ExamGecko
Search Search Login
Home Home / Microsoft / AZ-204

Microsoft AZ-204 Practice Test - Questions Answers, Page 2

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You deploy an Azure Container Apps app and disable ingress on the container app. Users report that they are unable to access the container app. You investigate and observe that the app has scaled to 0 instances. You need to resolve the issue with the container app. Solution: Enable ingress, create a TCP scale rule, and apply the rule to the container app. Does the solution meet the goal?
You are developing a road tollway tracking application that sends tracking events by using Azure Event Hubs using premium tier. Each road must have a throttling policy uniquely assigned. You need to configure the event hub to allow for per-road throttling. What should you do?
HOTSPOT You develop an application that sells Al generated images based on user input. You recently started a marketing campaign that displays unique ads every second day. Sales data is stored in Azure Cosmos DB with the date of each sale being stored in a property named 'whenFinished'. The marketing department requires a view that shows the number of sales for each unique ad. You need to implement the query for the view. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure Web app that uses Cosmos DB as a data store. You create a CosmosDB container by running the following PowerShell script: $resourceGroupName = "testResourceGroup" $accountName = "testCosmosAccount" $databaseName = "testDatabase" $containerName = "testContainer" $partitionKeyPath = "/EmployeeId" $autoscaleMaxThroughput = 5000 New-AzCosmosDBSqlContainer -ResourceGroupName $resourceGroupName -AccountName $accountName -DatabaseName $databaseName -Name $containerName -PartitionKeyKind Hash -PartitionKeyPath $partitionKeyPath -AutoscaleMaxThroughput $autoscaleMaxThroughput You create the following queries that target the container: SELECT * FROM c WHERE c.EmployeeId > '12345' SELECT * FROM c WHERE c.UserID = '12345' For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen. You deploy an Azure Container Apps app and disable ingress on the container app. Users report that they are unable to access the container app. You investigate and observe that the app has scaled to 0 instances. You need to resolve the issue with the container app. Solution: Enable ingress and configure the minimum replicas to 1 for the container app. Does the solution meet the goal?
HOTSPOT You need to provide internal staff access to the production site after a validation. How should you complete the code segment? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear on the review screen. You are implementing an application by using Azure Event Grid to push near-real-time information to customers. You have the following requirements: * You must send events to thousands of customers that include hundreds of various event types. * The events must be filtered by event type before processing. * Authentication and authorization must be handled by using Microsoft Entra ID. * The events must be published to a single endpoint. You need to implement Azure Event Grid. Solution: Publish events to a partner topic. Create an event subscription for each customer. Does the solution meet the goal?
You need to audit the retail store sales transactions. What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
Note: This question-is part of a series of questions that present the same scenario. Each question-in the series contains a unique solution that might meet the stated goals. Some question-sets might have more than one correct solution, while others might not have a correct solution. After you answer a question-in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop Azure solutions. You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager. You need to obtain an Azure Resource Manager access token. Solution: Run the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint. Does the solution meet the goal?
You need to implement farmer authentication. Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Question 11

Report
Export
Collapse

HOTSPOT

You need to ensure that network security policies are met.

How should you configure network security? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 11
Correct answer: Question 11

Explanation:

Box 1: Valid root certificate

Scenario: All websites and services must use SSL from a valid root certificate authority.

Box 2: Azure Application Gateway

Scenario:

Any web service accessible over the Internet must be protected from cross site scripting attacks.

All Internal services must only be accessible from Internal Virtual Networks (VNets)

All parts of the system must support inbound and outbound traffic restrictions.

Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. SQL injection and cross-site scripting are among the most common attacks.

Application Gateway supports autoscaling, SSL offloading, and end-to-end SSL, a web application firewall (WAF), cookie-based session affinity, URL path-based routing, multisite hosting, redirection, rewrite HTTP headers and other features.

Note: Both Nginx and Azure Application Gateway act as a reverse proxy with Layer 7 load-balancing features plus a WAF to ensure strong protection against common web vulnerabilities and exploits.

You can modify Nginx web server configuration/SSL for X-XSS protection. This helps to prevent cross-site scripting exploits by forcing the injection of HTTP headers with X-XSS protection.

Reference:

https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview

https://www.upguard.com/articles/10-tips-for-securing-your-nginx-deployment

Question 12

Report
Export
Collapse

DRAG DROP

You need to add YAML markup at line CS17 to ensure that the ContentUploadService can access Azure Storage access keys.

