070-535試験無料問題集「Microsoft Architecting Microsoft Azure Solutions 認定」
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Use Azure Scheduler to run the image processing application every hour.
Does the solution meet the goal?
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Use Azure Scheduler to run the image processing application every hour.
Does the solution meet the goal?
正解:A
解答を投票する
You are the administrator for a company that has an Azure Premium Storage account.
You receive a .vhdx file from the development team. You plan to create one unique Azure virtual machine (VM) from the file. You plan to run the VM as a domain controller.
You need to upload the .vhdx file to Azure.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You receive a .vhdx file from the development team. You plan to create one unique Azure virtual machine (VM) from the file. You plan to run the VM as a domain controller.
You need to upload the .vhdx file to Azure.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation
The company receives over 1,000 emails each day through the general alias [email protected]. The emails originate from all over the world, and include complaints and sales inquires. Many emails relate to random topics.
The company must be able to automatically categorize emails based upon the company location geographically closest to the sender.
You need to recommend a solution.
Which two options should you recommend? Each correct answer presents a complete solution.
Each correct selection presents a complete solution.
The company must be able to automatically categorize emails based upon the company location geographically closest to the sender.
You need to recommend a solution.
Which two options should you recommend? Each correct answer presents a complete solution.
Each correct selection presents a complete solution.
正解:A,C
解答を投票する
You are designing an Azure solution.
The network traffic for the solution must be securely distributed by providing the following features:
* HTTPS protocol
* Round robin routing
* SSL offloading
You need to recommend a load balancing option.
What should you recommend?
The network traffic for the solution must be securely distributed by providing the following features:
* HTTPS protocol
* Round robin routing
* SSL offloading
You need to recommend a load balancing option.
What should you recommend?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You plan to move several apps that handle critical line-of-business (LOB) services to Azure.
Appropriate personnel must be notified if any critical resources become degraded or unavailable.
You need to design a monitoring and notification strategy that can handle up to 100 notifications per hour.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices in correct. you will receive credit for any of the correct orders you select.
Appropriate personnel must be notified if any critical resources become degraded or unavailable.
You need to design a monitoring and notification strategy that can handle up to 100 notifications per hour.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices in correct. you will receive credit for any of the correct orders you select.
正解:
Explanation
Box 1: Create a resource group containing the critical resources
In Azure, you logically group related resources such as storage accounts, virtual networks, and virtual machines (VMs) to deploy, manage, and maintain them as a single entity.
Box 2: Create an action group for alerts to email addresses
An action group is a collection of notification preferences defined by the user. Azure Monitor and Service Health alerts are configured to use a specific action group when the alert is triggered. Various alerts may use the same action group or different action groups depending on the user's requirements.
Box 3: Create an activity log alert for service health
Create an alert on a service health notification for a new action group.
References:
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-action-groups
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-activity-log-alerts-on-service-not
You need to configure the Azure SQL Database failover group.
Which values should you recommend for each setting? To answer, select the appropriate options in the answer area.
Which values should you recommend for each setting? To answer, select the appropriate options in the answer area.
正解:
Explanation
Failure-condition level - OnCriticalServerError
Grace period with data loss = 3
You administer an Azure subscription for your company. You plan to deploy a virtual machine (VM) to Azure.
The VM environment must provide 99.95% uptime. A single switch outage must not cause the VM environment to be unavailable. The VM must not be offline due to installation of an update that requires a reboot.
You need to configure the environment.
Solution: Create an availability set and deploy two VMs in it. Ensure that the VMs are in different update and fault domains.
Does the solution meet the goal?
The VM environment must provide 99.95% uptime. A single switch outage must not cause the VM environment to be unavailable. The VM must not be offline due to installation of an update that requires a reboot.
You need to configure the environment.
Solution: Create an availability set and deploy two VMs in it. Ensure that the VMs are in different update and fault domains.
Does the solution meet the goal?
正解:B
解答を投票する
You deploy resources to Azure by using both the classic portal and Azure Resource Manager.
You need to back up each resource type to Azure.
Which backup methods should you use? To answer, drag the appropriate backup methods to the correct deployment types. Each method may be used once, more than once, or not at all. You may need to drag the split bar between panes of scroll to view content.
NOTE: Each correct selection is worth one point.
You need to back up each resource type to Azure.
Which backup methods should you use? To answer, drag the appropriate backup methods to the correct deployment types. Each method may be used once, more than once, or not at all. You may need to drag the split bar between panes of scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Case Study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next sections of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Background
Overview
Woodgrove Bank has 20 regional offices and operates 1,500 branch office locations. Each regional office hosts the servers, infrastructure, and applications that support that region.
Woodgrove Bank plans to move all of their on-premises resources to Azure, including virtual machine (VM)-based, line-of-business workloads, and SQL databases. You are the owner of the Azure subscription that Woodgrove Bank is using. Your team is using Git repositories hosted on GitHub for source control.
Security
Currently, Woodgrove Bank's Computer Security Incident Response Team (CSIRT) has a problem investigating security issues due to the lack of security intelligence integrated with their current incident response tools. This lack of integration introduces a problem during the detection (too many false positives), assessment, and diagnose stages. You decide to use Azure Security Center to help address this problem.
Woodgrove Bank has several apps with regulates data such as Personally Identifiable Information (PII) that require a higher level of security. All apps are currently secured by using an on-premises Active Directory Domain Services (ADDS). The company depends on following mission-critical apps: WGBLoanMaster, WGBLeaseLeader, and WGBCreditCruncher apps. You plan to move each of these apps to Azure as part of an app migration project.
Apps
The WGBLoanMaster app has been audited for transaction loss. Many transactions have been lost is processing and monetary write-offs have cost the bank. The app runs on two VMs that include several public endpoints.
The WGBLeaseLeader app has been audited for several data breaches. The app includes a SQL Server database and a web-based portal. The portal uses an ASP.NET Web API function to generate a monthly aggregate report from the database.
The WGBCreditCruncher app runs on a VM and is load balanced at the network level. The app includes several stateless components and must accommodate scaling of increased credit processing. The app runs on a nightly basis to process credit transactions that are batched during the day. The app includes a web-based portal where customers can check their credit information. A mobile version of the app allows users to upload check images.
Business Requirements
WGBLoanMaster app
The app audit revealed a need for zero transaction loss. The business is losing money due to the app losing and not processing loan information. In addition, transactions fail to process after running for a long time. The business has requested the aggregation processing to be scheduled for 01:00 to prevent system slowdown.
WGBLeaseLeader app
The app should be secured to stop data breaches. If the data is breached, it must not be readable. The app is continuing to see increased volume and the business does not want the issues presented in the WGBLoanMaster app. Transaction loss is unacceptable, and although the lease monetary amounts are smaller than loans, they are still an important profit center for Woodgrove Bank. The business would also like the monthly report to be automatically generated on the first of the month. Currently, a user must log in to the portal and click a button to generate the report.
WGBCreditCruncher app
The web-based portal area of the app must allow users to sign in with their Facebook credentials. The bank would like to allow this feature to enable more users to check their credit within the app.
Woodgrove Bank needs to develop a new financial risk modeling feature that they can include in the WGBCreditCruncher app. The financial risk modeling feature has not been developed due to costs associated with processing, transforming, and analyzing the large volumes of data that are collected. You need to find a way to implement parallel processing to ensure that the features run efficiently, reliably, and quickly. The feature must scale based on computing demand to process the large volumes of data and output several financial risk models.
Technical Requirements
WGBLoanMaster app
The app uses several compute-intensive tasks that create long-running requests to the system. The app is critical to the business and must be scalable to increased loan processing demands. The VMs that run the app include a Windows Task Scheduler task that aggregates loan information from the app to send to a third party.
This task runs a console app on the VM.
The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:
* Require server-side logs of all of the transactions run against your queues.
* Track progress of a message within the queue.
* Process the messages within 7 days.
* Provide a differing timeout value per message.
WGBCreditCruncher app
The app must:
* Secure inbound and outbound traffic.
* Analyze inbound network traffic for vulnerabilities.
* Use an instance-level public IP and allow web traffic on port 443 only.
* Upgrade the portal to a Single Page Application (SPA) that uses JavaScript, Azure Active Directory (Azure AD), and the OAuth 2.0 implicit authorization grant to secure the Web API back end.
* Cache authentication and host the Web API back end using the Open Web Interface for .NET (OWIN) middleware.
* Immediately compress check images received from the mobile web app.
* Schedule processing of the batched credit transactions on a nightly basis.
* Provide parallel processing and scalable computing resources to output financial risk models.
* Use simultaneous computer nodes to enable high performance computing and updating of the financial risk models.
Key security area
You are evaluating the architecture for the WGBCreditCruncher app.
You need to implement an Azure service to process each portion of the app data.
For each type of app data, what should you implement? To answer, drag the appropriate Azure services to the correct app data types. Each Azure service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next sections of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Background
Overview
Woodgrove Bank has 20 regional offices and operates 1,500 branch office locations. Each regional office hosts the servers, infrastructure, and applications that support that region.
Woodgrove Bank plans to move all of their on-premises resources to Azure, including virtual machine (VM)-based, line-of-business workloads, and SQL databases. You are the owner of the Azure subscription that Woodgrove Bank is using. Your team is using Git repositories hosted on GitHub for source control.
Security
Currently, Woodgrove Bank's Computer Security Incident Response Team (CSIRT) has a problem investigating security issues due to the lack of security intelligence integrated with their current incident response tools. This lack of integration introduces a problem during the detection (too many false positives), assessment, and diagnose stages. You decide to use Azure Security Center to help address this problem.
Woodgrove Bank has several apps with regulates data such as Personally Identifiable Information (PII) that require a higher level of security. All apps are currently secured by using an on-premises Active Directory Domain Services (ADDS). The company depends on following mission-critical apps: WGBLoanMaster, WGBLeaseLeader, and WGBCreditCruncher apps. You plan to move each of these apps to Azure as part of an app migration project.
Apps
The WGBLoanMaster app has been audited for transaction loss. Many transactions have been lost is processing and monetary write-offs have cost the bank. The app runs on two VMs that include several public endpoints.
The WGBLeaseLeader app has been audited for several data breaches. The app includes a SQL Server database and a web-based portal. The portal uses an ASP.NET Web API function to generate a monthly aggregate report from the database.
The WGBCreditCruncher app runs on a VM and is load balanced at the network level. The app includes several stateless components and must accommodate scaling of increased credit processing. The app runs on a nightly basis to process credit transactions that are batched during the day. The app includes a web-based portal where customers can check their credit information. A mobile version of the app allows users to upload check images.
Business Requirements
WGBLoanMaster app
The app audit revealed a need for zero transaction loss. The business is losing money due to the app losing and not processing loan information. In addition, transactions fail to process after running for a long time. The business has requested the aggregation processing to be scheduled for 01:00 to prevent system slowdown.
WGBLeaseLeader app
The app should be secured to stop data breaches. If the data is breached, it must not be readable. The app is continuing to see increased volume and the business does not want the issues presented in the WGBLoanMaster app. Transaction loss is unacceptable, and although the lease monetary amounts are smaller than loans, they are still an important profit center for Woodgrove Bank. The business would also like the monthly report to be automatically generated on the first of the month. Currently, a user must log in to the portal and click a button to generate the report.
WGBCreditCruncher app
The web-based portal area of the app must allow users to sign in with their Facebook credentials. The bank would like to allow this feature to enable more users to check their credit within the app.
Woodgrove Bank needs to develop a new financial risk modeling feature that they can include in the WGBCreditCruncher app. The financial risk modeling feature has not been developed due to costs associated with processing, transforming, and analyzing the large volumes of data that are collected. You need to find a way to implement parallel processing to ensure that the features run efficiently, reliably, and quickly. The feature must scale based on computing demand to process the large volumes of data and output several financial risk models.
Technical Requirements
WGBLoanMaster app
The app uses several compute-intensive tasks that create long-running requests to the system. The app is critical to the business and must be scalable to increased loan processing demands. The VMs that run the app include a Windows Task Scheduler task that aggregates loan information from the app to send to a third party.
This task runs a console app on the VM.
The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:
* Require server-side logs of all of the transactions run against your queues.
* Track progress of a message within the queue.
* Process the messages within 7 days.
* Provide a differing timeout value per message.
WGBCreditCruncher app
The app must:
* Secure inbound and outbound traffic.
* Analyze inbound network traffic for vulnerabilities.
* Use an instance-level public IP and allow web traffic on port 443 only.
* Upgrade the portal to a Single Page Application (SPA) that uses JavaScript, Azure Active Directory (Azure AD), and the OAuth 2.0 implicit authorization grant to secure the Web API back end.
* Cache authentication and host the Web API back end using the Open Web Interface for .NET (OWIN) middleware.
* Immediately compress check images received from the mobile web app.
* Schedule processing of the batched credit transactions on a nightly basis.
* Provide parallel processing and scalable computing resources to output financial risk models.
* Use simultaneous computer nodes to enable high performance computing and updating of the financial risk models.
Key security area
You are evaluating the architecture for the WGBCreditCruncher app.
You need to implement an Azure service to process each portion of the app data.
For each type of app data, what should you implement? To answer, drag the appropriate Azure services to the correct app data types. Each Azure service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
正解:
Explanation
A company hosts a website and exposes web services on the company intranet. The intranet is secured by using a firewall. Company policies prohibit changes to firewall rules.
Devices outside the firewall must be able to access the web services.
You need to recommend an approach to enable inbound communication.
What should you recommend?
Devices outside the firewall must be able to access the web services.
You need to recommend an approach to enable inbound communication.
What should you recommend?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You are designing a live streaming event by using Azure Media Services. The delivery of the video will use HTTP Live Streaming (HLS) to an azure Content Delivery Network (CDN) streaming endpoint.
Viewers of the content may not be a trusted party and you require the highest level of security.
You must secure the media delivery by using dynamic encryption.
Solution: Use Azure Storage Service Encryption to encrypt all assets with an encryption key and authorization policy. Configure the asset's delivery policy to deliver by using common encryption.
Does the solution meet the goal?
Viewers of the content may not be a trusted party and you require the highest level of security.
You must secure the media delivery by using dynamic encryption.
Solution: Use Azure Storage Service Encryption to encrypt all assets with an encryption key and authorization policy. Configure the asset's delivery policy to deliver by using common encryption.
Does the solution meet the goal?
正解:A
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You manage a cloud service that has one Web Role instance, and several Worker Role instances. The cloud service has multiple tiers. Different groups develop and maintain each tier.
You need to ensure that the cloud service remains highly available and responsive when the Worker Roles are performing extensive work.
What should you do?
You need to ensure that the cloud service remains highly available and responsive when the Worker Roles are performing extensive work.
What should you do?
正解:A
解答を投票する
You publish a multi-tenant application named MyApp to Azure Active Directory (Azure AD). You need to ensure that only directory administrators from the other organizations can access MyApp's web API. How should you configure MyApp's manifest JSON file? To answer, drag the appropriate PowerShell command to the correct location in the application's manifest JSON file. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
正解:
Explanation
Box 1: False
Box 2: Global
'resourceScopeType' should be "Personal" if it's something that each user should consent to, or "Global" if it's something that applies to the entire tenant, (and thus, an administrator would have to consent to).
References:
https://social.msdn.microsoft.com/Forums/vstudio/en-US/f344e748-2c92-4c57-aeff-a6227a8d6535/multiple-clie
Your company is developing an e-commerce Azure App Service Web App to support hundreds of restaurant locations around the world. You are designing the messaging solution architecture to support the e-commerce transactions and messages.
The e-commerce application has the following features and requirements:
You need to choose the Azure messaging solution to support the Restaurant Telemetry feature.
Which Azure service should you use?
The e-commerce application has the following features and requirements:
You need to choose the Azure messaging solution to support the Restaurant Telemetry feature.
Which Azure service should you use?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have a WebJob object that runs as part of an Azure website. The WebJob object uses features from the Azure SDK for .NET.
You use a well-formed but invalid storage key to create the storage account that you pass into the UploadDataToAzureStorage method.
The WebJob object contains the following code segment. Line numbers are included for reference only.
You use a well-formed but invalid storage key to create the storage account that you pass into the UploadDataToAzureStorage method.
The WebJob object contains the following code segment. Line numbers are included for reference only.
正解:
Explanation
For blob storage, there is a retry policy implemented by default, so if you do nothing, it will do what's called exponential retries. It will fail, then wait a bit of time and try again; if it fails again, it will wait a little longer and try again, until it hits the maximum retry count.
References:
https://www.simple-talk.com/cloud/platform-as-a-service/azure-blob-storage-part-3-using-the-storage-client-libr
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing the deployment of resources in Azure.
You plan to use templates to customize deployment options.
You need to ensure that Azure services are deployed and updated identically.
Solution: You customize the output element of the template.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing the deployment of resources in Azure.
You plan to use templates to customize deployment options.
You need to ensure that Azure services are deployed and updated identically.
Solution: You customize the output element of the template.
Does the solution meet the goal?
正解:A
解答を投票する
You have an on-premises data center and an Azure subscription. The Azure subscription has services that are hosted in the East US region. You have servers that run Windows Server 2012 R2. The servers are located on-premises and in both Azure regions. You plan to deploy Microsoft System Center 2012 R2 Data Protection Manager (DPM) to protect all of the servers. The DPM deployment has the following requirements:
* Centralize the management of all backups
* Minimize the costs associated with bandwidth usage
* Protect Microsoft SharePoint and Microsoft SQL Server workloads for up to nine years You need to recommend which components must be configured to support the planned deployment. What should you include in the recommendation? To answer, select the appropriate options in the answer area.
* Centralize the management of all backups
* Minimize the costs associated with bandwidth usage
* Protect Microsoft SharePoint and Microsoft SQL Server workloads for up to nine years You need to recommend which components must be configured to support the planned deployment. What should you include in the recommendation? To answer, select the appropriate options in the answer area.
正解:
Explanation
Number of DMP servers: 1
Centralize the management of all backups.
Number of Azure backup vaults: 2
References: https://docs.microsoft.com/en-us/azure/backup/backup-azure-dpm-introduction
You are planning to create a virtual network that has a scale set that contains six virtual machines (VMs).
A monitoring solution on a different network will need access to the VMs inside the scale set.
You need to define public access to the VMs.
Solution: Deploy a standalone VM that has a public IP address to the virtual network.
Does the solution meet the goal?
A monitoring solution on a different network will need access to the VMs inside the scale set.
You need to define public access to the VMs.
Solution: Deploy a standalone VM that has a public IP address to the virtual network.
Does the solution meet the goal?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)