Az-204 4

Recommend!!
Get the Full AZ-204 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-204-exam-dumps.html (365 New Questions)
Microsoft
Exam Questions AZ-204
Developing Solutions for Microsoft Azure
Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-204 dumps in VCE and PDF From SurePassExam
NEW QUESTION 1
- (Topic 8)
You are developing a road tollway tracking application that sends tracking events by using Azure Event Hubs using premium tier.
Each road must have a throttling policy uniquely assigned.
You need to configure the event hub to allow for per-road throttling. What should you do?
A. Ensure each road has a unique connection string.

B. Use a unique consumer group for each road
C. Use a unique application group for each road
D. Ensure each road stores events in a different partition.
Answer: D
NEW QUESTION 2
- (Topic 8)
The solution must receive and store messages until they can be processed. You create an Azure Service Bus instance by providing a name, pricing tier,
subscription, resource group, and location.
You need to complete the configuration.
Which Azure CLI or PowerShell command should you run?
A)
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
NEW QUESTION 3
- (Topic 8)
You are developing an Azure Durable Function to manage an online ordering process. The process must call an external API to gather product discount
information.
You need to implement Azure Durable Function.
Which Azure Durable Function types should you use? Each correct answer presents part of the solution
NOTE: Each correct selection is worth ore point
A. Orchestrator
B. Entity
C. Activity
D. Client
Answer: AB
Explanation:
https://learn.microsoft.com/en-us/azure/azure-functions/durable/durable-functions-types- features-overview

NEW QUESTION 4
- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob.
The app continues to time out after four minutes. The app must process the blob data. You need to ensure the app does not time out and processes the blob data.
Solution: Update the functionTimeout property of the host.json project file to 10 minutes. Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Instead pass the HTTP trigger payload into an Azure Service Bus queue to be processed by a queue trigger function and return an immediate HTTP success
response.
Note: Large, long-running functions can cause unexpected timeout issues. General best practices include:
Whenever possible, refactor large functions into smaller function sets that work together and return responses fast. For example, a webhook or HTTP trigger
function might require an acknowledgment response within a certain time limit; it's common for webhooks to require an immediate response. You can pass the
HTTP trigger payload into a queue to be
processed by a queue trigger function. This approach lets you defer the actual work and return an immediate response.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-best-practices
NEW QUESTION 5
- (Topic 8)
An organization hosts web apps in Azure. The organization uses Azure Monitor You discover that configuration changes were made to some of the web apps. You
need to identify the configuration changes. Which Azure Monitor log should you review?
A. AppServiceEnvironmentPlatformLogs
B. AppServiceApplogs
C. AppServiceAuditLogs
D. AppServiceConsoteLogs
Answer: C
NEW QUESTION 6
DRAG DROP - (Topic 8)
Contoso, Ltd. provides an API to customers by using Azure API Management (APIM). The API authorizes users with a JWT token.
You must implement response caching for the APIM gateway. The caching mechanism must detect the user ID of the client that accesses data for a given location
and cache the response for that user ID.
You need to add the following policies to the policies file:
• a set-variable policy to store the detected user identity
• a cache-lookup-value policy
• a cache-store-value policy
• a find-and-replace policy to update the response body with the user profile information To which policy section should you add the policies? To answer, drag the
appropriate
sections to the correct policies. Each section may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view
content
NOTE: Each correct selection is worth one point
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Inbound.
A set-variable policy to store the detected user identity. Example:
<policies>
<inbound>

<set-variable name="enduserid"
value="@(context.Request.Headers.GetValueOrDefault("Authorization","").Split(' ')[1].AsJwt()?.Subject)" />
Box 2: Inbound
A cache-lookup-value policy Example:
<inbound>
<base />
<cache-lookup vary-by-developer="true | false" vary-by-developer-groups="true | false" downstream-caching-type="none | private | public" must-revalidate="true |
false">
<vary-by-query-parameter>parameter name</vary-by-query-parameter> 

</cache-lookup>
</inbound>
Box 3: Outbound
A cache-store-value policy. Example:
<outbound>
<base />
<cache-store duration="3600" />
</outbound>
Box 4: Outbound
A find-and-replace policy to update the response body with the user profile information. Example:
<outbound>

<find-and-replace from='"$userprofile$"'
to="@((string)context.Variables["userprofile"])" />
<base />
</outbound>
NEW QUESTION 7
- (Topic 8)
You are building a web application that performs image analysis on user photos and returns metadata containing objects identified. The image is very costly in
terms of time and compute resources. You are planning to use Azure Redis Cache so duplicate uploads do not need to be reprocessed.
In case of an Azure data center outage, metadata loss must be kept to a minimum. You need to configure the Azure Redis cache instance.
Which two actions should you perform?
A. Configure Azure Redis with rob persistence

B. Configure second storage account far persistence.
C. Set backup frequency to the minimum value.
D. Configure Azure Redis with AOF persistence
Answer: BC
NEW QUESTION 8
You are developing Azure WebJobs.
You need to recommend a WebJob type for each scenario.
Which WebJob type should you recommend? To answer, drag the appropriate WebJob types to the correct scenarios. Each WebJob type may be used once,
more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Continuous
Continuous runs on all instances that the web app runs on. You can optionally restrict the WebJob to a single instance.
Box 2: Triggered
Triggered runs on a single instance that Azure selects for load balancing.
Box 3: Continuous
Continuous supports remote debugging.
Note:
The following table describes the differences between continuous and triggered WebJobs.
References:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-create-web-jobs

NEW QUESTION 9
- (Topic 8)
You develop Azure solutions.
You must connect to a No-SQL globally-distributed database by using the .NET API. You need to create an object to configure and execute requests in the
database. Which code segment should you use?
A. new Container(EndpointUri, PrimaryKey);

B. new Database(Endpoint, PrimaryKey);
C. new CosmosClient(EndpointUri, PrimaryKey);
Answer: C
Explanation:
Example:
// Create a new instance of the Cosmos Client
this.cosmosClient = new CosmosClient(EndpointUri, PrimaryKey)
//ADD THIS PART TO YOUR CODE
await this.CreateDatabaseAsync();
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/sql-api-get-started
NEW QUESTION 10
- (Topic 8)
You ate designing a small app that will receive web requests containing encoded geographic coordinates. Calls to the app will occur infrequently.
Which compute solution should you recommend?
A. Azure Functions
B. Azure App Service
C. Azure Batch
D. Azure API Management
Answer: B
NEW QUESTION 10
You manage several existing Logic Apps.
You need to change definitions, add new logic, and optimize these apps on a regular basis. What should you use? To answer, drag the appropriate tools to the
correct functionalities.
Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Enterprise Integration Pack
After you create an integration account that has partners and agreements, you are ready to create a business to business (B2B) workflow for your logic app with
the Enterprise Integration Pack.
Box 2: Code View Editor
To work with logic app definitions in JSON, open the Code View editor when working in the Azure portal or in Visual Studio, or copy the definition into any editor
that you want.
Box 3: Logical Apps Designer
You can build your logic apps visually with the Logic Apps Designer, which is available in the Azure portal through your browser and in Visual Studio.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-enterprise-integration-b2b https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-author-
definitions https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview
NEW QUESTION 13
HOTSPOT - (Topic 8)
You develop and deploy the following staticwebapp.config.json file to the app_location value specified in the workflow file of an Azure Static Web app.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 18
A web service provides customer summary information for e-commerce partners. The web service is implemented as an Azure Function app with an HTTP trigger.
Access to the API is provided by an Azure API Management instance. The API Management instance is configured in consumption plan mode. All API calls are
authenticated by using OAuth.
API calls must be cached. Customers must not be able to view cached data for other customers.
You need to configure API Management policies for caching. How should you complete the policy statement?
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: internal caching-type

Choose between the following values of the attribute:

? internal to use the built-in API Management cache,
? external to use the external cache as Azure Cache for Redis
? prefer-external to use external cache if configured or internal cache otherwise.
Box 2: private downstream-caching-type
This attribute must be set to one of the following values.
? none - downstream caching is not allowed.
? private - downstream private caching is allowed.
? public - private and shared downstream caching is allowed.
Box 3: Authorization
<vary-by-header>Authorization</vary-by-header>

Note: Start caching responses per value of specified header, such as Accept, Accept- Charset, Accept-Encoding, Accept-Language, Authorization, Expect, From,
Host, If-Match
NEW QUESTION 22
HOTSPOT - (Topic 8)
You develop new functionality in a web application for a company that provides access to seismic data from around the world. The seismic data is stored in Redis
Streams within an Azure Cache for Redis instance.
The new functionality includes a real-time display of seismic events as they occur. You need to implement the Azure Cache for Redis command to receive seismic
data.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 23
You develop and deploy an Azure Logic App that calls an Azure Function app. The Azure Function App includes an OpenAPI (Swagger) definition and uses an
Azure Blob storage account. All resources are secured by using Azure Active Directory (Azure AD).
The Logic App must use Azure Monitor logs to record and store information about runtime data and events. The logs must be stored in the Azure Blob storage
account.
You need to set up Azure Monitor logs and collect diagnostics data for the Azure Logic App.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:

Step 1: Create a Log Analytics workspace

Before you start, you need a Log Analytics workspace.
Step 2: Install the Logic Apps Management solution
To set up logging for your logic app, you can enable Log Analytics when you create your logic app, or you can install the Logic Apps Management solution in your
Log Analytics workspace for existing logic apps.
Step 3: Add a diagnostic setting to the Azure Logic App Set up Azure Monitor logs
? In the Azure portal, find and select your logic app.
? On your logic app menu, under Monitoring, select Diagnostic settings > Add diagnostic setting.
NEW QUESTION 28
- (Topic 8)
Your company is designing an application named App1 that will use data from Azure SQL Database. App1 will be accessed over the internet by many users.
You need to recommend a solution for improving the performance ofApp1. What should you include in the recommendation?
A. Azure HPC cache

B. ExpressRoute
C. a CON profile
D. Azure Cache for Redis
Answer: D
NEW QUESTION 30
HOTSPOT - (Topic 8)
You have an Azure Web app that uses Cosmos DB as a data store. You create a CosmosDB container by running the following PowerShell script:
$resourceGroupName = "testResourceGroup"
$accountName = "testCosmosAccount"
$databaseName = "testDatabase"
$containerName = "testContainer"
$partitionKeyPath = "/EmployeeId"
$autoscaleMaxThroughput = 5000 New-AzCosmosDBSqlContainer
-ResourceGroupName $resourceGroupName
-AccountName $accountName
-DatabaseName $databaseName
-Name $containerName
-PartitionKeyKind Hash
-PartitionKeyPath $partitionKeyPath
-AutoscaleMaxThroughput $autoscaleMaxThroughput You create the following queries that target the container:
SELECT * FROM c WHERE c.EmployeeId > '12345' SELECT * FROM c WHERE c.UserID = '12345'
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: No
You set the highest, or maximum RU/s Tmax you don't want the system to exceed. The system automatically scales the throughput T such that 0.1* Tmax <= T <=
Tmax.
In this example we have autoscaleMaxThroughput = 5000, so the minimum throughput for the container is 500 R/Us.
Box 2: No
First query:SELECT * FROM c WHERE c.EmployeeId > '12345'
Here's a query that has a range filter on the partition key and won't be scoped to a single physical partition. In order to be an in-partition query, the query must
have an equality filter that includes the partition key:
SELECT * FROM c WHERE c.DeviceId > 'XMS-0001'
Box 3: Yes
Example of In-partition query:
Consider the below query with an equality filter on DeviceId. If we run this query on a container partitioned on DeviceId, this query will filter to a single physical
partition.
SELECT * FROM c WHERE c.DeviceId = 'XMS-0001'
NEW QUESTION 35
HOTSPOT - (Topic 8)
You are developing a web application that makes calls to the Microsoft Graph API. You register the application in the Azure portal and upload a valid X509
certificate.
You create an appsettings.json file containing the certificate name, client identifier for the application, and the tenant identifier of the Azure active Directory (Azure

AD). You create a method named ReadCertificate to return the X509 certificate by name.
You need to implement code that acquires a token by using the certificate.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-app-configuration?tabs=dotnet#instantiate-the-confidential-client-application-with-
a-client- certificate
https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-acquire-token?tabs=dotnet#acquiretokenforclient-api
NEW QUESTION 38
- (Topic 8)
You develop Azure Durable Functions to manage vehicle loans.
The loan process includes multiple actions that must be run in a specified order. One of the actions includes a customer credit check process, which may require
multiple days to process.
You need to implement Azure Durable Functions for the loan process. Which Azure Durable Functions type should you use?
A. orchestrator
B. client
C. activity
D. entity
Answer: A
NEW QUESTION 39
HOTSPOT - (Topic 8)
You are developing a solution by using the Azure Event Hubs SDK. You create a standard Azure Event Hub with 16 partitions. You implement eight event
processor clients.
You must balance the load dynamically when an event processor client fails. When an event processor client fails, another event processor must continue
processing from the
exact point at which the failure occurred. All events must be aggregate and upload to an Azure Blob storage account
You need to implement event processing recovery for the solution.
Which SDK features should you use? To answer, select the appropriate options in the answer area.
Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:

NEW QUESTION 40
- (Topic 8)
You are developing a web application that runs as an Azure Web App. The web application stores data in Azure SQL Database and stores files in an Azure
Storage account. The web application makes HTTP requests to external services as part of normal operations.
The web application is instrumented with Application Insights. The external services are OpenTelemetry compliant.
You need to ensure that the customer ID of the signed in user is associated with all operations throughout the overall system.
What should you do?
A. Create a new SpanContext with the TraceRags value set to the customer ID for the signed in user.
B. On the current SpanContext, set the Traceld to the customer ID for the signed in user.
C. Add the customer ID for the signed in user to the CorrelationContext in the web application.
D. Set the header Ocp-Apim-Trace to the customer ID for the signed in user.
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/correlation
NEW QUESTION 42
- (Topic 8)
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to
the service consistently.
You have the following requirements:
? Queue size must not grow larger than 80 gigabytes (GB).
? Use first-in-first-out (FIFO) ordering of messages.
? Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Storage Queue from the mobile application. Create an Azure Function App that uses an Azure Storage
Queue trigger.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
Explanation:
Create an Azure Function App that uses an Azure Service Bus Queue trigger. Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-storage-queue- triggered-function
NEW QUESTION 45
- (Topic 8)
You are developing an Azure solution to collect point-of-sale (POS) device data from
2,000 stores located throughout the world. A single device can produce 2 megabytes (MB) of data every 24 hours. Each store location has one to five devices that
send data.
You must store the device data in Azure Blob storage. Device data must be correlated based on a device identifier. Additional stores are expected to open in the
future.
You need to implement a solution to receive the device data.
Solution: Provision an Azure Event Grid. Configure the machine identifier as the partition key and enable capture.
A. Yes

B. No
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/event-grid/compare-messaging-services
NEW QUESTION 48
- (Topic 8)
You are developing an Azure solution to collect point-of-sale (POS) device data from 2,000 stores located throughout the world. A single device can produce 2
megabytes (MB) of data every 24 hours. Each store location has one to five devices that send data.
You must store the device data in Azure Blob storage. Device data must be correlated based on a device identifier. Additional stores are expected to open in the
future.
You need to implement a solution to receive the device data.
Solution: Provision an Azure Service Bus. Configure a topic to receive the device data by using a correlation filter.
A. Yes
B. No
Answer: A
Explanation:
A message is raw data produced by a service to be consumed or stored elsewhere. The Service Bus is for high-value enterprise messaging, and is used for order
processing and financial transactions.
Reference:
https://docs.microsoft.com/en-us/azure/event-grid/compare-messaging-services
NEW QUESTION 49
HOTSPOT - (Topic 8)
You are building a website to access project data related to terms within your organization. The website does not allow anonymous access. Authentication
performed using an Azure Active Directory (Azure AD) app named internal.
The website has the following authentication requirements:
•Azure AD users must be able to login to the website.
•Personalization of the website must be based on membership in Active Directory groups. You need to configure the application’s manifest to meet the
authentication requirements.
How should you configure the manifest? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: groupMembershipClaims
Personalization of the website must be based on membership in Active Directory groups. Group claims can also be configured in the Optional Claims section of the
Application Manifest. Enable group membership claims by changing the groupMembershipClaim The valid values are:
- "All"

- "SecurityGroup"
- "DistributionList"
- "DirectoryRole"
Here we need to mention that we want to get the groups for the users. Hence we need to mention to set the groupMembershipClaims property to All.
Box 2: oauth2AllowImplicitFlow
Azure AD users must be able to login to the website.
auth2Permissions can only accept collections value like an array, not a boolean. oauth2AllowImplicitFlow accepts boolean value.
Here from the list of options given, if we want the application to fetch the required tokens , we would need to allow Implicit Flow.
NEW QUESTION 53
- (Topic 8)
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user’s Azure AD group membership must be used to
determine the permission level. You need to configure authorization.
Solution:
•Create a new Azure AD application’s manifest, set value of the groupMembershipClaims option to All.
•In the website, use the value of the groups claim from the JWI for the user to determine permissions.
A. Yes
B. No
Answer: A
Explanation:
To configure Manifest to include Group Claims in Auth Token
* 1. Go to Azure Active Directory to configure the Manifest. Click on Azure Active Directory, and go to App registrations to find your application:
* 2. Click on your application (or search for it if you have a lot of apps) and edit the Manifest by clicking on it.
* 3. Locate the “groupMembershipClaims” setting. Set its value to either “SecurityGroup” or “All”. To help you decide which:
“SecurityGroup” - groups claim will contain the identifiers of all security groups of which the user is a member.
“All” - groups claim will contain the identifiers of all security groups and all distribution lists of which the user is a member
Now your application will include group claims in your manifest and you can use this fact in your code.
References:
https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad- groups/
NEW QUESTION 54
- (Topic 8)
You are developing a mobile instant messaging app for a company. The mobile app must meet the following requirements:
• Support offline data sync.
• Update the latest messages during normal sync cycles. You need to implement Offline Data Sync.
Which two actions should you perform? Each conn I answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Retrieve records from Offline Data Sync on every call to the PullAsync method.
B. Retrieve records from Offline Data Sync using an Incremental Sync.
C. Push records to Offline Data Sync using an Incremental Sync.
D. Return the updatedAt column from the Mobile Service Backend and implement sorting by using the column.
E. Return the updatedAt column from the Mobile Service Backend and implement sorting by the message id.
Answer: BE
Explanation:
B: Incremental Sync: the first parameter to the pull operation is a query name that is used only on the client. If you use a non-null query name, the Azure Mobile
SDK performs an incremental sync. Each time a pull operation returns a set of results, the latest updatedAt timestamp from that result set is stored in the SDK
local system tables. Subsequent pull operations retrieve only records after that timestamp.
E (not D): To use incremental sync, your server must return meaningful updatedAt values and must also support sorting by this field. However, sincethe SDK adds
its own sort on the updatedAt field, you cannot use a pull query that has its own orderBy clause.
References:
https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-offline-data- sync
NEW QUESTION 57
- (Topic 8)
You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage
Blob storage. The storage account type is General-purpose V2.
When photos are uploaded, they must be processed to produce and save a mobile-friendly version of the image. The process to produce a mobile-friendly version
of the image must start in less than one minute.
You need to design the process that starts the photo processing.
Solution: Convert the Azure Storage account to a BlockBlobStorage storage account. Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:

Not necessary to convert the account, instead move photo processing to an Azure Function triggered from the blob upload..
Azure Storage events allow applications to react to events. Common Blob storage event scenarios include image or video processing, search indexing, or any file-
oriented workflow.
Note: Only storage accounts of kind StorageV2 (general purpose v2) and BlobStorage support event integration. Storage (general purpose v1) does not support
integration with Event Grid.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview
NEW QUESTION 61
HOTSPOT - (Topic 8)
You are developing an ASP.NET Core time sheet application that runs as an Azure Web App. Users of the application enter their time sheet information on the first
day of every month.
The application uses a third-party web service to validate data.
The application encounters periodic server errors due to errors that result from calling a third-party web server. Each request to the third-party server has the same
chance of failure.
You need to configure an Azure Monitor alert to detect server errors unrelated to the third- party service. You must minimize false-positive alerts.
How should you complete the Azure Resource Manager template? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: DynamicThresholdCriterion
Box 2: Http5xx
Server errors are in the 5xx range. Client errors are in the 4xx range
Box 3: Low
NEW QUESTION 64
HOTSPOT - (Topic 8)
You are developing an application that runs in several customer Azure Kubernetes Service clusters, within each cluster, a pod runs that collects performance data
to be analyzed later, a large amount of data is collected so saving latency must be minimized
The performance data must be stored so that pod restarts do not impact the stored data. Write latency should be minimized.
You need to configure blob storage.
How should you complete the YAML configuration? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 67
- (Topic 8)
You ate developing an application that allows users to find musicians that ate looking for work. The application must store information about musicians, the
instruments that they play, and other related data.
The application must also allow users to determine which musicians have played together, including groups of three or more musicians that have performed
together at a specific location.
Which Azure Cosmos D6 API should you use for the application?
A. Core
B. MongoDB
C. Cassandra
D. Gremlin
Answer: B
NEW QUESTION 72
- (Topic 8)

You provide an Azure API Management managed web service lo clients. The back end web service implements HTTP Strict Transport Security (HSTS).
Every request to the backend service must include a valid HTTP authorization header. You need to configure the Azure API Management instance with an
authentication policy. Which two policies can you uses? Each correct answer presents a complete solution NOTE: Each correct selection is worth one point.
A. Certificate Authentication
B. Basic Authentication
C. OAuth Client Credential Grant
D. Digest Authentication
Answer: AB
NEW QUESTION 74
HOTSPOT - (Topic 8)
You are preparing to deploy a Python website to an Azure Web App using a container. The solution will use multiple containers in the same container group. The
Dockerfile that builds the container is as follows:
You build a container by using the following command. The Azure Container Registry instance named images is a private registry.
The user name and password for the registry isadmin.

The Web App must always run the same version of the website regardless of future builds. You need to create an Azure Web App to run the website.
How should you complete the commands? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: --SKU B1 --hyper-v
--hyper-v
Host web app on Windows container.
Box 2: --deployment-source-url images.azurecr.io/website:v1.0.0
--deployment-source-url -u
Git repository URL to link with manual integration.
The Web App must always run the same version of the website regardless of future builds.
Incorrect:
--deployment-container-image-name -i
Linux only. Container image name from Docker Hub, e.g. publisher/image-name:tag.
Box 3: az webapp config container set -url https://images.azurecr.io -u admin -p admin
az webapp config container set Set a web app container's settings.
Paremeter: --docker-registry-server-url -r The container registry server url.
The Azure Container Registry instance named images is a private registry. Example:
az webapp config container set --docker-registry-server-url https://{azure-container-registry-
name}.azurecr.io
NEW QUESTION 79
- (Topic 8)
You are developing an Azure-based web application. The application goes offline periodically to perform offline data processing. While the application is offline,
numerous Azure Monitor alerts fire which result in the on-call developer being paged.
The application must always log when the application is offline for any reason.
You need to ensure that the on-call developer is not paged during offline processing. What should you do?
A. Add Azure Monitor alert processing rules to suppress notifications.

B. Create an Azure Monitor Metric Alert.

C. Build an Azure Monitor action group that suppresses the alerts.
D. Disable Azure Monitor Service Health Alerts during offline processing.
Answer: C
NEW QUESTION 80
- (Topic 8)
You are a developer for a SaaS company that offers many web services. All web services for the company must meet the following requirements:
? Use API Management to access the services
? Use OpenID Connect for authentication
? Prevent anonymous usage
A recent security audit found that several web services can be called without any authentication.
Which API Management policy should you implement?
A. jsonp
B. authentication-certificate
C. check-header
D. validate-jwt
Answer: D
Explanation:
Add the validate-jwt policy to validate the OAuth token for every incoming request. Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
NEW QUESTION 84
- (Topic 8)
You are developing an e-commerce solution that uses a microservice architecture.
You need to design a communication backplane for communicating transactional messages between various parts of the solution. Messages must be
communicated in first- in-first-out (FIFO) order.
What should you use?
A. Azure Storage Queue

B. Azure Event Hub
C. Azure Service Bus
D. Azure Event Grid
Answer: C
Explanation:
As a solution architect/developer, you should consider using Service Bus queues when:
? Your solution requires the queue to provide a guaranteed first-in-first-out (FIFO) ordered delivery.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-bus-queues-compared-contrasted
NEW QUESTION 85
You are authoring a set of nested Azure Resource Manager templates to deploy multiple Azure resources.
The templates must be tested before deployment and must follow recommended practices. You need to validate and test the templates before deployment.
Which tools should you use? To answer, drag the appropriate tools to the correct requirements. Each tool may be used once, more than once, or not at all. You
may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/test-toolkit
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deploy-what-if?tabs=azure-powershell
NEW QUESTION 90
- (Topic 8)
You need to design network connectivity for a subnet in an Azure virtual network. The subnet will contain 30 virtual machines. The virtual machines will establish
outbound connections to internet hosts by using the same a pool of four public IP addresses, inbound connections to the virtual machines will be prevented.
What should include in the design?
A. Azure Private Link

B. NAT Gateway
C. User Defined Routes
D. Azure Virtual WAN
Answer: D
NEW QUESTION 94
- (Topic 8)
You develop an ASP.NET Core app that uses Azure App Configuration. You also create an App Configuration containing 100 settings. The app must meet the
following requirements:
• Ensure the consistency of all configuration data when changes to individual settings occur.
• Handle configuration data changes dynamically without causing the application to restart.
• Reduce the overall number of requests made to App Configuration APIs.
You must implement dynamic configuration updates in the app.
What are two ways to achieve this goal? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Increase the App Configuration cache expiration from the default value.
B. Create and implement environment variables for each App Configuration store setting.
C. Decrease the App Configuration cache expiration from the default value.
D. Register all keys in the App Configuration stor
E. Set the refreshAII parameter of the Register method to false.
F. Create and register a sentinel key in the App Configuration stor
G. Set the refreshAII parameter of the Register method to true.
H. Create and configure Azure Key Vaul
I. Implement the Azure Key Vault configuration provider.
Answer: AE
NEW QUESTION 96
- (Topic 8)
You are designing a multi-tiered application that will be hosted on Azure virtual machines. The virtual machines will run Windows Server. Front-end servers will be
accessible from the Internet over port 443. The other servers will NOT be directly accessible over the internet
You need to recommend a solution to manage the virtual machines that meets the following requirement
• Allows the virtual machine to be administered by using Remote Desktop.
• Minimizes the exposure of the virtual machines on the Internet Which Azure service should you recommend?
A. Azure Bastion
B. Service Endpoint
C. Azure Private Link
D. Azure Front Door
Answer: C
NEW QUESTION 97
- (Topic 8)
You deploy an API to API Management
You must secure all operations on the API by using a client certificate.
You need to secure access to the backend service of the API by using client certificates. Which two security features can you use?
A. Azure AD token
B. Self-signed certificate
C. Certificate Authority (CA) certificate
D. Triple DES (3DES) cipher
E. Subscription key
Answer: BC
NEW QUESTION 98
- (Topic 8)
You deploy an Azure App Service web app. You create an app registration for the app in Azure Active Directory (Azure AD) and Twitter. the app must authenticate
users and must use SSL for all communications. The app must use Twitter as the identity provider. You need to validate the Azure AD request in the app code.
What should you validate?
A. HTTP response code

B. ID token header
C. ID token signature
D. Tenant ID
Answer: B
NEW QUESTION 100

HOTSPOT - (Topic 8)
You are developing an application to store and retrieve data in Azure Blob storage. The application will be hosted in an on-premises virtual machine (VM). The VM
is connected to Azure by using a Site-to-Site VPN gateway connection. The application is secured by using Azure Active Directory (Azure AD) credentials.
The application must be granted access to the Azure Blob storage account with a start time, expiry time, and read permissions. The Azure Blob storage account
access must use the Azure AD credentials of the application to secure data access. Data access must be able to be revoked if the client application security is
breached.
You need to secure the application access to Azure Blob storage.

Which security features should you use? To answer select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Shared access signature (SAS) token
When your application design requires shared access signatures for access to Blob storage, use Azure AD credentials to create a user delegation SAS when
possible for superior security.
Box 2: Stored access policy
Stored access policies give you the option to revoke permissions for a service SAS without
having to regenerate the storage account keys.
A shared access signature can take one of the following two forms:
? Service SAS with stored access policy. A stored access policy is defined on a resource container, which can be a blob container, table, queue, or file share. The
stored access policy can be used to manage constraints for one or more service shared access signatures. When you associate a service SAS with a stored
access policy, the SAS inherits the constraints – the start time, expiry time, and permissions – defined for the stored access policy.
? Ad hoc SAS.
NEW QUESTION 105

HOTSPOT - (Topic 8)
You are developing an application that uses a premium block blob storage account. You are optimizing costs by automating Azure Blob Storage access tiers.
You apply the following policy rules to the storage account. You must determine the implications of applying the rules to the data. (Line numbers are included for
reference only.)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
* 1. Yes
* 2. Yes
* 3. Yes

* 4. No
https://docs.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview?tabs=azure-portal#move-aging-data-to-a-cooler-tier
NEW QUESTION 108

- (Topic 8)
A company uses Azure SQL Database to store data for an app. The data includes sensitive information.
You need to implement measures that allow only members of the managers group to see sensitive information.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
Answer: BE
Explanation:
Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with
minimal impact on the application layer.
SQL users excluded from masking - A set of SQL users or AAD identities that get unmasked data in the SQL query results.
Note: The New-AzureRmSqlDatabaseDataMaskingRule cmdlet creates a data masking rule for an Azure SQL database.
References:
https://docs.microsoft.com/en-us/powershell/module/azurerm.sql/new- azurermsqldatabasedatamaskingrule?view=azurermps-6.13.0
NEW QUESTION 113

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the
solution meets the stated goals.
You are developing and deploying several ASP.Net web applications to Azure App Service. You plan to save session state information and HTML output. You
must use a storage mechanism with the following requirements:
•Share session state across all ASP.NET web applications
•Support controlled, concurrent access to the same session state data for multiple readers
and a single writer
•Save full HTTP responses for concurrent requests You need to store the information.
Proposed Solution: Add the web applications to Docker containers. Deploy the containers. Deploy the containers to Azure Kubernetes Service (AKS).
A. Yes
B. No
Answer: B
Explanation:
Instead use Azure Cache for Redis.
Note: Azure Cache for Redis provides a session state provider that you can use to store your session state in-memory with Azure Cache for Redis instead of a
SQL Server database. To use the caching session state provider, first configure your cache, and then configure your ASP.NET application for cache using the
Azure Cache for Redis Session State NuGet package.
References:
https://docs.microsoft.com/en-us/azure/azure-cache-for-redis/cache-aspnet-session-state- provider
NEW QUESTION 115

You are developing a .NET Core model-view controller (MVC) application hosted on Azure for a health care system that allows providers access to their
information.
You develop the following code:

You define a role named SysAdmin.

You need to ensure that the application meets the following authorization requirements:
? Allow the ProviderAdmin and SysAdmin roles access to the Partner controller regardless of whether the user holds an editor claim of partner.
? Limit access to the Manage action of the controller to users with an editor claim of
partner who are also members of the SysAdmin role.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than
once, or not at all. You may need to drag the split bar between panes or scroll to view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1:
Allow the ProviderAdmin and SysAdmin roles access to the Partner controller regardless of whether the user holds an editor claim of partner.
Box 2:
Limit access to the Manage action of the controller to users with an editor claim of partner who are also members of the SysAdmin role.
NEW QUESTION 116

- (Topic 8)
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to
the service consistently.
? Queue size must not grow larger than 80 gigabytes (GB).
? Use first-in-first-out (FIFO) ordering of messages.
? Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Service Bus Queue from the mobile application. Create an Azure Windows VM that is triggered from
Azure Service Bus Queue.
A. Yes
B. No
Answer: B
Explanation:
Don't use a VM, instead create an Azure Function App that uses an Azure Service Bus Queue trigger.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-storage-queue- triggered-function
NEW QUESTION 120

HOTSPOT - (Topic 8)
You are developing a solution that uses the Azure Storage Client library for .NET. You have the following code: (Line numbers are included for reference only.)

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Yes
AcquireLeaseAsync does not specify leaseTime.
leaseTime is a TimeSpan representing the span of time for which to acquire the lease, which will be rounded down to seconds. If null, an infinite lease will be
acquired. If not null, this must be 15 to 60 seconds.
Box 2: No
The GetBlockBlobReference method just gets a reference to a block blob in this container.
Box 3: Yes
The BreakLeaseAsync method initiates an asynchronous operation that breaks the current lease on this container.
NEW QUESTION 123

- (Topic 8)
You are developing a software solution for an autonomous transportation system. The solution uses large data sets and Azure Batch processing to simulate
navigation sets for entire fleets of vehicles.
You need to create compute nodes for the solution on Azure Batch. What should you do?
A. In Python, implement the class: TaskAddParameter

B. In Python, implement the class: JobAddParameter
C. In the Azure portal, create a Batch account
D. In a .NET method, call the method: BatchClient.PoolOperations.CreateJob
Answer: D
Explanation:
A Batch job is a logical grouping of one or more tasks. A job includes settings common to the tasks, such as priority and the pool to run tasks on. The app uses the
BatchClient.JobOperations.CreateJob method to create a job on your pool.
Note:
Step 1: Create a pool of compute nodes. When you create a pool, you specify the number of compute nodes for the pool, their size, and the operating system.
When each task in your job runs, it's assigned to execute on one of the nodes in your pool.
Step 2 : Create a job. A job manages a collection of tasks. You associate each job to a specific pool where that job's tasks will run.
Step 3: Add tasks to the job. Each task runs the application or script that you uploaded to process the data files it downloads from your Storage account. As each
task completes, it can upload its output to Azure Storage.
NEW QUESTION 125

- (Topic 8)

You are updating an application that stores data on Azure and uses Azure Cosmos DB for storage. The application stores data in multiple documents associated
with a single username.
The application requires the ability to update multiple documents for a username in a single ACID operation.
You need to configure Azure Cosmos DB.
A. Configure Azure Cosmos DB to use the Azure Cosmos DB for Apache Gremlin API.
B. Configure Azure Cosmos DB to use the Azure Cosmos DB for MongoDB API.
C. Create a collection sharded on username to store documents.
D. Create an unsharded collection to store documents.
Answer: BD
NEW QUESTION 129

You develop a web application.
You need to register the application with an active Azure Active Directory (Azure AD) tenant.
Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct
order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Register a new application using the Azure portal
? Sign in to the Azure portal using either a work or school account or a personal Microsoft account.
? If your account gives you access to more than one tenant, select your account in the upper right corner. Set your portal session to the Azure AD tenant that you
want.
? Search for and select Azure Active Directory. Under Manage, select App registrations.
? Select New registration. (Step 1)
? In Register an application, enter a meaningful application name to display to users.
? Specify who can use the application. Select the Azure AD instance. (Step 2)
? Under Redirect URI (optional), select the type of app you're building: Web or Public client (mobile & desktop). Then enter the redirect URI, or reply URL, for your
application. (Step 3)
? When finished, select Register.
NEW QUESTION 132

HOTSPOT - (Topic 8)
You are building a traffic monitoring system that monitors traffic along six highways. The system produces time series analysis-based reports for each highway.
Data from traffic sensors are stored in Azure Event Hub.
Traffic data is consumed by four departments. Each department has an Azure Web App that displays the time-series-based reports and contains a WebJob that
processes the incoming data from Event Hub. All Web Apps run on App Service Plans with three instances.
Data throughout must be maximized. Latency must be minimized. You need to implement the Azure Event Hub.
Which settings should you use? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: 6
The number of partitions is specified at creation and must be between 2 and 32. There are 6 highways.
Box 2: Highway References:
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-features
NEW QUESTION 134

- (Topic 8)
You are developing an Azure Function App that runs in an App Service Plan. The Azure Function is triggered by a Timer object. You observe that the Azure
Function does not reliably trigger when scheduled. Which two actions should you perform?
A. Verify that Always On is enabled.

B. Modify the trigger to use a SignaIR trigger.
C. Ensure that the function has a retry configured.
D. Modify the trigger to use Consumption mode instead of the App Service plan.
Answer: AC
NEW QUESTION 135

You are developing a serverless Java application on Azure. You create a new Azure Key Vault to work with secrets from a new Azure Functions application.
The application must meet the following requirements:
? Reference the Azure Key Vault without requiring any changes to the Java code.
? Dynamically add and remove instances of the Azure Functions host based on the number of incoming application events.
? Ensure that instances are perpetually warm to avoid any cold starts.
? Connect to a VNet.
? Authentication to the Azure Key Vault instance must be removed if the Azure Function application is deleted.
You need to grant the Azure Functions application access to the Azure Key Vault.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Step 1: Create the Azure Functions app with a Consumption plan type. Use the Consumption plan for serverless.
Step 2: Create a system-assigned managed identity for the application. Create a system-assigned managed identity for your application.
Key Vault references currently only support system-assigned managed identities. User- assigned identities cannot be used.
Step 3: Create an access policy in Key Vault for the application identity.
Create an access policy in Key Vault for the application identity you created earlier. Enable the "Get" secret permission on this policy. Do not configure the
"authorized application" or
applicationId settings, as this is not compatible with a managed identity.
NEW QUESTION 136

- (Topic 8)
You develop and deploy an Azure App Service web app to a production environment. You enable the Always On setting and the Application Insights site
extensions. You deploy a code update and receive multiple failed requests and exceptions in the web app. You need to validate the performance and failure
counts of the web app in near real time. Which Application Insights tool should you use?
A. Snapshot Debugger
B. Profiler
C. Smart Detection
D. Live Metrics Stream
E. Application Map
Answer: D
NEW QUESTION 139

HOTSPOT - (Topic 8)
You are working for Contoso, Ltd.
You define an API Policy object by using the following XML markup:

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Yes
Use the set-backend-service policy to redirect an incoming request to a different backend than the one specified in the API settings for that operation. Syntax: <set-
backend-service base-url="base URL of the backend service" />
Box 2: No
The condition is on 512k, not on 256k.
Box 3: No
The set-backend-service policy changes the backend service base URL of the incoming
request to the one specified in the policy.
NEW QUESTION 143

HOTSPOT - (Topic 8)
You are validating the configuration of an Azure Search indexer.
The service has been configured with an indexer that uses the Import Data option. The index is configured using options as shown in the Index Configuration
exhibit. (Click the Index Configuration tab.)
You use an Azure table as the data source for the import operation. The table contains three records with item inventory data that matches the fields in the Storage
data exhibit. These records were imported when the index was created. (Click the Storage Data tab.) When users search with no filter, all three records are
displayed.
When users search for items by description, Search explorer returns no records. The Search Explorer exhibit shows the query and results for a test. In the test, a
user is trying to search for all items in the table that have a description that contains the word bag. (Click the Search Explorer tab.)

You need to resolve the issue.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Yes
The ItemDescription field in not searchable.
Box 2: No
The ItemDescription field in not searchable, but we would need to recreate the index.
Box 3: Yes
An indexer in Azure Search is a crawler that extracts searchable data and metadata from an external Azure data source and populates an index based on field-to-
field mappings between the index and your data source. This approach is sometimes referred to as a 'pull model' because the service pulls data in without you
having to write any code that adds data to an index.
Box 4: No References:
https://docs.microsoft.com/en-us/azure/search/search-what-is-an-index
https://docs.microsoft.com/en-us/azure/search/search-indexer-overview
NEW QUESTION 146

HOTSPOT - (Topic 8)
A company is developing a Java web app. The web app code is hosted in a GitHub repository located at https://github.com/Contoso/webapp.
The web app must be evaluated before it is moved to production. You must deploy the initial code release to a deployment slot named staging.
You need to create the web app and deploy the code.
A. Mastered
B. Not Mastered

Answer: A
Explanation:
Box 1: group
# Create a resource group.
az group create --location westeurope --name myResourceGroup
Box 2: appservice plan
# Create an App Service plan in STANDARD tier (minimum required by deployment slots). az appservice plan create --name $webappname --resource-group
myResourceGroup -- sku S1
Box 3: webapp
# Create a web app.
az webapp create --name $webappname --resource-group myResourceGroup \
--plan $webappname
Box 4: webapp deployment slot
#Create a deployment slot with the name "staging".
az webapp deployment slot create --name $webappname --resource-group myResourceGroup \
--slot staging
Box 5: webapp deployment source
# Deploy sample code to "staging" slot from GitHub.
az webapp deployment source config --name $webappname --resource-group myResourceGroup \
--slot staging --repo-url $gitrepo --branch master --manual-integration
References:
https://docs.microsoft.com/en-us/azure/app-service/scripts/cli-deploy-staging-environment
NEW QUESTION 148

You are developing an application. You have an Azure user account that has access to two subscriptions.
You need to retrieve a storage account key secret from Azure Key Vault.
In which order should you arrange the PowerShell commands to develop the solution? To answer, move all commands from the list of commands to the answer
area and arrange them in the correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Step 1: Get-AzSubscription
If you have multiple subscriptions, you might have to specify the one that was used to create your key vault. Enter the following to see the subscriptions for your
account: Get-AzSubscription
Step 2: Set-AzContext -SubscriptionId
To specify the subscription that's associated with the key vault you'll be logging, enter: Set-AzContext -SubscriptionId <subscriptionID>
Step 3: Get-AzStorageAccountKey You must get that storage account key.
Step 4: $secretvalue = ConvertTo-SecureString <storageAccountKey> -AsPlainText -Force
Set-AzKeyVaultSecret -VaultName <vaultName> -Name <secretName> -SecretValue
$secretvalue
After retrieving your secret (in this case, your storage account key), you must convert that key to a secure string, and then create a secret with that value in your
key vault.
Step 5: Get-AzKeyVaultSecret
Next, get the URI for the secret you created. You'll need this URI in a later step to call the key vault and retrieve your secret. Run the following PowerShell
command and make note of the ID value, which is the secret's URI:
Get-AzKeyVaultSecret –VaultName <vaultName>
NEW QUESTION 153

You have an application that provides weather forecasting data to external partners. You use Azure API Management to publish APIs.

You must change the behavior of the API to meet the following requirements:
• Support alternative input parameters.
• Remove formatting text from responses.
• Provide additional context to back-end services.
Which types of policies should you implement? To answer, drag the policy types to the correct scenarios. Each policy type may be used once, more than once, or
not at all. You may need to drag the split bar between panes or scroll to view content
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 156

HOTSPOT - (Topic 8)
You are developing an Azure Function App by using Visual Studio. The app will process orders input by an Azure Web App. The web app places the order
information into Azure Queue Storage.
You need to review the Azure Function App code shown below.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: No
ExpirationTime - The time that the message expires.
InsertionTime - The time that the message was added to the queue.
Box 2: Yes
maxDequeueCount - The number of times to try processing a message before moving it to the poison queue. Default value is 5.
Box 3: Yes

When there are multiple queue messages waiting, the queue trigger retrieves a batch of messages and invokes function instances concurrently to process them.
By default, the batch size is 16. When the number being processed gets down to 8, the runtime gets another batch and starts processing those messages. So the
maximum number of concurrent messages being processed per function on one virtual machine (VM) is 24.
Box 4: Yes References:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-storage-queue
NEW QUESTION 160

A company has multiple warehouse. Each warehouse contains IoT temperature devices which deliver temperature data to an Azure Service Bus queue.
You need to send email alerts to facility supervisors immediately if the temperature at a warehouse goes above or below specified threshold temperatures.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Step 1: Create a blank Logic app. Create and configure a Logic App.
Step 2: Add a logical app trigger that fires when one or more messages arrive in the queue. Configure the logic app trigger.
Under Triggers, select When one or more messages arrive in a queue (auto-complete). Step 3: Add an action that reads IoT temperature data from the Service
Bus queue
Step 4: Add a condition that compares the temperature against the upper and lower thresholds.
Step 5: Add an action that sends an email to specified personnel if the temperature is outside of those thresholds
NEW QUESTION 161

You are implementing an order processing system. A point of sale application publishes orders to topics in an Azure Service Bus queue. The label property for the
topic includes the following data:
The system has the following requirements for subscriptions
You need to implement filtering and maximize throughput while evaluating filters.
Which filter types should you implement? To answer, drag the appropriate filter types to the correct subscriptions. Each filter type may be used once,more than
once, or not at all. You may need to drag the split bar between panes or scroll to view content.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
FutureOrders: SQLFilter HighPriortyOrders: CorrelationFilter
CorrelationID only
InternationalOrders: SQLFilter
Country NOT USA requires an SQL Filter
HighQuantityOrders: SQLFilter
Need to use relational operators so an SQL Filter is needed. AllOrders: No Filter
SQL Filter: SQL Filters - A SqlFilter holds a SQL-like conditional expression that is evaluated in the broker against the arriving messages' user-defined properties
and system properties. All system properties must be prefixed with sys. in the conditional expression. The SQL-language subset for filter conditions tests for the
existence of properties (EXISTS), as well as for null-values (IS NULL), logical NOT/AND/OR, relational operators, simple numeric arithmetic, and simple text
pattern matching with LIKE.
Correlation Filters - A CorrelationFilter holds a set of conditions that are matched against one or more of an arriving message's user and system properties. A
common use is to match against the CorrelationId property, but the application can also choose to match against ContentType, Label, MessageId, ReplyTo,
ReplyToSessionId, SessionId, To, and any user-defined properties. A match exists when an arriving message's value for a property is equal to the value specified
in the correlation filter. For string expressions, the comparison is case-sensitive. When specifying multiple match properties, the filter combines them as a logical
AND condition, meaning for the filter to match, all conditions must match.
Boolean filters - The TrueFilter and FalseFilter either cause all arriving messages (true) or none of the arriving messages (false) to be selected for the subscription.
References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/topic-filters
NEW QUESTION 165

HOTSPOT - (Topic 8)
A company develops a series of mobile games. All games use a single leaderboard service.
•Code should be scalable and allow for growth.
•Each record must consist of a playedId, gameId, score, and time played.
•When users reach a new high score, the system will save the new score using the SaveScore function below.
•Each game is assigned and Id based on the series title.
You have the following code. (Line numbers are included for reference only.)
You store customer information in an Azure Cosmos database. The following data already exists in the database:

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Yes
Code for CosmosDB, example:
// Parse the connection string and return a reference to the storage account. CloudStorageAccount storageAccount = CloudStorageAccount.Parse(
CloudConfigurationManager.GetSetting("StorageConnectionString"));
// Create the table client.
CloudTableClient tableClient = storageAccount.CreateCloudTableClient();
// Retrieve a reference to the table.
CloudTable table = tableClient.GetTableReference("people");
// Create the TableOperation object that inserts the customer entity. TableOperation insertOperation = TableOperation.Insert(customer1);
Box 2: No
A new record will always be added as TableOperation.Insert is used, instead of TableOperation.InsertOrReplace.
Box 3: No
No partition key is used. Box 4: Yes
References:
https://docs.microsoft.com/en-us/azure/cosmos-db/table-storage-how-to-use-dotnet
NEW QUESTION 170

- (Topic 8)
You develop and deploy an Azure App Service web app named App1. You create a new Azure Key Vault named Vault 1. You import several API keys, passwords,
certificates, and cryptographic keys into Vault1.
You need to grant App1 access to Vault1 and automatically rotate credentials Credentials must not be stored in code.
What should you do?
A. Enable App Service authentication for App

B. Assign a custom RBAC role to Vault1.
C. Add a TLS/SSL binding to App1.
D. Assign a managed identity to App1.
E. Upload a self-signed client certificate to Vault1. Update App1 to use the client certificate.
Answer: D
NEW QUESTION 175

- (Topic 8)
You develop and deploy an Azure Logic app that calls an Azure Function app. The Azure Function app includes an OpenAPl (Swagger) definition and uses an
Azure Blob storage account. All resources are secured by using Azure Active Directory (Azure AD).
The Azure Logic app must securely access the Azure Blob storage account. Azure AD resources must remain if the Azure Logic app is deleted.
You need to secure the Azure Logic app. What should you do?
A. Create an Azure AD custom role and assign role-based access controls.

B. Create an Azure AD custom role and assign the role to the Azure Blob storage account.
C. Create an Azure Key Vault and issue a client certificate.
D. Create a user-assigned managed identity and assign role-based access controls.
E. Create a system-assigned managed identity and issue a client certificate.
Answer: D
Explanation:
To give a managed identity access to an Azure resource, you need to add a role to the target resource for that identity.
Note: To easily authenticate access to other resources that are protected by Azure Active Directory (Azure AD) without having to sign in and provide credentials or
secrets, your logic app can use a managed identity (formerly known as Managed Service Identity or MSI). Azure manages this identity for you and helps secure

your credentials because you don't have to provide or rotate secrets.

If you set up your logic app to use the system-assigned identity or a manually created, user-assigned identity, the function in your logic app can also use that same
identity for authentication.
Reference:
https://docs.microsoft.com/en-us/azure/logic-apps/create-managed-service-identity
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-mutual-certificates-for-clients
NEW QUESTION 177

HOTSPOT - (Topic 8)
You are implementing a software as a service (SaaS) ASP.NET Core web service that will run as an Azure Web App. The web service will use an on-premises
SQL Server database for storage. The web service also includes a WebJob that processes data updates. Four customers will use the web service.
? Each instance of the WebJob processes data for a single customer and must run as a singleton instance.
? Each deployment must be tested by using deployment slots prior to serving
production data.
? Azure costs must be minimized.
? Azure resources must be located in an isolated network.
You need to configure the App Service plan for the Web App.
How should you configure the App Service plan? To answer, select the appropriate settings in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Number of VM instances: 4
You are not charged extra for deployment slots.
Pricing tier: Isolated
The App Service Environment (ASE) is a powerful feature offering of the Azure App Service that gives network isolation and improved scale capabilities. It is
essentially a deployment of the Azure App Service into a subnet of a customer’s Azure Virtual Network (VNet).
References:
https://azure.microsoft.com/sv-se/blog/announcing-app-service-isolated-more-power-scale-and-ease-of-use/
NEW QUESTION 181

- (Topic 8)
You are building a web application that performs image analysis on user photos and returns metadata containing objects identified. The image analysis is very
costly in terms of time and compute resources. You are planning to use Azure Redo Cache so Cache uploads do not need to be reprocessed.
In case of an Azure data center outage metadata loss must be kept to a minimum. You need to configure the Azure Redis cache instance.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection in worth one point.
A. Configure Azure Redis with persistence

B. Configure second storage account for persistence
C. Set backup frequency to the minimum value
D. Configure Azure Redis with RDS persistence
Answer: AC
NEW QUESTION 184

HOTSPOT - (Topic 8)
You have an App Service plan named aspl based on the Free pricing tier.
You plan to use aspl to implement an Azure Function app with a queue trigger. Your solution must minimize cost.
You need to identify the configuration options that will meet the requirements.
Which value should you configure? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 186

HOTSPOT - (Topic 8)
You are developing an Azure Function App. You develop code by using a language that is not supported by the Azure Function App host. The code language
supports HTTP primitives.
You must deploy the code to a production Azure Function App environment. You need to configure the app for deployment.
Which configuration values should you use? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Docker container
A custom handler can be deployed to every Azure Functions hosting option. If your handler requires operating system or platform dependencies (such as a
language runtime), you mayneed to use a custom container. You can create and deploy your code to Azure Functions as a custom Docker container.
Box 2: PowerShell core
When creating a function app in Azure for custom handlers, we recommend you select

.NET Core as the stack. A "Custom" stack for custom handlers will be added in the future. PowerShell Core (PSC) is based on the new .NET Core runtime.
Box 3: 7.0
On Windows: The Azure Az PowerShell module is also supported for use with PowerShell 5.1 on Windows.
On Linux: PowerShell 7.0.6 LTS, PowerShell 7.1.3, or higher is the recommended version of PowerShell for use with the Azure Az PowerShell module on all
platforms.
NEW QUESTION 191

HOTSPOT - (Topic 8)
You develop a news and blog content app for Windows devices.
A notification must arrive on a user’s device when there is a new article available for them to view.
You need to implement push notifications.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: NotificationHubClient
Box 2: NotificationHubClient
Box 3: CreateClientFromConnectionString
// Initialize the Notification Hub NotificationHubClient hub =
NotificationHubClient.CreateClientFromConnectionString(listenConnString, hubName);
Box 4: SendWindowsNativeNotificationAsync Send the push notification.
var result = await hub.SendWindowsNativeNotificationAsync(windowsToastPayload);
NEW QUESTION 195

HOTSPOT - (Topic 8)
A company runs an international travel and bookings management service. The company plans to begin offering restaurant bookings. You must develop a solution
that uses Azure Search and meets the following requirements:
• Users must be able to search for restaurants by name, description, location, and cuisine.
• Users must be able to narrow the results further by location, cuisine, rating, and family- friendliness.
• All words in descriptions must be included in searches. You need to add annotations to the restaurant class.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: [IsSearchable.IsFilterable.IsSortable,IsFacetable] Location
Users must be able to search for restaurants by name, description, location, and cuisine. Users must be able to narrow the results further by location, cuisine,
rating, and family- friendliness.
Box 2: [IsSearchable.IsFilterable.IsSortable,Required] Description
Users must be able to search for restaurants by name, description, location, and cuisine. All words in descriptions must be included in searches.
Box 3: [IsFilterable,IsSortable,IsFaceTable] Rating
Users must be able to narrow the results further by location, cuisine, rating, and family- friendliness.
Box 4: [IsSearchable.IsFilterable,IsFacetable]
Cuisines
Users must be able to search for restaurants by name, description, location, and cuisine. Users must be able to narrow the results further by location, cuisine,
rating, and family- friendliness.
Box 5: [IsFilterable,IsFacetable] FamilyFriendly
Users must be able to narrow the results further by location, cuisine, rating, and family- friendliness.
References:

https://www.henkboelman.com/azure-search-the-basics/
NEW QUESTION 196

HOTSPOT - (Topic 8)
You are using Azure Front Door Service.
You are expecting inbound files to be compressed by using Brotli compression. You discover that inbound XML files are not compressed. The files are 9
megabytes (MB) in size.
You need to determine the root cause for the issue.
To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: No
Front Door can dynamically compress content on the edge, resulting in a smaller and faster response to your clients. All files are eligible for compression.
However, a file must be of a MIME type that is eligible for compression list.
Box 2: No
Sometimes you may wish to purge cached content from all edge nodes and force them all to retrieve new updated assets. This might be due to updates to your
web application, or to quickly update assets that contain incorrect information.
Box 3: Yes
These profiles support the following compression encodings: Gzip (GNU zip), Brotli
NEW QUESTION 198

- (Topic 8)
You are developing an application to store business-critical data in Azure Blob storage. The application must meet the following requirements:
• Data must not be modified or deleted for a user-specified interval.
• Data must be protected from overwntes and deletes.
• Data must be written once and allowed to be read many times. You need to protect the data fen the Azure Blob storage account.
A. Enable version-level immutability support for the storage account.

B. Create an account shared-access signature (SAS).
C. Enable point-in-time restore for containers in the storage account.
D. Create a service shared-access signature (SAS).
E. Enable the blob change feed for the storage account.
F. Configure a time-based retention policy for the storage account.
Answer: DF
NEW QUESTION 199

You develop a gateway solution for a public facing news API.
The news API back end is implemented as a RESTful sen/ice and hosted in an Azure App Service instance.
You need to configure back-end authentication for the API Management service instance. Which target and gateway credential type should you use? To answer,
drag the appropriate
values to the correct parameters. Each value may be used once, more than once, or not at
all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered

Answer: A
Explanation:
Box 1: Azure Resource Box 2: Client cert
API Management allows to secure access to the back-end service of an API using client certificates.
References:
https://docs.microsoft.com/en-us/rest/api/apimanagement/apimanagementrest/azure-api-management-rest-api-backend-entity
NEW QUESTION 200

HOTSPOT - (Topic 8)
You implement an Azure solution to include Azure Cosmos DB. the latest Azure Cosmos DB SDK, and the Azure Cosmos DB for NoSQL API. You also implement
a change feed processor on a new container instance by using the Azure Functions trigger for Azure Cosmos DB.
A large batch of documents continues to fail when reading one of the documents in the batch. The same batch of documents is continuously retried by the
triggered function and a new batch of documents must be read.
You need to implement the change feed processor to read the documents.
Which feature should you implement? To answer, select the appropriate features in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 205

HOTSPOT - (Topic 8)
You are developing an application that uses Azure Storage to store customer data. The data must only be decrypted by the customer and the customer must be
provided a script to rotate keys.
You need to provide a script to rotate keys to the customer.
How should you complete the command? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 210

- (Topic 8)
You develop a serverless application using several Azure Functions. These functions connect to data from within the code.
You want to configure tracing for an Azure Function App project. You need to change configuration settings in the hostjson file. Which tool should you use?
A. Azure portal
B. Azure PowerShell
C. Azure Functions Core Tools (Azure CLI)
D. Visual Studio
Answer: A
Explanation:
The function editor built into the Azure portal lets you update the function.json file and the code file for a function. The host.json file, which contains some runtime-
specific configurations, is in the root folder of the function app.
References:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-reference#fileupdate
NEW QUESTION 211

- (Topic 8)
You are developing an Azure Function App that processes images that are uploaded to an Azure Blob container.
Images must be processed as quickly as possible after they are uploaded, and the solution must minimize latency. You create code to process images when the
Function App is triggered.
You need to configure the Function App. What should you do?
A. Use an App Service pla

B. Configure the Function App to use an Azure Blob Storage input trigger.
C. Use a Consumption pla
D. Configure the Function App to use an Azure Blob Storage trigger.
E. Use a Consumption pla
F. Configure the Function App to use a Timer trigger.
G. Use an App Service pla
H. Configure the Function App to use an Azure Blob Storage trigger.
I. Use a Consumption pla
J. Configure the Function App to use an Azure Blob Storage input trigger.
Answer: B
Explanation:
The Blob storage trigger starts a function when a new or updated blob is detected. The blob contents are provided as input to the function.
The Consumption plan limits a function app on one virtual machine (VM) to 1.5 GB of memory.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-storage-blob- trigger
NEW QUESTION 214

HOTSPOT - (Topic 8)
Your company is migrating applications to Azure. The IT department must allow internal developers to communicate with Microsoft support.
The service agents of the IT department must only have view resources and create support ticket permissions to all subscriptions. A new custom role must be
created by reusing a default role definition and changing the permissions.
You need to create the custom role.
To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Set-AzureRmRoleDefinition Input-File C:\SupportRole.json
The Set-AzureRmRoleDefinition cmdlet updates an existing custom role in Azure Role- Based Access Control. Provide the updated role definition as an input to
the command as a JSON file or a PSRoleDefinition object.
The role definition for the updated custom role MUST contain the Id and all other required properties of the role even if they are not updated: DisplayName,
Description, Actions, AssignableScope
Box 2: "*/read*."* Microsoft.Support/*" Microsoft.Support/* Create and manage support tickets
"Microsoft.Support" role definition azure
NEW QUESTION 219

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the
solution meets the stated goals.
You are developing and deploying several ASP.Net web applications to Azure App Service. You plan to save session state information and HTML output. You
must use a storage mechanism with the following requirements:
•Share session state across all ASP.NET web applications
•Support controlled, concurrent access to the same session state data for multiple readers and a single writer
•Save full HTTP responses for concurrent requests You need to store the information.
Proposed Solution: Deploy and configure Azure Cache for Redis. Update the web applications.
A. Yes
B. No
Answer: A
Explanation:
The session state provider for Azure Cache for Redis enables you to share session information between different instances of an ASP.NET web application.
The same connection can be used by multiple concurrent threads. Redis supports both read and write operations.
The output cache provider for Azure Cache for Redis enables you to save the HTTP responses generated by an ASP.NET web application.
Note: Using the Azure portal, you can also configure the eviction policy of the cache, and control access to the cache by adding users to the roles provided. These
roles, which define the operations that members can perform, include Owner, Contributor, and Reader. For example, members of the Owner role have complete
control over the cache (including security) and its contents, members of the Contributor role can read and write information
in the cache, and members of the Reader role can only retrieve data from the cache.
Reference:
https://docs.microsoft.com/en-us/azure/architecture/best-practices/caching
NEW QUESTION 222

- (Topic 8)
A company is developing a solution that allows smart refrigerators to send temperature information to a central location. You have an existing Service Bus.
The solution must receive and store messages until they can be processed. You create an Azure Service Bus instance by providing a name, pricing tier,
subscription, resource group, and location.
You need to complete the configuration.
Which Azure CLI or PowerShell command should you run?

A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
Explanation:
A service bus instance has already been created (Step 2 below). Next is step 3, Create a Service Bus queue.
Note:
Steps:
Step 1: # Create a resource group resourceGroupName="myResourceGroup"
az group create --name $resourceGroupName --location eastus
Step 2: # Create a Service Bus messaging namespace with a unique name namespaceName=myNameSpace$RANDOM
az servicebus namespace create --resource-group $resourceGroupName --name
$namespaceName --location eastus
Step 3: # Create a Service Bus queue
az servicebus queue create --resource-group $resourceGroupName --namespace-name
$namespaceName --name BasicQueue
Step 4: # Get the connection string for the namespace
connectionString=$(az servicebus namespace authorization-rule keys list --resource-group
$resourceGroupName --namespace-name $namespaceName --name RootManageSharedAccessKey --query primaryConnectionString --output tsv)
References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-quickstart-cli
NEW QUESTION 225

- (Topic 8)
You are developing an application to manage shipping information for cargo ships. The application will use Azure Cosmos D8 for storage.
The application must run offline when ships are at sea The application must be connected to Azure when ships are in port.
Which Azure Cosmos D8 API should you use for the application?
A. Core
B. MongoDe
C. Cassandra
D. Gremlin
Answer: C
NEW QUESTION 230

- (Topic 8)
You develop a website. You plan to host the website in Azure. You expect the website to experience high traffic volumes after it is published. You must ensure that
the website remains available and responsive while minimizing cost. You need to deploy the website. What should you do?
A. Deploy the website to an App Service that uses the Shared service tie
B. Configure the App Service plan to automatically scale when the CPU load is high.
C. Deploy the website to a virtual machin
D. Configure the virtual machine to automatically scale when the CPU load is high.
E. Deploy the website to an App Service that uses the Standard service tie
F. Configure the App Service plan to automatically scale when the CPU load is high.
G. Deploy the website to a virtual machin
H. Configure a Scale Set to increase the virtual machine instance count when the CPU load
Answer: C
Explanation:
Windows Azure Web Sites (WAWS) offers 3 modes: Standard, Free, and Shared.
Standard mode carries an enterprise-grade SLA (Service Level Agreement) of 99.9% monthly, even for sites with just one instance.

Standard mode runs on dedicated instances, making it different from the other ways to buy Windows Azure Web Sites.
NEW QUESTION 235

- (Topic 8)
You develop an Azure web app. You monitor performance of the web app by using Application Insights. You need to ensure the cost for Application Insights does
not exceed a preset budget. What should you do?
A. Implement ingestion sampling using the Azure portal.

B. Set a daily cap for the Application Insights instance.
C. Implement adaptive sampling using the Azure portal.
D. Implement adaptive sampling using the Application Insights SDK.
E. Implement ingestion sampling using the Application Insights SDK.
Answer: D
Explanation:
Sampling is an effective way to reduce charges and stay within your monthly quota.
You can set sampling manually, either in the portal on the Usage and estimated costs page; or in the ASP.NET SDK in the .config file; or in the Java SDK in the
ApplicationInsights.xml file, to also reduce the network traffic.
Adaptive sampling is the default for the ASP.NET SDK. Adaptive sampling automatically adjusts to the volume of telemetry that your app sends. It operates
automatically in the SDK in your web app so that telemetry traffic on the network is reduced.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/sampling
NEW QUESTION 236

- (Topic 8)
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Use an X.509 certificate to authenticate the VM with Azure Resource Manager. Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Instead run the Invoke-RestMethod cmdlet to make a request to the local managed identity
for Azure resources endpoint.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm
NEW QUESTION 240

You are Implementing an Azure solution that uses Azure Cosmos DB and the latest Azure Cosmos DB SDK. You add a change feed processor to a new container
instance.
You attempt to lead a batch of 100 documents. The process falls when reading one of the documents. The solution must monitor the progress of the change feed
processor instance on the new container as the change feed is read. You must prevent the change feed processor from retrying the entire batch when one
document cannot be read.
You need to implement the change feed processor to read the documents.
Which features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, More than once, or not at
all. You may need to drag The split bat between panes or scroll to view content
Each correct selection is worth one point
A. Mastered
B. Not Mastered
Answer: A
Explanation:

NEW QUESTION 243

HOTSPOT - (Topic 8)
You are developing a web application that uses the Microsoft identify platform for user and resource authentication. The web application calls several REST APIs.
You are implementing various authentication and authorization flows for the web application.
You need to validate the claims in the authentication token.
Which token type should use? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 246

HOTSPOT - (Topic 8)
You are building an application that stores sensitive customer data in Azure Blob storage.
The data must be encrypted with a key that is unique for each customer.
If the encryption key has been corrupted it must not be used for encryption. You need to ensure that the blob is encrypted.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 251

- (Topic 8)
Solution: Use the Durable Function async pattern to process the blob data. Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:
response.
HTTP trigger payload into a queue to be processed by a queue trigger function. This approach lets you defer the actual work and return an immediate response.
Reference:
NEW QUESTION 252

- (Topic 8)
You develop and deploy an Azure App Service API app to a Windows-hosted deployment slot named Development. You create additional deployment slots
namedTestingand Production. You enable auto swap on the Production deployment slot.
You need to ensure that scripts run and resources are available before a swap operation occurs.
Solution: Disable auto swap. Update the app with a method named statuscheck to run the scripts. Re-enable auto swap and deploy the app to the Production slot.
A. Yes

B. No
Answer: B
Explanation:
Instead update the web.config file to include the applicationInitialization configuration element. Specify custom initialization actions to run the scripts.
Note: Some apps might require custom warm-up actions before the swap. The applicationInitialization configuration element in web.config lets you specify custom
initialization actions. The swap operation waits for this custom warm-up to finish before swapping with the target slot. Here's a sample web.config fragment.
<system.webServer>
<applicationInitialization>
<add initializationPage="/" hostName="[app hostname]" />
<add initializationPage="/Home/About" hostName="[app hostname]" />
</applicationInitialization>
</system.webServer>
Reference:
https://docs.microsoft.com/en-us/azure/app-service/deploy-staging-slots#troubleshoot- swaps
NEW QUESTION 257

HOTSPOT - (Topic 8)
You develop an application that sells Al generated images based on user input. You recently started a marketing campaign that displays unique ads every second
day.
Sales data is stored in Azure Cosmos DB with the date of each sale being stored in a property named 'whenFinished'.
The marketing department requires a view that shows the number of sales for each unique ad.
You need to implement the query for the view.
How should you complete the query? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:

NEW QUESTION 261

- (Topic 8)
You have an existing Azure storage account that stores large volumes of data across multiple containers.
You need to copy all data from the existing storage account to a new storage account. The copy process must meet the following requirements:
? Automate data movement.
? Minimize user input required to perform the operation.
? Ensure that the data movement process is recoverable.
What should you use?
A. AzCopy
B. Azure Storage Explorer
C. Azure portal
D. .NET Storage Client Library
Answer: A
Explanation:
You can copy blobs, directories, and containers between storage accounts by using the AzCopy v10 command-line utility.
The copy operation is synchronous so when the command returns, that indicates that all files have been copied.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-use-azcopy-blobs-copy
NEW QUESTION 262

- (Topic 8)
You develop and deploy an ASP.NET Core application that connects o an Azure Database for MySQL instance.
Connections to the database appear to drop intermittently and the application code does not handle the connection failure.
You need to handle the transient connection errors in code by implementing retries. What are three possible ways to achieve this goal? Each correct answer
presents part of
the solution.
A. Increase connection repeat attempts exponentially up to 120 seconds.

B. Close the database connection and immediately report an error.
C. Wait five seconds before repeating the connection attempt to the database.
D. Disable connection pooling and configure a second Azure Database for MySQL instance.
E. Set a maximum number of connection attempts to 10 and report an error on subsequent connections.
Answer: BCE
NEW QUESTION 263

- (Topic 8)
You are developing several Azure API Management (APIM) hosted APIs.
You must inspect request processing of the APIs in APIM. Requests to APIM by using a REST client must also be included. The request inspection must include
the following information:
• requests APIM sent to the API backend and the response it received
• policies applied to the response before sending back to the caller
• errors that occurred during the processing of the request and the policies applied to the errors
• original request APIM received from the caller and the policies applied to the request You need to inspect the APIs.
Which three actions should you do? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Enable the Allow tracing setting for the subscription used to inspect the API.
B. Add the Ocp-Apim-Trace header value to the API call with a value set to true
C. Add the Ocp-Apim-Subscription-Key header value to the key for a subscription that allows access to the API.
D. Create and configure a custom polic
E. Apply the policy to the outbound policy section with an API scope.
F. Create and configure a custom polic
G. Apply the policy to the inbound policy section with a global scope.
Answer: ABC
Explanation:
The correct answer is A, B, and C. To inspect request processing of the APIs in APIM, you need to do the following three actions:
? Enable the Allow tracing setting for the subscription used to inspect the API. This
setting allows you to trace request processing in APIM using the test console, a REST client, or a client app.You can enable this setting in the portal by selecting
Subscriptions and then selecting the subscription you want to use for debugging1.
? Add the Ocp-Apim-Trace header value to the API call with a value set to true. This
header triggers tracing when making requests to APIM using a REST client or a client app.You also need to add the Ocp-Apim-Subscription-Key header value to
the key for a subscription that allows access to the API1.
? Add the Ocp-Apim-Subscription-Key header value to the key for a subscription that
allows access to the API. This header authenticates your request and grants you access to the API.You can find the key for your subscription in the portal by
selecting Subscriptions and then selecting Show/hide keys1.
You do not need to create and configure a custom policy for tracing request processing.The trace policy is used to add a custom trace into the request tracing
output,Application Insights telemetries, and/or resource logs2. It is not required for inspecting the APIs.
NEW QUESTION 268

HOTSPOT - (Topic 8)
A company is developing a Node.js web app. The web app code is hosted in a GitHub repository located at https://github.com/TailSpinToys/weapp.
The web app must be reviewed before it is moved to production. You must deploy the initial
code release to a deployment slot named review. You need to create the web app and deploy the code.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
The New-AzResourceGroup cmdlet creates an Azure resource group.
The New-AzAppServicePlan cmdlet creates an Azure App Service plan in a given location The New-AzWebApp cmdlet creates an Azure Web App in a given a
resource group
The New-AzWebAppSlot cmdlet creates an Azure Web App slot.
References:
https://docs.microsoft.com/en-us/powershell/module/az.resources/new- azresourcegroup?view=azps-2.3.2
https://docs.microsoft.com/en-us/powershell/module/az.websites/new- azappserviceplan?view=azps-2.3.2
https://docs.microsoft.com/en-us/powershell/module/az.websites/new- azwebapp?view=azps-2.3.2
https://docs.microsoft.com/en-us/powershell/module/az.websites/new- azwebappslot?view=azps-2.3.2
NEW QUESTION 271

- (Topic 8)
You develop an app that allows users to upload photos and videos to Azure storage. The app uses a storage REST API call to upload the media to a blob storage
account named Account1. You have blob storage containers named Container1 and Container2. Uploading of videos occurs on an irregular basis.
You need to copy specific blobs from Container1 to Container2 in real time when specific requirements are
met, excluding backup blob copies. What should you do?
A. Download the blob to a virtual machine and then upload the blob to Container2.
B. Run the Azure PowerShell command Start-AzureStorageBlobCopy.
C. Copy blobs to Container2 by using the Put Blob operation of the Blob Service REST API.
D. Use AzCopy with the Snapshot switch blobs to Container2.
Answer: B
Explanation:
The Start-AzureStorageBlobCopy cmdlet starts to copy a blob. Example 1: Copy a named blob
C:\PS>Start-AzureStorageBlobCopy -SrcBlob "ContosoPlanning2015" -DestContainer "ContosoArchives" -SrcContainer "ContosoUploads"
This command starts the copy operation of the blob named ContosoPlanning2015 from the container named ContosoUploads to the container named
ContosoArchives.
References:
https://docs.microsoft.com/en-us/powershell/module/azure.storage/start-azurestorageblobcopy?view=azurermps-6.13.0
NEW QUESTION 272

- (Topic 8)
Solution: Configure the app to use an App Service hosting plan and enable the Always On setting.
A. Yes
B. No
Answer: B
Explanation:
response.

HTTP trigger payload into a queue to be processed by a queue trigger function. This approach lets you defer the actual work and return an immediate response.
Reference:
NEW QUESTION 273

- (Topic 8)
You are preparing to deploy an ASP.NET Core website to an Azure Web App from a GitHub repository. The website includes static content generated by a script.
You plan to use the Azure Web App continuous deployment feature.
You need to run the static generation script before the website starts serving traffic. What are two possible ways to achieve this goal? Each correct answer
presents a
complete solution.
A. Create a file named .deployment in the root of the repository that calls a script which generates the static content and deploys the website.
B. Add a PreBuild target in the websites csproj project file that runs the static content generation script.
C. Create a file named run.cmd in the folder /run that calls a script which generates the static content and deploys the website.
D. Add the path to the static content generation tool to WEBSITE_RUN_FROM_PACKAGE setting in the host.json file.
Answer: AD
Explanation:
A: To customize your deployment, include a .deployment file in the repository root.
You just need to add a file to the root of your repository with the name .deployment and the content:
[config]
command = YOUR COMMAND TO RUN FOR DEPLOYMENT
this command can be just running a script (batch file) that has all that is required for your deployment, like copying files from the repository to the web root directory
for example.
D: In Azure, you can run your functions directly from a deployment package file in your function app. The other option is to deploy your files in the
d:\home\site\wwwroot directory of your function app (see A above).
To enable your function app to run from a package, you just add a WEBSITE_RUN_FROM_PACKAGE setting to your function app settings.
Note: The host.json metadata file contains global configuration options that affect all functions for a function app.
References:
https://github.com/projectkudu/kudu/wiki/Custom-Deployment-Script
https://docs.microsoft.com/bs-latn-ba/azure/azure-functions/run-functions-from- deployment-package
NEW QUESTION 276

HOTSPOT - (Topic 8)
An organization deploys a Mob storage account. Users take multiple snapshots of the blob storage account over time.
You need to delete all snapshots or the blob storage account. You must not delete the blob storage account itself.
How should you complete the code segment? To answer select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 281

- (Topic 8)
You are developing applications for a company. You plan to host the applications on Azure App Services.
The company has the following requirements:
? Every five minutes verify that the websites are responsive.
? Verify that the websites respond within a specified time threshold. Dependent requests such as images and JavaScript files must load properly.
? Generate alerts if a website is experiencing issues.
? If a website fails to load, the system must attempt to reload the site three more times.
You need to implement this process with the least amount of effort. What should you do?

D18912E1457D5D1DDCBD40AB3BF70D5D
A. Create a Selenium web test and configure it to run from your workstation as a scheduled task.
B. Set up a URL ping test to query the home page.
C. Create an Azure function to query the home page.
D. Create a multi-step web test to query the home page.
E. Create a Custom Track Availability Test to query the home page.
Answer: D
Explanation:
You can monitor a recorded sequence of URLs and interactions with a website via multistep web tests.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/availability-multistep
NEW QUESTION 286

......

Thank You for Trying Our Product
We offer two products:
1st - We have Practice Tests Software with Actual Exam Questions
2nd - Questons and Answers in PDF Format
AZ-204 Practice Exam Features:
* AZ-204 Questions and Answers Updated Frequently
* AZ-204 Practice Questions Verified by Expert Senior Certified Staff
* AZ-204 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* AZ-204 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year
100% Actual & Verified — Instant Download, Please Click

Order The AZ-204 Practice Test Here

Powered by TCPDF (www.tcpdf.org)

Az-204 4

Uploaded by

Copyright:

Available Formats

Az-204 4

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Az-204 4

Uploaded by

Copyright:

Available Formats

Recommend!!

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Ensure each road has a unique connection string.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Configure Azure Redis with rob persistence

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. new Container(EndpointUri, PrimaryKey);

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Choose between the following values of the attribute:

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Step 1: Create a Log Analytics workspace

A. Azure HPC cache

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

The user name and password for the registry isadmin.

A. Add Azure Monitor alert processing rules to suppress notifications.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

B. Create an Azure Monitor Metric Alert.

A. Azure Storage Queue

A. Azure Private Link

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. HTTP response code

NEW QUESTION 100

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 105

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 108

NEW QUESTION 113

NEW QUESTION 115

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

You define a role named SysAdmin.

NEW QUESTION 116

NEW QUESTION 120

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 123

A. In Python, implement the class: TaskAddParameter

NEW QUESTION 125

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 129

NEW QUESTION 132

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 134

A. Verify that Always On is enabled.

NEW QUESTION 135

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 136

NEW QUESTION 139

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 143

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

You need to resolve the issue.

NEW QUESTION 146