aiotestking uk

70-533 Exam Questions - Online Test


70-533 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Your network environment includes remote employees. 

You need to create a secure connection for the remote employees who require access to your Azure virtual network. 

What should you do? 

A. Deploy Windows Server 2012 RRAS. 

B. Configure a point-to-site VPN. 

C. Configure an ExpressRoute. 

D. Configure a site-to-site VPN. 

Answer:

Explanation: New Point-To-Site Connectivity 

With today’s release we’ve added an awesome new feature that allows you to setup VPN connections between individual computers and a Windows Azure virtual network without the need for a VPN device. We call this feature Point-to-Site Virtual Private Networking. This feature greatly simplifies setting up secure connections between Windows Azure and client machines, whether from your office environment or from remote locations. 

It is especially useful for developers who want to connect to a Windows Azure Virtual Network (and to the individual virtual machines within it) from either behind their corporate firewall or a remote location. Because it is point-to-site they do not need their IT staff to perform any activities to enable it, and no VPN hardware needs to be installed or configured. Instead you can just use the built-in Windows VPN client to tunnel to your Virtual Network in Windows Azure. 

Reference: Windows Azure: Improvements to Virtual Networks, Virtual Machines, Cloud Services and a new Ruby SDK 

http://azure.microsoft.com/blog/2013/04/26/virtual-network-adds-new-capabilities-for-cross-premises-connectivity/ 

Q2. Your company plans to migrate from On-Premises Exchange to Exchange Online in Office 

365. 

You plan to integrate your existing Active Directory Domain Services (AD DS) infrastructure with Azure AD. 

You need to ensure that users can log in by using their existing AD DS accounts and passwords. You need to achieve this goal by using minimal additional systems. 

Which two actions should you perform? Each answer presents part of the solution. 

A. Configure Password Sync. 

B. Set up a DirSync Server. 

C. Set up an Active Directory Federation Services Server. 

D. Set up an Active Directory Federation Services Proxy Server. 

Answer: A,B 

Explanation: Directory Sync with Password Sync Scenario' Applies To: Azure, Office 365, Windows Intune 

Password sync is an extension to the Directory Sync Scenario. With directory sync, you can manage the entire lifecycle of your cloud user and group accounts using your on-premise Active Directory management tools. 

When password sync is enabled on your directory sync computer, your users will be able to sign into Microsoft cloud services, such as Office 365, Dynamics CRM, and Windows InTune, using the same password as they use when logging into your on-premises network. When your users change their passwords in your corporate network, those changes are synchronized to the cloud. 

Reference: Directory Sync with Password Sync Scenario' 

URL: http://technet.microsoft.com/en-us/library/dn441214.aspx 

Q3. You manage an Azure Active Directory (AD) tenant 

You plan to allow users to log in to a third-party application by using their Azure AD credentials. 

To access the application, users will be prompted for their existing third-party user names and passwords. 

You need to add the application to Azure AD. 

Which type of application should you add? 

A. Existing Single Sign-On with identity provisioning 

B. Password Single Sign-On with identity provisioning 

C. Existing Single Sign-On without identity provisioning 

D. Password Single Sign-On without identity provisioning 

Answer:

Explanation: * Azure AD supports two different modes for single sign-on: / Federation using standard protocols Configuring Federation-based single sign-on enables the users in your organization to be automatically signed in to a third-party SaaS application by Azure AD using the user account information from Azure AD. / Password-based single sign-on * Support for user provisioning 

User provisioning enables automated user provisioning and deprovisioning of accounts in third-party SaaS applications from within the Azure Management Portal, using your Windows Server Active Directory or Azure AD identity information. When a user is given permissions in Azure AD for one of these applications, an account can be automatically created (provisioned) in the target SaaS application. 

Reference: Application access enhancements for Azure AD 

URL: http://msdn.microsoft.com/en-us/library/azure/dn308588.aspx 

Q4. You manage a cloud service on two instances. The service name is Service1 and the role name is ServiceRole1. 

Service1 has performance issues during heavy traffic periods. 

You need to increase the existing deployment of Service1 to three instances. 

Which Power Shell cmdlet should you use? 

A. PS C:\>Set-AzureService -ServiceName "Service1” -Label "ServiceRole1' -Description "Instance count=3" 

B. PS C:\>Set-AzureRole -ServiceName "Service1" -Slot "Production” -RoleName "ServiceRole1" -Count 3 

C. PS C:\>Add-AzureWebRole -Name 'ServiceRole1" -Instances 3 

D. PS C:\> $instancecount = New-Object Hashtable$settings['INSTANCECOUNT=3] PS C:\> Set-AzureWebsite -AppSettings $instancecount ServiceRole1 

Answer:

Explanation: The Set-AzureRole cmdlet sets the number of instances of a specified role to run in an Azure deployment 

Example This command sets the "MyTestRole3" role running in production on the "MySvc1" service to three instances. 

