Evaluate and perform server migration to Azure
Testlet 1
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The Montreal office has 2,000 employees. The Seattle office has 1,000 employees. The New York office has 200 employees.
All the resources used by Contoso are hosted on-premises.
Contoso creates a new Azure subscription. The Azure Active Directory (Azure AD) tenant uses a domain named contoso.onmicrosoft.com. The tenant uses the P1 pricing tier.
Existing Environment
The network contains an Active Directory forest named contoso.com. All domain controllers are configured as DNS servers and host the contoso.com DNS zone.
Contoso has finance, human resources, sales, research, and information technology departments. Each department has an organizational unit (OU) that contains all the accounts of that respective department. All the user accounts have the department attribute set to their respective department. New users are added frequently.
Contoso.com contains a user named User1.
All the offices connect by using private links.
Contoso has data centers in the Montreal and Seattle offices. Each data center has a firewall that can be configured as a VPN device.
All infrastructure servers are virtualized.
The virtualization environment contains the servers in the following table.
Contoso uses two web applications named App1 and App2. Each instance on each web application requires 1GB of memory.
The Azure subscription contains the resources in the following table.
The network security team implements several network security groups (NSGs).
Planned Changes
Contoso plans to implement the following changes:
– Deploy Azure ExpressRoute to the Montreal office.
– Migrate the virtual machines hosted on Server1 and Server2 to Azure.
– Synchronize on-premises Active Directory to Azure Active Directory (Azure AD).
– Migrate App1 and App2 to two Azure web apps named WebApp1 and WebApp2.
Technical requirements
Contoso must meet the following technical requirements:
– Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instances.
– Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
– Ensure that routing information is exchanged automatically between Azure and the routers in the Montreal office.
– Ensure Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
– Ensure that webapp2.azurewebsites.net can be accessed by using the name app2.contoso.com
– Connect the New York office to VNet1 over the Internet by using an encrypted connection.
– Create a workflow to send an email message when the settings of VM4 are modified.
– Create a custom Azure role named Role1 that is based on the Reader role.
– Minimize costs whenever possible.
You discover that VM3 does NOT meet the technical requirements.
You need to verify whether the issue relates to the NSGs.
What should you use?
- A . Diagram in VNet1
- B . the security recommendations in Azure Advisor
- C . Diagnostic settings in Azure Monitor
- D . Diagnose and solve problems in Traffic Manager profiles
- E . IP flow verify in Azure Network Watcher
E
Explanation:
Scenario: Contoso must meet technical requirements including: Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
References:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview
HOTSPOT
You need to prepare the environment to implement the planned changes for Server2.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: Create a Recovery Services vault Create a Recovery Services vault on the Azure Portal.
Box 2: Install the Azure Site Recovery Provider Azure Site Recovery can be used to manage migration of on-premises machines to Azure.
Scenario: Migrate the virtual machines hosted on Server1 and Server2 to Azure. Server2 has the Hyper-V host role.
References:
https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure
Testlet 2
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studied might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changed before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. Note that the information displayed on the All information tab is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
Existing Environment
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory forest named adatum.com and run Windows Server 2016.
The New York office uses an IP address space of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal.
The infrastructure contains the resources shown in the following table.
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Requirements
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
– A new web app named App1 that will access third-parties for credit card processing must be deployed.
– A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs immediately.
– The Azure infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual machines to Azure.
– The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
– All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
– AG1 must load balance incoming traffic in the following manner:
– http://corporate.adatum.com/video/* will be load balanced across Pool11.
– http://corporate.adatum.com/images/* will be load balanced across Pool12.
– AG2 must load balance incoming traffic in the following manner:
– http://www.adatum.com will be load balanced across Pool21.
– http://fabrikam.com will be load balanced across Pool22.
– ER1 must route traffic between the New York office and platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
– ER1 must route traffic between the Los Angeles office and the PaaS services in the West US region, as long as ER2 is available.
– ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be available to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
– The cost of App1 and App2 must be minimized
– The transactional charges of Azure Storage accounts must be minimized
DRAG DROP
You need to identify the appropriate sizes for the Azure virtual machines.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
References:
https://docs.microsoft.com/en-us/azure/migrate/tutorial-assessment-vmware
Question Set 3
DRAG DROP
You have an Azure subscription that contains the following resources:
– a virtual network named VNet1
– a replication policy named ReplPolicy1
– a Recovery Services vault named Vault1
– an Azure Storage account named Storage1
You have an Amazon Web Services (AWS) EC2 virtual machine named VM1 that runs Windows Server 2016.
You need to migrate VM1 to VNet1 by using Azure Site Recovery.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Step 1: Deploy an EC2 virtual machine as a configuration server
Prepare source include:
DRAG DROP
You have an Azure subscription that contains the following resources:
– a virtual network named VNet1
– a replication policy named ReplPolicy1
– a Recovery Services vault named Vault1
– an Azure Storage account named Storage1
You have an Amazon Web Services (AWS) EC2 virtual machine named VM1 that runs Windows Server 2016.
You need to migrate VM1 to VNet1 by using Azure Site Recovery.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Step 1: Deploy an EC2 virtual machine as a configuration server
Prepare source include:
DRAG DROP
You have an Azure subscription that contains the following resources:
– a virtual network named VNet1
– a replication policy named ReplPolicy1
– a Recovery Services vault named Vault1
– an Azure Storage account named Storage1
You have an Amazon Web Services (AWS) EC2 virtual machine named VM1 that runs Windows Server 2016.
You need to migrate VM1 to VNet1 by using Azure Site Recovery.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Step 1: Deploy an EC2 virtual machine as a configuration server
Prepare source include:
You have an on-premises network that contains a Hyper-V host named Host1. Host1 runs Windows Server 2016 and hosts 10 virtual machines that run Windows Server 2016.
You plan to replicate the virtual machines to Azure by using Azure Site Recovery.
You create a Recovery Services vault named ASR1 and a Hyper-V site named Site1.
You need to add Host1 to ASR1.
What should you do?
- A . Download the installation file for the Azure Site Recovery Provider.
Download the vault registration key.
Install the Azure Site Recovery Provider on Host1 and register the server. - B . Download the installation file for the Azure Site Recovery Provider.
Download the storage account key.
Install the Azure Site Recovery Provider on Host1 and register the server. - C . Download the installation file for the Azure Site Recovery Provider.
Download the vault registration key.
Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines. - D . Download the installation file for the Azure Site Recovery Provider.
Download the storage account key.
Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.
A
Explanation:
Download the Vault registration key. You need this when you install the Provider. The key is valid for five days after you generate it.
Install the Provider on each VMM server. You don’t need to explicitly install anything on Hyper-V hosts.
Incorrect Answers:
B, D: Use the Vault Registration Key, not the storage account key.
References:
https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure
You plan to move services from your on-premises network to Azure. You identify several virtual machines that you believe can be hosted in Azure.
The virtual machines are shown in the following table.
Which two virtual machines can you access by using Azure migrate? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
- A . Sea-CA01
- B . Hou-NW01
- C . NYC-FS01
- D . Sea-DC01
- E . BOS-DB01
CE
Explanation:
The VMware VMs must be managed by vCenter Server (version 5.5, 6.0, or 6.5).
References:
https://docs.microsoft.com/en-us/azure/migrate/migrate-overview
DRAG DROP
You create an Azure Migrate project named TestMig in a resource group named test-migration. You need to discover which on-premises virtual machines to assess for migration.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the
list of actions to the answer area and arrange them in the correct order.
Explanation:
Step 1: Download the OVA file for the collection appliance
Azure Migrate uses an on-premises VM called the collector appliance, to discover information about your on-premises machines. To create the appliance, you download a setup file in Open Virtualization Appliance (.ova) format, and import it as a VM on your on-premises vCenter Server.
Step 2: Create a migration group in the project
For the purposes of assessment, you gather the discovered VMs into groups. For example, you might group VMs that run the same application. For more precise grouping, you can use dependency visualization to view dependencies of a specific machine, or for all machines in a group and refine the group.
Step 3: Create an assessment in the project
After a group is defined, you create an assessment for it.
References:
https://docs.microsoft.com/en-us/azure/migrate/migrate-overview
HOTSPOT
You have an Azure subscription named Subscription1.
You have a virtualization environment that contains the virtualization servers in the following table.
The virtual machines are configured as shown in the following table.
All the virtual machines use basic disks. VM1 is protected by using BitLocker Drive Encryption (BitLocker). You plan to use Azure Site Recovery to migrate the virtual machines to Azure.
Which virtual machines can you migrate? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
References:
https://docs.microsoft.com/en-us/azure/site-recovery/hyper-v-azure-support-matrix#azure-vm-requirements
Implement and manage application services
Question Set 1
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure web app named App1. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.
You discover that App1 stops each day after running continuously for 60 minutes.
You need to ensure that App1 can run continuously for the entire day.
Solution: You change the pricing tier of Plan1 to Shared.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
You should switch to the Basic Tier.
The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Shared Tier provides 240 CPU minutes / day. The Basic tier has no such cap.
References:
https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
HOTSPOT
You create an Azure web app named WebApp1.
WebApp1 has the autoscale settings shown in the following exhibit.
The scale out and scale in rules are configured to have a duration of 10 minutes and a cool down time of
five minutes. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Explanation:
Box 1: one instance
August 8, 2018 is outside the schedule of the scale condition 1, and Default instance count is 1.
Box 2: three instances
The Default instance count of scale condition 1 is 4, and the Scale in rule decreases the count with 1. References:
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/insights-autoscale-best-practices
DRAG DROP
You have an Azure subscription that contains an Azure Service Bus named Bus1. Your company plans to deploy two Azure web apps named App1 and App2.
