ExamGecko
Search Search Login
Home Home / Microsoft / AZ-600

Microsoft AZ-600 Practice Test - Questions Answers, Page 6

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have an Azure Stack Hub integrated system. You perform infrastructure backups twice daily. User workloads are protected by using Azure Site Recovery. The architect of the user workloads is planning a business continuity disaster recovery (BCDR) strategy. You need to recommend to the architect which resources to include in the BCDR strategy. Which two resources should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Topic 2, Northwind Traders Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided. To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study. At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section. To start the case study To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Qbutton to return to the question. Overview A company named Northwind Traders has a main office and a datacenter. All development occurs at the main office. Existing Environment Identity Environment The network contains an Active Directory forest named northwind.com. The forest and an Azure Active Directory (Azure AD) tenant named northwind.onmicrosoft.com are integrated by using Active Directory Federation Service (AD FS). All Azure subscriptions use the northwind.onmicrosoft.com Azure AD tenant. Northwind Traders uses an Enterprise Agreement (EA) subscription. All operators are global administrators in northwind.onmicrosoft.com. Azure Stack Hub Environment Northwind Traders has the following five Azure Stack Hub integrated systems: One integrated system that connects to an internet-facing network and has the following configurations: - The region name is int1. - The operators do not have access to the user subscriptions. - The integrated system is used for customer and partner applications. - The partners and customers of NorthWind Traders use guest user accounts to access various user resources. Two integrated systems that connect to a private network, are accessed only from inside the company, and have the following configurations: - The integrated systems are dedicated to research and development. - One integrated system has a region name of priv1, and the other has a region name of priv2. - The integrated systems are used for various data rendering, AI workloads, inference, and data visualization. Two integrated systems that are dedicated to application development and have the following configurations: - The integrated systems are disconnected from the Internet. The workloads in the user subscriptions have Internet access. - One integrated system has a region name of dev1, and the other has a region name of dev2. - Both regions are used only by developers at Northwind Traders. The external domain name of all the integrated systems is northwind.com. All the integrated systems have Azure App Service and the Azure Kubernetes Service (AKS) engine deployed. The computer of the operator in each region has all the prerequisite software installed for managing Azure Stack Hub. Current Problems You identify the following issues in the current environment: The priv2 region recently experienced a catastrophic failure. The developers report high chargeback costs for the dev1 region. The int1 region runs a high number of Windows virtual machines that use pay-as-you-use images. The Northwind Traders partners and customers report that use of the guest user accounts is too complex. Users in the priv1 region recently deployed NCas_v4 virtual machines for various AI workload. The users discover that the virtual machines do not use GPUs. Requirements Planned Changes Northwind Traders plans to implement the following changes: Remove all guest user accounts. Change the DNS forwarder of the priv1 region. Change the billing model and registration name of the int1 region. After the catastrophic failure, restore the priv2 region to its original state. Provide each partner with its own dedicated user subscription that will use its own dedicated Azure AD tenant. Technical Requirements Northwind Traders identifies the following technical requirements: Minimize hardware and software costs. Standardize all datacenter workloads on Azure Stack Hub. In the priv1 region, implement a disaster recovery plan for App Service. Whenever possible, implement solutions by using the minimum amount of administrative effort. In the dev2 region, update the AKS Base Ubuntu image to the latest version in Azure Stack Hub Marketplace. Whenever possible, implement solutions by using built-in tools, features, and services without acquiring additional third-party tools. For the users’ virtual machines and the associated resources in the dev1 and dev2 regions, implement a business continuity and disaster recovery plan that includes an automated failback process. If changes to the Azure Stack Hub infrastructure cause workload downtime outside of planned maintenance windows, notify all users in the region where the downtime occurred and schedule a maintenance window.
You plan to deploy an Azure Stack Hub integrate system. You need to configure network connectivity for datacenter network integration. Which two routing methods can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
You have an Azure Stack Hub integrated system that is disconnected from the internet. The integrated system has an Azure App Service resource provider. You generate a new certificate. You need to rotate the certificate of the App Service identity application to use the new certificate. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
You have an Azure Stack Hub integrated system that has the following configurations: A deployment prefix of AzS A physical prefix of AzP You need to renew the certificates for the integrated system. To which virtual machine should you establish a PowerShell session?
You need to resolve the performance issue reported by the users in the priv1 region. What should you do?
You plan to install an update to an Azure Stack Hub integrated system. You need to verify whether the integrated system is healthy, and whether you can apply the update. You must achieve the goal as quickly as possible. Solution: From the administrator management endpoint, you run Test-AzureStack –Group "UpdateReadiness". Does this meet the goal?
You plan to install an update to an Azure Stack Hub integrated system. You need to verify whether the integrated system is healthy, and whether you can apply the update. You must achieve the goal as quickly as possible. Solution: From a privileged endpoint (PEP) session, you run TesT-AzureStack -Group "Default". Does this meet the goal?
DRAG DROP You have an Azure Stack Hub integrated system. You install the Azure Gallery Packager (.azpkg) tool on a management workstation. You need to define a custom Azure Stack Hub Marketplace item that will provision a virtual machine from a base image. Which file should you configure for each requirement? To answer, drag the appropriate files to the correct requirements. Each file may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
DRAG DROP You have an Azure Stack Hub integrated system that is enabled for mufti-tenancy. The integrated system is configured as shown in the following table. You need lo onboard fabrikam.com as a guest Azure AD tenant to the integrated system. How should you complete the Power Shell script? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. A. Answer: A

