70 534

Microsoft 70-534
Architecting Microsoft Azure Solutions

Version: 10.0
Microsoft 70-534 Exam
Topic 1, Adventure Holidays
Background
You work for a company named Adventure Holidays. The company has its headquarters in New
York and two branch offices located in Boston and Dallas.
The company locates and provides holidays providing specialist activities such as mountain
climbing, trekking, sky diving, caving and water sports such as diving and surfing.
Holiday providers from around the world can advertise their holidays on the website. A user can
specify their required activity and location and the website will provide a list of brochures from
holiday providers that can accommodate the requirements. Users can then book their holiday
through the website.
I.T Overview
The company has a single Active Directory forest. Each office is configured as a separate Active
Directory Site in a single domain.
The company has a datacenter in the New York office. The New York datacenter hosts physical
servers and virtual machines (VMs) running on Hyper-V host servers.
Company policy allows employees to use their own mobile devices in the office.
Azure
Adventure Holidays has an Azure subscription. The company has been migrating servers and
applications to the Azure cloud.
Company users use Office 365 and other Software as a Service (SaaS) applications including
Dropbox. Adventure Holidays will use more SaaS applications in the future.
Company employees are authenticated to Azure apps and services using Azure Active Directory.
The company plans to extend their on-premise Active Directory to Azure by using Active Directory
Federated Server (AD FS) for application authentication.
Holiday Reps
Adventure Holidays has employed permanent holiday reps. The permanent holiday reps are
located on-site at several of the most popular adventure holiday destinations.
"Pass Any Exam. Any Time." - www.actualtests.com 2

Holiday Providers
Adventure Holidays uses an Azure service to store holiday brochures and information about the
holiday providers. The table currently used to store the information results in excessive data
transfer rates and slow data access. The number of read/write operations on the table results in a
long queue. Due to poor performance of the current solution, this solution needs to be redesigned.
A mobile service will be created to access the holiday providers information.
App Requirements
Customer App
Adventure Holidays plans to create a mobile app for holiday customers. Customers should be able
to register a profile, browse and book holidays through the app and leave feedback about their
holidays. The solution should save the details of all previous and future customers. The customer
app should use a third-party authentication provider. The Access Control Service should be used
to configure the identity provider.
Holiday Reps App
A second mobile app is required for the on-site holiday reps. The holiday reps app has the
following requirements:
- The app must display information about the holiday provider and the location.
- Holiday reps must be able to download and view the holiday brochure through the app.
- Holiday reps must be alerted to any changes in the holiday activities or itineraries.
- A custom Node.js script will be used to push alerts to the mobile app.
Business Requirements
Adventure Holidays has specified the following business requirements:
- We need to provide access to some Azure applications to holiday providers. The holiday
providers should be able to authenticate by using their Hotmail.com accounts.
- Adventure Holidays does not want to manage user accounts for the holiday providers.
- Some users report having to enter their passwords again when accessing cloud-based
applications. Users must be able to access all applications after logging in to their computers
using their domain credentials.
- The VMs hosted on Azure must be accessible from on-premise servers by using a secure cross-
premise network.
- A group of users named VMAdmins must be able to administer only the VMs that are migrated
to Azure.

- Role Based Access Control (RBAC) must be used to assign access to resources.
QUESTION NO: 1
You need to meet the cross-premise secure network requirement. You need to access the Azure
network from multiple servers in the on-premise environment by using an IPSec VPN.
Which type of network connection should you configure? (Choose the best solution)
A. Site-to-Site virtual network.

B. Multi-site virtual network.
C. ExpressRoute network.
D. Point-to-Site virtual network.
Answer: A
Explanation:
QUESTION NO: 2
You need to improve the performance of the holiday reps app. You want to store the brochures in
an unstructured form that is automatically scalable.
Which Azure storage solution should you recommend?
A. Queue storage
B. Table storage
C. Blob storage
D. Virtual Machine local storage
Answer: C
Explanation:
QUESTION NO: 3
You need to improve the performance of the holiday reps app. You want to store the holiday
provider information in a structured form that is automatically scalable.
Which Azure storage solution should you recommend?

A. Queue storage
B. Table storage
C. Blob storage
D. Virtual Machine local storage
Answer: B
Explanation:
QUESTION NO: 4
You need to recommend a solution for the alerting requirement in the Holiday Reps app.
Which of the following should you recommend?
A. Azure Queue Messaging

B. Azure Mobile Services
C. Azure Scheduler
D. Azure Notification Hub
E. Azure Service Bus Message Queue
Answer: E
Explanation:
QUESTION NO: 5
You need to meet the business requirements for users accessing cloud-based applications without
having to log in again.
Which of the following actions should you perform?
A. You should configure an Azure virtual machine as a domain controller.

