[Free] 2019(Nov) EnsurePass Microsoft 70-533 Dumps with VCE and PDF 41-50

Get Full Version of the Exam
http://www.EnsurePass.com/70-533.html

Question No.41

DRAG DROP

You manage an application deployed to a cloud service that utilizes an Azure Storage account. The cloud service currently uses the primary access key.

Security policy requires that all shared access keys are changed without causing application downtime.

Which three steps should you perform in sequence?

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

image

Correct Answer:

image

Question No.42

DRAG DROP

You plan to deploy a cloud service named contosoapp that has a web role named contosoweb and a worker role named contosoimagepurge.

You need to ensure the service meets the following requirements:

image

Contosoweb can be accessed over the Internet by using http.

image

image

Contosoimagepurge can only be accessed through tcp port 5001 from contosoweb. Contosoimagepurge cannot be accessed directly over the Internet.

Which configuration should you use?

To answer, drag the appropriate configuration setting to the correct location in the service configuration file. Each configuration setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

image

Correct Answer:

image

Question No.43

Your company network includes an On-Premises Windows Active Directory (AD) that has a DNS domain named contoso.local and an email domain named contoso.com. You plan to migrate from On-Premises Exchange to Office 365.

You configure DirSync and set all Azure Active Directory {Azure AD) usernames as

%username%@contoso.com

You need to ensure that each user is able to log on by using the email domain as the username. Which two actions should you perform? Each correct answer presents part of the solution.

  1. Verify the email domain in Azure AD domains.

  2. Run the Set-MsolUserPnncipalName -UserPnncipalName %username%@co ntoso.onmicrosoft.com -NewUserPrincipalName %usemame %@contoso.com Power Shell cmdlet.

  3. Edit the ProxyAddress attribute on the On-Premises Windows AD user account.

  4. Verify the Windows AD DNS domain in Azure AD domains.

  5. Update the On-Premises Windows AD user account UPN to match the email address.

Correct Answer: AB

Explanation:

If you have already set up Active Directory synchronization, the user#39;s UPN may not match the

user#39;s on-premises UPN defined in Active Directory. To fix this, rename the user#39;s UPN using the Set-MsolUserPrincipalName cmdlet in the Microsoft Azure Active Directory Module for Windows PowerShell.

The email domain (Contoso.com) needs to be verified in Office 365.

References:

https://msdn.microsoft.com/en-us/library/azure/jj151786.aspx

Question No.44

You administer of a set of virtual machine (VM) guests hosted in Hyper-V on Windows Server 2012 R2.

The virtual machines run the following operating systems:

image

image

image

Windows Server 2008 Windows Server 2008 R2 Linux (openSUSE 13.1)

All guests currently are provisioned with one or more network interfaces with static bindings and VHDX disks. You need to move the VMs to Azure Virtual Machines hosted in an Azure subscription.

Which three actions should you perform? Each correct answer presents part of the solution.

  1. Install the WALinuxAgent on Linux servers.

  2. Ensure that all servers can acquire an IP by means of Dynamic Host Configuration Protocol (DHCP).

  3. Upgrade all Windows VMs to Windows Server 2008 R2 or higher.

  4. Sysprep all Windows servers.

  5. Convert the existing virtual disks to the virtual hard disk (VHD) format.

Correct Answer: ACE

Explanation:

A: For Linux the WALinuxAgent agent is mandatory.

C: Need to upgrade to Windows Server 2008 R2 or higher. E: VHDX is not supported, so VHD is needed.

References:

https://azure.microsoft.com/fr-fr/documentation/articles/virtual-machines-create-upload-vhd- windows-server/

https://azure.microsoft.com/fr-fr/documentation/articles/virtual-machines-create-upload-vhd- windows-server/

Question No.45

You manage a collection of large video files that is stored in an Azure Storage account. A user wants access to one of your video files within the next seven days.

You need to allow the user access only to the video file, and then revoke access once the user no longer needs it.

What should you do?

  1. Give the user the secondary key for the storage account. Once the user is done with the file, regenerate the secondary key.

  2. Create an Ad-Hoc Shared Access Signature for the Blob resource. Set the Shared Access Signature to expire in seven days.

  3. Create an access policy on the container. Give the external user a Shared Access Signature for the blob by using the policy. Once the user is done with the file, delete the policy.

  4. Create an access policy on the blob. Give the external user access by using the policy. Once the user is done with the file, delete the policy.

Correct Answer: C

Explanation:

See 3) below.

By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to other clients without sharing your access key, you have the following options for permitting access:

  1. You can set a container#39;s permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.

  2. You can expose a resource via a shared access signature, which enables you to delegate restricted access to a container, blob, table or queue resource by specifying the interval for which the resources are available and the permissions that a client will have to it.

  3. You can use a stored access policy to manage shared access signatures for a container or its blobs, for a queue, or for a table. The stored access policy gives you an additional measure of control over your shared access signatures and also provides a straightforward means to revoke them.

Reference: Manage Access to Azure Storage Resources

Question No.46

HOTSPOT

You manage a public-facing web application which allows authenticated users to upload and download large files. On the initial public page there is a promotional video.

You plan to give users access to the site content and promotional video.

In the table below, identify the access method that should be used for the anonymous and authenticated parts of the application. Make only one selection in each column.

image

Correct Answer:

image

Question No.47

DRAG DROP

You administer an Azure SQL database named contosodb that is running in Standard/S1 tier. The database is in a server named server1 that is a production environment. You also administer a database server named server2 that is a test environment. Both database servers are in the same subscription and the same region but are on different physical clusters.

You need to copy contosodb to the test environment. Which three steps should you perform in sequence?

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

image

Correct Answer:

image

Question No.48

DRAG DROP

You administer an Azure Virtual Machine (VM) named CON-CL1. CON-CL1 is in a cloud service named ContosoService1.

You want to create a new VM named MyApp that will have a fixed IP address and be hosted by an Azure Datacenter in the US West region.

You need to assign a fixed IP address to the MyApp VM. Which Azure Power Shell cmdlets and values should you use?

To answer, drag the appropriate cmdlet or value to the correct location in the PowerShell command. Each cmdlet or value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content

image

Correct Answer:

image

Question No.49

HOTSPOT

You manage two cloud services named Service1 and Service2. The development team updates the code for each application and notifies you that the services are packaged and ready for deployment.

Each cloud service has specific requirements for deployment according to the following table.

image

In the table below, identify the deployment method for each service. Make only one selection in each column.

image

Correct Answer:

image

Question No.50

You administer an Access Control Service namespace named contosoACS that is used by a web application. ContosoACS currently utilizes Microsoft and Yahoo accounts.

Several users in your organization have Google accounts and would like to access the web application through ContosoACS.

You need to allow users to access the application by using their Google accounts. What should you do?

  1. Register the application directly with Google.

  2. Edit the existing Microsoft Account identity provider and update the realm to include Google.

  3. Add a new Google identity provider.

  4. Add a new WS-Federation identity provider and configure the WS-Federation metadata to point to the Google sign-in URL.

Correct Answer: C

Explanation:

Configuring Google as an identity provider eliminates the need to create and manage authentication and identity management mechanism. It helps the end user experience if there are familiar authentication procedures.

Reference: Microsoft Azure, How to: Configure Google as an Identity Provider URL: http://msdn.microsoft.com/en-us/library/azure/gg185976.aspx

Get Full Version of the Exam
70-533 Dumps
70-533 VCE and PDF

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.