No. | Domain | Total Question | Correct | Incorrect | Unattempted | Marked for Review |
---|---|---|---|---|---|---|
1 | Develop Azure compute solutions | 24 | 0 | 0 | 24 | 0 |
2 | Develop for Azure storage | 16 | 0 | 0 | 16 | 0 |
3 | Implement Azure security | 7 | 0 | 0 | 7 | 0 |
4 | Monitor, troubleshoot, and optimize Azure solutions | 1 | 0 | 0 | 1 | 0 |
5 | Connect to and consume Azure services and third-party services | 7 | 0 | 0 | 7 | 0 |
Total | All Domains | 55 | 0 | 0 | 55 | 0 |
A company is building a traffic monitoring system. The system would be monitoring the traffic along 4 highways. The system would be responsible for producing a time series-based analysis report for each highway.
The traffic sensors on each highway have been configured to send its data to Azure Event Hubs. The data from Event Hubs is then consumed by three departments. Each department makes use of an Azure Web App to display the data.
You have to implement the Azure Event Hub instance. You need to implement a solution which ensures data throughput is maximized and latency is minimized.
What is the number of partitions you would setup in the Event Hub?
- A. 1
- B. 2
- C. 3
- D. 4
Explanation:
Answer – D
For maximum throughput, we can create a separate partition for each highway.
Since we should base the partitions on the incoming data, the other options are incorrect
For more information on partition keys, please visit the following URL
A company is building a traffic monitoring system. The system would be monitoring the traffic along 4 highways. The system would be responsible for producing a time series-based analysis report for each highway.
The traffic sensors on each highway have been configured to send its data to Azure Event Hubs. The data from Event Hubs is then consumed by three departments. Each department makes use of an Azure Web App to display the data.
You have to implement the Azure Event Hub instance. You need to implement a solution which ensures data throughput is maximized and latency is minimized.
Which of the following would you use as the partition key?
- A. Highway
- B. Department
- C. Timestamp
- D. Datestamp
Explanation:
Answer - A
Since the data would come in for each highway, the highway represented by probably a highway number would be ideal for the partition key.
The other options are incorrect since they would not provide ideal values for the distribution of data across the partitions.
For more information on partition keys, please visit the following URL
An application is currently making use of an Azure storage account. Soft delete is enabled on the storage account.
The application uploads a blob named img1.jpg. Snapshot 1 is then created out of the blob. And then Snapshot 2 is created out of the blob. Snapshot 1 is then deleted.
A system error has caused the application to now go ahead and delete the blob and all of its snapshots.
Would you be able to restore the blob img1.jpg?
- A. Yes
- B. No
Explanation:
Answer – A
The soft delete features allows you to recover blobs and its snapshots as well
The Microsoft documentation mentions the following
For more information on the soft delete feature, please visit the following URL
An application is currently making use of an Azure storage account. Soft delete is enabled on the storage account.
The application uploads a blob named img1.jpg. Snapshot 1 is then created out of the blob. And then Snapshot 2 is created out of the blob. Snapshot 1 is then deleted.
A system error has caused the application to now go ahead and delete the blob and all of its snapshots.
Would you be able to restore Snapshot 1?
- A. Yes
- B. No
Explanation:
Answer – A
The soft delete features allows you to recover blobs and its snapshots as well
The Microsoft documentation mentions the following
For more information on the soft delete feature, please visit the following URL
An application is currently making use of an Azure storage account. Soft delete is enabled on the storage account.
The application uploads a blob named img1.jpg. Snapshot 1 is then created out of the blob. And then Snapshot 2 is created out of the blob. Snapshot 1 is then deleted.
A system error has caused the application to now go ahead and delete the blob and all of its snapshots.
Would you be able to restore Snapshot 2?
- A. Yes
- B. No
Explanation:
Answer - A
The soft delete feature allows you to recover blobs and its snapshots as well
The Microsoft documentation mentions the following
For more information on the soft delete feature, please visit the following URL
A company currently has a web service deployed that is used to take in food orders and deliveries. The web service used Azure Cosmos DB as the data store.
A new feature is being rolled out that allow users to set a tip amount for orders. The new feature now mandates that the order needs to have a property named Ordertip in the document in Cosmos DB and that the property must contain a numeric value.
There might be existing web sites and web services that may not be updated so far to include this feature of having a tip in place.
You need to complete the below code trigger for this requirement
Which of the following would go into Slot 1?
- A. this.value();
- B. this.readDocument(‘item’);
- C. context.getRequest();
- D. getContext().getResponse();
Explanation:
Answer – C
This trigger in the web service will be used to get the request first from the web sites and applications that call this web service.
Te original code is
-----------------
function OrderTip() {
var context = getContext();
var request = context.getRequest();
var tipsItem = request.getBody();
if (!("tip" in tipsItem)) {
tipsItem["tip"] = 0;
}
request.setBody(tipsItem);
}
-------------------
A similar example if also given in the Microsoft documentation
Since this is the right approach, all other options are incorrect
For more information on using triggers for Cosmos DB, please visit the following URL
A company currently has a web service deployed that is used to take in food orders and deliveries. The web service used Azure Cosmos DB as the data store.
A new feature is being rolled out that allow users to set a tip amount for orders. The new feature now mandates that the order needs to have a property named Ordertip in the document in Cosmos DB and that the property must contain a numeric value.
There might be existing web sites and web services that may not be updated so far to include this feature of having a tip in place.
You need to complete the below code trigger for this requirement
Which of the following would go into Slot 2?
- A. if (!("tip" in tipsItem))
- B. If(request.getValue(“tipsitem”)==null)
- C. If(response.getValue(“tipsitem”)==null)
- D. If (type.getValue(“tipsitem”)==null)
Explanation:
Answer – A
Here we need to check if the Ordertip property exists in the request
the original code is
------------
function OrderTip() {
var context = getContext();
var request = context.getRequest();
var tipsItem = request.getBody();
if (!("tip" in tipsItem)) {
tipsItem["tip"] = 0;
}
request.setBody(tipsItem);
}
--------------
A similar example if also given in the Microsoft documentation
Since this is the right approach, all other options are incorrect
For more information on using triggers for Cosmos DB, please visit the following URL
A company currently has a web service deployed that is used to take in food orders and deliveries. The web service used Azure Cosmos DB as the data store.
A new feature is being rolled out that allow users to set a tip amount for orders. The new feature now mandates that the order needs to have a property named Ordertip in the document in Cosmos DB and that the property must contain a numeric value.
There might be existing web sites and web services that may not be updated so far to include this feature of having a tip in place.
You need to complete the below code trigger for this requirement
Which of the following would go into Slot 3?
- A. request.setBody(tipsItem);
- B. request.setValue(tipsItem);
- C. this.replaceDocument(tipsItem);
- D. this.upsertDocument(tipsItem);
Explanation:
Answer – A
We now need to set the request Body with the modified request
A similar example if also given in the Microsoft documentation
The original coe is as follows
-------------------
function OrderTip() {
var context = getContext();
var request = context.getRequest();
var tipsItem = request.getBody();
if (!("tip" in tipsItem)) {
tipsItem["tip"] = 0;
}
request.setBody(tipsItem);
}
-------------------
Since this is the right approach, all other options are incorrect
For more information on using triggers for Cosmos DB, please visit the following URL
You are going to deploy a web application onto Azure. You would make use of the App Service on Linux. You go ahead and create an App Service Plan. You then go ahead and publish a custom docker image onto the Azure Web App. You need to access the console logs generated from the container in real time.
You need to complete the following Azure CLI script for this
Which of the following would go into Slot 1?
- A. config
- B. download
- C. show
- D. tail
Explanation:
Answer – A
To configure “logging” we need to use the “az webapp log configure” command
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the command, please visit the following URL
You are going to deploy a web application onto Azure. You would make use of the App Service on Linux. You go ahead and create an App Service Plan. You then go ahead and publish a custom docker image onto the Azure Web App. You need to access the console logs generated from the container in real time.
You need to complete the following Azure CLI script for this
Which of the following would go into Slot 2?
- A. --web-server-logging
- B. --docker-container-logging
- C. --system-logging
- D. --application-logging
Explanation:
Answer – B
For container logging, we need to use the flag --docker-container-logging
The Microsoft documentation mentions the following on the command flag
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the command, please visit the following URL
You are going to deploy a web application onto Azure. You would make use of the App Service on Linux. You go ahead and create an App Service Plan. You then go ahead and publish a custom docker image onto the Azure Web App. You need to access the console logs generated from the container in real time.
You need to complete the following Azure CLI script for this
Which of the following would go into Slot 3?
- A. webapp
- B. docker
- C. acr
- D. aks
Explanation:
Answer – A
To get a live trail of the logs, we need to use the “az webapp log tail” command
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the command, please visit the following URL
You are going to deploy a web application onto Azure. You would make use of the App Service on Linux. You go ahead and create an App Service Plan. You then go ahead and publish a custom docker image onto the Azure Web App. You need to access the console logs generated from the container in real time.
You need to complete the following Azure CLI script for this
Which of the following would go into Slot 4?
- A. config
- B. download
- C. show
- D. tail
Explanation:
Answer – D
To get a live trail of the logs, we need to use the “az webapp log tail” command
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the command, please visit the following URL
You have to develop an ASP.Net Core application. The application is used to work with blobs in an Azure storage account. The application authenticates via Azure AD credentials.
Role based access has been implemented on the containers that contain the blobs. These roles have been assigned to the users.
You have to configure the application so that the user’s permissions can be used with the Azure Blob containers.
Which of the following would you use as the Permission for the Microsoft Graph API?
- A. User.Read
- B. User.Write
- C. client_id
- D. user_impersonation
Explanation:
Answer – A
For the Microsoft Graph API, we need to use the User.Read permission. It's like this in the Microsoft documentation
Since this is clearly given in the documentation, all other options are incorrect
For more information on permissions for an application for accessing Azure storage, please visit the following URL
You have to develop an ASP.Net Core application. The application is used to work with blobs in an Azure storage account. The application authenticates via Azure AD credentials.
Role based access has been implemented on the containers that contain the blobs. These roles have been assigned to the users.
You have to configure the application so that the user’s permissions can be used with the Azure Blob containers.
What is the type of permission that needs to be used for the Microsoft Graph API?
- A. Application
- B. Primary
- C. Delegated
- D. Secondary
Explanation:
Answer – C
For the Microsoft Graph API, we need to use the Delegated permission type. This is also given in the Microsoft documentation
Since this is clearly given in the documentation, all other options are incorrect
For more information on permissions for an application for accessing Azure storage, please visit the following URL
You have to develop an ASP.Net Core application. The application is used to work with blobs in an Azure storage account. The application authenticates via Azure AD credentials.
Role based access has been implemented on the containers that contain the blobs. These roles have been assigned to the users.
You have to configure the application so that the user’s permissions can be used with the Azure Blob containers.
Which of the following would you use as the Permission for the Azure Storage API?
- A. User.Read
- B. User.Write
- C. client_id
- D. user_impersonation
Explanation:
Answer – D
For the storage account, we need to use the user_impersonation permission. This is also given in the Microsoft documentation
Since this is clearly given in the documentation, all other options are incorrect
For more information on permissions for an application for accessing Azure storage, please visit the following URL
You have to develop an ASP.Net Core application. The application is used to work with blobs in an Azure storage account. The application authenticates via Azure AD credentials.
Role based access has been implemented on the containers that contain the blobs. These roles have been assigned to the users.
You have to configure the application so that the user’s permissions can be used with the Azure Blob containers.
What is the type of permission that needs to be used for the Azure Storage API?
- A. Application
- B. Primary
- C. Delegated
- D. Secondary
Explanation:
Answer – C
Here the permission type needs to be delegated
Since this is clearly given in the documentation, all other options are incorrect
For more information on permissions for an application for accessing Azure storage, please visit the following URL
You have to build a web application that would be deployed onto Azure. The web application would not allow anonymous access. The authentication would be carried out via Azure AD.
The application needs to abide by the following requirements
- Users must be able to log into the web application using their Azure AD credentials
- The personalization of the web application must be based on the membership in Active Directory groups
You have to configure the application manifest file
Which of the following would go into Slot 1?
- A. “optionalClaims”
- B. “AllClaims”
- C. “groupMembershipClaims”
- D. “AppClaims”
Explanation:
Answer – C
To get all the groups the user is a part of, you need to set the “groupMembershipClaims”
The Microsoft documentation mentions the following
Since this is the ideal approach, all other options are incorrect
For more information on membership group claims, please visit the following URL
You have to build a web application that would be deployed onto Azure. The web application would not allow anonymous access. The authentication would be carried out via Azure AD.
The application needs to abide by the following requirements
- Users must be able to log into the web application using their Azure AD credentials
- The personalization of the web application must be based on the membership in Active Directory groups
You have to configure the application manifest file
Which of the following would go into Slot 2?
- A. “allowPublicClient”
- B. “oauth2Permissions”
- C. “requiredResourceAccess”
- D. “oauth2AllowImplicitFlow”
Explanation:
Answer – D
In the question the requirement is as follows
---------
The application needs to abide by the following requirements
- Users must be able to log into the web application using their Azure AD credentials
- The personalization of the web application must be based on the membership in Active Directory groups
--------------------
Key | Value Type | |||||||
---|---|---|---|---|---|---|---|---|
A | “oAuth2PermissionsallowPublicClient”
|
Boolean | ||||||
This may be possible answer Specifies the fallback application type. Azure AD infers the application type from the replyUrlsWithType by default. There are certain scenarios where Azure AD can't determine the client app type. For example, one such scenario is the ROPC flow where HTTP request happens without a URL redirection). In those cases, Azure AD will interpret the application type based on the value of this property. If this value is set to true the fallback application type is set as public client, such as an installed app running on a mobile device. The default value is false which means the fallback application type is confidential client such as web app. Means Option A is not correct answer and hence can not be filled in Slot No. 2 |
||||||||
B | “oauth2Permissions” | Collection | ||||||
out of scope as given value is true means boolean | ||||||||
C | “requiredResourceAccess” | Collection | ||||||
out of scope as given value is true means boolean | ||||||||
D | “oauth2AllowImplicitFlow” | Boolean | ||||||
This may be possible answer |
Correct answer |
Hence, finally the correct answer is Option D
For more information on the reference app manifest, please visit the following URL
https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-app-manifest
You have to setup a data store using Azure Cosmos DB. The documents that would be stored in Cosmos DB would contain hundreds of properties. The Azure Cosmos DB account would be using the SQL API.
The issue currently is that in the design stage it has been noticed that there are no distinct values in the documents that can be used for partitioning.
You need to choose a partition key that would ensure workloads are spread evenly over the partitions.
Which of the following are strategies that can be implemented? Choose 2 answers from the options given below
- A. Employing a strategy of concatenation of multiple property values with a random suffix appended
- B. Using a single property value that does not appear frequently in the documents
- C. Using a hash suffix that is appended to a property value
- D. Using a value containing the collection name
- E. Using a single property value that appears frequently in the documents
Explanation:
Answer – A and C
You can use a concatenation of multiple property values and also use a suffix.
The Microsoft documentation mentions the following
The other options are invalid since these are not the right approaches for synthetic keys
For more information on synthetic partition keys, please visit the following URL
You have to develop an Azure Function that would perform the following activities
- Read messages from an Azure Storage Queue
- Process the messages and add entities to Azure Table Storage
You have to define the correct bindings in the function.json file
Which of the following would go into Area 1?
- A. “in”
- B. “out”
- C. “trigger”
- D. “$return”
- E. “$table”
Explanation:
Answer – A
Here we have to mention the binding as an input binding.
An example of this also given in the Microsoft documentation
For more information on function bindings, please refer to the below link
You have to develop an Azure Function that would perform the following activities
- Read messages from an Azure Storage Queue
- Process the messages and add entities to Azure Table Storage
You have to define the correct bindings in the function.json file
Which of the following would go into Area 2?
- A. “in”
- B. “out”
- C. “trigger”
- D. “$return”
- E. “$table”
Explanation:
Answer - B
Here we have to mention the binding as an output binding.
An example of this also given in the Microsoft documentation
For more information on function bindings, please refer to the below link
You have to develop an Azure Function that would perform the following activities
- Read messages from an Azure Storage Queue
- Process the messages and add entities to Azure Table Storage
You have to define the correct bindings in the function.json file
Which of the following would go into Area 3?
- A. “in”
- B. “out”
- C. “trigger”
- D. “$return”
- E. “$table”
Explanation:
Answer – D
Since we are returning an entity onto the table, we have to use the $return output parameter.
An example of this also given in the Microsoft documentation
For more information on function bindings, please refer to the below link
You have developed and deployed a REST API based application to the Azure App Service. When you navigate to the URL, you are getting the error
Failed to load http://whizlabapi.azurewebsites.net:6000/#/api/Products: No ‘Access-Control-Allow-Origin’ header is present on the request resource.
Which of the following needs to be implemented to resolve this issue?
- A. Use an SSL certificate
- B. Enable Azure AD Authentication
- C. Enable CORS
- D. Use a custom domain
Explanation:
Answer – C
For this we need to enable CORS
This is also given as an example in the Microsoft documentation
Since this is clearly given in the documentation, all other options are incorrect
For more information on enabling CORS for an Azure web app, please visit the following URL
You need to deploy a software as a service application that will run as a web service. The web service needs to be deployed using the Azure web app service. The web service will also use WebJobs to process data. There are three customers who will use the web service. Below are the key requirements for the deployment
- Each deployment of the web app needs to be tested using deployment slots prior to deploying to production.
- Each instance of the WebJob that processes data for a single customer must run as a singleton instance.
- Azure costs need to be minimized
- The Azure based resources must be located in an isolated network
Which of the following would you use as the underlying pricing tier for this solution?
- A. Isolated
- B. Standard
- C. Premium
- D. Consumption
Explanation:
Answer – A
Since there is a requirement for resources to be located in an isolated network, we need to use the Isolated pricing tier.
The Microsoft documentation mentions the following
Since this is the only plan that suits this requirement, all other options are incorrect
For more information on App Service plans, please visit the following URL
You need to deploy a software as a service application that will run as Isolated App Service plan tier. The web service needs to be deployed using the Azure web app service. The web service will also use WebJobs to process data. There are three customers who will use the web service. Below are the key requirements for the deployment
- Each deployment of the web app needs to be tested using deployment slots prior to deploying to production.
- Each instance of the WebJob that processes data for a single customer must run as a singleton instance.
- Azure costs need to be minimized
- The Azure based resources must be located in an isolated network
- The web service will use an on-premises
SQL Server database for storage
Which of the following should you set as the number of Virtual Machine instances?
- A. 2
- B. 3
- C. 6
- D. 8
Explanation:
Answer – B
Since we have three customers for which the WebJobs need to run in isolation, we can set one virtual machine instance for each customer.
App Service plan tier: Isolated
Please refer to https://docs.microsoft.com/en-us/azure/app-service/deploy-staging-slots
------------------------
When you deploy your web app, web app on Linux, mobile back end, or API app to Azure App Service, you can use a separate deployment slot instead of the default production slot when you're running in the Standard, Premium, or Isolated App Service plan tier. Deployment slots are live apps with their own host names. App content and configurations elements can be swapped between two deployment slots, including the production slot.
-------------------------
Means we can use Staging environment without additional cost and hence for each customer we need 1 VM or 3 VM for 3 customer.
Since this is the ideal approach, all other options are incorrect
For more information on App Service plans, please visit the following URL
You have to create an Azure Virtual Machine using a PowerShell script. Which of the following command can be used to create the new virtual machine?
- A. Create-AzVm
- B. New-AzVm
- C. Set-AzVm
- D. Get-AzVm
Explanation:
Correct Answer – B
You would use the New-AzVm command to create a new virtual machine.
This is also given in the Microsoft documentation
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on creating virtual machines, please refer to the below link
You are developing a stored procedure in Azure Cosmos DB. Which of the following are the acceptable values for TriggerOperation Enum property?
Drag the correct options from the Actions area and drop them to the answer area.
- Correct Answer
All
Create
Update
Replace
Delete
Explanation:
Correct Answers:
All |
Create |
Update |
Replace |
Delete |
Correct Answers: A, C, D, E and F
- The acceptable values are: All, Create, Update, Replace, and Delete.
- Select is not an acceptable value.
Reference:
For more information please refer to the link:
Your company has the requirement to deploy a web application to an Azure Windows virtual machine. You have to configure remote access to RDP into the machine.
You decide to create an Inbound Network Security Group rule to allow traffic on port 3389
Would this fulfil the requirement?
- A. Yes
- B. No
Explanation:
Answer – A
In order to connect to a Windows virtual machine in Azure, you have to create an Inbound port rule in the Network Security Group
This is mentioned in the troubleshooting area in the Microsoft documentation
For more information on the article to allow RDP access, please refer to the below link
Your company has the requirement to deploy a web application to an Azure Windows virtual machine. You have to configure remote access to RDP into the machine.
You decide to create an Outbound Network Security Group rule to allow traffic on port 3389
Would this fulfil the requirement?
- A. Yes
- B. No
Explanation:
Answer – B
You have to add an Inbound Network Security Group rule and not an Outbound rule
For more information on the article to allow RDP access, please refer to the below link
Your company has the requirement to deploy a web application to an Azure Ubuntu Desktop virtual machine. You have to configure remote access to Xrdp into the machine.
You decide to create an Inbound Network Security Group rule to allow traffic on port 80
Would this fulfil the requirement?
- A. Yes
- B. No
Explanation:
Answer – B
You need to add an Inbound rule for Port 3389 which is meant for Ubuntu Desktop VM.
Port 80 is for Web server.
For more information on the article to allow Xrdp access, please refer to the below link
https://linuxize.com/post/how-to-install-xrdp-on-ubuntu-20-04/#installing-xrdp
There is a requirement to retain the change feed in Azure Cosmos DB until the data is deleted. Which of the following can be used for this purpose?
- A. Set the TTL (Time to Live) property to -1
- B. Set the TTL (Time to Live) property to 0
- C. Set the TTL (Time to Live) property to null
- D. Set the TTL (Time to Live) property to 1
Explanation:
Correct Answer: A
- Option A is CORRECT because if the TTL property is set on an item to -1, the change feed will remain if the data is not deleted.
- Option B is incorrect because it cannot keep the change feed persist forever.
- Option C is incorrect because it is an unacceptable value.
- Option D is incorrect because it cannot keep the change feed persist forever.
You have to develop and deploy a solution to Azure. The solution would consist of devices sending data from different locations across the world. There are currently around 10,000 devices with each device sending max. 1 MB of data every 24 hours. The data needs to be stored in Azure Blob storage. The data must be correlated based on the device identifier.
You need to implement a solution to receive the device data
You decide to implement Azure Event Grid and configure event filtering with the device identifier.
Would this meet the requirement?
- A. Yes
- B. No
Explanation:
Answer – B
Azure Event Grids are used for building applications which need to work with events specifically.
For more information on Azure Event Grids, please visit the following URL
You have to develop and deploy a solution to Azure. The solution would consist of devices sending data from different locations across the world. There are currently around 10,000 devices with each device sending max. 1 MB of data every 24 hours. The data needs to be stored in Azure Blob storage. The data must be correlated based on the device identifier.
You need to implement a solution to receive the device data
You decide to implement an Azure Event Hub and configure the device identifier as the partition key.
Would this meet the requirement?
- A. Yes
- B. No
Explanation:
Answer – A
Azure Event Hubs is an ingestion service. You can also use the data capture system to send data to an Azure storage account
The Microsoft documentation mentions the following
For more information on Azure Event Hubs, please visit the following URL
You are developing an ASP.Net Core application. This application would need to be deployed to the Azure Web App service from a GitHub repository. The web application contains static content that is generated by a script.
You are planning on using the Azure Web App continuous deployment feature. The script which is used to generate static content needs to run first before the web site can start serving traffic.
Which of the following are options that can be used for this fulfilling this requirement?
- A. Customize the deployment by creating a .deployment file at the root of the repository. Ensure the deployment file calls the script which generates the static content.
- B. Customize the deployment by creating a run.cmd file at the root of the repository. Ensure the command file calls the script which generates the static content
- C. Ensure to add a PreBuild target in the websites csproj project file
- D. Ensure to run the app via the Basic App Service Plan
Explanation:
Answer – A
The github documentation for kudu-based deployments mentions the following
Option B is incorrect since we need to use a deployment file and not a run.cmd file.
Option C is incorrect since this is used to build other files before building the actual project files
Option D is incorrect since we don’t need to match this to the App Service Plan
For more information on customizing deployments, please visit the following URL
What are the reasons to desire using item ID as the partition key for a small read-heavy container or write-heavy container? Choose 3 answers from the options given below.
- A. Using item ID as the partition key, so that the partition key can be changed in-place.
- B. Since item ID is unique per item, it provides a wide range of possible values.
- C. Consider balancing RU consumption and data storage evenly when item ID is unique per item.
- D. As the item ID is partition key, it is easier to perform point reads efficiently.
Explanation:
Correct Answers: B, C and D
- Option B is CORRECT because it provides a wide range of possible values for higher performance.
- Option C is CORRECT because it balances RU consumption and data storage evenly.
- Option D is CORRECT because it offers more efficient point reads.
- Option A is incorrect because it is not possible to change partition key in-place in Azure Cosmo DB.
Which of the following trigger type would you recommend, to invoke the serverless “Application Function App"?
- A. Blob
- B. HTTP
- C. Queue
- D. Timer
Explanation:
Answer – B
To build serverless API’s we should make use of HTTP triggers.
The Microsoft documentation mentions the following
Since this is the logical approach, all other options are incorrect
For more information on HTTP bindings for function apps, please visit the following URL
You need to secure the “Application Function App”. Which of the following would you use as the authorization level?
- A. Developer
- B. Function
- C. Anonymous
- D. Admin
Explanation:
Answer – B
Since we need to secure the invocation of the function app, we need to ensure API keys are used.
For that, we can make use of Function keys.
A key can be passed to an Azure Function HTTP request in the URL as the code query string. Alternatively, it can be included in the x-functions-key HTTP header. Only the key value, not its name, is passed.
Function authorization level requires a key for authorization. Both function and host key will work. In that sense, it is the less restrictive of the key-based authorization level.
Admin authorization level requires a host key for authorization.
Passing a function key will fail authorization and return an HTTP 401 – Unauthorized error code.
System authorization level requires the master key of a function app for authorization.
Passing a function key or a host key (except the master key) will fail authorization and return an HTTP 401 – Unauthorized error code.
User authorization level isn’t key based. Instead, it does mandate a valid authentication token.
Option A is incorrect since this is not a valid authorization scope for an Azure Function
Option C is incorrect since this is an insecure practice
Option D is incorrect since the master key is used to provide administrative access to the runtime REST API’s
For more information on HTTP bindings for function apps, please visit the following URL
You are developing a Web API. What is the correct sequence to integrate authentication and authorization working with the Microsoft identity platform?
- Store token cache
- Register app
- Control access to web API (authorization)
- Configure app with code sample
- Configure permission & call API of choice
- Validate access token
- Configure secrets & certificates
- A. 2 > 7 > 5 > 4 > 1 > 6 > 3
- B. 2 > 4 > 6 > 7 > 5 > 3 > 1
- C. 4 > 5 > 7 > 1 > 6 > 3 > 2
- D. 4 > 5 > 7 > 2 > 1 > 6 > 3
Explanation:
Correct Answer: B
- Option B is CORRECT because it requires developers to register apps in the platform. Then configure the app and validate the access token before configure secret & certificates. Once the permission & call API of choice have been configured, the developer then sets up the control access to the web API as authorization and finally stores the token cache.
- Option C is incorrect because it is in an incorrect sequence.
- Option A is incorrect because it is in an incorrect sequence.
- Option D is incorrect because it is in an incorrect sequence.
You need to resolve the error in the test environment for the whizlab.com test site. You need to complete the below Azure CLI command for this purpose
Which of the following would go into Slot 1?
- A. cors
- B. config
- C. deployment
- D. deploy
Explanation:
Answer - A
Here we need to enable Cross-Origin resource sharing.
Here the command for enabling CORS is shown below
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the command, please visit the following URL
You need to resolve the error in the test environment for the whizlab.com test site. You need to complete the below Azure CLI command for this purpose
Which of the following would go into Slot 2?
- A. add
- B. remove
- C. update
- D. up
Explanation:
Answer – A
Here we need to enable Cross-Origin resource sharing.
Here the command for enabling CORS is shown below
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the command, please visit the following URL
You need to resolve the error in the test environment for the whizlab.com test site. You need to complete the below Azure CLI command for this purpose
Which of the following would go into Slot 3?
- A. slot
- B. deployment
- C. allowed-origins
- D. name
Explanation:
Answer – C
Here we need to enable Cross-Origin resource sharing.
Here the command for enabling CORS is shown below
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the command, please visit the following URL
You need to resolve the error in the test environment for the whizlab.com test site. You need to complete the below Azure CLI command for this purpose
Which of the following would go into Slot 4?
- A. http://test-appapi.whizlab.com
- B. http://test.whizlab.com
- C. https://*.whizlab.com
- D. http://*.test.com
Explanation:
Answer - B
Here we have to add the URL that is not being granted access.
Since this is the logical approach, all other options are incorrect
For more information on the command, please visit the following URL
You are planning on using the Azure container registry service. You want to ensure that your application or service can use it for headless authentication. You also want to allow role-based access to the registry.
You decide to use the Admin account associated with the container registry
Would this fulfil the requirement?
- A. Yes
- B. No
Explanation:
Answer – B
This is only used for single user access to the registry
The Microsoft documentation mentions the following
For more information on container registry authentication, please visit the following URL
You are planning on using the Azure container registry service. You want to ensure that your application or service can use it for headless authentication. You also want to allow role-based access to the registry.
You decide to assign a service principal to the registry
Would this fulfil the requirement?
- A. Yes
- B. No
Explanation:
Answer – A
This is the ideal approach.
The Microsoft documentation mentions the following
For more information on container registry authentication, please visit the following URL
You are planning on using the Azure container registry service. You want to ensure that your application or service can use it for headless authentication. You also want to allow role-based access to the registry.
You decide to perform an individual login to the registry
Would this fulfill the requirement?
- A. Yes
- B. No
Explanation:
Answer – B
Here Requirement : " ensure that your application or service can use Azure Container Registry Service for headless authentication and allow to the registry."
The Individual login method will not allow headless authentication.
The Microsoft documentation mentions the following
This can be accomplished with Azure AD Service Principal method
For more information on container registry authentication, please visit the following URL
You are developing an application that is going to making use of the Azure Service Bus. You have to create filters based on the different types of subscribers that would subscribe to the topic. The broad classification of these subscribers are
- Subscribers should be able to receive all messages being sent to the topic
- Subscribers should NOT be able to receive all messages being sent to the topic
- Subscribers should be able to receive messages based on a SQL-like conditional expression
Which of the following would you use as the filter condition for the requirement?
“Subscribers should be able to receive all messages being sent to the topic”
- A. Boolean filters
- B. Primary filters
- C. SQL filters
- D. Correlation filters
Explanation:
Answer – A
Here we have to make use of Boolean filters which could either accept or reject all messages
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on topic filters, please visit the following URL
You are developing an application that is going to make use of the Azure Service Bus. You have to create filters based on the different types of subscribers that would subscribe to the topic. The broad classification of these subscribers are
- Subscribers should be able to receive all messages being sent to the topic
- Subscribers should not be able to receive any messages being sent to the topic
- Subscribers should be able to receive messages based on a SQL-like conditional expression
Which of the following would you use as the filter condition for the requirement?
“Subscribers should not be able to receive any messages being sent to the topic”
- A. Boolean filters
- B. Primary filters
- C. SQL filters
- D. Correlation filters
Explanation:
Answer – A
Here we have to make use of Boolean filters which could either accept or reject all messages
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on topic filters, please visit the following URL
You are developing an application that is going to making use of the Azure Service Bus. You have to create filters based on the different types of subscribers that would subscribe to the topic. The broad classification of these subscribers are
- Subscribers should be able to receive all messages being sent to the topic
- Subscribers should NOT be able to receive all messages being sent to the topic
- Subscribers should be able to receive messages based on a SQL-like conditional expression
Which of the following would you use as the filter condition for the requirement?
“Subscribers should be able to receive messages based on a SQL-like conditional expression”
- A. Boolean filters
- B. Primary filters
- C. SQL filters
- D. Correlation filters
Explanation:
Answer – C
We can use the SQL Filters to base the conditional on SQL like expressions.
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on topic filters, please visit the following URL
You have to create an Azure Cosmos DB account that would need to use the Table API. Cost needs to be optimized for the Cosmos DB account. The application can afford to read out of order writes.
You have to complete the below CLI command for the creation of the account and the table
Which of the following would go into Slot 1?
- A. create
- B. table create
- C. --capabilities
- D. group create
Explanation:
Answer – A
First, we have to use the ‘az cosmosdb create’ command to go ahead and create a Cosmos DB account.
An example of this is also given in the Microsoft documentation
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on creating a Cosmos DB account with the Table API, please visit the following URL
You have to create an Azure Cosmos DB account that would need to use the Table API. Cost needs to be optimized for the Cosmos DB account. The application can afford to read out of order writes.
You have to complete the below CLI command for the creation of the account and the table
Which of the following would go into Slot 2?
- A. create
- B. table create
- C. --capabilities
- D. group create
Explanation:
Answer – C
We need to use the --capabilities option to create a Cosmos DB account with the Table API
An example of this is also given in the Microsoft documentation
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on creating a Cosmos DB account with the Table API, please visit the following URL
You have to create an Azure Cosmos DB account that would need to use the Table API. Cost needs to be optimized for the Cosmos DB account. The application can afford to read out of order writes.
You have to complete the below CLI command for the creation of the account and the table
Which of the following would go into Slot 3?
- A. Strong
- B. Eventual
- C. Bounded staleness
- D. Session
Explanation:
Answer – B
Since the requirements mentions to cut on costs and since the application can afford to read out of order writes, we should opt for Eventual consistency
The Sample example Microsoft documentation mentions the following
Full syntax of the cosmosdb Create command has been given att the following URL
- https://docs.microsoft.com/en-us/cli/azure/cosmosdb?view=azure-cli-latest#az-cosmosdb-createaz cosmosdb create --name
--resource-group
[--capabilities]
[--default-consistency-level {BoundedStaleness, ConsistentPrefix, Eventual, Session, Strong}]
[--disable-key-based-metadata-write-access {false, true}]
[--enable-analytical-storage {false, true}]
[--enable-automatic-failover {false, true}]
[--enable-free-tier {false, true}]
[--enable-multiple-write-locations {false, true}]
[--enable-public-network {false, true}]
[--enable-virtual-network {false, true}]
[--ip-range-filter]
[--key-uri]
[--kind {GlobalDocumentDB, MongoDB, Parse}]
[--locations]
[--max-interval]
[--max-staleness-prefix]
[--server-version {3.2, 3.6}]
[--subscription]
[--tags]
[--virtual-network-rules]
You have to create an Azure Cosmos DB account that would need to use the Table API. Cost needs to be optimized for the Cosmos DB account. The application can afford to read out of order writes.
You have to complete the below CLI command for the creation of the account and the table
Which of the following would go into Slot 4?
- A. create
- B. table create
- C. --capabilities
- D. group create
Explanation:
Answer – B
Here we have to go ahead and create a table in the Cosmos DB account
An example of this is also given in the Microsoft documentation
Since this is clear from the Microsoft documentation, all other options are incorrect
For more information on creating a Cosmos DB account with the Table API, please visit the following URL
You are going to create an Azure Storage Account as part of your subscription. This would be a General Purpose V2 storage account. You have to conform to the following requirements
- You must be able to recover a deleted blob
- You should be able recover a deleted blob a maximum of 7 days after the blob has been deleted.
- You need to be able to create snapshots of an existing blob in the storage account
Which of the following is a feature you have to implement on the Blobs to ensure you can recover the blob as per the specified requirements?
- A. CORS
- B. Soft Delete
- C. Snapshots
- D. Change Feed
Explanation:
Answer – B
For this you have to make use of the Soft Delete feature for Azure Blob storage
The Microsoft documentation mentions the following
Since this is clearly mentioned in the Microsoft documentation, all other options are incorrect
For more information on the Soft Delete feature, please refer to the below link
You are going to create an Azure Storage Account as part of your subscription. This would be a General Purpose V2 storage account. You have to conform to the following requirements
- You must be able to recover a deleted blob
- You should be able recover a deleted blob a maximum of 7 days after the blob has been deleted.
- You need to be able to create snapshots of an existing blob in the storage account
Would it be possible to modify an existing Blob snapshot?
- A. Yes
- B. No
Explanation:
Answer – B
You cannot modify an existing Blob snapshot
The Microsoft documentation mentions the following
For more information on Blob snapshots, please refer to the below link
You have to develop and deploy an application for your company. The web application needs to be deployed onto the Azure Web App service. You have to choose an appropriate App Service Plan based on the following requirements
- The web application needs to be accessed via the URL – https://whizlabs.com.
- The web application should be scaled automatically based on demand.
- Costs need to be minimized
Which of the following would you choose as the App Service Plan for the underlying Azure Web App?
- A. Basic
- B. Standard
- C. Premium
- D. Isolated
Explanation:
Answer – B
If you look at the Microsoft documentation, Auto-scaling is possible with the Standard App Service Plan.
For the URL, the Web App needs to support Custom domains and SSL
SSL is supported with the Basic App Service Plan
And custom domains are supported with the Shared App Service Plan
Hence the common plan to support all of the features is the Standard App Service Plan.
Option A is incorrect since this does not support the Auto-scaling feature
Options C and D are incorrect since these would not minimize the costs
For more information on App Service Plans, please refer to the below link