070-535試験無料問題集「Microsoft Architecting Microsoft Azure Solutions 認定」
You are designing an Azure Web App.
All users must authenticate by using Active Directory Domain Services (AD DS) credentials.
You need to recommend an approach to enable single sign-on to the application for domain-authenticated users.
Which two actions should you recommend? Each correct answer presents part of the solution.
All users must authenticate by using Active Directory Domain Services (AD DS) credentials.
You need to recommend an approach to enable single sign-on to the application for domain-authenticated users.
Which two actions should you recommend? Each correct answer presents part of the solution.
正解:A,B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You are planning an application to run on Azure virtual machines (VMs). The VMs will be backed up using Azure Backup.
The application maintains its state in three binary files stored on disk. Changes in application state require that all three files be updated on disk. If only one or two of the files are updated on disk, work is lost and the system is in an inconsistent state.
You need to ensure that when a backup occurs, the application's data is always in a consistent state.
What should you do?
The application maintains its state in three binary files stored on disk. Changes in application state require that all three files be updated on disk. If only one or two of the files are updated on disk, work is lost and the system is in an inconsistent state.
You need to ensure that when a backup occurs, the application's data is always in a consistent state.
What should you do?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
A company plans to implement Azure Cosmos DB.
You need to recommend client network connection options to maximize performance.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend client network connection options to maximize performance.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Box 1: Direct mode
Connection policy: Use direct connection mode
Gateway Mode involves an additional network hop every time data is read or written to Azure Cosmos DB.
Because of this, Direct Mode offers better performance due to fewer network hops.
Box 2: TCP
Direct mode supports connectivity through TCP and HTTPS protocols. For best performance, use the TCP protocol when possible.
References:
Your company uses Office 365 for all employees. The company plans to create a website where customers can view and register technical support cases.
The solution must meet the following requirements:
* Provision customer identities by using social media accounts.
* Users must be able to access the website by using social media accounts including Facebook.
* Employees of the customer service department must be able to access the site to read the cases and resolve them.
You need to design an identity solution for the company.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
The solution must meet the following requirements:
* Provision customer identities by using social media accounts.
* Users must be able to access the website by using social media accounts including Facebook.
* Employees of the customer service department must be able to access the site to read the cases and resolve them.
You need to design an identity solution for the company.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
正解:B,E
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure Function to runs the image processing application every hour.
Does the solution meet the goal?
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure Function to runs the image processing application every hour.
Does the solution meet the goal?
正解:A
解答を投票する
You are designing a Windows Azure application. The application includes two web roles and three instances of a worker role. The web roles will send requests to the worker role through one or more Windows Azure Queues. You have the following requirements:
-Ensure that each request is processed exactly one time.
-Minimize the idle time of each worker role instance.
-Maximize the reliability of request processing.
You need to recommend a queue design for sending requests to the worker role.
What should you recommend?
-Ensure that each request is processed exactly one time.
-Minimize the idle time of each worker role instance.
-Maximize the reliability of request processing.
You need to recommend a queue design for sending requests to the worker role.
What should you recommend?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You plan to deploy four Infrastructure as a Service (IaaS) virtual machines in Azure. All IaaS virtual machines will reside on the same IP subnet.
You need to design an Azure virtual network that can accommodate the deployment. The design must meet the following requirements:
* Minimize the size of the IP subnet.
* Provide the ability to restrict both internal and Internet traffic.
* Ensure that the IP addresses of the virtual machines remain the same.
What should you include in the design? To answer, select the appropriate options in the answer area.
You need to design an Azure virtual network that can accommodate the deployment. The design must meet the following requirements:
* Minimize the size of the IP subnet.
* Provide the ability to restrict both internal and Internet traffic.
* Ensure that the IP addresses of the virtual machines remain the same.
What should you include in the design? To answer, select the appropriate options in the answer area.
正解:
Explanation
Not /29.
/29 would normally provide up to 8 IP addresses which should be enough for four VMs. However, Azure reserves five IP addresses so for four VMs, you need a subnet with at least 9 IP addresses.
You manage an application that runs across multiple regions. The application processes sensitive data and is secured using SSL offloading.
When users request data, the data must come from the endpoint in their region. Data between Azure resources must not traverse the Internet.
You need to recommend networking options for the application.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
When users request data, the data must come from the endpoint in their region. Data between Azure resources must not traverse the Internet.
You need to recommend networking options for the application.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
You manage a network that includes an on-premises Active Directory Domain Services domain and an Azure Active Directory (Azure AD).
Employees are required to use different accounts when using on-premises or cloud resources. You must recommend a solution that lets employees sign in to all company resources by using a single account. The solution must implement an identity provider.
You need provide guidance on the different identity providers.
How should you describe each identity provider? To answer, select the appropriate description from each list in the answer area.
NOTE: Each correct selection is worth one point.
Employees are required to use different accounts when using on-premises or cloud resources. You must recommend a solution that lets employees sign in to all company resources by using a single account. The solution must implement an identity provider.
You need provide guidance on the different identity providers.
How should you describe each identity provider? To answer, select the appropriate description from each list in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Synchronized identity is the simplest way to synchronize on-premises directory objects (users and groups) with Azure AD.
While synchronized identity is the easiest and quickest method, your users still need to maintain a separate password for cloud-based resources. To avoid this, you can also (optionally) synchronize a hash of user passwords to your Azure AD directory. Synchronizing password hashes enables users to log in to cloud-based organizational resources with the same user name and password that they use on-premises. Azure AD Connect periodically checks your on-premises directory for changes and keeps your Azure AD directory synchronized.
When a user attribute or password is changed on-premises Active Directory, it is automatically updated in Azure AD.
Federated identity:
For more control over how users access Office 365 and other cloud services, you can set up directory synchronization with single sign-on (SSO) using Active Directory Federation Services (AD FS). Federating your user's sign-ins with AD FS delegates authentication to an on-premises server that validates user credentials. In this model, on-premises Active Directory credentials are never passed to Azure AD.
A company hosts virtual machines (VMs) in an on-Premises datacenter and in Azure. The on-premises and Azure-based VMs communicate using ExpressRoute.
The company wants to be able to continue regular operations if the ExpressRoute connection fails. Failover connections must use the internet and must not require Multiprotocol Label Switching (MPLS) support.
You need to recommend a solution that provides continued operations.
What should you recommend?
The company wants to be able to continue regular operations if the ExpressRoute connection fails. Failover connections must use the internet and must not require Multiprotocol Label Switching (MPLS) support.
You need to recommend a solution that provides continued operations.
What should you recommend?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You need to implement testing for the DataManager mobile application.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation
References:
https://docs.microsoft.com/en-us/azure/application-insights/app-insights-monitor-web-app-availability#multi-ste