Академический Документы
Профессиональный Документы
Культура Документы
Microsoft - 70-534
Architecting Microsoft
Azure Solutions
Version: 10.0
http://xcerts.com 1
70-534
Background
You work for a company named Adventure Holidays. The company has its headquarters in New
York and two branch offices located in Boston and Dallas.
The company locates and provides holidays providing specialist activities such as mountain
climbing, trekking, sky diving, caving and water sports such as diving and surfing.
Holiday providers from around the world can advertise their holidays on the website. A user can
specify their required activity and location and the website will provide a list of brochures from
holiday providers that can accommodate the requirements. Users can then book their holiday
through the website.
I.T Overview
The company has a single Active Directory forest. Each office is configured as a separate Active
Directory Site in a single domain.
The company has a datacenter in the New York office. The New York datacenter hosts physical
servers and virtual machines (VMs) running on Hyper-V host servers.
Company policy allows employees to use their own mobile devices in the office.
Azure
Adventure Holidays has an Azure subscription. The company has been migrating servers and
applications to the Azure cloud.
Company users use Office 365 and other Software as a Service (SaaS) applications including
Dropbox. Adventure Holidays will use more SaaS applications in the future.
Company employees are authenticated to Azure apps and services using Azure Active
Directory.
The company plans to extend their on-premise Active Directory to Azure by using Active
Directory Federated Server (AD FS) for application authentication.
Holiday Reps
Adventure Holidays has employed permanent holiday reps. The permanent holiday reps are
located on-site at several of the most popular adventure holiday destinations.
Holiday Providers
Adventure Holidays uses an Azure service to store holiday brochures and information about the
holiday providers. The table currently used to store the information results in excessive data
transfer rates and slow data access. The number of read/write operations on the table results in
a long queue. Due to poor performance of the current solution, this solution needs to be
redesigned. A mobile service will be created to access the holiday providers' information.
App Requirements
Customer App
Adventure Holidays plans to create a mobile app for holiday customers. Customers should be
able to register a profile, browse and book holidays through the app and leave feedback about
their holidays. The solution should save the details of all previous and future customers. The
customer app should use a third-party authentication provider. The Access Control Service
should be used to configure the identity provider.
http://xcerts.com 2
70-534
Business Requirements
Adventure Holidays has specified the following business requirements:
- We need to provide access to some Azure applications to holiday providers. The holiday
providers should be able to authenticate by using their Hotmail.com accounts.
- Adventure Holidays does not want to manage user accounts for the holiday providers.
- Some users report having to enter their passwords again when accessing cloud-based
applications. Users must be able to access all applications after logging in to their computers
using their domain credentials.
- The VMs hosted on Azure must be accessible from on-premise servers by using a secure
cross- premise network.
- A group of users named VMAdmins must be able to administer only the VMs that are migrated
to Azure.
- Role Based Access Control (RBAC) must be used to assign access to resources.
QUESTION: 1
You need to meet the cross-premise secure network requirement. You need to access the
Azure network from multiple servers in the on-premise environment by using an IPSec VPN.
Which type of network connection should you configure? (Choose the best solution)
Answer(s): A
QUESTION: 2
You need to improve the performance of the holiday reps app. You want to store the brochures
in an unstructured form that is automatically scalable.
Which Azure storage solution should you recommend?
A. Queue storage
B. Table storage
C. Blob storage
D. Virtual Machine local storage
Answer(s): C
QUESTION: 3
http://xcerts.com 3
70-534
You need to improve the performance of the holiday reps app. You want to store the holiday
provider information in a structured form that is automatically scalable.
Which Azure storage solution should you recommend?
A. Queue storage
B. Table storage
C. Blob storage
D. Virtual Machine local storage
Answer(s): B
QUESTION: 4
You need to recommend a solution for the alerting requirement in the Holiday Reps app.
Which of the following should you recommend?
Answer(s): E
QUESTION: 5
You need to meet the business requirements for users accessing cloud-based applications
without having to log in again.
Which of the following actions should you perform?
Answer(s): B
QUESTION: 6
You need to meet the application authentication requirements for the holiday providers.