The web apps will create messages that have the following requirements:
– Each message created by App1 must be consumed by only a single consumer
– Each message created by App2 will be consumed by multiple consumers.
Which resource should you create for each web app? To answer, drag the appropriate resources to the correct web apps. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Explanation:
App1: A service Bus queue
In Queues each message is processed by a single consumer.
App2: A Service Bus topic
In contrast to queues, in which each message is processed by a single consumer, topics and subscriptions provide a one-to-many form of communication, in a publish/subscribe pattern.
References:
https://www.codit.eu/blog/exploring-azure-event-grid-are-service-bus-topic-dead/
DRAG DROP
You are developing an Azure web app named WebApp1. WebApp1 uses an Azure App Service plan named Plan1 that uses the B1 pricing tier.
You need to configure WebApp1 to add additional instances of the app when CPU usage exceeds 70 percent for 10 minutes.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Box 1: From the Scale out (App Service Plan) settings blade, change the pricing tier The B1 pricing tier only allows for 1 core. We must choose another pricing tier.
Box 2: From the Scale out (App Service Plan) settings blade, enable autoscale
DRAG DROP
You are developing an Azure web app named WebApp1. WebApp1 uses an Azure App Service plan named Plan1 that uses the B1 pricing tier.
You need to configure WebApp1 to add additional instances of the app when CPU usage exceeds 70 percent for 10 minutes.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Box 1: From the Scale out (App Service Plan) settings blade, change the pricing tier The B1 pricing tier only allows for 1 core. We must choose another pricing tier.
Box 2: From the Scale out (App Service Plan) settings blade, enable autoscale
DRAG DROP
You are developing an Azure web app named WebApp1. WebApp1 uses an Azure App Service plan named Plan1 that uses the B1 pricing tier.
You need to configure WebApp1 to add additional instances of the app when CPU usage exceeds 70 percent for 10 minutes.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Box 1: From the Scale out (App Service Plan) settings blade, change the pricing tier The B1 pricing tier only allows for 1 core. We must choose another pricing tier.
Box 2: From the Scale out (App Service Plan) settings blade, enable autoscale
DRAG DROP
You are developing an Azure web app named WebApp1. WebApp1 uses an Azure App Service plan named Plan1 that uses the B1 pricing tier.
You need to configure WebApp1 to add additional instances of the app when CPU usage exceeds 70 percent for 10 minutes.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Box 1: From the Scale out (App Service Plan) settings blade, change the pricing tier The B1 pricing tier only allows for 1 core. We must choose another pricing tier.
Box 2: From the Scale out (App Service Plan) settings blade, enable autoscale
DRAG DROP
You are developing an Azure web app named WebApp1. WebApp1 uses an Azure App Service plan named Plan1 that uses the B1 pricing tier.
You need to configure WebApp1 to add additional instances of the app when CPU usage exceeds 70 percent for 10 minutes.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Box 1: From the Scale out (App Service Plan) settings blade, change the pricing tier The B1 pricing tier only allows for 1 core. We must choose another pricing tier.
Box 2: From the Scale out (App Service Plan) settings blade, enable autoscale
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Dev, you assign the Logic App Contributor role to the Developers group.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
The Logic App Contributor role lets you manage logic app, but not access to them. It provides access to view, edit, and update a logic app.
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app
You are building a custom Azure function app to connect to Azure Event Grid.
You need to ensure that resources are allocated dynamically to the function app. Billing must be based on the executions of the app.
What should you configure when you create the function app?
- A . the Windows operating system and the Consumption plan hosting plan
- B . the Windows operating system and the App Service plan hosting plan
- C . the Docker container and an App Service plan that uses the B1 pricing tier
- D . the Docker container and an App Service plan that uses the S1 pricing tier
A
Explanation:
Azure Functions runs in two different modes: Consumption plan and Azure App Service plan. The Consumption plan automatically allocates compute power when your code is running. Your app is scaled out when needed to handle load, and scaled down when code is not running.
Incorrect Answers:
B: When you run in an App Service plan, you must manage the scaling of your function app.
References:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-first-azure-function
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the Logic App Operator role to the Developers group.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
The Logic App Operator role only lets you read, enable and disable logic app. With it you can view the logic app and run history, and enable/disable. Cannot edit or update the definition.
You would need the Logic App Contributor role.
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app
HOTSPOT
You have an Azure web app named WebApp1 that runs in an Azure App Service plan named ASP1. ASP1 is based on the D1 pricing tier.
You need to ensure that WebApp1 can be accessed only from computers on your on-premises network. The solution must minimize costs.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Explanation:
Box 1: B1
B1 (Basic) would minimize cost compared P1v2 (premium) and S1 (standard).
Box 2: Cross Origin Resource Sharing (CORS)
Once you set the CORS rules for the service, then a properly authenticated request made against the service from a different domain will be evaluated to determine whether it is allowed according to the rules you have specified.
Note: CORS (Cross Origin Resource Sharing) is an HTTP feature that enables a web application running under one domain to access resources in another domain. In order to reduce the possibility of cross-site scripting attacks, all modern web browsers implement a security restriction known as same-origin policy. This prevents a web page from calling APIs in a different domain. CORS provides a secure way to allow one origin (the origin domain) to call APIs in another origin.
References:
https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
https://docs.microsoft.com/en-us/azure/cdn/cdn-cors
HOTSPOT
You have an Azure web app named WebApp1.
You need to provide developers with a copy of WebApp1 that they can modify without affecting the production WebApp1. When the developers finish testing their changes, you must be able to switch the current line version of WebApp1 to the new version.
Which command should you run prepare the environment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Explanation:
Box 1: New-AzureRmWeAppSlot
The New-AzureRmWebAppSlot cmdlet creates an Azure Web App Slot in a given a resource group that uses the specified App Service plan and data center.
Box 2: -SourceWebApp
References:
https://docs.microsoft.com/en-us/pb
owershell/module/azurerm.websites/new-azurermwebappslot
You have an Azure App Service plan that hosts an Azure App Service named App1.
You configure one production slot and four staging slots for App1.
You need to allocate 10 percent of the traffic to each staging slot and 60 percent of the traffic to the production slot.
What should you add to App1?
- A . slots to the Testing in production blade
- B . a performance test
- C . a WebJob
- D . templates to the Automation script blade
A
Explanation:
Besides swapping, deployment slots offer another killer feature: testing in production. Just like the name suggests, using this, you can actually test in production. This means that you can route a specific percentage of user traffic to one or more of your deployment slots.
References:
https://stackify.com/azure-deployment-slots/
You have an Azure Service Bus.
You need to implement a Service Bus queue that guarantees first-in-first-out (FIFO) delivery of messages.
What should you do?
- A . Set the Lock Duration setting to 10 seconds.
- B . Enable duplicate detection.
- C . Set the Max Size setting of the queue to 5 GB.
- D . Enable partitioning.
- E . Enable sessions.
E
Explanation:
Through the use of messaging sessions you can guarantee ordering of messages, that is first-in-first-out (FIFO) delivery of messages.
References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-busqueues-compared-contrasted
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the DevTest Labs User role to the Developers group.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
DevTest Labs User role only lets you connect, start, restart, and shutdown virtual machines in your Azure DevTest Labs. You would need the Logic App Contributor role.
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app
SIMULATION
This is a lab or performance-based testing (PBT) section.
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective
To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
You need to create a function app named corp7509086n1 that supports sticky sessions. The solution must minimize the Azure-related costs of the App Service plan.
What should you do from the Azure portal?
Explanation:
Step 1:
Select the New button found on the upper left-hand corner of the Azure portal, then select Compute > Function App.
Step 2:
Use the function app settings as listed below.
App name: corp7509086n1
Hosting plan: Azure App Service plan
(need this for the sticky sessions)
Pricing tier of the the App Service plan: Shared compute: Free
Step 3:
Select Create to provision and deploy the function app.
References:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-function-app-portal
SIMULATION
This is a lab or performance-based testing (PBT) section.
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective
To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
You need to create a web app named corp7509086n2 that can be scaled horizontally. The solution must use the lowest possible pricing tier for the App Service plan.
What should you do from the Azure portal?
Explanation:
Step 1: In the Azure Portal, click Create a resource > Web + Mobile > Web App.
Step 2: Use the Webb app settings as listed below. Web App name: corp7509086n2 Hosting plan: Azure App Service plan Pricing tier of the Pricing Tier: Standard Change your hosting plan to Standard, you can’t setup auto-scaling below standard tier.
Step 3: Select Create to provision and deploy the Web app.
References:
https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-web-how-to-create-a-webapp-in-an-ase https://azure.microsoft.com/en-us/pricing/details/app-service/plans/
SIMULATION
This is a lab or performance-based testing (PBT) section.
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective
To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
You need to add a deployment slot named staging to an Azure web app named corplod@lab.LabInstance.Idn4. The solution must meet the following requirements:
When new code is deployed to staging, the code must be swapped automatically to the production slot.
Azure-related costs must be minimized.
What should you do from the Azure portal?
Explanation:
Step 1:
Locate and open the corplod@lab.LabInstance.Idn4 web app.
SIMULATION
This is a lab or performance-based testing (PBT) section.
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective
To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
You need to add a deployment slot named staging to an Azure web app named corplod@lab.LabInstance.Idn4. The solution must meet the following requirements:
When new code is deployed to staging, the code must be swapped automatically to the production slot.
Azure-related costs must be minimized.
What should you do from the Azure portal?
Explanation:
Step 1:
Locate and open the corplod@lab.LabInstance.Idn4 web app.
SIMULATION
This is a lab or performance-based testing (PBT) section.
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective
To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
You need to add a deployment slot named staging to an Azure web app named corplod@lab.LabInstance.Idn4. The solution must meet the following requirements:
When new code is deployed to staging, the code must be swapped automatically to the production slot.
Azure-related costs must be minimized.
What should you do from the Azure portal?
Explanation:
Step 1:
Locate and open the corplod@lab.LabInstance.Idn4 web app.
SIMULATION
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not times separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. NOTE: You will have to answer questions AFTER you complete the labs. Please be sure to manage your time so that you can complete all sections of the exam in the time allotted.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective
To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
Instructions
Performance Based Lab
This type of question asks you to perform tasks in a virtual environment.
The screen for this type of question includes a virtual machine window and a tasks pane.
The window is a remotely connected live environment where you perform tasks on real software and applications.
On the right is a Tasks pane that lists the tasks you need to perform in the lab. Each task can be expanded or collapsed using the “+” or “-” symbols. A checkbox is provided for each task. This is provided for convenience, so you can mark each task as you complete it.
Tasks
Click to expand each objective
-Configure servers
Add the “Print and Document Services” role to server LON-SVR1, installing any required management features and enabling both Print and LPD Services.
+Configure file and share access
When you are finished performing all the tasks, click the ‘Next’ button.
Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background
while you complete the rest of the exam.
Comments
Once the exam completes, the comment period will begin and you will have the opportunity to provide comments to Microsoft about the exam questions. To launch the comment period, click the “Finish” and then “Comment” buttons. To skip the comment period and the exam, click Exit.
You can navigate to a question from the Review screen to provide a comment. Please, see the Review Screen tab in the Review Screen help Menu (which can be accessed from the Review Screen) for details on accessing questions from the Review Screen.
To comment on a question, navigate to that question and click the Give Feedback icon. When you have entered your comment in the comment window, click Submit to close the window. To navigate to the Review screen again, click the Review button. You may navigate through all questions using the Next and Previous buttons. To skip commenting, go to the Review Screen by selecting the Review Screen button in the upper left-hand corner and from the Review Screen, select “Finished”.
Controls Available
For any question, one or more of the following controls might be available.
Keyboard Shortcuts Available
Exam features may be accessed using keyboard shortcuts. The following table describes the keyboard shortcuts that are available during this exam.
Some keyboard shortcuts require that you press two or more keys at the same time.
These keys are separated by a plus sign (+) in the table below.
You need to prevent remote users from publishing via FTP to a function app named FunctionApplod7509087fa. Remote users must be able to publish via FTPS.
What should you do from the Azure portal?
Explanation:
Step 1:
Locate and select the function app FunctionApplod7509087fa.
Step 2:
Select Application Settings > FTP Access, change FTP access to FTPS Only, and click Save.
References:
https://blogs.msdn.microsoft.com/appserviceteam/2018/05/08/web-apps-making-changes-to-ftpdeployments/
SIMULATION
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not times separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. NOTE: You will have to answer questions AFTER you complete the labs. Please be sure to manage your time so that you can complete all sections of the exam in the time allotted.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
Instructions
Performance Based Lab
This type of question asks you to perform tasks in a virtual environment.
The screen for this type of question includes a virtual machine window and a tasks pane.
The window is a remotely connected live environment where you perform tasks on real software and applications.
On the right is a Tasks pane that lists the tasks you need to perform in the lab. Each task can be expanded or collapsed using the “+” or “-” symbols. A checkbox is provided for each task. This is provided for convenience, so you can mark each task as you complete it.
Tasks
Click to expand each objective
-Configure servers Add the “Print and Document Services” role to server LON-SVR1, installing any required management features and enabling both Print and LPD Services.
+Configure file and share access
When you are finished performing all the tasks, click the ‘Next’ button.
Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background while you complete the rest of the exam.
Comments
Once the exam completes, the comment period will begin and you will have the opportunity to provide comments to Microsoft about the exam questions. To launch the comment period, click the “Finish” and then “Comment” buttons. To skip the comment period and the exam, click Exit.
You can navigate to a question from the Review screen to provide a comment. Please, see the Review Screen tab in the Review Screen help Menu (which can be accessed from the Review Screen) for details on accessing questions from the Review Screen.
To comment on a question, navigate to that question and click the Give Feedback icon. When you have entered your comment in the comment window, click Submit to close the window. To navigate to the Review screen again, click the Review button. You may navigate through all questions using the Next and Previous buttons. To skip commenting, go to the Review Screen by selecting the Review Screen button in the upper left-hand corner and from the Review Screen, select “Finished”.
Controls Available
For any question, one or more of the following controls might be available.
Keyboard Shortcuts Available
Exam features may be accessed using keyboard shortcuts. The following table describes the keyboard shortcuts that are available during this exam.
Some keyboard shortcuts require that you press two or more keys at the same time.
These keys are separated by a plus sign (+) in the table below.
You plan to support many connections to your company’s website.
You need to ensure that the Homepage App Service plan automatically uses up to five instances when CPU utilization on the instances exceeds 70 percent for 10 minutes. When CPU utilization decreases, the solution must automatically reduce the number of instances.
What should you do from the Azure portal?
Explanation:
Step 1:
Locate the Homepage App Service plan
Step 2:
Click Add a rule, and enter the appropriate fields, such as below, and the click Add.
Time aggregation: average
Metric Name: Percentage CPU
Operator: Greater than
Threshold 70
Duration: 10 minutes
Operation: Increase count by
Instance count: 4
Step 3:
We must add a scale in rule as well. Click Add a rule, and enter the appropriate fields, such as below, then click Add.
Operator: Less than
Threshold 70
Duration: 10 minutes
Operation: Decrease count by
Instance count: 4
References:
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-autoscale-portal
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/insights-autoscale-best-practices
SIMULATION
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not times separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. NOTE: You will have to answer questions AFTER you complete the labs. Please be sure to manage your time so that you can complete all sections of the exam in the time allotted.
Please, note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start lab by clicking the Next button
Tasks
Click to expand each objective To connect to the Azure portal, type https:/portal.azure.com in the browser address bar.
Instructions
Performance Based Lab
This type of question asks you to perform tasks in a virtual environment.
The screen for this type of question includes a virtual machine window and a tasks pane.
The window is a remotely connected live environment where you perform tasks on real software and applications.
On the right is a Tasks pane that lists the tasks you need to perform in the lab. Each task can be expanded or collapsed using the “+” or “-” symbols. A checkbox is provided for each task. This is provided for convenience, so you can mark each task as you complete it.
Tasks
Click to expand each objective
-Configure servers Add the “Print and Document Services” role to server LON-SVR1, installing any required management features and enabling both Print and LPD Services.
+Configure file and share access When you are finished performing all the tasks, click the ‘Next’ button.
Note that you cannot return to the lab once you click the ‘Next’ button. Scoring occur in the background while you complete the rest of the exam.
Comments
Once the exam completes, the comment period will begin and you will have the opportunity to provide comments to Microsoft about the exam questions. To launch the comment period, click the “Finish” and then “Comment” buttons. To skip the comment period and the exam, click Exit.
You can navigate to a question from the Review screen to provide a comment. Please, see the Review Screen tab in the Review Screen help Menu (which can be accessed from the Review Screen) for details on accessing questions from the Review Screen.
To comment on a question, navigate to that question and click the Give Feedback icon. When you have entered your comment in the comment window, click Submit to close the window. To navigate to the Review screen again, click the Review button. You may navigate through all questions using the Next and Previous buttons. To skip commenting, go to the Review Screen by selecting the Review Screen button in the upper left-hand corner and from the Review Screen, select “Finished”.
Controls Available
For any question, one or more of the following controls might be available.
Keyboard Shortcuts Available
Exam features may be accessed using keyboard shortcuts. The following table describes the keyboard shortcuts that are available during this exam.
Some keyboard shortcuts require that you press two or more keys at the same time. These keys are separated by a plus sign (+) in the table below.
You recently deployed a web app named homepagelog7509087.
You need to back up the code used for the web app and to store the code in the homepagelog7509087 storage account. The solution must ensure that a new backup is created daily.
What should you do from the Azure portal?
Explanation:
Step 1:
Locate and select the web app homepagelod7509087, select Backups. The Backups page is displayed.
Step 2: In the Backup page, Click Configure.
Step 3: In the Backup Configuration page, click Storage: Not configured to configure a storage account.
Step 4: Choose your backup destination by selecting a Storage Account and Container. Select the homepagelod7509087 storage account.
Step 5: In the Backup Configuration page that is still left open, select Scheduled backup On, and configure daily backups.
Step 6:
In the Backup Configuration page, click Save.
Step 7:
In the Backups page, click Backup.
References:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-backup
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure web app named App1. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier. You discover that App1 stops each day after running continuously for 60 minutes. You need to ensure that App1 can run continuously for the entire day. Solution: You change the pricing tier of Plan1 to Basic. Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.
References:
https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure web app named App1. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier. You discover that App1 stops each day after running continuously for 60 minutes. You need to ensure that App1 can run continuously for the entire day. Solution: You add a triggered WebJob to App1. Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
You need to change to Basic pricing Tier.
Note: The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.
References:
https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure web app named App1. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier. You discover that App1 stops each day after running continuously for 60 minutes. You need to ensure that App1 can run continuously for the entire day. Solution: You add a continuous WebJob to App1. Does this meet the goal?
- A . Yes
- B . No
Note: This question is part of a series of questions that present the same scenario. Each questionin the series contains a unique solution that might meet the stated goals. Some question setsmight have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Dev, you assign the Contributor role to the Developers group.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
The Contributor role can manage all resources (and add resources) in a Resource Group.
You have an Azure Logic App named App1. App1 provides a response when an HTTP POST request or an HTTP GET request is received.
During peak periods, App1 is expected to receive up to 200,000 requests in a five-minute period.
You need to ensure that App1 can handle the expected load.
What should you configure?
- A . Access control (IAM)
- B . API connections
- C . Workflow settings
- D . Access keys
C
Explanation:
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-limits-and-config#throughput-limits
DRAG DROP
You have an on-premises network that includes a Microsoft SQL Server instance named SQL1. You create an Azure Logic App named App1. You need to ensure that App1 can query a database on SQL1.
Which three actions should you perform in sequence? To answer, drag the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-gateway-connection
You have a Basic App Service plan named ASP1 that hosts an Azure App Service named App1. You need to configure a custom domain and enable backups for App1.
What should you do first?
- A . Configure a WebJob for App1.
- B . Scale up ASP1.
- C . Scale out ASP1.
- D . Configure the application settings for App1.
You have an Azure App Service plan named AdatumASP1 that hosts several Azure web apps. You discover that the web apps respond slowly. You need to provide additional memory and CPU resources to each instance of the web app.
What should you do?
- A . Scale out AdatumASP1.
- B . Add continuous WebJobs that use the multi-instance scale.
- C . Scale up AdatumASP1.
- D . Add a virtual machine scale set.
C
Explanation:
References:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/app-service/web-sites-scale.md
HOTSPOT
You have an Azure web app named App1 that has two deployment slots named Production and Staging.
Each slot has the unique settings shown in the following table.
You perform a slot swap.
What are the configurations of the Production slot after the swap? To answer, select the appropriate options in the answer area.
NOTE: Each correction is worth one point. Hot Area:
Explanation:
Swapping the slots means the destination slot website URL will run source slot code with destination slot settings.
You have an Azure subscription named Subscription1.
In Subscription1, you create an Azure web app named WebApp1. WebApp1 will access an external service that requires certificate authentication. You plan to require the use of HTTPS to access WebApp1. You need to upload certificates to WebApp1.
In which formats should you upload the certificate? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
Explanation:
A PFX file contains the public key file (SSL Certificate) and its unique private key file. This is required for HTTPS access. The web app will distribute the public key (in a CER file) to clients that connect to the web app. The CER file is an SSL Certificate which has the public key of the external service.
The external service will have the private key associated with the public key contained in the CER file.
You have an Azure web app named App1 that streams video content to users. App1 is located in the East US Azure region.
Users in North America stream the video content without any interruption.
Users in Asia and Europe report that the video buffer often and do not play back smoothly. You need to recommend a solution to improve video streaming to the European and Asian users.
What should you recommend?
- A . Scale out the App Service plan.
- B . Scale up the App Service plan.
- C . Configure an Azure Content Delivery Network (CDN) endpoint.
- D . Configure Azure File Sync.
Testlet 2
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The Montreal office has 2,000 employees. The Seattle office has 1,000 employees. The New York office has 200 employees.
All the resources used by Contoso are hosted on-premises.
Contoso creates a new Azure subscription. The Azure Active Directory (Azure AD) tenant uses a domain named contoso.onmicrosoft.com. The tenant uses the P1 pricing tier.
Existing Environment
The network contains an Active Directory forest named contoso.com. All domain controllers are configured as DNS servers and host the contoso.com DNS zone.
Contoso has finance, human resources, sales, research, and information technology departments. Each department has an organizational unit (OU) that contains all the accounts of that respective department. All the user accounts have the department attribute set to their respective department. New users are added frequently.
Contoso.com contains a user named User1.
All the offices connect by using private links.
Contoso has data centers in the Montreal and Seattle offices. Each data center has a firewall that can be configured as a VPN device.
All infrastructure servers are virtualized.
The virtualization environment contains the servers in the following table.
Contoso uses two web applications named App1 and App2. Each instance on each web application requires 1GB of memory.
The Azure subscription contains the resources in the following table.
The network security team implements several network security groups (NSGs).
Planned Changes
Contoso plans to implement the following changes:
– Deploy Azure ExpressRoute to the Montreal office.
– Migrate the virtual machines hosted on Server1 and Server2 to Azure.
– Synchronize on-premises Active Directory to Azure Active Directory (Azure AD).
– Migrate App1 and App2 to two Azure web apps named WebApp1 and WebApp2.
Technical requirements
Contoso must meet the following technical requirements:
– Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instances.
– Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.
– Ensure that routing information is exchanged automatically between Azure and the routers in the Montreal office.
– Ensure Azure Multi-Factor Authentication (MFA) for the users in the finance department only.
– Ensure that webapp2.azurewebsites.net can be accessed by using the name app2.contoso.com
– Connect the New York office to VNet1 over the Internet by using an encrypted connection.
– Create a workflow to send an email message when the settings of VM4 are modified.
– Create a custom Azure role named Role1 that is based on the Reader role.
– Minimize costs whenever possible.
You need to meet the technical requirement for VM4.
What should you create and configure?
- A . an Azure Notification Hub
- B . an Azure Event Hub
- C . an Azure Logic App
- D . an Azure Service Bus
B
Explanation:
Scenario: Create a workflow to send an email message when the settings of VM4 are modified.
You can start an automated logic app workflow when specific events happen in Azure resources or third-party resources. These resources can publish those events to an Azure event grid. In turn, the event grid pushes those events to subscribers that have queues, webhooks, or event hubs as endpoints. As a subscriber, your logic app can wait for those events from the event grid before running automated workflows to perform tasks – without you writing any code.
References:
https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event-grid-logic-app
Testlet 3
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studied might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changed before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. Note that the information displayed on the All information tab is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
ADatum Corporation is a financial company that has two main offices in New York and Los Angeles. ADatum has a subsidiary named Fabrikam, Inc. that shares the Los Angeles office.
ADatum is conducting an initial deployment of Azure services to host new line-of-business applications and is preparing to migrate its existing on-premises workloads to Azure.
ADatum uses Microsoft Exchange Online for email.
Existing Environment
On-Premises Environment
The on-premises workloads run on virtual machines hosted in a VMware vSphere 6 infrastructure. All the virtual machines are members of an Active Directory forest named adatum.com and run Windows Server 2016.
The New York office uses an IP address space of 10.0.0.0/16. The Los Angeles office uses an IP address space of 10.10.0.0/16.
The offices connect by using a VPN provided by an ISP. Each office has one Azure ExpressRoute circuit that provides access to Azure services and Microsoft Online Services. Routing is implemented by using Microsoft peering.
The New York office has a virtual machine named VM1 that has the vSphere console installed.
Azure Environment
You provision the Azure infrastructure by using the Azure portal.
The infrastructure contains the resources shown in the following table.
AG1 has two backend pools named Pool11 and Pool12. AG2 has two backend pools named Pool21 and Pool22.
Requirements
Planned Changes
ADatum plans to migrate the virtual machines from the New York office to the East US Azure region by using Azure Site Recovery.
Infrastructure Requirements
ADatum identifies the following infrastructure requirements:
– A new web app named App1 that will access third-parties for credit card processing must be deployed.
– A newly developed API must be implemented as an Azure function named App2. App2 will use a blob storage trigger. App2 must process new blobs immediately.
– The Azure infrastructure and the on-premises infrastructure must be prepared for the migration of the VMware virtual machines to Azure.
– The sizes of the Azure virtual machines that will be used to migrate the on-premises workloads must be identified.
– All migrated and newly deployed Azure virtual machines must be joined to the adatum.com domain.
– AG1 must load balance incoming traffic in the following manner:
– http://corporate.adatum.com/video/* will be load balanced across Pool11.
– http://corporate.adatum.com/images/* will be load balanced across Pool12.
– AG2 must load balance incoming traffic in the following manner:
– http://www.adatum.com will be load balanced across Pool21.
– http://fabrikam.com will be load balanced across Pool22.
– ER1 must route traffic between the New York office and platform as a service (PaaS) services in the East US Azure region, as long as ER1 is available.
– ER1 must route traffic between the Los Angeles office and the PaaS services in the West US region, as long as ER2 is available.
– ER1 and ER2 must be configured to fail over automatically.
Application Requirements
App2 must be available to connect directly to the private IP addresses of the Azure virtual machines. App2 will be deployed directly to an Azure virtual network.
Inbound and outbound communications to App1 must be controlled by using NSGs.
Pricing Requirements
ADatum identifies the following pricing requirements:
– The cost of App1 and App2 must be minimized
– The transactional charges of Azure Storage accounts must be minimized
You need to recommend an environment for the deployment of App1.
What should you recommend?
- A . a new App Service plan that uses the P3v2 pricing tier
- B . ASE1 and an App Service plan that uses the I1 pricing tier
- C . ASE1 and an App Service plan that uses the I3 pricing tier
- D . a new App Service plan that uses the S1 pricing tier
B
Explanation:
References:
https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-app-service-environmentcontrol-inbound-traffic
HOTSPOT
You need to implement App2 to meet the application requirements.
What should you include in the implementation? To answer, select the appropriate options in the answer
area. NOTE: Each correct selection is worth one point.
Explanation:
– A newly developed API must be implemented as an Azure function named App2. App2 will use a blob
storage trigger. App2 must process new blobs immediately. This requires “Always On”.
– The cost of App1 and App2 must be minimized The Standard pricing tier is the cheapest tier that supports Always On.