Windows PowerShell C:\PS>Set-AzureRole –ServiceName "MySvc1" –Slot "Production" –RoleName 

"MyTestRole3" –Count 3 Reference: Set-AzureRole 

Q5. Your company network has two physical locations configured in a geo-clustered environment. You create a Blob storage account in Azure that contains all the data associated with your company. 

You need to ensure that the data remains available in the event of a site outage. 

Which storage option should you enable? 

A. Locally redundant storage 

B. Geo-redundant storage 

C. Zone-redundant storage 

D. Read-only geo-redundant storage 

Answer:

Explanation: Introducing Read-only Access to Geo Redundant Storage (RA-GRS): 

RA-GRS allows you to have higher read availability for your storage account by providing “read only” access to the data replicated to the secondary location. Once you enable this feature, the secondary location may be used to achieve higher availability in the event the data is not available in the primary region. This is an “opt-in” feature which requires the storage account be geo-replicated. 

Reference: Windows Azure Storage Redundancy Options and Read Access Geo Redundant Storage 

Q6. You administer an Azure Storage account named contosostorage. The account has a blob container to store image files. 

A user reports being unable to access an image file. 

You need to ensure that anonymous users can successfully read image files from the 

container. 

Which log entry should you use to verify access? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

Answer:

Explanation: 

Check for GetBlob and for AnonymousSuccess. 

Example: Get Blob AnonymousSuccess: 

1.0;2011-07-28T18:52:40.9241789Z;

GetBlob;AnonymousSuccess;200;18;10;anonymous;;sally;blob;"htt 

p:// 

sally.blob.core.windows.net/thumbnails/lake.jpg?timeout=30000";"/sally/thumbnails/lake.jpg 

";a84aa705-8a85-48c5-b064-b43bd22979c3;0;123.100.2.10;2009-09-19;252;0;265;100;0;;;"0x8CE1B6EA95033D5";Thursday, 28-Jul-11 18:52:40 

GMT;;;;"7/28/2011 6:52:40 PM ba98eb12-700b-4d53-9230-33a3330571fc" 

Incorrect: 

Not C: Check for AnonymousSuccess not Access. 

Not B, not D: Check for GetBlob not GetBlobProperties 

nce: Windows Azure Storage Logging: Using Logs to Track Storage Requests 

URL: http://blogs.msdn.com/b/windowsazurestorage/archive/2011/08/03/windows-azure-storage-logging-using-logs-to-track-storage-requests.aspx 

Q7. HOTSPOT 

You manage an Azure subscription. 

You develop a storage plan with the following requirements: 

. Database backup files that are generated once per year are retained for ten years. . High performance system telemetry logs are created constantly and processed for analysis every month. 

In the table below, identify the storage redundancy type that must be used. Make only one selection in each column. 

Answer:  

Q8. HOTSPOT 

You manage an Azure Web Site for a consumer-product company. 

The website runs in Standard mode on a single medium instance. 

You expect increased traffic to the website due to an upcoming sale during a holiday 

weekend. 

You need to ensure that the website performs optimally when user activity is at its highest. 

Which option should you select? To answer, select the appropriate option in the answer 

area. 

Answer:  

Q9. DRAG DROP 

You publish a multi-tenant application named MyApp to Azure Active Directory (Azure AD). 

You need to ensure that only directory administrators from the other organizations can access MyApp's web API. 

How should you configure MyApp's manifest JSON file? To answer, drag the appropriate PowerShell command to the correct location in the application's manifest JSON file. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer:  

Q10. Your company plans to migrate from On-Premises Exchange to Office 365. 

The existing directory has numerous service accounts in your On-Premises Windows Active Directory (AD), stored in separate AD Organizational Units (OU) for user accounts. 

You need to prevent the service accounts in Windows AD from syncing with Azure AD. 

What should you do? 

A. Create an OU filter in the Azure AD Module for Windows PowerShell. 

B. Configure directory partitions in miisclient.exe. 

C. Set Active Directory ACLs to deny the DirSync Windows AD service account MSOL_AD_SYNC access to the service account OUs. 

D. Create an OU filter in the Azure Management Portal. 

Answer:

Explanation: One customer, who was looking for OU level filtering to import selected users from On-Premises active directory to Office365. 

Configure OU level filtering for Office365 directory synchronization. 

1. Logged in to your Domain controller 

2. Created an OU (Organisational Unit) from your AD (Active Directory) 

a. In my case I named it “DirSync” 

3. Move all those users you want to sync, to that.DirSync OU. 

4. From your DirSync Server navigate to <Drive>\Program Files\Microsoft Online Directory Sync\SYNCBUS\Synchronization Service\UIShell 

5. Double click on.miisclient.exe 

6. This opens a console something similar to the below screen capture 

Identity Manager, click Management Agents, and then double-click SourceAD.