Question 51

Report
Export
Collapse

You have an Azure Stack Hub integrated system.

You plan to deploy an Event Hubs resource provider that has the following requirements:

• Provides a 1 CU Azure Event Hubs cluster that requires a duster of 5x D11_V2 virtual machines

• Scales linearly as additional CUs are deployed

At a minimum, which other management resources are required for the Event Hubs resource provider?

A.
a cluster of ix D2_V2 virtual machines for management that does not scale as Event Hubs clusters are added
A.
a cluster of ix D2_V2 virtual machines for management that does not scale as Event Hubs clusters are added
Answers
B.
a 1x D2_V2 virtual machine for management that scales linearly to a maximum of 10 nodes as Event Hubs clusters are added
B.
a 1x D2_V2 virtual machine for management that scales linearly to a maximum of 10 nodes as Event Hubs clusters are added
Answers
C.
a 1x D2_V2 virtual machine for management that does not scale as Event Hubs clusters are added
C.
a 1x D2_V2 virtual machine for management that does not scale as Event Hubs clusters are added
Answers
D.
a cluster of 3x D2_V2 virtual machines for management that scales linearly to a maximum of 10 as Event Hubs clusters are added
D.
a cluster of 3x D2_V2 virtual machines for management that scales linearly to a maximum of 10 as Event Hubs clusters are added
Answers
Suggested answer: C

Explanation:

Resource provider resource consumption

The resource consumption by the Event Hubs resource provider is constant, and independent of the number or sizes of clusters created by users. The following table shows the core utilization by the Event Hubs resource provider on Azure Stack Hub, and the approximate resource consumption by other resources. The Event Hubs resource provider uses a D2_V2 VM type for its deployment.

Note: Cluster resource consumption

Your users will need to create Event Hubs clusters with CUs that meet their business requirements.

To inform your decision on quota configuration, the following table shows:

The total cores used by a 1 CU Event Hubs cluster.

The approximate capacity required for consumption of other resources, including VM storage, memory, and storage accounts.

Reference: https://learn.microsoft.com/en-us/azure-stack/operator/event-hubs-rp-capacity-planning

Question 52

Report
Export
Collapse

You plan to publish a custom Azure Stack Hub Marketplace image.

You need to define the name of the image, the name of the offer, and the name of the tenant that tenants will see when they deploy the image. Which JSON file should you modify?

A.
Manifest json
A.
Manifest json
Answers
B.
Default Template json
B.
Default Template json
Answers
C.
UIDefinitionjson
C.
UIDefinitionjson
Answers
D.
Createduidefinition.json
D.
Createduidefinition.json
Answers
Suggested answer: A

Explanation:

Note: Create a Marketplace item

To create a custom marketplace item, do the following:

1. Download the Azure Gallery Packager tool

2. Create an Azure Resource Manager template or use our sample templates for Windows/Linux.

These sample templates are provided in the packager tool .zip file you downloaded in step 1.

