- (Exam Topic 7)
You are deploying an Azure Kubernetes Services (AKS) cluster that will use multiple containers.
You need to create the cluster and verify that the services for the containers are configured correctly and available.
Which four commands should you use to develop the solution? To answer, move the appropriate command segments from the list of command segments to the answer area and arrange them in the correct order.
Solution:
Step 1: az group create
Create a resource group with the az group create command. An Azure resource group is a logical group in which Azure resources are deployed and managed.
Example: The following example creates a resource group named myAKSCluster in the eastus location. az group create --name myAKSCluster --location eastus
Step 2 : az aks create
Use the az aks create command to create an AKS cluster. Step 3: kubectl apply
To deploy your application, use the kubectl apply command. This command parses the manifest file and creates the defined Kubernetes objects.
Step 4: az aks get-credentials
Configure it with the credentials for the new AKS cluster. Example:
az aks get-credentials --name aks-cluster --resource-group aks-resource-group References:
https://docs.bitnami.com/azure/get-started-aks/
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 7)
Your company is developing an Azure API.
You need to implement authentication for the Azure API. You have the following requirements: 
All API calls must be secure. Callers to the API must not send credentials to the API.
Which authentication mechanism should you use?
Correct Answer:
C
Use the authentication-managed-identity policy to authenticate with a backend service using the managed identity of the API Management service. This policy essentially uses the managed identity to obtain an access token from Azure Active Directory for accessing the specified resource. After successfully obtaining the token, the policy will set the value of the token in the Authorization header using the Bearer scheme.
Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure/api-management/api-management-authentication-policies
- (Exam Topic 2)
You need to store the user agreements.
Where should you store the agreement after it is completed?
Correct Answer:
B
Azure Event Hub is used for telemetry and distributed data streaming.
This service provides a single solution that enables rapid data retrieval for real-time processing as well as repeated replay of stored raw data. It can capture the streaming data into a file for processing and analysis.
It has the following characteristics: 
low latency capable of receiving and processing millions of events per second at least once delivery
Reference:
https://docs.microsoft.com/en-us/azure/event-grid/compare-messaging-services
- (Exam Topic 7)
You must implement Application Insights instrumentation capabilities utilizing the Azure Mobile Apps SDK to provide meaningful analysis of user interactions with a mobile app.
You need to capture the data required to implement the Usage Analytics feature of Application Insights. Which three data values should you capture? Each correct answer presents part of the solution
NOTE: Each correct selection is worth one point.
Correct Answer:
ADE
Application Insights is a service for monitoring the performance and usage of your apps. This module allows you to send telemetry of various kinds (events, traces, etc.) to the Application Insights service where your data can be visualized in the Azure Portal.
Application Insights manages the ID of a session for you. References: https://github.com/microsoft/ApplicationInsights-Android
- (Exam Topic 7)
You are developing an Azure Web App. You configure TLS mutual authentication for the web app.
You need to validate the client certificate in the web app. To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Solution:
Accessing the client certificate from App Service.
If you are using ASP.NET and configure your app to use client certificate authentication, the certificate will be available through the HttpRequest.ClientCertificate property. For other application stacks, the client cert will be available in your app through a base64 encoded value in the "X-ARR-ClientCert" request header. Your application can create a certificate from this value and then use it for authentication and authorization purposes in your application.
References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth
Does this meet the goal?
Correct Answer:
A
