Q1. You administer an Access Control Service namespace named contosoACS that is used by a web application. ContosoACS currently utilizes Microsoft and Yahoo accounts.
Several users in your organization have Google accounts and would like to access the web application through ContosoACS.
You need to allow users to access the application by using their Google accounts.
What should you do?
A. Register the application directly with Google.
B. Edit the existing Microsoft Account identity provider and update the realm to include Google.
C. Add a new Google identity provider.
D. Add a new WS-Federation identity provider and configure the WS-Federation metadata to point to the Google sign-in URL.
Answer: C
Explanation: Configuring Google as an identity provider eliminates the need to create and manage authentication and identity management mechanism. It helps the end user experience if there are familiar authentication procedures.
Reference: Microsoft Azure, How to: Configure Google as an Identity Provider
URL: http://msdn.microsoft.com/en-us/library/azure/gg185976.aspx
Q2. You manage a cloud service that supports features hosted by two instances of an Azure virtual machine (VM).
You discover that occasional outages cause your service to fail.
You need to minimize the impact of outages to your cloud service.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Deploy a third instance of the VM.
B. Configure Load Balancing on the VMs.
C. Redeploy the VMs to belong to an Affinity Group.
D. Configure the VMs to belong to an Availability Set.
Answer: B,D
Explanation: Adding your virtual machine to an availability set helps your application stay available during network failures, local disk hardware failures, and any planned downtime..
Combine the Azure Load Balancer with an Availability Set to get the most application resiliency. The Azure Load Balancer distributes traffic between multiple virtual machines..
http://azure.microsoft.com/en-gb/documentation/articles/virtual-machines-manage-availability/
Reference: Manage the availability of virtual machines, Understand planned versus unplanned maintenance
Q3. You administer an Azure Storage account named contoso storage. The account has queue containers with logging enabled.
You need to view all log files generated during the month of July 2014.
Which URL should you use to access the list?
A.
http://contosostorage.queue.core.windows.net/$logs? restype=container&comp=list&prefix=queue/2014/07
B.
http://contosostorage.queue.core.windows.net/$files? restype=container&comp=list&prefix=queue/2014/07
C. http://contosostorage.blob.core.windows.net/$files?
restype=container&comp=list&prefix=blob/2014/07
D. http://contosostorage.blob.core.windows.net/$logs? restype=container&comp=list&prefix=blob/2014/07
Answer: A
Explanation: http://msdn.microsoft.com/library/azure/hh343262.aspx
Q4. You manage a cloud service that utilizes an Azure Service Bus queue. You need to ensure that messages that are never consumed are retained. What should you do?
A. Check the MOVE TO THE DEAD-LETTER SUBQUEUE option for Expired Messages in the Azure Portal.
B. From the Azure Management Portal, create a new queue and name it Dead-Letter.
C. Execute the Set-AzureServiceBus PowerShell cmdlet.
D. Execute the New-AzureSchedulerStorageQueueJob PowerShell cmdlet.
Answer: A
Explanation: The EnableDeadLetteringOnMessageExpiration property allows to enable\disable the dead-lettering on message expiration.
Reference: Azure, Managing and Testing Topics, Queues and Relay Services with the Service Bus Explorer Tool
Q5. HOTSPOT
You manage two cloud services named Service1 and Service2. The development team updates the code for each application and notifies you that the services are packaged and ready for deployment.
Each cloud service has specific requirements for deployment according to the following table.
In the table below, identify the deployment method for each service. Make only one selection in each column.
Answer:
Q6. You administer an Azure Active Directory (Azure AD) tenant where Box is configured for: . Application Access . Password Single Sign-on An employee moves to an organizational unit that does not require access to Box through
the Access Panel.
You need to remove only Box from the list of applications only for this user.
What should you do?
A. Delete the user from the Azure AD tenant.
B. Delete the Box Application definition from the Azure AD tenant.
C. From the Management Portal, remove the user's assignment to the application.
D. Disable the user's account in Windows AD.
Answer: C
Explanation: Note: Use Azure AD to manage user access, provision user accounts, and enable single sign-on with Box. Requires an existing Box subscription.