B. You should configure SSO (Single Sign-On) with Active Directory Sync.
C. You should configure the cloud-based apps to use Microsoft Account authentication.
D. You should configure a Dynamic Routing Gateway.
Answer: B
Explanation:

QUESTION NO: 6
You need to meet the application authentication requirements for the holiday providers.
Which of the following solutions should you recommend?
A. Enable the use of the Azure Access Control service for the federation provider.
B. Create user accounts in Azure Active Directory for the holiday providers.
C. Create user accounts in the on-premise Active Directory for the holiday providers.
D. Enable the use social identity providers for the federation provider.
Answer: A
Explanation:
QUESTION NO: 7
You need to recommend a solution to synchronize data with the holiday reps app.
Which of the following should you recommend?
A. Azure Active Directory Sync

B. Azure Password Sync
C. Active Directory Federation Services
D. Azure Mobile Services
Answer: D
Explanation:
QUESTION NO: 8
You need to configure a mobile service to access the Holiday Providers solution.
You create a cloud service and a mobile service.
Which of the following should you implement to reduce the number of operations required on the
table that stores the information?

A. Multiple application instances.
B. Multiple web roles.
C. Multiple horizontal data partitions.
D. Multiple vertical data partitions.
E. Entity Group transactions.
Answer: E
Explanation:
QUESTION NO: 9
You need to assign permissions to the VMAdmins group. The solution must meet the business
requirements.
Which two of the following actions should you perform? (Choose two)
A. Create each VM in a separate cloud service.

B. Create all VMs in a single cloud service.
C. Assign the VMAdmins group Contributor permission to the Azure subscription.
D. Assign the VMAdmins group Owner permission on each VM.
E. Assign the VMAdmins group Contributor permission to a resource group.
Answer: B,E
Explanation:
QUESTION NO: 10
You need to configure the VPN solution for the cross-premise network.
Which of the following will need to be configured on Azure?
A. A Dynamic Routing Gateway.

B. A Monitoring Endpoint.
C. A VPN Gateway.
D. An external public IPv6 address.
Answer: C
Explanation:

Topic 2, Mixed Questions
QUESTION NO: 11
You work as a Software Developer at ABC.com. The company uses Azure for hosting Websites,
Web Applications and Virtual Machines.
You plan to develop an image processing application that will be sold to multiple customers. Your
customers use different versions of the .NET runtime. You have designed the application to
perform various functions on images in various formats.
You have received differing business logic requirements from different customers. Some
customers want all the functions in the application while some customers only want a subset of the
functions. The customers have specified different requirements for the user interface.
You plan to create the application as an Azure web application.
How should you deploy the application to meet the customer requirements?
A. You should host multiple applications in a single tenant.

B. You should configure separate worker role instances for each customer in a single tenant.
C. You should configure separate web role instances for each customer in a single tenant.
D. You should separate the web role instances into one tenant and the worker role instances into
another tenant.
E. You should configure a separate tenant for each application.
Answer: E
Explanation:
QUESTION NO: 12
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.

You are developing an application that will be hosted on Azure. The application will be used by
business customers and employees. Application users will connect to a web role and upload
image files to the application. The web role will use the Azure Queue service to pass the image
files to multiple instances of a worker role that will process the files. The files are expected to be
no more than 10 MB in size.
You need to design the application to minimize storage transactions for the files. You plan to
reference the uploaded files from within the queue.
Where should you store the uploaded files?
A. In the Azure Table Service.

B. In local storage on the web role.
C. In local storage on each instance of the worker roles.
D. In the Azure Blob Service.
E. In the Azure Queue Service
Answer: D
Explanation:
QUESTION NO: 13
subscription.
You are developing an application that will be hosted on Azure.
Three web roles will receive requests from application users. The requests will then be processed
by five worker role instances.
You need to configure the Azure Queue service to connect the web roles and worker roles. You
want to minimize the number of Azure Queues in the application.
How many Azure Queues should you create?
A. 1
B. 2
C. 3
D. 6
E. 15

Answer: A
Explanation:
QUESTION NO: 14
You work as a Software Developer at ABC.com. The company uses bespoke applications that are
hosted in on-premise servers or on Microsoft Azure.
You are in the process of migrating applications from on-premise servers to Azure. An application
named App1 is hosted on an on-premise server. You plan to modify App1 to be hosted as an
Azure cloud service. The cloud service will consist of a web role and a worker role. The web role
will send requests to the worker role by using an Azure queue. Every time a request is received, a
temporary file is created by the worker role.
You need to choose a storage location for the temporary files that will minimize the transaction
charges.
Where should you store the temporary files?
A. In an Azure SQL Database

B. In an Azure Table
C. In Azure Blob Storage
D. In the worker role local storage.
Answer: D
Explanation:
QUESTION NO: 15
subscription.
You are developing a web application named WebApp1 to be hosted on Azure. The application
consists of a single worker role that runs in an A3 instance. The worker role stores data in Azure
blob storage.
You need to increase the capacity of WebApp1.

