70-535 Exam Questions - Online Test
70-535 Premium VCE File
150 Lectures, 20 Hours
P.S. Verified 70-535 bundle are available on Google Drive, GET MORE: https://drive.google.com/open?id=1UE6NH3QW9eQORMPuYBF77KspAMddI0BR
New Microsoft 70-535 Exam Dumps Collection (Question 3 - Question 12)
Q1. You need to design the business continuity framework. Which technology should you use?
A. Hyper-V Replica
B. Azure Backup
C. Azure Site Recovery
D. Azure StoreSimple
Answer: C
Explanation:
Azure Site Recovery can protect Microsoft Hyper-V, VMware, and physical servers, and you can use Azure or your secondary datacenter as your recovery site.
From scenario: The company has a human resources (HR) application named HRApp that stores data in an on-premises SQL Server database. The database must have at least two copies, but data to support backups and business continuity must stay in Trey Research locations only. The data must remain on-premises and cannot be stored in the cloud.
References: https://azure.microsoft.com/en-us/services/site-recovery/
Q2. You need to recommend a solution for publishing one of the company websites to Azure and configuring it for remote debugging.
Which two actions should you perform? Each correct answer presents part of the solution.
A. From Visual Studio, attach the debugger to the solution.
B. Set the application logging level to Verbose and enable logging.
C. Set the Web Server logging level to Information and enable logging.
D. Set the Web Server logging level to Verbose and enable logging.
E. From Visual Studio, configure the site to enable Debugger Attaching and then publish the site.
Answer: A,E
Explanation:
* Scenario:
/ Mitigate the need to purchase additional tools for monitoring and debugging.
/A debugger must automatically attach to websites on a weekly basis. The scripts that handle the configuration and setup of debugging cannot work if there is a delay in attaching the debugger.
A: After publishing your application you can use the Server Explorer in Visual Studio to access your web sites.
After signing in you will see your Web Sites under the Windows Azure node in Server Explorer. Right click on the site that you would like to debug and select Attach Debugger.
E: When the processes appear in the Available Processes table, select w3wp.exe, and then click Attach.
Open a browser to the URL of your web app.
References: http://blogs.msdn.com/b/webdev/archive/2013/11/05/remote-debugging-a-window-azure-web-site-with-visual-studio-2013.aspx
Q3. You administer an application that has an Azure Active Directory (Azure AD) B2C tenant named contosob2c.onmicrosoft.com.
Users must be able to use their existing Facebook account to sign in to the application. You need to register Facebook with your Azure AD B2C tenant.
What should you do?
A. a sign-up policy
B. a custom user attribute
C. a local account
D. a built-in user attribute
E. an identity provider
Answer: E
Q4. You need to recommend an authentication solution for the DistributionTracking application. What should you include in the recommendation?
A. a certificate
B. a Graph API endpoint
C. a security principal in Azure Active Directory
D. a managed service account in Azure Active Directory
Answer: A
Q5. You manage a cloud service that utilizes an Azure Service Bus queue. You need to ensure that messages that are never consumed are retained. What should you do?
A. Check the MOVE TO THE DEAD-LETTER SUBQUEUE option for Expired Messages in the Azure Portal.
B. From the Azure Management Portal, create a new queue and name it Dead-Letter.
C. Execute the Set-AzureServiceBus PowerShell cmdlet.
D. Execute the New-AzureSchedulerStorageQueueJob PowerShell cmdlet.
Answer: A
Explanation:
Deadlettering u2013 From time to time a message may arrive in your queue that just canu2021t be processed. Each time the message is retrieved for processing the consumer throws an exception and cannot process the message. These are often referred to as poisonous messages and can happen for a variety of reasons, such as a corrupted payload, a message containing an unknown payload inadvertently delivered to a wrong queue, etc. When this happens, you do not want your system to come to grinding to a halt simply because one of the messages canu2021t be processed.
Ideally the message will be set aside to be reviewed later and processing can continue on to other messages in the queue. This process is called u2021Deadletteringu2021 a message and the Service Bus Brokered Messaging supports dead lettering by default. If a message fails to be processed and appears back on the queue ten times it will be placed into a dead letter queue. You can control the number of failures it takes for a message to be dead lettered by setting the MaxDeliveryCount property on the queue. When a message is deadlettered it is actually placed on a sub queue which can be accessed just like any other Service Bus queue. In the example used above the dead letter queue path would be samplequeue/$DeadLetterQueue. By default a message will be moved to the dead letter queue if it fails delivery more than 10 times.
Automatic dead lettering does not occur in the ReceiveAndDelete mode as the message has already been removed from the queue.
References: https://www.simple-talk.com/cloud/cloud-data/an-introduction-to-windows-azure-service-bus-brokered-messaging/
Q6. You are designing a plan to deploy a new application to Azure. The solution must provide a single sign-on experience for users.
You need to recommend an authentication type. Which authentication type should you recommend?
A. SAML credential tokens
B. Azure managed access keys
C. Windows Authentication
D. MS-CHAP
Answer: A
Explanation:
A Microsoft cloud service administrator who wants to provide their Azure Active Directory (AD) users with sign-on validation can use a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / identity provider. This is useful where the solution implementer already has a user directory and password store on- premises that can be accessed using SAML 2.0. This existing user directory can be used for sign-on to Office 365 and other Azure AD-secured resources.
References: https://msdn.microsoft.com/en- us/library/azure/dn641269.aspx?f=255&MSPPError=-2147217396
Q7. You need to assign permissions for the Virtual Machine (VM) workloads that you migrate to Azure.
The solution must use the principal of least privileges. What should you do?
A. Create all VMs in the cloud service named Groupl and then connect to the Azure subscription. Run the following Windows PowerShell command: New- AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName Contributor - ResourceGroupName group1
B. In the Azure portal, select an individual virtual machine and add an owner.
C. In the Azure portal, assign read permission to the user at the subscription level.
D. Create each VM in a separate cloud service and then connect to the Azure subscription. Run the following Windows PowerShell command:Get-AzureVM | New- AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName Contributor
Answer: A
Explanation:
* Scenario: Permissions must be assigned by using Role Based Access Control (RBAC).
* Role-Based access control (RBAC) in the Azure Portal and Azure Resource Management API allows you to manage access to your subscription at a fine-grained level. With this feature, you can grant access for Active Directory users, groups, or service principals by assigning some roles to them at a particular scope.
Create a role assignment
Use New-AzureRoleAssignment to create a role assignment.
Example: This will create a role assignment for a group at a resource group level.
PS C:> New-AzureRoleAssignment -ObjectID <group object ID> -RoleDefinitionName Reader -ResourceGroupName group1
References: https://azure.microsoft.com/en-gb/documentation/articles/role-based-access-control-powershell/
Q8. You develop a set of Power Shell scripts that will run when you deploy new virtual machines (VMs). You need to ensure that the scripts are executed on new VMs.
You want to achieve this goal by using the least amount of administrative effort. What should you do?
A. Create a new GPO to execute the scripts as a logon script.
B. Create a SetupComplete.cmd batch file to call the scripts after the VM starts.
C. Create a new virtual hard disk (VHD) that contains the scripts.
D. Load the scripts to a common file share accessible by the VMs.
E. Set the VMs to execute a custom script extension.
Answer: E
Explanation:
Custom Script Extension can automatically download scripts and files from Azure Storage and launch a PowerShell script on the VM which in turn can install additional software components. And just like with any other VM Extension, this can be added during VM creation or after the VM has been running.
References: https://azure.microsoft.com/en-us/blog/automating-vm-customization-tasks-using-custom-script-extension/
Q9. You need to recommend a solution that allows partners to authenticate. Which solution should you recommend?
A. Configure the federation provider to trust social identity providers.
B. Configure the federation provider to use the Azure Access Control service.
C. Create a new directory in Azure Active Directory and create a user account for the partner.
D. Create an account on the VanArsdel domain for the partner and send an email message that contains the password to the partner.
Answer: B
Explanation:
* Scenario: The partners all use Hotmail.com email addresses.
* In Microsoft Azure Active Directory Access Control (also known as Access Control Service or ACS), an identity provider is a service that authenticates user or client identities and issues security tokens that ACS consumes.
The ACS Management Portal provides built-in support for configuring Windows Live ID as an ACS Identity Provider.
Incorrect:
Not C, not D: Scenario: VanArsdel management does NOT want to create and manage user accounts for partners.
Q10. You manage a cloud service on two instances. The service name is Service1 and the role name is ServiceRole1. Service1 has performance issues during heavy traffic periods.
You need to increase the existing deployment of Service1 to three instances. Which Power Shell cmdlet should you use?
A. PS C:>Set-AzureService -ServiceName "Service1" -Label "ServiceRole1' -Description "Instance count=3"
B. PS C:>Set-AzureRole -ServiceName "Service1" -Slot "Production" -RoleName "ServiceRole1" -Count 3
C. PS C:>Add-AzureWebRole -Name 'ServiceRole1" -Instances 3
D. PS C:> $instancecount = New-Object Hashtable$settings['INSTANCECOUNT=3] PS C:> Set-AzureWebsite -AppSettings $instancecount ServiceRole1
Answer: B
Explanation:
The Set-AzureRole cmdlet sets the number of instances of a specified role to run in an Azure deployment.
References: https://docs.microsoft.com/en-us/powershell/module/Azure/Set- AzureRole?view=azuresmps-4.0.0
Recommend!! Get the Verified 70-535 dumps in VCE and PDF From Thedumpscentre, Welcome to download: http://www.thedumpscentre.com/70-535-dumps/ (New Q&As Version)
- [2021-New] Microsoft 70-417 Dumps With Update Exam Questions (141-150)
- [2021-New] Microsoft 70-347 Dumps With Update Exam Questions (11-20)
- Microsoft 70-742 Study Guides 2021
- [2021-New] Microsoft 70-383 Dumps With Update Exam Questions (141-150)
- [2021-New] Microsoft 70-499 Dumps With Update Exam Questions (151-160)
- [2021-New] Microsoft 70-980 Dumps With Update Exam Questions (31-40)
- [2021-New] Microsoft 70-461 Dumps With Update Exam Questions (41-50)
- Microsoft AZ-100 Exam Questions 2021
- [2021-New] Microsoft MB6-896 Dumps With Update Exam Questions (2-11)
- [2021-New] Microsoft 70-384 Dumps With Update Exam Questions (71-80)