Which of the following solutions should you recommend?
A. Enable the use of the Azure Access Control service for the federation provider.
B. Create user accounts in Azure Active Directory for the holiday providers.
C. Create user accounts in the on-premise Active Directory for the holiday providers.
D. Enable the use social identity providers for the federation provider.
Answer(s): A
QUESTION: 7
http://xcerts.com 4
70-534
You need to recommend a solution to synchronize data with the holiday reps app.
Which of the following should you recommend?
Answer(s): D
QUESTION: 8
You need to configure a mobile service to access the Holiday Providers solution.
You create a cloud service and a mobile service.
Which of the following should you implement to reduce the number of operations required on
the table that stores the information?
Answer(s): E
QUESTION: 9
You need to assign permissions to the VMAdmins group. The solution must meet the business
requirements.
Which two of the following actions should you perform? (Choose two)
Answer(s): B, E
QUESTION: 10
You need to configure the VPN solution for the cross-premise network.
Which of the following will need to be configured on Azure?
Answer(s): C
http://xcerts.com 5
70-534
QUESTION: 11
You work as a Software Developer at ABC.com. The company uses Azure for hosting Websites,
Web Applications and Virtual Machines.
You plan to develop an image processing application that will be sold to multiple customers.
Your customers use different versions of the .NET runtime. You have designed the application
to perform various functions on images in various formats.
You have received differing business logic requirements from different customers. Some
customers want all the functions in the application while some customers only want a subset of
the functions. The customers have specified different requirements for the user interface.
You plan to create the application as an Azure web application.
How should you deploy the application to meet the customer requirements?
Answer(s): E
QUESTION: 12
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You are developing an application that will be hosted on Azure. The application will be used by
business customers and employees. Application users will connect to a web role and upload
image files to the application. The web role will use the Azure Queue service to pass the image
files to multiple instances of a worker role that will process the files. The files are expected to be
no more than 10 MB in size.
You need to design the application to minimize storage transactions for the files. You plan to
reference the uploaded files from within the queue.
Where should you store the uploaded files?
Answer(s): D
QUESTION: 13
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You are developing an application that will be hosted on Azure.
http://xcerts.com 6
70-534
Three web roles will receive requests from application users. The requests will then be
processed by five worker role instances.
You need to configure the Azure Queue service to connect the web roles and worker roles. You
want to minimize the number of Azure Queues in the application.
How many Azure Queues should you create?
A. 1
B. 2
C. 3
D. 6
E. 15
Answer(s): A
QUESTION: 14
You work as a Software Developer at ABC.com. The company uses bespoke applications that
are hosted in on-premise servers or on Microsoft Azure.
You are in the process of migrating applications from on-premise servers to Azure. An
application named App1 is hosted on an on-premise server. You plan to modify App1 to be
hosted as an Azure cloud service. The cloud service will consist of a web role and a worker role.
The web role will send requests to the worker role by using an Azure queue. Every time a
request is received, a temporary file is created by the worker role.
You need to choose a storage location for the temporary files that will minimize the transaction
charges.
Where should you store the temporary files?
Answer(s): D
QUESTION: 15
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You are developing a web application named WebApp1 to be hosted on Azure. The application
consists of a single worker role that runs in an A3 instance. The worker role stores data in Azure
blob storage.
You need to increase the capacity of WebApp1.
Which of the following scaling options would increase throughput while minimizing application
downtime during the scaling operation?
Answer(s): D
http://xcerts.com 7
70-534
QUESTION: 16
You have recently been hired as a software developer at ABC.com.
All company users use a corporate application that is hosted on Azure.
You have been tasked with troubleshooting performance problems with the application.
You determine that the application was written in ASP.NET when the company had just a few
employees. A single Azure web role is used to host a web interface and perform the business
logic for the application. All application data is hosted on Azure in a single Azure SQL database.
Now that the company has many more employees, users are reporting poor performance of the
application. You discover high CPU usage caused by the business logic processing.
You need to recommend a solution to improve the performance of the application.
What configuration change should you recommend?
Answer(s): D
QUESTION: 17
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
All company users use a corporate application that is hosted on Azure. The application is
hosted on multiple instances to provide redundancy and performance.
You need to perform some configuration changes and upgrades to the application.
Which two of the following statements are true? (Choose two)
A. You cannot decrease the number of application instances without incurring application
downtime.
B. Modifying a configuration setting in the application will always incur application downtime.
C. Adding an HTTPS endpoint for the web role will always incur application downtime.
D. You can increase the number of application instances without incurring application downtime.
E. You can use the VIP Swap (Virtual IP Swap) deployment method to add an HTTPS endpoint.
Answer(s): C, D
QUESTION: 18
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You are developing an application that will be used by all company employees. You plan to host
the application on Azure. The employees will use the application to upload work sheets. The
work sheets will then be processed by a remote processing application that runs on an Azure
virtual machine (VM).
After a work sheet file has been uploaded, users can use the application to view or modify the
file.
You need to ensure that users cannot modify their work sheet files while the files are being
processed by the processing application. The processing application must have exclusive
http://xcerts.com 8
70-534
access to the files during processing operations. However, users should be able to view the files
while they are being processed.
You need to choose which storage method you should use for the work sheet files. The storage
method must meet the access requirements of the processing application and also provide a
mechanism for rolling back a file to a previous version.
Which of the following storage methods should you use?
Answer(s): A
QUESTION: 19
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You are developing an application that will be used by all company employees to store company
data. The application will be hosted on Azure.
You need to decide which storage system to use to store the data. You are evaluating whether
to use Azure Table Storage or Azure SQL Database.
Which three of the following statements are true? (Choose three)
A. Azure Table storage can store more than 500 GB of data in a single table.
B. Azure SQL Database can store more than 500 GB of data in a single database.
C. Azure Table storage can store up to 2 GB of data in a single row.
D. Azure SQL database can store up to 2 GB of data in a single row.
E. A single query in an Azure SQL database can return a maximum of 1000 rows of data.
F. A single query in an Azure Table can return a maximum of 1000 rows of data.
Answer(s): A, D, F
QUESTION: 20
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You are developing an application that will be used by all company employees to store company
data. The application will be hosted on Azure.
After evaluating whether to use Azure Table Storage or Azure SQL Database, you decided to
use an Azure SQL Database.
Which of the following are reasons for choosing Azure SQL Database? (Choose all that apply)
http://xcerts.com 9
70-534
Answer(s): B, C, E
QUESTION: 21
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You have developed a corporate web application that runs several Azure web instances. All
company users use the web application during business hours.
You have created a WebJob that you need to deploy to the web application.
You need to ensure that the WebJob always runs on all running instances of the Azure web
application.
How should you configure the WebJob?
A. You should configure the WebJob as a scheduled WebJob and select the Recurring Job
option.
B. You should configure the WebJob as a scheduled WebJob and select Scheduler Region
option.
C. You should configure the WebJob as a separate on-demand WebJob for each web
application instance.
D. You should configure the WebJob as a continuous WebJob.
Answer(s): D
QUESTION: 22
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You have developed a corporate web application that runs several Azure web instances. All
company users use the web application during business hours.
You have configured a WebJob and deployed it to the web application as a continuous WebJob.
You discover that when the web instances are idle outside of business hours, the WebJob does
not run correctly.
You need to ensure that the WebJob always runs on all instances of the Azure web application
even when the web instances are idle outside of business hours.
Which of the following actions should you perform?
Answer(s): D
QUESTION: 23
You work as a network administrator at ABC.com. The company uses applications that are
hosted on on-premise servers or on Microsoft Azure.
The on-premise applications are hosted on virtual machines (VM) running on Windows Server
http://xcerts.com 10
70-534
You are in the process of migrating applications from the on-premise servers to Azure. You
want to migrate an application named App1 to Azure.
The VM that currently hosts App1 has the following configuration:
- 2 CPU cores.
- 2 GB or RAM
- 40 GB virtual hard disk
App1 is not a business critical application and therefore does not require load balancing or auto-
scaling.
You need to select an Azure VM tier to host the App1 VM instance and minimize costs.
Which of the following tiers should you choose?
Answer(s): A
QUESTION: 24
You work as a network administrator at ABC.com. The company uses applications that are
hosted on on-premise servers or on Microsoft Azure.
The on-premise applications are hosted on virtual machines (VM) running on Windows Server
2012 Hyper-V Servers.
You are in the process of migrating applications from the on-premise servers to Azure.
You want to migrate an application named CustomerApp to Azure. CustomerApp is used by all
company customers. You have received complaints that the performance of CustomerApp is
getting slower as more customers use the application.
Answer(s): C
QUESTION: 25
Your role as Cloud Administrator includes the management of the company's public and private
cloud infrastructure. The company has customers located all over the world.
The company is developing a new web application that will be used by ABC.com customers.
The web application will be hosted on Azure and will serve a large amount of static content.
http://xcerts.com 11
70-534
You need to ensure that customers all over the world can load the web application as quickly as
possible.
Which of the following actions should you perform?
Answer(s): C
QUESTION: 26
You work as a network administrator at ABC.com. The corporate network consists of physical
and virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
You have been asked to deploy virtual machines (VMs) on Azure for company developers to
use as a development environment.
The manager of the Development department has stated the following requirements:
- The development environment must support auto-scaling.
- The development environment must support load balancing between VM instances.
- Each VM in the development environment must have two CPU cores.
- The development environment must minimize costs.
You need to select a compute instance for the VMs to meet the requirements.
Which of the following should you select?
Answer(s): D
QUESTION: 27
You work as a software developer at ABC.com. The corporate network consists of physical and
virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
A physical server named ABC-AppSrv1 is hosted in the datacenter. ABC-AppSrv1 runs an
application named App1 that is configured as a Windows Communication Foundation (WCF)
service.
App1 must be hosted in the datacenter and is not exposed externally. App1 cannot be rewritten.
You are developing an application named App2 on Azure. App2 needs to access App1.
You need to configure a solution to enable App2 to access App1.
Which of the following actions should you perform?
http://xcerts.com 12
70-534
Answer(s): C
QUESTION: 28
You work as a network administrator at ABC.com. The corporate network consists of physical
and virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
The company has a software development department. A software developer is creating a cloud
service on Azure. The cloud service is accessible using the URL: ABCApp.cloudapp.net.
You want company users to be able to access the cloud service by using the URL:
CorpApp1.ABC.com.
Users must continue to be able to access the cloud service even in the Public Virtual IP (VIP)
address of the cloud service changes.
You need to configure the appropriate DNS record.
Which type of DNS record should you configure?
A. A (Host)
B. CNAME (Alias)
C. TXT (Text)
D. SPF (Sender Policy Framework)
E. SRV (Service Locator)
Answer(s): B
QUESTION: 29
You work as a network administrator at ABC.com. The corporate network consists of physical
and virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
A Hyper-V host server named ABC-HV01 is located in the datacenter. ABC-HV01 hosts a virtual
machine (VM) named ABC-Web01. An application named CorpApp1 is hosted on ABC-Web01
and exposes a web service to the internal network. The web service is not exposed externally.
Client computers on the company network run a client application that connects to the
CorpApp1 web service.
Some company users have been issued with Windows 8 tablet devices. The tablet devices have
the client application installed.
The users with tablet devices want to be able to use the client application to connect to the
CorpApp1 web service when they are outside the company network.
Company security policy states that the web service must not be exposed externally.
How can you enable the client application on the tablet devices to access the CorpApp1 web
service externally?
Answer(s): B
QUESTION: 30
http://xcerts.com 13
70-534
You work as a network administrator at ABC.com. The company has a main office in New York
and branch offices in several countries including UK, Spain, Germany, India and Japan.
The company has a website hosted in Microsoft Azure. The website is named CorpSite and is
accessed using the URL corp.ABC.com. CorpSite is running in a standard hosting plan. The
website contains high resolution graphics, video and audio files.
Users in India and Japan report that it takes a long time to load pages in the website.
You need to reduce the time it takes to load pages in the website.
Which of the following technologies should you implement?
Answer(s): D
QUESTION: 31
You work as a network administrator at ABC.com. The company has a main office in New York
and branch offices in several countries including UK, Spain, Germany, India and Japan.
The company has a website hosted in Microsoft Azure. The website is named CorpSite and is
accessed using the URL corp.ABC.com. CorpSite is running in a standard hosting plan. The
website contains high resolution graphics, video and audio files.
You want to improve the responsiveness of the website by directing users to the endpoint with
the lowest network latency from their location.
Which of the following technologies should you implement?
Answer(s): C
QUESTION: 32
You work as a Software Developer at ABC.com. The company has a Microsoft Azure
subscription.
You are developing a new corporate website. The website will contain high resolution graphics,
video and audio files and will be viewed by customers on various client devices including Smart
TVs, PCs and mobile devices.
You need to be able to securely upload, store, encode and package video and audio content for
both on-demand and live streaming delivery to the various client devices.
Which of the following technologies should you implement?
Answer(s): A
http://xcerts.com 14
70-534
QUESTION: 33
You work as a network administrator at ABC.com. The company has a main office in New York
and branch offices in several countries including UK, Spain, Germany, India and Japan. The
company uses Azure to host applications.
You are designing a new corporate application. The application will be accessed by customers
all over the world. The application will consist of several services. The services will be hosted in
different locations in different countries.
You need to plan a mechanism for the geographically dispersed services to communicate with
each other.
Which Azure service is designed to integrate application services that span multiple network
locations?
A. Azure Queues
B. Azure API Management
C. Azure App Service
D. Azure Service Bus Queues
Answer(s): D
QUESTION: 34
You work as a network administrator at ABC.com. The corporate network consists of physical
and virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
The company has a software development department. A software developer is creating a cloud
service on Azure.
You need to enable communications between the servers in the datacenter and the virtual
machines (VMs) running in the Azure cloud service. The communications must be secured by
using IPSec.
Which of the following solutions should you configure?
A. ExpressRoute network
B. Azure Service Bus
C. Site-to-Site virtual network
D. DirectAccess
Answer(s): C
QUESTION: 35
You work as a network administrator at ABC.com. The corporate network consists of physical
and virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
The company has two physical SQL Server 2012 servers in a Windows Failover Cluster. You
plan to migrate the databases from the on-premise SQL cluster to an Azure Infrastructure-as-a-
Service (IaaS) SQL Server.
You use a Windows 8 Pro client computer named ABC-Admin1.
You need to configure a connectivity solution to enable you to connect to the Azure IaaS SQL
Server. The solution must ensure that connections can be made from only ABC-Admin1 and the
on-premise SQL Server cluster. Other computers on the corporate network must not be able to
connect to the Azure IaaS SQL Server.
http://xcerts.com 15
70-534
Answer(s): A
QUESTION: 36
You work as a network administrator at ABC.com. The corporate network consists of physical
and virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure.
The on-premise servers and client computers are managed using System Center 2012 R2
Configuration Manager (SCCM). SCCM is configured as a single primary site.
You want to use SCCM to manage the Azure virtual machines (VMs). The solution must ensure
that network traffic between the on-premise servers and Azure is minimized when collecting
inventory information from the Azure VMs and when deploying software to the Azure VMs. The
solution must minimize costs and complexity.
Which of the following is the best solution?
Answer(s): B
QUESTION: 37
You work as a Network Administrator at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines. The company has multiple Microsoft Azure subscriptions.
You need to deploy an application that runs on several VMs to Azure.
You use a Windows 8 Pro client computer named ABC-Admin1. You need to configure
Windows PowerShell on ABC-Admin1 to connect to all the Azure subscriptions.
Which of the following PowerShell cmdlet(s) should you run?
A. Add-AzureSubscription
B. Get-AzureDeployment and New-AzureDeployment
C. Get-AzureSubscription and Import-AzureSubscription
D. Get-AzurePublishSettingsFile and Import-AzurePublishSettingsFile
Answer(s): D
QUESTION: 38
You work as a Network Administrator at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs). All VMs are in an Azure resource group named
ProductionVMs. A VM named AppVM1 runs an application that is used by company employees.
You need to assign permissions to members of the I.T. team to perform administrative tasks on
Azure.
http://xcerts.com 16
70-534
Company security policy states that all users must have the minimum permissions required to
perform their roles.
An I.T. Technician named Jane needs to be able to manage access to AppVM1.
What permission should you assign to Jane?
Answer(s): E
QUESTION: 39
You work as a Network Administrator at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs). All VMs are in an Azure resource group named
ProductionVMs. A VM named AppVM1 runs an application that is used by company employees.
You need to assign permissions to members of the I.T. team to perform administrative tasks on
Azure.
Company security policy states that all users must have the minimum permissions required to
perform their roles.
An I.T. Technician named Clive needs to be able to maintain all the Azure VMs.
What permission should you assign to Clive?
Answer(s): B
QUESTION: 40
You work as a Network Administrator at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs). All VMs are in an Azure resource group named
ProductionVMs. A VM named AppVM1 runs an application that is used by company employees.
You need to assign permissions to members of the I.T. team to perform administrative tasks on
Azure.
Company security policy states that all users must have the minimum permissions required to
perform their roles.
An I.T. Technician named Chloe needs to be able to view and download billing statements and
usage data for Azure.
What permission should you assign to Chloe?
http://xcerts.com 17
70-534
Answer(s): F
QUESTION: 41
You work as a Software Developer at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs).
You are developing a new application that will be hosted on Azure. The application will be used
by customers. The application will be configured to use Azure Access Control Services to allow
customers to log in by using a Microsoft Account, a Google account or a Facebook account.
Which type of token will be presented when users log in to the application?
Answer(s): B
QUESTION: 42
You work as a Software Developer at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs).
You are developing a new application that will be hosted on Azure. The application will be used
by customers. The application will be configured to use Azure Access Control Services to allow
customers to log in by using a Microsoft Account, a Google account or a Facebook account.
You need to configure the application to use Azure Control Services.
Which type of trust will be used?
A. Forest trust
B. Kerberos trust
C. One-way domain trust
D. WS-Trust
Answer(s): D
QUESTION: 43
You work as a Software Developer at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs).
You are developing a corporate website that will be hosted on Azure and a mobile app.
Customers will be able to log in to the corporate website and download the mobile app.
The website and mobile app will allow customers to log in by using a Microsoft Account, a
Google account or a Facebook account.
You create an MVC 5 application.
You need to ensure that all communications with the website are encrypted and that users can
log in to the website or mobile app by using their Microsoft, Google or Facebook accounts.
Which two of the following actions should you perform? (Choose two)
http://xcerts.com 18
70-534
Answer(s): B, C
QUESTION: 44
You work as a Software Developer at ABC.com. The company uses Azure for hosting Web
Applications and Virtual Machines (VMs).
You are developing an application that will be hosted on Azure. Users all around the world will
use client applications to connect to the new application. Some client applications will not be
Windows-based clients.
You need to implement a solution to ensure that all client applications can retrieve information
from your application even if the network connection between the client and Azure is unreliable.
Which of the following technologies should you implement?
Answer(s): A
QUESTION: 45
You work as a Network Administrator at ABC.com. The ABC.com network includes a single
Active Directory Domain Services (AD DS) domain named ABC.com. All on-premise computers
are members of the Active Directory domain.
The company has recently purchased a Microsoft Azure subscription.
You are planning to implement Azure Active Directory and configure Directory Synchronization
with the on-premise Active Directory.
Which of the following statements are true? (Choose all that apply)
A. You can join Azure virtual machines (VMs) to Azure Active Directory.
B. Both the on-premise Active Directory and Azure Active Directory support single sign-on
(SSO)
C. You can query the on-premise Active Directory using LDAP (Lightweight Directory Access
Protocol) but not Azure Active Directory.
D. You can query the on-premise Active Directory and the Azure Active Directory using the
GraphAPI.
