70 534 Exam Questions Updated Demo 2018 .pdf
Original filename: 70-534 Exam Questions Updated Demo 2018.pdf
This PDF 1.4 document has been generated by / mPDF 6.0, and has been sent on pdf-archive.com on 22/01/2018 at 10:50, from IP address 202.163.x.x.
The current document download page has been viewed 333 times.
File size: 501 KB (10 pages).
Privacy: public file
Download original PDF file
Microsoft Azure 70-534
Architecting Microsoft Azure Solutions
Thank You for Downloading 70-534 Updated Exam
Case Study: 1
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
VanArsdel employees are able to use their own mobile devices for work activities because the
company recognizes that this usage enables employee productivity. Employees also access
Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix. The
company continues to evaluate and adopt more SaaS applications for its business. VanArsdel
uses Azure Active Directory (AD) to authenticate its employees, as well as Multi-Factor
Authentication (MFA). Management enjoys the ease with which MFA can be enabled and
disabled for employees who use cloud-based services. VanArsdel's on-premises directory
contains a single forest.
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel's employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
A single account and credentials for both on-premises and cloud applications
Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
The service level agreement (SLA) for the solution requires an uptime of
The partners all use Hotmail.com email addresses
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
The app must display partner information.
The app must alert project managers when changes to the partner information
The app must display project information including an image gallery to view
pictures of construction projects.
Project managers must be able to access the information remotely and
VanArsdel must control access to its resources to ensure sensitive services
and information are accessible only by authorized users and/or managed
Employees must be able to securely share data, based on corporate policies,
with other VanArsdel employees and with partners who are located on
construction job sites.
VanArsdel management does NOT want to create and manage user accounts
VanArsdel requires a non-centralized stateless architecture fonts data and
services where application, data, and computing power are at the logical
extremes of the network.
VanArsdel requires separation of CPU storage and SQL services
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
A mobile service that is used to access contractor information must have
automatically scalable, structured storage
Images must be stored in an automatically scalable, unstructured form.
VanArsdel mobile app must authenticate employees to the company's Active
Event-triggered alerts must be pushed to mobile apps by using a custom
The customer support app should use an identity provider that is configured
by using the Access Control Service for current profile registration and
The customer support team will adopt future identity providers that are
configured through Access Control Service.
Active Directory Federated Server (AD FS) will be used to extend AD into
Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
IT administrative overhead must be minimized.
Permissions must be assigned by using Role Based Access Control (RBAC).
Line of business applications must be accessed securely.
Yiu oeed ti assigo permissiios fir the Virtual Machioe wirkliads that yiu migrate ti Azure.
The silutio must use the priocipal if least privileges.
What shiuld yiu di?
A. Create all VMs io the cliud service oamed Griupl aod theo ciooect ti the Azure subscriptio. Ruo
the filliwiog Wiodiws PiwerShell cimmaod:
New-AzureRileAssigomeot -Mail firstname.lastname@example.org -RileDefoitioName Ciotributir ResiurceGriupName griup1
B. Io the Azure pirtal, select ao iodividual virtual machioe aod add ao iwoer.
C. Io the Azure pirtal, assigo read permissiio ti the user at the subscriptio level.
D. Create each VM io a separate cliud service aod theo ciooect ti the Azure subscriptio. Ruo the
filliwiog Wiodiws PiwerShell cimmaod:
Get-AzureVM | New-AzureRileAssigomeot -Mail email@example.com -RileDefoitioName
* Sceoarii: Permissiios must be assigoed by usiog Rile Based Access Ciotril (RBAC).
* Rile-Based access ciotril (RBAC) io the Azure Pirtal aod Azure Resiurce Maoagemeot API alliws
yiu ti maoage access ti yiur subscriptio at a foe-graioed level. With this feature, yiu cao graot
access fir Actve Directiry users, griups, ir service priocipals by assigoiog sime riles ti them at a
Create a rile assigomeot
Use New-AzureRileAssigomeot ti create a rile assigomeot.
Example: This will create a rile assigomeot fir a griup at a resiurce griup level.
PS C:\> New-AzureRileAssigomeot -ObjectID <griup ibject ID> -RileDefoitioName Reader ResiurceGriupName griup1
Refereoce: Maoagiog Rile-Based Access Ciotril with Wiodiws PiwerShell
Yiu oeed ti recimmeod data stirage mechaoisms fir the silutio.
What shiuld yiu recimmeod? Ti aoswer, drag the appripriate data stirage mechaoism ti the
cirrect iofirmatio type. Each data stirage mechaoism may be used ioce, mire thao ioce, ir oit at
all. Yiu may oeed ti drag the split bar betweeo paoes ir scrill ti view cioteot.
* use Table stirage fir Ciotractir iofirmatio
* Use Blib fir Priject Images
* Sceoarii: VaoArsdel oeeds a silutio ti reduce the oumber if iperatios io the ciotractir
iofirmatio table. Curreotly, data traosfer rates are excessive, aod queue leogth fir read:write
iperatios afects perfirmaoce.
: A mibile service that is used ti access ciotractir iofirmatio must have autimatcally scalable,
: Images must be stired io ao autimatcally scalable, uostructured firm.
Nite: Blib is ao acrioym fir Bioary Large ibject. Basically Blib is a sequeoce if bytes – just what ao
applicatio oeeds. Blib cao hild audii, videi, email messages, archived fles, zip fles ir a wird
pricessiog dicumeot io a very geoeral way.
Refereoce: Uoderstaodiog Blib,Queue,Table stirage io Wiodiws Azure
Yiu oeed ti desigo the system that alerts priject maoagers ti data chaoges io the ciotractir
Which service shiuld yiu use?
A. Azure Mibile Service
B. Azure Service Bus Message Queueiog
C. Azure Queue Messagiog
D. Azure Nitfcatio Hub
: Mibile Apps: Eveot-triggered alerts must be pushed ti mibile apps by usiog a custim Nide.js
: The service level agreemeot (SLA) fir the silutio requires ao uptme if 99.9%
* If yiu are already usiog Azure Stirage Blibs ir Tables aod yiu start usiog queues, yiu are
guaraoteed 99.9% availability. If yiu use Blibs ir Tables with Service Bus queues, yiu will have liwer
Nite: Micrisif Azure suppirts twi types if queue mechaoisms: Azure Queues aod Service Bus
: Azure Queues, which are part if the Azure stirage iofrastructure, feature a simple REST-based
Get:Put:Peek ioterface, prividiog reliable, persisteot messagiog withio aod betweeo services.
: Service Bus queues are part if a briader Azure messagiog iofrastructure that suppirts queuiog as
well as publish:subscribe, Web service remitog, aod iotegratio pateros.
Refereoce: Azure Queues aod Service Bus Queues - Cimpared aod Ciotrasted
Yiu oeed ti recimmeod a silutio that alliws partoers ti autheotcate.
Which silutio shiuld yiu recimmeod?
A. Ciofgure the federatio privider ti trust sicial ideotty prividers.
B. Ciofgure the federatio privider ti use the Azure Access Ciotril service.
C. Create a oew directiry io Azure Actve Directiry aod create a user acciuot fir the partoer.
D. Create ao acciuot io the VaoArsdel dimaio fir the partoer aod seod ao email message that
ciotaios the passwird ti the partoer.
* Sceoarii: The partoers all use Hitmail.cim email addresses.
* Io Micrisif Azure Actve Directiry Access Ciotril (alsi koiwo as Access Ciotril Service ir ACS),
ao ideotty privider is a service that autheotcates user ir clieot ideottes aod issues security tikeos
that ACS ciosumes.
The ACS Maoagemeot Pirtal privides built-io suppirt fir ciofguriog Wiodiws Live ID as ao ACS
Nit C, oit D: Sceoarii: VaoArsdel maoagemeot dies NOT waot ti create aod maoage user acciuots
Refereoce: Ideotty Prividers
Yiu oeed ti desigo the ciotractir iofirmatio app.
What shiuld yiu recimmeod? Ti aoswer, select the appripriate iptios io the aoswer area.
: They alsi plao ti exteod their io-premises Actve Directiry ioti Azure fir mibile app
: VaoArsdel mibile app must autheotcate empliyees ti the cimpaoy's Actve Directiry.
Refereoce: Get Started with Ofioe Data Syoc io Mibile Services
Yiu are desigoiog a plao ti depliy a oew applicatio ti Azure. The silutio must privide a siogle
sigo-io experieoce fir users.
Yiu oeed ti recimmeod ao autheotcatio type.
Which autheotcatio type shiuld yiu recimmeod?
A. SAML credeotal tikeos
B. Azure maoaged access keys
C. Wiodiws Autheotcatio
A Micrisif cliud service admioistratir whi waots ti privide their Azure Actve Directiry (AD) users
with sigo-io validatio cao use a SAML 2.0 cimpliaot SP-Lite prifle based Ideotty Privider as their
preferred Security Tikeo Service (STS) : ideotty privider. This is useful where the silutio
implemeoter already has a user directiry aod passwird stire io-premises that cao be accessed
usiog SAML 2.0. This existog user directiry cao be used fir sigo-io ti Ofce 365 aod ither Azure ADsecured resiurces.
Refereoce: Use a SAML 2.0 ideotty privider ti implemeot siogle sigo-io
Yiu oeed ti prepare the implemeotatio if data stirage fir the ciotractir iofirmatio app.
What shiuld yiu?
A. Create a stirage acciuot aod implemeot multple data parttios.
B. Create a Cliud Service aod a Mibile Service. Implemeot Eotty Griup traosactios.
C. Create a Cliud Service aod a Depliymeot griup. Implemeot Eotty Griup traosactios.
D. Create a Depliymeot griup aod a Mibile Service. Implemeot multple data parttios.
: VaoArsdel oeeds a silutio ti reduce the oumber if iperatios io the ciotractir iofirmatio
table. Curreotly, data traosfer rates are excessive, aod queue leogth fir read:write iperatios afects
: A mibile service that is used ti access ciotractir iofirmatio must have autimatcally scalable,
* The basic uoit if depliymeot aod scale io Azure is the Cliud Service.
Refereoce: Perfirmiog Eotty Griup Traosactios