- (Exam Topic 6)
You have a Basic App Service plan named ASP1 that hosts an Azure App Service named App1. You need to configure a custom domain and enable backups for App1.
What should you do first?
Correct Answer:
B
Scale up ASP1 : Correct
Basic App service plan does not support backup/restore.
The Backup and Restore feature requires the App Service plan to be in the Standard, Premium or Isolated Since in question it is mentioned as a Basic service plan app so at first you need to do it to Scale up the service plan so that backup can be enabled on App1.
Scale up: Get more CPU, memory, disk space, and extra features like dedicated virtual machines (VMs), custom domains and certificates, staging slots, autoscaling, and more. You scale up by changing the pricing tier of the App Service plan that your app belongs to.
Configure a WebJob for App1 : Incorrect
WebJobs is a feature of Azure App Service that enables you to run a program or script in the same instance a a web app, API app, or mobile app. There is no additional cost to use WebJobs
Scale out ASP1 : Incorrect
Scale out: Increase the number of VM instances that run your app. You can scale out to as many as 30 instances, depending on your pricing tier.
Configure the application settings for App1 : Incorrect
This is the 2nd step you need to perform once azure service plan upgraded to standard.
Most folks don't realize how easy it is to configure a backup copy of your Azure App Service to ensure you have restorable archive copies of your app and database. In order to take advantage of this, you'll need to log into your Azure account and go to your App Service that you created and look under Settings then you will see Backup
Reference:
https://azure.microsoft.com/en-in/pricing/details/app-service/windows/ https://docs.microsoft.com/en-us/azure/app-service/manage-scale-up https://docs.microsoft.com/en-us/azure/app-service/webjobs-create https://microsoft.github.io/AzureTipsAndTricks/blog/tip28.html
- (Exam Topic 3)
You need to recommend a solution for App1. The solution must meet the technical requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Solution:
This reference architecture shows how to deploy VMs and a virtual network configured for an N-tier application, using SQL Server on Windows for the data tier.
Scenario: You have a public-facing application named App1. App1 is comprised of the following three tiers: A SQL database
A web front end
A processing middle tier
Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only.
Technical requirements include:
Move all the virtual machines for App1 to Azure.
Minimize the number of open ports between the App1 tiers.
References: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/n-tier/n-tier-sql-server
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains 100 user accounts.
You purchase 10 Azure AD Premium P2 licenses for the tenant.
You need to ensure that 10 users can use all the Azure AD Premium features. What should you do?
Correct Answer:
B
Many Azure Active Directory (Azure AD) services require you to license each of your users or groups (and associated members) for that service. Only users with active licenses will be able to access and use the licensed Azure AD services for which that's true. Licenses are applied per tenant and do not transfer to other tenants.
Not all Microsoft services are available in all locations. Before a license can be assigned to a group, you must specify the Usage location for all members. You can set this value in the Azure Active Directory > Users > Profile > Settings area in Azure AD. Any user whose usage location is not specified inherits the location of the Azure AD organization.
You can add the licensing rights to users or to an entire group. Check the reference link for the steps. References: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/license-users-groups
- (Exam Topic 6)
You plan to deploy route-based Site-to-Site VPN connections between several on-premises locations and an Azure virtual network. Which tunneling protocol should you use?
Correct Answer:
B
- (Exam Topic 6)
You have an Azure Storage account named storage1.
You have an Azure App Service app named app1 and an app named App2 that runs in an Azure container instance. Each app uses a managed identity.
You need to ensure that App1 and App2 can read blobs from storage1 for the next 30 days. What should you configure in storage1 for each app?
Solution:
With Shared access signature you can limit the resources for access and at the same time can control the duration of the access.
A shared access signature (SAS) provides secure delegated access to resources in your storage account without compromising the security of your data. With a SAS, you have granular control over how a client can access your data. You can control what resources the client may access, what permissions they have on those resources, and how long the SAS is valid, among other parameters.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
Does this meet the goal?
Correct Answer:
A