Microsoft 70-533 ExamImplementing Microsoft Azure Infrastructure Solutions

Total Question: 253 Last Updated: Jul 16,2018
  • Updated 70-533 Dumps
  • Based on Real 70-533 Exams Scenarios
  • Free 70-533 pdf Demo Available
  • Check out our 70-533 Dumps in a new PDF format
  • Instant 70-533 download
  • Guarantee 70-533 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial

The Secret of microsoft azure certification 70 533

Exam Code: 70 533 dumps (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Microsoft Azure Infrastructure Solutions
Certification Provider: Microsoft
Free Today! Guaranteed Training- Pass azure exam 70 533 Exam.

Q1. Your company plans to migrate from On-Premises Exchange to Exchange Online in Office 

365. 

You plan to integrate your existing Active Directory Domain Services (AD DS) infrastructure with Azure AD. 

You need to ensure that users can log in by using their existing AD DS accounts and passwords. You need to achieve this goal by using minimal additional systems. 

Which two actions should you perform? Each answer presents part of the solution. 

A. Configure Password Sync. 

B. Set up a DirSync Server. 

C. Set up an Active Directory Federation Services Server. 

D. Set up an Active Directory Federation Services Proxy Server. 

Answer: A,B 

Explanation: Directory Sync with Password Sync Scenario' Applies To: Azure, Office 365, Windows Intune 

Password sync is an extension to the Directory Sync Scenario. With directory sync, you can manage the entire lifecycle of your cloud user and group accounts using your on-premise Active Directory management tools. 

When password sync is enabled on your directory sync computer, your users will be able to sign into Microsoft cloud services, such as Office 365, Dynamics CRM, and Windows InTune, using the same password as they use when logging into your on-premises network. When your users change their passwords in your corporate network, those changes are synchronized to the cloud. 

Reference: Directory Sync with Password Sync Scenario' 

URL: http://technet.microsoft.com/en-us/library/dn441214.aspx 


Q2. You administer an Azure Storage account with a blob container. You enable Storage account logging for read, write and delete requests. 

You need to reduce the costs associated with storing the logs. 

What should you do? 

A. Execute Delete Blob requests over https. 

B. Create an export job for your container. 

C. Set up a retention policy. 

D. Execute Delete Blob requests over http. 

Answer:

Explanation: To ease the management of your logs, we have provided the functionality of retention policy which will automatically cleanup ‘old’ logs without you being charged for the cleanup. It is recommended that you set a retention policy for logs such that your analytics data will be within the 20TB limit allowed for analytics data (logs and metrics combined). 

Reference: Windows Azure Storage Logging: Using Logs to Track Storage Requests, How do I cleanup my logs? 

URL: http://blogs.msdn.com/b/windowsazurestorage/archive/2011/08/03/windows-azure-storage-logging-using-logs-to-track-storage-requests.aspx 


Q3. DRAG DROP 

You administer an Azure Virtual Machine (VM) named CON-CL1. CON-CL1 is in a cloud service named ContosoService1. 

You discover unauthorized traffic to CON-CL1. You need to: 

. Create a rule to limit access to CON-CL1. 

. Ensure that the new rule has the highest precedence. 

Which Azure Power Shell cmdlets and values should you use? To answer, drag the appropriate cmdlet or value to the correct location in the Power Shell command. Each cmdlet or value may be used once, more than once, or not at all. You may need to drag the split bat between panes or scroll to view content. 

Answer: 


Q4. You administer an Azure Web Site named contoso. You create a job named Cleanlogs.cmd that will be executed manually, twice a week. 

You need to deploy the job. 

To which folder location should you deploy CleanLogs.cmd? 

A. ./App_Code/jobs/triggered/cleanLogs/CleanLogs.cmd 

B. ./App_Data/jobs/triggered/clean Logs/CleanLogs.cmd 

C. ./App_Code/jobs/continuous/cleanLogs/CleanLogs.cmd 

D. ./App_Data/jobs/continuous/cleanLogs/CleanLogs.cmd 

Answer:

Explanation: A WebJob is stored under the following directory in your site: 

site\\wwwroot\\App_Data\\jobs\\{job type}\\{job name} 

Where {job type} can be either continuous for a job that is always running or triggered for a job that starts from an external trigger (on demand / scheduler). 

Reference: How to deploy Azure WebJobs 

URL: http://blog.amitapple.com/post/74215124623/deploy-azure-webjobs/#.VDZam_mSx8E 


Q5. You administer a Microsoft Azure SQL Database data base in the US Central region named contosodb. Contosodb runs on a Standard tier within the S1 performance level. 

You have multiple business-critical applications that use contosodb. 

You need to ensure that you can bring contosodb back online in the event of a natural disaster in the US Central region. You want to achieve this goal with the least amount of downtime. 

Which two actions should you perform? Each correct answer presents part of the solution. 

A. Upgrade to S2 performance level. 

B. Use active geo-replication. 

C. Use automated Export. 

D. Upgrade to Premium tier. 

E. Use point in time restore. 

F. Downgrade to Basic tier. 

Answer: B,D 

Explanation: B: The Active Geo-Replication feature implements a mechanism to provide database redundancy within the same Microsoft Azure region or in different regions (geo-redundancy). One of the primary benefits of Active Geo-Replication is that it provides a database-level disaster recovery solution. Using Active Geo-Replication, you can configure a user database in the Premium service tier to replicate transactions to databases on different Microsoft Azure SQL Database servers within the same or different regions. Cross-region redundancy enables applications to recover from a permanent loss of a datacenter caused by natural disasters, catastrophic human errors, or malicious acts. 

D: Active Geo-Replication is available for databases in the Premium service tier only. 

Reference: Active Geo-Replication for Azure SQL Database 

http://msdn.microsoft.com/en-us/library/azure/dn741339.aspx 


Q6. You administer a solution deployed to a virtual machine (VM) in Azure. The VM hosts a web service that is used by several applications. You are located in the US West region and have a worldwide user base. 

Developers in Asia report that they experience significant delays when they execute the services. 

You need to verify application performance from different locations. 

Which type of monitoring should you configure? 

A. Disk Read 

B. Endpoint 

C. Network Out 

D. CPU 

E. Average Response Time 

Answer:

Explanation: 

Example: 

Incorrect: 

Not B: Health Endpoint Monitoring Pattern is used for checking the health of the program: 

Implement functional checks within an application that external tools can access through 

exposed endpoints at regular intervals. This pattern can help to verify that applications and 

services are performing correctly. 

Reference: How to Monitor and Analyze Performance of the Windows Azure Storage 

Service 


Q7. You publish an application named MyApp to Azure Active Directory (Azure AD). You grant access to the web APIs through OAuth 2.0. 

MyApp is generating numerous user consent prompts. 

You need to reduce the amount of user consent prompts. 

What should you do? 

A. Enable Multi-resource refresh tokens. 

B. Enable WS-federation access tokens. 

C. Configure the Open Web Interface for .NET. 

D. Configure SAML 2.0. 

Answer:

Explanation: When using the Authorization Code Grant Flow, you can configure the client to call multiple resources. Typically, this would require a call to the authorization endpoint for each target service. To avoid multiple calls and multiple user consent prompts, and reduce the number of refresh tokens the client needs to cache, Azure Active Directory (Azure AD) has implemented multi-resource refresh tokens. This feature allows you to use a single refresh token to request access tokens for multiple resources. 

Reference:Azure, OAuth 2.0, Refresh Tokens for Multiple Resources 


Q8. You manage a web application published to Azure Cloud Services. 

Your service level agreement (SLA) requires that you are notified in the event of poor performance from customer locations in the US, Asia, and Europe. 

You need to configure the Azure Management Portal to notify you when the SLA performance targets are not met. 

What should you do? 

A. Create an alert rule to monitor web endpoints. 

B. Create a Notification Hub alert with response time metrics. 

C. Add an endpoint monitor and alert rule to the Notification Hub. 

D. Configure the performance counter on the cloud service. 

Answer:

Explanation: * An alert rule enables you to monitor an available metric within a supported Azure service. When the value of a specified metric violates the threshold assigned for a rule, the alert rule becomes active and registers an alert. When you create an alert rule, you can select options to send an email notification to the service administrator and co-administrators, or another administrator, when the rule becomes active, and when an alert condition is resolved. 

* You can configure cloud service alert rules on: 

Web endpoint status metrics Monitoring metrics from the cloud service host operating system Performance counters collected from the cloud service guest virtual machine 

: Understanding Monitoring Alerts and Notifications in Azure 

URL: http://msdn.microsoft.com/en-us/library/azure/dn306639.aspx 


Q9. Your company has recently signed up for Azure. 

You plan to register a Data Protection Manager (DPM) server with the Azure Backup service. 

You need to recommend a method for registering the DPM server with the Azure Backup vault. 

What are two possible ways to achieve this goal? Each correct answer presents a complete solution. 

A. Import a self-signed certificate created using the makecert tool. 

B. Import a self-signed certificate created using the createcert tool. 

C. Import an X.509 v3 certificate with valid clientauthentication EKU. 

D. Import an X.509 v3 certificate with valid serverauthentication EKU. 

Answer: A,C 

Explanation: A: You can create a self-signed certificate using the makecert tool, or use any valid SSL certificate issued by a Certification Authority (CA) trusted by Microsoft, whose root certificates are distributed via the Microsoft Root Certificate Program. 

C: The certificate must have a valid ClientAuthentication EKU. 

Reference: Prerequisites for Azure Backup 

URL: http://technet.microsoft.com/en-us/library/dn296608.aspx 


Q10. You manage a cloud service on two instances. The service name is Service1 and the role name is ServiceRole1. 

Service1 has performance issues during heavy traffic periods. 

You need to increase the existing deployment of Service1 to three instances. 

Which Power Shell cmdlet should you use? 

A. PS C:\\>Set-AzureService -ServiceName "Service1” -Label "ServiceRole1' -Description "Instance count=3" 

B. PS C:\\>Set-AzureRole -ServiceName "Service1" -Slot "Production” -RoleName "ServiceRole1" -Count 3 

C. PS C:\\>Add-AzureWebRole -Name 'ServiceRole1" -Instances 3 

D. PS C:\\> $instancecount = New-Object Hashtable$settings['INSTANCECOUNT=3] PS C:\\> Set-AzureWebsite -AppSettings $instancecount ServiceRole1 

Answer:

Explanation: The Set-AzureRole cmdlet sets the number of instances of a specified role to run in an Azure deployment 

Example This command sets the "MyTestRole3" role running in production on the "MySvc1" service to three instances. 

Windows PowerShell C:\\PS>Set-AzureRole –ServiceName "MySvc1" –Slot "Production" –RoleName 

"MyTestRole3" –Count 3 Reference: Set-AzureRole 


Related 70-533 Articles