Microsoft 70-533 Online Practice Questions and Exam Preparation

Microsoft 70-533 Online Questions & Answers

• Question 111:

  A company deploys Microsoft SQL Server on an Azure DS3_V2_ Standard virtual machine (VM).

  You need to modify the disk caching policy.

  Which Azure PowerShell cmdlet should you run?

  A. Set-AzureRmVmOperatingSystem
  B. Set-AzureRmVmOSDisk
  C. Update-AzureDisk
  D. Set-AzureRmVm
  B. Set-AzureRmVmOSDisk

  ---

  The Set-AzureRmVMOSDisk cmdlet modifies properties of a virtual machine system disk.

  Syntax:

  Set-AzureRmVMOSDisk

  [-VM]

  [-Lun]

  [[-Caching] ]

  [[-DiskSizeInGB] ]

  []

  The -caching parameter specifies the caching mode of the disk. The acceptable values for this parameter are:

  

  ReadOnly

  

  ReadWrite

  The default value is ReadWrite. Changing this value causes the virtual machine to restart.

  Incorrect Answers:

  A: The Set-AzureRmVMOperatingSystem cmdlet sets operating system properties for a virtual machine. You can specify logon credentials, computer name, and operating system type.

  C: The Update-AzureDisk cmdlet changes the label that is associated with a disk in the disk repository of the current Azure subscription.

  D: The Set-AzureRmVM cmdlet marks a virtual machine as generalized References: https://docs.microsoft.com/en-us/powershell/module/azurerm.compute/set-azurermvmosdisk?view=azurermps-6.3.0

• Question 112:

  HOTSPOT

  You manage an Azure Service Bus for your company. You plan to enable access to the Azure Service Bus for an application named ContosoLOB.

  You need to create a new shared access policy for subscriptions and queues that has the following requirements:

  In the table below, identify the permission you need to assign to ensure that ContosoLOB is able to accomplish the above requirements. Make only one selection in each column.

  Hot Area:

  

  

  ---

  For Service Bus, the three permission claims are ‘Send’ for all send operations, ‘Listen’ to open up listeners or receive messages, and ‘Manage’ to observe or manage the state of the Service Bus tenant.

  To receive a message from a queue we need to have Listen access level.

  To numerate subscriptions, we need to have the manage access level.

  References:

  http://msdn.microsoft.com/en-us/library/azure/hh403962.aspx

• Question 113:

  You administer an Azure Web Site named contoso. You create a job named Cleanlogs.cmd that will be executed manually, twice a week.

  You need to deploy the job.

  To which folder location should you deploy CleanLogs.cmd?

  A. ./App_Code/jobs/triggered/cleanLogs/CleanLogs.cmd
  B. ./App_Data/jobs/triggered/clean Logs/CleanLogs.cmd
  C. ./App_Code/jobs/continuous/cleanLogs/CleanLogs.cmd
  D. ./App_Data/jobs/continuous/cleanLogs/CleanLogs.cmd
  B. ./App_Data/jobs/triggered/clean Logs/CleanLogs.cmd

  ---

  A WebJob is stored under the following directory in your site:

  site\wwwroot\App_Data\jobs\{job type}\{job name}

  Where {job type} can be either continuous for a job that is always running or triggered for a job that starts from an external trigger (on demand / scheduler).

  http://blog.amitapple.com/post/74215124623/deploy-azure-webjobs/#.VDZam_mSx8E

• Question 114:

  You are the Azure administrator for Contoso Ltd. You plan to use SharePoint Online to facilitate collaboration with a partner company named Fabrikam, Inc.

  You have the following collaboration requirements:

  You need to configure SharePoint Online.

  Which configuration setting should you use? To answer, select the appropriate options in the answer area.

  Hot Area:

  

  

  ---

  References: https://support.office.com/en-us/article/Manage-external-sharing-for-your-SharePoint-Online-environment-c8a462eb-0723-4b0b-8d0a-70feafe4be85#__turn_external_sharing https://support.office.com/en-us/article/Restricted-Domains-Sharing-in-Office-365-SharePoint-Online-and-OneDrive-for-Business-5d7589cd-0997-4a00-a2ba-2320ec49c4e9

• Question 115:

  You are the administrator for three Azure subscriptions named Dev, Test, and Prod.

  Your Azure PowerShell profile is configured with the Dev subscription as the default.

  You need to create a new virtual machine in the Test subscription by using the least administrative effort.

  Which PowerShell command should you use?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A

  ---

  This command makes Test the current subscription.

  C:\PS> Select-AzureSubscription -SubscriptionName Test -Current

  References: http://msdn.microsoft.com/en-us/library/dn722499.aspx

• Question 116:

  You manage an Azure Active Directory (AD) tenant

  You plan to allow users to log in to a third-party application by using their Azure AD credentials.

  To access the application, users will be prompted for their existing third-party user names and passwords.

  You need to add the application to Azure AD.

  Which type of application should you add?

  A. Existing Single Sign-On with identity provisioning
  B. Password Single Sign-On with identity provisioning
  C. Existing Single Sign-On without identity provisioning
  D. Password Single Sign-On without identity provisioning
  D. Password Single Sign-On without identity provisioning

  ---

  Configuring password-based single sign-on enables the users in your organization to be automatically signed in to a third-party SaaS application by Azure AD using the user account information from the third-party SaaS application. When you

  enable this feature, Azure AD collects and securely stores the user account information and the related password.

  https://azure.microsoft.com/en-gb/documentation/articles/active-directory-appssoaccess-whatis/

• Question 117:

  You administer an Azure Storage account with a blob container. You enable Storage account logging for read, write and delete requests.

  You need to reduce the costs associated with storing the logs.

  What should you do?

  A. Execute Delete Blob requests over https.
  B. Create an export job for your container.
  C. Set up a retention policy.
  D. Execute Delete Blob requests over http.
  C. Set up a retention policy.

  ---

  To ease the management of your logs, we have provided the functionality of retention policy which will automatically cleanup `old' logs without you being charged for the cleanup. It is recommended that you set a retention policy for logs such that your analytics data will be within the 20TB limit allowed for analytics data (logs and metrics combined). http://blogs.msdn.com/b/windowsazurestorage/archive/2011/08/03/windows-azure-storage-logging-using-logs-to-track-storage-requests.aspx

• Question 118:

  You manage a cloud service that has a web application named WebRole1. WebRole1 writes error messages to the Windows Event Log.

  Users report receiving an error page with the following message: "Event 26 has occurred. Contact your system administrator."

  You need to access the WebRole1 event log.

  Which three actions should you perform? Each correct answer presents part of the solution.

  A. Enable verbose monitoring.
  B. Update the WebRole1 web.config file.
  C. Update the cloud service definition file and the service configuration file.
  D. Run the Set-AzureVMDiagnosticsExtensionPowerShell cmdlet.
  E. Run the Enable-AzureWebsiteApplicationDiagnostic PowerShell cmdlet.
  F. Create a storage account.
  A. Enable verbose monitoring.
  C. Update the cloud service definition file and the service configuration file.
  F. Create a storage account.

  ---

  AF: You can monitor key performance metrics for your cloud services in the Azure Management Portal. You can set the level of monitoring to minimal and verbose for each service role, and can customize the monitoring displays. Verbose monitoring data is stored in a storage account, which you can access outside the portal.

  C: The service configuration file specifies the number of role instances to deploy for each role in the service, the values of any configuration settings, and the thumbprints for any certificates associated with a role. If the service is part of a

  Virtual Network, configuration information for the network must be provided in the service configuration file, as well as in the virtual networking configuration file. The default extension for the service configuration file is .cscfg.

  The service definition file defines the service model for an application. The file contains the definitions for the roles that are available to a cloud service, specifies the service endpoints, and establishes configuration settings for the service.

  http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-monitor/

  http://msdn.microsoft.com/en-us/library/azure/ee758710.aspx

  http://msdn.microsoft.com/en-us/library/azure/ee758711.aspx

• Question 119:

  A company has an existing on-premises Active Directory environment that is synchronized using DirSync. They plan to transition the DirSync deployment to Azure Active Directory (Azure AD) Connect.

  You need to identify a transition path for the company.

  What should you do?

  A. Install a new on-premises domain controller.
  B. Create a new Azure AD instance.
  C. Upgrade the on-premises Active Directory Domain Service (AD DS) forest functional level to Windows Server 2016.
  D. Deploy Azure AD Connect in parallel.
  D. Deploy Azure AD Connect in parallel.

  ---

  References: https://docs.microsoft.com/gl-es/azure/active-directory/connect/active-directory-aadconnect-dirsync-deprecated#how-to-transition-to-azure-ad-connect

• Question 120:

  Your company has recently signed up for Azure.

  You plan to register a Data Protection Manager (DPM) server with the Azure Backup service.

  You need to recommend a method for registering the DPM server with the Azure Backup vault.

  What are two possible ways to achieve this goal? Each correct answer presents a complete solution.

  A. Import a self-signed certificate created using the makecert tool.
  B. Import a self-signed certificate created using the createcert tool.
  C. Import an X.509 v3 certificate with valid clientauthentication EKU.
  D. Import an X.509 v3 certificate with valid serverauthentication EKU.
  A. Import a self-signed certificate created using the makecert tool.
  C. Import an X.509 v3 certificate with valid clientauthentication EKU.

  ---

  A: You can create a self-signed certificate using the makecert tool, or use any valid SSL certificate issued by a Certification Authority (CA) trusted by Microsoft, whose root certificates are distributed via the Microsoft Root Certificate Program.

  C: The certificate must have a valid Client Authentication EKU.

  You can create a self-signed client certificate by using the Makecert.exe command-line utility.

  References: https://www.techveze.com/configuring-windows-azure-backup/