2018 Updated Lead2pass Microsoft 70-534 Exam Questions:
Resources must authenticate to an identity provider.
You need to configure the Azure Access Control service.
What should you recommend? To answer, select the appropriate responses for each requirement in the answer area.
* Token – A user gains access to an RP application by presenting a valid token that was issued by an authority that the RP application trusts.
* Identity Provider (IP) – An authority that authenticates user identities and issues security tokens, such as Microsoft account (Windows Live ID), Facebook, Google, Twitter, and Active Directory. When Azure Access Control (ACS) is configured to trust an IP, it accepts and validates the tokens that the IP issues. Because ACS can trust multiple IPs at the same time, when your application trusts ACS, you can your application can offer users the option to be authenticated by any of the IPs that ACS trusts on your behalf.
How to Authenticate Web Users with Azure Active Directory Access Control
Box 2: WS-Trust is a web service (WS-*) specification and Organization for the Advancement of Structured Information Standards (OASIS) standard that deals with the issuing, renewing, and validating of security tokens, as well as with providing ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange. Azure Access Control (ACS) supports WS-Trust 1.3.
ACS does not support Kerberos.
Protocols Supported in ACS
Drag and Drop Question
Contoso, Ltd., uses Azure websites for their company portal sites.
Admin users need enough access to effectively perform site monitoring or management tasks. You need to grant admin access to a group of 10 users.
How should you configure the connection? To answer, drag the role or object to the correct connection setting. Each item may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
RBAC and Azure Websites Publishing
Drag and Drop Question
You are migrating Active Directory Domain Services (AD DS) domains to Azure.
You need to recommend the least complex directory synchronization solution.
What should you recommend? To answer, drag the appropriate solution to the correct client requirement. Each solution may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Drag and Drop Question
You have a web application on Azure.
The web application does not employ Secure Sockets Layer (SSL).
You need to enable SSL for your production deployment web application on Azure.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You are designing a plan for testing a Windows Azure service.
The service runs in the development fabric but fails on Windows Azure.
You need to recommend an approach for identifying errors that occur when the service runs on Windows Azure.
What should you recommend?
A. Attach a debugger to the Windows Azure role instance.
B. Analyze debugging information captured by Windows Azure Diagnostics.
C. Modify the service configuration for the Windows Azure role to access development storage.
D. Analyze debugging information written to the output window of the Windows Azure role instance.
You are designing a Windows Azure web application.
The application will be accessible at a standard cloudapp.net URL.
You need to recommend a DNS resource record type that will allow you to configure access to the application through a custom domain name.
Which type should you recommend?
You are designing a plan to migrate an existing application to Windows Azure. The application currently resides on a server that has 20 GB of hard disk space. You need to recommend the smallest compute instance size that provides local storage equivalent to that of the existing server.
Which size should you recommend?
An application currently resides on an on-premises virtual machine that has 2 CPU cores, 4 GB of RAM, 20 GB of hard disk space, and a 10 megabit/second network connection.
You plan to migrate the application to Azure.
You have the following requirements:
– You must not make changes to the application.
– You must minimize the costs for hosting the application.
You need to recommend the appropriate virtual machine instance type.
Which virtual machine tier should you recommend?
A. Network Optimized (A Series)
B. General Purpose Compute, Basic Tier (A Series)
C. General Purpose Compute, Standard Tier (A Series)
D. Optimized Compute (D Series)
General purpose compute: Basic tier
An economical option for development workloads, test servers, and other applications that don’t require load balancing, auto-scaling, or memory-intensive virtual machines.
CPU core range: 1-8
RAM range: 0.75 – 14 GB
Disk size: 20-240 GB
Not A: Network optimized: fast networking with InfiniBand support Available in select data centers. A8 and A9 virtual machines feature Intel® Xeon® E5 processors. Adds a 40Gbit/s InfiniBand network with remote direct memory access (RDMA) technology. Ideal for Message Passing Interface (MPI) applications, high-performance clusters, modeling and simulations, video encoding, and other compute or network intensive scenarios.
Not C: CPU core range: 1-8
RAM range: 0.75 – 56 GB
Disk size: 20-605 GB
Not D: D-series virtual machines feature solid state drives (SSDs) and 60% faster processors than the A-series and are also available for web or worker roles in Azure Cloud Services. This series is ideal for applications that demand faster CPUs, better local disk performance, or higher memories.
Virtual Machines Pricing. Launch Windows Server and Linux in minutes
You are designing an Azure web application that includes many static content files.
The application is accessed from locations all over the world by using a custom domain name.
You need to recommend an approach for providing access to the static content with the least amount of latency,
Which two actions should you recommend? Each correct answer presents part of the solution.
A. Place the static content in Azure Table storage.
B. Configure a CNAME DNS record for the Azure Content Delivery Network (CDN) domain.
C. Place the static content in Azure Blob storage.
D. Configure a custom domain name that is an alias for the Azure Storage domain.
B: There are two ways to map your custom domain to a CDN endpoint.
1. Create a CNAME record with your domain registrar and map your custom domain and subdomain to the CDN endpoint
2. Add an intermediate registration step with Azure cdnverify
C: The Azure Content Delivery Network (CDN) offers developers a global solution for delivering highbandwidth content by caching blobs and static content of compute instances at physical nodes in the United States, Europe, Asia, Australia and South America.
The benefits of using CDN to cache Azure data include:
/ Better performance and user experience for end users who are far from a content source, and are using applications where many ‘internet trips’ are required to load content
/ Large distributed scale to better handle instantaneous high load, say, at the start of an event such as a product launch
Using CDN for Azure
How to map Custom Domain to Content Delivery Network (CDN) endpoint
You are designing an Azure development environment.
Team members learn Azure development techniques by training in the development environment.
The development environment must auto scale and load balance additional virtual machine (VM) instances.
You need to recommend the most cost-effective compute-instance size that allows team members to work with Azure in the development environment.
What should you recommend?
A. Azure A1 standard VM Instance
B. Azure A2 basic VM Instance
C. Azure A3 basic VM Instance
D. Azure A9 standard VM Instance
Azure A1 standard VM Instance would be cheapest with 1 CPU core, 0.75 GB RAM, and 40 GB HD. It would be good enough for training purposes.
Virtual Machines Pricing, Launch Windows Server and Linux in minutes
70-534 dumps full version (PDF&VCE): https://www.lead2pass.com/70-534.html
Large amount of free 70-534 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDaTBTRVp4SktqMXM
You may also need:
70-532 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDbm1XNUxwQUYwaWM
70-533 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDclh4YVRORS1vaHc