Topic 5: Misc. Questions
You have an Azure subscription that contains the resources shown in the following table.
You ate designing an Azure governance solution.
All Azure resources must be easily identifiable based on the following operational information environment, owner, department and cost center. You need 10 ensure that you can use the operational information when you generate reports for the Azure resources.
What should you include in the solution?
A.
Azure Active Directory (Azure AD) administrative units
B.
An Azure data catalog that uses the Azure REST API as a data source
C.
An Azure policy that enforces tagging rules
D.
An Azure management group that uses parent groups to create a hierarchy
An Azure policy that enforces tagging rules
Explanation:
You use Azure Policy to enforce tagging rules and conventions. By creating a policy, you avoid the scenario of resources being deployed to your subscription that don't have the expected tags for your organization. Instead of manually applying tags or searching for resources that aren't compliant, you create a policy that automatically applies the needed tags during deployment.
Note: Organizing cloud-based resources is a crucial task for IT, unless you only have simple deployments. Use naming and tagging standards to organize your resources for these reasons:
Resource management: Your IT teams will need to quickly locate resources associated with specific workloads, environments, ownership groups, or other important information.
Organizing resources is critical to assigning organizational roles and access permissions for resource management.
Reference:
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/decisionguides/resource-tagging
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/tag-policies
You are designing a data storage solution to support reporting. The solution will ingest high volumes of data in the JSON format by using Azure Event Hubs. As the data arrives, Event Hubs will write the data to storage. The solution must meet the following requirements:
• Organize data in directories by date and time.
• Allow stored data to be queried directly, transformed into summarized tables, and then stored in a data warehouse.
• Ensure that the data warehouse can store 50 TB of relational data and support between 200 and 300 concurrent read operations.
Which service should you recommend for each type of data store? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
The application will host video files that range from 50 MB to 12 GB. The application will use certificate-based authentication and will be available to users on the internet.
You need to recommend a storage option for the video files. The solution must provide the fastest read performance and must minimize storage costs.
What should you recommend?
A.
Azure Files
B.
Azure Data Lake Storage Gen2
C.
Azure Blob Storage
D.
Azure SQL Database
Azure Blob Storage
Blob Storage: Stores large amounts of unstructured data, such as text or binary data, that can be accessed from anywhere in the world via HTTP or HTTPS. You can use Blob storage to expose data publicly to the world, or to store application data privately.
Max file in Blob Storage. 4.77 TB.
Reference:
https://docs.microsoft.com/en-us/azure/architecture/solution-ideas/articles/digital-mediavideo
You have an Azure Functions microservice app named Appl that is hosted in the Consumption plan. App1 uses an Azure Queue Storage trigger.
You plan to migrate App1 to an Azure Kubernetes Service (AKS) cluster.
You need to prepare the AKS cluster to support Appl. The solution must meet the following requirements:
• Use the same scaling mechanism as the current deployment.
• Support kubenet and Azure Container Netwoking Interface (CNI) networking.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct answer is worth one point.
A.
Configure the horizontal pod autoscaler.
B.
Install Virtual Kubelet.
C.
Configure the AKS cluster autoscaler.
D.
Configure the virtual node add-on.
E.
Install Kubemetes-based Event Driven Autoscaling (KEDA).
Configure the horizontal pod autoscaler.
Configure the virtual node add-on.
You plan to deploy an Azure App Service web app that will have multiple instances across multiple Azure regions.
You need to recommend a load balancing service for the planned deployment. The solution must meet the following requirements:
Maintain access to the app in the event of a regional outage.
Support Azure Web Application Firewall (WAF).
Support cookie-based affinity.
Support URL routing.
What should you include in the recommendation?
A.
Azure Front Door
B.
Azure Load Balancer
C.
Azure Traffic Manager
D.
Azure Application Gateway
Azure Front Door
Explanation:
Azure Traffic Manager performs the global load balancing of web traffic across Azure regions, which have a regional load balancer based on Azure Application Gateway. This combination gets you the benefits of Traffic Manager many routing rules and Application Gateway’s capabilities such as WAF, TLS termination, path-based routing, cookie-based session affinity among others.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/features
You plan to automate the deployment of resources to Azure subscriptions. What is a difference between using Azure Blueprints and Azure Resource Manager (ARM) templates?
A.
ARM templates remain connected to the deployed resources.
B.
Only ARM templates can contain policy definitions
C.
Blueprints remain connected to the deployed resources.
D.
Only Blueprints can contain policy definitions.
Blueprints remain connected to the deployed resources.
Explanation:
With Azure Blueprints, the relationship between the blueprint definition (what should be deployed) and the blueprint assignment (what was deployed) is preserved. This connection supports improved tracking and auditing of deployments. Azure Blueprints can also upgrade several subscriptions at once that are governed by the same blueprint.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has deployed several virtual machines (VMs) on-premises and to Azure.
Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity.
Several VMs are exhibiting network connectivity issues.
You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs.
Solution: Install and configure the Microsoft Monitoring Agent and the Dependency Agent on all VMs. Use the Wire Data solution in Azure Monitor to analyze the network traffic.
Does the solution meet the goal?
A.
Yes
B.
No
No
Instead use Azure Network Watcher to run IP flow verify to analyze the network traffic.
Note: Wire Data looks at network data at the application level, not down at the TCP transport layer. The solution doesn't look at individual ACKs and SYNs.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoringoverview
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verifyoverview
You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server 2016 and Linux.
You need to use Azure Log Analytics design an alerting strategy for security-related events.
Which Log Analytics tables should you query? To answer, drag the appropriate tables to the correct log types. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
You plan to create an Azure Storage account that will host file shares. The shares will be accessed from on-premises applications that are transaction-intensive.
You need to recommend a solution to minimize latency when accessing the file shares.
The solution must provide the highest-level of resiliency for the selected storage tier.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a data storage solution that meets the following requirements:
• Ensures that applications can access the data by using a REST connection
• Hosts 20 independent tables of varying sizes and usage patterns
• Automatically replicates the data to a second Azure region
• Minimizes costs
What should you recommend?
A.
an Azure SQL Database elastic pool that uses active geo-replication
B.
tables in an Azure Storage account that use read-access geo-redundant storage (RAGRS)
C.
an Azure SQL database that uses active geo-replication
D.
tables in an Azure Storage account that use geo-redundant storage (GRS)
tables in an Azure Storage account that use geo-redundant storage (GRS)
| Page 3 out of 24 Pages |
| Previous |