Your success in Microsoft 70 533 implementing microsoft azure infrastructure solutions is our sole target and we develop all our microsoft azure certification 70 533 braindumps in a way that facilitates the attainment of this target. Not only is our 70 533 study guide pdf study material the best you can find, it is also the most detailed and the most updated. 70 533 exam dumps pdf Practice Exams for Microsoft Windows Server 70 533 study guide are written to the highest standards of technical accuracy.
Q21. You administer an Azure Storage account with a blob container. You enable Storage account logging for read, write and delete requests.
You need to reduce the costs associated with storing the logs.
What should you do?
A. Execute Delete Blob requests over https.
B. Create an export job for your container.
C. Set up a retention policy.
D. Execute Delete Blob requests over http.
Explanation: To ease the management of your logs, we have provided the functionality of retention policy which will automatically cleanup ‘old’ logs without you being charged for the cleanup. It is recommended that you set a retention policy for logs such that your analytics data will be within the 20TB limit allowed for analytics data (logs and metrics combined).
Reference: Windows Azure Storage Logging: Using Logs to Track Storage Requests, How do I cleanup my logs?
Q22. DRAG DROP
Your development team has created a new solution that is deployed in a virtual network named fabDevVNet.
Your testing team wants to begin testing the solution in a second Azure subscription.
You need to create a virtual network named fabTestVNet that is identical to fabDevVNet. You want to achieve this goal by using the least amount of administrative effort.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Q23. DRAG DROP
You publish a multi-tenant application named MyApp to Azure Active Directory (Azure AD).
You need to ensure that only directory administrators from the other organizations can access MyApp's web API.
How should you configure MyApp's manifest JSON file? To answer, drag the appropriate PowerShell command to the correct location in the application's manifest JSON file. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Q24. You administer an Azure Active Directory (Azure AD) tenant that has a SharePoint web application named TeamSite1. TeamSite1 accesses your Azure AD tenant for user information.
The application access key for TeamSite1 has been compromised.
You need to ensure that users can continue to use TeamSite1 and that the compromised key does not allow access to the data in your Azure AD tenant.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Remove the compromised key from the application definition for TeamSite1.
B. Delete the application definition for TeamSite1.
C. Generate a new application key for TeamSite1.
D. Generate a new application definition for TeamSite1.
E. Update the existing application key.
Explanation: One of the security aspects of Windows Azure storage is that all access is protected by access keys.
It is possible to change the access keys (e.g. if the keys become compromised), and if changed, we’d need to update the application to have the new key.
Q25. You manage two datacenters in different geographic regions and one branch office.
You plan to implement a geo-redundant backup solution.
You need to ensure that each datacenter is a cold site for the other.
You create a recovery vault. What should you do next?
A. Install the provider.
B. Upload a certificate to the vault.
C. Generate a vault key.
D. Set all virtual machines to DHCP.
E. Prepare System Center Virtual Machine Manager (SCVMM) servers.
F. Create mappings between the virtual machine (VM) networks.
Explanation: . Within the Azure Portal screen, scroll down to Recovery Services (on the left menu), and click on “Create a New Vault” (this is where your VMs will be replicated to) which will bring up a Data Services / Recovery Services / Site Recovery Vault option, select Quick Create . For the name of the Vault, give it something you’d remember, in my case, I’ll call it RandsVault, and I’ll choose the Region West US since I’m in the Western United States, then click Create Vault . Once the Vault has been created, click on the Right Arrow next to the name of your vault. Under Setup Recovery, choose “Between an on-premise site and Microsoft Azure” so that you are telling the configuration settings that you are going to be replicating between your on-premise datacenter and Azure in the cloud. . You will now see a list of things you need to do which the first thing is to create a key exchange of certificates between Microsoft Azure and your VMM server.
Reference: Leveraging Microsoft Azure as your disaster recovery/failover data center
Q26. DRAG DROP
You manage an Azure Web Site in Standard mode at the following address: contoso.azurevvebsites.net.
Your company has a new domain for the site that needs to be accessible by Secure Socket Layer (SSL) encryption.
You need to be able to add a custom domain to the Azure Web Site and assign an SSL certificate.
Which three steps should you perform next in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. More than one order of answer choices may be correct You will receive credit for any of the correct orders you select
Q27. DRAG DROP
You administer an Azure Web Site named contosoweb that uses a production database. You deploy changes to contosoweb from a deployment slot named contosoweb-staging.
You discover issues in contosoweb that are affecting customer data.
You need to resolve the issues in contosoweb while ensuring minimum downtime for users. You swap contosoweb to contosoweb-staging.
Which four steps should you perform next in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Q28. Your company network includes users in multiple directories.
You plan to publish a software-as-a-service application named SaasApp1 to Azure Active
You need to ensure that all users can access SaasApp1.
What should you do?
A. Configure the Federation Metadata URL
B. Register the application as a web application.
C. Configure the application as a multi-tenant.
D. Register the application as a native client application.
Explanation: * When you get deeper into using Windows Azure Active Directory, you’ll run into new terminology. For instance, is called "directory" is also referred to as a Windows Azure AD Tenant or simply as "tenant." This stems from the fact that WAAD ()Windows Azure Active Directory.is a shared service for many clients. In this service, every client gets its own separate space for which the client is the tenant. In the case of WAAD this space is a directory. This might be a little confusing, because you can create multiple directories, in WAAD terminology multiple tenants, even though you are a single client.
* Multitenant Applications in Azure A multitenant application is a shared resource that allows separate users, or "tenants," to view the application as though it was their own. A typical scenario that lends itself to a multitenant application is one in which all users of the application may wish to customize the user experience but otherwise have the same basic business requirements. Examples of large multitenant applications are Office 365, Outlook.com, and visualstudio.com.
Reference: Multitenant Applications in Azure
Q29. You manage a collection of large video files that is stored in an Azure Storage account.
A user wants access to one of your video files within the next seven days.
You need to allow the user access only to the video file, and then revoke access once the user no longer needs it.
What should you do?
A. Give the user the secondary key for the storage account.
Once the user is done with the file, regenerate the secondary key.
B. Create an Ad-Hoc Shared Access Signature for the Blob resource.
Set the Shared Access Signature to expire in seven days.
C. Create an access policy on the container.
Give the external user a Shared Access Signature for the blob by using the policy.
Once the user is done with the file, delete the policy.
D. Create an access policy on the blob.
Give the external user access by using the policy.
Once the user is done with the file, delete the policy.
Explanation: See 3) below. By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to other clients without sharing your access key, you have the following options for permitting access:
1.You can set a container's permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.
2. You can expose a resource via a shared access signature, which enables you to delegate restricted access to a container, blob, table or queue resource by specifying the interval for which the resources are available and the permissions that a client will have to it.
3. You can use a stored access policy to manage shared access signatures for a container or its blobs, for a queue, or for a table. The stored access policy gives you an additional measure of control over your shared access signatures and also provides a straightforward means to revoke them.
Reference: Manage Access to Azure Storage Resources
Q30. You administer an Azure Storage account named contosostorage. The account has a blob container to store image files.
A user reports being unable to access an image file.
You need to ensure that anonymous users can successfully read image files from the
Which log entry should you use to verify access?
A. Option A
B. Option B
C. Option C
D. Option D
Check for GetBlob and for AnonymousSuccess.
Example: Get Blob AnonymousSuccess:
";a84aa705-8a85-48c5-b064-b43bd22979c3;0;126.96.36.199;2009-09-19;252;0;265;100;0;;;"0x8CE1B6EA95033D5";Thursday, 28-Jul-11 18:52:40
GMT;;;;"7/28/2011 6:52:40 PM ba98eb12-700b-4d53-9230-33a3330571fc"
Not C: Check for AnonymousSuccess not Access.
Not B, not D: Check for GetBlob not GetBlobProperties
nce: Windows Azure Storage Logging: Using Logs to Track Storage Requests
To know more about the 70-533, click here.