Premium

Microsoft Certified: Azure Solutions Architect Expert Certification Questions and Answer (Dumps and Practice Questions)



Question : Your role of Systems Administrator at ABC.com includes the management of the company's private and public clouds. The private clouds are hosted in a data center at the
company's headquarters. A physical server named TK-SQL1 runs Windows Server 2012 and SQL Server 2012. TK-SQL1 is hosted in the datacenter.
You have an application that runs in Azure Cloud Services. The cloud service consists of two A1 virtual machine instances.
The application copies data to a SQL Server database hosted on TK-SQL1. Users complain that the application runs slowly when it is copying data to TK-SQL1. You want to reduce the
time it takes the application to copy data to TK-SQL1. Which of the following actions should you perform?

: Your role of Systems Administrator at ABC.com includes the management of the company's private and public clouds. The private clouds are hosted in a data center at the
1. Allocate additional processors to the virtual machines.
2. Deploy the application as two A3 instances.
3. Deploy the application as two A0 instances.
4. Deploy a third A1 instance of the application.


Correct Answer : 2
Explanation: Basic Compute Tier: This new tier of compute instances is similar in configuration to the Standard tier with lower prices. These instances do not include
load balancer and auto-scaling. They are well-suited for single instance production applications, development workloads, test servers and batch processing applications that might not
require these features. The basic compute tier is currently available only for the General Purpose Instances. These instances range from Basic A0 to Basic A4.

Standard Compute Tier: This tier of compute instances provides an optimal set of compute, memory and I/O resources for running a wide array of applications. These instances include
both auto-scaling and load balancing capabilities at no additional cost. The standard compute tier is available across General Purpose, Memory Intensive and Compute Intensive
instances. These instances range from Standard A0 to Standard A7.

There are several important advantages to hosting your SQL Server infrastructure on a Windows Azure Virtual Machine. First, you have no capital costs for storage or hardware, along
with no ongoing maintenance of the storage or hardware. Second, you have no OS or SQL Server license costs (when you use a SQL image from the standard Azure VM gallery). Third, you
can create a new Azure VM that already has SQL Server installed in a few minutes (even though it may take a little longer to completely configure the OS and the SQL Server instance
to your exact requirements). Going forward, it will still be up to you to install Windows and SQL Server updates, but you won't have to worry about things like firmware, BIOS, or
driver updates.






Question : You work as a network administrator at ABC.com. The corporate network consists of physical and virtual servers located in a datacenter and a public cloud hosted on
Microsoft Azure.The company has a Development department. Users in the Development department develop custom applications that are used within the company. One custom application is
named CorpApp1. The application is hosted in Azure Cloud Services. The developers release an updated version of CorpApp1. You need to deploy the updated version of CorpApp1 to Azure
cloud services for a period of time to allow for testing. During testing, the current version of CorpApp1 must remain online. After testing, the new version must replace the current
version as the live version with the minimum amount of downtime. When the new version is live, the old version must remain available for a period of time to be redeployed in the
event of problems with the new version. The solution must minimize costs, administrative effort and application downtime. Which of the following actions should you perform? (Choose
all that apply)

A. Deploy the new application to a new cloud service.
B. Deploy the new application to the production area.
C. Deploy the new application to the staging area.
D. Move the old version of the application to a new cloud service.
E. Perform a Virtual IP swap.

: You work as a network administrator at ABC.com. The corporate network consists of physical and virtual servers located in a datacenter and a public cloud hosted on
1. A,B
2. B,C
3. C,D
4. D,E
5. C,E



Correct Answer : 5
Explanation: The Swap Deployment asynchronous operation initiates a virtual IP address swap between the staging and production deployment environments for a service. If
the service is currently running in the staging environment, it will be swapped to the production environment. If it is running in the production environment, it will be swapped to staging.

If the Swap Deployment operation is specified with deployment names that do not match what is currently in production and staging, status code 409 (Conflict) is returned.
You can swap VIP addresses only if the number of endpoints specified by the service definition is identical for both deployments. For example, if you add an HTTPS endpoint to a web
role that previously exposed only an HTTP endpoint, you cannot upgrade your service by swapping VIP addresses; you must delete your production deployment and redeploy instead. You
can obtain information about endpoints that are used by using the Get Deployment operation.






Question : You work as a network administrator at ABC.com. The corporate network consists of physical and virtual servers located in a datacenter and applications running in
Microsoft Azure Cloud Services.
One new cloud services application has an HTTPS endpoint to provide encrypted access for users.
You need to provide an x.509 certificate to be used by the application for SSL access. How can you ensure that the certificate can be accessed by the application?
: You work as a network administrator at ABC.com. The corporate network consists of physical and virtual servers located in a datacenter and applications running in
1. Redeploy the application package to include the certificate.
2. Upload the certificate to the staging area.
3. Use the management portal to upload the certificate.
4. Use the management portal to upload the public key of the certificate.




Correct Answer : 3
Explanation: To configure SSL for an application, you first need to get an SSL certificate that has been signed by a Certificate Authority (CA), a trusted third-party who
issues certificates for this purpose. If you do not already have one, you will need to obtain one from a company that sells SSL certificates.

The certificate must meet the following requirements for SSL certificates in Azure:

The certificate must contain a private key.
The certificate must be created for key exchange, exportable to a Personal Information Exchange (.pfx) file.
The certificate's subject name must match the domain used to access the cloud service. You cannot obtain an SSL certificate from a certificate authority (CA) for the cloudapp.net
domain. You must acquire a custom domain name to use when access your service. When you request a certificate from a CA the certificate's subject name must match the custom domain
name used to access your application. For example, if your custom domain name is contoso.com you would request a certificate from your CA for *.contoso.com or www.contoso.com.
The certificate must use a minimum of 2048-bit encryption.
For test purposes, you can create and use a self-signed certificate. A self-signed certificate is not authenticated through a CA and can use the cloudapp.net domain as the website
URL. For example, the task below uses a self-signed certificate in which the common name (CN) used in the certificate is sslexample.cloudapp.net.

Next, you must include information about the certificate in your service definition and service configuration files.

Step 2: Modify the service definition and configuration files
Step 3: Upload a certificate
Your deployment package has been updated to use the certificate, and an HTTPS endpoint has been added. Now you can upload the package and certificate to Azure with the Management
Portal.

Log into the Azure Management Portal.
Click on Cloud Services on the left-side navigation pane.
Click on the desired cloud service.
Click on the Certificates tab.

Click the Certificates tab

Click the Upload button.

Upload

Provide the File, Password, then click Complete (the checkmark).



Related Questions

Question : You work for a company named ABC.com. Your role as Cloud Administrator includes the management of the company's Microsoft Azure subscription.
The company has a website hosted in Microsoft Azure Websites. The website is named TK-Portal and is accessed using the URL portal.ABC.com. TK-Portal is running in the shared tier
hosting plan.Portal.ABC.com is used by all company users. Users complain that the portal website runs slowly during peak usage times. You need to configure the website to prevent it
slowing down during peak usage times. Which two of the following actions should you perform?

A. Increase the instance size to Large.
B. Modify the tier of the website.
C. Enable automatic scaling based on CPU utilization.
D. Purchase a new Azure subscription.
E. Add a deployment slot.
 : You work for a company named ABC.com. Your role as Cloud Administrator includes the management of the company's Microsoft Azure subscription.
1. A,B

2. B,C
3. C,D

4. D,E
5. E,F



Question : You work for a company named ABC.com. Your role as Cloud Administrator includes the management of the company's Microsoft Azure subscription.
The company has a website hosted in Microsoft Azure Websites. The website is named CorpSite and is accessed using the URL corp.ABC.com. CorpSite is running in a standard hosting
plan. Users report errors when accessing the website during peak times. You want to view the https logs as they occur during peak times to troubleshoot the issue.
Which of the following PowerShell cmdlets would you use to start log streaming for the http logs?

 : You work for a company named ABC.com. Your role as Cloud Administrator includes the management of the company's Microsoft Azure subscription.
1. Get-AzureWebSiteLog -Name Corpsite -Tail -Path http
2. Get-AzureWebSiteLog -Name http -Tail Corpsite
3. Get-AzureWebSiteLog -String Corpsite -Name http
4. Get-AzureWebSiteLog -Name Corpsite -Output http
5. Get-AzureWebSiteLog -Name Corpsite -Tail -Message http


Question : You work for a company named ABC.com. The company has a branch office in Miami. The Miami branch office has users. Your role as Cloud Administrator includes the
management of the company's Microsoft Azure subscription. The company has a Development department. Developers have created a portal website using ASP .NET 4.0 for the Miami users.
The website will be publicly accessible and used by the Miami users to retrieve customer and product information. The website is currently running in an on-premise test environment.
You plan to host the websites on Azure. You need to determine which Azure web tier plan to host the websites. The web tier plan must meet the following requirements:
.The website will use the Miami.ABC.com URL.
.The website will be deployed to two instances.
.SSL support must be included.
.The website requires 12 GB of storage.
.Costs must be minimized.
Which web tier plan should you use?


 : You work for a company named ABC.com. The company has a branch office in Miami. The Miami branch office has users. Your role as Cloud Administrator includes the
1. Standard
2. Basic
3. Free
4. Shared




Question : : You work as a Network Administrator for ABC.com. The company has a single Active Directory
Domain Services (AD DS) domain named ABC.com. All domain controllers in the ABC.com`domain run Windows Server 2008 R2.
The company has an on-premise Microsoft Exchange 2010 organization and a Lync Server 2010 environment.
The company has recently purchased a Microsoft Office 365 subscription. You plan to migrate to Exchange Online and Lync Online.
You need to configure directory synchronization between the on-premise Active Directory and Azure Active Directory.
The on-premise Active Directory contains many Organizational Units (OUs). Some OUs contain user accounts that are used as service accounts for on-premise services.
You need to configure directory synchronization to enable you to exclude OUs from the synchronization schedule. Which of the following actions should you perform?

 : : You work as a Network Administrator for ABC.com. The company has a single Active Directory
1. Use Active Directory Sites and Services to create Active Directory partitions before configuring DirSync.
2. Run the Set-MsolDirSyncEnabled PowerShell cmdlet after installing DirSync.
3. Run the Remove-MsolServicePrincipal PowerShell cmdlet after installing DirSync.
4. After the installation of Dirsync, run miisclient.exe to create directory partitions.



Question : You work as a Network Administrator for ABC.com. The company has a single Active Directory Domain Services (AD DS) domain named ABC.com.
All domain controllers in the ABC.com domain run Windows Server 2008 R2. The company has an on-premise Microsoft Exchange 2010 organization and a Lync Server 2010 environment.
The company has recently purchased a Microsoft Office 365 subscription. You plan to migrate to Exchange Online and Lync Online. The on-premise Active Directory contains many
Organizational Units (OUs). User accounts are located in multiple OUs.
You have configured Directory Synchronization (DirSync) to synchronize user accounts in selected OUs to Azure Active Directory and performed an initial user account
synchronization. You find some user accounts in OUs that are excluded from synchronization that need to be synchronized to Azure AD. You move the user accounts to an OU
that is included in the synchronization schedule.
You discover that the users are unable to log in to Office 365. You confirm that the user accounts exist in Azure AD.
However, event log error messages indicate a problem with password synchronization for the moved user accounts. How should you resolve the issue?


 : You work as a Network Administrator for ABC.com. The company has a single Active Directory Domain Services (AD DS) domain named ABC.com.
1. Log in to the DirSync server and perform a manual directory synchronization.
2. Run miisclient.exe to modify the directory partitions.
3. Run the Set-FullPasswordSync PowerShell cmdlet and restart the Forefront Identity Manager Synchronization Service service.
4. Run the Set-MsolUser PowerShell cmdlet for each user account that is unable to log in.




Question : You work for a company named ABC.com. Your role as Cloud Administrator includes the management of the company's public and private cloud infrastructure.
You have applications and virtual machines hosted on Windows Azure. One application hosted in Azure provides a web-based portal that is used by users and customers.
The application uses Microsoft Azure Active Directory Access Control and enables users to log in to the application using Microsoft or Google accounts.
You want to enable users to log in to the application by using their Facebook accounts. Which two of the following actions should you perform? (Choose two)
A. Configure Facebook as an identity provider.
B. Install Active Directory Federation Services 2.0 (AD FS 2.0)
C. Obtain a Facebook Application ID and a Facebook Application Secret.
D. Configure Directory Synchronization with Facebook.
E. Configure AD FS 2.0 as an Identity Provider.

 : You work for a company named ABC.com. Your role as Cloud Administrator includes the management of the company's public and private cloud infrastructure.
1. A,B
2. A,C
3. C,D
4. A,E