100% Pass Ensure PassLeader 70-534 Exam Dumps VCE and PDF for Free (Question 21 – Question 40)

Valid 70-534 Dumps shared by PassLeader for Helping Passing 70-534 Exam! PassLeader now offer the newest 70-534 VCE dumps and 70-534 PDF dumps, the PassLeader 70-534 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader 70-534 dumps with VCE and PDF here: http://www.passleader.com/70-534.html (231 Q&As Dumps)

BTW, DOWNLOAD part of PassLeader 70-534 dumps from Cloud Storage: https://drive.google.com/open?id=0B-ob6L_QjGLpUUNnSVA5SFdpZ2c

You have business services that run on an on-premises mainframe server. You must provide an intermediary configuration to support existing business services and Azure. The business services cannot be rewritten. The business services are not exposed externally. You need to recommend an approach for accessing the business services. What should you recommend?

A.    Connect to the on-premises server by using a custom service in Azure.
B.    Expose the business services to the Azure Service Bus by using a custom service that uses relay binding.
C.    Expose the business services externally.
D.    Move all business service functionality to Azure.

Answer: B
The Service Bus relay service enables you to build hybrid applications that run in both an Azure datacenter and your own on-premises enterprise environment. The Service Bus relay facilitates this by enabling you to securely expose Windows Communication Foundation (WCF) services that reside within a corporate enterprise network to the public cloud, without having to open a firewall connection, or require intrusive changes to a corporate network infrastructure.
How to Use the Service Bus Relay Service

You design an Azure web application. The web application is accessible by default as a standard cloudapp.net URL. You need to recommend a DNS resource record type that will allow you to configure access to the web application by using a custom domain name. Which DNS record type should you recommend?

A.    SRV
B.    MX
D.    A

Answer: C
You can also use CNAME or A records to associate a custom domain name with your VM. When you use A records, however, you need to note that the VIP of your VM might change. When you deallocate a VM, the associated VIP is released. And when the VM is restarted later, a new VIP will be picked and assigned. If you want to ensure that your VM has a static public IP address, you’ll need to configure a static IP address for it as described earlier.

A company hosts a website and exposes web services on the company intranet. The intranet is secured by using a firewall. Company policies prohibit changes to firewall rules. Devices outside the firewall must be able to access the web services. You need to recommend an approach to enable inbound communication. What should you recommend?

A.    The Azure Access Control Service
B.    Windows Azure Pack
C.    The Azure Service Bus
D.    A web service in an Azure role that relays data to the internal web services

Answer: C
The Service Bus Relay is designed for the use-case of taking existing Windows Communication Foundation (WCF) web services and making those services securely accessible to solutions that reside outside the corporate perimeter without requiring intrusive changes to the corporate network infrastructure. Such Service Bus relay services are still hosted inside their existing environment, but they delegate listening for incoming sessions and requests to the cloud-hosted Service Bus.
.NET On-Premises/Cloud Hybrid Application Using Service Bus Relay

You are designing an Azure application. The application includes services hosted in different geographic locations. The service locations may change. You must minimize the cost of communication between services. You need to recommend an approach for data transmission between your application and Azure services. The solution must minimize administrative effort. What should you recommend?

A.    Azure Table storage
B.    Service Bus
C.    Service Management API
D.    Azure Queue storage

Answer: B
The cost of ACS transactions is insignificant when performing messaging operations against Service Bus queues. Service Bus acquires one ACS token per a single instance of the messaging factory object. The token is then reused until it expires, after about 20 minutes. Therefore, the volume of messaging operations in Service Bus is not directly proportional to the amount of ACS transactions required to support these operations.
Azure Queues and Service Bus Queues – Compared and Contrasted

You are designing a distributed application for Azure. The application must securely integrate with on-premises servers. You need to recommend a method of enabling Internet Protocol security (IPsec)-protected connections between on-premises servers and the distributed application. What should you recommend?

A.    Azure Access Control
B.    Azure Content Delivery Network (CDN)
C.    Azure Service Bus
D.    Azure Site-to-Site VPN

Answer: D
IPsec can be used on Azure Site-to-Site VPN connections. Distributed applications can used the IPSec VPN connections to communicate.
About Virtual Network Secure Cross-Premises Connectivity

A company has 10 on-premises SQL databases. The company plans to move the databases to SQL Server 2012 that runs in Azure Infrastructure-as-a-Service (IaaS). After migration, the databases will support a limited number of Azure websites in the same Azure Virtual Network. You have the following requirements:
– You must restore copies of existing on-premises SQL databases to the SQL servers that run in Azure IaaS.
– You must be able to manage the SQL databases remotely.
– You must not open a direct connection from all of the machines on the on-premises network to Azure.
– Connections to the databases must originate from only five Windows computers.
– You need to configure remote connectivity to the databases.
Which technology solution should you implement?

A.    Azure Virtual Network site-to-site VPN
B.    Azure Virtual Network multi-point VPN
C.    Azure Virtual Network point-to-site VPN
D.    Azure ExpressRoute

Answer: C
A point-to-site VPN would meet the requirements.
Configure a Point-to-Site VPN connection to an Azure Virtual Network

You have several virtual machines (VMs) that run in Azure. You also have a single System Center 2012 R2 Configuration Manager (SCCM) primary site on-premises. You have the following requirements:
– All VMs must run on the same virtual network.
– Network traffic must be minimized between the on-premises datacenter and Azure.
– The solution minimize complexity.
You need to use SCCM to collect inventory and deploy software to Azure VMs. What should you do first?

A.    Configure client push for the Azure virtual network.
B.    Enable and configure Operations Insights in Azure.
C.    Install a cloud distribution point on an Azure VM.
D.    Install a secondary site underneath the primary site onto an Azure VM.

Answer: C
Cloud-based distribution Point, a Configuration Manager Site System Role in the Cloud Much of the Configuration Manager topology is made up of distribution points, they are very helpful in many situations where bandwidth and geographical separation are the facts of life, but also hard to manage if you have hundreds or even thousands of them. This feature started with the vision that it makes perfect sense to have big distribution points in the Windows Azure cloud where one should not worry about things like (but not limited to) size, performance, reliability, security, access from all around the world, hardware/software update issues etc.
Note: Content management in System Center 2012 Configuration Manager provides the tools for you to manage content files for applications, packages, software updates, and operating system deployment. Configuration Manager uses distribution points to store files that are required for software to run on client computers. These distribution points function as distribution centers for the content files and let users download and run the software. Clients must have access to at least one distribution point from which they can download the files.
New Distribution Points in Configuration Manager SP1

You are running a Linux guest in Azure Infrastructure-as-a-Service (IaaS). You must run a daily maintenance task. The maintenance task requires native BASH commands. You need to configure Azure Automation to perform this task. Which three actions should you perform? Each correct answer presents part of the solution.

A.    Create an automation account.
B.    Create an Orchestrator runbook.
C.    Create an asset credential.
D.    Run the Invoke-Workflow Azure PowerShell cmdlet.
E.    Import the SSH PowerShell Module.

Answer: ACE
An Automation Account is a container for your Azure Automation resources: it provides a way to separate your environments or further organize your workflows. To create An Automation Account:
1. Log in to the Azure Management Portal.
2. In the Management Portal, click Create an Automation Account.
3. On the Add a New Automation Account page, enter a name and pick a region for the account.
Get started with Azure Automation
* Asset credentials are either a username and password combination that can be used with Windows PowerShell commands or a certificate that is uploaded to Azure Automation.
* The Assets page in Automation displays the various resources (also called “settings”) that are globally available to be used in or associated with a runbook, plus commands to import an integration module, add a new asset, or delete an asset. Assets include variables, schedules, credentials, and connections.
Getting Started with Azure Automation: Automation Assets
Managing SSH enabled Linux hosts using Service Management Automation

A company has multiple Azure subscriptions. It plans to deploy a large number of virtual machines (VMs) into Azure. You install the Azure PowerShell module, but you are unable connect to all of the company’s Azure subscriptions. You need to automate the management of the Azure subscriptions. Which two Azure PowerShell cmdlets should you run?

A.    Get-AzurePublishSettingsFile
B.    Import-AzurePublishSettingsFile
C.    Add-AzureSubscription
D.    Import-AzureCertificate
E.    Get-AzureCertificate

Answer: AB
1. Before you start using the Windows Azure cmdlets to automate deployments, you must configure connectivity between the provisioning computer and Windows Azure. You can do this automatically by downloading the PublishSettings file from Windows Azure and importing it. To download and import publish settings and subscription information At the Windows PowerShell command prompt, type the following command, and then press Enter:
2. Sign in to the Windows Azure Management Portal, and then follow the instructions to download your Windows Azure publishing settings. Save the file as a .publishsettings type file to your computer.
3. In the Windows Azure PowerShell window, at the command prompt, type the following command, and then press Enter:
Import-AzurePublishSettingsFile <mysettings>.publishsettings
How to: Download and Import Publish Settings and Subscription Information

Contoso, Ltd., uses Azure websites for public-facing customer websites. The company has a mobile app that requires customers sign in by using a Contoso customer account. Customers must be able to sign on to the websites and mobile app by using a Microsoft, Facebook, or Google account. All transactions must be secured in-transit regardless of device. You need to configure the websites and mobile app to work with external identity providers. Which three actions should you perform? Each correct answer presents part of the solution.

A.    Request a certificate from a domain registrar for the website URL, and enable TLS/SSL.
B.    Configure IPsec for the websites and the mobile app.
C.    Configure the KerberosTokenProfile 1.1 protocol.
D.    Configure OAuth2 to connect to an external authentication provider.
E.    Build an app by using MVC 5 that is hosted in Azure to provide a framework for the underlying authentication.

Answer: ADE
DE: This tutorial shows you how to build an ASP.NET MVC 5 web application that enables users to log in using OAuth 2.0 with credentials from an external authentication provider, such as Facebook, Twitter, LinkedIn, Microsoft, or Google.
* You will now be redirected back to the Register page of the MvcAuth application where you can register your Google account. You have the option of changing the local email registration name used for your Gmail account, but you generally want to keep the default email alias (that is, the one you used for authentication). Click Register.
* To connect to authentication providers like Google and Facebook, you will need to set up IISExpress to use SSL.
Code! MVC 5 App with Facebook, Twitter, LinkedIn and Google OAuth2 Sign-on (C#)

You are designing a solution that will interact with non-Windows applications over unreliable network connections. You have a security token for each non-Windows application. You need to ensure that non-Windows applications retrieve messages from the solution. Where should you retrieve messages?

A.    An Azure Queue
B.    The Azure Service Bus Queue
C.    An Azure blob storage container that has a private access policy
D.    Azure Table storage

Answer: B
Any Microsoft or non-Microsoft applications can use a Service Bus REST API to manage and access messaging entities over HTTPS. By using REST applications based on non-Microsoft technologies (e.g. Java, Ruby, etc.) are allowed not only to send and receive messages from the Service Bus, but also to create or delete queues, topics and subscription in a given namespace.
Service Bus Explorer

You are the administrator for a company named Contoso, Ltd. Contoso also has an Azure subscription and uses many on-premises Active Directory products as roles in Windows Server including the following:
– Active Directory Domain Services (AD DS)
– Active Directory Certificate Services (AD CS)
– Active Directory Rights Management Services (AD RMS) Active Directory Lightweight Directory Services (AD LDS) Active Directory Federation Services (AD FS)
Contoso must use the directory management services available in Azure Active Directory. You need to provide information to Contoso on the similarities and differences between Azure Active Directory and the Windows Server Active Directory family of services. Which feature does Azure Active Directory and on-premises Active Directory both support?

A.    Using the GraphAPI to query the directory
B.    Issuing user certificates
C.    Supporting single sign-on (SSO)
D.    Querying the directory with LDAP

Answer: C
AD FS supports Web single-sign-on (SSO) technologies, and so does Azure Active Directory.
If you want single sign on we usually suggest using ADFS if you’re a Windows shop. Going forward though, Azure Active Directory is another alternative you can use.
Using Azure Active Directory for Single Sign On with Yammer

A company has a very large dataset that includes sensitive information. The dataset is over 30 TB in size. You have a standard business-class ISP internet connection that is rated at 100 megabits/second. You have 10 4-TB hard drives that are approved to work with the Azure Import/Export Service. You need to migrate the dataset to Azure:
– The solution must meet the following requirements:
– The dataset must be transmitted securely to Azure.
– Network bandwidth must not increase.
– Hardware costs must be minimized.
What should you do?

A.    Prepare the drives with the Azure Import/Export tool and then create the import job.
Ship the drives to Microsoft via a supported carrier service.
B.    Create an export job and then encrypt the data on the drives by using the Advanced.
Encryption Standard (AES). Create a destination Blob to store the export data.
C.    Create an import job and then encrypt the data on the drives by using the Advanced.
Encryption Standard (AES). Create a destination Blob to store the import data.
D.    Prepare the drives by using Sysprep.exe and then create the import job.
Ship the drives to Microsoft via a supported carrier service.

Answer: A
You can use the Microsoft Azure Import/Export service to transfer large amounts of file data to Azure Blob storage in situations where uploading over the network is prohibitively expensive or not feasible.
Use the Microsoft Azure Import/Export Service to Transfer Data to Blob Storage

Hotspot Question
You have an Azure website that runs on several instances. You have a WebJob that provides additional functionality to the website. The WebJob must run on all instances of the website. You need to ensure that the WebJob runs even when the website is idle for long periods of time. How should you create and configure the WebJob object? To answer, select the appropriate options in the answer area.

* You can run programs or scripts in WebJobs in your App Service web app in three ways: on demand, continuously, or on a schedule.
* For continuous WebJobs there is an important feature called “always on” which is only available for a Standard Website, this will make sure your Website and WebJob are always up.
Run Background tasks with WebJobs

Drag and Drop Question
You have a website that displays text, pictures, video files, and audio files. The website processes requests from countries and regions all over the world. You plan to migrate the website to the Azure platform. The website has the following requirements:
– Encode, store, and stream audio and video at scale.
– Load-balance communications with the website instance that is closest to the user’s location.
– Deliver content with high-bandwidth and low latency.
You need to recommend the technologies to implement the solution. Which technologies should you recommend? To answer, drag the appropriate technology to the correct requirement. Each technology may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

* MediaServices
Azure Media Services is being used to power consumer and enterprise streaming solutions worldwide. Combining powerful and highly scalable cloud-based encoding, encryption and steaming components, Azure Media Services is helping customers with valuable and premium video content to easily reach larger audiences on today’s most popular digital devices, such as tablets and mobile phones.
Media Services, Cloud for Premium Video Workflows
* TrafficManager
Traffic Manager, Geo-route incoming traffic to your app for better performance and availability
* Azure Content Delivery Network
The Azure Content Delivery Network (CDN) is designed to send audio, video, applications, images, and other files faster and more reliably to customers using servers that are closest to each user. This dramatically increases speed and availability, resulting in significant user experience improvements.
Azure CDN, A fast and modern global delivery network for high-bandwidth content

You are designing a Windows Azure application that will use Windows Azure Table storage. The application will allow teams of users to collaborate on projects. Each user is a member of only one team. You have the following requirements:
– Ensure that each user can efficiently query records related to his or her team’s projects.
– Minimize data access latency.
You need to recommend an approach for partitioning table storage entities. What should you recommend?

A.    Partition by user.
B.    Partition by team.
C.    Partition by project.
D.    Partition by the current date.

Answer: B

You are designing a Windows Azure application that will store data in two SQL Azure databases. The application will insert data in both databases as part of a single logical operation. You need to recommend an approach for maintaining data consistency across the databases. What should you recommend?

A.    Execute database calls on parallel threads.
B.    Wrap the database calls in a single transaction scope.
C.    Use Microsoft Distributed Transaction Coordinator (MSDTC).
D.    Handle errors resulting from the database calls by using compensatory logic.

Answer: D

You are designing a Windows Azure application. The application includes two web roles and three instances of a worker role. The web roles will send requests to the worker role through one or more Windows Azure Queues. You have the following requirements:
– Ensure that each request is processed exactly one time.
– Minimize the idle time of each worker role instance.
– Maximize the reliability of request processing.
You need to recommend a queue design for sending requests to the worker role. What should you recommend?

A.    Create a single queue.
Send requests on the single queue.
B.    Create a queue for each web role.
Send requests on all queues at the same time.
C.    Create a queue for each worker role instance.
Send requests on each worker queue in a round robin.
D.    Create a queue for each combination of web roles and worker role instances.
Send requests to all worker role instances based on the sending web role.

Answer: A

Drag and Drop Question
You need to automate tasks with Azure by using Azure PowerShell workflows. How should you complete the Azure PowerShell script? To answer, drag the appropriate cmdlet to the correct location. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.


Hotspot Question
A company uses Azure for several virtual machine (VM) and website workloads. The company plans to assign administrative roles to a specific group of users. You have a resource group named GROUP1 and a virtual machine named VM2. The users have the following responsibilities:
You need to assign the appropriate level of privileges to each of the administrators by using the principle of least privilege. What should you do? To answer, select the appropriate target objects and permission levels in the answer area.

* Owner can manage everything, including access.
* Contributors can manage everything except access.
Note: Azure role-based access control allows you to grant appropriate access to Azure AD users, groups, and services, by assigning roles to them on a subscription or resource group or individual resource level.
Role-based access control in the Microsoft Azure portal

Get the newest PassLeader 70-534 VCE dumps here: http://www.passleader.com/70-534.html (231 Q&As Dumps)

And, DOWNLOAD the newest PassLeader 70-534 PDF dumps from Cloud Storage for free: https://drive.google.com/open?id=0B-ob6L_QjGLpUUNnSVA5SFdpZ2c