70-534日本語 無料問題集「Microsoft Architecting Microsoft Azure Solutions (70-534日本語版)」
HOTSPOT
正解:
Explanation:
Box 1:
* Token - A user gains access to an RP application by presenting a valid token that was issued by an authority that the RP application trusts.
* Identity Provider (IP) - An authority that authenticates user identities and issues security tokens, such as Microsoft account (Windows Live ID), Facebook, Google, Twitter, and
Active Directory. When Azure Access Control (ACS) is configured to trust an IP, it accepts and validates the tokens that the IP issues. Because ACS can trust multiple IPs at the same time, when your application trusts ACS, you can your application can offer users the option to be authenticated by any of the IPs that ACS trusts on your behalf.
Box 2: WS-Trust is a web service (WS-*) specification and Organization for the
Advancement of Structured Information Standards (OASIS) standard that deals with the issuing, renewing, and validating of security tokens, as well as with providing ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange. Azure Access Control (ACS) supports WS-Trust 1.3.
Incorrect:ACS does not support Kerberos.
References:
DRAG DROP
of:Server=tcp:samplel.database.windows.net,1433;Database=NewDB;UserID=User@sam plel;Password=Passwordl;Trusted_Connection=False;Encrypt=True;Connec tion
Timeout=30;.
of:Server=tcp:samplel.database.windows.net,1433;Database=NewDB;UserID=User@sam plel;Password=Passwordl;Trusted_Connection=False;Encrypt=True;Connec tion
Timeout=30;.
正解:
Explanation:
References: https://docs.microsoft.com/en-us/cli/azure/get-started-with-azure-cli
DRAG DROP
正解:
Explanation:
* Azure Rights Management service
Azure Rights Management service uses encryption, identity, and authorization policies to help secure your files and email, and it works across multiple devices-phones, tablets, and PCs. Information can be protected both within your organization and outside your organization because that protection remains with the data, even when it leaves your organization's boundaries.
* Transparent Data Encryption
Transparent Data Encryption (often abbreviated to TDE) is a technology employed by both
Microsoft and Oracle to encrypt database files. TDE offers encryption at file level. TDE solves the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media.
* TLS/SSL
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to negotiate a symmetric key.
References: https://technet.microsoft.com/en-us/library/jj585004.aspx
http://en.wikipedia.org/wiki/Transparent_Data_Encryption
http://en.wikipedia.org/wiki/Transport_Layer_Security
DRAG DROP
Drag and Drop Question
Drag and Drop Question
正解:
Explanation:
Box 1: <InputEndpoint name="Endpoint1 protocol="http" port="80 />
Contosoweb can be accessed over the Internet by using http.
Box 2: <InputEndpoint name="Endpoint1 protocol="tcp" port="5001 />
Contosoimagepurge can only be accessed through tcp port 5001 from contosoweb.
Box 3: < RoleEndpoint endpointName="Endpoint1 roleName="contosoimagepurge"/>
/Destinations>
WhenSource matches="AnyRule">
FromRole roleName="contosoweb"/>
/WhenSource>
