Designing Microsoft Azure Infrastructure Solutions Questions and Answers
What should you include in the identity management strategy to support the planned changes?
To meet the authentication requirements of Fabrikam, what should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution to meet the database retention requirement. What should you recommend?
You are evaluating the components of the migration to Azure that require you to provision an Azure Storage account.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You need to recommend a notification solution for the IT Support distribution group.
What should you include in the recommendation?
You need to recommend a strategy for migrating the database content of WebApp1 to Azure. What should you include in the recommendation?
You need to recommend a strategy for the web tier of WebApp1. The solution must minimize What should you recommend?
You design a solution for the web tier of WebApp1 as shown in the exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
You need to recommend a data storage strategy for WebApp1.
What should you include in in the recommendation?
You plan to migrate App1 to Azure.
You need to estimate the compute costs for App1 in Azure. The solution must meet the security and compliance requirements.
What should you use to estimate the costs, and what should you implement to minimize the costs? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to migrate App1 to Azure. The solution must meet the authentication and authorization requirements.
Which type of endpoint should App1 use to obtain an access token?
You plan to migrate DB1 and DB2 to Azure.
You need to ensure that the Azure database and the service tier meet the resiliency and business requirements.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to migrate App1 to Azure.
You need to recommend a network connectivity solution for the Azure Storage account that will host the App1 data. The solution must meet the security and compliance requirements.
What should you include in the recommendation?
After you migrate App1 to Azure, you need to enforce the data modification requirements to meet the security and compliance requirements.
What should you do?
You migrate App1 to Azure. You need to ensure that the data storage for App1 meets the security and compliance requirement
What should you do?
You plan to migrate App1 to Azure.
You need to recommend a high-availability solution for App1. The solution must meet the resiliency requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to ensure that users managing the production environment are registered for Azure MFA and must authenticate by using Azure MFA when they sign in to the Azure portal. The solution must meet the authentication and authorization requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to migrate App1 to Azure.
You need to recommend a storage solution for App1 that meets the security and compliance requirements.
Which type of storage should you recommend, and how should you recommend configuring the storage? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
How should the migrated databases DB1 and DB2 be implemented in Azure?
You need to implement the Azure RBAC role assignments for the Network Contributor role. The solution must meet the authentication and authorization requirements.
What is the minimum number of assignments that you must use?
You need to configure an Azure policy to ensure that the Azure SQL databases have TDE enabled. The solution must meet the security and compliance requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to recommend an Azure Storage Account configuration for two applications named Application1 and Applications. The configuration must meet the following requirements:
• Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.
• Storage for Application2 must provide the lowest possible storage costs per GB.
• Storage for both applications must be optimized for uploads and downloads.
• Storage for both applications must be available in an event of datacenter failure.
What should you recommend ? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point
You are designing a virtual machine that will run Microsoft SQL Server and contain two data disks. The first data disk will store log files, and the second data disk will store data. Both disks are P40 managed disks.
You need to recommend a host caching method for each disk. The method must provide the best overall performance for the virtual machine while preserving the integrity of the SQL data and logs.
Which host caching method should you recommend for each disk? To answer, drag the appropriate methods to the correct disks. Each method may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You have a Microsoft Entra tenant named contoso.com that contains multiple enterprise apps.
Your company has a business partner that has a Microsoft Entra tenant named fabrikam.com.
You need to recommend an identity governance solution that will provide users in fabrikam.com with access to the enterprise apps in contoso.com. The solution must meet the following requirements:
• Ensure that administrators in fabrikam.com can provide the fabrikam.com users with access to the contoso.com enterprise apps.
• Automatically provision identities for the fabrikam.com users to enable access to the contoso.com enterprise apps.
• Provide policy-based management of access assignments, approvals, and expirations.
• Minimize administrative effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct collection is worth one point.
You ate designing an Azure governance solution.
All Azure resources must be easily identifiable based on the following operational information environment, owner, department and cost center
You need 10 ensure that you can use the operational information when you generate reports for the Azure resources.
What should you include in the solution?
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group ' . Group i is configured Tor assigned membership. Group I has 50 members. including 20 guest users.
You need To recommend a solution for evaluating the member ship of Group1. The solution must meet the following requirements:
• The evaluation must be repeated automatically every three months
• Every member must be able to report whether they need to be in Group1
• Users who report that they do not need to be in Group 1 must be removed from Group1 automatically
• Users who do not report whether they need to be m Group1 must be removed from Group1 automatically.
What should you include in me recommendation?
You are designing a data storage solution to support reporting.
The solution will ingest high volumes of data in the JSON format by using Azure Event Hubs. As the data arrives, Event Hubs will write the data to storage. The solution must meet the following requirements:
• Organize data in directories by date and time.
• Allow stored data to be queried directly, transformed into summarized tables, and then stored in a data warehouse.
• Ensure that the data warehouse can store 50 TB of relational data and support between 200 and 300 concurrent read operations.
Which service should you recommend for each type of data store? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription.
You need to recommend an Azure Kubernetes service (AKS) solution that will use Linux nodes. The solution must meet the following requirements:
• Minimize the time it takes to provision compute resources during scale-out operations.
• Support autoscaling of Linux containers.
• Minimize administrative effort.
Which scaling option should you recommend?
You have an on-premises line-of-business (LOB) application that uses a Microsoft SQL Server instance as the backend.
You plan to migrate the on-premises SQL Server instance to Azure virtual machines.
You need to recommend a highly available SQL Server deployment that meets the following requirements:
• Minimizes costs
• Minimizes failover time if a single server fails
What should you include in the recommendation?
You plan to deploy 10 applications to Azure. The applications will be deployed to two Azure Kubernetes Service (AKS) clusters. Each cluster will be deployed to a separate Azure region.
The application deployment must meet the following requirements:
• Ensure that the applications remain available if a single AKS cluster fails.
• Ensure that the connection traffic over the internet is encrypted by using SSL without having to configure SSL on each container.
Which service should you include in the recommendation?
You have two on-premises Microsoft SQL Server 2017 instances that host an Always On availability group named AG1. AG1 contains a single database named DB1.
You have an Azure subscription that contains a virtual machine named VM1VM1 runs Linux and contains a SQL Server 2019 instance.
You need to migrate DB1 to VMI. The solution must minimize downtime on DBI. What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains a Basic Azure virtual WAN named Virtual/WAN1 and the virtual hubs shown in the following table.
You have an ExpressRoute circuit in the US East region.
You need to create an ExpressRoute association to VirtualWAN1.
What should you do first?
You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server 2016 and Linux.
You need to use Azure Log Analytics design an alerting strategy for security-related events.
Which Log Analytics tables should you query? To answer, drag the appropriate tables to the correct log types. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service.
Contoso establishes a partnership with another company named Fabrikam. IncL
Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.
I Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso.
You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:
• Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.
• The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.
• The solution must NOT require changes to the logic apps.
• The solution must NOT use Azure AD guest accounts.
What should you include in the solution?
You plan to deploy an Azure BareMetal Infrastructure instance that will host the data tier of a business-critical workload. The application tier of the workload will be hosted on Azure virtual machines.
You need to configure the virtual machines to minimize network latency between the application tier and the data tier.
What should you use?
A company has an existing web application that runs on virtual machines (VMs) in Azure.
You need to ensure that the application is protected from SQL injection attempts and uses a layer-7 load balancer. The solution must minimize disruption to the code for the existing web application.
What should you recommend? To answer, drag the appropriate values to the correct items. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements;
• Support rate limiting.
• Balance requests between all instances.
• Ensure that users can access the app in the event of a regional outage.
Solution: You use Azure Traffic Manager to provide access to the app.
Does this meet the goal?
Your company identifies the following business continuity and disaster recovery objectives for virtual machines that host sales, finance, and reporting application in the company ' s on-premises data center.
•The finance application requires that data be retained for seven years. In the event of a disaster, the application must be able to run from Azure. The recovery in objective (RTO) is 10 minutes,
• The reporting application must be able to recover point in-time data al a daily granularity. The RTO is eight hours.
•The sales application must be able to fail over to second on-premises data center.
You need to recommend which Azure services meet the business community and disaster recovery objectives. The solution must minimize costs.
What should you recommend for each application? To answer, drag the appropriate services to the correct application. Each service may be used owe. More than once not at an You may need to drag the spin bar between panes or scroll 10 view content.
Your company, named Contoso, Ltd, implements several Azure logic apps that have HTTP triggers: The logic apps provide access to an on-premises web service.
Contoso establishes a partnership with another company named Fabrikam, Inc.
Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.
Developers at Fabrikam plan to use a subset of the logics apps to build applications that will integrate with the on-premises web service of Contoso.
You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:
Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.
The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.
The solution must NOT require changes to the logic apps.
The solution must NOT use Azure AD guest accounts.
What should you include in the solution?
TION NO: 277 HOTSPOT
You have an Azure Load Balancer named LB1 that balances requests to five Azure virtual machines.
You need to develop a monitoring solution for LB1. The solution must generate an alert when any of the following conditions are met:
A virtual machine is unavailable.
Connection attempts exceed 50,000 per minute.
Which signal should you include in the solution for each condition? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
O: 241 HOTSPOT
Your on-premises network contains a file server named Server1 that stores 500 GB of data.
You need to use Azure Data Factory to copy the data from Server1 to Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription. The subscription contains an app that is hosted in the East US, Central Europe, and East Asia regions.
You need to recommend a data-tier solution for the app. The solution must meet the following requirements:
Support multiple consistency levels.
Be able to store at least 1 TB of data.
Be able to perform read and write operations in the Azure region that is local to the app instance.
What should you include in the recommendation?
A company is planning on deploying an application onto Azure. The application will be based on the .Net core programming language. The application would be hosted using Azure Web apps. Below is part of the various requirements for the application
Give the ability to correlate Azure resource usage and the performance data with the actual application configuration and performance data
Give the ability to visualize the relationships between application components
Give the ability to track requests and exceptions to specific lines of code from within the application Give the ability to actually analyse how uses return to an application and see how often they only select a particular drop-down value
Which of the following service would be best suited for fulfilling the requirement of
“Give the ability to correlate Azure resource usage and the performance data with the actual application configuration and performance data”
A company has an on-premises file server cbflserver that runs Windows Server 2019. Windows Admin Center manages this server. The company owns an Azure subscription. You need to provide an Azure solution to prevent data loss if the file server fails.
Solution: You decide to register Windows Admin Center in Azure and then configure Azure Backup.
Would this meet the requirement?
A company has an on-premises file server cbflserver that runs Windows Server 2019. Windows Admin Center manages this server. The company owns an Azure subscription. You need to provide an Azure solution to prevent data loss if the file server fails.
Solution: You decide to create an Azure Recovery Services vault. You then decide to install the Azure Backup agent and then schedule the backup. Would this meet the requirement?
You need to recommend a solution that meets the data requirements for App1.
What should you recommend deploying to each availability zone that contains an instance of App1?
What should you recommend to meet the monitoring requirements for App2?
What should you implement to meet the identity requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You need to recommend an App Service architecture that meets the requirements for Appl. The solution must minimize costs.
What should few recommend?
You are evaluating whether to use Azure Traffic Manager and Azure Application Gateway to meet the connection requirements for App1.
What is the minimum numbers of instances required for each service? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution to ensure that App1 can access the third-party credentials and access strings. The solution must meet the security requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What should you recommend lo meet the monitoring requirements for App2?
