- (Exam Topic 5)
You plan to deploy an app that will use an Azure Storage account.
You need to deploy the storage account. The solution must meet the following requirements:
• Store the data of multiple users.
• Encrypt each user's data by using a separate key.
• Encrypt all the data in the storage account by using Microsoft keys or customer-managed keys. What should you deploy?
Correct Answer:
B
- (Exam Topic 3)
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Solution:
Graphical user interface, application Description automatically generated
Box 1: Azure Files
Scenario: App2 has the following file storage requirements: 
Save files to an Azure Storage account. Replicate files to an on-premises location. Ensure that on-premises clients can read the files over the LAN by using the SMB protocol.
Box 2: Azure File Sync
Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share. You can use any protocol that's available on Windows Server to access your data locally, including SMB, NFS, and FTPS. You can have as many caches as you need across the world.
Reference:
https://docs.microsoft.com/en-us/azure/storage/file-sync/file-sync-deployment-guide
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource deployment in your subscription. What should you include in the recommendation?
Correct Answer:
A
Activity logs are kept for 90 days. You can query for any range of dates, as long as the starting date isn't more than 90 days in the past.
Through activity logs, you can determine:
what operations were taken on the resources in your subscription who started the operation when the operation occurred the status of the operation the values of other properties that might help you research the operation Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/view-activity-logs https://docs.microsoft.com/en-us/azure/automation/change-tracking
- (Exam Topic 5)
You have an Azure web app named App1 and an Azure key vault named KV1. App1 stores database connection strings in KV1.
App1 performs the following types of requests to KV1: 
Get
List Wrap Delete Unwrap Backup Decrypt Encrypt
You are evaluating the continuity of service for App1.
You need to identify the following if the Azure region that hosts KV1 becomes unavailable: To where will KV1 fail over? During the failover, which request type will be unavailable?
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Solution:
Table Description automatically generated
Box 1: A server in the same paired region
The contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets.
Box 2: Delete
During failover, your key vault is in read-only mode. Requests that are supported in this mode are: List certificates Get certificates List secrets Get secrets List keys Get (properties of) keys Encrypt Decrypt Wrap Unwrap Verify Sign Backup
Reference:
https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidance
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
You have an on-premises network that uses on IP address space of 172.16.0.0/16 You plan to deploy 25 virtual machines to a new azure subscription.
You identity the following technical requirements. All Azure virtual machines must be placed on the same subnet subnet1. All the Azure virtual machines must be able to communicate with all on premises severs. The servers must be able to communicate between the on-premises network and Azure by using a site to site VPN.
You need to recommend a subnet design that meets the technical requirements.
What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnet. Each network address may be used once, more than once or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Solution:
Graphical user interface, application Description automatically generated
Does this meet the goal?
Correct Answer:
A