E. Both the on-premise Active Directory and Azure Active Directory support Kerberos
authentication.
Answer(s): B, C
QUESTION: 46
http://xcerts.com 19
70-534
Your role as Systems Administrator at ABC.com includes the management of the company's
Microsoft Azure subscription.
The company has several websites hosted on Azure Websites. Customer facing websites are
located in a resource group named CustomerSites.
You need to provide a user with the minimum permissions to perform the following actions:
- Upload content to any customer website.
- Access the SCM website administration end point to perform diagnostic and servicing
operations on any customer website.
You need to apply the minimum permissions necessary to perform the required actions.
Which of the following permissions should you grant the user?
Answer(s): B
QUESTION: 47
You work as a network administrator at ABC.com. The corporate network consists of physical
and virtual servers located in a datacenter and virtual servers hosted on Microsoft Azure. An
Azure site-to-site VPN is configured between the datacenter and Azure.
You are planning to migrate services and data from the datacenter to Azure.
A file server contains 37 Terabytes of data that includes sensitive information. You plan to move
the data to Azure Blob Storage.
The datacenter has a 20 Mbps Internet connection.
You need to recommend a solution for migrating the data to Azure. The solution must ensure
that the data is secure during the migration.
Which three of the following actions should you perform? (Choose three)
A. Use the Microsoft Azure Import/Export Tool to copy the data to five 8TB hard drives.
B. Use the Microsoft Azure Import/Export Tool to copy the data to ten 4TB hard drives.
C. Encrypt the data on the drives by using Advanced Encryption Standard (AES).
D. Create an Azure Import Job.
E. Create an Azure Export Job.
F. Copy the data over the VPN.
G. Use an approved carrier service to ship the hard drives to Microsoft.
Answer(s): B, D, G
QUESTION: 48
You work as a Network Administrator at ABC.com. The ABC.com network includes a single
Active Directory Domain Services (AD DS) domain named ABC.com. All on-premise computers
are members of the Active Directory domain. All users log in with domain user accounts.
The company has recently purchased a Microsoft Azure subscription.
You are planning to implement Azure Active Directory and configure Directory Synchronization
with the on-premise Active Directory.
http://xcerts.com 20
70-534
You install and configure the Azure Active Directory Sync Tool (DirSync) to synchronize
accounts and passwords to Azure Active Directory.
Which two of the following statements are true? (Choose two)
A. After users have logged on to their client computers, they can access Azure cloud services
without having to re-enter their password.
B. After users have logged on to their client computers, access to Azure cloud services is
authenticated against the Azure Active Directory.
C. Password complexity policies configured in the on-premises Active Directory override any
complexity policies configured in Azure Active Directory.
D. If a password expiration policy is defined in the on-premise Active Directory, the password
policy will also apply to Azure Active Directory accounts.
Answer(s): B, C
QUESTION: 49
You work as a Network Administrator at ABC.com. The ABC.com network includes a single
Active Directory Domain Services (AD DS) domain named ABC.com. All on-premise computers
are members of the Active Directory domain. All users log in with domain user accounts.
The company has recently purchased a Microsoft Azure subscription.
You are planning to implement Azure Active Directory and configure Directory Synchronization
with the on-premise Active Directory.
You install and configure the Azure Active Directory Sync Tool (DirSync) to synchronize
accounts and passwords to Azure Active Directory.
You want to configure Single Sign-on (SSO) to enable users to access Azure cloud services
without having to re-enter their passwords.
Which of the following services do you need to deploy to enable SSO?
Answer(s): B
QUESTION: 50
You work as a Software Developer at ABC.com. The ABC.com network includes a single on-
premise Active Directory Domain Services (AD DS) domain. All users have user accounts in the
AD DS domain. The company has a Microsoft Azure subscription.
You are creating an application that will be used by all company employees. You plan to host
the application on Azure.
You want to configure the environment to enable users to access the application by using single
sign-on.
What should you do?
http://xcerts.com 21
70-534
D. You should configure the application to use Azure Shared Access Signatures for
authentication.
Answer(s): C
http://xcerts.com 22