It is impossible to pass Microsoft 70 534 architecting microsoft azure solutions exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed Microsoft azure certification 70 534 practice questions. You will get a surprising result by our Refresh Architecting Microsoft Azure Solutions practice guides.
Q1. DRAG DROP - (Topic 6)
You manage a large number of on-premises applications. You plan to migrate the applications to Azure.
You need to implement Azure Storage for each type of data that the applications use.
For each type of data, which storage mechanism should you use? To answer, drag the appropriate storage mechanism to the correct type of data. Each storage mechanism may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q2. DRAG DROP - (Topic 7)
You need to deploy the WGBLoanMaster app by using Azure PowerShell.
Which four Azure PowerShell cmdlets should you run in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q3. - (Topic 6)
A company has a very large dataset that includes sensitive information. The dataset is over 30 TB in size.
You have a standard business-class ISP internet connection that is rated at 100 megabits/second.
You have 10 4-TB hard drives that are approved to work with the Azure Import/Export Service.
You need to migrate the dataset to Azure. The solution must meet the following requirements:
✑ The dataset must be transmitted securely to Azure.
✑ Network bandwidth must not increase.
✑ Hardware costs must be minimized.
What should you do?
A. Prepare the drives with the Azure Import/Export tool and then create the import job. Ship the drives to Microsoft via a supported carrier service.
B. Create an export job and then encrypt the data on the drives by using the Advanced Encryption Standard (AES). Create a destination Blob to store the export data.
C. Create an import job and then encrypt the data on the drives by using the Advanced Encryption Standard (AES). Create a destination Blob to store the import data.
D. Prepare the drives by using Sysprep.exe and then create the import job. Ship the drives to Microsoft via a supported carrier service.
Answer: A
Explanation: You can use the Microsoft Azure Import/Export service to transfer large amounts of file data to Azure Blob storage in situations where uploading over the network is prohibitively expensive or not feasible.
Reference: Use the Microsoft Azure Import/Export Service to Transfer Data to Blob Storage http://azure.microsoft.com/en-gb/documentation/articles/storage-import-export-service/
Q4. - (Topic 4)
You need to configure the deployment of the storage analysis application. What should you do?
A. Create a new Mobile Service.
B. Configure the deployment from source control.
C. Add a new deployment slot.
D. Turn on continuous integration.
Answer: B
Explanation:
Scenario: Data analysis results:
The solution must provide a web service that allows applications to access the results of analyses.
Q5. DRAG DROP - (Topic 6)
You are developing an ASP.NET Web API that you will host by using the Open Web Interface for .NET (OWIN) libraries. The API is used by an ASP.NET MVC Web App that is hosted in Azure.
You need to secure the API by using Azure Active Directory (Azure AD) B2C.
In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q6. - (Topic 6)
You have several virtual machines (VMs) that run in Azure. You also have a single System Center 2012 R2 Configuration Manager (SCCM) primary site on-premises.
You have the following requirements:
✑ All VMs must run on the same virtual network.
✑ Network traffic must be minimized between the on-premises datacenter and Azure.
✑ The solution minimize complexity.
You need to use SCCM to collect inventory and deploy software to Azure VMs. What should you do first?
A. Configure client push for the Azure virtual network.
B. Enable and configure Operations Insights in Azure.
C. Install a cloud distribution point on an Azure VM.
D. Install a secondary site underneath the primary site onto an Azure VM.
Answer: C
Explanation: Cloud-based distribution Point, a Configuration Manager Site System Role in the Cloud
Much of the Configuration Manager topology is made up of distribution points, they are very helpful in many situations where bandwidth and geographical separation are the facts of life, but also hard to manage if you have hundreds or even thousands of them.
This feature started with the vision that it makes perfect sense to have big distribution points in the Windows Azure cloud where one should not worry about things like (but not limited to) size, performance, reliability, security, access from all around the world, hardware/software update issues etc.
Note: Content management in System Center 2012 Configuration Manager provides the tools for you to manage content files for applications, packages, software updates, and operating system deployment. Configuration Manager uses distribution points to store files that are required for software to run on client computers. These distribution points function as distribution centers for the content files and let users download and run the software. Clients must have access to at least one distribution point from which they can download the files.
Reference: New Distribution Points in Configuration Manager SP1 http://blogs.technet.com/b/configmgrteam/archive/2013/01/31/new-distribution-points-in-configuration-manager-sp1.aspx
Q7. - (Topic 6)
A company has 10 on-premises SQL databases. The company plans to move the databases to SQL Server 2012 that runs in Azure Infrastructure-as-a-Service (IaaS). After migration, the databases will support a limited number of Azure websites in the same Azure Virtual Network.
You have the following requirements:
✑ You must restore copies of existing on-premises SQL databases to the SQL servers that run in Azure IaaS.
✑ You must be able to manage the SQL databases remotely.
✑ You must not open a direct connection from all of the machines on the on- premises network to Azure.
✑ Connections to the databases must originate from only five Windows computers.
You need to configure remote connectivity to the databases. Which technology solution should you implement?
A. Azure Virtual Network site-to-site VPN
B. Azure Virtual Network multi-point VPN
C. Azure Virtual Network point-to-site VPN
D. Azure ExpressRoute
Answer: C
Explanation: A point-to-site VPN would meet the requirements.
Reference: Configure a Point-to-Site VPN connection to an Azure Virtual Network https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-point-to-site-create/
Q8. - (Topic 5)
You need to design the authentication solution for the NorthRide app. Which solution should you use?
A. Azure Active Directory Basic with multi-factor authentication for the cloud and on- premises users.
B. Active Directory Domain Services with mutual authentication
C. Azure Active Directory Premium and add multi-factor authentication the for cloud users
D. Active Directory Domain Services with multi-factor authentication
Answer: C
Explanation: * Scenario: The NorthRide app must use an additional level of authentication other than the employee's password.
* Azure Multi-Factor Authentication is the multi-factor authentication service that requires users to also verify sign-ins using a mobile app, phone call or text message. It is available to use with Azure Active Directory, to secure on-premise resources with the Azure Multi- Factor Authentication Server, and with custom applications and directories using the SDK.
Reference: What is Azure Multi-Factor Authentication? https://azure.microsoft.com/en-us/documentation/articles/multi-factor-authentication/
Reference: Azure Active Directory Pricing http://azure.microsoft.com/en-gb/pricing/details/active-directory/
Q9. You need to implement the security requirements. What should you implement?
A. the GraphAPI to query the directory
B. LDAP to query the directory
C. single sign-on
D. user certificates
Answer: C
Q10. DRAG DROP - (Topic 6)
You are the Azure architect for an organization. You are working with C-level management to assign Azure role-based access control roles to a team within the organization. A single director oversees two teams, a development team and a test team. The director is wholly responsible for the organization's Azure account, including billing, infrastructure, and access control. The director is the only member of the team with the ability to alter access controls.
You have the following requirements:
✑ Members of the development team must be able to view or alter Azure infrastructure to support application development.
✑ Members of the test team must be able to view Azure infrastructure to support test
cases.
You need to assign built-in Azure role-based access control roles to team members within the organization.
Which role should you assign to each team member? To answer, drag the appropriate role to the correct team member. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q11. - (Topic 4)
You need to upload video to the company's Azure environment. What should you do?
A. Create a site-to-site VPN connection.
B. Write directly to the storage REST APIs.
C. Create an ExpressRoute connection.
D. Use the Azure Import/Export service to move the data.
Answer: B
Q12. DRAG DROP - (Topic 6)
You have a website that displays text, pictures, video files, and audio files. The website processes requests from countries and regions all over the world. You plan to migrate the website to the Azure platform.
The website has the following requirements:
✑ Encode, store, and stream audio and video at scale.
✑ Load-balance communications with the website instance that is closest to the user's location.
✑ Deliver content with high-bandwidth and low latency.
You need to recommend the technologies to implement the solution.
Which technologies should you recommend? To answer, drag the appropriate technology to the correct requirement. Each technology may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Explanation:
* MediaServices
Azure Media Services is being used to power consumer and enterprise streaming solutions worldwide. Combining powerful and highly scalable cloud-based encoding, encryption and steaming components, Azure Media Services is helping customers with valuable and premium video content to easily reach larger audiences on today’s most popular digital devices, such as tablets and mobile phones.
Q13. DRAG DROP - (Topic 8)
You need to scale the API.
In the Azure portal, which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q14. - (Topic 6)
You are designing the deployment of virtual machines (VMs) and web services that run in Azure.
You need to specify the desired state of a node and ensure that the node remains at that state.
What should you use?
A. Microsoft Azure Pack
B. Service Management Automation
C. System Center 2021 Orchestrator
D. Azure Automation
Answer: A
Q15. - (Topic 6)
You are evaluating an Azure application. The application includes the following elements:
✑ A web role that provides the ASP.NET user interface and business logic
✑ A single SQL database that contains all application data
Each webpage must receive data from the business logic layer before returning results to the client. Traffic has increased significantly. The business logic is causing high CPU usage.
You need to recommend an approach for scaling the application. What should you recommend?
A. Store the business logic results in Azure Table storage.
B. Vertically partition the SQL database.
C. Move the business logic to a worker role.
D. Store the business logic results in Azure local storage.
Answer: C
Explanation: For Cloud Services in Azure applications need both web and worker roles to
scale well.
Reference: Application Patterns and Development Strategies for SQL Server in Azure Virtual Machines
https://msdn.microsoft.com/en-us/library/azure/dn574746.aspx
Topic 7, Woodgrove Bank
Overview
Woodgrove Bank has 20 regional offices and operates 1,500 branch office locations. Each regional office hosts the servers, infrastructure, and applications that support that region. Woodgrove Bank plans to move all of Their on-premises resources to Azure, including virtual machine (VM)-based, line-of-business workloads, and SQL databases. You are the owner of the Azure subscription that Woodgrove Bank is using. Your team is using Git repositories hosted on GitHub for source control.
Security
Currently, Woodgrove Bank's Computer Security Incident Response Team (CSIRT) has a problem investigating security issues due to the lack of security intelligence integrated with their current incident response tools. This lack of integration introduces a problem during the detection (too many false positives), assessment, and diagnose stages. You decide to use Azure Security Center to help address this problem.
Woodgrove Bank has several apps with regulated data such as Personally Identifiable Information (PU) that require a higher level of security. All apps are currently secured by using an on-premises Active Directory Domain Services (AD DS). The company depends on following mission-critical apps: WGBLoanMaster, WGBLeaseLeader, and WGBCreditCruncher apps. You plan to move each of these apps to Azure as part of an app migration project.
Apps
The WGBLoanMaster app has been audited for transaction loss. Many transactions have been lost in processing and monetary write-offs have cost the bank. The app runs on two VMs that include several public end points.
The WGBteaseLeader app has been audited for several data breaches. The app includes a SQL Server database and a web-based portal. The portal uses an ASP.NET Web API function to generate a monthly aggregate report from the database.
The WGBCreditCruncher app runs on a VM and is load balanced at the network level. The app includes several stateless components and must accommodate scaling of increased credit processing. The app runs on a nightly basis to process credit transactions that are batched during the day. The app includes a web-based portal where customers can check their credit information. A mobile version of the app allows users to upload check images.
Business Requirements: WGBLoanMasterApp
The app audit revealed a need for zero transaction loss. The business is losing money due to the app losing and not processing loan information. In addition, transactions fail to process after running for a long time. The business has requested the aggregation processing to be scheduled for 01:00 to prevent system slowdown.
WGBLeaseLeader App
The app should be secured to stop data breaches. It the data is breached, it must not be readable. The app is continuing to see increased volume and the business does not want the issues presented in the WGBLoanMaster app. Transaction loss is unacceptable, and although the lease monetary amounts are smaller than loans, they are still an important profit center for Woodgrove Bank. The business would also like the monthly report to be automatically generated on the first of the month. Currently, a user must log in to the portal and click a button to generate the report.
WGBCreditCruncher app
The web-based portal area of the app must allow users to sign in with their Facebook credentials. The bank would like to allow this feature to enable more users to check their credit within the app.
Woodgrove Bank needs to develop a new financial risk modeling feature that they can include in the WGBCreditCruncher app. The financial risk modeling feature has not been developed due to costs associated with processing, transforming, and analyzing the large volumes of data that are collected. You need to find a way to implement parallel processing to ensure that the features runs efficiently, reliably, and quickly. The feature must scale based on computing demand to process the large volumes of data and output several financial risk models.
Technical Requirements: WGBLoanMaster App
The app uses several compute-intensive tasks that create long-running requests to the system. The app is critical to the business and must be scalable to increased loan processing demands. The VMs that run the app include a Windows Task Scheduler task that aggregates loan information from the app to send to a third party. This task runs a console app on the VM.
The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:
*Allow messages to reside in the queue for up to a month
*Be able to publish and consume batches of messages
*Allow full integration with the Windows Communication Foundation (WCF) communication stack
*Provide a role-based access model to the queues, including different permissions for senders and receivers
You develop an Azure Resource Manager (ARM) template to deploy the VMs used to support the app. The template must be deployed to a new resource group and you must validate your deployment settings before creating actual resources.
WGBLeaseLeader App
The app must use Azure SQL Databases as a replacement to the current Microsoft SQL Server environment. The monthly report must be automatically generated.
The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:
*Require server-side logs of all of the transactions run against your queues
*Track progress of a message within the queue
*Process the messages within 7 days
*Provide a differing timeout value per message
WGBCreditCruncher app
The app must
*Secure inbound and outbound traffic
*Analyze inbound network traffic for vulnerabilities.
*Use an instance-level public IP and allow web traffic on port 443 only.
*Upgrade the portal to a Single Page Application (SPA) that uses JavaScript Azure Active Directory (Azure AD), and the OAuth 2.0 implicit authorization grant to secure the Web API back end.
*Cache authentication and host the Web API back end using the Open Web Interface for
.NET (OWIN) middleware.
*Immediately compress check images received from the mobile web app.
*Schedule processing of the batched credit transactions on a nightly basis.
*Provide parallel processing and scalable computing resources to output financial risk models.
*Use simultaneous compute nodes to enable high performance computing and updating of the financial risk models.
Key Security Areas