3. Replace the following highlighted values (those with numbers) in the Manifest.json template with the value that you provided when uploading your custom image.

4. Replace the following highlighted values (those with numbers) in the Manifest.json template with the value that you provided when uploading your custom image.

5. Replace the following highlighted values (those with numbers) in the Manifest.json template with the value that you provided when uploading your custom image. The following template is a sample of the Manifest.json file:

{

"$schema": "https://gallery.azure.com/schemas/2015-10-01/manifest.json#",

"name": "Test", (1)

"publisher": "<Publisher name>", (2)

"version": "<Version number>", (3)

"displayName": "ms-resource:displayName", (4)

"publisherDisplayName": "ms-resource:publisherDisplayName", (5)

"publisherLegalName": "ms-resource:publisherDisplayName", (6)

"summary": "ms-resource:summary",

"longSummary": "ms-resource:longSummary",

"description": "ms-resource:description",

"longDescription": "ms-resource:description",

"links": [

{ "displayName": "ms-resource:documentationLink", "uri":

"http://go.microsoft.com/fwlink/?LinkId=532898" }

],

"artifacts": [

{

"isDefault": true

}

],

"images": [{

"context": "ibiza",

"items": [{

"id": "small",

"path": "icons\\Small.png", (7)

"type": "icon"

},

{

"id": "medium",

"path": "icons\\Medium.png",

"type": "icon"

},

{

"id": "large",

"path": "icons\\Large.png",

"type": "icon"

},

{

"id": "wide",

"path": "icons\\Wide.png",

"type": "icon"

}]

}]

}

The following list explains the preceding numbered values in the example template:

(1) - The name of the offer.

(2) - The name of the publisher, without a space.

(3) - The version of your template, without a space.

(4) - The name that customers see.

(5) - The publisher name that customers see.

(6) - The publisher legal name.

(7) - The path and name for each icon.

Reference: https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-create-and-publishmarketplace-item

Question 53

Report
Export
Collapse

You have an Azure Stack Hub integrated system.

The security department at your company wants a list of all the users who can manage the integrated system from the privileged endpoint (PEP). You need to create the list.

Solution: From a privileged endpoint (PEP) session, you run the Get-CloudAdMinUserList cmcHet.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Question 54

Report
Export
Collapse

You have an Azure Stack Hub integrated system that connects to the internet.

You need to update the Azure Event Hubs service.

Solution: From the Updates blade of the administrator portal, you trigger the installation of the latest update listed in the Resource provider section. Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Instead: Solution: From a privileged endpoint (PEP) session, you run the Install-AzsUpdate cmdlet.

You can use the Azure Stack Hub administrative endpoints to monitor and manage your updates.

They're accessible with PowerShell. For instructions on getting set up with PowerShell on Azure Stack Hub. You can use the following PowerShell cmdlet to manage your updates:

* Install-AzsUpdate

Apply a specific update at an update location.

Reference:

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-update-monitor?view=azs-2008

Question 55

Report
Export
Collapse

You have a disconnected Azure Stack Hub integrated system.

You plan to implement an app named App1.

You need to create a new service principal for App1. The solution must maximize security.

What should you do first?

A.
Create an app registration in Azure AD.
A.
Create an app registration in Azure AD.
Answers
B.
Create a group managed service account (gMSA)
B.
Create a group managed service account (gMSA)
Answers
C.
Generate an Azure Key Vault secret.
C.
Generate an Azure Key Vault secret.
Answers
D.
Generate an X.509 certificate.
D.
Generate an X.509 certificate.
Answers
Suggested answer: D

Explanation:

You start by creating a new app registration in your directory, which creates an associated service principal object to represent the app's identity within the directory. Your choice of either Azure AD or AD FS is determined by the mode in which you deploy Azure Stack Hub:

When you deploy it in a connected mode, you can use either Azure AD or AD FS.

When you deploy it in a disconnected mode, without a connection to the internet, only AD FS is supported. Manage an AD FS app

If you deployed Azure Stack Hub with AD FS as your identity management service, you must use PowerShell to manage your app's identity. The following examples demonstrate both an X509 certificate and a client secret credential. Once you have a certificate, use a PowerShell script to register your app and sign in using the app's identity.

Reference:

https://learn.microsoft.com/en-us/azure-stack/operator/give-app-access-to-resources

Question 56

Report
Export
Collapse

You have a disconnected Azure Stack Hub integrated system that contains a user named User1.

You need to ensure that User1 can assign role-based access control (RBAC) roles in Azure Stack Hub. The solution must use the principle of least privilege.

Which Azure Stack Hub built-in role should you assign to User1?

A.
Owner
A.
Owner
Answers
B.
User Access Administrator
B.
User Access Administrator
Answers
C.
Security Admin
C.
Security Admin
Answers
D.
Managed Identity Contributor
D.
Managed Identity Contributor
Answers
Suggested answer: B

Explanation:

User Access Administrator

Lets you manage user access to Azure resources.

*/read Read resources of all types, except secrets.

Microsoft.Authorization/* Manage authorization

Microsoft.Support/* Create and update a support ticket

Reference:

https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

Question 57

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Stack Hub integrated system that connects to the Internet.

You need to update the Azure Event Hubs service.

Solution: From the Updates blade of the administrator portal, you trigger the installation of the latest update listed in the Infrastructure section. Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Instead: Solution: From a privileged endpoint (PEP) session, you run the Install-AzsUpdate cmdlet.

You can use the Azure Stack Hub administrative endpoints to monitor and manage your updates.

They're accessible with PowerShell. For instructions on getting set up with PowerShell on Azure Stack Hub. You can use the following PowerShell cmdlet to manage your updates:

* Install-AzsUpdate

Apply a specific update at an update location.

Reference:

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-update-monitor?view=azs-2008

Question 58

Report
Export
Collapse

You have an Azure Stack Hub integrated system linked to an Azure AD tenant.

You need to back up virtual machines in user subscriptions. The solution must meet the following requirements:

Back up running virtual machines.

Maximize resiliency.

What should you use?

A.
Azure Backup Server
A.
Azure Backup Server
Answers
B.
disk snapshots
B.
disk snapshots
Answers
C.
Infrastructure Backup Service
C.
Infrastructure Backup Service
Answers
D.
Microsoft System Center Data Protection Manager (DPM)
D.
Microsoft System Center Data Protection Manager (DPM)
Answers
Suggested answer: A

Explanation:

Backup-restore

Backing up your applications and datasets enables you to quickly recover from downtime due to data corruption, accidental deletions, or disasters. For IaaS VM-based applications you can use an in-guest agent to protect application data, operating system configuration, and data stored on volumes.

Note: Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. Backups are stored in a Recovery Services vault with built-in management of recovery points. Configuration and scaling are simple, backups are optimized, and you can easily restore as needed.

Reference:

https://learn.microsoft.com/en-us/azure-stack/user/azure-stack-manage-vm-protect

https://learn.microsoft.com/en-us/azure/backup/backup-azure-vms-introduction

Question 59

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You deploy a disconnected Azure Stack Hub integrated system.

You need to identify the IP address of the privileged endpoint (PEP).

Solution: You review the AzureStackStampDeploymentInfo JSON file.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: A

Explanation:

Instead: Solution: You run the nslookup AzS-ERCS01.azurestack.local command.

Note: nslookup is a network administration command-line tool for querying the Domain Name System to obtain the mapping between domain name and IP address, or other DNS records. ASDK architecture, Virtual machine roles

The ASDK offers services using the following VMs hosted on the development kit host computer:

* AzS-ERCS01 - Emergency Recovery Console VM.

Reference:

https://docs.microsoft.com/en-us/azure-stack/asdk/asdk-architecture?view=azs-2008

Question 60

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You deploy a disconnected Azure Stack Hub integrated system.

You need to identify the IP address of the privileged endpoint (PEP).

Solution: You run the nslookup AzS-ERCS01.azurestack.local command.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: A

Explanation:

nslookup is a network administration command-line tool for querying the Domain Name System to obtain the mapping between domain name and IP address, or other DNS records. ASDK architecture, Virtual machine roles

The ASDK offers services using the following VMs hosted on the development kit host computer:

* AzS-ERCS01 - Emergency Recovery Console VM.

Reference:

https://docs.microsoft.com/en-us/azure-stack/asdk/asdk-architecture?view=azs-2008

Total 179 questions
Go to page: of 18
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms