ExamGecko
Search Search Login
Home Home / Microsoft / AZ-600

Microsoft AZ-600 Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have an Azure Stack Hub integrated system. You perform infrastructure backups twice daily. User workloads are protected by using Azure Site Recovery. The architect of the user workloads is planning a business continuity disaster recovery (BCDR) strategy. You need to recommend to the architect which resources to include in the BCDR strategy. Which two resources should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Topic 2, Northwind Traders Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided. To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study. At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section. To start the case study To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Qbutton to return to the question. Overview A company named Northwind Traders has a main office and a datacenter. All development occurs at the main office. Existing Environment Identity Environment The network contains an Active Directory forest named northwind.com. The forest and an Azure Active Directory (Azure AD) tenant named northwind.onmicrosoft.com are integrated by using Active Directory Federation Service (AD FS). All Azure subscriptions use the northwind.onmicrosoft.com Azure AD tenant. Northwind Traders uses an Enterprise Agreement (EA) subscription. All operators are global administrators in northwind.onmicrosoft.com. Azure Stack Hub Environment Northwind Traders has the following five Azure Stack Hub integrated systems: One integrated system that connects to an internet-facing network and has the following configurations: - The region name is int1. - The operators do not have access to the user subscriptions. - The integrated system is used for customer and partner applications. - The partners and customers of NorthWind Traders use guest user accounts to access various user resources. Two integrated systems that connect to a private network, are accessed only from inside the company, and have the following configurations: - The integrated systems are dedicated to research and development. - One integrated system has a region name of priv1, and the other has a region name of priv2. - The integrated systems are used for various data rendering, AI workloads, inference, and data visualization. Two integrated systems that are dedicated to application development and have the following configurations: - The integrated systems are disconnected from the Internet. The workloads in the user subscriptions have Internet access. - One integrated system has a region name of dev1, and the other has a region name of dev2. - Both regions are used only by developers at Northwind Traders. The external domain name of all the integrated systems is northwind.com. All the integrated systems have Azure App Service and the Azure Kubernetes Service (AKS) engine deployed. The computer of the operator in each region has all the prerequisite software installed for managing Azure Stack Hub. Current Problems You identify the following issues in the current environment: The priv2 region recently experienced a catastrophic failure. The developers report high chargeback costs for the dev1 region. The int1 region runs a high number of Windows virtual machines that use pay-as-you-use images. The Northwind Traders partners and customers report that use of the guest user accounts is too complex. Users in the priv1 region recently deployed NCas_v4 virtual machines for various AI workload. The users discover that the virtual machines do not use GPUs. Requirements Planned Changes Northwind Traders plans to implement the following changes: Remove all guest user accounts. Change the DNS forwarder of the priv1 region. Change the billing model and registration name of the int1 region. After the catastrophic failure, restore the priv2 region to its original state. Provide each partner with its own dedicated user subscription that will use its own dedicated Azure AD tenant. Technical Requirements Northwind Traders identifies the following technical requirements: Minimize hardware and software costs. Standardize all datacenter workloads on Azure Stack Hub. In the priv1 region, implement a disaster recovery plan for App Service. Whenever possible, implement solutions by using the minimum amount of administrative effort. In the dev2 region, update the AKS Base Ubuntu image to the latest version in Azure Stack Hub Marketplace. Whenever possible, implement solutions by using built-in tools, features, and services without acquiring additional third-party tools. For the users’ virtual machines and the associated resources in the dev1 and dev2 regions, implement a business continuity and disaster recovery plan that includes an automated failback process. If changes to the Azure Stack Hub infrastructure cause workload downtime outside of planned maintenance windows, notify all users in the region where the downtime occurred and schedule a maintenance window.
You plan to deploy an Azure Stack Hub integrate system. You need to configure network connectivity for datacenter network integration. Which two routing methods can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
You have an Azure Stack Hub integrated system that is disconnected from the internet. The integrated system has an Azure App Service resource provider. You generate a new certificate. You need to rotate the certificate of the App Service identity application to use the new certificate. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
You have an Azure Stack Hub integrated system that has the following configurations: A deployment prefix of AzS A physical prefix of AzP You need to renew the certificates for the integrated system. To which virtual machine should you establish a PowerShell session?
You need to resolve the performance issue reported by the users in the priv1 region. What should you do?
You plan to install an update to an Azure Stack Hub integrated system. You need to verify whether the integrated system is healthy, and whether you can apply the update. You must achieve the goal as quickly as possible. Solution: From the administrator management endpoint, you run Test-AzureStack –Group "UpdateReadiness". Does this meet the goal?
You plan to install an update to an Azure Stack Hub integrated system. You need to verify whether the integrated system is healthy, and whether you can apply the update. You must achieve the goal as quickly as possible. Solution: From a privileged endpoint (PEP) session, you run TesT-AzureStack -Group "Default". Does this meet the goal?
DRAG DROP You have an Azure Stack Hub integrated system. You install the Azure Gallery Packager (.azpkg) tool on a management workstation. You need to define a custom Azure Stack Hub Marketplace item that will provision a virtual machine from a base image. Which file should you configure for each requirement? To answer, drag the appropriate files to the correct requirements. Each file may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
DRAG DROP You have an Azure Stack Hub integrated system that is enabled for mufti-tenancy. The integrated system is configured as shown in the following table. You need lo onboard fabrikam.com as a guest Azure AD tenant to the integrated system. How should you complete the Power Shell script? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. A. Answer: A

