Question #6
HOTSPOT -
You have a virtual machine scale set named SS1.
You configure autoscaling as shown in the following exhibit.
You configure the scale out and scale in rules to have a duration of 10 minutes and a cool down time of 10 minutes.
Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: 20 minutes
Box 2: 9
10 minutes cool down time after the last scale-up plus 10 minutes duration equals 20 minutes.
30%>25%, there won’t be any change
Question #7
HOTSPOT -
You plan to create a storage account and to save the files as shown in the exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: modify the access tier
Box 2: at the lowest storage cost
It’s archive now
Question #8
HOTSPOT -
You need to recommend an Azure Storage account configuration for two applications named Application1 and Application2. The configuration must meet the following requirements:
✑ Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.
✑ Storage for Application2 must provide the lowest possible storage costs per GB.
✑ Storage for both applications must be optimized for uploads and downloads.
✑ Storage for both applications must be available in an event of datacenter failure.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: Premium BlockBlobStorage and ZRS
Box 2: Standard V2, cool tier and RA-GRS
Blob Storage is legacy type, as well as GPv1
https://azure.microsoft.com/en-us/pricing/calculator/
Blob pricing: $0.02 per GB.
V2 RA-GRS pricing: $0.025 per GB
Question #9
Your company has 300 virtual machines hosted in a VMware environment. The virtual machines vary in size and have various utilization levels.
You plan to move all the virtual machines to Azure.
You need to recommend how many and what size Azure virtual machines will be required to move the current workloads to Azure. The solution must minimize administrative effort.
What should you use to make the recommendation?
A. Azure Pricing calculator
B. Azure Cost Management
C. Azure Advisor
D. Azure Migrate
Answer:D
Part of the business's plan to migrate to Azure could be to reduce costs, because moving to the cloud offers cost savings over running your own on-premises estate. After you complete the initial scoping exercise, use the Azure Total Cost of Ownership (TCO) Calculator to estimate the real costs of supporting the project in light of the company's longer-term financial goals.
Question #10
Your company purchases an app named App1.
You plan to run App1 on seven Azure virtual machines in an Availability Set. The number of fault domains is set to 3. The number of update domains is set to 20.
You need to identify how many App1 instances will remain available during a period of planned maintenance.
How many App1 instances should you identify?
A. 1
B. 2
C. 6
D. 7
Answer: C
7 machines for 20 update domains, so 1 machine per domain. 1 domain will be unavailable, so 6 will remain available
Question #11
You have an Azure Storage v2 account named storage1.
You plan to archive data to storage1.
You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data.
Solution: You create an Azure Blob storage container, and you configure a legal hold access policy.
Does this meet the goal?
A. Yes
B. No
Answer: B
Administrators can remove the Legal Hold policy.
Question #12
You have an Azure Storage v2 account named storage1.
You plan to archive data to storage1.
You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data.
Solution: You create a file share and snapshots.
Does this meet the goal?
A. Yes
B. No
Answer: B
Should be time-based retention policy
Question #13
You have an Azure Storage v2 account named storage1.
You plan to archive data to storage1.
You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data.
Solution: You create a file share, and you configure an access policy.
Does this meet the goal?
A. Yes
B. No
Answer: B
Should be time-based retention policy
Question #14
You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux.
You plan to migrate the virtual machines to an Azure subscription.
You need to recommend a solution to replicate the disks of the virtual machines to Azure.
The solution must ensure that the virtual machines remain available during the migration of the disks.
Solution: You recommend implementing an Azure Storage account, and then running AzCopy.
Does this meet the goal?
A. Yes
B. No
Answer: B
AZCopy is for storage files
Azure Migrate is the solution
Question #15
You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux.
You plan to migrate the virtual machines to an Azure subscription.
You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks.
Solution: You recommend implementing an Azure Storage account that has a file service and a blob service, and then using the Data Migration Assistant.
Does this meet the goal?
A. Yes
B. No
Answer: B
Data Migration Assistant is for SQL databases
Question #16
You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux.
You plan to migrate the virtual machines to an Azure subscription.
You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks.
Solution: You recommend implementing a Recovery Services vault, and then using Azure Site Recovery.
Does this meet the goal?
A. Yes
B. No
Answer: A
https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-faq
It meets the goal but not the best solution
Question #17
You are designing a storage solution that will use Azure Blob storage. The data will be stored in a cool access tier or an archive access tier based on the access patterns of the data.
You identify the following types of infrequently accessed data:
✑ Telemetry data: Deleted after two years
✑ Promotional material: Deleted after 14 days
✑ Virtual machine audit data: Deleted after 200 days
A colleague recommends using the archive access tier to store the data.
Which statement accurately describes the recommendation?
A. Storage costs will be based on a minimum of 30 days.
B. Access to the data is guaranteed within five minutes.
C. Access to the data is guaranteed within 30 minutes.
D. Storage costs will be based on a minimum of 180 days.
Answer: D
https://docs.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview
The following table summarizes the features of the Hot, Cool, and Archive access tiers.
Question #18
You are planning to deploy an application named App1 that will run in containers on Azure Kubernetes Service (AKS) clusters. The AKS clusters will be distributed across four Azure regions.
You need to recommend a storage solution for App1. Updated container images must be replicated automatically to all the AKS clusters.
Which storage solution should you recommend?
A. Azure Cache for Redis
B. Azure Content Delivery Network (CDN)
C. Premium SKU Azure Container Registry
D. geo-redundant storage (GRS) accounts
Answer: C
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-skus
Premium registries provide the highest amount of included storage and concurrent operations, enabling high-volume scenarios. In addition to higher image throughput, Premium adds features such as geo-replication for managing a single registry across multiple regions, content trust for image tag signing, private link with private endpoints to restrict access to the registry.
Question #19
You have an on-premises network and an Azure subscription. The on-premises network has several branch offices.
A branch office in Toronto contains a virtual machine named VM1 that is configured as a file server. Users access the shared files on VM1 from all the offices.
You need to recommend a solution to ensure that the users can access the shared files as quickly as possible if the Toronto branch office is inaccessible.
What should you include in the recommendation?
A. an Azure file share and Azure File Sync
B. a Recovery Services vault and Windows Server Backup
C. a Recovery Services vault and Azure Backup
D. Azure blob containers and Azure File Sync
Answer: A
https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide
Question #20
DRAG DROP -
The developers at your company are building a static web app to support users sending text messages. The app must meet the following requirements:
✑ Website latency must be consistent for users in different geographical regions.
✑ Users must be able to authenticate by using Twitter and Facebook.
✑ Code must include only HTML, native JavaScript, and jQuery.
✑ Costs must be minimized.
Which Azure service should you use to complete the architecture? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Answer:
Serves website: Azure CDN
Sends SMS: Azure Functions
https://docs.microsoft.com/en-us/azure/storage/blobs/static-website-content-delivery-network
You can enable Azure Content Delivery Network (CDN) to cache content from a static website that is hosted in an Azure storage account. You can use Azure CDN to configure the custom domain endpoint for your static website, provision custom TLS/SSL certificates, and configure custom rewrite rules.
Question #21
You need to design a highly available Azure SQL database that meets the following requirements:
✑ Failover between replicas of the database must occur without any data loss.
✑ The database must remain available in the event of a zone outage.
✑ Costs must be minimized.
Which deployment option should you use?
A. Azure SQL Database Standard
B. Azure SQL Database Serverless
C. Azure SQL Database Business Critical
D. Azure SQL Database Basic
Answer: C
The goal of the high availability architecture in Azure SQL Database and SQL Managed Instance is to guarantee that your database is up and running minimum of 99.99% of time without worrying about the impact of maintenance operations and outages.
Question #22
You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux.
You plan to migrate the virtual machines to an Azure subscription.
You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks.
Solution: You recommend implementing an Azure Storage account, and then using Azure Migrate.
Does this meet the goal?
A. Yes
B. No
Answer: A
Question #23
The accounting department at your company migrates to a new financial accounting software.
The accounting department must keep file-based database backups for seven years for compliance purposes. It is unlikely that the backups will be used to recover data.
You need to move the backups to Azure. The solution must minimize costs.
Where should you store the backups?
A. Azure Blob storage that uses the Archive tier
B. Azure SQL Database
C. Azure Blob storage that uses the Cool tier
D. a Recovery Services vault
Answer: A
Question #24
Your company has offices in the United States, Europe, Asia, and Australia.
You have an on-premises app named App1 that uses Azure Table storage. Each office hosts a local instance of App1.
You need to upgrade the storage for App1. The solution must meet the following requirements:
✑ Enable simultaneous write operations in multiple Azure regions.
✑ Ensure that write latency is less than 10 ms.
✑ Support indexing on all columns.
Minimize development effort.
Which data platform should you use?
A. Azure SQL Database
B. Azure SQL Managed Instance
C. Azure Cosmos DB
D. Table storage that uses geo-zone-redundant storage (GZRS) replication
Answer: C
https://docs.microsoft.com/en-us/azure/cosmos-db/index-policy
In Azure Cosmos DB, every container has an indexing policy that dictates how the container's items should be indexed. The default indexing policy for newly created containers indexes every property of every item and enforces range indexes for any string or number.
Question #25
You plan to deploy 10 applications to Azure. The applications will be deployed to two Azure Kubernetes Service (AKS) clusters. Each cluster will be deployed to a separate Azure region.
The application deployment must meet the following requirements:
✑ Ensure that the applications remain available if a single AKS cluster fails.
✑ Ensure that the connection traffic over the internet is encrypted by using SSL without having to configure SSL on each container.
Which Azure service should you include in the recommendation?
A. AKS ingress controller
B. Azure Load Balancer
C. Azure Traffic Manager
D. Azure Front Door
Answer: D
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-overview
Azure Front Door is Microsoft’s modern cloud Content Delivery Network (CDN) that provides fast, reliable, and secure access between your users and your applications’ static and dynamic web content across the globe. Azure Front Door delivers your content using the Microsoft’s global edge network with hundreds of global and local POPs distributed around the world close to both your enterprise and consumer end users.
Question #26
You have an Azure web app that uses an Azure key vault named KeyVault1 in the West US Azure region.
You are designing a disaster recovery plan for KeyVault1.
You plan to back up the keys in KeyVault1.
You need to identify to where you can restore the backup.
What should you identify?
A. KeyVault1 only
B. the same region only
C. the same geography only
D. any region worldwide
Answer: C
https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidance
The contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets.
Question #27
You plan to archive 10 TB of on-premises data files to Azure.
You need to recommend a data archival solution. The solution must minimize the cost of storing the data files.
Which Azure Storage account type should you include in the recommendation?
A. Standard StorageV2 (general purpose v2)
B. Standard Storage (general purpose v1)
C. Premium StorageV2 (general purpose v2)
D. Premium Storage (general purpose v1)
Answer: A
V2 is recommanded
Question #28
Your network contains an on-premises Active Directory domain. The domain contains the Hyper-V clusters shown in the following table.
You plan to implement Azure Site Recovery to protect six virtual machines running on Cluster1 and three virtual machines running on Cluster2. Virtual machines are running on all Cluster1 and Cluster2 nodes.
You need to identify the minimum number of Azure Site Recovery Providers that must be installed on premises.
How many Providers should you identify?
A. 1
B. 7
C. 9
D. 16
Answer:B
https://docs.microsoft.com/en-us/azure/site-recovery/hyper-v-azure-architecture
During Site Recovery deployment, you gather Hyper-V hosts and clusters into Hyper-V sites. You install the Azure Site Recovery Provider and Recovery Services agent on each standalone Hyper-V host, or on each Hyper-V cluster node.
Question #29
You plan to move a web application named App1 from an on-premises data center to Azure.
App1 depends on a custom COM component that is installed on the host server.
You need to recommend a solution to host App1 in Azure. The solution must meet the following requirements:
✑ App1 must be available to users if an Azure data center becomes unavailable.
✑ Costs must be minimized.
What should you include in the recommendation?
A. In two Azure regions, deploy a load balancer and a virtual machine scale set.
B. In two Azure regions, deploy a Traffic Manager profile and a web app.
C. In two Azure regions, deploy a load balancer and a web app.
D. Deploy a load balancer and a virtual machine scale set across two availability zones.
Answer: D
Datacenter becomes unavailable -> No need 2 regions
Question #30
HOTSPOT -
Your company has two on-premises sites in New York and Los Angeles and Azure virtual networks in the East US Azure region and the West US Azure region.
Each on-premises site has Azure ExpressRoute Global Reach circuits to both regions.
You need to recommend a solution that meets the following requirements:
✑ Outbound traffic to the Internet from workloads hosted on the virtual networks must be routed through the closest available on-premises site.
✑ If an on-premises site fails, traffic from the workloads on the virtual networks to the Internet must reroute automatically to the other site.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: BGP
Box 2: BGP
https://docs.microsoft.com/en-us/azure/vpn-gateway/bgp-howto
BGP is the standard routing protocol commonly used in the Internet to exchange routing and reachability information between two or more networks. BGP enables the Azure VPN gateways and your on-premises VPN devices, called BGP peers or neighbors, to exchange "routes" that will inform both gateways on the availability and reachability for those prefixes to go through the gateways or routers involved. BGP can also enable transit routing among multiple networks by propagating routes a BGP gateway learns from one BGP peer to all other BGP peers.
User-defined routes are used to redirect traffic from the virtual appliance to other Azure Services (not to go out on internet)
Topic 5
Question #1
You need to design a solution that will execute custom C# code in response to an event routed to Azure Event Grid. The solution must meet the following requirements:
✑ The executed code must be able to access the private IP address of a Microsoft SQL Server instance that runs on an Azure virtual machine.
✑ Costs must be minimized.
What should you include in the solution?
A. Azure Logic Apps in the integrated service environment
B. Azure Functions in the Dedicated plan and the Basic Azure App Service plan
C. Azure Logic Apps in the Consumption plan
D. Azure Functions in the Consumption plan
Answer: B
https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale#networking-features
https://docs.microsoft.com/en-us/azure/app-service/overview-vnet-integration
Need Vnet Integration
Question #2
The developers at your company are building a containerized Python Django app.
You need to recommend platform to host the app. The solution must meet the following requirements:
✑ Support autoscaling.
✑ Support continuous deployment from an Azure Container Registry.
✑ Provide built-in functionality to authenticate app users by using Azure Active Directory (Azure AD).
Which platform should you include in the recommendation?
A. Azure Container instances
B. an Azure App Service instance that uses containers
C. Azure Kubernetes Service (AKS)
Answer: B
AKS didn't have built-in integration with AAD
Question #3
You have an on-premises network to which you deploy a virtual appliance.
You plan to deploy several Azure virtual machines and connect the on-premises network to Azure by using a Site-to-Site connection.
All network traffic that will be directed from the Azure virtual machines to a specific subnet must flow through the virtual appliance.
You need to recommend solutions to manage network traffic.
Which two options should you recommend? Each correct answer presents a complete solution.
A. Configure Azure Traffic Manager.
B. Implement Azure ExpressRoute.
C. Configure a routing table.
D. Implement an Azure virtual network.
Answer:BC
Each correct answer presents a complete solution, D is not a complete solution
Question #4
You are developing a sales application that will contain several Azure cloud services and will handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using REST messages.
What should you include in the recommendation?
A. Azure Service Bus
B. Azure Data Lake
C. Azure Traffic Manager
D. Azure Application Gateway
Answer: A
Asynchronously communicate
Question #5
You are designing a message application that will run on an on-premises Ubuntu virtual machine. The application will use Azure Storage queues.
You need to recommend a processing solution for the application to interact with the storage queues. The solution must meet the following requirements:
✑ Create and delete queues daily.
✑ Be scheduled by using a CRON job.
✑ Upload messages every five minutes.
What should developers use to interact with the queues?
A. Azure CLI
B. AzCopy
C. Azure Data Factory
D. .NET Core
Answer:D
Data Factory can't be scheduloed by CRON
Azure Cli and .NET core both work.
But .NET core is recommended in this case, especially for the "every 5 minutes" requirement. No easy way to do it in Azure cli but very doable in .NET core.
Question #6
You have a .NET web service named Service1 that has the following requirements:
✑ Must read and write temporary files to the local file system.
✑ Must write to the Application event log.
You need to recommend a solution to host Service1 in Azure. The solution must meet the following requirements:
✑ Minimize maintenance overhead.
✑ Minimize costs.
What should you include in the recommendation?
A. an App Service Environment
B. an Azure web app
C. an Azure virtual machine scale set
D. an Azure function
Answer: B
https://docs.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs
Question #7
You are designing a microservices architecture that will support a web application.
The solution must meet the following requirements:
✑ Allow independent upgrades to each microservice.
✑ Deploy the solution on-premises and to Azure.
✑ Set policies for performing automatic repairs to the microservices.
✑ Support low-latency and hyper-scale operations.
You need to recommend a technology.
A. Azure Container Instance
B. Azure Virtual Machine Scale Set
C. Azure Service Fabric
D. Azure Logic App
Answer: C
https://azure.microsoft.com/en-us/services/service-fabric/#overview
Focus on building applications and business logic, and let Azure solve the hard distributed systems problems such as reliability, scalability, management, and latency. Service Fabric is an open source project and it powers core Azure infrastructure as well as other Microsoft services such as Skype for Business, Intune, Azure Event Hubs, Azure Data Factory, Azure Cosmos DB, Azure SQL Database, Dynamics 365, and Cortana. Designed to deliver highly available and durable services at cloud-scale, Azure Service Fabric intrinsically understands the available infrastructure and resource needs of applications, enabling automatic scale, rolling upgrades, and self-healing from faults when they occur.
Question #8
Your company has the infrastructure shown in the following table.
The on-premises Active Directory domain syncs to Azure Active Directory (Azure AD).
Server1 runs an application named App1 that uses LDAP queries to verify user identities in the on-premises Active Directory domain.
You plan to migrate Server1 to a virtual machine in Subscription1.
A company security policy states that the virtual machines and services deployed to Subscription1 must be prevented from accessing the on-premises network.
You need to recommend a solution to ensure that App1 continues to function after the migration. The solution must meet the security policy.
What should you include in the recommendation?
A. Azure AD Application Proxy
B. an Azure VPN gateway
C. Azure AD Domain Services (Azure AD DS)
D. the Active Directory Domain Services role on a virtual machine
Answer: C
https://docs.microsoft.com/es-es/azure/active-directory-domain-services/overview
Question #9
HOTSPOT -
Your company deploys an Azure App Service Web App.
During testing the application fails under load. The application cannot handle more than 100 concurrent user sessions.
You enable the Always On feature.
You also configure auto-scaling to increase instance counts from two to 10 based on HTTP queue length.
You need to improve the performance of the application.
Which solution should you use for each application scenario? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: CDN
Box 2: Azure Redis Cache
https://docs.microsoft.com/en-us/azure/azure-cache-for-redis/cache-overview
Azure Cache for Redis provides an in-memory data store based on the Redis software. Redis improves the performance and scalability of an application that uses backend data stores heavily. It's able to process large volumes of application requests by keeping frequently accessed data in the server memory, which can be written to and read from quickly. Redis brings a critical low-latency and high-throughput data storage solution to modern applications.
Question #10
You use Azure virtual machines to run a custom application that uses an Azure SQL Database instance on the back end.
The IT department at your company recently enabled forced tunnelling.
Since the configuration change, developers have noticed degraded performance when they access the database from the Azure virtual machine.
You need to recommend a solution to minimize latency when accessing the database. The solution must minimize costs.
What should you include in the recommendation?
A. Virtual Network (VNET) service endpoints
B. Azure virtual machines that run Microsoft SQL Server servers
C. Azure SQL Database Managed Instance
D. Always On availability groups
Answer: A
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
Question #11
DRAG DROP -
You are planning an Azure solution that will host production databases for a high-performance application. The solution will include the following components:
✑ Two virtual machines that will run Microsoft SQL Server 2016, will be deployed to different data centers in the same Azure region, and will be part of an Always On availability group
✑ SQL Server data that will be backed up by using the Automated Backup feature of the SQL Server IaaS Agent Extension (SQLIaaSExtension)
You identify the storage priorities for various data types as shown in the following table.
Which storage type should you recommend for each data type?
To answer, drag the appropriate storage types to the correct data types. Each storage type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Answer:
Box 1: A premium managed disk
Box 2: A premium managed disk
Box 3: A locally-redundant storage(LRS) account
Automated backup uses Azure Blob Storage.
Question #12
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using the Regulatory compliance dashboard in Azure Security Center.
Does this meet the goal?
A. Yes
B. No
Answer:B
Should be Azure Policy
Question #13
You have an application that sends events to an Azure event hub by using HTTP requests over the internet.
You plan to increase the number of application instances.
You need to recommend a solution to reduce the overhead associated with sending events to the hub.
What should you recommend?
A. Configure the application to send events by using the AMQP protocol
B. Reduce the retention period of the event hub.
C. Replace the event hub with an Azure Service Bus instance.
D. Configure the application to send events by using the HTTPS protocol.
Answer:A
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-amqp-protocol-guide
AMQP is a framing and transfer protocol. Framing means that it provides structure for binary data streams that flow in either direction of a network connection. The structure provides delineation for distinct blocks of data, called frames, to be exchanged between the connected parties. The transfer capabilities make sure that both communicating parties can establish a shared understanding about when frames shall be transferred, and when transfers shall be considered complete.
Question #14
HOTSPOT -
Your company develops a web service that is deployed to an Azure virtual machine named VM1. The web service allows an API to access real-time data from
VM1.
The current virtual machine deployment is shown in the Deployment exhibit. (Click the Deployment tab).
The chief technology officer (CTO) sends you the following email message: `Our developers have deployed the web service to a virtual machine named VM1.
Testing has shown that the API is accessible from VM1 and VM2. Our partners must be able to connect to the API over the Internet. Partners will use this data in applications that they develop.`
You deploy an Azure API Management (APIM) service. The relevant API Management configuration is shown in the API exhibit. (Click the API tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer: Yes, Yes, No
1. Yes - Because we are using an APIM, deployed to a VNET but configured to be "External"
2. Yes - Because the APIM is deployed in the same vNET as VM1 just in a different subnet. Communication between subnets are enabled by default and there is no mention of otherwise.
3. No - No VPN required because the APIM is accessible from the internet by virtue of it being configured as "External"
Question #15
DRAG DROP -
You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server 2016 and Linux.
You need to use Azure Monitor to design an alerting strategy for security-related events.
Which Azure Monitor Logs tables should you query? To answer, drag the appropriate tables to the correct log types. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Answer:
Windows : Event.
Linux : Syslog
Question #16
DRAG DROP -
You are designing a network connectivity strategy for a new Azure subscription. You identify the following requirements:
✑ The Azure virtual machines on a subnet named Subnet1 must be accessible only from the computers in your London office.
✑ Engineers require access to the Azure virtual machines on a subnet named Subnet2 over the Internet on a specific TCP/IP management port.
✑ The Azure virtual machines in the West Europe Azure region must be able to communicate on all ports to the Azure virtual machines in the North Europe Azure region.
✑ Azure virtual machines on Subnet1 and Subnet2 have public IP addresses.
You need to recommend which components must be used to meet the requirements. The solution must minimize costs and administrative effort whenever possible.
What should you include in the recommendation? To answer, drag the appropriate components to the correct requirements. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Answer:
Box 1: NSG
Box 2: NSG
Box 3: Network Peering
For 1, Subnet1 and Subnet2 have public ip, so site-to-site VPN is not a solution for Box 1
For 2, since it is TCP/IP, we need Layer4, so NSG is one of the means
For 3, Azure to Azure, Vnet peering is enough.
Question #17
You are designing a container solution in Azure that will include two containers.
One container will host a web API that will be available to the public.
The other container will perform health monitoring of the web API and will remain private.
The two containers will be deployed together as a group.
You need to recommend a compute service for the containers. The solution must minimize costs and maintenance overhead.
What should you include in the recommendation?
A. Azure Service Fabric
B. Azure Kubernetes Service (AKS)
C. Azure Container Instances
D. Azure Container registries
Answer:C
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-container-groups
A container group is a collection of containers that get scheduled on the same host machine. The containers in a container group share a lifecycle, resources, local network, and storage volumes.
Question #18
You plan to run an image rendering workload in Azure. The workload uses parallel compute processes.
What is the best service to use to run the workload? More than one answer choice may achieve the goal. Select the BEST answer.
A. an Azure virtual machine scale set
B. Azure Function App
C. Azure Kubernetes Service (AKS)
D. Azure Batch
Answer: D
https://docs.microsoft.com/en-us/azure/batch/batch-technical-overview
Developers can use Batch as a platform service to build SaaS applications or client apps where large-scale execution is required. For example, you can build a service with Batch to run a Monte Carlo risk simulation for a financial services company, or a service to process many images.
Question #19
You are designing a microservices architecture that will use Azure Kubernetes Service (AKS) to host pods that run containers. Each pod deployment will host a separate API. Each API will be implemented as a separate service.
You need to recommend a solution to make the APIs available to external users from Azure API Management. The solution must meet the following requirements:
✑ Control access to the APIs by using mutual TLS authentication between API Management and the AKS-based APIs.
✑ Provide access to the APIs by using a single IP address.
What should you recommend to provide access to the APIs?
A. the LoadBalancer service in AKS
B. custom network security groups (NSGs)
C. the Ingress Controller in AKS
Answer: C
https://docs.microsoft.com/en-us/azure/aks/ingress-basic?tabs=azure-cli
An ingress controller is a piece of software that provides reverse proxy, configurable traffic routing, and TLS termination for Kubernetes services. Kubernetes ingress resources are used to configure the ingress rules and routes for individual Kubernetes services. When you use an ingress controller and ingress rules, a single IP address can be used to route traffic to multiple services in a Kubernetes cluster.
Question #20
HOTSPOT -
You are designing a cost-optimized solution that uses Azure Batch to run two types of jobs on Linux nodes.
The first job type will consist of short-running tasks for a development environment.
The second job type will consist of long-running Message Passing Interface (MPI) applications for a production environment that requires timely job completion.
You need to recommend the pool type and node type for each job type. The solution must minimize compute charges and leverage Azure Hybrid Benefit whenever possible.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: User subscription and dedicated virtual machines
Box 2: Batch service and dedicated virtual machines
https://docs.microsoft.com/en-us/azure/batch/batch-spot-vms
Low-priority only support Batch-managed Batch accounts
The best of box 1 should be Batch service and low-priority virtual machines. It may update the answers in the exam
Question #21
Your company has an on-premises Windows HPC cluster. The cluster runs a parallel, compute-intensive workload that performs financial risk modelling.
You plan to migrate the workload to Azure Batch.
You need to design a solution that will support the workload. The solution must meet the following requirements:
✑ Support the large-scale parallel execution of Azure Batch jobs.
✑ Minimize cost.
What should you include in the solution?
A. burstable virtual machines
B. low-priority virtual machines
C. Azure virtual machine sizes that support the Message Passing Interface (MPI) API
D. Basic A-series virtual machines
Answer:B
Question #22
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using an Azure policy to enforce the resource group location.
Does this meet the goal?
A. Yes
B. No
Answer: B
Resource group location is a logic group
Question #23
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend creating resource groups based on locations and implementing resource locks on the resource groups.
Does this meet the goal?
A. Yes
B. No
Answer:B
Question #24
You deploy two instances of an Azure web app. One instance is in the East US Azure region and the other instance is in the West US Azure region. The web app uses Azure Blob storage to deliver large files to end users.
You need to recommend a solution for delivering the files to the users. The solution must meet the following requirements:
✑ Ensure that the users receive files from the same region as the web app that they access.
✑ Ensure that the files only need to be uploaded once.
✑ Minimize costs.
What should you include in the recommendation?
A. Distributed File System (DFS)
B. read-access geo-redundant storage (RA-GRS)
C. Azure File Sync
D. geo-redundant storage (GRS)
Answer: B
GRS only allows to be read in the secondary zone in the even of a failover from the primary to secondary while RA GRS allows the option to read in the secondary whenever.
Question #25
You are developing a web application that provides streaming video to users. You configure the application to use continuous integration and deployment.
The app must be highly available and provide a continuous streaming experience for users.
You need to recommend a solution that allows the application to store data in a geographical location that is closest to the user.
What should you recommend?
A. Azure Content Delivery Network (CDN)
B. Azure Redis Cache
C. Azure App Service Web Apps
D. Azure App Service Isolated
Answer: A
https://docs.microsoft.com/en-us/azure/cdn/cdn-overview
Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes across the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs. For example, route optimization to bypass Border Gateway Protocol (BGP).
