AZ-204試験無料問題集「Microsoft Developing Solutions for Microsoft Azure 認定」
You are a developer for a SaaS company that offers many web services.
All web services for the company must meet the following requirements:
* Use API Management to access the services
* Use OpenID Connect for authentication
* Prevent anonymous usage
A recent security audit found that several web services can be called without any authentication.
Which API Management policy should you implement?
All web services for the company must meet the following requirements:
* Use API Management to access the services
* Use OpenID Connect for authentication
* Prevent anonymous usage
A recent security audit found that several web services can be called without any authentication.
Which API Management policy should you implement?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have an Azure API Management instance named API! that uses a managed gateway.
You plan to implement a policy that will apply at a product scope and will set the header of inbound requests to include information about the region hosting the gateway of API1. The policy definition contains the following content.
You have the following requirements for the policy definition:
* Ensure that the header contains the information about the region hosting the gateway of API1.
* Ensure the policy applies only after any global level policies are processed first.
You need to complete the policy definition.
Which values should you choose? To answer, select the appropriate options in the answer area.
You plan to implement a policy that will apply at a product scope and will set the header of inbound requests to include information about the region hosting the gateway of API1. The policy definition contains the following content.
You have the following requirements for the policy definition:
* Ensure that the header contains the information about the region hosting the gateway of API1.
* Ensure the policy applies only after any global level policies are processed first.
You need to complete the policy definition.
Which values should you choose? To answer, select the appropriate options in the answer area.
正解:
Explanation:
You plan to deploy a web app to App Service on Linux. You create an App Service plan. You create and push a custom Docker image that image that contains the web app to Azure Container Registry.
You need to access the console logs generated from inside the container in real-time.
How should you complete the Azure CLI command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to access the console logs generated from inside the container in real-time.
How should you complete the Azure CLI command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: config
To Configure logging for a web app use the command:
az webapp log config
Box 2: --docker-container-logging
Syntax include:
az webapp log config [--docker-container-logging {filesystem, off}]
Box 3: webapp
To download a web app's log history as a zip file use the command:
az webapp log download
Box 4: download
References:
https://docs.microsoft.com/en-us/cli/azure/webapp/log
You have the following data lifecycle management policy:
You plan to implement an Azure Blob Storage account and apply to it Policy 1. The solution should maximize resiliency and performance.
You need to configure the account to support the policy.
Which redundancy option and storage account type should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to implement an Azure Blob Storage account and apply to it Policy 1. The solution should maximize resiliency and performance.
You need to configure the account to support the policy.
Which redundancy option and storage account type should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
A development team is creating a new REST API. The API will store data in Azure Blob storage. You plan to deploy the API to Azure App Service.
Developers must access the Azure Blob storage account to develop the API for the next two months. The Azure Blob storage account must not be accessible by the developers after the two-month time period.
You need to grant developers access to the Azure Blob storage account.
What should you do?
Developers must access the Azure Blob storage account to develop the API for the next two months. The Azure Blob storage account must not be accessible by the developers after the two-month time period.
You need to grant developers access to the Azure Blob storage account.
What should you do?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You develop a solution that uses an Azure SQL Database to store user information for a mobile app.
The app stores sensitive information about users.
You need to hide sensitive information from developers that query the data for the mobile app.
Which three items must you identify when configuring dynamic data masking? Each correct answer presents a part of the solution.
NOTE: Each correct selection is worth one point.
The app stores sensitive information about users.
You need to hide sensitive information from developers that query the data for the mobile app.
Which three items must you identify when configuring dynamic data masking? Each correct answer presents a part of the solution.
NOTE: Each correct selection is worth one point.
正解:B,D,E
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You develop a solution that uses Azure Virtual Machines (VMs).
The VMs contain code that must access resources in an Azure resource group. You grant the VM access to the resource group in Resource Manager.
You need to obtain an access token that uses the VMs system-assigned managed identity.
Which two actions should you perform? Each correct answer presents part of the solution.
The VMs contain code that must access resources in an Azure resource group. You grant the VM access to the resource group in Resource Manager.
You need to obtain an access token that uses the VMs system-assigned managed identity.
Which two actions should you perform? Each correct answer presents part of the solution.
正解:A,D
解答を投票する
You are building an application that stores sensitive customer data in Azure Blob storage. The data must be encrypted with a key that is unique for each customer.
If the encryption key has been corrupted it must not be used for encryption.
You need to ensure that the blob is encrypted.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
If the encryption key has been corrupted it must not be used for encryption.
You need to ensure that the blob is encrypted.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You need to secure the corporate website for users.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order NOTE: More than one order of answer choices is correct You will receive credit for any of the correct orders you select.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order NOTE: More than one order of answer choices is correct You will receive credit for any of the correct orders you select.
正解:
Explanation:
A company backs up all manufacturing data to Azure Blob Storage. Admins move blobs from hot storage to archive tier storage every month.
You must automatically move blocks to Archive tier after they have not been accessed for 180 days. The path for any item that is not archived must be placed in an existing queue. This operation must be performed automatically once a month. You set the value of TierAgeInDays to 180.
How should you configure the Logic App? To answer, drag the appropriate triggers or action blocks to the correct trigger or action slots. Each trigger or action block may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You must automatically move blocks to Archive tier after they have not been accessed for 180 days. The path for any item that is not archived must be placed in an existing queue. This operation must be performed automatically once a month. You set the value of TierAgeInDays to 180.
How should you configure the Logic App? To answer, drag the appropriate triggers or action blocks to the correct trigger or action slots. Each trigger or action block may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: Recurrence
Box 2: Insert Entity
Box 3 (if true): Tier Blob
Box 4: (if false):
Leave blank.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-perform-data-operations
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Run the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Run the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint.
Does the solution meet the goal?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You need to add YAML markup at line CS17 to ensure that the ContentUploadService can access Azure Storage access keys.
How should you complete the YAML markup? To answer, drag the appropriate YAML segments to the correct locations. Each YAML segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
How should you complete the YAML markup? To answer, drag the appropriate YAML segments to the correct locations. Each YAML segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: volumeMounts
Example:
volumeMounts:
- mountPath: /mnt/secrets
name: secretvolume1
volumes:
- name: secretvolume1
secret:
mysecret1: TXkgZmlyc3Qgc2VjcmV0IEZPTwo=
Box 2: volumes
Box 3: secret
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-volume-secret
Your company has several websites that use a company logo image. You use Azure Content Delivery Network (CDN) to store the static image.
You need to determine the correct process of how the CDN and the Point of Presence (POP) server will distribute the image and list the items in the correct order.
In which order do the actions occur? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
You need to determine the correct process of how the CDN and the Point of Presence (POP) server will distribute the image and list the items in the correct order.
In which order do the actions occur? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation:
Step 1: A user requests the image..
A user requests a file (also called an asset) by using a URL with a special domain name, such as <endpoint name>.azureedge.net. This name can be an endpoint hostname or a custom domain. The DNS routes the request to the best performing POP location, which is usually the POP that is geographically closest to the user.
Step 2: If no edge servers in the POP have the..
If no edge servers in the POP have the file in their cache, the POP requests the file from the origin server. The origin server can be an Azure Web App, Azure Cloud Service, Azure Storage account, or any publicly accessible web server.
Step 3: The origin server returns the..
The origin server returns the file to an edge server in the POP.
An edge server in the POP caches the file and returns the file to the original requestor (Alice). The file remains cached on the edge server in the POP until the time-to-live (TTL) specified by its HTTP headers expires. If the origin server didn't specify a TTL, the default TTL is seven days.
Step 4: Subsequent requests for..
Additional users can then request the same file by using the same URL that the original user used, and can also be directed to the same POP.
If the TTL for the file hasn't expired, the POP edge server returns the file directly from the cache. This process results in a faster, more responsive user experience.
References:
https://docs.microsoft.com/en-us/azure/cdn/cdn-overview
You are developing several microservices to deploy to a Azure Service cluster. The microservices manage data stored in Azure Cosmos DB and Azure Blob storage. The data is secured by using customer-managed keys stored in Aue Key Vault.
You must automate key rotation for all Key Vault keys and allow for manual key rotation. Keys must rotate every three months. Notifications Of expiring keys must be sent before key expiry.
You need to configure key rotation and enable key expiry notifications.
Which two actions should you perform? Each correct answer presents part Of solution.
NOTE: Each correct selection is worth
You must automate key rotation for all Key Vault keys and allow for manual key rotation. Keys must rotate every three months. Notifications Of expiring keys must be sent before key expiry.
You need to configure key rotation and enable key expiry notifications.
Which two actions should you perform? Each correct answer presents part Of solution.
NOTE: Each correct selection is worth
正解:A,C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You develop an ASP. Net Core application by integrating the Application Insights SDK into your solution.
The application sends a very high rate of telemetry in a short time interval. You observe a reduced number of events, traces, and metrics being recorded and increased error rates for telemetry ingestion. Telemetry data must synchronize the client and server information to allow HTTP request and response correlation.
You need to reduce telemetry traffic, data costs, and storage costs while preserving a statistically correct analysis of application telemetry data.
What should you do?
The application sends a very high rate of telemetry in a short time interval. You observe a reduced number of events, traces, and metrics being recorded and increased error rates for telemetry ingestion. Telemetry data must synchronize the client and server information to allow HTTP request and response correlation.
You need to reduce telemetry traffic, data costs, and storage costs while preserving a statistically correct analysis of application telemetry data.
What should you do?
正解:C
解答を投票する
You need to configure Azure App Service to support the REST API requirements.
Which values should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Which values should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Plan: Standard
Standard support auto-scaling
Instance Count: 10
Max instances for standard is 10.
Scenario:
The REST API's that support the solution must meet the following requirements:
* Allow deployment to a testing location within Azure while not incurring additional costs.
* Automatically scale to double capacity during peak shipping times while not causing application downtime.
* Minimize costs when selecting an Azure payment model.
References:
https://azure.microsoft.com/en-us/pricing/details/app-service/plans/