Which of the following scaling options would increase throughput while minimizing application
downtime during the scaling operation?
A. Configure vertical or horizontal partitioning.

B. Configure an A2 instance for the worker role.
C. Configure an A4 instance for the worker role.
D. Configure additional A3 instances of the worker role.
Answer: D
Explanation:
QUESTION NO: 16
You have recently been hired as a software developer at ABC.com.
All company users use a corporate application that is hosted on Azure.
You have been tasked with troubleshooting performance problems with the application.
You determine that the application was written in ASP.NET when the company had just a few
employees. A single Azure web role is used to host a web interface and perform the business
logic for the application. All application data is hosted on Azure in a single Azure SQL database.
Now that the company has many more employees, users are reporting poor performance of the
application. You discover high CPU usage caused by the business logic processing.
You need to recommend a solution to improve the performance of the application.
What configuration change should you recommend?
A. You should recommend vertical partitioning of the SQL database.

B. You should use Azure Table Storage for the application data.
C. You should configure a worker role to run the web interface.
D. You should configure a worker role to run the business logic.
Answer: D
Explanation:

QUESTION NO: 17
subscription.
All company users use a corporate application that is hosted on Azure. The application is hosted
on multiple instances to provide redundancy and performance.
You need to perform some configuration changes and upgrades to the application.
Which two of the following statements are true? (Choose two)
A. You cannot decrease the number of application instances without incurring application
downtime.
B. Modifying a configuration setting in the application will always incur application downtime.
C. Adding an HTTPS endpoint for the web role will always incur application downtime.
D. You can increase the number of application instances without incurring application downtime.
E. You can use the VIP Swap (Virtual IP Swap) deployment method to add an HTTPS endpoint.
Answer: C,D
Explanation:
QUESTION NO: 18
subscription.
You are developing an application that will be used by all company employees. You plan to host
the application on Azure. The employees will use the application to upload work sheets. The
work sheets will then be processed by a remote processing application that runs on an Azure
virtual machine (VM).
After a work sheet file has been uploaded, users can use the application to view or modify the file.
You need to ensure that users cannot modify their work sheet files while the files are being
processed by the processing application. The processing application must have exclusive access
to the files during processing operations. However, users should be able to view the files while
they are being processed.

You need to choose which storage method you should use for the work sheet files. The storage
method must meet the access requirements of the processing application and also provide a
mechanism for rolling back a file to a previous version.
Which of the following storage methods should you use?
A. Azure Blob service

B. Azure SQL database
C. Local storage on a web role instance.
D. Azure Table service
E. Azure Queue service
Answer: A
Explanation:
QUESTION NO: 19
subscription.
You are developing an application that will be used by all company employees to store company
data. The application will be hosted on Azure.
You need to decide which storage system to use to store the data. You are evaluating whether to
use Azure Table Storage or Azure SQL Database.
Which three of the following statements are true? (Choose three)
A. Azure Table storage can store more than 500 GB of data in a single table.
B. Azure SQL Database can store more than 500 GB of data in a single database.
C. Azure Table storage can store up to 2 GB of data in a single row.
D. Azure SQL database can store up to 2 GB of data in a single row.
E. A single query in an Azure SQL database can return a maximum of 1000 rows of data.
F. A single query in an Azure Table can return a maximum of 1000 rows of data.
Answer: A,D,F
Explanation:

QUESTION NO: 20
subscription.
You are developing an application that will be used by all company employees to store company
data. The application will be hosted on Azure.
After evaluating whether to use Azure Table Storage or Azure SQL Database, you decided to use
an Azure SQL Database.
Which of the following are reasons for choosing Azure SQL Database? (Choose all that apply)
A. You can store more data in a SQL Database.

B. You can store more data per row in a SQL Database.
C. Azure SQL Database allows you to define relationships between data stored in different tables
by using foreign keys whereas Azure Table storage does not.
D. Each entity (row) in a SQL Database table can have different properties.
E. A single query in an Azure SQL database can return an unlimited number or rows of data.
Answer: B,C,E
Explanation:
QUESTION NO: 21
subscription.
You have developed a corporate web application that runs several Azure web instances. All
company users use the web application during business hours.
You have created a WebJob that you need to deploy to the web application.
You need to ensure that the WebJob always runs on all running instances of the Azure web
application.
How should you configure the WebJob?
A. You should configure the WebJob as a scheduled WebJob and select the Recurring Job option.

B. You should configure the WebJob as a scheduled WebJob and select Scheduler Region option.
C. You should configure the WebJob as a separate on-demand WebJob for each web application
instance.
D. You should configure the WebJob as a continuous WebJob.
Answer: D
Explanation:
QUESTION NO: 22
subscription.
You have developed a corporate web application that runs several Azure web instances. All
company users use the web application during business hours.
You have configured a WebJob and deployed it to the web application as a continuous WebJob.
You discover that when the web instances are idle outside of business hours, the WebJob does
not run correctly.
You need to ensure that the WebJob always runs on all instances of the Azure web application
even when the web instances are idle outside of business hours.
A. You should configure an availability group for the database.

B. You should configure the WebJob to run as a schedule WebJob.
C. You should configure additional WebJobs.
D. You should configure the AlwaysOn option for the website.
Answer: D
Explanation:
QUESTION NO: 23
You work as a network administrator at ABC.com. The company uses applications that are hosted
on on-premise servers or on Microsoft Azure.
The on-premise applications are hosted on virtual machines (VM) running on Windows Server

2012 Hyper-V Servers.
You are in the process of migrating applications from the on-premise servers to Azure. You want
to migrate an application named App1 to Azure.
The VM that currently hosts App1 has the following configuration:
- 2 CPU cores.
- 2 GB or RAM
- 40 GB virtual hard disk
App1 is not a business critical application and therefore does not require load balancing or auto-
scaling.
You need to select an Azure VM tier to host the App1 VM instance and minimize costs.
Which of the following tiers should you choose?
A. General Purpose Compute, Basic Tier (A Series)

B. General Purpose Compute, Standard Tier (A Series)
C. Optimized Compute (D Series)
D. Performance optimized compute (G Series)
Answer: A
Explanation:
QUESTION NO: 24
You work as a network administrator at ABC.com. The company uses applications that are hosted
on on-premise servers or on Microsoft Azure.
The on-premise applications are hosted on virtual machines (VM) running on Windows Server
2012 Hyper-V Servers.
You are in the process of migrating applications from the on-premise servers to Azure.
You want to migrate an application named CustomerApp to Azure. CustomerApp is used by all
company customers. You have received complaints that the performance of CustomerApp is
getting slower as more customers use the application.

The VM that currently hosts App1 has the following configuration:
- 4 CPU cores.
- 12 GB or RAM
- 200 GB virtual hard disk
You discover that disk I/O is causing the poor performance. You want to improve the performance
of CustomerApp when it is migrated to Azure.
You need to select an Azure VM tier to host CustomerApp.
Which of the following tiers should you choose?
A. General Purpose Compute, Basic Tier (A Series)

B. General Purpose Compute, Standard Tier (A Series)
C. Optimized Compute (D Series)
D. Network optimized (A Series)
Answer: C
Explanation:
QUESTION NO: 25
Your role as Cloud Administrator includes the management of the companys public and private
cloud infrastructure. The company has customers located all over the world.
The company is developing a new web application that will be used by ABC.com customers. The
web application will be hosted on Azure and will serve a large amount of static content.
You need to ensure that customers all over the world can load the web application as quickly as
possible.
A. You should increase the number of web role instances.

B. You should increase the number of worker role instances.
C. You should configure Azure Content Delivery Network (CDN) to cache the static content from
an Azure blob container.
D. You should configure additional endpoints for the web application.
Answer: C

Explanation:
QUESTION NO: 26
You work as a network administrator at ABC.com. The corporate network consists of physical and
virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
You have been asked to deploy virtual machines (VMs) on Azure for company developers to use
as a development environment.
The manager of the Development department has stated the following requirements:
- The development environment must support auto-scaling.

- The development environment must support load balancing between VM instances.
- Each VM in the development environment must have two CPU cores.
- The development environment must minimize costs.
You need to select a compute instance for the VMs to meet the requirements.
Which of the following should you select?
A. Basic Tier A2 VM Instance

B. Basic Tier A3 basic VM Instance
C. Standard Tier A0 standard VM Instance
D. Standard Tier A1 standard VM Instance
E. Standard Tier A2 VM Instance
F. Optimized Compute Tier D2 VM Instance
Answer: D
Explanation:
QUESTION NO: 27
You work as a software developer at ABC.com. The corporate network consists of physical and
A physical server named ABC-AppSrv1 is hosted in the datacenter. ABC-AppSrv1 runs an

application named App1 that is configured as a Windows Communication Foundation (WCF)
service.
App1 must be hosted in the datacenter and is not exposed externally. App1 cannot be rewritten.
You are developing an application named App2 on Azure. App2 needs to access App1.
You need to configure a solution to enable App2 to access App1.
A. You should migrate App1 to Azure.

B. You should configure the firewall to allow external access to App1.
C. You should configure a Service Bus Relay.
D. You should configure a Monitoring Endpoint for App2.
E. You should configure a Monitoring Endpoint for App1.
Answer: C
Explanation:
QUESTION NO: 28
The company has a software development department. A software developer is creating a cloud
service on Azure. The cloud service is accessible using the URL: ABCApp.cloudapp.net.
You want company users to be able to access the cloud service by using the URL:
CorpApp1.ABC.com.
Users must continue to be able to access the cloud service even in the Public Virtual IP (VIP)
address of the cloud service changes.
You need to configure the appropriate DNS record.
Which type of DNS record should you configure?
A. A (Host)

B. CNAME (Alias)
C. TXT (Text)
D. SPF (Sender Policy Framework)
E. SRV (Service Locator)
Answer: B
Explanation:
QUESTION NO: 29
A Hyper-V host server named ABC-HV01 is located in the datacenter. ABC-HV01 hosts a virtual
machine (VM) named ABC-Web01. An application named CorpApp1 is hosted on ABC-Web01
and exposes a web service to the internal network. The web service is not exposed externally.
Client computers on the company network run a client application that connects to the CorpApp1
web service.
Some company users have been issued with Windows 8 tablet devices. The tablet devices have
the client application installed.
The users with tablet devices want to be able to use the client application to connect to the
CorpApp1 web service when they are outside the company network.
Company security policy states that the web service must not be exposed externally.
How can you enable the client application on the tablet devices to access the CorpApp1 web
service externally?
A. By configuring an Azure Web Service to connect to the CorpApp1 web service.

B. By configuring the Azure Service Bus.
C. By configuring Azure Point-to-Site VPNs.
D. By configure Azure Mobile Services.
Answer: B
Explanation:

QUESTION NO: 30
You work as a network administrator at ABC.com. The company has a main office in New York
and branch offices in several countries including UK, Spain, Germany, India and Japan.
The company has a website hosted in Microsoft Azure. The website is named CorpSite and is
accessed using the URL corp.ABC.com. CorpSite is running in a standard hosting plan. The
website contains high resolution graphics, video and audio files.
Users in India and Japan report that it takes a long time to load pages in the website.
You need to reduce the time it takes to load pages in the website.
Which of the following technologies should you implement?
A. Azure Service Bus

B. Azure Traffic Manager
C. Azure Media Services
D. Azure Content Delivery Network
Answer: D
Explanation:
QUESTION NO: 31
and branch offices in several countries including UK, Spain, Germany, India and Japan.
The company has a website hosted in Microsoft Azure. The website is named CorpSite and is
accessed using the URL corp.ABC.com. CorpSite is running in a standard hosting plan. The
website contains high resolution graphics, video and audio files.
You want to improve the responsiveness of the website by directing users to the endpoint with the
lowest network latency from their location.
A. Azure Content Delivery Network

B. Azure Media Services
C. Azure Traffic Manager

D. Azure Service Bus
Answer: C
Explanation:
QUESTION NO: 32
subscription.
You are developing a new corporate website. The website will contain high resolution graphics,
video and audio files and will be viewed by customers on various client devices including Smart
TVs, PCs and mobile devices.
You need to be able to securely upload, store, encode and package video and audio content for
both on-demand and live streaming delivery to the various client devices.
A. Azure Media Services

B. Azure Mobile Services
C. Azure Content Delivery Network
D. Azure Traffic Manager
Answer: A
Explanation:
QUESTION NO: 33
and branch offices in several countries including UK, Spain, Germany, India and Japan. The
company uses Azure to host applications.
You are designing a new corporate application. The application will be accessed by customers all
over the world. The application will consist of several services. The services will be hosted in
different locations in different countries.
You need to plan a mechanism for the geographically dispersed services to communicate with
each other.

