Q1. You administer a Microsoft Azure SQL Database data base in the US Central region named contosodb. Contosodb runs on a Standard tier within the S1 performance level.
You have multiple business-critical applications that use contosodb.
You need to ensure that you can bring contosodb back online in the event of a natural disaster in the US Central region. You want to achieve this goal with the least amount of downtime.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Upgrade to S2 performance level.
B. Use active geo-replication.
C. Use automated Export.
D. Upgrade to Premium tier.
E. Use point in time restore.
F. Downgrade to Basic tier.
Answer: B,D
Explanation: B: The Active Geo-Replication feature implements a mechanism to provide database redundancy within the same Microsoft Azure region or in different regions (geo-redundancy). One of the primary benefits of Active Geo-Replication is that it provides a database-level disaster recovery solution. Using Active Geo-Replication, you can configure a user database in the Premium service tier to replicate transactions to databases on different Microsoft Azure SQL Database servers within the same or different regions. Cross-region redundancy enables applications to recover from a permanent loss of a datacenter caused by natural disasters, catastrophic human errors, or malicious acts.
D: Active Geo-Replication is available for databases in the Premium service tier only.
Reference: Active Geo-Replication for Azure SQL Database
http://msdn.microsoft.com/en-us/library/azure/dn741339.aspx
Q2. You manage a collection of large video files that is stored in an Azure Storage account.
A user wants access to one of your video files within the next seven days.
You need to allow the user access only to the video file, and then revoke access once the user no longer needs it.
What should you do?
A. Give the user the secondary key for the storage account.
Once the user is done with the file, regenerate the secondary key.
B. Create an Ad-Hoc Shared Access Signature for the Blob resource.
Set the Shared Access Signature to expire in seven days.
C. Create an access policy on the container.
Give the external user a Shared Access Signature for the blob by using the policy.
Once the user is done with the file, delete the policy.
D. Create an access policy on the blob.
Give the external user access by using the policy.
Once the user is done with the file, delete the policy.
Answer: C
Explanation: See 3) below. By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to other clients without sharing your access key, you have the following options for permitting access:
1.You can set a container's permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.
2. You can expose a resource via a shared access signature, which enables you to delegate restricted access to a container, blob, table or queue resource by specifying the interval for which the resources are available and the permissions that a client will have to it.
3. You can use a stored access policy to manage shared access signatures for a container or its blobs, for a queue, or for a table. The stored access policy gives you an additional measure of control over your shared access signatures and also provides a straightforward means to revoke them.
Reference: Manage Access to Azure Storage Resources
Q3. You develop a Windows Store application that has a web service backend.
You plan to use the Azure Active Directory Authentication Library to authenticate users to Azure Active Directory (Azure AD) and access directory data on behalf of the user.
You need to ensure that users can log in to the application by using their Azure AD credentials.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Create a native client application in Azure AD.
B. Configure directory integration.
C. Create a web application in Azure AD.
D. Enable workspace join.
E. Configure an Access Control namespace.
Answer: B,C
Explanation: B: An application that wants to outsource authentication to Azure AD must be
registered in Azure AD, which registers and uniquely identifies the app in the directory.
C (not A): NativeClient-WindowsStore
A Windows Store application that calls a web API that is secured with Azure AD.
Reference: AzureADSamples/NativeClient-WindowsStore Authentication Scenarios for Azure AD, Basics of Authentication in Azure AD http://msdn.microsoft.com/en-us/library/azure/dn499820.aspx#BKMK_Auth https://github.com/AzureADSamples/NativeClient-WindowsStore
Q4. DRAG DROP
You administer two virtual machines (VMs) that are deployed to a cloud service. The VMs are part of a virtual network.
The cloud service monitor and virtual network configuration are configured as shown in the exhibits. (Click the Exhibits button.)
You need to create an internal load balancer named fabLoadBalancer that has a static IP address of 172.16.0.100.
Which value should you use in each parameter of the Power Shell command?
