Download New Updated (June) Microsoft 70-533 Practice Test 41-50

Ensurepass

 

QUESTION 41

DRAG DROP

You manage an application deployed to a cloud service that utilizes an Azure Storage account.

 

The cloud service currently uses the primary access key.

 

Security policy requires that all shared access keys are changed without causing application downtime.

 

Which three steps should you perform in sequence?

 

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

 

clip_image002

 

Correct Answer:

clip_image004

 

 

QUESTION 42

DRAG DROP

You plan to deploy a cloud service named contosoapp that has a web role named contosoweb and a worker role named contosoimagepurge.

 

You need to ensure the service meets the following requirements:

 

clip_image006Contosoweb can be accessed over the Internet by using http.

clip_image006[1]Contosoimagepurge can only be accessed through tcp port 5001 from contosoweb.

clip_image006[2]Contosoimagepurge cannot be accessed directly over the Internet.

 

Which configuration should you use?

 

To answer, drag the appropriate configuration setting to the correct location in the service configuration file. Each configuration setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

 

clip_image008

 

Correct Answer:

clip_image010

 

 

 

 

 

 

 

 

 

QUESTION 43

Your company network includes an On-Premises Windows Active Directory (AD) that has a DNS domain named contoso.local and an email domain named contoso.com. You plan to migrate from On-Premises Exchange to Office 365.

 

You configure DirSync and set all Azure Active Directory {Azure AD) usernames as %username%@contoso.com

 

You need to ensure that each user is able to log on by using the email domain as the username.

 

Which two actions should you perform? Each correct answer presents part of the solution.

 

A.

Verify the email domain in Azure AD domains.

B.

Run the Set-MsolUserPnncipalName -UserPnncipalName %username%@co ntoso.onmicrosoft.com -NewUserPrincipalName %usemame %@contoso.com Power Shell cmdlet.

C.

Edit the ProxyAddress attribute on the On-Premises Windows AD user account.

D.

Verify the Windows AD DNS domain in Azure AD domains.

E.

Update the On-Premises Windows AD user account UPN to match the email address.

 

Correct Answer: CD

Explanation:

* There are two main traffic flows originating from the server hosting the Azure Active Directory Sync tool:

The Azure Active Directory Sync tool queries a domain controller on the on-premises network for changes to accounts and passwords.

The Azure Active Directory Sync tool sends the changes to accounts and passwords to the Azure AD instance of your Office 365 subscription. These changes are sent through the on-premises network’s proxy server.

 

clip_image012

* Verify that your virtual machine is joined to the domain by checking your internal DNS to make sure that an Address (A) record was added for the virtual machine with the correct IP address from Azure. For the Azure Active Directory Sync tool to gain access to Internet resources, you must configure the server that runs the Azure Active Directory Sync tool to use the on-premises network’s proxy server.

 

Reference: Deploy Office 365 Directory Synchronization in Microsoft Azure

 

 

QUESTION 44

You administer of a set of virtual machine (VM) guests hosted in Hyper-V on Windows Server 2012 R2.

 

The virtual machines run the following operating systems:

 

clip_image006[3]Windows Server 2008

clip_image006[4]Windows Server 2008 R2

clip_image006[5]Linux (openSUSE 13.1)

 

All guests currently are provisioned with one or more network interfaces with static bindings and VHDX disks. You need to move the VMs to Azure Virtual Machines hosted in an Azure subscription.

 

Which three actions should you perform? Each correct answer presents part of the solution.

 

A.

Install the WALinuxAgent on Linux servers.

B.

Ensure that all servers can acquire an IP by means of Dynamic Host Configuration Protocol (DHCP).

C.

Upgrade all Windows VMs to Windows Server 2008 R2 or higher.

D.

Sysprep all Windows servers.

E.

Convert the existing virtual disks to the virtual hard disk (VHD) format.

 

Correct Answer: ACD

Explanation:

* A: Azure Linux Agent

 

This agent is installed on the Linux VM and is responsible to communicate with the Azure Frabric Controller.

 

* UPLOADING A VIRTUAL MACHINE TO WINDOWS AZURE

 

Assumption: A Windows Server (2008 R2 or 2012) is created and running as a virtual machine in Hyper-V. (C)

 

Log onto the Windows Server hosted in Hyper-V you’d like to upload to Windows Azure and open and command prompt (I’m using Windows Server 2012 R2).

 

Navigate to c:WindowsSystem32Sysprep

 

Type in sysprep.exe and select enter: (D)

 

 

 

 

 

QUESTION 45

You manage a collection of large video files that is stored in an Azure Storage account.

 

A user wants access to one of your video files within the next seven days.

 

You need to allow the user access only to the video file, and then revoke access once the user no longer needs it.

 

What should you do?

 

A.

Give the user the secondary key for the storage account. Once the user is done with the file, regenerate the secondary key.

B.

Create an Ad-Hoc Shared Access Signature for the Blob resource. Set the Shared Access Signature to expire in seven days.

C.

Create an access policy on the container. Give the external user a Shared Access Signature for the blob by using the policy. Once the user is done with the file, delete the policy.

D.

Create an access policy on the blob. Give the external user access by using the policy. Once the user is done with the file, delete the policy.

 

Correct Answer: C

Explanation:

See 3) below.

By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to other clients without sharing your access key, you have the following options for permitting access:

 

1.You can set a container’s permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.

 

2. You can expose a resource via a shared access signature, which enables you to delegate restricted access to a container, blob, table or queue resource by specifying the interval for which the resources are available and the permissions that a client will have to it.

 

3. You can use a stored access policy to manage shared access signatures for a container or its blobs, for a queue, or for a table. The stored access policy gives you an additional measure of control over your shared access signatures and also provides a straightforward means to revoke them.

 

Reference: Manage Access to Azure Storage Resources

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

QUESTION 46

HOTSPOT

You manage a public-facing web application which allows authenticated users to upload and download large files. On the initial public page there is a promotional video.

 

You plan to give users access to the site content and promotional video.

 

In the table below, identify the access method that should be used for the anonymous and authenticated parts of the application. Make only one selection in each column.

 

clip_image014

 

Correct Answer:

clip_image016

 

 

QUESTION 47

DRAG DROP

You administer an Azure SQL database named contosodb that is running in Standard/S1 tier. The database is in a server named server1 that is a production environment. You also administer a database server named server2 that is a test environment. Both database servers are in the same subscription and the same region but are on different physical clusters.

 

You need to copy contosodb to the test environment.

 

Which three steps should you perform in sequence?

 

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

 

clip_image018

 

Correct Answer:

clip_image020

 

QUESTION 48

DRAG DROP

You administer an Azure Virtual Machine (VM) named CON-CL1. CON-CL1 is in a cloud service named ContosoService1.

 

You want to create a new VM named MyApp that will have a fixed IP address and be hosted by an Azure Datacenter in the US West region.

 

You need to assign a fixed IP address to the MyApp VM.

 

Which Azure Power Shell cmdlets and values should you use?

 

To answer, drag the appropriate cmdlet or value to the correct location in the PowerShell command. Each cmdlet or value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content

 

clip_image022

 

Correct Answer:

clip_image024

 

 

 

 

 

 

 

 

QUESTION 49

HOTSPOT

You manage two cloud services named Service1 and Service2. The development team updates the code for each application and notifies you that the services are packaged and ready for deployment.

 

Each cloud service has specific requirements for deployment according to the following table.

 

clip_image026

 

In the table below, identify the deployment method for each service. Make only one selection in each column.

 

clip_image028

 

Correct Answer:

clip_image030

 

 

QUESTION 50

You administer an Access Control Service namespace named contosoACS that is used by a web application. ContosoACS currently utilizes Microsoft and Yahoo accounts.

 

Several users in your organization have Google accounts and would like to access the web application through ContosoACS.

 

You need to allow users to access the application by using their Google accounts.

 

What should you do?

 

A.

Register the application directly with Google.

B.

Edit the existing Microsoft Account identity provider and update the realm to include Google.

C.

Add a new Google identity provider.

D.

Add a new WS-Federation identity provider and configure the WS-Federation metadata to point to the Google sign-in URL.

 

Correct Answer: C

Explanation:

Configuring Google as an identity provider eliminates the need to create and manage authentication and identity management mechanism. It helps the end user experience if there are familiar authentication procedures.

 

Reference: Microsoft Azure, How to: Configure Google as an Identity Provider

URL: http://msdn.microsoft.com/en-us/library/azure/gg185976.aspx

 

Free VCE & PDF File for Microsoft 70-533 Real Exam

Instant Access to Free VCE Files: MCSE|MCSA|MCITP…
Instant Access to Free PDF Files: MCSE|MCSA|MCITP…