Question #26
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
✑ Provide access to the full .NET framework.
✑ Provide redundancy if an Azure region fails.
✑ Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy a virtual machine scale set that uses autoscaling.
Does this meet the goal?
A. Yes
B. No
Answer: B
VMSS only support 1 region
Question #27
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
✑ Provide access to the full .NET framework.
✑ Provide redundancy if an Azure region fails.
✑ Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy two Azure virtual machines to two Azure regions, and you deploy an Azure Application Gateway.
Does this meet the goal?
A. Yes
B. No
Answer: B
Azure Application Gateway is for 1 region, need Traffic Manager
Question #28
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements:
✑ Support rate limiting.
✑ Balance requests between all instances.
✑ Ensure that users can access the app in the event of a regional outage.
Solution: You use Azure Front Door to provide access to the app.
Does this meet the goal?
A. Yes
B. No
Answer: A
The Azure Web Application Firewall (WAF) rate limit rule for Azure Front Door controls the number of requests allowed from a particular client IP address to the application during a rate limit duration.
Question #29
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements:
✑ Support rate limiting.
✑ Balance requests between all instances.
✑ Ensure that users can access the app in the event of a regional outage.
Solution: You use Azure Load Balancer to provide access to the app.
Does this meet the goal?
A. Yes
B. No
Answer: B
Question #30
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements:
✑ Support rate limiting.
✑ Balance requests between all instances.
✑ Ensure that users can access the app in the event of a regional outage.
Solution: You use Azure Traffic Manager to provide access to the app.
Does this meet the goal?
A. Yes
B. No
Answer: B
Question #31
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
✑ Provide access to the full .NET framework.
✑ Provide redundancy if an Azure region fails.
✑ Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy two Azure virtual machines to two Azure regions, and you create a Traffic Manager profile.
Does this meet the goal?
A. Yes
B. No
Answer: A
Question #32
HOTSPOT -
You plan to deploy a network-intensive application to several Azure virtual machines.
You need to recommend a solution that meets the following requirements:
✑ Minimizes the use of the virtual machine processors to transfer data
✑ Minimizes network latency
Which virtual machine size and feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: HPC H16R
Box 2: RDMA
https://docs.microsoft.com/en-us/azure/virtual-machines/sizes
F series: High CPU-to-memory ratio. Good for medium traffic web servers, network appliances, batch processes, and application servers.
HPC series: Our fastest and most powerful CPU virtual machines with optional high-throughput network interfaces (RDMA).
Question #33
You need to recommend a solution to deploy containers that run an application. The application has two tiers. Each tier is implemented as a separate Docker
Linux-based image. The solution must meet the following requirements:
✑ The front-end tier must be accessible by using a public IP address on port 80.
✑ The backend tier must be accessible by using port 8080 from the front-end tier only.
✑ Both containers must be able to access the same Azure file share.
✑ If a container fails, the application must restart automatically.
✑ Costs must be minimized.
What should you recommend using to host the application?
A. Azure Kubernetes Service (AKS)
B. Azure Service Fabric
C. Azure Container instances
Answer: C
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-container-groups
Question #34
You architect a solution that calculates 3D geometry from height-map data.
You have the following requirements:
✑ Perform calculations in Azure.
✑ Each node must communicate data to every other node.
✑ Maximize the number of nodes to calculate multiple scenes as fast as possible.
✑ Require the least amount of effort to implement.
You need to recommend a solution.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Create a render farm that uses Azure Batch.
B. Create a render farm that uses virtual machines (VMs).
C. Enable parallel task execution on compute nodes.
D. Create a render farm that uses virtual machine (VM) scale sets.
E. Enable parallel file systems on Azure.
Answer: AC
https://docs.microsoft.com/en-us/azure/batch/batch-parallel-node-tasks
Run tasks concurrently to maximize usage of Batch compute nodes
Question #35
You are developing a sales application that will contain several Azure cloud services and will handle different components of a transaction.
Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using REST messages.
What should you include in the recommendation?
A. Azure Service Fabric
B. Azure Blob storage
C. Azure Queue storage
D. Azure Traffic Manager
Answer: C
https://docs.microsoft.com/en-us/azure/storage/queues/storage-queues-introduction
Azure Queue Storage is a service for storing large numbers of messages. You access messages from anywhere in the world via authenticated calls using HTTP or HTTPS. A queue message can be up to 64 KB in size. A queue may contain millions of messages, up to the total capacity limit of a storage account. Queues are commonly used to create a backlog of work to process asynchronously.
Question #36
You are designing a solution that will include containerized applications running in an Azure Kubernetes Service (AKS) cluster.
You need to recommend a load balancing solution for HTTPS traffic. The solution must meet the following requirements:
✑ Automatically configure load balancing rules as the applications are deployed to the cluster.
✑ Support Azure Web Application Firewall (WAF).
✑ Support cookie-based affinity.
✑ Support URL routing.
What should you include the recommendation?
A. an NGINX ingress controller
B. Application Gateway Ingress Controller (AGIC)
C. an HTTP application routing ingress controller
D. the Kubernetes load balancer service
Answer: B
https://docs.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview
AGIC is configured via the Kubernetes Ingress resource, along with Service and Deployments/Pods. It provides a number of features, leveraging Azure’s native Application Gateway L7 load balancer. To name a few:
URL routing
Cookie-based affinity
TLS termination
End-to-end TLS
Support for public, private, and hybrid web sites
Integrated web application firewall
Question #37
You plan to deploy an Azure App Service web app that will have multiple instances across multiple Azure regions.
You need to recommend a load balancing service for the planned deployment. The solution must meet the following requirements:
✑ Maintain access to the app in the event of a regional outage.
✑ Support Azure Web Application Firewall (WAF).
✑ Support cookie-based affinity.
✑ Support URL routing.
What should you include in the recommendation?
A. Azure Front Door
B. Azure Load Balancer
C. Azure Traffic Manager
D. Azure Application Gateway
Answer: A
URL routing is Front Door,
DNS based routing is Traffic Manager.
Question #38
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
✑ Provide access to the full .NET framework.
✑ Provide redundancy if an Azure region fails.
✑ Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy a web app in an Isolated App Service plan.
Does this meet the goal?
A. Yes
B. No
Answer: B
Single App Service would not meet region failure requirements
Question #39
Your company plans to publish APIs for its services by using Azure API Management.
You discover that service responses include the AspNet-Version header.
You need to recommend a solution to remove AspNet-Version from the response of the published APIs.
What should you include in the recommendation?
A. a new product
B. a modification to the URL scheme
C. a new policy
Answer: C
https://docs.microsoft.com/en-us/azure/api-management/transform-api#set-the-transformation-policy
Under Name, enter X-AspNet-Version. Under Action, select delete.
Question #40
You have an Azure subscription that contains a storage account.
An application sometimes writes duplicate files to the storage account.
You have a PowerShell script that identifies and deletes duplicate files in the storage account. Currently, the script is run manually after approval from the operations manager.
You need to recommend a serverless solution that performs the following actions:
✑ Runs the script once an hour to identify whether duplicate files exist
✑ Sends an email notification to the operations manager requesting approval to delete the duplicate files
✑ Processes an email response from the operations manager specifying whether the deletion was approved
✑ Runs the script if the deletion was approved
What should you include in the recommendation?
A. Azure Logic Apps and Azure Functions
B. Azure Pipelines and Azure Service Fabric
C. Azure Logic Apps and Azure Event Grid
D. Azure Functions and Azure Batch
Answer: A
Question #41
DRAG DROP -
You have an on-premises network that uses an IP address space of 172.16.0.0/16.
You plan to deploy 25 virtual machines to a new Azure subscription.
You identify the following technical requirements:
✑ All Azure virtual machines must be placed on the same subnet named Subnet1.
✑ All the Azure virtual machines must be able to communicate with all on-premises servers.
✑ The servers must be able to communicate between the on-premises network and Azure by using a site-to-site VPN.
You need to recommend a subnet design that meets the technical requirements.
What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnets. Each network address may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Answer:
Box 1: 192.168.0.0/24
Box 2: 192.168.1.0/28
1) The range for the new subnet can't overlap the on-premise subnet range. The on-premise network is 172.16.0.0/16, that is from 172.16.0.1 to 172.16.255.255, so the answers 172.16.0.0/16 and 172.16.1.0/28 are not valid (overlap with on-premise subnet)
2) the range 192.168.1.0/28 is from 192.168.1.1 to 192.168.1.15, only 16 ips and we need 25 IPs, so the only valid answer for subnet1 is 192.168.0.0/24
3) the range for the gateway can't overlap with on-premise, and Microsoft recommend that would be /27 or /28, so the answer valid for gateway is 192.168.1.0/28
Question #42
You are designing an Azure solution.
The network traffic for the solution must be securely distributed by providing the following features:
✑ HTTPS protocol
✑ Round robin routing
✑ SSL offloading
You need to recommend a load balancing option.
What should you recommend?
A. Azure Load Balancer
B. Azure Internal Load Balancer (ILB)
C. Azure Traffic Manager
D. Azure Application Gateway
Answer: D
Azure Front Door HTTP(S)
Traffic Manager non-HTTP(S)
Application Gateway HTTP(S)
Azure Load Balancer non-HTTP(S)
only Front Door and Application Gateway support HTTPs and TSL/SSL offload
Front door also supports round robin using weighted routing method, Front Door will round robin the traffic among the final selected pool of backends in the ratio of weights specified.
Answer is correct as Front Door is there.
Question #43
Your company, named Contoso, Ltd, implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service.
Contoso establishes a partnership with another company named Fabrikam, Inc.
Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.
Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso.
You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:
✑ Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.
✑ The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.
✑ The solution must NOT require changes to the logic apps.
✑ The solution must NOT use Azure AD guest accounts.
What should you include in the solution?
A. Azure AD business-to-business (B2B)
B. Azure Front Door
C. Azure API Management
D. Azure AD Application Proxy
Answer: C
https://docs.microsoft.com/en-us/azure/api-management/api-management-key-concepts
APIs enable digital experiences, simplify application integration, underpin new digital products, and make data and services reusable and universally accessible. With the proliferation and increasing dependency on APIs, organizations need to manage them as first-class assets throughout their lifecycle.
Question #44
You have an Azure subscription that contains a Windows Virtual Desktop tenant.
You need to recommend a solution to meet the following requirements:
✑ Start and stop Windows Virtual Desktop session hosts based on business hours.
✑ Scale out Windows Virtual Desktop session hosts when required.
✑ Minimize compute costs.
What should you include in the recommendation?
A. Microsoft Intune
B. a Windows Virtual Desktop automation task
C. Azure Automation
D. Azure Service Health
Answer: C
https://docs.microsoft.com/en-us/azure/automation/overview
Azure Automation delivers a cloud-based automation, operating system updates, and configuration service that supports consistent management across your Azure and non-Azure environments. It includes process automation, configuration management, update management, shared capabilities, and heterogeneous features.
Question #45
You have an Azure subscription.
You need to deploy an Azure Kubernetes Service (AKS) solution that will use Windows Server 2019 nodes. The solution must meet the following requirements:
✑ Minimize the time it takes to provision compute resources during scale-out operations.
✑ Support autoscaling of Windows Server containers.
Which scaling option should you recommend?
A. cluster autoscaler
B. horizontal pod autoscaler
C. Kubernetes version 1.20.2 or newer
D. Virtual nodes with Virtual Kubelet ACI
Answer: A
https://docs.microsoft.com/en-us/azure/aks/concepts-scale#cluster-autoscaler
To respond to changing pod demands, Kubernetes has a cluster autoscaler, that adjusts the number of nodes based on the requested compute resources in the node pool.