Q7. DRAG DROP
You manage an application hosted on cloud services. The development team creates a new version of the application. The updated application has been packaged and stored in an Azure Storage account.
You have the following requirements:
. Deploy the latest version of the application to production with the least amount of downtime. . Ensure that the updated application can be tested prior to deploying to the Production site. . Ensure that the original version of the application can be restored until the new version is verified.
Which four steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q8. You administer of a set of virtual machine (VM) guests hosted in Hyper-V on Windows Server 2012 R2.
The virtual machines run the following operating systems:
Windows Server 2008 Windows Server 2008 R2 Linux (openSUSE 13.1)
All guests currently are provisioned with one or more network interfaces with static bindings and VHDX disks. You need to move the VMs to Azure Virtual Machines hosted in an Azure subscription.
Which three actions should you perform? Each correct answer presents part of the solution.
A. Install the WALinuxAgent on Linux servers.
B. Ensure that all servers can acquire an IP by means of Dynamic Host Configuration Protocol (DHCP).
C. Upgrade all Windows VMs to Windows Server 2008 R2 or higher.
D. Sysprep all Windows servers.
E. Convert the existing virtual disks to the virtual hard disk (VHD) format.
Answer: A,C,D
Explanation: * A: Azure Linux Agent
This agent is installed on the Linux VM and is responsible to communicate with the Azure Frabric Controller.
* UPLOADING A VIRTUAL MACHINE TO WINDOWS AZURE
Assumption: A Windows Server (2008 R2 or 2012) is created and running as a virtual machine in Hyper-V. (C) Log onto the Windows Server hosted in Hyper-V you’d like to upload to Windows Azure
and open and command prompt (I’m using Windows Server 2012 R2).
Navigate to c:\Windows\System32\Sysprep
Type in sysprep.exe and select enter: (D)
Q9. Your company is launching a public website that allows users to stream videos.
You upload multiple video files to an Azure storage container.
You need to give anonymous users read access to all of the video files in the storage container.
What should you do?
A. Edit each blob's metadata and set the access policy to Public Blob.
B. Edit the container metadata and set the access policy to Public Container.
C. Move the files into a container sub-directory and set the directory access level to Public Blob.
D. Edit the container metadata and set the access policy to Public Blob.
Answer: C
Explanation:
By default, the container is private and can be accessed only by the account owner. To allow public read access to the blobs in the container, but not the container properties and metadata, use the "Public Blob" option. To allow full public read access for the container and blobs, use the "Public Container" option.
Q10. You administer an Azure Storage account named contosostorage. The account has a blob container to store image files.
A user reports being unable to access an image file.
You need to ensure that anonymous users can successfully read image files from the
container.
Which log entry should you use to verify access?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Explanation:
Check for GetBlob and for AnonymousSuccess.
Example: Get Blob AnonymousSuccess:
1.0;2011-07-28T18:52:40.9241789Z;
GetBlob;AnonymousSuccess;200;18;10;anonymous;;sally;blob;"htt
p://
sally.blob.core.windows.net/thumbnails/lake.jpg?timeout=30000";"/sally/thumbnails/lake.jpg
";a84aa705-8a85-48c5-b064-b43bd22979c3;0;123.100.2.10;2009-09-19;252;0;265;100;0;;;"0x8CE1B6EA95033D5";Thursday, 28-Jul-11 18:52:40
GMT;;;;"7/28/2011 6:52:40 PM ba98eb12-700b-4d53-9230-33a3330571fc"
Incorrect:
Not C: Check for AnonymousSuccess not Access.
Not B, not D: Check for GetBlob not GetBlobProperties
nce: Windows Azure Storage Logging: Using Logs to Track Storage Requests
URL: http://blogs.msdn.com/b/windowsazurestorage/archive/2011/08/03/windows-azure-storage-logging-using-logs-to-track-storage-requests.aspx