Q1. You manage several Azure virtual machines (VMs). You create a custom image to be used by employees on the development team.
You need to ensure that the custom image is available when you deploy new servers.
Which Azure Power Shell cmdlet should you use?
A. Update-AzureVMImage
B. Add-AzureVhd
C. Add-AzureVMImage
D. Update-AzureDisk
E. Add-AzureDataDisk
Answer: C
Explanation: The Add-AzureVMImage cmdlet adds an operating system image to the
image repository. The image should be a generalized operating system image, using either
Sysprep for Windows or, for Linux, using the appropriate tool for the distribution.
Example
This example adds an operating system image to the repository.
Windows PowerShell
C:\PS>Add-AzureVMImage -ImageName imageName -MediaLocation
http://yourstorageaccount.blob.core.azure.com/container/sampleImage.vhd -Label
Reference: Add-AzureVMImage
Q2. HOTSPOT
You administer an Azure Active Directory (Azure AD) tenant.
You add a custom application to the tenant.
The application must be able to:
. Read data from the tenant directly.
. Write data to the tenant on behalf of a user. In the table below, identify the permission that must be granted to the application. Make only one selection in each column.
Answer:
Q3. Your company network includes users in multiple directories.
You plan to publish a software-as-a-service application named SaasApp1 to Azure Active
Directory.
You need to ensure that all users can access SaasApp1.
What should you do?
A. Configure the Federation Metadata URL
B. Register the application as a web application.
C. Configure the application as a multi-tenant.
D. Register the application as a native client application.
Answer: C
Explanation: * When you get deeper into using Windows Azure Active Directory, you’ll run into new terminology. For instance, is called "directory" is also referred to as a Windows Azure AD Tenant or simply as "tenant." This stems from the fact that WAAD ()Windows Azure Active Directory.is a shared service for many clients. In this service, every client gets its own separate space for which the client is the tenant. In the case of WAAD this space is a directory. This might be a little confusing, because you can create multiple directories, in WAAD terminology multiple tenants, even though you are a single client.
* Multitenant Applications in Azure A multitenant application is a shared resource that allows separate users, or "tenants," to view the application as though it was their own. A typical scenario that lends itself to a multitenant application is one in which all users of the application may wish to customize the user experience but otherwise have the same basic business requirements. Examples of large multitenant applications are Office 365, Outlook.com, and visualstudio.com.
Reference: Multitenant Applications in Azure
http://msdn.microsoft.com/en-us/library/azure/dn151789.aspx
Q4. You administer an Azure Web Site named contoso. The development team has implemented changes to the website that need to be validated.
You need to validate and deploy the changes with minimum downtime to users.
What should you do first?
A. Create a new Linked Resource.
B. Configure Remote Debugging on contoso.
C. Create a new website named contosoStaging.
D. Create a deployment slot named contosoStaging.
E. Back up the contoso website to a deployment slot.
Answer: D
Explanation: When you deploy your application to Azure Websites, you can deploy to a separate deployment slot instead of the default production slot, which are actually live sites with their own hostnames.
Furthermore, you can swap the sites and site configurations between two deployment slots, including the production slot. Deploying your application to a deployment slot has the following benefits:
* You can validate website changes in a staging deployment slot before swapping it with the production slot.
* After a swap, the slot with previously staged site now has the previous production site. If the changes swapped into the production slot are not as you expected, you can perform the same swap immediately to get your "last known good site" back.
* Deploying a site to a slot first and swapping it into production ensures that all instances of the slot are warmed up before being swapped into production. This eliminates downtime when you deploy your site. The traffic redirection is seamless, and no requests are dropped as a result of swap operations.
Reference: Staged Deployment on Microsoft Azure Websites
Q5. HOTSPOT
You manage an Internet Information Services (IIS) 6 website named contososite1. Contososite1 runs a legacy ASP.NET 1.1 application named LegacyApp1. LegacyApp1 does not contain any integration with any other systems or programming languages.
You deploy contososite1 to Azure Web Sites.
You need to configure Azure Web Sites. You have the following requirements:
LegacyApp1 runs correctly.
The application pool does not recycle.
Which settings should you configure to meet the requirements? To answer, select the appropriate settings in the answer area.
Answer:
Q6. You manage an Azure Web Site named contosoweb. Logging is enabled for contosoweb.
You need to view only errors from your log files in a continuous stream as they occur.
Which Windows Power Shell command should you execute?
A. Get-AzureWebSiteLog -Name contosoweb -OutBuffer Error
B. Save-AzureWebSiteLog -Name contosoweb -Output Errors
C. Get-AzureWebSiteLog -Name contosoweb -Tail –Message Error
D. Get-Azure WebSiteLog -Name contosoweb -Message Error
Answer: C
Explanation: Example
This example starts log streaming and show error logs only.
Windows PowerShell
C:\PS>Get-AzureWebsiteLog -Tail -Message Error
Reference: Get-AzureWebsiteLog
URL: http://msdn.microsoft.com/en-us/library/dn495187.aspx
Q7. DRAG DROP
You manage a solution deployed in two Azure subscriptions for testing and production. Both subscriptions have virtual networks named fabVNet.
You plan to add two new virtual machines (VMs) in a new subnet.
You have the following requirements:
...
Deploy the new VMs to the virtual network in the testing subscription.
Minimize any errors in defining the network changes.
Minimize the work that will be required when the change is made to the production
virtual network.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q8. You manage an Azure virtual network that hosts 15 virtual machines (VMs) on a single subnet which is used for testing a line of business (LOB) application. The application is deployed to a VM named TestWebServiceVM.
You need to ensure that TestWebServiceVM always starts by using the same IP address. You need to achieve this goal by using the least amount of administrative effort.
What should you do?
A. Use the Management Portal to configure TestWebServiceVM.
B. Use RDP to configure TestWebServiceVM.
C. Run the Set-AzureStaticVNetIP PowerShell cmdlet.
D. Run the Get-AzureReservedIP PowerShell cmdlet.
Answer: C
Explanation: Specify a static internal IP for a previously created VM
If you want to set a static IP address for a VM that you previously created, you can do so by using the following cmdlets. If you already set an IP address for the VM and you want to change it to a different IP address, you’ll need to remove the existing static IP address before running these cmdlets. See the instructions below to remove a static IP. For this procedure, you’ll use the Update-AzureVM cmdlet. The Update-AzureVM cmdlet restarts the VM as part of the update process. The DIP that you specify will be assigned after the VM restarts. In this example, we set the IP address for VM2, which is located in cloud service StaticDemo.
Get-AzureVM -ServiceName StaticDemo -Name VM2 | Set-AzureStaticVNetIP -IPAddress
192.168.4.7 | Update-AzureVM
Reference: Configure a Static Internal IP Address (DIP) for a VM URL: http://msdn.microsoft.com/en-us/library/azure/dn630228.aspx
Q9. You manage a software-as-a-service application named SaasApp1 that provides user management features in a multi-directory environment.
You plan to offer SaasApp1 to other organizations that use Azure Active Directory.
You need to ensure that SaasApp1 can access directory objects.
What should you do?
A. Configure the Federation Metadata URL
B. Register SaasApp1 as a native client application.
C. Register SaasApp1 as a web application.
D. Configure the Graph API.
Answer: D
Explanation: The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For example, the Graph API supports the following common operations for a user object: / Create a new user in a directory / Get a user’s detailed properties, such as their groups / Update a user’s properties, such as their location and phone number, or change their password / Check a user’s group membership for role-based access / Disable a user’s account or delete it entirely
Reference: Azure AD Graph API
URL: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx
Q10. You manage two datacenters in different geographic regions and one branch office.
You plan to implement a geo-redundant backup solution.
You need to ensure that each datacenter is a cold site for the other.
You create a recovery vault. What should you do next?
A. Install the provider.
B. Upload a certificate to the vault.
C. Generate a vault key.
D. Set all virtual machines to DHCP.
E. Prepare System Center Virtual Machine Manager (SCVMM) servers.
F. Create mappings between the virtual machine (VM) networks.
Answer: C
Explanation: . Within the Azure Portal screen, scroll down to Recovery Services (on the left menu), and click on “Create a New Vault” (this is where your VMs will be replicated to) which will bring up a Data Services / Recovery Services / Site Recovery Vault option, select Quick Create . For the name of the Vault, give it something you’d remember, in my case, I’ll call it RandsVault, and I’ll choose the Region West US since I’m in the Western United States, then click Create Vault . Once the Vault has been created, click on the Right Arrow next to the name of your vault. Under Setup Recovery, choose “Between an on-premise site and Microsoft Azure” so that you are telling the configuration settings that you are going to be replicating between your on-premise datacenter and Azure in the cloud. . You will now see a list of things you need to do which the first thing is to create a key exchange of certificates between Microsoft Azure and your VMM server.
Reference: Leveraging Microsoft Azure as your disaster recovery/failover data center