AZ204

100% Valid and Newest Version AZ-204 Questions & Answers shared by Certleader
https://www.certleader.com/AZ-204-dumps.html (254 Q&As)
NEW QUESTION 1
- (Exam Topic 1)
You need to resolve the Shipping web site error.
How should you configre the Azure Table Storage service? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: AllowedOrigins
A CORS request will fail if Access-Control-Allow-Origin is missing. Scenario:
The following error message displays while you are testing the website:
Box 2: http://test-shippingapi.wideworldimporters.com Syntax: Access-Control-Allow-Origin: *

Access-Control-Allow-Origin: <origin> Access-Control-Allow-Origin: null
<origin> Specifies an origin. Only a single origin can be specified. Box 3: AllowedOrigins
Box 4: POST
The only allowed methods are GET, HEAD, and POST. In this case POST is used. "<Corsrule>" "allowedmethods" Failed to load no "Access-control-Origin"
header is present References:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
NEW QUESTION 2
- (Exam Topic 1)
You need to update the APIs to resolve the testing error.
How should you complete the Azure CLI command? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Enable Cross-Origin Resource Sharing (CORS) on your Azure App Service Web App.
Enter the full URL of the site you want to allow to access your WEB API or * to allow all domains.
Box 1: cors
The Leader of IT Certification visit - https://www.certleader.com

Box 2: add
Box 3: allowed-origins
Box 4: http://testwideworldimporters.com/ References:
http://donovanbrown.com/post/How-to-clear-No-Access-Control-Allow-Origin-header-error-with-Azure-App-Service
NEW QUESTION 3
- (Exam Topic 1)
You need to secure the Shipping Logic App. What should you use?
A. Azure App Service Environment (ASE)

B. Azure AD B2B integration
C. Integration Service Environment (ISE)
D. VNet service endpoint
Answer: C
Explanation:
Scenario: The Shipping Logic App requires secure resources to the corporate VNet and use dedicated storage resources with a fixed costing model.
You can access to Azure Virtual Network resources from Azure Logic Apps by using integration service environments (ISEs).
Sometimes, your logic apps and integration accounts need access to secured resources, such as virtual machines (VMs) and other systems or services, that are
inside an Azure virtual network. To set up this access, you can create an integration service environment (ISE) where you can run your logic apps and create your
integration accounts.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/connect-virtual-network-vnet-isolated-environment-overview
NEW QUESTION 4
- (Exam Topic 1)
You need to configure Azure CDN for the Shipping web site.
Which configuration options should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Scenario: Shipping website
Use Azure Content Delivery Network (CDN) and ensure maximum performance for dynamic content while minimizing latency and costs.
Tier: Standard Profile: Akamai
Optimization: Dynamic site acceleration
Dynamic site acceleration (DSA) is available for Azure CDN Standard from Akamai, Azure CDN Standard from Verizon, and Azure CDN Premium from Verizon
profiles.
DSA includes various techniques that benefit the latency and performance of dynamic content. Techniques include route and network optimization, TCP
optimization, and more.
You can use this optimization to accelerate a web app that includes numerous responses that aren't cacheable. Examples are search results, checkout
transactions, or real-time data. You can continue to use core Azure CDN caching capabilities for static data.
Reference:
https://docs.microsoft.com/en-us/azure/cdn/cdn-optimization-overview
NEW QUESTION 5
- (Exam Topic 1)
You need to migrate on-premises shipping data to Azure. What should you use?
A. Azure Migrate
B. Azure Cosmos DB Data Migration tool (dt.exe)
C. AzCopy
D. Azure Database Migration service

Answer: D
Explanation:
Migrate from on-premises or cloud implementations of MongoDB to Azure Cosmos DB with minimal downtime by using Azure Database Migration Service.
Perform resilient migrations of MongoDB data at scale and with high reliability.
Scenario: Data migration from on-premises to Azure must minimize costs and downtime.
The application uses MongoDB JSON document storage database for all container and transport information. References:
https://azure.microsoft.com/en-us/updates/mongodb-to-azure-cosmos-db-online-and-offline-migrations-are-now
NEW QUESTION 6
- (Exam Topic 2)
You need to implement the bindings for the CheckUserContent function.
How should you complete the code segment? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: [BlobTrigger(..)]
Box 2: [Blob(..)]
Azure Blob storage output binding for Azure Functions. The output binding allows you to modify and delete blob storage data in an Azure Function.
The attribute's constructor takes the path to the blob and a FileAccess parameter indicating read or write, as shown in the following example:
[FunctionName("ResizeImage")] public static void Run(
[BlobTrigger("sample-images/{name}")] Stream image,
[Blob("sample-images-md/{name}", FileAccess.Write)] Stream imageSmall)
{
}
Scenario: You must create an Azure Function named CheckUserContent to perform the content checks. The company’s data science group built
ContentAnalysisService which accepts user generated content as a string and returns a probable value for inappropriate content. Any values over a specific
threshold must be reviewed by an employee of Contoso, Ltd.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-storage-blob-output
NEW QUESTION 7
- (Exam Topic 2)
You need to configure the ContentUploadService deployment.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Add the following markup to line CS23: types: Private

B. Add the following markup to line CS24: osType: Windows
C. Add the following markup to line CS24: osType: Linux
D. Add the following markup to line CS23: types: Public
Answer: A
Explanation:
Scenario: All Internal services must only be accessible from Internal Virtual Networks (VNets) There are three Network Location types – Private, Public and
Domain
Reference:
https://devblogs.microsoft.com/powershell/setting-network-location-to-private/
NEW QUESTION 8
- (Exam Topic 2)
You need to add code at line AM10 of the application manifest to ensure that the requirement for manually reviewing content can be met.
How should you complete the code? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: sid
Sid: Session ID, used for per-session user sign-out. Personal and Azure AD accounts. Scenario: Manual review
To review content, the user must authenticate to the website portion of the ContentAnalysisService using their Azure AD credentials. The website is built using
React and all pages and API endpoints require authentication. In order to review content a user must be part of a ContentReviewer role.
Box 2: email
Scenario: All completed reviews must include the reviewer’s email address for auditing purposes.
NEW QUESTION 9
- (Exam Topic 2)
You need to add markup at line AM04 to implement the ContentReview role.
How should you complete the markup? To answer, drag the appropriate json segments to the correct locations. Each json segment may be used once, more than
once, or not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: allowedMemberTypes
allowedMemberTypes specifies whether this app role definition can be assigned to users and groups by setting to "User", or to other applications (that are
accessing this application in daemon service scenarios) by setting to "Application", or to both.
Note: The following example shows the appRoles that you can assign to users. "appId": "8763f1c4-f988-489c-a51e-158e9ef97d6a",
"appRoles": [
{
"allowedMemberTypes": [ "User"
],
"displayName": "Writer",
"id": "d1c2ade8-98f8-45fd-aa4a-6d06b947c66f", "isEnabled": true,
"description": "Writers Have the ability to create tasks.", "value": "Writer"
}
],
"availableToOtherTenants": false, Box 2: User
Scenario: In order to review content a user must be part of a ContentReviewer role.
Box 3: value
value specifies the value which will be included in the roles claim in authentication and access tokens. Reference:

https://docs.microsoft.com/en-us/graph/api/resources/approle
NEW QUESTION 10
- (Exam Topic 2)
You need to add code at line AM09 to ensure that users can review content using ContentAnalysisService. How should you complete the code? To answer, select
the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: "oauth2Permissions": ["login"]
oauth2Permissions specifies the collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. These permission scopes may
be granted to client apps during consent.
Box 2: "oauth2AllowImplicitFlow":true
For applications (Angular, Ember.js, React.js, and so on), Microsoft identity platform supports the OAuth 2.0 Implicit Grant flow.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-app-manifest
NEW QUESTION 10
- (Exam Topic 2)
You need to add YAML markup at line CS17 to ensure that the ContentUploadService can access Azure Storage access keys.
How should you complete the YAML markup? To answer, drag the appropriate YAML segments to the correct locations. Each YAML segment may be used once,
more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: volumeMounts Example:
volumeMounts:
- mountPath: /mnt/secrets name: secretvolume1 volumes:
- name: secretvolume1 secret:
mysecret1: TXkgZmlyc3Qgc2VjcmV0IEZPTwo= Box 2: volumes
Box 3: secret Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-volume-secret
NEW QUESTION 12
- (Exam Topic 3)

You need to correct the corporate website error.

Which four actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and
arrange them in the correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Scenario: Corporate website
While testing the site, the following error message displays: CryptographicException: The system cannot find the file specified. Step 1: Generate a certificate
Step 2: Upload the certificate to Azure Key Vault
Scenario: All SSL certificates and credentials must be stored in Azure Key Vault. Step 3: Import the certificate to Azure App Service
Step 4: Update line SCO5 of Security.cs to include error handling and then redeploy the code Reference:
https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate
NEW QUESTION 17
- (Exam Topic 3)
You need to retrieve the database connection string.
Which values should you use? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Azure database connection string retrieve REST API vault.azure.net/secrets/ Box 1: cpandlkeyvault
We specify the key vault, cpandlkeyvault.
Scenario: The database connection string is stored in Azure Key Vault with the following attributes: Azure Key Vault name: cpandlkeyvault
Secret name: PostgreSQLConn
Id: 80df3e46ffcd4f1cb187f79905e9a1e8 Box 2: PostgreSQLConn
We specify the secret, PostgreSQLConn Example, sample request:
https://myvault.vault.azure.net//secrets/mysecretname/4387e9f3d6e14c459867679a90fd0f79?api-version=7.1 Box 3: Querystring
Reference:
https://docs.microsoft.com/en-us/rest/api/keyvault/getsecret/getsecret
NEW QUESTION 18
- (Exam Topic 3)
You need to configure the Account Kind, Replication, and Storage tier options for the corporate website’s Azure Storage account.
How should you complete the configuration? To answer, select the appropriate options in the dialog box in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Account Kind: StorageV2 (general-purpose v2)
Scenario: Azure Storage blob will be used (refer to the exhibit). Data storage costs must be minimized. General-purpose v2 accounts: Basic storage account type
for blobs, files, queues, and tables. Recommended
for most scenarios using Azure Storage.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers?tabs=azure-portal
NEW QUESTION 20
- (Exam Topic 3)
You need to configure Azure Service Bus to Event Grid integration.
Which Azure Service Bus settings should you use? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Premium
Service Bus can now emit events to Event Grid when there are messages in a queue or a subscription when no receivers are present. You can create Event Grid
subscriptions to your Service Bus namespaces, listen to these events, and then react to the events by starting a receiver. With this feature, you can use Service
Bus in reactive programming models.
To enable the feature, you need the following items:
A Service Bus Premium namespace with at least one Service Bus queue or a Service Bus topic with at least one subscription.
Contributor access to the Service Bus namespace. Box 2: Contributor
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-to-event-grid-integration-concept
NEW QUESTION 25
- (Exam Topic 3)
You need to investigate the Azure Function app error message in the development environment. What should you do?
A. Connect Live Metrics Stream from Application Insights to the Azure Function app and filter the metrics.
B. Create a new Azure Log Analytics workspace and instrument the Azure Function app with Application Insights.
C. Update the Azure Function app with extension methods from Microsoft.Extensions.Logging to log events by using the log instance.
D. Add a new diagnostic setting to the Azure Function app to send logs to Log Analytics.
Answer: A
Explanation:
Azure Functions offers built-in integration with Azure Application Insights to monitor functions.
The following areas of Application Insights can be helpful when evaluating the behavior, performance, and errors in your functions:
Live Metrics: View metrics data as it's created in near real-time. Failures
Performance Metrics Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-monitoring
NEW QUESTION 26
- (Exam Topic 3)
You need to configure security and compliance for the corporate website files.
Which Azure Blob storage settings should you use? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: role-based access control (RBAC)
Azure Storage supports authentication and authorization with Azure AD for the Blob and Queue services via Azure role-based access control (Azure RBAC).
Scenario: File access must restrict access by IP, protocol, and Azure AD rights. Box 2: storage account type
Scenario: The website uses files stored in Azure Storage
Auditing of the file updates and transfers must be enabled to comply with General Data Protection Regulation (GDPR).
Creating a diagnostic setting:
* 1. Sign in to the Azure portal.
* 2. Navigate to your storage account.
* 3. In the Monitoring section, click Diagnostic settings (preview).

* 4. Choose file as the type of storage that you want to enable logs for.
* 5. Click Add diagnostic setting. Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-introduction https://docs.microsoft.com/en-us/azure/storage/files/storage-files-monitoring
NEW QUESTION 30
- (Exam Topic 4)
You need to ensure that the solution can meet the scaling requirements for Policy Service. Which Azure Application Insights data model should you use?
A. an Application Insights dependency

B. an Application Insights event
C. an Application Insights trace
D. an Application Insights metric
Answer: D
Explanation:
Application Insights provides three additional data types for custom telemetry:
Trace - used either directly, or through an adapter to implement diagnostics logging using an instrumentation framework that is familiar to you, such as Log4Net or
System.Diagnostics.
Event - typically used to capture user interaction with your service, to analyze usage patterns. Metric - used to report periodic scalar measurements.
Scenario:
Policy service must use Application Insights to automatically scale with the number of policy actions that it is performing.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/data-model
NEW QUESTION 31
- (Exam Topic 4)
You need to resolve a notification latency issue.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Set Always On to true.

B. Ensure that the Azure Function is using an App Service plan.
C. Set Always On to false.
D. Ensure that the Azure Function is set to use a consumption plan.
Answer: AB
Explanation:
Azure Functions can run on either a Consumption Plan or a dedicated App Service Plan. If you run in a dedicated mode, you need to turn on the Always On setting
for your Function App to run properly. The Function runtime will go idle after a few minutes of inactivity, so only HTTP triggers will actually "wake up" your
functions. This is similar to how WebJobs must have Always On enabled.
Scenario: Notification latency: Users report that anomaly detection emails can sometimes arrive several minutes after an anomaly is detected.
Anomaly detection service: You have an anomaly detection service that analyzes log information for anomalies. It is implemented as an Azure Machine Learning
model. The model is deployed as a web service. If an anomaly is detected, an Azure Function that emails administrators is called by using an HTTP WebHook.
Reference:
https://github.com/Azure/Azure-Functions/wiki/Enable-Always-On-when-running-on-dedicated-App-Service-Pl
NEW QUESTION 34
- (Exam Topic 4)

You need to ensure that PolicyLib requirements are met.

How should you complete the code segment? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once,
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Scenario: You have a shared library named PolicyLib that contains functionality common to all ASP.NET Core web services and applications. The PolicyLib library
must:
Exclude non-user actions from Application Insights telemetry.
Provide methods that allow a web service to scale itself.
Ensure that scaling actions do not disrupt application usage. Box 1: ITelemetryInitializer
Use telemetry initializers to define global properties that are sent with all telemetry; and to override selected behavior of the standard telemetry modules.
Box 2: Initialize
Box 3: Telemetry.Context
Box 4: ((EventTelemetry)telemetry).Properties["EventID"] Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/api-filtering-sampling
NEW QUESTION 37
- (Exam Topic 4)
You need to insert code at line LE03 of LoginEvent.cs to ensure that all authentication events are processed correctly.
How should you complete the code? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: id
id is a unique identifier for the event.
Box 2: eventType
eventType is one of the registered event types for this event source.
Box 3: dataVersion
dataVersion is the schema version of the data object. The publisher defines the schema version.
Scenario: Authentication events are used to monitor users signing in and signing out. All authentication events must be processed by Policy service. Sign outs
must be processed as quickly as possible.
The following example shows the properties that are used by all event publishers: [
{
"topic": string, "subject": string, "id": string,

"eventType": string, "eventTime": string, "data":{

object-unique-to-each-publisher
},
"dataVersion": string, "metadataVersion": string
}
]
Reference:
https://docs.microsoft.com/en-us/azure/event-grid/event-schema
NEW QUESTION 39
- (Exam Topic 5)
You need to add code at line PC26 of Processing.cs to ensure that security policies are met.
How should you complete the code that you will add at line PC26? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: var key = await Resolver.ResolveKeyAsyn(keyBundle,KeyIdentifier.CancellationToken.None); Box 2: var x = new BlobEncryptionPolicy(key,resolver);
Example:
// We begin with cloudKey1, and a resolver capable of resolving and caching Key Vault secrets.
BlobEncryptionPolicy encryptionPolicy = new BlobEncryptionPolicy(cloudKey1, cachingResolver); client.DefaultRequestOptions.EncryptionPolicy =
encryptionPolicy;
Box 3: cloudblobClient. DefaultRequestOptions.EncryptionPolicy = x; Reference:
https://github.com/Azure/azure-storage-net/blob/master/Samples/GettingStarted/EncryptionSamples/KeyRotatio
NEW QUESTION 43
- (Exam Topic 5)
You need to ensure the security policies are met.
What code do you add at line CS07 of ConfigureSSE.ps1?
A. –PermissionsToKeys create, encrypt, decrypt

B. –PermissionsToCertificates create, encrypt, decrypt
C. –PermissionsToCertificates wrapkey, unwrapkey, get
D. –PermissionsToKeys wrapkey, unwrapkey, get
Answer: B
Explanation:
Scenario: All certificates and secrets used to secure data must be stored in Azure Key Vault.
You must adhere to the principle of least privilege and provide privileges which are essential to perform the intended function.
The Set-AzureRmKeyValutAccessPolicy parameter -PermissionsToKeys specifies an array of key operation permissions to grant to a user or service principal. The
acceptable values for this parameter: decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge
Reference:
https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/set-azurermkeyvaultaccesspolicy
NEW QUESTION 48
- (Exam Topic 5)
You need to add code at line PC32 in Processing.cs to implement the GetCredentials method in the Processing class.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: AzureServiceTokenProvider()
Box 2: tp.GetAccessTokenAsync("..")
Acquiring an access token is then quite easy. Example code: private async Task<string> GetAccessTokenAsync()
{
var tokenProvider = new AzureServiceTokenProvider();
return await tokenProvider.GetAccessTokenAsync("https://storage.azure.com/");
}
Reference:
https://joonasw.net/view/azure-ad-authentication-with-azure-storage-and-managed-service-identity
NEW QUESTION 52
- (Exam Topic 5)
You need to resolve the capacity issue. What should you do?
A. Convert the trigger on the Azure Function to an Azure Blob storage trigger
B. Ensure that the consumption plan is configured correctly to allow scaling
C. Move the Azure Function to a dedicated App Service Plan
D. Update the loop starting on line PC09 to process items in parallel
Answer: D
Explanation:
If you want to read the files in parallel, you cannot use forEach. Each of the async callback function calls does return a promise. You can await the array of
promises that you'll get with Promise.all.
Scenario: Capacity issue: During busy periods, employees report long delays between the time they upload the receipt and when it appears in the web application.
Reference:
https://stackoverflow.com/questions/37576685/using-async-await-with-a-foreach-loop
NEW QUESTION 53
- (Exam Topic 5)
You need to ensure receipt processing occurs correctly. What should you do?
A. Use blob properties to prevent concurrency problems

B. Use blob SnapshotTime to prevent concurrency problems
C. Use blob metadata to prevent concurrency problems
D. Use blob leases to prevent concurrency problems
Answer: B
Explanation:
You can create a snapshot of a blob. A snapshot is a read-only version of a blob that's taken at a point in time. Once a snapshot has been created, it can be read,
copied, or deleted, but not modified. Snapshots provide a way to back up a blob as it appears at a moment in time.
Scenario: Processing is performed by an Azure Function that uses version 2 of the Azure Function runtime. Once processing is completed, results are stored in
Azure Blob Storage and an Azure SQL database. Then, an email summary is sent to the user with a link to the processing report. The link to the report must
remain valid if the email is forwarded to another user.
Reference:
https://docs.microsoft.com/en-us/rest/api/storageservices/creating-a-snapshot-of-a-blob

NEW QUESTION 58
- (Exam Topic 5)
You need to ensure disaster recovery requirements are met. What code should you add at line PC16?
To answer, drag the appropriate code fragments to the correct locations. Each code fragment may be used once, more than once, or not at all. You may need to
drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Scenario: Disaster recovery. Regional outage must not impact application availability. All DR operations must not be dependent on application running and must
ensure that data in the DR region is up to date.
Box 1: DirectoryTransferContext We transfer all files in the directory.
Note: The TransferContext object comes in two forms: SingleTransferContext and DirectoryTransferContext. The former is for transferring a single file and the
latter is for transferring a directory of files.
Box 2: ShouldTransferCallbackAsync
The DirectoryTransferContext.ShouldTransferCallbackAsync delegate callback is invoked to tell whether a transfer should be done.
Box 3: False
If you want to use the retry policy in Copy, and want the copy can be resume if break in the middle, you can use SyncCopy (isServiceCopy = false).
Note that if you choose to use service side copy ('isServiceCopy' set to true), Azure (currently) doesn't provide SLA for that. Setting 'isServiceCopy' to false will
download the source blob loca
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-use-data-movement-library https://docs.microsoft.com/en-
us/dotnet/api/microsoft.windowsazure.storage.datamovement.directorytransfercon
NEW QUESTION 62
- (Exam Topic 6)
You need to configure Azure Cosmos DB.
Which settings should you use? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, application, table Description automatically generated
Box 1: Strong
When the consistency level is set to strong, the staleness window is equivalent to zero, and the clients are guaranteed to read the latest committed value of the
write operation.

Scenario: Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.
Note: You can choose from five well-defined models on the consistency spectrum. From strongest to weakest, the models are: Strong, Bounded staleness,
Session, Consistent prefix, Eventual
Box 2: SQL
Scenario: You identify the following requirements for data management and manipulation:
Order data is stored as nonrelational JSON and must be queried using Structured Query Language (SQL).
NEW QUESTION 63
- (Exam Topic 6)
You need to retrieve all order line items from Order.json and sort the data alphabetically by the city. How should you complete the code? To answer, select the
appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface Description automatically generated
Box 1: orders o
Scenario: Order data is stored as nonrelational JSON and must be queried using SQL.
Box 2:li
Box 3: o.line_items
Box 4: o.city
The city field is in Order, not in the 2s.
NEW QUESTION 68
- (Exam Topic 7)
You develop software solutions for a mobile delivery service. You are developing a mobile app that users can use to order from a restaurant in their area. The app
uses the following workflow:
* 1. A driver selects the restaurants for which they will deliver orders.
* 2. Orders are sent to all available drivers in an area.
* 3. Only orders for the selected restaurants will appear for the driver.
* 4. The first driver to accept an order removes it from the list of available orders. You need to implement an Azure Service Bus solution.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
A. Mastered
B. Not Mastered

Answer: A
Explanation:
Box 1: Create a single Service Bus Namespace
To begin using Service Bus messaging entities in Azure, you must first create a namespace with a name that is unique across Azure. A namespace provides a
scoping container for addressing Service Bus resources within your application.
Box 2: Create a Service Bus Topic for each restaurant for which a driver can receive messages. Create topics.
Box 3: Create a Service Bus subscription for each restaurant for which a driver can receive orders. Topics can have multiple, independent subscriptions.
References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-messaging-overview
NEW QUESTION 72
- (Exam Topic 7)
You are developing applications for a company. You plan to host the applications on Azure App Services. The company has the following requirements:
Every five minutes verify that the websites are responsive.
Verify that the websites respond within a specified time threshold. Dependent requests such as images and JavaScript files must load properly.
Generate alerts if a website is experiencing issues.
If a website fails to load, the system must attempt to reload the site three more times. You need to implement this process with the least amount of effort.
What should you do? D18912E1457D5D1DDCBD40AB3BF70D5D
A. Create a Selenium web test and configure it to run from your workstation as a scheduled task.
B. Set up a URL ping test to query the home page.
C. Create an Azure function to query the home page.
D. Create a multi-step web test to query the home page.
E. Create a Custom Track Availability Test to query the home page.
Answer: D
Explanation:
You can monitor a recorded sequence of URLs and interactions with a website via multi-step web tests. Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/availability-multistep
NEW QUESTION 76
- (Exam Topic 7)
D18912E1457D5D1DDCBD40AB3BF70D5D
You are building a website that uses Azure Blob storage for data storage. You configure Azure Blob storage lifecycle to move all blobs to the archive tier after 30
days.
Customers have requested a service-level agreement (SLA) for viewing data older than 30 days. You need to document the minimum SLA for data recovery.
Which SLA should you use?
A. at least two days

B. between one and 15 hours
C. at least one day
D. between zero and 60 minutes
Answer: B
Explanation:
The archive access tier has the lowest storage cost. But it has higher data retrieval costs compared to the hot and cool tiers. Data in the archive tier can take
several hours to retrieve depending on the priority of the rehydration. For small objects, a high priority rehydrate may retrieve the object from archive in under 1
hour.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers?tabs=azure-portal
NEW QUESTION 81
- (Exam Topic 7)
You develop an ASP.NET Core MVC application. You configure the application to track webpages and custom events.
You need to identify trends in application usage.
Which Azure Application Insights Usage Analysis features should you use? To answer, drag the appropriate features to the correct requirements. Each feature
may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered

B. Not Mastered
Answer: A
Explanation:
Box1: Users Box 2: Impact
One way to think of Impact is as the ultimate tool for settling arguments with someone on your team about how slowness in some aspect of your site is affecting
whether users stick around. While users may tolerate a certain amount of slowness, Impact gives you insight into how best to balance optimization and
performance to maximize user conversion.
Box 3: Retention
The retention feature in Azure Application Insights helps you analyze how many users return to your app, and how often they perform particular tasks or achieve
goals. For example, if you run a game site, you could compare the numbers of users who return to the site after losing a game with the number who return after
winning. This knowledge can help you improve both your user experience and your business strategy.
Box 4: User flows
The User Flows tool visualizes how users navigate between the pages and features of your site. It's great for answering questions like:
How do users navigate away from a page on your site? What do users click on a page on your site?
Where are the places that users churn most from your site?
Are there places where users repeat the same action over and over?
NEW QUESTION 82
- (Exam Topic 7)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage
Blob storage. The storage account type is
General-purpose V2.
When photos are uploaded, they must be processed to produce and save a mobile-friendly version of the image. The process to produce a mobile-friendly version
of the image must start in less than one minute.
You need to design the process that starts the photo processing. Solution: Trigger the photo processing from Blob storage events. Does the solution meet the
goal?
A. Yes
B. NO
Answer: B
Explanation:
You need to catch the triggered event, so move the photo processing to an Azure Function triggered from the blob upload
Note: Azure Storage events allow applications to react to events. Common Blob storage event scenarios include image or video processing, search indexing, or
any file-oriented workflow.
Events are pushed using Azure Event Grid to subscribers such as Azure Functions, Azure Logic Apps, or even to your own http listener.
Note: Only storage accounts of kind StorageV2 (general purpose v2) and BlobStorage support event integration. Storage (general purpose v1) does not support
integration with Event Grid.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview
NEW QUESTION 86
- (Exam Topic 7)
You are a developer for a software as a service (SaaS) company that uses an Azure Function to process orders. The Azure Function currently runs on an Azure
Function app that is triggered by an Azure Storage queue.
You are preparing to migrate the Azure Function to Kubernetes using Kubernetes-based Event Driven Autoscaling (KEDA).
You need to configure Kubernetes Custom Resource Definitions (CRD) for the Azure Function.
Which CRDs should you configure? To answer, drag the appropriate CRD types to the correct locations. Each CRD type may be used once, more than once, or
not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Deployment
To deploy Azure Functions to Kubernetes use the func kubernetes deploy command has several attributes that directly control how our app scales, once it is
deployed to Kubernetes.
Box 2: ScaledObject

With --polling-interval, we can control the interval used by KEDA to check Azure Service Bus Queue for messages.
Example of ScaledObject with polling interval apiVersion: keda.k8s.io/v1alpha1
kind: ScaledObject metadata:
name: transformer-fn namespace: tt
labels:
deploymentName: transformer-fn spec:
scaleTargetRef: deploymentName: transformer-fn pollingInterval: 5
minReplicaCount: 0
maxReplicaCount: 100
Box 3: Secret
Store connection strings in Kubernetes Secrets. Example: to create the Secret in our demo Namespace:
# create the k8s demo namespace kubectl create namespace tt
# grab connection string from Azure Service Bus KEDA_SCALER_CONNECTION_STRING=$(az servicebus queue authorization-rule keys list \
-g $RG_NAME \
--namespace-name $SBN_NAME \
--queue-name inbound \
-n keda-scaler \
--query "primaryConnectionString" \
-o tsv)
# create the kubernetes secret
kubectl create secret generic tt-keda-auth \
--from-literal KedaScaler=$KEDA_SCALER_CONNECTION_STRING \
--namespace tt Reference:
https://www.thinktecture.com/en/kubernetes/serverless-workloads-with-keda/
NEW QUESTION 90
- (Exam Topic 7)
You have a web service that is used to pay for food deliveries. The web service uses Azure Cosmos DB as the data store.
You plan to add a new feature that allows users to set a tip amount. The new feature requires that a property named tip on the document in Cosmos DB must be
present and contain a numeric value.
There are many existing websites and mobile apps that use the web service that will not be updated to set the tip property for some time.
How should you complete the trigger?
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: getContext().getRequest(); Box 2: if(isNaN(i)["tip"] ..
In JavaScript, there are two ways to check if a variable is a number :
isNaN() – Stands for “is Not a Number”, if variable is not a number, it return true, else return false. typeof – If variable is a number, it will returns a string named
“number”.
Box 3:r.setBody(i);
// update the item that will be created References:
https://docs.microsoft.com/bs-latn-ba/azure/cosmos-db/how-to-write-stored-procedures-triggers-udfs
https://mkyong.com/javascript/check-if-variable-is-a-number-in-javascript/
NEW QUESTION 94
- (Exam Topic 7)
You are developing a medical records document management website. The website is used to store scanned copies of patient intake forms. If the stored intake
forms are downloaded from storage by a third party, the content of the forms must not be compromised.
You need to store the intake forms according to the requirements. Solution: Store the intake forms as Azure Key Vault secrets. Does the solution meet the goal?
A. Yes
B. No

Answer: B
Explanation:
Instead use an Azure Key vault and public key encryption. Store the encrypted from in Azure Storage Blob storage.
NEW QUESTION 96
- (Exam Topic 7)
You are developing an Azure solution to collect point-of-sale (POS) device data from 2,000 stores located throughout the world. A single device can produce 2
megabytes (MB) of data every 24 hours. Each store location has one to five devices that send data.
You must store the device data in Azure Blob storage. Device data must be correlated based on a device identifier. Additional stores are expected to open in the
future.
You need to implement a solution to receive the device data.
Solution: Provision an Azure Event Grid. Configure the machine identifier as the partition key and enable capture.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/event-grid/compare-messaging-services
NEW QUESTION 100

- (Exam Topic 7)
You are validating the configuration of an Azure Search indexer.
The service has been configured with an indexer that uses the Import Data option. The index is configured using options as shown in the Index Configuration
exhibit. (Click the Index Configuration tab.)
You use an Azure table as the data source for the import operation. The table contains three records with item inventory data that matches the fields in the Storage
data exhibit. These records were imported when the index was created. (Click the Storage Data tab.) When users search with no filter, all three records are
displayed.
When users search for items by description, Search explorer returns no records. The Search Explorer exhibit shows the query and results for a test. In the test, a
user is trying to search for all items in the table that have a description that contains the word bag. (Click the Search Explorer tab.)

You need to resolve the issue.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Yes
The ItemDescription field in not searchable.
Box 2: No
The ItemDescription field in not searchable, but we would need to recreate the index.
Box 3: Yes
An indexer in Azure Search is a crawler that extracts searchable data and metadata from an external Azure data source and populates an index based on field-to-
field mappings between the index and your data source. This approach is sometimes referred to as a 'pull model' because the service pulls data in without you
having to write any code that adds data to an index.
Box 4: No References:
https://docs.microsoft.com/en-us/azure/search/search-what-is-an-index https://docs.microsoft.com/en-us/azure/search/search-indexer-overview
NEW QUESTION 101

- (Exam Topic 7)
A company is developing a solution that allows smart refrigerators to send temperature information to a central location. You have an existing Service Bus.
The solution must receive and store message until they can be processed. You create an Azure Service Bus Instance by providing a name, pricing tier,
subscription, resource group, and location.
You need to complete the configuration.
Which Azure CLI or PowerShell command should you run?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Explanation:
A service bus instance has already been created (Step 2 below). Next is step 3, Create a Service Bus queue. Note:
Steps:
Step 1: # Create a resource group resourceGroupName="myResourceGroup"
az group create --name $resourceGroupName --location eastus
Step 2: # Create a Service Bus messaging namespace with a unique name namespaceName=myNameSpace$RANDOM
az servicebus namespace create --resource-group $resourceGroupName --name $namespaceName --location eastus
Step 3: # Create a Service Bus queue
az servicebus queue create --resource-group $resourceGroupName --namespace-name $namespaceName
--name BasicQueue
Step 4: # Get the connection string for the namespace
connectionString=$(az servicebus namespace authorization-rule keys list --resource-group
$resourceGroupName --namespace-name $namespaceName --name RootManageSharedAccessKey --query primaryConnectionString --output tsv)
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-quickstart-cli

NEW QUESTION 104

- (Exam Topic 7)
You are developing an application that uses a premium block blob storage account. You are optimizing costs by automating Azure Blob Storage access tiers.
You apply the following policy rules to the storage account. You must determine the implications of applying the rules to the data. (Line numbers are included for
reference only.)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 109

- (Exam Topic 7)
You are developing an Azure Function app. The app must meet the following requirements:
Enable developers to write the functions by using the Rust language.
Declaratively connect to an Azure Blob Storage account.
You need to implement the app.
Which Azure Function app features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more
than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, application Description automatically generated
Box 1: Custom handler
Custom handlers can be used to create functions in any language or runtime by running an HTTP server process, for example Go or Rust.
Box 2: Trigger

Functions are invoked by a trigger and can have exactly one. In addition to invoking the function, certain triggers also serve as bindings. You may also define
multiple bindings in addition to the trigger. Bindings provide a declarative way to connect data to your code.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/create-first-function-vs-code-other https://docs.microsoft.com/en-us/dotnet/architecture/serverless/azure-
functions
NEW QUESTION 112

- (Exam Topic 7)
Margie’s Travel is an international travel and bookings management service. The company is expanding into restaurant bookings. You are tasked with
implementing Azure Search for the restaurants listed in their solution
You create the index in Azure Search.
You need to import the restaurant data into the Azure Search service by using the Azure Search NET SDK. Solution:
* 1. Create a SearchlndexClient object to connect to the search index
* 2. Create an IndexBatch that contains the documents which must be added.
* 3. Call the Documents.Index method of the SearchIndexClient and pass the IndexBatch.
A. Yes
B. No
Answer: A
Explanation:
* 1. The index needs to be populated. To do this, we will need a SearchIndexClient. There are two ways to obtain one: by constructing it, or by calling
Indexes.GetClient on the SearchServiceClient. Here we will use the first method.
* 2. Create the indexBatch with the documents Something like:
var hotels = new Hotel[];
{
new Hotel()
{
HotelId = "3",
BaseRate = 129.99,
Description = "Close to town hall and the river"
}
};
…
var batch = IndexBatch.Upload(hotels);
* 3. The next step is to populate the newly-created index Example:
var batch = IndexBatch.Upload(hotels); try
{
indexClient.Documents.Index(batch);
}
References:
https://docs.microsoft.com/en-us/azure/search/search-howto-dotnet-sdk
NEW QUESTION 114

- (Exam Topic 7)
You are developing an application to securely transfer data between on-premises file systems and Azure Blob storage. The application stores keys, secrets, and
certificates in Azure Key Vault. The application uses the Azure Key Vault APIs.
The application must allow recovery of an accidental deletion of the key vault or key vault objects. Key vault objects must be retained for 90 days after deletion.
You need to protect the key vault and key vault objects.
Which Azure Key Vault feature should you use? To answer, drag the appropriate features to the correct actions. Each feature may be used once, more than once,
or not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Soft delete
When soft-delete is enabled, resources marked as deleted resources are retained for a specified period (90 days by default). The service further provides a
mechanism for recovering the deleted object, essentially undoing the deletion.
Box 2: Purge protection
Purge protection is an optional Key Vault behavior and is not enabled by default. Purge protection can only be enabled once soft-delete is enabled.
When purge protection is on, a vault or an object in the deleted state cannot be purged until the retention period has passed. Soft-deleted vaults and objects can
still be recovered, ensuring that the retention policy will be followed.

Reference:
https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview
NEW QUESTION 118

- (Exam Topic 7)
You are building a traffic monitoring system that monitors traffic along six highways. The system produces time series analysis-based reports for each highway.
Data from traffic sensors are stored in Azure Event Hub.
Traffic data is consumed by four departments. Each department has an Azure Web App that displays the time-series-based reports and contains a WebJob that
processes the incoming data from Event Hub. All Web Apps run on App Service Plans with three instances.
Data throughout must be maximized. Latency must be minimized. You need to implement the Azure Event Hub.
Which settings should you use? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: 6
The number of partitions is specified at creation and must be between 2 and 32. There are 6 highways.
Box 2: Highway References:
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-features
NEW QUESTION 121

- (Exam Topic 7)
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user’s Azure AD group membership must be used to
determine the permission level.
You need to configure authorization.
Solution:
Configure and use Integrated Windows Authentication in the website.
In the website, query Microsoft Graph API to load the group to which the user is a member. Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Microsoft Graph is a RESTful web API that enables you to access Microsoft Cloud service resources.
Instead in the Azure AD application’s manifest, set value of the groupMembershipClaims option to All. In the website, use the value of the groups claim from the
JWT for the user to determine permissions.
Reference:
https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad-groups/
NEW QUESTION 125

- (Exam Topic 7)
You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage
Blob storage. The storage account type is
General-purpose V2.
When photos are uploaded, they must be processed to produce and save a mobile-friendly version of the image. The process to produce a mobile-friendly version
of the image must start in less than one minute.
You need to design the process that starts the photo processing.
Solution: Convert the Azure Storage account to a BlockBlobStorage storage account. Does the solution meet the goal?

A. Yes
B. No
Answer: B
Explanation:
Not necessary to convert the account, instead move photo processing to an Azure Function triggered from the blob upload..
Azure Storage events allow applications to react to events. Common Blob storage event scenarios include image or video processing, search indexing, or any file-
oriented workflow.
Note: Only storage accounts of kind StorageV2 (general purpose v2) and BlobStorage support event integration. Storage (general purpose v1) does not support
integration with Event Grid.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview
NEW QUESTION 128

- (Exam Topic 7)
You are preparing to deploy a Python website to an Azure Web App using a container. The solution will use multiple containers in the same container group. The
Dockerfile that builds the container is as follows:
You build a container by using the following command. The Azure Container Registry instance named images is a private registry.
The user name and password for the registry is admin.

The Web App must always run the same version of the website regardless of future builds. You need to create an Azure Web App to run the website.
How should you complete the commands? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: --SKU B1 --hyper-v
--hyper-v
Host web app on Windows container.
Box 2: --deployment-source-url images.azurecr.io/website:v1.0.0
--deployment-source-url -u
Git repository URL to link with manual integration.
The Web App must always run the same version of the website regardless of future builds. Incorrect:
--deployment-container-image-name -i
Linux only. Container image name from Docker Hub, e.g. publisher/image-name:tag. Box 3: az webapp config container set -url https://images.azurecr.io -u admin
-p admin az webapp config container set
Set a web app container's settings. Paremeter: --docker-registry-server-url -r
The container registry server url.
The Azure Container Registry instance named images is a private registry. Example:
az webapp config container set --docker-registry-server-url https://{azure-container-registry-name}.azurecr.io Reference:
https://docs.microsoft.com/en-us/cli/azure/appservice/plan
NEW QUESTION 130

- (Exam Topic 7)
You provide an Azure API Management managed web service lo clients. The back end web service implements HTTP Strict Transport Security (HSTS).
Every request to the backend service must include a valid HTTP authorization header. You need to configure the Azure API Management instance with an
authentication policy. Which two policies can you uses? Each correct answer presents a complete solution NOTE: Each correct selection is worth one point.
A. Certificate Authentication
B. Basic Authentication
C. OAuth Client Credential Grant
D. Digest Authentication

Answer: AC
NEW QUESTION 135

- (Exam Topic 7)
You are implementing a software as a service (SaaS) ASP.NET Core web service that will run as an Azure Web App. The web service will use an on-premises
SQL Server database for storage. The web service also includes a WebJob that processes data updates. Four customers will use the web service.
•Each instance of the WebJob processes data for a single customer and must run as a singleton instance.
•Each deployment must be tested by using deployment slots prior to serving production data.
•Azure costs must be minimized.
•Azure resources must be located in an isolated network.
You need to configure the App Service plan for the Web App.
How should you configure the App Service plan? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Number of VM instances: 4
You are not charged extra for deployment slots. Pricing tier: Isolated
The App Service Environment (ASE) is a powerful feature offering of the Azure App Service that gives network isolation and improved scale capabilities. It is
essentially a deployment of the Azure App Service into a subnet of a customer’s Azure Virtual Network (VNet).
References:
https://azure.microsoft.com/sv-se/blog/announcing-app-service-isolated-more-power-scale-and-ease-of-use/
NEW QUESTION 136

- (Exam Topic 7)
You are developing an ASP.NET Core Web API web service that uses Azure Application Insights to monitor performance and track events.
You need to enable logging and ensure that log messages can be correlated to events tracked by Application Insights.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: ApplicationInsightsLoggerOptions
If you want to include the EventId and EventName properties, then add the following to the ConfigureServices method:

services AddOptions<ApplicationInsightsLoggerOptions>() Configure(o => o.IncludeEventId = true);

Box 2: IncludeEventID
Box 3: ApplicationServices
In Asp.Net core apps it turns out that trace logs do not show up in Application Insights out of the box. We need to add the following code snippet to our Configure
method in Startup.cs:
loggerFactory.AddApplicationInsights(app.ApplicationServices, logLevel); References:
https://blog.computedcloud.com/enabling-application-insights-trace-logging-in-asp-net-core/
NEW QUESTION 141

- (Exam Topic 7)
You are developing an internal website for employees to view sensitive data. The website uses Azure Active Directory (AAD) for authentication. You need to
implement multifactor authentication for the website.
What should you do? Each correct answer presents part of the solution. NOTE; Each correct selection is worth one point.
A. In Azure AD, create a new conditional access policy.

B. In Azure AD, enable application proxy.
C. Configure the website to use Azure AD B2C.
D. In Azure AD conditional access, enable the baseline policy.
E. Upgrade to Azure AD Premium.
Answer: AE
Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted
NEW QUESTION 143

- (Exam Topic 7)
You are developing an Azure solution.
You need to develop code to access a secret stored in Azure Key Vault.
How should you complete the code segment? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once,
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application Description automatically generated with medium confidence
Box 1: SecretClient
Box 2: DefaultAzureCredential
In below example, the name of your key vault is expanded to the key vault URI, in the format
"https://<your-key-vault-name>.vault.azure.net". This example is using 'DefaultAzureCredential()' class from Azure Identity Library, which allows to use the same
code across different environments with different options to provide identity.
string keyVaultName = Environment.GetEnvironmentVariable("KEY_VAULT_NAME"); var kvUri = "https://" + keyVaultName + ".vault.azure.net";
var client = new SecretClient(new Uri(kvUri), new DefaultAzureCredential()); Reference:
https://docs.microsoft.com/en-us/azure/key-vault/secrets/quick-create-net
NEW QUESTION 147

- (Exam Topic 7)
You develop and deploy an Azure Logic app thai calls an Azure Function app. The Azure Function app includes an OpenAPl (Swagger) definition and uses an
Azure Blob storage account. All resources are secured by using Azure Active Directory (Azure AD).
The Azure Logic app must securely access the Azure Blob storage account. Azure AD resources must remain if the Azure Logic app is deleted.
You need to secure the Azure Logic app. What should you do?
A. Create an Azure AD custom role and assign role-based access controls.

B. Create an Azure AD custom role and assign the role to the Azure Blob storage account.
C. Create an Azure Key Vault and issue a client certificate.
D. Create a user-assigned managed identity and assign role-based access controls.
E. Create a system-assigned managed identity and issue a client certificate.
Answer: C

NEW QUESTION 150

- (Exam Topic 7)
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to
the service consistently.
You have the following requirements:
Queue size must not grow larger than 80 gigabytes (GB).
Use first-in-first-out (FIFO) ordering of messages.
Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Storage Queue from the mobile application. Create an Azure Function App that uses an Azure Storage
Queue trigger.
A. Yes
B. No
Answer: B
Explanation:
Create an Azure Function App that uses an Azure Service Bus Queue trigger. Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-storage-queue-triggered-function
NEW QUESTION 152

- (Exam Topic 7)
You are developing an app that manages users for a video game. You plan to store the region, email address, and phone number for the player. Some players
may not have a phone number. The player’s region will be used to load-balance data.
Data for the app must be stored in Azure Table Storage.
You need to develop code to retrieve data for an individual player.
How should you complete the code? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: region
The player’s region will be used to load-balance data. Choosing the PartitionKey.
The core of any table's design is based on its scalability, the queries used to access it, and storage operation requirements. The PartitionKey values you choose
will dictate how a table will be partitioned and the type of queries that can be used. Storage operations, in particular inserts, can also affect your choice of
PartitionKey values.
Box 2: email
Not phone number some players may not have a phone number. Box 3: CloudTable
Box 4 : TableOperation query =.. Box 5: TableResult
References:
https://docs.microsoft.com/en-us/rest/api/storageservices/designing-a-scalable-partitioning-strategy-for-azure-ta

NEW QUESTION 156

- (Exam Topic 7)
You are implementing a software as a service (SaaS) ASP.NET Core web service that will run as an Azure Web App. The web service will use an on-premises
SQL Server database for storage. The web service also includes a WebJob that processes data updates. Four customers will use the web service.
Each instance of the WebJob processes data for a single customer and must run as a singleton instance.
Each deployment must be tested by using deployment slots prior to serving production data.
Azure costs must be minimized.
Azure resources must be located in an isolated network.
You need to configure the App Service plan for the Web App.
How should you configure the App Service plan? To answer, select the appropriate settings in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Number of VM instances: 4
You are not charged extra for deployment slots. Pricing tier: Isolated
The App Service Environment (ASE) is a powerful feature offering of the Azure App Service that gives network isolation and improved scale capabilities. It is
essentially a deployment of the Azure App Service into a subnet of a customer’s Azure Virtual Network (VNet).
References:
https://azure.microsoft.com/sv-se/blog/announcing-app-service-isolated-more-power-scale-and-ease-of-use/
NEW QUESTION 161

- (Exam Topic 7)
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Margie’s Travel is an international travel and bookings management service. The company is expanding into restaurant bookings. You are tasked with
implementing Azure Search for the restaurants listed in their solution.
You create the index in Azure Search.
You need to import the restaurant data into the Azure Search service by using the Azure Search .NET SDK. Solution:
* 1. Create a SearchIndexClient object to connect to the search index.
* 2. Create a DataContainer that contains the documents which must be added.
* 3. Create a DataSource instance and set its Container property to the DataContainer.
* 4. Call the Documents.Suggest method of the SearchIndexClient and pass the DataSource.
A. Yes
B. No
Answer: B
Explanation:
Use the following method:
* 1. - Create a SearchIndexClient object to connect to the search index
* 2. - Create an IndexBatch that contains the documents which must be added.
* 3. - Call the Documents.Index method of the SearchIndexClient and pass the IndexBatch. References:
https://docs.microsoft.com/en-us/azure/search/search-howto-dotnet-sdk
NEW QUESTION 164

- (Exam Topic 7)
You develop a gateway solution for a public facing news API.
The news API back end is implemented as a RESTful service and hosted in an Azure App Service instance. You need to configure back-end authentication for the
API Management service instance.
Which target and gateway credential type should you use? To answer, drag the appropriate values to the correct parameters. Each value may be used once, more

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Azure Resource
Box 2: Client cert
API Management allows to secure access to the back-end service of an API using client certificates.
Reference:
https://docs.microsoft.com/en-us/rest/api/apimanagement/apimanagementrest/azure-api-management-rest-api-ba
NEW QUESTION 165

- (Exam Topic 7)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the
solution meets the stated goals.
You are developing and deploying several ASP.Net web applications to Azure App Service. You plan to save session state information and HTML output. You
must use a storage mechanism with the following requirements:
•Share session state across all ASP.NET web applications
•Support controlled, concurrent access to the same session state data for multiple readers and a single writer
•Save full HTTP responses for concurrent requests You need to store the information.
Proposed Solution: Deploy and configure Azure Cache for Redis. Update the web applications.
A. Yes
B. No
Answer: A
Explanation:
The session state provider for Azure Cache for Redis enables you to share session information between different instances of an ASP.NET web application.
The same connection can be used by multiple concurrent threads. Redis supports both read and write operations.
The output cache provider for Azure Cache for Redis enables you to save the HTTP responses generated by an ASP.NET web application.
Note: Using the Azure portal, you can also configure the eviction policy of the cache, and control access to the cache by adding users to the roles provided. These
roles, which define the operations that members can perform, include Owner, Contributor, and Reader. For example, members of the Owner role have complete
control over the cache (including security) and its contents, members of the Contributor role can read and write information in the cache, and members of the
Reader role can only retrieve data from the cache.
Reference:
https://docs.microsoft.com/en-us/azure/architecture/best-practices/caching
NEW QUESTION 170

- (Exam Topic 7)
You are developing a solution that uses the Azure Storage Client library for .NET. You have the following code: (Line numbers are included for reference only.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Yes
AcquireLeaseAsync does not specify leaseTime.
leaseTime is a TimeSpan representing the span of time for which to acquire the lease, which will be rounded down to seconds. If null, an infinite lease will be
acquired. If not null, this must be 15 to 60 seconds.
Box 2: No
The GetBlockBlobReference method just gets a reference to a block blob in this container. Box 3: Yes
The BreakLeaseAsync method initiates an asynchronous operation that breaks the current lease on this container.
Reference:
https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.storage.blob.cloudblobcontainer.acquireleaseasync https://docs.microsoft.com/en-
us/dotnet/api/microsoft.azure.storage.blob.cloudblobcontainer.getblockblobrefere https://docs.microsoft.com/en-
us/dotnet/api/microsoft.azure.storage.blob.cloudblobcontainer.breakleaseasync
NEW QUESTION 173

- (Exam Topic 7)
You use Azure Table storage to store customer information for an application. The data contains customer details and is partitioned by last name. You need to
create a query that returns all customers with the last name Smith. Which code segment should you use?
A. TableQuery.GenerateFilterCondition("PartitionKey", Equals, "Smith")

B. TableQuery.GenerateFilterCondition("LastName", Equals, "Smith")
C. TableQuery.GenerateFilterCondition("PartitionKey", QueryComparisons.Equal, "Smith")
D. TableQuery.GenerateFilterCondition("LastName", QueryComparisons.Equal, "Smith")
Answer: C
Explanation:
Retrieve all entities in a partition. The following code example specifies a filter for entities where 'Smith' is the partition key. This example prints the fields of each
entity in the query results to the console.
Construct the query operation for all customer entities where PartitionKey="Smith". TableQuery<CustomerEntity> query = new
TableQuery<CustomerEntity>().Where(TableQuery.GenerateFilterCondition("PartitionKey",
QueryComparisons.Equal, "Smith"));
References:
https://docs.microsoft.com/en-us/azure/cosmos-db/table-storage-how-to-use-dotnet
NEW QUESTION 177

- (Exam Topic 7)
You are developing an application to use Azure Blob storage. You have configured Azure Blob storage to include change feeds.
A copy of your storage account must be created in another region. Data must be copied from the current storage account to the new storage account directly
between the storage servers.
You need to create a copy of the storage account in another region and copy the data.
In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
A. Mastered
B. Not Mastered

Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-move?tabs=azure-portal#modify-the-te
NEW QUESTION 180

- (Exam Topic 7)
You are developing an application that uses Azure Blob storage.
The application must read the transaction logs of all the changes that occur to the blobs and the blob metadata in the storage account for auditing purposes. The
changes must be in the order in which they occurred, include only create, update, delete, and copy operations and be retained for compliance reasons.
You need to process the transaction logs asynchronously. What should you do?
A. Process all Azure Blob storage events by using Azure Event Grid with a subscriber Azure Function app.
B. Enable the change feed on the storage account and process all changes for available events.
C. Process all Azure Storage Analytics logs for successful blob events.
D. Use the Azure Monitor HTTP Data Collector API and scan the request body for successful blob events.
Answer: B
Explanation:
:
Change feed support in Azure Blob Storage
The purpose of the change feed is to provide transaction logs of all the changes that occur to the blobs and the blob metadata in your storage account. The
change feed provides ordered, guaranteed, durable, immutable, read-only log of these changes. Client applications can read these logs at any time, either in
streaming or in batch mode. The change feed enables you to build efficient and scalable solutions that process change events that occur in your Blob Storage
account at a low cost.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-change-feed
NEW QUESTION 183

- (Exam Topic 7)
A company is implementing a publish-subscribe (Pub/Sub) messaging component by using Azure Service Bus. You are developing the first subscription
application.
In the Azure portal you see that messages are being sent to the subscription for each topic. You create and initialize a subscription client object by supplying the
correct details, but the subscription application is still not consuming the messages.
You need to ensure that the subscription client processes all messages. Which code segment should you use?
A. await subscriptionClient.AddRuleAsync(new RuleDescription (RuleDescription.DefaultRuleName, new TrueFilter()));

B. subscriptionClient = new SubscriptionClient(ServiceBusConnectionString, TopicName, SubscriptionName); D18912E1457D5D1DDCBD40AB3BF70D5D
C. await subscriptionClient.CloseAsync();
D. subscriptionClient.RegisterMessageHandler(ProcessMessagesAsync, messageHandlerOptions);
Answer: D
Explanation:
Using topic client, call RegisterMessageHandler which is used to receive messages continuously from the entity. It registers a message handler and begins a new
thread to receive messages. This handler is waited on every time a new message is received by the receiver.
subscriptionClient.RegisterMessageHandler(ReceiveMessagesAsync, messageHandlerOptions); Reference:
https://www.c-sharpcorner.com/article/azure-service-bus-topic-and-subscription-pub-sub/
NEW QUESTION 187

- (Exam Topic 7)
You are developing an Azure solution to collect point-of-sale (POS) device data from 2,000 stores located throughout the world. A single device can produce 2
megabytes (MB) of data every 24 hours. Each store location has one to five devices that send data.
You must store the device data in Azure Blob storage. Device data must be correlated based on a device identifier. Additional stores are expected to open in the
future.
You need to implement a solution to receive the device data.
Solution: Provision an Azure Service Bus. Configure a topic to receive the device data by using a correlation filter.
A. Yes
B. No
Answer: A
Explanation:
A message is raw data produced by a service to be consumed or stored elsewhere. The Service Bus is for high-value enterprise messaging, and is used for order
processing and financial transactions.
Reference:
https://docs.microsoft.com/en-us/azure/event-grid/compare-messaging-services
NEW QUESTION 192

- (Exam Topic 7)
You are developing an Azure Cosmos DB solution by using the Azure Cosmos DB SQL API. The data includes millions of documents. Each document may
contain hundreds of properties.
The properties of the documents do not contain distinct values for partitioning. Azure Cosmos DB must scale individual containers in the database to meet the

performance needs of the application by spreading the workload evenly across all partitions over time.
You need to select a partition key.
Which two partition keys can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. a concatenation of multiple property values with a random suffix appended

B. a single property value that does not appear frequently in the documents
C. a hash suffix appended to a property value
D. a value containing the collection name
E. a single property value that appears frequently in the documents
Answer: AC
Explanation:
You can form a partition key by concatenating multiple property values into a single artificial partitionKey property. These keys are referred to as synthetic keys.
Another possible strategy to distribute the workload more evenly is to append a random number at the end of the partition key value. When you distribute items in
this way, you can perform parallel write operations across partitions.
Note: It's the best practice to have a partition key with many distinct values, such as hundreds or thousands. The goal is to distribute your data and workload
evenly across the items associated with these partition key values. If such a property doesn’t exist in your data, you can construct a synthetic partition key.
References:
https://docs.microsoft.com/en-us/azure/cosmos-db/synthetic-partition-keys
NEW QUESTION 196

- (Exam Topic 7)
You develop an app that allows users to upload photos and videos to Azure storage. The app uses a storage REST API call to upload the media to a blob storage
account named Account1. You have blob storage
containers named Container1 and Container2. Uploading of videos occurs on an irregular basis.
You need to copy specific blobs from Container1 to Container2 in real time when specific requirements are met, excluding backup blob copies.
What should you do?
A. Download the blob to a virtual machine and then upload the blob to Container2.
B. Run the Azure PowerShell command Start-AzureStorageBlobCopy.
C. Copy blobs to Container2 by using the Put Blob operation of the Blob Service REST API.
D. Use AzCopy with the Snapshot switch blobs to Container2.
Answer: B
Explanation:
The Start-AzureStorageBlobCopy cmdlet starts to copy a blob. Example 1: Copy a named blob
C:\PS>Start-AzureStorageBlobCopy -SrcBlob "ContosoPlanning2015" -DestContainer "ContosoArchives"
-SrcContainer "ContosoUploads"
This command starts the copy operation of the blob named ContosoPlanning2015 from the container named ContosoUploads to the container named
ContosoArchives.
References:
https://docs.microsoft.com/en-us/powershell/module/azure.storage/start-azurestorageblobcopy?view=azurermps
NEW QUESTION 201

- (Exam Topic 7)
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager. You need to obtain an Azure Resource Manager access
token.
Solution: Use the Reader role-based access control (RBAC) role to authenticate the VM with Azure Resource Manager.
A. Yes
B. No
Answer: B
Explanation:
Instead run the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm
NEW QUESTION 202

- (Exam Topic 7)
You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob.
The app continues to time out after four minutes. The app must process the blob data. You need to ensure the app does not time out and processes the blob data.
Solution: Configure the app to use an App Service hosting plan and enable the Always On setting. Does the solution meet the goal?
A. Yes
B. No
Answer: B

Explanation:
Instead pass the HTTP trigger payload into an Azure Service Bus queue to be processed by a queue trigger function and return an immediate HTTP success
response.
Note: Large, long-running functions can cause unexpected timeout issues. General best practices include: Whenever possible, refactor large functions into smaller
function sets that work together and return responses fast. For example, a webhook or HTTP trigger function might require an acknowledgment response within a
certain time limit; it's common for webhooks to require an immediate response. You can pass the HTTP trigger payload into a queue to be processed by a queue
trigger function. This approach lets you defer the actual work and return an immediate response.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-best-practices
NEW QUESTION 203

- (Exam Topic 7)
You must implement Application Insights instrumentation capabilities utilizing the Azure Mobile Apps SDK to provide meaningful analysis of user interactions with a
mobile app.
You need to capture the data required to implement the Usage Analytics feature of Application Insights. Which three data values should you capture? Each correct
answer presents part of the solution
A. Trace
B. Session Id
C. Exception
D. User Id
E. Events
Answer: ADE
Explanation:
Application Insights is a service for monitoring the performance and usage of your apps. This module allows you to send telemetry of various kinds (events, traces,
etc.) to the Application Insights service where your data can be visualized in the Azure Portal.
Application Insights manages the ID of a session for you. References: https://github.com/microsoft/ApplicationInsights-Android
NEW QUESTION 205

- (Exam Topic 7)
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a solution that will be deployed to an Azure Kubernetes Service (AKS) cluster. The solution will include a custom VNet, Azure Container
Registry images, and an Azure Storage account.
The solution must allow dynamic creation and management of all Azure resources within the AKS cluster. You need to configure an AKS cluster for use with the
Azure APIs.
Solution: Enable the Azure Policy Add-on for Kubernetes to connect the Azure Policy service to the GateKeeper admission controller for the AKS cluster. Apply a
built-in policy to the cluster.
A. Yes
B. No
Answer: B
Explanation:
Instead create an AKS cluster that supports network policy. Create and apply a network to allow traffic only from within a defined namespace
References:
https://docs.microsoft.com/en-us/azure/aks/use-network-policies
NEW QUESTION 206

- (Exam Topic 7)
You develop a website. You plan to host the website in Azure. You expect the website to experience high traffic volumes after it is published. You must ensure that
the website remains available and responsive while minimizing cost. You need to deploy the website. What should you do?
A. Deploy the website to an App Service that uses the Shared service tie
B. Configure the App Service plan to automatically scale when the CPU load is high.
C. Deploy the website to a virtual machin
D. Configure the virtual machine to automatically scale when the CPU load is high.
E. Deploy the website to an App Service that uses the Standard service tie
F. Configure the App Service plan to automatically scale when the CPU load is high.
G. Deploy the website to a virtual machin
H. Configure a Scale Set to increase the virtual machine instancecount when the CPU load
Answer: C
Explanation:
Windows Azure Web Sites (WAWS) offers 3 modes: Standard, Free, and Shared.
Standard mode carries an enterprise-grade SLA (Service Level Agreement) of 99.9% monthly, even for sites with just one instance.
Standard mode runs on dedicated instances, making it different from the other ways to buy Windows Azure Web Sites.
NEW QUESTION 209

- (Exam Topic 7)
A company is developing a mobile app for field service employees using Azure App Service Mobile Apps as the backend.
The company’s network connectivity varies throughout the day. The solution must support offline use and synchronize changes in the background when the app is

online app.
You need to implement the solution.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: var todoTable = client GetSyncTable<TodoItem>()
To setup offline access, when connecting to your mobile service, use the method GetSyncTable instead of GetTable (example):
IMobileServiceSyncTable todoTable = App.MobileService.GetSyncTable(); / Box 2: await todoTable.PullAsync("allTodoItems",todo.Table.CreateQuery());
Your app should now use IMobileServiceSyncTable (instead of IMobileServiceTable) for CRUD operations. This will save changes to the local database and also
keep a log of the changes. When the app is ready to synchronize its changes with the Mobile Service, use the methods PushAsync and PullAsync (example):
await App.MobileService.SyncContext.PushAsync(); await todoTable.PullAsync();
References:
https://azure.microsoft.com/es-es/blog/offline-sync-for-mobile-services/
NEW QUESTION 210

- (Exam Topic 7)
You are debugging an application that is running on Azure Kubernetes cluster named cluster1. The cluster
uses Azure Monitor for containers to monitor the cluster.
The application has sticky sessions enabled on the ingress controller.
Some customers report a large number of errors in the application over the last 24 hours. You need to determine on which virtual machines (VMs) the errors are
occurring.
How should you complete the Azure Monitor query? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered

Answer: A
Explanation:
Box 1: ago(1d)
Box 2: distinct containerID
Box 3: where ContainerID in (ContainerIDs) Box 4: summarize Count by Computer Summarize: aggregate groups of rows
Use summarize to identify groups of records, according to one or more columns, and apply aggregations to them. The most common use of summarize is count,
which returns the number of results in each group.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/get-started-queries https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/query-
optimization
NEW QUESTION 212

- (Exam Topic 7)
the service consistently.
You have the following requirements:
Solution: Use the .Net API to add a message to an Azure Service Bus Queue from the mobile application. Create an Azure Function App that uses an Azure
Service Bus Queue trigger.
A. Yes
B. No
Answer: A
Explanation:
You can create a function that is triggered when messages are submitted to an Azure Storage queue. Reference:
NEW QUESTION 214

- (Exam Topic 7)
You are developing a ticket reservation system for an airline.
The storage solution for the application must meet the following requirements:
Ensure at least 99.99% availability and provide low latency.
Accept reservations event when localized network outages or other unforeseen failures occur.
Process reservations in the exact sequence as reservations are submitted to minimize overbooking or selling the same seat to multiple travelers.
Allow simultaneous and out-of-order reservations with a maximum five-second tolerance window. You provision a resource group named airlineResourceGroup
in the Azure South-Central US region. You need to provision a SQL SPI Cosmos DB account to support the app.
How should you complete the Azure CLI commands? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A

Explanation:
Box 1: BoundedStaleness
Bounded staleness: The reads are guaranteed to honor the consistent-prefix guarantee. The reads might lag behind writes by at most "K" versions (that is,
"updates") of an item or by "T" time interval. In other words, when you choose bounded staleness, the "staleness" can be configured in two ways:
The number of versions (K) of the item
The time interval (T) by which the reads might lag behind the writes Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/consistency-levels https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/cosmos-db/manage-with-
cli.md
NEW QUESTION 217

- (Exam Topic 7)
You are creating a hazard notification system that has a single signaling server which triggers audio and visual alarms to start and stop.
You implement Azure Service Bus to publish alarms. Each alarm controller uses Azure Service Bus to receive alarm signals as part of a transaction. Alarm events
must be recorded for audit purposes. Each transaction record must include information about the alarm type that was activated.
You need to implement a reply trail auditing solution.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Assign the value of the hazard message SessionID property to the ReplyToSessionId property.
B. Assign the value of the hazard message MessageId property to the DevileryCount property.
C. Assign the value of the hazard message SessionID property to the SequenceNumber property.
D. Assign the value of the hazard message MessageId property to the CorrelationId property.
E. Assign the value of the hazard message SequenceNumber property to the DeliveryCount property.
F. Assign the value of the hazard message MessageId property to the SequenceNumber property.
Answer: AD
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-messages-payloads
NEW QUESTION 219

- (Exam Topic 7)
You are developing an ASP.NET Core app that includes feature flags which are managed by Azure App Configuration. You create an Azure App Configuration
store named AppFeatureFlagStore that contains a feature flag named Export.
You need to update the app to meet the following requirements:
Use the Export feature in the app without requiring a restart of the app.
Validate users before users are allowed access to secure resources.
Permit users to access secure resources.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: UseAuthentication
Need to validate users before users are allowed access to secure resources.
UseAuthentication adds the AuthenticationMiddleware to the specified IApplicationBuilder, which enables authentication capabilities.

Box 2: UseAuthorization
Need to permit users to access secure resources.
UseAuthorization adds the AuthorizationMiddleware to the specified IApplicationBuilder, which enables authorization capabilities.
Box 3: UseStaticFiles
Need to use the Export feature in the app without requiring a restart of the app. UseStaticFiles enables static file serving for the current request path
Reference:
https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.builder.iapplicationbuilder?view=aspnetcore-5
NEW QUESTION 220

- (Exam Topic 7)
A company is implementing a publish-subscribe (Pub/Sub) messaging component by using Azure Service Bus. You are developing the first subscription
application.
In the Azure portal you see that messages are being sent to the subscription for each topic. You create and initialize a subscription client object by supplying the
correct details, but the subscription application is still not consuming the messages.
You need to complete the source code of the subscription client What should you do?
A. await subscriptionClient.CloseAsync();
B. await subscriptionClient.AddRuleAsync(new RuleDescription(RuleDescription.DefaultRuleName, new TrueFilter()));
C. subscriptionClient.RegisterMessageHandler(ProcessMessagesAsync, messageHandlerOptions);
D. subscriptionClient = new SubscriptionClient(ServiceBusConnectionString, TopicName, SubscriptionName);
Answer: C
Explanation:
Using topic client, call RegisterMessageHandler which is used to receive messages continuously from the entity. It registers a message handler and begins a new
thread to receive messages. This handler is waited on every time a new message is received by the receiver.
subscriptionClient.RegisterMessageHandler(ReceiveMessagesAsync, messageHandlerOptions); References:
https://www.c-sharpcorner.com/article/azure-service-bus-topic-and-subscription-pub-sub/
NEW QUESTION 225

- (Exam Topic 7)
the service consistently. You have the following requirements:
Solution: Use the .Net API to add a message to an Azure Service Bus Queue from the mobile application. Create an Azure Windows VM that is triggered from
Azure Service Bus Queue.
A. Yes
B. No
Answer: B
Explanation:
Don't use a VM, instead create an Azure Function App that uses an Azure Service Bus Queue trigger. Reference:
NEW QUESTION 227

- (Exam Topic 7)
You are developing a back-end Azure App Service that scales based on the number of messages contained in a Service Bus queue.
A rule already exists to scale up the App Service when the average queue length of unprocessed and valid queue messages is greater than 1000.
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not met.
How should you configure the Scale rule? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Service bus queue
You are developing a back-end Azure App Service that scales based on the number of messages contained in a Service Bus queue.
Box 2: ActiveMessage Count
ActiveMessageCount: Messages in the queue or subscription that are in the active state and ready for delivery. Box 3: Count
Box 4: Less than or equal to
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not met.
Box 5: Decrease count by
NEW QUESTION 232

- (Exam Topic 7)
You are developing an ASP.NET Core website that can be used to manage photographs which are stored in Azure Blob Storage containers.
Users of the website authenticate by using their Azure Active Directory (Azure AD) credentials.
You implement role-based access control (RBAC) role permissions on the containers that store photographs. You assign users to RBAC roles.
You need to configure the website’s Azure AD Application so that user’s permissions can be used with the Azure Blob containers.
How should you configure the application? To answer, drag the appropriate setting to the correct location. Each setting can be used once, more than once, or not
at all. You may need to drag the split bar between panes or scroll to view content.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: user_impersonation
Box 2: delegated Example:
* 1. Select the API permissions section
* 2. Click the Add a permission button and then:
Ensure that the My APIs tab is selected
* 3. In the list of APIs, select the API TodoListService-aspnetcore.
* 4. In the Delegated permissions section, ensure that the right permissions are checked: user_impersonation.
* 5. Select the Add permissions button. Box 3: delegated
Example
* 1. Select the API permissions section
* 2. Click the Add a permission button and then, Ensure that the Microsoft APIs tab is selected
* 3. In the Commonly used Microsoft APIs section, click on Microsoft Graph
* 4. In the Delegated permissions section, ensure that the right permissions are checked: User.Read. Use the search box if necessary.
* 5. Select the Add permissions button Reference:
https://docs.microsoft.com/en-us/samples/azure-samples/active-directory-dotnet-webapp-webapi-openidconnect
NEW QUESTION 234

- (Exam Topic 7)
You manage several existing Logic Apps.
You need to change definitions, add new logic, and optimize these apps on a regular basis.
What should you use? To answer, drag the appropriate tools to the correct functionalities. Each tool may be used once, more than once, or not at all. You may
need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Enterprise Integration Pack
After you create an integration account that has partners and agreements, you are ready to create a business to business (B2B) workflow for your logic app with
the Enterprise Integration Pack.
Box 2: Code View Editor
To work with logic app definitions in JSON, open the Code View editor when working in the Azure portal or in Visual Studio, or copy the definition into any editor
that you want.
Box 3: Logical Apps Designer
You can build your logic apps visually with the Logic Apps Designer, which is available in the Azure portal through your browser and in Visual Studio.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-enterprise-integration-b2b https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-author-
definitions
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview
NEW QUESTION 237

- (Exam Topic 7)
You have a single page application (SPA) web application that manages information based on data returned by Microsoft Graph from another company's Azure
Active Directory (Azure AD) instance.
Users must be able to authenticate and access Microsoft Graph by using their own company's Azure AD instance.
You need to configure the application manifest for the app registration.
How should you complete the manifest? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 238

- (Exam Topic 7)
You are developing a solution that will use Azure messaging services.
You need to ensure that the solution uses a publish-subscribe model and eliminates the need for constant polling.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
A. Service Bus
B. Event Hub
C. Event Grid
D. Queue
Answer: AC
Explanation:
It is strongly recommended to use available messaging products and services that support a publish-subscribe model, rather than building your own. In Azure,
consider using Service Bus or Event Grid. Other technologies that can be used for pub/sub messaging include Redis, RabbitMQ, and Apache Kafka.
Reference:
https://docs.microsoft.com/en-us/azure/architecture/patterns/publisher-subscriber
NEW QUESTION 242

- (Exam Topic 7)
You are developing a new page for a website that uses Azure Cosmos DB for data storage. The feature uses documents that have the following format:
You must display data for the new page in a specific order. You create the following query for the page:
You need to configure a Cosmos DB policy to the support the query.

How should you configure the policy? To answer, drag the appropriate JSON segments to the correct locations. Each JSON segment may be used once, more

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: compositeIndexes
You can order by multiple properties. A query that orders by multiple properties requires a composite index. Box 2: descending
Example: Composite index defined for (name ASC, age ASC):
It is optional to specify the order. If not specified, the order is ascending.
{
"automatic":true, "indexingMode":"Consistent", "includedPaths":[
{
"path":"/*"
}
],
"excludedPaths":[], "compositeIndexes":[ [
{
"path":"/name",
},
{
"path":"/age",
}
]
]
}
NEW QUESTION 244

- (Exam Topic 7)
You develop a solution that uses an Azure SQL Database to store user information for a mobile app. The app stores sensitive information about users.
You need to hide sensitive information from developers that query the data for the mobile app.
Which three items must you identify when configuring dynamic data masking? Each correct answer presents a part of the solution.
A. Column
B. Table
C. Trigger
D. Index
E. Schema
Answer: ABE
Explanation:
In the Dynamic Data Masking configuration page, you may see some database columns that the recommendations engine has flagged for masking. In order to
accept the recommendations, just click Add Mask for one or more columns and a mask is created based on the default type for this column. You can change the
masking function by clicking on the masking rule and editing the masking field format to a different format of your choice.

References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-dynamic-data-masking-get-started-portal
NEW QUESTION 249

- (Exam Topic 7)
You are developing an ASP.NET Core website that uses Azure FrontDoor. The website is used to build custom weather data sets for researchers. Data sets are
downloaded by users as Comma Separated Value (CSV) files. The data is refreshed every 10 hours.
Specific files must be purged from the FrontDoor cache based upon Response Header values. You need to purge individual assets from the Front Door cache.
Which type of cache purge should you use?
A. single path
B. wildcard
C. root domain
Answer: A
Explanation:
These formats are supported in the lists of paths to purge:
Single path purge: Purge individual assets by specifying the full path of the asset (without the protocol and domain), with the file extension, for example,
/pictures/strasbourg.png;
Wildcard purge: Asterisk (*) may be used as a wildcard. Purge all folders, subfolders, and files under an endpoint with /* in the path or purge all subfolders and
files under a specific folder by specifying the folder followed by /*, for example, /pictures/*.
Root domain purge: Purge the root of the endpoint with "/" in the path. Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-caching
NEW QUESTION 254

- (Exam Topic 7)
You are developing an Azure Web App. You configure TLS mutual authentication for the web app.
You need to validate the client certificate in the web app. To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Accessing the client certificate from App Service.
If you are using ASP.NET and configure your app to use client certificate authentication, the certificate will be available through the HttpRequest.ClientCertificate
property. For other application stacks, the client cert will be available in your app through a base64 encoded value in the "X-ARR-ClientCert" request header. Your
application can create a certificate from this value and then use it for authentication and authorization purposes in your application.
References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth
NEW QUESTION 256

- (Exam Topic 7)
You develop a news and blog content delivery app for Windows devices.
A notification must arrive on a user's device when there is a new article available for them to view. You need to implement push notifications.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: NotificationHubClient
Box 2: NotificationHubClient
Box 3: CreateClientFromConnectionString
// Initialize the Notification Hub
NotificationHubClient hub = NotificationHubClient.CreateClientFromConnectionString(listenConnString, hubName);
Box 4: SendWindowsNativeNotificationAsync Send the push notification.

var result = await hub.SendWindowsNativeNotificationAsync(windowsToastPayload); References:

https://docs.microsoft.com/en-us/azure/notification-hubs/notification-hubs-push-notification-registration-manag
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/app-service-mobile/app-service-mobile-windo
NEW QUESTION 258

......

AZ204

Uploaded by

Copyright:

Available Formats

AZ204

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AZ204

Uploaded by

Copyright:

Available Formats

100% Valid and Newest Version AZ-204 Questions & Answers shared by Certleader

https://www.certleader.com/AZ-204-dumps.html (254 Q&As)

Box 2: http://test-shippingapi.wideworldimporters.com Syntax: Access-Control-Allow-Origin: *

The Leader of IT Certification visit - https://www.certleader.com

A. Azure App Service Environment (ASE)

The Leader of IT Certification visit - https://www.certleader.com

A. Add the following markup to line CS23: types: Private

The Leader of IT Certification visit - https://www.certleader.com

NOTE: Each correct selection is worth one point.

The Leader of IT Certification visit - https://www.certleader.com

The Leader of IT Certification visit - https://www.certleader.com

You need to correct the corporate website error.

The Leader of IT Certification visit - https://www.certleader.com

NOTE: Each correct selection is worth one point.

The Leader of IT Certification visit - https://www.certleader.com

The Leader of IT Certification visit - https://www.certleader.com

A. an Application Insights dependency

A. Set Always On to true.

The Leader of IT Certification visit - https://www.certleader.com

You need to ensure that PolicyLib requirements are met.

The Leader of IT Certification visit - https://www.certleader.com

"eventType": string, "eventTime": string, "data":{

A. –PermissionsToKeys create, encrypt, decrypt

The Leader of IT Certification visit - https://www.certleader.com

A. Use blob properties to prevent concurrency problems

The Leader of IT Certification visit - https://www.certleader.com

The Leader of IT Certification visit - https://www.certleader.com

The Leader of IT Certification visit - https://www.certleader.com

A. at least two days

The Leader of IT Certification visit - https://www.certleader.com

The Leader of IT Certification visit - https://www.certleader.com

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 100

The Leader of IT Certification visit - https://www.certleader.com

You need to resolve the issue.

NEW QUESTION 101

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 104

NEW QUESTION 109

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 112

NEW QUESTION 114

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 118

NEW QUESTION 121

NEW QUESTION 125

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 128

The user name and password for the registry is admin.

NEW QUESTION 130

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 135

NEW QUESTION 136

The Leader of IT Certification visit - https://www.certleader.com

services AddOptions<ApplicationInsightsLoggerOptions>() Configure(o => o.IncludeEventId = true);

NEW QUESTION 141

A. In Azure AD, create a new conditional access policy.

NEW QUESTION 143

NEW QUESTION 147

A. Create an Azure AD custom role and assign role-based access controls.