To answer, drag the appropriate value to the correct location in the Power Shell command. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q5. You administer an Azure virtual network named fabrikamVNet.
You need to deploy a virtual machine (VM) and ensure that it is a member of the fabrikamVNet virtual network.
What should you do?
A. Run the New-AzureVM Power Shell cmdlet.
B. Run the New-AzureQuickVM Power Shell cmdlet.
C. Run the New-AzureAfhnityGroup Power Shell cmdlet.
D. Update fabrikamVNet's existing Availability Set.
Answer: B
Explanation: The New-AzureQuickVM cmdlet sets the configuration for a new virtual machine and creates the virtual machine. You can create a new Azure service for the virtual machine by specifying either the Location or AffinityGroup parameters, or deploy the new virtual machine into an existing service.
Reference: New-AzureQuickVM
URL: http://msdn.microsoft.com/en-us/library/dn495183.aspx
Q6. You manage several Azure virtual machines (VMs). You create a custom image to be used by employees on the development team.
You need to ensure that the custom image is available when you deploy new servers.
Which Azure Power Shell cmdlet should you use?
A. Update-AzureVMImage
B. Add-AzureVhd
C. Add-AzureVMImage
D. Update-AzureDisk
E. Add-AzureDataDisk
Answer: C
Explanation: The Add-AzureVMImage cmdlet adds an operating system image to the
image repository. The image should be a generalized operating system image, using either
Sysprep for Windows or, for Linux, using the appropriate tool for the distribution.
Example
This example adds an operating system image to the repository.
Windows PowerShell
C:\PS>Add-AzureVMImage -ImageName imageName -MediaLocation
http://yourstorageaccount.blob.core.azure.com/container/sampleImage.vhd -Label
Reference: Add-AzureVMImage
Q7. You manage an Azure Web Site named contosoweb. Logging is enabled for contosoweb.
You need to view only errors from your log files in a continuous stream as they occur.
Which Windows Power Shell command should you execute?
A. Get-AzureWebSiteLog -Name contosoweb -OutBuffer Error
B. Save-AzureWebSiteLog -Name contosoweb -Output Errors
C. Get-AzureWebSiteLog -Name contosoweb -Tail –Message Error
D. Get-Azure WebSiteLog -Name contosoweb -Message Error
Answer: C
Explanation: Example
This example starts log streaming and show error logs only.
Windows PowerShell
C:\PS>Get-AzureWebsiteLog -Tail -Message Error
Reference: Get-AzureWebsiteLog
URL: http://msdn.microsoft.com/en-us/library/dn495187.aspx
Q8. Your company has a subscription to Azure. You plan to deploy 10 websites. You have the following requirements:
. Each website has at least 15 GB of storage.
. All websites can use azurewebsite.net.
You need to deploy the 10 websites while minimizing costs.
Which web tier plan should you recommend?
A. Free
B. Small Business
C. Standard
D. Basic
Answer: C
Explanation: Standard offers 50 GB of storage space, while Basic only gives 10 GB:
Reference: Websites Pricing Details
URL: http://azure.microsoft.com/en-us/pricing/details/websites/
http://azure.microsoft.com/en-us/documentation/articles/azure-subscription-service-limits/
Q9. HOTSPOT
Your company network has two branch offices. Some employees work remotely, including at public locations. You manage an Azure environment that includes several virtual networks.
All users require access to the virtual networks.
In the table below, identify which secure cross-premise connectivity option is needed for each type of user. Make only one selection in each column.
Answer:
Q10. HOTSPOT
You manage an Azure Service Bus for your company. You plan to enable access to the Azure Service Bus for an application named ContosoLOB.
You need to create a new shared access policy for subscriptions and queues that has the following requirements:
Receives messages from a queue
Deadletters a message
Defers a message for later retrieval
Enumerates subscriptions
Gets subscription description
In the table below, identify the permission you need to assign to ensure that ContosoLOB is able to accomplish the above requirements. Make only one selection in each column.
Answer: