ExamGecko
Search Search Login
Home Home / Microsoft / AZ-600

Microsoft AZ-600 Practice Test - Questions Answers, Page 10

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have an Azure Stack Hub integrated system. You perform infrastructure backups twice daily. User workloads are protected by using Azure Site Recovery. The architect of the user workloads is planning a business continuity disaster recovery (BCDR) strategy. You need to recommend to the architect which resources to include in the BCDR strategy. Which two resources should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Topic 2, Northwind Traders Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided. To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study. At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section. To start the case study To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Qbutton to return to the question. Overview A company named Northwind Traders has a main office and a datacenter. All development occurs at the main office. Existing Environment Identity Environment The network contains an Active Directory forest named northwind.com. The forest and an Azure Active Directory (Azure AD) tenant named northwind.onmicrosoft.com are integrated by using Active Directory Federation Service (AD FS). All Azure subscriptions use the northwind.onmicrosoft.com Azure AD tenant. Northwind Traders uses an Enterprise Agreement (EA) subscription. All operators are global administrators in northwind.onmicrosoft.com. Azure Stack Hub Environment Northwind Traders has the following five Azure Stack Hub integrated systems: One integrated system that connects to an internet-facing network and has the following configurations: - The region name is int1. - The operators do not have access to the user subscriptions. - The integrated system is used for customer and partner applications. - The partners and customers of NorthWind Traders use guest user accounts to access various user resources. Two integrated systems that connect to a private network, are accessed only from inside the company, and have the following configurations: - The integrated systems are dedicated to research and development. - One integrated system has a region name of priv1, and the other has a region name of priv2. - The integrated systems are used for various data rendering, AI workloads, inference, and data visualization. Two integrated systems that are dedicated to application development and have the following configurations: - The integrated systems are disconnected from the Internet. The workloads in the user subscriptions have Internet access. - One integrated system has a region name of dev1, and the other has a region name of dev2. - Both regions are used only by developers at Northwind Traders. The external domain name of all the integrated systems is northwind.com. All the integrated systems have Azure App Service and the Azure Kubernetes Service (AKS) engine deployed. The computer of the operator in each region has all the prerequisite software installed for managing Azure Stack Hub. Current Problems You identify the following issues in the current environment: The priv2 region recently experienced a catastrophic failure. The developers report high chargeback costs for the dev1 region. The int1 region runs a high number of Windows virtual machines that use pay-as-you-use images. The Northwind Traders partners and customers report that use of the guest user accounts is too complex. Users in the priv1 region recently deployed NCas_v4 virtual machines for various AI workload. The users discover that the virtual machines do not use GPUs. Requirements Planned Changes Northwind Traders plans to implement the following changes: Remove all guest user accounts. Change the DNS forwarder of the priv1 region. Change the billing model and registration name of the int1 region. After the catastrophic failure, restore the priv2 region to its original state. Provide each partner with its own dedicated user subscription that will use its own dedicated Azure AD tenant. Technical Requirements Northwind Traders identifies the following technical requirements: Minimize hardware and software costs. Standardize all datacenter workloads on Azure Stack Hub. In the priv1 region, implement a disaster recovery plan for App Service. Whenever possible, implement solutions by using the minimum amount of administrative effort. In the dev2 region, update the AKS Base Ubuntu image to the latest version in Azure Stack Hub Marketplace. Whenever possible, implement solutions by using built-in tools, features, and services without acquiring additional third-party tools. For the users’ virtual machines and the associated resources in the dev1 and dev2 regions, implement a business continuity and disaster recovery plan that includes an automated failback process. If changes to the Azure Stack Hub infrastructure cause workload downtime outside of planned maintenance windows, notify all users in the region where the downtime occurred and schedule a maintenance window.
You plan to deploy an Azure Stack Hub integrate system. You need to configure network connectivity for datacenter network integration. Which two routing methods can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
You have an Azure Stack Hub integrated system that is disconnected from the internet. The integrated system has an Azure App Service resource provider. You generate a new certificate. You need to rotate the certificate of the App Service identity application to use the new certificate. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
You have an Azure Stack Hub integrated system that has the following configurations: A deployment prefix of AzS A physical prefix of AzP You need to renew the certificates for the integrated system. To which virtual machine should you establish a PowerShell session?
You need to resolve the performance issue reported by the users in the priv1 region. What should you do?
You plan to install an update to an Azure Stack Hub integrated system. You need to verify whether the integrated system is healthy, and whether you can apply the update. You must achieve the goal as quickly as possible. Solution: From the administrator management endpoint, you run Test-AzureStack –Group "UpdateReadiness". Does this meet the goal?
You plan to install an update to an Azure Stack Hub integrated system. You need to verify whether the integrated system is healthy, and whether you can apply the update. You must achieve the goal as quickly as possible. Solution: From a privileged endpoint (PEP) session, you run TesT-AzureStack -Group "Default". Does this meet the goal?
DRAG DROP You have an Azure Stack Hub integrated system. You install the Azure Gallery Packager (.azpkg) tool on a management workstation. You need to define a custom Azure Stack Hub Marketplace item that will provision a virtual machine from a base image. Which file should you configure for each requirement? To answer, drag the appropriate files to the correct requirements. Each file may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
DRAG DROP You have an Azure Stack Hub integrated system that is enabled for mufti-tenancy. The integrated system is configured as shown in the following table. You need lo onboard fabrikam.com as a guest Azure AD tenant to the integrated system. How should you complete the Power Shell script? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. A. Answer: A

Question 91

Report
Export
Collapse

HOTSPOT

You have an Azure Stack Hub integrated system that uses an Azure Active Directory (Azure AD) tenant named fabrikam.com as an identity provider. The integrated system region name is region1, and the external domain name is fabrikam.com.

The integrated system has the following domains enabled for multitenancy:

fabrikam.onmicrosoft.com contoso.onmicrosoft.com fabrikam.com contoso.com

You need to disable multitenancy for contoso.com.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 91
Correct answer: Question 91

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-enable-multitenancy?view=azs-2008

Question 92

Report
Export
Collapse

HOTSPOT

You have three Azure Stack Hub integrated systems that use the same Azure Active Directory (Azure AD) tenant named contoso.com as their identity provider. The integrated systems are deployed in Chicago, New York, and Seattle. The region name of each integrated system corresponds to the city in which the system is deployed.

When reviewing alerts in the integrated system in Chicago, you receive an alert indicating that the home directory requires an update.

From the Azurestack-tools-master/identity folder, you import the AzureStack.Identity.psm1 module.

How should you complete the command to update the home directory? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 92
Correct answer: Question 92

Explanation:

Reference:

https://github.com/Azure/AzureStack-Tools/blob/master/Identity/README.md

Question 93

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system that has 12 nodes. All the nodes run the latest firmware available from the OEM. The integrated system also has a hot spare node.

You receive an alert concerning the hardware on one of the nodes.

You need to replace the node as soon as possible. The solution must minimize disruptions to user workloads.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 93
Correct answer: Question 93

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-replace-node?view=azs-2008

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-node-actions?view=azs-2008&tabs=az1

Question 94

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system that is disconnected from the internet.

A new Microsoft update package is released.

You need to apply the update.

Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.


Question 94
Correct answer: Question 94

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-update-prepare-package?view=azs-2008

Question 95

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system that is registered to an Azure Active Directory (Azure AD) tenant named contoso.com. The integrated system region name is region1.

You need to retrieve only critical infrastructure alerts from the integrated system by using the REST API.

Which URI query should you use? To answer, drag the appropriate values to the correct locations. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Question 95
Correct answer: Question 95

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure-stack/user/azure-stack-rest-api-use?view=azs-2008

Question 96

Report
Export
Collapse

HOTSPOT

You have an Azure Stack Hub integrated system that connects to the Internet.

You attempt to download an image as shown in the Add from Azure exhibit. (Click the Add from Azure tab.)

The Marketplace item blade for [smalldisk] Windows Server 2019 Datacenter-Pay as you go is shown in the item exhibit. (Click the Item tab.)

The marketplace items are shown in the Marketplace Items exhibit. (Click the Marketplace Items tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 96
Correct answer: Question 96

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-windows-server-faq?view=azs-2102&tabs=az1%2Caz2

Question 97

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system that contains a user named User1.

You have a JSON file that contains the definition of the Reader role.

You need to create a custom role to enable User1 to manage updates for the integrated system.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 97
Correct answer: Question 97

Explanation:

Step 1: Modify the permissions section of the JSON file

Step 2: Modify the assignableScopes section of the JSON file.

Replace <SubscriptionID> with your Azure subscription ID.

Sample JSON file:

{

"Name": "Azure Stack Hub registration role",

"Id": null,

"IsCustom": true,

"Description": "Allows access to register Azure Stack Hub",

"Actions": [

"Microsoft.Resources/subscriptions/resourceGroups/write",

"Microsoft.Resources/subscriptions/resourceGroups/read",

"Microsoft.AzureStack/registrations/*",

"Microsoft.AzureStack/register/action",

"Microsoft.Authorization/roleAssignments/read",

"Microsoft.Authorization/roleAssignments/write",

"Microsoft.Authorization/roleAssignments/delete",

"Microsoft.Authorization/permissions/read",

"Microsoft.Authorization/locks/read",

"Microsoft.Authorization/locks/write"

],

"NotActions": [

],

"AssignableScopes": [

"/subscriptions/<SubscriptionID>"

]

}

Step 3: Connect to the administrator Azure Resource Manager (ARM) endpoint.

In PowerShell, connect to Azure to use Azure Resource Manager. When prompted, authenticate using an account with sufficient permissions such as Owner or User Access Administrator. Connect-AzAccount

Step 4: Run the New-AzRoleDefinition cmdlet.

To create the custom role, use New-AzRoleDefinition specifying the JSON template file.

New-AzRoleDefinition -InputFile "C:\CustomRoles\registrationrole.json

Reference: https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-registration-role

Question 98

Report
Export
Collapse

HOTSPOT

You have an Azure Stack Hub integrated system that uses an Azure Active Directory (Azure AD) tenant named contoso.com as an identity provider. You need to create a certificate file named AzSIBCCert for infrastructure backup.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 98
Correct answer: Question 98

Explanation:

Question 99

Report
Export
Collapse

HOTSPOT

You have an Azure Stack Hub Integrated system that has the following configurations:

• Deployment virtual machine (DVM) IP address: 10.30.1.253

• First host IP address: 10.30.1.193

• Last host IP address: 10.30.1.254

• Subnet mask: 255.255.255.192

• BMC network: 10.30.1.192/26

• Default gateway: 10.30.1.193

• NTP: 10.31.1.2

• DNS: 8.8.8.8

You need to deploy an Operator Access Workstation (OAW) to the Hardware Lifecycle Host (HLH) and configure the network settings for the OAW. How should you complete the script? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 99
Correct answer: Question 99

Explanation:

Box 1: .\New-OAW.ps1

Create the OAW VM using a script

The following script prepares the virtual machine as the Operator Access Workstation (OAW), which is used to access Microsoft Azure Stack Hub. Sign in to the HLH with your credentials.

Download OAW.zip and extract the files.

Open an elevated PowerShell session.

Navigate to the extracted contents of the OAW.zip file.

Run the New-OAW.ps1 script.

Example: Example: Deploy on HLH using a Microsoft Image

$oawRootPath = "D:\oawtest"

$securePassword = Read-Host -Prompt "Enter password for Azure Stack OAW's local administrator" – AsSecureString if (Get-ChildItem -Path $oawRootPath -Recurse | Get-Item -Stream Zone* -ErrorAction SilentlyContinue | Select-Object FileName) { Write-Host "Execution failed, unblock the script files first" } else { .\New-OAW.ps1 -LocalAdministratorPassword $securePassword } Syntax:

New-OAW

-LocalAdministratorPassword <Security.SecureString> `

-IPAddress <String> `

-SubnetMask <String> `

-DefaultGateway <String> `

-DNS <String[]> `

-TimeServer<String> `

[-AzureStackCertificatePath <String>] `

[-AzSStampInfoFilePath <String>] `

[-CertificatePassword <Security.SecureString>] `

[-ERCSVMIP <String[]>] `

[-ImageFilePath <String>] `

[-VirtualMachineName <String>] `

[-VirtualMachineMemory <int64>] `

[-VirtualProcessorCount <int>] `

[-VirtualMachineDiffDiskPath <String>] `

[-PhysicalAdapterMACAddress <String>] `

[-VirtualSwitchName <String>] `

[-ReCreate] `

[-AsJob] `

[-Passthru] `

[-WhatIf] `

[-Confirm] `

[<CommonParameters>]

Box 2: 10.30.1.253

Deployment virtual machine (DVM) IP address: 10.30.1.253

Note:

Parameter:

IPAddress (Required)

The static IPv4 address to configure TCP/IP on the virtual machine.

Reference: https://learn.microsoft.com/en-us/azure-stack/operator/operator-access-workstation

Question 100

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system.

You plan to enable Azure Command-Line Interface (CLI) for Azure Stack Hub users.

You create an alias template file.

You need to configure the virtual machine aliases endpoint. The solution must use the principle of least privilege. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 100
Correct answer: Question 100

Explanation:

Step 1: Create a storage account

A sample alias file with many common image aliases is available. You can use that as a starting point. Host this file in a space where your CLI clients can reach it. One way is to host the file in a blob storage account and share the URL with your users:

1. Download the sample file from GitHub.

2. Create a storage account in Azure Stack Hub (Step 1). When that's done, create a blob container. Set the access policy to "public." (Step 2)

3. Upload the JSON file to the new container (Step 3). When that's done, you can view the URL of the blob. Select the blob name and then select the URL from the blob properties. Step 2: Create a blob container and set the Public access to Blob.

Set up the VM aliases endpoint

Azure Stack Hub operators should set up a publicly accessible endpoint that hosts a VM alias file. The VM alias file is a JSON file that provides a common name for an image. You use the name when you deploy a VM as an Azure CLI parameter.

Note: When public access is allowed for a storage account, you can configure a container with the following permissions:

* Public read access for blobs only: Blobs within the container can be read by anonymous request, but container data is not available anonymously. Anonymous clients cannot enumerate the blobs within the container. * Public read access for container and its blobs: Container and blob data can be read by anonymous request, except for container permission settings and container metadat a. Clients can enumerate blobs within the container by anonymous request, but cannot enumerate containers within the storage account.

* No public read access: The container and its blobs can be accessed only with an authorized request. This option is the default for all new containers.

Step 3: To the container, upload the alias template as a JSON file.

Reference: https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-cli-admin

https://learn.microsoft.com/en-us/azure/storage/blobs/anonymous-read-access-configure

Total 179 questions
Go to page: of 18
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms