Q1. - (Topic 6)
You are designing an Azure application. The application includes services hosted in different geographic locations. The service locations may change.
You must minimize the cost of communication between services.
You need to recommend an approach for data transmission between your application and Azure services. The solution must minimize administrative effort.
What should you recommend?
A. Azure Table storage
B. Service Bus
C. Service Management API
D. Azure Queue storage
Answer: B
Explanation: The cost of ACS transactions is insignificant when performing messaging operations against Service Bus queues. Service Bus acquires one ACS token per a single instance of the messaging factory object. The token is then reused until it expires, after about 20 minutes. Therefore, the volume of messaging operations in Service Bus is not directly proportional to the amount of ACS transactions required to support these operations.
Reference: Azure Queues and Service Bus Queues - Compared and Contrasted
https://msdn.microsoft.com/library/azure/hh767287.aspx
Q2. - (Topic 6)
An application currently resides on an on-premises virtual machine that has 2 CPU cores, 4 GB of RAM, 20 GB of hard disk space, and a 10 megabit/second network connection.
You plan to migrate the application to Azure. You have the following requirements:
You must not make changes to the application.
You must minimize the costs for hosting the application.
You need to recommend the appropriate virtual machine instance type.
Which virtual machine tier should you recommend?
A. Network Optimized (A Series)
B. General Purpose Compute, Basic Tier (A Series)
C. General Purpose Compute, Standard Tier (A Series)
D. Optimized Compute (D Series)
Answer: B
Explanation: General purpose compute: Basic tier An economical option for development workloads, test servers, and other applications that don't require load balancing, auto-scaling, or memory-intensive virtual machines.
CPU core range: 1-8 RAM range: 0.75 – 14 GB Disk size: 20-240 GB
Reference: Virtual Machines Pricing. Launch Windows Server and Linux in minutes
http://azure.microsoft.com/en-us/pricing/details/virtual-machines/
Q3. ic 1, VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because the company recognizes that this usage enables employee productivity. Employees also access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix. The company continues to evaluate and adopt more SaaS applications for its business. VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as Multi-Factor Authentication (MFA). Management enjoys the ease with which MFA
can be enabled and disabled for employees who use cloud-based services. VanArsdel's on-premises directory contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email messages to all its employees about the helpdesk group and how to contact it. Configuring employee access for SaaS applications is often a time-consuming task. It is not always obvious to the helpdesk group which users should be given access to which SaaS applications. The helpdesk group must respond to many phone calls and email messages to solve this problem, which takes up valuable time. The helpdesk group is unable to meet the needs of VanArsdel's employees.
However, many employees do not work with the helpdesk group to solve their access problems. Instead, these employees contact their co-workers or managers to find someone who can help them. Also, new employees are not always told to contact the helpdesk group for access problems. Some employees report that they cannot see all the applications in the Access Panel that they have access to. Some employees report that they must re-enter their passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the company is concerned about how to protect corporate assets that are stored on these devices. The company does not have a strategy to ensure that its data is removed from the devices when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company would like to keep track of all its previous, current, and future customers worldwide. A profile system using third-party authentication is required as well as feedback and support sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:
A single account and credentials for both on-premises and cloud applications Certain applications that are hosted both in Azure and on-site must be accessible to both VanArsdel employees and partners
The service level agreement (SLA) for the solution requires an uptime of 99.9%
The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile app has the following requirements:
The app must display partner information.
The app must alert project managers when changes to the partner information occur.
The app must display project information including an image gallery to view pictures of construction projects.
Project managers must be able to access the information remotely and securely.
Security:
VanArsdel must control access to its resources to ensure sensitive services and information are accessible only by authorized users and/or managed devices.
Employees must be able to securely share data, based on corporate policies, with other VanArsdel employees and with partners who are located on construction job sites.
VanArsdel management does NOT want to create and manage user accounts for partners.
Technical Requirements
Architecture:
VanArsdel requires a non-centralized stateless architecture fonts data and services where application, data, and computing power are at the logical extremes of the network.
VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance.
A mobile service that is used to access contractor information must have automatically scalable, structured storage Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
VanArsdel mobile app must authenticate employees to the company's Active Directory.
Event-triggered alerts must be pushed to mobile apps by using a custom Node.js script.
The customer support app should use an identity provider that is configured by using the Access Control Service for current profile registration and authentication.
The customer support team will adopt future identity providers that are configured through Access Control Service.
Security:
Active Directory Federated Server (AD FS) will be used to extend AD into Azure.
Helpdesk administrators must have access to only the groups of Azure resources they are responsible for. Azure administration will be performed by a separate group.
IT administrative overhead must be minimized.
Permissions must be assigned by using Role Based Access Control (RBAC).
Line of business applications must be accessed securely.
1. - (Topic 1)
You need to prepare the implementation of data storage for the contractor information app.
What should you?
A. Create a storage account and implement multiple data partitions.
B. Create a Cloud Service and a Mobile Service. Implement Entity Group transactions.
C. Create a Cloud Service and a Deployment group. Implement Entity Group transactions.
D. Create a Deployment group and a Mobile Service. Implement multiple data partitions.
Answer: B
Explanation:
* Scenario: / VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance. / A mobile service that is used to access contractor information must have automatically scalable, structured storage
* The basic unit of deployment and scale in Azure is the Cloud Service.
Reference: Performing Entity Group Transactions
https://msdn.microsoft.com/en-us/library/azure/dd894038.aspx
Q4. DRAG DROP - (Topic 6)
You need to automate tasks with Azure by using Azure PowerShell workflows.
How should you complete the Azure PowerShell script? To answer, drag the appropriate cmdlet to the correct location. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q5. HOTSPOT - (Topic 4)
You need to recommend strategies for storing data.
Which services should you recommend? To answer, select the appropriate storage technology for each data type in the answer area.
Answer:
Q6. - (Topic 2)
You need to configure the distribution tracking application.
What should you do?
A. Map each role to a single upgrade domain to optimize resource utilization.
B. Design all services as stateless services.
C. Configure operations to queue when a role reaches its capacity.
D. Configure multiple worker roles to run on each virtual machine.
Answer: D
Explanation: * Scenario: distribution tracking application
The system is processor intensive and should be run in a multithreading environment.
Reference: Running multiple workers inside one Windows Azure Worker Role
http://mark.mymonster.nl/2013/01/29/running-multiple-workers-inside-one-windows-azure-worker-role
Q7. DRAG DROP - (Topic 6)
You are the Azure architect for an organization. You are working with C-level management to assign Azure role-based access control roles to a team within the organization. A single
director oversees two teams, a development team and a test team. The director is wholly responsible for the organization's Azure account, including billing, infrastructure, and access control. The director is the only member of the team with the ability to alter access controls.
You have the following requirements:
. Members of the development team must be able to view or alter Azure infrastructure to support application development. . Members of the test team must be able to view Azure infrastructure to support test cases.
You need to assign built-in Azure role-based access control roles to team members within the organization.
Which role should you assign to each team member? To answer, drag the appropriate role to the correct team member. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q8. - (Topic 1)
You are designing a plan to deploy a new application to Azure. The solution must provide a
single sign-on experience for users.
You need to recommend an authentication type.
Which authentication type should you recommend?
A. SAML credential tokens
B. Azure managed access keys
C. Windows Authentication
D. MS-CHAP
Answer: A
Explanation: A Microsoft cloud service administrator who wants to provide their Azure Active Directory (AD) users with sign-on validation can use a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / identity provider. This is useful where the solution implementer already has a user directory and password store on-premises that can be accessed using SAML 2.0. This existing user directory can be used for sign-on to Office 365 and other Azure AD-secured resources.
Reference: Use a SAML 2.0 identity provider to implement single sign-on
https://msdn.microsoft.com/en-us/library/azure/dn641269.aspx?f=255&MSPPError=-2147217396
Q9. - (Topic 1)
You need to design the system that alerts project managers to data changes in the contractor information app.
Which service should you use?
A. Azure Mobile Service
B. Azure Service Bus Message Queueing
C. Azure Queue Messaging
D. Azure Notification Hub
Answer: C
Explanation: * Scenario:
/ Mobile Apps: Event-triggered alerts must be pushed to mobile apps by using a custom
Node.js script.
/ The service level agreement (SLA) for the solution requires an uptime of 99.9%
* If you are already using Azure Storage Blobs or Tables and you start using queues, you are guaranteed 99.9% availability. If you use Blobs or Tables with Service Bus queues, you will have lower availability.
Note: Microsoft Azure supports two types of queue mechanisms: Azure Queues and Service Bus Queues. / Azure Queues, which are part of the Azure storage infrastructure, feature a simple REST-based Get/Put/Peek interface, providing reliable, persistent messaging within and between services. / Service Bus queues are part of a broader Azure messaging infrastructure that supports queuing as well as publish/subscribe, Web service remoting, and integration patterns.
: Azure Queues and Service Bus Queues - Compared and Contrasted
https://msdn.microsoft.com/en-us/library/azure/hh767287.aspx
Q10. - (Topic 6)
You have business services that run on an on-premises mainframe server.
You must provide an intermediary configuration to support existing business services and Azure. The business services cannot be rewritten. The business services are not exposed externally.
You need to recommend an approach for accessing the business services.
What should you recommend?
A. Connect to the on-premises server by using a custom service in Azure.
B. Expose the business services to the Azure Service Bus by using a custom service that uses relay binding.
C. Expose the business services externally.
D. Move all business service functionality to Azure.
Answer: B
Explanation: The Service Bus relay service enables you to build hybrid applications that run in both an Azure datacenter and your own on-premises enterprise environment. The Service Bus relay facilitates this by enabling you to securely expose Windows Communication Foundation (WCF) services that reside within a corporate enterprise network to the public cloud, without having to open a firewall connection, or require intrusive changes to a corporate network infrastructure.
Reference: How to Use the Service Bus Relay Service
http://azure.microsoft.com/en-gb/documentation/articles/service-bus-dotnet-how-to-use-relay/