How should you complete the YAML markup? To answer, drag the appropriate YAML segments to the correct locations. Each YAML segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Question 12
Correct answer: Question 12

Explanation:

Box 1: volumeMounts

Example:

volumeMounts:

- mountPath: /mnt/secrets

name: secretvolume1

volumes:

- name: secretvolume1

secret:

mysecret1: TXkgZmlyc3Qgc2VjcmV0IEZPTwo=

Box 2: volumes

Box 3: secret

Reference:

https://docs.microsoft.com/en-us/azure/container-instances/container-instances-volume-secret

Question 13

Report
Export
Collapse

HOTSPOT

You need to add code at line AM10 of the application manifest to ensure that the requirement for manually reviewing content can be met.

How should you complete the code? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 13
Correct answer: Question 13

Explanation:

Box 1: sid

Sid: Session ID, used for per-session user sign-out. Personal and Azure AD accounts.

Scenario: Manual review

To review content, the user must authenticate to the website portion of the ContentAnalysisService using their Azure AD credentials. The website is built using React and all pages and API endpoints require authentication. In order to review content a user must be part of a ContentReviewer role.

Box 2: email

Scenario: All completed reviews must include the reviewer's email address for auditing purposes.

Question 14

Report
Export
Collapse

You need to monitor ContentUploadService according to the requirements.

Which command should you use?

A.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "avg Percentage CPU > 8"
A.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "avg Percentage CPU > 8"
Answers
B.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "avg Percentage CPU > 800"
B.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "avg Percentage CPU > 800"
Answers
C.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "CPU Usage > 800"
C.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "CPU Usage > 800"
Answers
D.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "CPU Usage > 8"
D.
az monitor metrics alert create -n alert -g ... - -scopes ... - -condition "CPU Usage > 8"
Answers
Suggested answer: B

Explanation:

Scenario: An alert must be raised if the ContentUploadService uses more than 80 percent of available CPU cores

Reference:

https://docs.microsoft.com/sv-se/cli/azure/monitor/metrics/alert

Question 15

Report
Export
Collapse

You need to investigate the http server log output to resolve the issue with the ContentUploadService.

Which command should you use first?

A.
az webapp log
A.
az webapp log
Answers
B.
az ams live-output
B.
az ams live-output
Answers
C.
az monitor activity-log
C.
az monitor activity-log
Answers
D.
az container attach
D.
az container attach
Answers
Suggested answer: C

Explanation:

Scenario: Users of the ContentUploadService report that they occasionally see HTTP 502 responses on specific pages.

"502 bad gateway" and "503 service unavailable" are common errors in your app hosted in Azure App Service.

Microsoft Azure publicizes each time there is a service interruption or performance degradation.

The az monitor activity-log command manages activity logs.

Note: Troubleshooting can be divided into three distinct tasks, in sequential order:

1. Observe and monitor application behavior

2. Collect data

3. Mitigate the issue

Reference:

https://docs.microsoft.com/en-us/cli/azure/monitor/activity-log

Question 16

Report
Export
Collapse

HOTSPOT

You need to configure the integration for Azure Service Bus and Azure Event Grid.

How should you complete the CLI statement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 16
Correct answer: Question 16

Explanation:

Box 1: eventgrid

To create event subscription use: az eventgrid event-subscription create

Box 2: event-subscription

Box 3: servicebusqueue

Scenario: Azure Service Bus and Azure Event Grid

Azure Event Grid must use Azure Service Bus for queue-based load leveling.

Events in Azure Event Grid must be routed directly to Service Bus queues for use in buffering.

Events from Azure Service Bus and other Azure services must continue to be routed to Azure Event Grid for processing.

Reference:

https://docs.microsoft.com/en-us/cli/azure/eventgrid/event-subscription?view=azure-cli-latest#az_eventgrid_event_subscription_create

Question 17

Report
Export
Collapse

You need to ensure that all messages from Azure Event Grid are processed.

What should you use?

A.
Azure Event Grid topic
A.
Azure Event Grid topic
Answers
B.
Azure Service Bus topic
B.
Azure Service Bus topic
Answers
C.
Azure Service Bus queue
C.
Azure Service Bus queue
Answers
D.
Azure Storage queue
D.
Azure Storage queue
Answers
E.
Azure Logic App custom connector
E.
Azure Logic App custom connector
Answers
Suggested answer: C

Explanation:

As a solution architect/developer, you should consider using Service Bus queues when:

Your solution needs to receive messages without having to poll the queue. With Service Bus, you can achieve it by using a long-polling receive operation using the TCP-based protocols that Service Bus supports.

Reference:

https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-bus-queues-compared-contrasted

Question 18

Report
Export
Collapse

You need to correct the RequestUserApproval Function app error.

What should you do?

A.
Update line RA13 to use the async keyword and return an HttpRequest object value.
A.
Update line RA13 to use the async keyword and return an HttpRequest object value.
Answers
B.
Configure the Function app to use an App Service hosting plan. Enable the Always On setting of the hosting plan.
B.
Configure the Function app to use an App Service hosting plan. Enable the Always On setting of the hosting plan.
Answers
C.
Update the function to be stateful by using Durable Functions to process the request payload.
C.
Update the function to be stateful by using Durable Functions to process the request payload.
Answers
D.
Update the functionTimeout property of the host.json project file to 15 minutes.
D.
Update the functionTimeout property of the host.json project file to 15 minutes.
Answers
Suggested answer: C

Explanation:

Async operation tracking

The HTTP response mentioned previously is designed to help implement long-running HTTP async APIs with Durable Functions. This pattern is sometimes referred to as the polling consumer pattern.

Both the client and server implementations of this pattern are built into the Durable Functions HTTP APIs.

Function app

You perform local testing for the RequestUserApproval function. The following error message displays:

'Timeout value of 00:10:00 exceeded by function: RequestUserApproval'

The same error message displays when you test the function in an Azure development environment when you run the following Kusto query:

FunctionAppLogs

| where FunctionName = = "RequestUserApproval"

References:

https://docs.microsoft.com/en-us/azure/azure-functions/durable/durable-functions-http-features

Question 19

Report
Export
Collapse

HOTSPOT

You need to configure the Account Kind, Replication, and Storage tier options for the corporate website's Azure Storage account.

How should you complete the configuration? To answer, select the appropriate options in the dialog box in the answer area.

NOTE: Each correct selection is worth one point.


Question 19
Correct answer: Question 19

Explanation:

Account Kind: StorageV2 (general-purpose v2)

Scenario: Azure Storage blob will be used (refer to the exhibit). Data storage costs must be minimized.

General-purpose v2 accounts: Basic storage account type for blobs, files, queues, and tables. Recommended for most scenarios using Azure Storage.

Incorrect Answers:

BlockBlobStorage accounts: Storage accounts with premium performance characteristics for block blobs and append blobs. Recommended for scenarios with high transactions rates, or scenarios that use smaller objects or require consistently low storage latency.

General-purpose v1 accounts: Legacy account type for blobs, files, queues, and tables. Use general-purpose v2 accounts instead when possible.

Replication: Geo-redundant Storage

Scenario: Data must be replicated to a secondary region and three availability zones.

Geo-redundant storage (GRS) copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in the secondary region.

Incorrect Answers:

Geo-zone-redundant storage (GZRS), but it would be more costly.

Storage tier: Cool

Data storage costs must be minimized.

Note: Azure storage offers different access tiers, which allow you to store blob object data in the most cost-effective manner. The available access tiers include:

Hot - Optimized for storing data that is accessed frequently.

Cool - Optimized for storing data that is infrequently accessed and stored for at least 30 days.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview

https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers?tabs=azure-portal

Question 20

Report
Export
Collapse

You need to secure the Shipping Logic App.

What should you use?

A.
Azure App Service Environment (ASE)
A.
Azure App Service Environment (ASE)
Answers
B.
Integration Service Environment (ISE)
B.
Integration Service Environment (ISE)
Answers
C.
VNet service endpoint
C.
VNet service endpoint
Answers
D.
Azure AD B2B integration
D.
Azure AD B2B integration
Answers
Suggested answer: B

Explanation:

Scenario: The Shipping Logic App requires secure resources to the corporate VNet and use dedicated storage resources with a fixed costing model.

You can access to Azure Virtual Network resources from Azure Logic Apps by using integration service environments (ISEs).

Sometimes, your logic apps and integration accounts need access to secured resources, such as virtual machines (VMs) and other systems or services, that are inside an Azure virtual network. To set up this access, you can create an integration service environment (ISE) where you can run your logic apps and create your integration accounts.

Reference: https://docs.microsoft.com/en-us/azure/logic-apps/connect-virtual-network-vnet-isolated-environment-overview

Total 345 questions
Go to page: of 35
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms