Topic 4, Misc. Questions
A company is developing a solution that allows smart refrigerators to send temperature
information to a central location. You have an existing Service Bus.
The solution must receive and store messages until they can be processed. You create an
Azure Service Bus instance by providing a name, pricing tier, subscription, resource group,
and location.
You need to complete the configuration.
Which Azure CLI or PowerShell command should you run?
A.
Option A
B.
Option B
C.
Option C
D.
Option D
Option B
A service bus instance has already been created (Step 2 below). Next is step 3, Create a
Service Bus queue.
Note:
Steps:
Step 1: # Create a resource group
resourceGroupName="myResourceGroup"
az group create -name $resourceGroupName -location eastus
Step 2: # Create a Service Bus messaging namespace with a unique name
namespaceName=myNameSpace$RANDOM
az servicebus namespace create -resource-group $resourceGroupName -name
$namespaceName -location eastus
Step 3: # Create a Service Bus queue
az servicebus queue create -resource-group $resourceGroupName -namespace-name
$namespaceName -name BasicQueue
Step 4: # Get the connection string for the namespace
connectionString=$(az servicebus namespace authorization-rule keys list -resource-group
$resourceGroupName -namespace-name $namespaceName -name
RootManageSharedAccessKey -query primaryConnectionString -output tsv)
References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-quickstart-cli
You are developing an Azure Cosmos DB solution by using the Azure Cosmos DB SQL
API. The data includes millions of documents. Each document may contain hundreds of
properties.
The properties of the documents do not contain distinct values for partitioning. Azure
Cosmos DB must scale individual containers in the database to meet the performance
needs of the application by spreading the workload evenly across all partitions over time.
You need to select a partition key.
Which two partition keys can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.
a concatenation of multiple property values with a random suffix appended
B.
a single property value that does not appear frequently in the documents
C.
a hash suffix appended to a property value
D.
a value containing the collection name
E.
a single property value that appears frequently in the documents
a concatenation of multiple property values with a random suffix appended
a hash suffix appended to a property value
You can form a partition key by concatenating multiple property values into a single artificial
partitionKey property. These keys are referred to as synthetic keys.
Another possible strategy to distribute the workload more evenly is to append a random
number at the end of the partition key value. When you distribute items in this way, you can
perform parallel write operations across partitions.
Note: It's the best practice to have a partition key with many distinct values, such as
hundreds or thousands. The goal is to distribute your data and workload evenly across the
items associated with these partition key values. If such a property doesn’t exist in your
data, you can construct a synthetic partition key.
References:
https://docs.microsoft.com/en-us/azure/cosmos-db/synthetic-partition-keys
Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure
Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Run the Invoke-RestMethod cmdlet to make a request to the local managed
identity for Azure resources endpoint.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
Get an access token using the VM's system-assigned managed identity and use it to call
Azure Resource Manager
You will need to use PowerShell in this portion.
In the portal, navigate to Virtual Machines and go to your Windows virtual machine
and in the Overview, click Connect.
Enter in your Username and Password for which you added when you created the
Windows VM.
Now that you have created a Remote Desktop Connection with the virtual
machine, open PowerShell in the remote session.
Using the Invoke-WebRequest cmdlet, make a request to the local managed
identity for Azure resources endpoint to get an access token for Azure Resource
Manager.
Example:
$response = Invoke-WebRequest -Uri
'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-
01&resource=https://management.azure.com/' -Method GET -Headers @{Metadata="true"}
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure- resources/tutorial-windows-vm-access-arm
Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure
Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Use an X.509 certificate to authenticate the VM with Azure Resource Manager.
Does the solution meet the goal?
A.
Yes
B.
No
No
Instead run the Invoke-RestMethod cmdlet to make a request to the local managed identity
for Azure resources endpoint.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-
You are developing a medical records document management website. The website is
used to store scanned copies of patient intake forms. If the stored intake forms are
downloaded from storage by a third party, the content of the forms must not be
compromised.
You need to store the intake forms according to the requirements.
Solution: Store the intake forms as Azure Key Vault secrets.
Does the solution meet the goal?
A.
Yes
B.
No
No
You are developing an ASP.NET Core Web API web service. The web service uses Azure
Application Insights for all telemetry and dependency tracking. The web service reads and
writes data to a database other than Microsoft SQL Server.
You need to ensure that dependency tracking works for calls to the third-party database.
Which two Dependency Telemetry properties should you store in the database? Each
correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.
Telemetry.Context.Operation.Id
B.
Tetemetry.Context.Cloud.Rolelnstance
C.
Telemetry.Id
D.
Telemetry.ContextSession.Id
E.
Telemetry.Name
Telemetry.Context.Operation.Id
Telemetry.Id
Explanation:
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/custom-operations-tracking
Example:
public async Task Enqueue(string payload)
{
// StartOperation is a helper method that initializes the telemetry item
// and allows correlation of this operation with its parent and children.
var operation = telemetryClient.StartOperation<DependencyTelemetry>("enqueue " +
queueName);
operation.Telemetry.Type = "Azure Service Bus";
operation.Telemetry.Data = "Enqueue " + queueName;
var message = new BrokeredMessage(payload);
// Service Bus queue allows the property bag to pass along with the message.
// We will use them to pass our correlation identifiers (and other context)
// to the consumer.
message.Properties.Add("ParentId", operation.Telemetry.Id);
message.Properties.Add("RootId", operation.Telemetry.Context.Operation.Id);
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/custom-operations-tracking
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result,
these questions will not appear in the review screen.
Margie's Travel is an international travel and bookings management service. The companyis expanding into restaurant bookings. You are tasked with implementing Azure Search tor
the restaurants listed in their solution.
You create the index in Azure Search.
You need to import the restaurant data into the Azure Search service by using the Azure
Search NET SDK.
Solution:
1. Create a SearchServiceClient object to connect to the search index.
2. Create a DataContainer that contains the documents which must be added.
3. Create a DataSource instance and set its Container property to the DataContainer.
4. Set the DataSource property of the SearchServiceCIient
Does the solution meet the goal?
A.
Yes
B.
No
No
Explanation:
Use the following method:
1.Create a SearchIndexClient object to connect to the search index
2.Create an IndexBatch that contains the documents which must be added.
3.Call the Documents.Index method of the SearchIndexClient and pass the IndexBatch.
References:
https://docs.microsoft.com/en-us/azure/search/search-howto-dotnet-sdk
You are developing an ASP.NET Core website that can be used to manage photographs
which are stored in Azure Blob Storage containers.
Users of the website authenticate by using their Azure Active Directory (Azure AD)
credentials.
You implement role-based access control (RBAC) role permission on the containers that
store photographs. You assign users to RBAC role.
You need to configure the website’s Azure AD Application so that user’s permissions can
be used with the Azure Blob containers.
How should you configure the application? To answer, drag the appropriate setting to the
correct location. Each setting may be used once, more than once, or not at all. You may
need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You plan to deploy a web app to App Service on Linux. You create an App Service plan.
You create and push a custom Docker image that image that contains the web app to
Azure Container Registry.
You need to access the console logs generated from inside the container in real-time.
How should you complete the Azure CLI command? To answer, select the appropriate
options in the answer area.
NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution.
After you answer a question in this question, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by
using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin,
normal, and reader. A user’s Azure AD group membership must be used to determine the
permission level. You need to configure authorization.
Solution:
•Create a new Azure AD application’s manifest, set value of the groupMembershipClaims
option to All.
•In the website, use the value of the groups claim from the JWI for the user to determine
permissions.
Does the solution meet the goal?
A.
Yes
B.
No
Yes
To configure Manifest to include Group Claims in Auth Token
1. Go to Azure Active Directory to configure the Manifest. Click on Azure Active Directory,
and go to App registrations to find your application:
2. Click on your application (or search for it if you have a lot of apps) and edit the Manifest
by clicking on it.
3. Locate the “groupMembershipClaims” setting. Set its value to either “SecurityGroup” or
“All”. To help you decide which
Page 5 out of 28 Pages |
Previous |