Question #46
You plan to deploy an application that will run in a Linux-based Docker container.
You need to recommend a solution to host the application in Azure. The solution must meet the following requirements:
✑ Support a custom domain name and an associated SSL certificate.
✑ Scale-out automatically based on demand.
✑ Minimize administrative effort and costs.
What should you include in the recommendation?
A. Azure App Service
B. Azure Container Instances
C. an Azure virtual machine
D. Azure Kubernetes Service (AKS)
Answer: A
AKS is more expensive than Azure App Service for Container..
Question #47
HOTSPOT -
You are designing an Azure web app.
You plan to deploy the web app to the North Europe Azure region and the West Europe Azure region.
You need to recommend a solution for the web app. The solution must meet the following requirements:
✑ Users must always access the web app from the North Europe region, unless the region fails.
✑ The web app must be available to users if an Azure region is unavailable.
✑ Deployment costs must be minimized.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: A Traffic Manager profile
Box 2: Priority traffic routing
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods
Priority: Select Priority routing when you want to have a primary service endpoint for all traffic. You can provide multiple backup endpoints in case the primary or one of the backup endpoints is unavailable.
Question #48
HOTSPOT -
You have the application architecture shown in the following exhibit:
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: Modify the Azure Traffic Manager routing method
Box 2: Endpoint monitor settings in Azure Traffic Manager
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring
Tolerated number of failures. This value specifies how many failures a Traffic Manager probing agent tolerates before marking that endpoint as unhealthy. Its value can range between 0 and 9. A value of 0 means a single monitoring failure can cause that endpoint to be marked as unhealthy. If no value is specified, it uses the default value of 3.
Question #49
HOTSPOT -
You have an Azure subscription named Subscription1 that is linked to a hybrid Azure Active Directory (Azure AD) tenant.
You have an on-premises datacenter that does NOT have a VPN connection to Subscription1.
The datacenter contains a computer named Server1 that has
Microsoft SQL Server 2016 installed.
Server1 is prevented from accessing the internet.
An Azure logic app named LogicApp1 requires write access to a database on Server1.
You need to recommend a solution to provide LogicApp1 with the ability to access Server1.
What should you recommend deploying on-premises and in Azure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Box 1: An on-premises data gateway
Box 2: A connection gateway resource
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-gateway-install
Before you can connect to on-premises data sources from Azure Logic Apps, download and install the on-premises data gateway on a local computer.
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-gateway-connection
After you install the on-premises data gateway on a local computer and before you can access data sources on premises from your logic apps, you have to create a gateway resource in Azure for your gateway installation
Question #50
You manage an application instance. The application consumes data from multiple databases. Application code references database tables using a combination of the server, database, and table name.
You need to migrate the application data to Azure.
To which two Azure services could you migrate the application to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Azure SQL Managed Instance
B. Azure SQL Database
C. SQL Server in an Azure virtual machine
D. SQL Server Stretch Database
Answer: AC
Application code references database tables using a combination of the server, database, and table name>> Azure DB cannot do this.
You need to migrate the application data to Azure. >> Stretched DB is to stretch the DB from on-prem to Azure. The objective is to move entirely to Azure.
Question #51
You manage an on-premises network and Azure virtual networks.
You need to create a secure connection over a private network between the on-premises network and the Azure virtual networks. The connection must offer a redundant pair of cross connections to provide high availability.
What should you recommend?
A. Azure Load Balancer
B. VPN Gateway
C. ExpressRoute
D. virtual network peering
Answer: C
https://docs.microsoft.com/en-gb/azure/expressroute/expressroute-introduction#redundancy
Each ExpressRoute circuit consists of two connections to two Microsoft Enterprise edge routers (MSEEs) at an ExpressRoute Location from the connectivity provider/your network edge. Microsoft requires dual BGP connection from the connectivity provider/your network edge – one to each MSEE. You may choose not to deploy redundant devices/Ethernet circuits at your end. However, connectivity providers use redundant devices to ensure that your connections are handed off to Microsoft in a redundant manner. A redundant Layer 3 connectivity configuration is a requirement for our SLA to be valid.
Question #52
You have an Azure subscription that contains an Azure Blob storage account named store1.
You have an on-premises file server named Server1 that runs Windows Server 2016. Server1 stores 500 GB of company files.
You need to store a copy of the company files from Server 1 in store1.
Which two possible Azure services achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. an integration account
B. an On-premises data gateway
C. an Azure Batch account
D. an Azure Import/Export job
E. Azure Data Factory
Answer: DE
A. an integration account
Use integration accounts for business-to-business (B2B) solutions and seamless communication between organizations.
B. an On-premises data gateway
The on-premises data gateway acts as a bridge to provide quick and secure data transfer between on-premises data (data that isn't in the cloud) and several Microsoft cloud services. These cloud services include Power BI, PowerApps, Power Automate, Azure Analysis Services, and Azure Logic Apps.
C. an Azure Batch account
Use Azure Batch to run large-scale parallel and high-performance computing (HPC) batch jobs efficiently in Azure. It is not used for data transfer/copy.
D and E are correct
Question #53
You have an Azure subscription.
You need to deploy an Azure Kubernetes Service (AKS) solution that will use Linux nodes. The solution must meet the following requirements:
✑ Minimize the time it takes to provision compute resources during scale-out operations.
✑ Support autoscaling of Linux containers.
✑ Minimize administrative effort.
Which scaling option should you recommend?
A. Virtual Kubelet
B. cluster autoscaler
C. horizontal pod autoscaler
D. AKS virtual nodes
Answer: D
It’s Linux, so can not use cluster autoscaler
https://docs.microsoft.com/en-us/azure/aks/virtual-nodes
To rapidly scale application workloads in an AKS cluster, you can use virtual nodes. With virtual nodes, you have quick provisioning of pods, and only pay per second for their execution time.
