Topic 1: Windows Server 2016 virtual machine
Case study
This is a case study. Case studies are not timed separately. You can use as much
exam time as you would like to complete each case. However, there may be additional
case studies and sections on this exam. You must manage your time to ensure that you
are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information
that is provided in the case study. Case studies might contain exhibits and other resources
that provide more information about the scenario that is described in the case study. Each
question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review
your answers and to make changes before you move to the next section of the exam. After
you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the
left pane to explore the content of the case study before you answer the questions. Clicking
these buttons displays information such as business requirements, existing environment,
and problem statements. If the case study has an All Information tab, note that the
information displayed is identical to the information displayed on the subsequent tabs.
When you are ready to answer a question, click the Question button to return to the
question.
Current environment
Windows Server 2016 virtual machine
The virtual machine (VM) runs BizTalk Server 2016. The VM runs the following workflows:
Ocean Transport – This workflow gathers and validates container information
including container contents and arrival notices at various shipping ports.
Inland Transport – This workflow gathers and validates trucking information
including fuel usage, number of stops, and routes.
The VM supports the following REST API calls:
Container API – This API provides container information including weight,
contents, and other attributes.
Location API – This API provides location information regarding shipping ports of
call and tracking stops.
Shipping REST API – This API provides shipping information for use and display
on the shipping website.
Shipping Data
The application uses MongoDB JSON document storage database for all container and
transport information.
Shipping Web Site
The site displays shipping container tracking information and container contents. The site is
located at http://shipping.wideworldimporters.com/
Proposed solution
The on-premises shipping application must be moved to Azure. The VM has been migrated
to a new Standard_D16s_v3 Azure VM by using Azure Site Recovery and must remain
running in Azure to complete the BizTalk component migrations. You create a
Standard_D16s_v3 Azure VM to host BizTalk Server. The Azure architecture diagram for
the proposed solution is shown below:
Requirements
Shipping Logic app
The Shipping Logic app must meet the following requirements:
Support the ocean transport and inland transport workflows by using a Logic App.
Support industry-standard protocol X12 message format for various messages
including vessel content details and arrival notices.
Secure resources to the corporate VNet and use dedicated storage resources with
a fixed costing model.
Maintain on-premises connectivity to support legacy applications and final BizTalk
migrations.
Shipping Function app
Implement secure function endpoints by using app-level security and include Azure Active
Directory (Azure AD).
REST APIs
The REST API’s that support the solution must meet the following requirements:
Secure resources to the corporate VNet.
Allow deployment to a testing location within Azure while not incurring additional
costs.
Automatically scale to double capacity during peak shipping times while not
causing application downtime.
Minimize costs when selecting an Azure payment model.
Shipping data
Data migration from on-premises to Azure must minimize costs and downtime.
Shipping website
Use Azure Content Delivery Network (CDN) and ensure maximum performance for
dynamic content while minimizing latency and costs.
Issues
Windows Server 2016 VM
The VM shows high network latency, jitter, and high CPU utilization. The VM is critical and
has not been backed up in the past. The VM must enable a quick restore from a 7-day
snapshot to include in-place restore of disks in case of failure.
Shipping website and REST APIs
The following error message displays while you are testing the website:
Failed to load http://test-shippingapi.wideworldimporters.com/: No 'Access-Control-Allow-
Origin' header is present on the requested resource. Origin
'http://test.wideworldimporters.com/' is therefore not allowed access.
You need to correct the VM issues.
Which tools should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Backup and Restore: Azure Backup
Scenario: The VM is critical and has not been backed up in the past. The VM must enable
a quick restore from a 7-day snapshot to include in-place restore of disks in case of failure.
In-Place restore of disks in IaaS VMs is a feature of Azure Backup.
Performance: Accelerated Networking
Scenario: The VM shows high network latency, jitter, and high CPU utilization.
Accelerated networking enables single root I/O virtualization (SR-IOV) to a VM, greatly
improving its networking performance. This high-performance path bypasses the host from
the datapath, reducing latency, jitter, and CPU utilization, for use with the most demanding
network workloads on supported VM types.
References:
https://azure.microsoft.com/en-us/blog/an-easy-way-to-bring-back-your-azure-vm-with-inplace-
restore/
You need to configure Azure CDN for the Shipping web site.
Which configuration options should you use? To answer, select the appropriate options in
the answer area.
NOTE: Each correct selection is worth one point.
Scenario: Shipping website
Use Azure Content Delivery Network (CDN) and ensure maximum performance for
dynamic content while minimizing latency and costs.
Tier: Standard
Profile: Akamai
Optimization: Dynamic site acceleration
Dynamic site acceleration (DSA) is available for Azure CDN Standard from Akamai, Azure
CDN Standard from Verizon, and Azure CDN Premium from Verizon profiles.
DSA includes various techniques that benefit the latency and performance of dynamic
content. Techniques include route and network optimization, TCP optimization, and more.
You can use this optimization to accelerate a web app that includes numerous responses
that aren't cacheable. Examples are search results, checkout transactions, or real-time
data. You can continue to use core Azure CDN caching capabilities for static data.
You need to support the message processing for the ocean transport workflow.
Which four actions should you perform in sequence? To answer, move the appropriate
actions from the list of actions to the answer area and arrange them in the correct order.
Step 1: Create an integration account in the Azure portal
You can define custom metadata for artifacts in integration accounts and get that metadata
during runtime for your logic app to use. For example, you can provide metadata for
artifacts, such as partners, agreements, schemas, and maps - all store metadata using
key-value pairs.
Step 2: Link the Logic App to the integration account
A logic app that's linked to the integration account and artifact metadata you want to use.
Step 3: Add partners, schemas, certificates, maps, and agreements
Step 4: Create a custom connector for the Logic App.
References:
https://docs.microsoft.com/bs-latn-ba/azure/logic-apps/logic-apps-enterprise-integrationmetadata
You need to configure Azure App Service to support the REST API requirements.
Which values should you use? To answer, select the appropriate options in the answer
area.
NOTE: Each correct selection is worth one point.
Plan: Standard
Standard support auto-scaling
Instance Count: 10
Max instances for standard is 10.
Scenario:
The REST API’s that support the solution must meet the following requirements:
Allow deployment to a testing location within Azure while not incurring additional
costs.
Automatically scale to double capacity during peak shipping times while not
causing application downtime.
Minimize costs when selecting an Azure payment model.
You need to update the APIs to resolve the testing error.
How should you complete the Azure CLI command? To answer, select the appropriate
options in the answer area.
NOTE: Each correct selection is worth one point.
Enable Cross-Origin Resource Sharing (CORS) on your Azure App Service Web App.
Enter the full URL of the site you want to allow to access your WEB API or * to allow all
domains.
Box 1: cors
Box 2: add
Box 3: allowed-origins
Box 4: http://testwideworldimporters.com/
References:
http://donovanbrown.com/post/How-to-clear-No-Access-Control-Allow-Origin-header-errorwith-
Azure-App-Service
You need to migrate on-premises shipping data to Azure.
What should you use?
A.
Azure Migrate
B.
Azure Cosmos DB Data Migration tool (dt.exe)
C.
AzCopy
D.
Azure Database Migration service
Azure Database Migration service
Migrate from on-premises or cloud implementations of MongoDB to Azure Cosmos DB with
minimal downtime by using Azure Database Migration Service. Perform resilient migrations
of MongoDB data at scale and with high reliability.
Scenario: Data migration from on-premises to Azure must minimize costs and downtime.
The application uses MongoDB JSON document storage database for all container and
transport information.
References:
https://azure.microsoft.com/en-us/updates/mongodb-to-azure-cosmos-db-online-andoffline-
migrations-are-now-available/
You need to secure the Shipping Function app.
How should you configure the app? To answer, select the appropriate options in the
answer area.
NOTE: Each correct selection is worth one point.
Scenario: Shipping Function app: Implement secure function endpoints by using app-level
security and include Azure Active Directory (Azure AD).
Box 1: Function
Box 2: JSON based Token (JWT)
Azure AD uses JSON based tokens (JWTs) that contain claims
Box 3: HTTP
How a web app delegates sign-in to Azure AD and obtains a token
User authentication happens via the browser. The OpenID protocol uses standard HTTP
protocol messages.
References:
https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios
You need to resolve the Shipping web site error.
How should you configre the Azure Table Storage service? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Box 2: http://test-shippingapi.wideworldimporters.com
Syntax: Access-Control-Allow-Origin: *
Access-Control-Allow-Origin: <origin>
Access-Control-Allow-Origin: null
<origin> Specifies an origin. Only a single origin can be specified.
Box 3: AllowedOrigins
Box 4: POST
The only allowed methods are GET, HEAD, and POST. In this case POST is used.
"<Corsrule>" "allowedmethods" Failed to load no "Access-control-Origin" header is present
References:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
You need to support the requirements for the Shipping Logic App.
What should you use?
A.
Azure Active Directory Application Proxy
C.
Site-to-Site (S2S) VPN connection
You need to secure the Shipping Logic App.
What should you use?
A.
Azure App Service Environment (ASE)
B.
Azure AD B2B integration
C.
Integration Service Environment (ISE)
D.
VNet service endpoint
Integration Service Environment (ISE)
Explanation:
Scenario: The Shipping Logic App requires secure resources to the corporate VNet and
use dedicated storage resources with a fixed costing model.
You can access to Azure Virtual Network resources from Azure Logic Apps by using
integration service environments (ISEs).
Sometimes, your logic apps and integration accounts need access to secured resources,
such as virtual machines (VMs) and other systems or services, that are inside an Azure
virtual network. To set up this access, you can create an integration service environment
(ISE) where you can run your logic apps and create your integration accounts.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/connect-virtual-network-vnet-isolatedenvironment-
overview