Which Azure service is designed to integrate application services that span multiple network
locations?
A. Azure Queues
B. Azure API Management
C. Azure App Service
D. Azure Service Bus Queues
Answer: D
Explanation:
QUESTION NO: 34
The company has a software development department. A software developer is creating a cloud
service on Azure.
You need to enable communications between the servers in the datacenter and the virtual
machines (VMs) running in the Azure cloud service. The communications must be secured by
using IPSec.
Which of the following solutions should you configure?
A. ExpressRoute network
B. Azure Service Bus
C. Site-to-Site virtual network
D. DirectAccess
Answer: C
Explanation:
QUESTION NO: 35
The company has two physical SQL Server 2012 servers in a Windows Failover Cluster. You plan

to migrate the databases from the on-premise SQL cluster to an Azure Infrastructure-as-a-Service
(IaaS) SQL Server.
You use a Windows 8 Pro client computer named ABC-Admin1.
You need to configure a connectivity solution to enable you to connect to the Azure IaaS SQL
Server. The solution must ensure that connections can be made from only ABC-Admin1 and the
on-premise SQL Server cluster. Other computers on the corporate network must not be able to
connect to the Azure IaaS SQL Server.
What should you implement in your connectivity solution?
A. Azure point-to-site VPN

B. Azure Service Bus
C. Azure Content Delivery Network
D. Azure site-to-site VPN
Answer: A
Explanation:
QUESTION NO: 36
The on-premise servers and client computers are managed using System Center 2012 R2
Configuration Manager (SCCM). SCCM is configured as a single primary site.
You want to use SCCM to manage the Azure virtual machines (VMs). The solution must ensure
that network traffic between the on-premise servers and Azure is minimized when collecting
inventory information from the Azure VMs and when deploying software to the Azure VMs. The
solution must minimize costs and complexity.
Which of the following is the best solution?
A. Configure an Azure VM as an SCCM Secondary Site Server.

B. Configure an Azure VM as an SCCM Cloud Distribution Point.
C. Deploy System Center Virtual Machine Manager (VMM) to an Azure VM.
D. Deploy Application Insights on an Azure VM.

Answer: B
Explanation:
QUESTION NO: 37
You work as a Network Administrator at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines. The company has multiple Microsoft Azure subscriptions.
You need to deploy an application that runs on several VMs to Azure.
You use a Windows 8 Pro client computer named ABC-Admin1. You need to configure Windows
PowerShell on ABC-Admin1 to connect to all the Azure subscriptions.
Which of the following PowerShell cmdlet(s) should you run?
A. Add-AzureSubscription
B. Get-AzureDeployment and New-AzureDeployment
C. Get-AzureSubscription and Import-AzureSubscription
D. Get-AzurePublishSettingsFile and Import-AzurePublishSettingsFile
Answer: D
Explanation:
QUESTION NO: 38
Applications and Virtual Machines (VMs). All VMs are in an Azure resource group named
ProductionVMs. A VM named AppVM1 runs an application that is used by company employees.
You need to assign permissions to members of the I.T. team to perform administrative tasks on
Azure.
Company security policy states that all users must have the minimum permissions required to
perform their roles.
An I.T. Technician named Jane needs to be able to manage access to AppVM1.

What permission should you assign to Jane?
A. Read permission to AppVM1.

B. Read permission to ProductionVMs.
C. Contribute permission to AppVM1.
D. Contribute permission to ProductionVMs.
E. Owner permission to AppVM1.
F. Owner permission to ProductionVMs.
Answer: E
Explanation:
QUESTION NO: 39
Azure.
An I.T. Technician named Clive needs to be able to maintain all the Azure VMs.
What permission should you assign to Clive?
A. Read permission to ProductionVMs.

B. Contribute permission to ProductionVMs.
C. Owner permission to ProductionVMs.
D. Read permission to the Azure Subscription.
E. Contribute permission to the Azure Subscription.
F. Owner permission to the Azure Subscription.
Answer: B
Explanation:
QUESTION NO: 40

Azure.
An I.T. Technician named Chloe needs to be able to view and download billing statements and
usage data for Azure.
What permission should you assign to Chloe?
A. Read permission to ProductionVMs.

B. Contribute permission to ProductionVMs.
C. Owner permission to ProductionVMs.
D. Read permission to the Azure Subscription.
E. Contribute permission to the Azure Subscription.
F. Owner permission to the Azure Subscription.
Answer: F
Explanation:
QUESTION NO: 41
You work as a Software Developer at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs).
You are developing a new application that will be hosted on Azure. The application will be used
by customers. The application will be configured to use Azure Access Control Services to allow
customers to log in by using a Microsoft Account, a Google account or a Facebook account.
Which type of token will be presented when users log in to the application?
A. A Mobile Services token.

B. An Identity Provider token.
C. An Access Control Services token.
D. An Azure Active Directory Access token.

Answer: B
Explanation:
QUESTION NO: 42
You are developing a new application that will be hosted on Azure. The application will be used
by customers. The application will be configured to use Azure Access Control Services to allow
customers to log in by using a Microsoft Account, a Google account or a Facebook account.
You need to configure the application to use Azure Control Services.
Which type of trust will be used?
A. Forest trust
B. Kerberos trust
C. One-way domain trust
D. WS-Trust
Answer: D
Explanation:
QUESTION NO: 43
You are developing a corporate website that will be hosted on Azure and a mobile app.
Customers will be able to log in to the corporate website and download the mobile app.
The website and mobile app will allow customers to log in by using a Microsoft Account, a Google
account or a Facebook account.
You create an MVC 5 application.

You need to ensure that all communications with the website are encrypted and that users can log
in to the website or mobile app by using their Microsoft, Google or Facebook accounts.
Which two of the following actions should you perform? (Choose two)
A. Configure an Azure site-to-site VPN.

B. Configure the website to require TLS/SSL.
C. Configure OAuth2 connections to external authentication providers.
D. Install and Active Directory Federation Services on an Azure VM.
E. Configure a Facebook Connector
Answer: B,C
Explanation:
QUESTION NO: 44
You are developing an application that will be hosted on Azure. Users all around the world will
use client applications to connect to the new application. Some client applications will not be
Windows-based clients.
You need to implement a solution to ensure that all client applications can retrieve information
from your application even if the network connection between the client and Azure is unreliable.
A. Azure Service Bus Queue

B. Azure Traffic Manager
C. Azure Queue
D. Azure RemoteApp
Answer: A
Explanation:
QUESTION NO: 45
You work as a Network Administrator at ABC.com. The ABC.com network includes a single Active

Directory Domain Services (AD DS) domain named ABC.com. All on-premise computers are
members of the Active Directory domain.
The company has recently purchased a Microsoft Azure subscription.
You are planning to implement Azure Active Directory and configure Directory Synchronization
with the on-premise Active Directory.
Which of the following statements are true? (Choose all that apply)
A. You can join Azure virtual machines (VMs) to Azure Active Directory.
B. Both the on-premise Active Directory and Azure Active Directory support single sign-on (SSO)
C. You can query the on-premise Active Directory using LDAP (Lightweight Directory Access
Protocol) but not Azure Active Directory.
D. You can query the on-premise Active Directory and the Azure Active Directory using the
GraphAPI.
E. Both the on-premise Active Directory and Azure Active Directory support Kerberos
authentication.
Answer: B,C
Explanation:
QUESTION NO: 46
Your role as Systems Administrator at ABC.com includes the management of the companys
Microsoft Azure subscription.
The company has several websites hosted on Azure Websites. Customer facing websites are
located in a resource group named CustomerSites.
You need to provide a user with the minimum permissions to perform the following actions:
- Upload content to any customer website.

- Access the SCM website administration end point to perform diagnostic and servicing operations
on any customer website.
You need to apply the minimum permissions necessary to perform the required actions.
Which of the following permissions should you grant the user?

A. Read permission to the CustomerSites resource group.
B. Contribute permission to the CustomerSites resource group.
C. Owner permission to the CustomerSites resource group.
D. Read permission to the Azure subscription.
E. Contribute permission to the Azure subscription.
F. Owner permission to the Azure subscription.
Answer: B
Explanation:
QUESTION NO: 47
virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure. An Azure
site-to-site VPN is configured between the datacenter and Azure.
You are planning to migrate services and data from the datacenter to Azure.
A file server contains 37 Terabytes of data that includes sensitive information. You plan to move
the data to Azure Blob Storage.
The datacenter has a 20 Mbps Internet connection.
You need to recommend a solution for migrating the data to Azure. The solution must ensure that
the data is secure during the migration.
Which three of the following actions should you perform? (Choose three)
A. Use the Microsoft Azure Import/Export Tool to copy the data to five 8TB hard drives.
B. Use the Microsoft Azure Import/Export Tool to copy the data to ten 4TB hard drives.
C. Encrypt the data on the drives by using Advanced Encryption Standard (AES).
D. Create an Azure Import Job.
E. Create an Azure Export Job.
F. Copy the data over the VPN.
G. Use an approved carrier service to ship the hard drives to Microsoft.
Answer: B,D,G
Explanation:

QUESTION NO: 48
members of the Active Directory domain. All users log in with domain user accounts.
You install and configure the Azure Active Directory Sync Tool (DirSync) to synchronize accounts
and passwords to Azure Active Directory.
Which two of the following statements are true? (Choose two)
A. After users have logged on to their client computers, they can access Azure cloud services
without having to re-enter their password.
B. After users have logged on to their client computers, access to Azure cloud services is
authenticated against the Azure Active Directory.
C. Password complexity policies configured in the on-premises Active Directory override any
complexity policies configured in Azure Active Directory.
D. If a password expiration policy is defined in the on-premise Active Directory, the password
policy will also apply to Azure Active Directory accounts.
Answer: B,C
Explanation:
QUESTION NO: 49
members of the Active Directory domain. All users log in with domain user accounts.
You install and configure the Azure Active Directory Sync Tool (DirSync) to synchronize accounts

and passwords to Azure Active Directory.
You want to configure Single Sign-on (SSO) to enable users to access Azure cloud services
without having to re-enter their passwords.
Which of the following services do you need to deploy to enable SSO?
A. Azure Access Control Service

B. Active Directory Federation Services
C. Active Directory Lightweight Directory Services
D. Active Directory Rights Management Services
Answer: B
Explanation:
QUESTION NO: 50
You work as a Software Developer at ABC.com. The ABC.com network includes a single on-
premise Active Directory Domain Services (AD DS) domain. All users have user accounts in the
AD DS domain. The company has a Microsoft Azure subscription.
You are creating an application that will be used by all company employees. You plan to host the
application on Azure.
You want to configure the environment to enable users to access the application by using single
sign-on.
What should you do?
A. You should configure the application to use Windows Authentication.

B. You should configure the application to use Basic Authentication.
C. You should configure the application to use tokens from a SAML Identity Provider for
authentication.
D. You should configure the application to use Azure Shared Access Signatures for authentication.
Answer: C
Explanation:

70 534

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

70 534

Caricato da

Copyright:

Formati disponibili

Microsoft 70-534

Architecting Microsoft Azure Solutions

"Pass Any Exam. Any Time." - www.actualtests.com 2

Holiday Reps App

Adventure Holidays has specified the following business requirements:

"Pass Any Exam. Any Time." - www.actualtests.com 3

A. Site-to-Site virtual network.

Which Azure storage solution should you recommend?

Which Azure storage solution should you recommend?

"Pass Any Exam. Any Time." - www.actualtests.com 4

Which of the following should you recommend?

A. Azure Queue Messaging

Which of the following actions should you perform?

A. You should configure an Azure virtual machine as a domain controller.

"Pass Any Exam. Any Time." - www.actualtests.com 5

Which of the following solutions should you recommend?

Which of the following should you recommend?

A. Azure Active Directory Sync

You create a cloud service and a mobile service.

"Pass Any Exam. Any Time." - www.actualtests.com 6

A. Create each VM in a separate cloud service.

Which of the following will need to be configured on Azure?

A. A Dynamic Routing Gateway.

"Pass Any Exam. Any Time." - www.actualtests.com 7

Topic 2, Mixed Questions

You plan to create the application as an Azure web application.

A. You should host multiple applications in a single tenant.

"Pass Any Exam. Any Time." - www.actualtests.com 8

Where should you store the uploaded files?

A. In the Azure Table Service.

You are developing an application that will be hosted on Azure.

How many Azure Queues should you create?

"Pass Any Exam. Any Time." - www.actualtests.com 9

Where should you store the temporary files?

A. In an Azure SQL Database

You need to increase the capacity of WebApp1.

"Pass Any Exam. Any Time." - www.actualtests.com 10

A. Configure vertical or horizontal partitioning.

You have recently been hired as a software developer at ABC.com.

All company users use a corporate application that is hosted on Azure.

You need to recommend a solution to improve the performance of the application.

What configuration change should you recommend?

A. You should recommend vertical partitioning of the SQL database.

"Pass Any Exam. Any Time." - www.actualtests.com 11

Which two of the following statements are true? (Choose two)

"Pass Any Exam. Any Time." - www.actualtests.com 12

Which of the following storage methods should you use?

A. Azure Blob service

Which three of the following statements are true? (Choose three)

"Pass Any Exam. Any Time." - www.actualtests.com 13

A. You can store more data in a SQL Database.

How should you configure the WebJob?

"Pass Any Exam. Any Time." - www.actualtests.com 14

Which of the following actions should you perform?

A. You should configure an availability group for the database.

"Pass Any Exam. Any Time." - www.actualtests.com 15

The VM that currently hosts App1 has the following configuration:

Which of the following tiers should you choose?

A. General Purpose Compute, Basic Tier (A Series)

"Pass Any Exam. Any Time." - www.actualtests.com 16

You need to select an Azure VM tier to host CustomerApp.

Which of the following tiers should you choose?