[Q11-Q20] Lead2pass 70-533 Exam Questions Guarantee 70-533 Certification Exam 100% Success

Lead2pass Free 70-533 Exam Questions Download 100% Pass 70-533 Exam:


You publish an application named MyApp to Azure Active Directory (Azure AD).
You grant access to the web APIs through OAuth 2.0.
MyApp is generating numerous user consent prompts.
You need to reduce the amount of user consent prompts.
What should you do?

A.    Enable Multi-resource refresh tokens.
B.    Enable WS-federation access tokens.
C.    Configure the Open Web Interface for .NET.
D.    Configure SAML 2.0.

Answer: A
When using the Authorization Code Grant Flow, you can configure the client to call multiple resources. Typically, this would require a call to the authorization endpoint for each target service. To avoid multiple calls and multiple user consent prompts, and reduce the number of refresh tokens the client needs to cache, Azure Active Directory (Azure AD) has implemented multi-resource refresh tokens. This feature allows you to use a single refresh token to request access tokens for multiple resources.

QUESTION 12 70-533 Dumps,70-533 Exam Questions,70-533 New Questions,70-533 VCE,70-533 PDF
Your company network includes users in multiple directories.
You plan to publish a software-as-a-service application named SaasApp1 to Azure Active Directory.
You need to ensure that all users can access SaasApp1.
What should you do?

A.    Configure the Federation Metadata URL
B.    Register the application as a web application.
C.    Configure the application as a multi-tenant.
D.    Register the application as a native client application.

Answer: C
* When you get deeper into using Windows Azure Active Directory, you’ll run into new terminology. For instance, is called “directory” is also referred to as a Windows Azure AD Tenant or simply as “tenant.” This stems from the fact that WAAD ()Windows Azure Active Directory is a shared service for many clients. In this service, every client gets its own separate space for which the client is the tenant. In the case of WAAD this space is a directory. This might be a little confusing, because you can create multiple directories, in WAAD terminology multiple tenants, even though you are a single client.
* Multitenant Applications in Azure
A multitenant application is a shared resource that allows separate users, or “tenants,” to view the application as though it was their own. A typical scenario that lends itself to a multitenant application is one in which all users of the application may wish to customize the user experience but otherwise have the same basic business requirements. Examples of large multitenant applications are Office 365, Outlook.com, and visualstudio.com.

QUESTION 13 70-533 Dumps,70-533 Exam Questions,70-533 New Questions,70-533 VCE,70-533 PDF
Drag and Drop Question
You administer an Azure SQL database named contosodb that is running in Standard/Si tier.
The database is in a server named server1 that is a production environment.
You also administer a database server named server2 that is a test environment. Both database servers are in the same subscription and the same region but are on different physical clusters.
You need to copy contosodb to the test environment.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.




QUESTION 14 70-533 Dumps,70-533 Exam Questions,70-533 New Questions,70-533 VCE,70-533 PDF
You are migrating a local virtual machine (VM) to an Azure VM.
You upload the virtual hard disk (VHD) file to Azure Blob storage as a Block Blob.
You need to change the Block 8lob to a page blob.
What should you do?

A.    Delete the Block Blob and re-upload the VHD as a page blob.
B.    Update the type of the blob programmatically by using the Azure Storage .NET SDK.
C.    Update the metadata of the current blob and set the Blob-Type key to Page.
D.    Create a new empty page blob and use the Azure Blob Copy Power Shell cmdlet to copy the current
data to the new blob.

Answer: A
* To copy the data files to Windows Azure Storage by using one of the following methods: AzCopy Tool, Put Blob (REST API) and Put Page (REST API), or Windows Azure Storage Client Library for .NET or a third-party storage explorer tool.
Important: When using this new enhancement, always make sure that you create a page blob not a block blob.
* Azure has two main files storage format:
Page blob: mainly used for vhd’s (CloudPageBlob)
Block Blob: for other files (CloudBlockBlob)

QUESTION 15 70-533 Dumps,70-533 Exam Questions,70-533 New Questions,70-533 VCE,70-533 PDF
You administer a Microsoft Azure SQL Database data base in the US Central region named contosodb. Contosodb runs on a Standard tier within the SI performance level.
You have multiple business-critical applications that use contosodb.
You need to ensure that you can bring contosodb back online in the event of a natural disaster in the US Central region.
You want to achieve this goal with the least amount of downtime.
Which two actions should you perform? Each correct answer presents part of the solution.

A.    Upgrade to S2 performance level.
B.    Use active geo-replication.
C.    Use automated Export.
D.    Upgrade to Premium tier.
E.    Use point in time restore.
F.    Downgrade to Basic tier.

Answer: BD
B: The Active Geo-Replication feature implements a mechanism to provide database redundancy within the same Microsoft Azure region or in different regions (geo- redundancy).
One of the primary benefits of Active Geo-Replication is that it provides a database-level disaster recovery solution. Using Active Geo-Replication, you can configure a user database in the Premium service tier to replicate transactions to databases on different Microsoft Azure SQL Database servers within the same or different regions. Cross-region redundancy enables applications to recover from a permanent loss of a datacenter caused by natural disasters, catastrophic human errors, or malicious acts.
D: Active Geo-Replication is available for databases in the Premium service tier only.

QUESTION 16 70-533 Dumps,70-533 Exam Questions,70-533 New Questions,70-533 VCE,70-533 PDF
Drag and Drop Question
You manage an application deployed to a cloud service that utilizes an Azure Storage account.
The cloud service currently uses the primary access key.
Security policy requires that all shared access keys are changed without causing application downtime.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.




You manage an Azure web app in standard service tier at the following address: contoso.azurewebsites.net
Your company has a new domain for the site named www.contoso.com that must be accessible by secure socket layer(SSL) encryption.
You need to add a custom domain to the Azure web app and assign an SSL certifcate.
Which three actions should you perform? Each correct answer presents part of the solution.

A.    Add SSL binding for the www.contosco.com domain with the IP-based SSL option selected.
B.    Create a CNAME record from www.contoso.com to contoso.azurewebsites.net.
C.    Create a new file that will redirect the site to the new URL and upload it to the Azure Web site.
D.    Add SSL binding for the www.contoso.com domain with the server Nameindication (SNL)SSL option selected.
E.     Add www.contoso.com to the list of domain names as a custom domain.

Answer: ABC
Step 1: When adding a CNAME record, you must set the Host Name field to the sub-domain you wish to use.
For example, www. You must set the Address field to the .azurewebsites.netdomain name of your Azure Website. For example, contoso.azurwebsites.net.
* Step 2: Modify the service definition and configuration files
Your application must be configured to use the certificate, and an HTTPS endpoint must be added. As a result, the service definition and service configuration files need to be updated.
* Step 3:
IP based SSL associates a certificate with a domain name by mapping the dedicated public IP address of the server to the domain name. This requires each domain name (contoso.com,
fabricam.com, etc.) associated with your service to have a dedicated IP address. This is the traditional method of associating SSL certificates with a web server.
Reference: Enable HTTPS for an Azure website

You manage two datacenters in different geographic regions and one branch office.
You plan to implement a geo-redundant backup solution.
You need to ensure that each datacenter is a cold site for the other.
You create a recovery vault. What should you do next?

A.    Install the provider.
B.    Upload a certificate to the vault.
C.    Generate a vault key.
D.    Set all virtual machines to DHCP.
E.    Prepare System Center Virtual Machine Manager (SCVMM) servers.
F.    Create mappings between the virtual machine (VM) networks.

Answer: C
Within the Azure Portal screen, scroll down to Recovery Services (on the left menu), and click on “Create a New Vault” (this is where your VMs will be replicated to) which will bring up a Data Services / Recovery Services / Site Recovery Vault option, select Quick Create
For the name of the Vault, give it something you’d remember, in my case, I’ll call it RandsVault, and I’ll choose the Region West US since I’m in the Western United States, then click Create Vault
Once the Vault has been created, click on the Right Arrow next to the name of your vault. Under Setup Recovery, choose “Between an on-premise site and Microsoft Azure” so that you are telling the configuration settings that you are going to be replicating between your on-premise datacenter and Azure in the cloud.
You will now see a list of things you need to do which the first thing is to create a key exchange of certificates between Microsoft Azure and your VMM server.

You manage a collection of large video files that is stored in an Azure Storage account.
A user wants access to one of your video files within the next seven days.
You need to allow the user access only to the video file, and then revoke access once the user no longer needs it.
What should you do?

A.    Give the user the secondary key for the storage account.
Once the user is done with the file, regenerate the secondary key.
B.    Create an Ad-Hoc Shared Access Signature for the Blob resource.
Set the Shared Access Signature to expire in seven days.
C.    Create an access policy on the container.
Give the external user a Shared Access Signature for the blob by using the policy.
Once the user is done with the file, delete the policy.
D.    Create an access policy on the blob.
Give the external user access by using the policy.
Once the user is done with the file, delete the policy.

Answer: C
See 3) below.
By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to other clients without sharing your access key, you have the following options for permitting access:
1.You can set a container’s permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.
2. You can expose a resource via a shared access signature, which enables you to delegate restricted access to a container, blob, table or queue resource by specifying the interval for which the resources are available and the permissions that a client will have to it.
3. You can use a stored access policy to manage shared access signatures for a container or its blobs, for a queue, or for a table. The stored access policy gives you an additional measure of control over your shared access signatures and also provides a straightforward means to revoke them.

You administer an Azure Storage account named contoso storage.
The account has queue containers with logging enabled.
You need to view all log files generated during the month of July 2014.
Which URL should you use to access the list?

A.    http://contosostorage.queue.core.windows.net/Slogs?
B.    http://contosostorage.queue.core.windows.net/Sfiles?
C.    http://contosostorage.blob.core.windows.net/Sfiles?
D.    http://contosostorage.blob.core.windows.net/Slogs?

Answer: D
All logs are stored in block blobs in a container named $logs, which is automatically created when Storage Analytics is enabled for a storage account. The $logs container is located in the blob namespace of the storage account, for example: http://.blob.core.windows.net/$logs.
This container cannot be deleted once Storage Analytics has been enabled, though its contents can be deleted.

70-533 dumps full version (PDF&VCE): https://www.lead2pass.com/70-533.html

Large amount of free 70-533 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDclh4YVRORS1vaHc

You may also need:

70-532 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDbm1XNUxwQUYwaWM

70-534 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDaTBTRVp4SktqMXM