Q1. - (Topic 6)
You are designing an Azure application. The application includes two web roles and three instances of a worker role. The web roles send requests to the worker role by using one or more Azure Queues.
You need to recommend a queue design for sending requests to the worker role.
What should you recommend?
A. Create a queue for each combination of web roles and worker role instances. Send requests to all worker role instances based on the sending web role.
B. Create a single queue. Send all requests on the single queue.
C. Create a queue for each worker role instance. Send requests on each worker queue by using a round robin rotation.
D. Create a queue for each web role. Send requests on all queues at the same time.
Answer: B
Explanation: To communicate with the worker role, a web role instance places messages on to a queue. A worker role instance polls the queue for new messages, retrieves them, and processes them. There are a couple of important things to know about the way the queue service works in Azure. First, you reference a queue by name, and multiple role instances can share a single queue. Second, there is no concept of a typed message; you construct a message from either a string or a byte array. An individual message can be no more than 64 kilobytes (KB) in size.
Reference: 5 – Executing Background Tasks
https://msdn.microsoft.com/en-gb/library/ff803365.aspx
Reference: .NET Multi-Tier Application Using Service Bus Queues http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-dotnet-multi-tier-app-using-service-bus-queues/
Q2. - (Topic 1)
You need to ensure that users do not need to re-enter their passwords after they authenticate to cloud applications for the first time.
What should you do?
A. Enable Microsoft Account authentication.
B. Set up a virtual private network (VPN) connection between the VanArsdel premises and Azure datacenter. Set up a Windows Active Directory domain controller in Azure VM. Implement Integrated Windows authentication.
C. Deploy ExpressRoute.
D. Configure Azure Active Directory Sync to use single sign-on (SSO).
Answer: D
Explanation: Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them.
Reference: http://en.wikipedia.org/wiki/Single_sign-on
Q3. - (Topic 6)
You are designing an Azure web application.
All users must authenticate by using Active Directory Domain Services (AD DS) credentials.
You need to recommend an approach to enable single sign-on to the application for domain-authenticated users.
Which two actions should you recommend? Each correct answer presents part of the solution.
A. Use Forms authentication to generate claims.
B. Use the SQL membership provider in the web application.
C. Use Windows Identity Foundation in the web application.
D. Use Active Directory Federation Services (AD FS) to generate claims.
Answer: C,D
Reference: What is Windows Identity Foundation?
https://msdn.microsoft.com/en-us/library/ee748475.aspx
Reference: DirSync with Single Sign-On
https://msdn.microsoft.com/en-us/library/azure/dn441213.aspx
Q4. - (Topic 1)
You need to assign permissions for the Virtual Machine workloads that you migrate to Azure.
The solution must use the principal of least privileges.
What should you do?
A. Create all VMs in the cloud service named Groupl and then connect to the Azure
subscription. Run the following Windows PowerShell command:
New-AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName
Contributor -ResourceGroupName group1
B. In the Azure portal, select an individual virtual machine and add an owner.
C. In the Azure portal, assign read permission to the user at the subscription level.
D. Create each VM in a separate cloud service and then connect to the Azure subscription.
Run the following Windows PowerShell command:
Get-AzureVM | New-AzureRoleAssignment -Mail userl@vanarsdelltd.com -
RoleDefinitionName Contributor
Answer: A
Explanation: * Scenario: Permissions must be assigned by using Role Based Access Control (RBAC).
* Role-Based access control (RBAC) in the Azure Portal and Azure Resource Management API allows you to manage access to your subscription at a fine-grained level. With this feature, you can grant access for Active Directory users, groups, or service principals by assigning some roles to them at a particular scope.
Create a role assignment
Use New-AzureRoleAssignment to create a role assignment.
Example: This will create a role assignment for a group at a resource group level.
PS C:\> New-AzureRoleAssignment -ObjectID <group object ID> -RoleDefinitionName
Reader -ResourceGroupName group1
Reference: Managing Role-Based Access Control with Windows PowerShell
https://azure.microsoft.com/en-gb/documentation/articles/role-based-access-control-powershell/
Q5. - (Topic 6)
A company has a very large dataset that includes sensitive information. The dataset is over 30 TB in size.
You have a standard business-class ISP internet connection that is rated at 100 megabits/second.
You have 10 4-TB hard drives that are approved to work with the Azure Import/Export Service.
You need to migrate the dataset to Azure. The solution must meet the following requirements:
The dataset must be transmitted securely to Azure.
Network bandwidth must not increase.
Hardware costs must be minimized.
What should you do?
A. Prepare the drives with the Azure Import/Export tool and then create the import job. Ship the drives to Microsoft via a supported carrier service.
B. Create an export job and then encrypt the data on the drives by using the Advanced Encryption Standard (AES). Create a destination Blob to store the export data.
C. Create an import job and then encrypt the data on the drives by using the Advanced Encryption Standard (AES). Create a destination Blob to store the import data.
D. Prepare the drives by using Sysprep.exe and then create the import job. Ship the drives to Microsoft via a supported carrier service.
Answer: A
Explanation: You can use the Microsoft Azure Import/Export service to transfer large amounts of file data to Azure Blob storage in situations where uploading over the network is prohibitively expensive or not feasible.
Reference: Use the Microsoft Azure Import/Export Service to Transfer Data to Blob Storage
http://azure.microsoft.com/en-gb/documentation/articles/storage-import-export-service/
Q6. - (Topic 5)
You need to recommend the appropriate technology to provide the predictive analytics for passenger pickup.
What should you do?
A. Use Power BI to analyze the traffic data and PowerPivot to categorize the results.
B. Use HDInsight to analyze the traffic data and write a .NET program to categorize the results.
C. Use Machine Learning Studio to create a predictive model and publish the results as a web service.
D. Use Hadoop on-premises to analyze the traffic and produce a report that shows high traffic zones.
Answer: C
Explanation: * Scenario: Predictive Routing:
/ An Azure solution must be used for prediction systems.
/ Predictive analytics must be published as a web service and accessible by using the
REST API.
* Microsoft Azure Machine Learning Studio is a collaborative visual development environment that enables you to build, test, and deploy predictive analytics solutions that operate on your data. The Machine Learning service and development environment is cloud-based, provides compute resource and memory flexibility, and eliminates setup and installation concerns because you work through your web browser.
Reference: What is Azure Machine Learning Studio?
https://azure.microsoft.com/en-us/documentation/articles/machine-learning-what-is-ml-studio/
Q7. - (Topic 6)
You are designing an Azure application that will use a worker role. The worker role will create temporary files.
You need to minimize storage transaction charges.
Where should you create the files?
A. In Azure local storage
B. In Azure Storage page blobs
C. On an Azure Drive
D. In Azure Storage block blobs
Answer: A
Explanation: Local storage is temporary in Azure. So, if the virtual machine supporting your role dies and cannot recover, your local storage is lost! Therefore, Azure developers will tell you, only volatile data should ever be stored in local storage of Azure.
Reference: Windows Azure Local File Storage How To Guide And Warnings
http://www.intertech.com/Blog/windows-azure-local-file-storage-how-to-guide-and-warnings/
Reference: http://blog.codingoutloud.com/2011/06/12/azure-faq-can-i-write-to-the-file-system-on-windows-azure/
Q8. DRAG DROP - (Topic 3)
You need to deploy the virtual machines to Azure.
Which four Azure PowerShell scripts should you run in sequence? To answer, move the appropriate scripts from the list of scripts to the answer area and arrange them in the correct order.
Answer:
Q9. - (Topic 6)
A company has multiple Azure subscriptions. It plans to deploy a large number of virtual machines (VMs) into Azure.
You install the Azure PowerShell module, but you are unable connect to all of the company's Azure subscriptions.
You need to automate the management of the Azure subscriptions.
Which two Azure PowerShell cmdlets should you run?
A. Get-AzurePublishSettingsFile
B. Import-AzurePublishSettingsFile
C. Add-AzureSubscription
D. Import-AzureCertificate
E. Get-AzureCertificate
Answer: A,B
Explanation: Before you start using the Windows Azure cmdlets to automate deployments, you must configure connectivity between the provisioning computer and Windows Azure. You can do this automatically by downloading the PublishSettings file from Windows Azure and importing it.
To download and import publish settings and subscription information . At the Windows PowerShell command prompt, type the following command, and then press Enter. Get-AzurePublishSettingsFile
2.
Sign in to the Windows Azure Management Portal, and then follow the instructions to download your Windows Azure publishing settings. Save the file as a .publishsettings type file to your computer.
3.
In the Windows Azure PowerShell window, at the command prompt, type the following command, and then press Enter. Import-AzurePublishSettingsFile <mysettings>.publishsettings
Reference: How to: Download and Import Publish Settings and Subscription Information
https://msdn.microsoft.com/en-us/library/dn385850%28v=nav.70%29.aspx
Q10. - (Topic 6)
You are designing an Azure development environment. Team members learn Azure development techniques by training in the development environment.
The development environment must auto scale and load balance additional virtual machine (VM) instances.
You need to recommend the most cost-effective compute-instance size that allows team members to work with Azure in the development environment.
What should you recommend?
A. Azure A1 standard VM Instance
B. Azure A2 basic VM Instance
C. Azure A3 basic VM Instance
D. Azure A9 standard VM Instance
Answer: A
Explanation: Azure A1 standard VM Instance would be cheapest with 1 CPU core, 0.75 GB RAM, and 40 GB HD. It would be good enough for training purposes.
Reference: Virtual Machines Pricing, Launch Windows Server and Linux in minutes
http://azure.microsoft.com/en-us/pricing/details/virtual-machines/