Question 101

Report
Export
Collapse

HOTSPOT

You have a connected Azure Stack Hub integrated system that uses Active Directory Federation Services (AD FS) as the identity provider. You open a PowerShell session and store the GUID of an Azure subscription in a variable named $SubscriptionlD. You need to validate the AD FS integration.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 101
Correct answer: Question 101

Explanation:

Box 1: Connect-AzAccount

Steps to validate the Azure registration

1. Open an elevated PowerShell prompt, and then run the following command to install AzsReadinessChecker:

Install-Module -Name Az.BootStrapper -Force -AllowPrerelease

Install-AzProfile -Profile 2020-09-01-hybrid -Force

Install-Module -Name Microsoft.AzureStack.ReadinessChecker

2. From the PowerShell prompt, run the following command to set $subscriptionID as the Azure subscription to use. Replace xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx with your own subscription ID:

$subscriptionID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

3. From the PowerShell prompt, run the following command:

Connect-AzAccount -subscription $subscriptionID

4. From the PowerShell prompt, run the following command to start validation of your subscription.

Provide your Azure AD administrator and your Azure AD tenant name:

Invoke-AzsRegistrationValidation -RegistrationSubscriptionID $subscriptionID Box 2: Microsoft.AzureStack.ReadinessChecker Validate AD FS integration 1. On a computer that meets the prerequisites, open an administrative PowerShell prompt and then run the following command to install AzsReadinessChecker:

Install-Module Microsoft.AzureStack.ReadinessChecker -Force -AllowPrerelease 2. From the PowerShell prompt, run the following command to start validation. Specify the value for -CustomADFSFederationMetadataEndpointUri as the URI for the federation metadata.

Invoke-AzsADFSValidation -CustomADFSFederationMetadataEndpointUri https://adfs.cont

Reference:

https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-validate-registration

https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-validate-adfs

Question 102

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system that contains a user named User1.

User1 creates a new virtual machine named VM01.

You need to grant User1 console access to VM01.

Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 102
Correct answer: Question 102

Question 103

Report
Export
Collapse

DRAG DROP

You have two Azure subscriptions named sub1 and sub2. The subscriptions are linked to an Azure AD tenant named contoso.com. You deploy on Azure Stack Hub integrated system and register the system with sub1.

You open a new PowerShell session and connect to sub1.

You need to register the Azure Stack Hub integrated system with sub2.

Which three PowerShell cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.


Question 103
Correct answer: Question 103

Question 104

Report
Export
Collapse

HOTSPOT

You have a connected Azure Stack Hub integrated system.

You perform the following tasks:

• On a server named SERVER1. you create a file share named AzSHLogs.

• You create a PowerShell remoting session to the privileged endpoint (PEP) of the integrated system. • In a variable named $Session, you store a reference to the session.

• In a variable named $AdHinCredentials. you store a reference to the credentials required to write to AzSHLogs. You need to collect the Hyper-V event logs for all the cluster hosts and copy the logs to the AzSHLogs share. How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.


Question 104
Correct answer: Question 104

Explanation:

Box 1: $using:AdminCredentials

Box 2: Storage

Send Azure Stack Hub diagnostic logs by using the privileged endpoint (PEP)

To run Get-AzureStackLog on an integrated system, you need to have access to the privileged endpoint (PEP). Here's an example script you can run using the PEP to collect logs. $ipAddress = "<IP ADDRESS OF THE PEP VM>" # You can also use the machine name instead of IP here. $password = ConvertTo-SecureString "<CLOUD ADMIN PASSWORD>" -AsPlainText –Force

$cred = New-Object -TypeName System.Management.Automation.PSCredential ("<DOMAIN NAME>\CloudAdmin", $password) $shareCred = Get-Credential

$session = New-PSSession -ComputerName $ipAddress -ConfigurationName PrivilegedEndpoint - Credential $cred -SessionOption (New-PSSessionOption -Culture en-US -UICulture en-US) $fromDate = (Get-Date).AddHours(-8)

$toDate = (Get-Date).AddHours(-2) # Provide the time that includes the period for your issue

Invoke-Command -Session $session { Get-AzureStackLog -OutputSharePath "<EXTERNAL SHARE ADDRESS>" -OutputShareCredential $using:shareCred -FilterByRole Storage -FromDate $using:fromDate -ToDate $using:toDate} if ($session) {

Remove-PSSession -Session $session

}

Reference:

https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-get-azurestacklog

Question 105

Report
Export
Collapse

HOTSPOT

You have an Azure Stack Hub Integrated system.

Outbound traffic from the Azure Stack Hub integrated system is controlled by a third-party firewall. You need to implement the Infrastructure Backup Service.

Which storage location should you use for the backup, and which network port is required to perform the backup? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 105
Correct answer: Question 105

Question 106

Report
Export
Collapse

HOTSPOT

You plan to deploy a disconnected Azure Stack Hub integrated system.

You need to identify which type of certificate to use for the deployment and the file format for the certificate. The solution must meet the following requirements:

• Minimize administrative effort.

• Maximize security.

What should identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 106
Correct answer: Question 106

Explanation:

Azure Stack Hub public key infrastructure (PKI) certificate requirements Azure Stack Hub has a public infrastructure network using externally accessible public IP addresses assigned to a small set of Azure Stack Hub services and possibly tenant VMs. PKI certificates with the appropriate DNS names for these Azure Stack Hub public infrastructure endpoints are required during Azure Stack Hub deployment. Box 1: A certificate from an internal certification authority (CA)

Your Azure Stack Hub infrastructure must have network access to the certificate authority's Certificate Revocation List (CRL) location published in the certificate. This CRL must be an http endpoint. Note: for disconnected deployments, certificates issued by a public certificate authority (CA) are not supported, if the CRL endpoint is not accessible. Features that are impaired or unavailable in disconnected deployments Azure Stack Hub was designed to work best when connected to Azure, so it's important to note that there are some features and functionality that are either impaired or completely unavailable in the disconnected mode.

Private/internal Certificate Authority (CA)

No impact - In cases where the deployment uses certificates issued by a private CA, such as an internal CA within an organization, only internal network access to the CRL endpoint is required. Internet connectivity is not required, but you should verify that your Azure Stack Hub infrastructure has the required network access to contact the CRL endpoint defined in the certificates CDP extension. Box 2: PFX

The certificate format must be PFX, as both the public and private keys are required for Azure Stack Hub installation. The private key must have the local machine key attribute set.

Reference:

https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-disconnected-deployment

https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-pki-certs

Question 107

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system that is enabled for mufti-tenancy. The integrated system is configured as shown in the following table.

You need lo onboard fabrikam.com as a guest Azure AD tenant to the integrated system.

How should you complete the Power Shell script? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

A.

Answer: A

Question 107
Correct answer: Question 107

Question 108

Report
Export
Collapse

DRAG DROP

You have an Azure Stack Hub integrated system that contains 20 subscriptions. The subscriptions use custom storage and compute quotas. You need to delete the custom quotas.

Which three Azure Stack Hub objects should you delete in sequence before you can delete the quotas? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 108
Correct answer: Question 108

Explanation:

Step 1: user subscriptions

If you want to delete a quota, you must work back through any plans and offers that use that quot a. Starting with the offers, ensure they have no subscriptions, delete each offer, then delete the plans that use the quota, and so on. Step 2: offers

Deleting an offer is only possible if there are no subscriptions that belong to that offer.

Step 3: plans

You can't delete a quota if there are any current plans that use it. You must first delete the plan that references the quota.

Reference:

https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-delete-offer

Question 109

Report
Export
Collapse

HOTSPOT

You deploy an App Service resource provider to an Azure Stack Hub integrated system.

You need to create an offer to deploy an Azure Functions app by using the resource provider.

Which resource provider should you specify in the offer, and which type of subscription should you use to test the functionality of the offer? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 109
Correct answer: Question 109

Explanation:

Box 1: Microsoft.Web

Resource providers for Azure services

Match resource provider to service (Resource provider namespace, Azure service) * Microsoft.Web App Service Azure Functions Box 2: Default Provider Subscription In Azure Stack Hub Subscriptions, select the Default Provider Subscription. Azure App Service on Azure Stack Hub must be deployed in the Default Provider Subscription.

Reference:

https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-servicesresource-providers#match-resource-provider-to-service https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-app-service-deploy

Question 110

Report
Export
Collapse

HOTSPOT

You have a disconnected Azure Stack Hub integrated system that will be used in production.

You need to obtain a token to register the integrated system.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.


Question 110
Correct answer: Question 110

Explanation:

Box 1: $false

Get-AzsRegistrationToken generates a registration token from the input parameters.

Parameter: UsageReportingEnabled True/False

Azure Stack Hub reports usage metrics by default. Operators with capacity uses or supporting a disconnected environment need to turn off usage reporting. Allowed values for this parameter are:

True, False.

Box 2: Capacity

BillingModel String

The billing model that your subscription uses. Allowed values for this parameter are: Capacity, PayAsYouUse, and Development. With a disconnected deployment, you're limited to an Active Directory Federation Services (AD FS) identity store and the capacity-based billing model.

Reference: https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-registration

https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-disconnected-deployment

Total 179 questions
Go to page: of 18
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms