Exam Code: 70-535 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Architecting Microsoft Azure Solutions
Certification Provider: Microsoft
Free Today! Guaranteed Training- Pass 70-535 Exam.
NEW QUESTION 1
You are the administrator for a company named Contoso, Ltd.
Contoso also has an Azure subscription and uses many on-premises Active Directory products as roles in Windows Server including the following:
Contoso must use the directory management services available in Azure Active Directory.
You need to provide information to Contoso on the similarities and differences between Azure Active Directory and the Windows Server Active Directory family of services.
Which feature does Azure Active Directory and on-premises Active Directory both support?
- A. Using the GraphAPI to query the directory
- B. Issuing user certificates
- C. Supporting single sign-on (SSO)
- D. Querying the directory with LDAP
Answer: C
Explanation:
AD FS supports Web single-sign-on (SSO) technologies, and so does Azure Active Directory.
If you want single sign on we usually suggest using ADFS if you’re a Windows shop. Going forward though, Azure Active Directory is another alternative you can use.
References:
https://samlman.wordpress.com/2015/03/02/using-azure-active-directory-for-single-sign-on-with-yammer/
NEW QUESTION 2
You administer an Azure subscription for your company. You plan to deploy a virtual machine (VM) to Azure.
The VM environment must provide 99.95% uptime. A single switch outage must not cause the VM environment to be unavailable. The VM must not be offline due to installation of an update that requires a reboot.
You need to configure the environment.
Solution: Create an availability set and deploy two VMs. Place the VMs in the same fault domain. Does the solution meet the goal?
- A. Yes
- B. No
Answer: B
NEW QUESTION 3
You are designing a live streaming event by using Azure Media Services. The delivery of the video will use HTTP Live Streaming (HLS) to an azure Content Delivery Network (CDN) streaming endpoint.
Viewers of the content may not be a trusted party and you require the highest level of security. You must secure the media delivery by using dynamic encryption.
Solution: Use Azure Storage Service Encryption to encrypt all assets with an encryption key and authorization policy. Configure the asset’s delivery policy to deliver by using Advanced Encryption Standard (AES).
Does the solution meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
You can use Azure Media Services to secure your media from the time it leaves your computer through storage, processing, and delivery. With Media Services, you can deliver your live and on-demand content encrypted dynamically with Advanced Encryption Standard (AES-128) or any of the three major digital rights management (DRM) systems: Microsoft PlayReady, Google Widevine, and Apple FairPlay.
References:
https://docs.microsoft.com/en-us/azure/media-services/previous/media-services-content-protection-overview
NEW QUESTION 4
Your development team has created a new solution that is deployed in a virtual network named fabDevVNet. Your testing team wants to begin testing the solution in a second Azure subscription.
You need to create a virtual network named fabTestVNet that is identical to fabDevVNet. You want to achieve this goal by using the least amount of administrative effort.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
Step 1: In the development subscription, export the network configuration First export network configuration from the development subscription. Step 2:
Rename the configuration file. Step 3:
Import the network configuration.
NEW QUESTION 5
You need implement tools at the client's location for monitoring and deploying Azure resources.
Which tools should you use? To answer, select the appropriate on-premises tool for each task in the answer area.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
* System Center Virtual Machine Manager (SCVMM) enables rapid provisioning of new virtual machines by the administrator and end users using a self-service provisioning tool.
* System Center Operations Manager (SCOM) is a cross-platform data center management system for operating systems and hypervisors. It uses a single interface that shows state, health and performance information of computer systems. It also provides alerts generated according to some availability, performance, configuration or security situation being identified.
The basic idea is to place a piece of software, an agent, on the computer to be monitored. The agent watches several sources on that computer, including the Windows Event Log, for specific events or alerts generated by the applications executing on the monitored computer.
* Scenario:
Leverage familiarity with Microsoft server management tools. Manage hosted resources by using on-premises tools.
Mitigate the need to purchase additional tools for monitoring and debugging.
Use advanced monitoring features and reports of workloads in Azure by using existing Microsoft tools.
References:
http://en.wikipedia.org/wiki/System_Center_Operations_Manager
NEW QUESTION 6
You need to implement the loan aggregation process for the WGBLoanMaster app. Which technology should you use?
- A. Azure virtual machine
- B. Azure Cloud Service worker role
- C. Azure Batch
- D. Azure WebJob
Answer: C
NEW QUESTION 7
You are implementing Azure Role-Based Access Control (RBAC).
You need to create two new administrator accounts. The accounts must meet the following requirements:
• Admin1 must be able to manage only the storage accounts that are used by virtual machines (VMs) and other resources.
• Admin2 must be able to manage and delete resources in the Recovery Services vault.
Which role should you assign to each account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
Box 1: Storage Account Contributor
A Storage Account Contributor can manage storage accounts, but not access to them.
NEW QUESTION 8
You need to select Azure components to meet site performance and availability requirements for the Tailspin Toys e-commerce site.
Which components should you use?
- A. Azure Batch and Azure Load Balancer
- B. Virtual Machine Scale Set and Azure Load Balancer
- C. Azure App Service Environment and Azure Traffic Manager
- D. Azure App Service and Azure Traffic Manager
Answer: C
NEW QUESTION 9
You are planning an application to run on Azure virtual machines (VMs). The VMs will be backed up using Azure Backup.
The application maintains its state in three binary files stored on disk. Changes in application state require that all three files be updated on disk. If only one or two of the files are updated on disk, work is lost and the system is in an inconsistent state.
You need to ensure that when a backup occurs, the application’s data is always in a consistent state. What should you do?
- A. Disable caching for the VMs virtual hard disks.
- B. Use Premium Storage for the VMs virtual hard disks.
- C. Implement the Volume Shadow Copy Service (VSS) API in the application.
- D. Store the application files on an Azure File Service network share.
Answer: C
NEW QUESTION 10
You need to design the application architecture for each region.
What should you recommend? To answer, drag the appropriate technologies or protocols to the correct locations. Each technology or protocol may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 11
You manage an Azure Web Site for a consumer-product company. The website runs in Standard mode on a single medium instance. You expect increased traffic to the website due to an upcoming sale during a holiday weekend.
You need to ensure that the website performs optimally when user activity is at its highest. Which option should you select? To answer, select the appropriate option in the answer area.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 12
You use the Windows PowerShell Desired State Configuration (DSC) feature to configure your company's servers. Line numbers are included for reference only.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 13
You are designing the deployment of virtual machines (VMs) and web services that run in Azure. You need to specify the desired state of a node and ensure that the node remains at that state. What should you use?
- A. Azure Automation DSC
- B. Windows Azure Pack
- C. Service Management Automation
- D. System Center 2021 Orchestrator
Answer: A
Explanation:
Azure Automation DSC is an Azure service that allows you to write, manage, and compile PowerShell Desired State Configuration (DSC) configurations, import DSC Resources, and assign configurations to target nodes, all in the cloud.
References: https://docs.microsoft.com/en-us/azure/automation/automation-dsc-overview
NEW QUESTION 14
You manage an Azure subscription with virtual machines (VMs) that are running in Standard mode. You need to reduce the storage costs associated with the VMs. What should you do?
- A. Locate and remove orphaned disks
- B. Add the VMs to an affinity group.
- C. Change VMs to the Basic tier.
- D. Delete the VHD container
Answer: C
Explanation:
Removing orphaned disks would reduce storage, and the cost of storage.
NEW QUESTION 15
Your company is developing an e-commerce Azure App Service Web App to support hundreds of restaurant locations around the world. You are designing the messaging solution architecture to support the e-commerce transactions and messages.
The e-commerce application has the following features and requirements:
You need to choose the Azure messaging solution to support the Shopping Cart feature. Which Azure service should you use?
- A. Azure Event Hub
- B. Azure Service Bus
- C. Azure Event Grid
- D. Azure Relay
Answer: A
NEW QUESTION 16
You need to recommend a data storage solution that meets the business continuity requirements. Which two features should you recommend? Each correct answer presents part of the solution.
- A. SQL Database Standard
- B. Azure Backup
- C. SQL Database Premium
- D. SQL Database Express
Answer: AB
Explanation:
From scenario: Disaster recovery and business continuity plans must use a single, integrated service that supports the following features:
* All VMs must be backed up to Azure.
* All on-premises data must be backed up off-site and available for recovery in the event of a disaster.
* Disaster testing must be performed to ensure that recovery times meet management guidelines.
* Fail-over testing must not impact production.
NEW QUESTION 17
You are designing a Windows Azure application that will use Windows Azure Table storage. The application will allow teams of users to collaborate on projects. Each user is a member of only one team. You have the
following requirements:
-Ensure that each user can efficiently query records related to his or her team's projects.
-Minimize data access latency.
You need to recommend an approach for partitioning table storage entities. What should you recommend?
- A. Partition by user
- B. Partition by team
- C. Partition by project
- D. Partition by the current date
Answer: B
Explanation:
Partitions represent a collection of entities with the same PartitionKey values. Partitions are always served from one partition server and each partition server can serve one or more partitions. A partition server has a rate limit of the number of entities it can serve from one partition over time.
References:
https://docs.microsoft.com/en-us/rest/api/storageservices/Designing-a-Scalable-Partitioning-Strategy-for-Azure-
NEW QUESTION 18
You need to encrypt a media file.
Which type of encryption should you use?
- A. secure token service
- B. envelope
- C. PlayReady
- D. storage
Answer: C
NEW QUESTION 19
You need to scale the API.
In the Azure portal, which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 20
You manage a hybrid environment for a company. The company plans to manage the environment by using Microsoft System Center 2012 R2.
You need to deploy the correct component to enable management across the environment. Which component should you deploy?
- A. Windows Azure SQL Database Management Pack
- B. System Center Management Pack for Windows Azure Pack
- C. Cross Platform Audit Collection Services Management Pack
- D. System Center Management Pack for Windows Server Cluster
Answer: B
NEW QUESTION 21
You need to ensure that data security requirements are met. What should you do?
- A. Ensure that all applications use Cosmos DB secondary master keys.
- B. Enable Role-Based Access Control (RBAC) for each database.
- C. Use Azure Key Vault HSM for encrypting the results of the analysis.
- D. Generate Cosmos DB resource tokens for each collection.
Answer: C
NEW QUESTION 22
Your company has an on-premises Active Directory Domain Services (AD DS) domain and an established Azure Active Directory (Azure AD) environment
Your company would like users to be automatically signed in when they are on their corporate desktops that
are connected to the corporate network.
You need to enable single sign-on (SSO) for company users.
Solution: Install and configure an Azure AD Connect server to use password hash synchronization and select the 'Enable single sign-on" option.
Does the solution meet the goal?
- A. Yes
- B. No
Answer: A
NEW QUESTION 23
You are designing an Azure Media Services solution. The solution must meet the following requirements: ✑ Allow only authenticated users to play back media.
✑ Ensure that media playback uses dynamic and envelope encryption.
Which three actions should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A. Configure the media encoder to use AES clear key encryption.
- B. Encode source files into single-bitrate MP4 files.
- C. Configure a content key authorization policy.
- D. Configure the media encoder to use DRM encryption.
- E. Configure an asset delivery policy.
- F. Encode source files into adaptive-bitrate MP4 files.
- G. Encrypt the files using AES 256 bit encryption and upload to Azure Storage.
Answer: BCE
Explanation:
References:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/media-services/media-services-protect-withae
NEW QUESTION 24
You are developing the application security review document.
You need to ensure that application data security requirements are met. What should you verify?
- A. Azure SQL connections use an account that does have administrative access.
- B. Connection strings use encryption and not trust server certificates.
- C. Azure SQL connections use Azure Key Vault certificates for TLS.
- D. Connection strings are not stored in application code.
Answer: B
Explanation:
References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-security-tutorial
NEW QUESTION 25
Your company deploys an Azure App Service Web App.
During testing the application fails under load. The application cannot handle more than 100 concurrent user sessions. You enable the Always On feature. You also configure auto-scaling to increase instance counts from two to 10 based on HTTP queue length.
You need to improve the performance of the application. Which solution should you use for each application scenario?
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
Box 1: Azure Content Delivery Network
The benefits of using Azure Content Delivery Network (CDN) to cache Azure data include better performance and user experience for end users who are far from a content source, and are using applications where many 'internet trips' are required to load content.
Box 2: Azure Redis Cache
Azure Redis Cache is based on the popular open-source Redis cache. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores. Performance is improved by temporarily copying frequently accessed data to fast storage located close to the application. With Redis cache, this fast storage is located in-memory with Redis Cache instead of being loaded from disk by a database.
References:
https://docs.microsoft.com/en-us/azure/architecture/best-practices/cdn https://docs.microsoft.com/en-us/azure/redis-cache/cache-overview
NEW QUESTION 26
You administer an Azure Storage account named contosostorage. The account has a blob container to store image files. A user reports being unable to access an image file.
You need to ensure that anonymous users can successfully read image files from the container. Which log entry should you use to verify access?
- A. Option A
- B. Option B
- C. Option C
- D. Option D
Answer: A
Explanation:
Option A includes AnonymousSuccess.
References:
https://blogs.msdn.microsoft.com/windowsazurestorage/2011/08/02/windows-azure-storage-logging-using-logs-
NEW QUESTION 27
You need to allow network traffic to the Trey Research subversion system.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
- A. Mastered
- B. Not Mastered
Answer: A
Explanation:
/ You host multiple subversion (SVN) repositories in the RepoBackend subnet. The SVN servers on this subnet must use inbound and outbound TCP at port 8443.
References:
http://theithollow.com/2021/08/03/azure-network-security-groups/
NEW QUESTION 28
......
P.S. Easily pass 70-535 Exam with 458 Q&As Exambible Dumps & pdf Version, Welcome to Download the Newest Exambible 70-535 Dumps: https://www.dumpsolutions.com/{productsort}-dumps/ (458 New Questions)