
You create
an automatic virtual machine (VM) scale set to support the application.
You need
to set up automatic scaling for the scale set.
Which
three tools can you use? Each correct answer presents a complete solution.
A.
Resource Manager templates
B.
Azure PowerShell
C.
Azure Command-Line Interface (CLI)
D.
Azure Traffic Manager
E.
Azure Resource Explorer
Answer: ABC
Explanation:
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-
autoscale-overview#set-up-scaling-by-using-resource-manager-templates
QUESTION-20: You are an
administrator of an Azure subscription for your company.
Management asks you to
configure Azure permissions for a user in your Azure Active Directory (Azure
AD). The user must be able to perform all actions on the virtual machines
(VMs).
The user
must not be allowed to create and manage availability sets for the Vms. You
need to implement the required permissions with the least administrative
effort. How should you assign permissions?
A.
Use Windows PowerShell to assign the Classic
Virtual Machine Contributor role to the user.
B.
Use Windows PowerShell to create a custom role
from the Virtual Machine Contributor role and then use NotActions to customize
the role permissions.
C.
Implement a custom role through the Azure Portal
and customize the role by adding the appropriate permissions.
D.
Assign the Virtual Machine Contributor role to
the user.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-built-in-roles#classic-
virtual-
machine-contributor
QUESTION-21: You manage an application that has a front-end
tier, a middle tier, and a back-end tier. Each tier is located on a different
subnet.
You need to apply access to and between the
tiers as follows:
- Only the front-end tier must be able to access the
Internet.
- You must permit network access between the
front-end tier and the middle tier.
- You must permit network access between the middle
tier and the back-end tier.
- You must prevent all other network traffic.
You need to apply this configuration to all
virtual machines inside the subnets.
What should you do?
A.
Use a Network Security Group (NSG).
B.
Add a VPN gateway.
C. Add a regional VNET.
D. Add an Availability Set.
Answer: A
No comments:
Post a Comment