AZ-204 無料問題集「Microsoft Developing Solutions for Microsoft Azure」
An organization deploys a Mob storage account. Users take multiple snapshots of the blob storage account over time.
You need to delete all snapshots or the blob storage account. You must not delete the blob storage account itself.
How should you complete the code segment? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to delete all snapshots or the blob storage account. You must not delete the blob storage account itself.
How should you complete the code segment? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to the service consistently.
You have the following requirements:
* Queue size must not grow larger than 80 gigabytes (GB).
* Use first-in-first-out (FIFO) ordering of messages.
* Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Storage Queue from the mobile application. Create an Azure VM that is triggered from Azure Storage Queue events.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to the service consistently.
You have the following requirements:
* Queue size must not grow larger than 80 gigabytes (GB).
* Use first-in-first-out (FIFO) ordering of messages.
* Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Storage Queue from the mobile application. Create an Azure VM that is triggered from Azure Storage Queue events.
Does the solution meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You develop a gateway solution for a public facing news API. The news API back end is implemented as a RESTful service and uses an OpenAPI specification.
You need to ensure that you can access the news API by using an Azure API Management service instance.
Which Azure PowerShell command should you run?
You need to ensure that you can access the news API by using an Azure API Management service instance.
Which Azure PowerShell command should you run?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You are designing a multi-tiered application that will be hosted on Azure virtual machines. The virtual machines will run Windows Server. Front-end servers will be accessible from the Internet over port 443. The other servers will NOT be directly accessible over the internet You need to recommend a solution to manage the virtual machines that meets the following requirement
* Allows the virtual machine to be administered by using Remote Desktop.
* Minimizes the exposure of the virtual machines on the Internet Which Azure service should you recommend?
* Allows the virtual machine to be administered by using Remote Desktop.
* Minimizes the exposure of the virtual machines on the Internet Which Azure service should you recommend?
正解:D
解答を投票する
You are developing an Azure Durable Function to manage an online ordering process.
The process must call an external API to gather product discount information.
You need to implement Azure Durable Function.
Which Azure Durable Function types should you use? Each correct answer presents part of the solution NOTE: Each correct selection is worth ore point
The process must call an external API to gather product discount information.
You need to implement Azure Durable Function.
Which Azure Durable Function types should you use? Each correct answer presents part of the solution NOTE: Each correct selection is worth ore point
正解:B、C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You are developing applications for a company. You plan to host the applications on Azure App Services.
The company has the following requirements:
* Every five minutes verify that the websites are responsive.
* Verify that the websites respond within a specified time threshold. Dependent requests such as images and JavaScript files must load properly.
* Generate alerts if a website is experiencing issues.
* If a website fails to load, the system must attempt to reload the site three more times.
You need to implement this process with the least amount of effort.
What should you do?
D18912E1457D5D1DDCBD40AB3BF70D5D
The company has the following requirements:
* Every five minutes verify that the websites are responsive.
* Verify that the websites respond within a specified time threshold. Dependent requests such as images and JavaScript files must load properly.
* Generate alerts if a website is experiencing issues.
* If a website fails to load, the system must attempt to reload the site three more times.
You need to implement this process with the least amount of effort.
What should you do?
D18912E1457D5D1DDCBD40AB3BF70D5D
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You are working for Contoso, Ltd.
You define an API Policy object by using the following XML markup:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You define an API Policy object by using the following XML markup:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: Yes
Use the set-backend-service policy to redirect an incoming request to a different backend than the one specified in the API settings for that operation. Syntax: <set-backend-service base-url="base URL of the backend service" /> Box 2: No The condition is on 512k, not on 256k.
Box 3: No
The set-backend-service policy changes the backend service base URL of the incoming request to the one specified in the policy.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-transformation-policies
You are developing an Azure Web App. You configure TLS mutual authentication for the web app.
You need to validate the client certificate in the web app. To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to validate the client certificate in the web app. To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Accessing the client certificate from App Service.
If you are using ASP.NET and configure your app to use client certificate authentication, the certificate will be available through the HttpRequest.ClientCertificate property. For other application stacks, the client cert will be available in your app through a base64 encoded value in the "X-ARR-ClientCert" request header.
Your application can create a certificate from this value and then use it for authentication and authorization purposes in your application.
References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth
You have an Azure Cosmos 06 instance that uses the Strong consistency level and 10,000 Request Units (RUs) per container. <3eo-replication is enabled.
The instance stores restaurant information including location, menu items, and start. You currently store information for 1,000 restaurant locations, 500 menu items, and 10,000 staff members. You select the location id as the partition key.
How many logical partitions will be created for the container?
The instance stores restaurant information including location, menu items, and start. You currently store information for 1,000 restaurant locations, 500 menu items, and 10,000 staff members. You select the location id as the partition key.
How many logical partitions will be created for the container?
正解:B
解答を投票する
You are developing an application to store and retrieve data in Azure Blob storage. The application will be hosted in an on-premises virtual machine (VM). The VM is connected to Azure by using a Site-to-Site VPN gateway connection. The application is secured by using Azure Active Directory (Azure AD) credentials.
The application must be granted access to the Azure Blob storage account with a start time, expiry time, and read permissions. The Azure Blob storage account access must use the Azure AD credentials of the application to secure data access. Data access must be able to be revoked if the client application security is breached.
You need to secure the application access to Azure Blob storage.
Which security features should you use? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
The application must be granted access to the Azure Blob storage account with a start time, expiry time, and read permissions. The Azure Blob storage account access must use the Azure AD credentials of the application to secure data access. Data access must be able to be revoked if the client application security is breached.
You need to secure the application access to Azure Blob storage.
Which security features should you use? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: Shared access signature (SAS) token
When your application design requires shared access signatures for access to Blob storage, use Azure AD credentials to create a user delegation SAS when possible for superior security.
Box 2: Stored access policy
Stored access policies give you the option to revoke permissions for a service SAS without having to regenerate the storage account keys.
A shared access signature can take one of the following two forms:
* Service SAS with stored access policy. A stored access policy is defined on a resource container, which can be a blob container, table, queue, or file share. The stored access policy can be used to manage constraints for one or more service shared access signatures. When you associate a service SAS with a stored access policy, the SAS inherits the constraints - the start time, expiry time, and permissions - defined for the stored access policy.
* Ad hoc SAS.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level. You need to configure authorization.
Solution: Configure the Azure Web App for the website to allow only authenticated requests and require Azure AD log on.
Does the solution meet the goal?
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level. You need to configure authorization.
Solution: Configure the Azure Web App for the website to allow only authenticated requests and require Azure AD log on.
Does the solution meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
You are developing and deploying several ASP.NET web applications to Azure App Service. You plan to save session state information and HTML output.
You must use a storage mechanism with the following requirements:
* Share session state across all ASP.NET web applications.
* Support controlled, concurrent access to the same session state data for multiple readers and a single writer.
* Save full HTTP responses for concurrent requests.
You need to store the information.
Solution: Enable Application Request Routing (ARR).
Does the solution meet the goal?
You are developing and deploying several ASP.NET web applications to Azure App Service. You plan to save session state information and HTML output.
You must use a storage mechanism with the following requirements:
* Share session state across all ASP.NET web applications.
* Support controlled, concurrent access to the same session state data for multiple readers and a single writer.
* Save full HTTP responses for concurrent requests.
You need to store the information.
Solution: Enable Application Request Routing (ARR).
Does the solution meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You plan to deploy a new application to a Linux virtual machine (VM) that is hosted in Azure.
The entire VM must be secured at rest by using industry-standard encryption technology to address organizational security and compliance requirements.
You need to configure Azure Disk Encryption for the VM.
How should you complete the Azure Cli commands? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
The entire VM must be secured at rest by using industry-standard encryption technology to address organizational security and compliance requirements.
You need to configure Azure Disk Encryption for the VM.
How should you complete the Azure Cli commands? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: keyvault
Create an Azure Key Vault with az keyvault create and enable the Key Vault for use with disk encryption.
Specify a unique Key Vault name for keyvault_name as follows:
keyvault_name=myvaultname$RANDOM
az keyvault create \
--name $keyvault_name \
--resource-group $resourcegroup \
--location eastus \
--enabled-for-disk-encryption True
Box 2: keyvault key
The Azure platform needs to be granted access to request the cryptographic keys when the VM boots to decrypt the virtual disks. Create a cryptographic key in your Key Vault with az keyvault key create. The following example creates a key named myKey:
az keyvault key create \
--vault-name $keyvault_name \
--name myKey \
--protection software
Box 3: vm
Create a VM with az vm create. Only certain marketplace images support disk encryption. The following example creates a VM named myVM using an Ubuntu 16.04 LTS image:
az vm create \
--resource-group $resourcegroup \
--name myVM \
--image Canonical:UbuntuServer:16.04-LTS:latest \
--admin-username azureuser \
--generate-ssh-keys \
Box 4: vm encryption
Encrypt your VM with az vm encryption enable:
az vm encryption enable \
--resource-group $resourcegroup \
--name myVM \
--disk-encryption-keyvault $keyvault_name \
--key-encryption-key myKey \
--volume-type all
Note: seems to an error in the question. Should have enable instead of create.
Box 5: all
Encrypt both data and operating system.
References:
https://docs.microsoft.com/bs-latn-ba/azure/virtual-machines/linux/encrypt-disks
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Use the Reader role-based access control (RBAC) role to authenticate the VM with Azure Resource Manager.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Use the Reader role-based access control (RBAC) role to authenticate the VM with Azure Resource Manager.
Does the solution meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You are developing an Azure Function app.
The Azure Function app must enable a WebHook to read an image from Azure Blob Storage and create a new Azure Cosmos DB document.
You need to implement the Azure Function app.
Which configuration should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
The Azure Function app must enable a WebHook to read an image from Azure Blob Storage and create a new Azure Cosmos DB document.
You need to implement the Azure Function app.
Which configuration should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You develop an Azure App Service web app and deploy to a production environment. You enable Application Insights for the web app.
The web app is throwing multiple exceptions in the environment.
You need to examine the state of the source code and variables when the exceptions are thrown.
Which Application Insights feature should you configure?
The web app is throwing multiple exceptions in the environment.
You need to examine the state of the source code and variables when the exceptions are thrown.
Which Application Insights feature should you configure?
正解:A
解答を投票する