December/2018 Braindump2go 70-535 Exam Dumps with PDF and VCE New Updated Today! Following are some new 70-535 Real Exam Questions:
1.|2018 Latest 70-535 Exam Dumps (PDF & VCE) 426Q&As Download:
https://www.braindump2go.com/70-535.html
2.|2018 Latest 70-535 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/1K808iFXD_tKKveGZeLM1H8d81RAL6LCx?usp=sharing
QUESTION 400
Note: This question is part of a series of questions that present the same scenario. Each question on the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are planning to create a virtual network that has a scale set that contains six virtual machines (VMs).
A monitoring solution on a different network will need access to the VMs inside the scale set.
You need to define public access to the VMs.
Solution: Use Remote Desktop Protocol (RDP) to connect to the VM in the scale set.
Does the solution meet the goal?
A.    Yes
B.    No
Answer: B
Explanation:
Public IP addresses are necessary because they provide the load balanced entry point for the virtual machines in the scale set. The public IP address will route traffic to the appropriate virtual machines in the scale set.
References:
https://mitra.computa.asia/articles/msdn-virtual-machine-scale-sets-it-really-about-protecting-your-applications-performance
QUESTION 401
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure Express Route has been deployed and configured for on-premises to Azure connectivity.
Several VMs are exhibiting network connectivity issues.
You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs.
Solution: Use Azure Network Watcher to run IP flow verify to analyze the network traffic.
Does the solution meet the goal?
A.    Yes
B.    No
Answer: B
Explanation:
You need to analyze the data at a higher level.
Note: You can install and configure the Operations Management Suite (OMS) and Dependency Agents on all VMs. Use the Wire Data solution in Azure Log Analytics to analyze the network traffic.
References:
https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-wire-data
QUESTION 402
Note: This question is part of a series of questions that present the same scenario. Each question on the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure Function to run the image processing application every hour.
Does the solution meet the goal?
A.    Yes
B.    No
Answer: B
Explanation:
It is better to run the legacy application in a VM.
QUESTION 403
Your company uses Azure Active Directory (Azure AD) to secure several Azure App Service Web and API applications. The applications are used by company employees and allow single sign-on (SSO).
The applications must allow external users to sign-in. The external users must be managed the same way as employees and allow the external users to be added to the same employee user groups.
You need to enable the external user sign-in.
What should you do?
A.    Install and configure an Azure AD Connect server to use password hash synchronization and select the “Enable single sign on” option.
B.    Install and configure an Azure AD Connect server to use pass-through authentication and select the “Enable single sign-on” option.
C.    Enable and configure Azure AD business-to-consumer (B2C) Multi-Factor Authentication.
D.    Enable and configure Azure AD business-to-business (B2B) collaboration.
Answer: C
Explanation:
Azure AD B2C supports single sign-on.
Azure Active Directory (Azure AD) B2C integrates directly with Azure Multi-Factor Authentication so that you can add a second layer of security to sign-up and sign-in experiences in your consumer-facing applications.
References:
https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-mfa
QUESTION 404
A company runs virtual machines (VMs) in Azure. Some VMs are hosted in a virtual network in the West Central US region. Other VMs are hosted in a virtual network in the West US 2 region. Each virtual network has its own IP address range. The virtual networks are not integrated.
You need to ensure that databases in the virtual networks can replicate data from one region to the other. The solution must minimize effort required.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.    Implement virtual network peering.
B.    Migrate the database to Azure SQL Database.
C.    Create ExpressRoute connections to each virtual network.
D.    Configure database replication for the databases.
Answer: BD
Explanation:
Active geo-replication is Azure SQL Database feature that allows you to create readable replicas of your database in the same or different data center (region).
References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-geo-replication-overview
QUESTION 405
Note: This question is part of a series of questions that present the same scenario. Each question on the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing a live streaming event by using Azure Media Services. The delivery of the video will use HTTP Live Streaming (HLS) to an Azure Content Delivery Network (CDN) streaming endpoint.
Viewers of the content may not be a trusted party and you require the highest level of security.
You must secure the media delivery by using dynamic encryption.
Solution: Use AES-128 dynamic encryption and the key delivery service to encrypt all assets with an associated encryption key and authorization policy. Configure the assert’s delivery policy to deliver by using Advanced Encryption Standard (AES).
Does the solution meet the goal?
A.    Yes
B.    No
Answer: A
Explanation:
You can use Azure Media Services to secure your media from the time it leaves your computer through storage, processing, and delivery. With Media Services, you can deliver your live and on-demand content encrypted dynamically with Advanced Encryption Standard (AES-128) or any of the three major digital rights management (DRM) systems: Microsoft PlayReady, Google Widevine, and Apple FairPlay.
References:
https://docs.microsoft.com/en-us/azure/media-services/previous/media-services-content-protection-overview
QUESTION 406
Note: This question is part of a series of questions that present the same scenario. Each question on the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
A company has 100 Web servers running Windows Server on virtual machines (VMs) in Azure. All servers have IIS enabled. Each server runs a unique combination of web apps.
Servers must not run unnecessary services. The servers must be checked every 30 minutes to remove any additional Windows features and correct exceptions.
You need to design the solution with the least amount of effort and without downtime.
Solution: Design a solution based on VM scale sets.
Does the solution meet the goal?
A.    Yes
B.    No
Answer: B
Explanation:
Instead use Azure Automation State Configuration.
QUESTION 407
Note: This question is part of a series of questions that present the same scenario. Each question on the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
A company has 100 Web servers running Windows Server on virtual machines (VMs) in Azure. All servers have IIS enabled. Each server runs a unique combination of web apps.
Servers must not run unnecessary services. The servers must be checked every 30 minutes to remove any additional Windows features and correct exceptions.
You need to design the solution with the least amount of effort and without downtime.
Solution: Design a solution that deploys a unique Azure Resource Manager template for each VM and copy the appropriate web apps. Create the required number of VMs.
Does the solution meet the goal?
A.    Yes
B.    No
Answer: B
Explanation:
Instead use Azure Automation State Configuration.
Note: With Resource Manager, you can create a template (in JSON format) that defines the infrastructure and configuration of your Azure solution. By using a template, you can repeatedly deploy your solution throughout its lifecycle and have confidence your resources are deployed in a consistent state. When you create a solution from the portal, the solution automatically includes a deployment template. You don’t have to create your template from scratch because you can start with the template for your solution and customize it to meet your specific needs.
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview
QUESTION 408
Note: This question is part of a series of questions that present the same scenario. Each question on the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
A company has 100 Web servers running Windows Server on virtual machines (VMs) in Azure. All servers have IIS enabled. Each server runs a unique combination of web apps.
Servers must not run unnecessary services. The servers must be checked every 30 minutes to remove any additional Windows features and correct exceptions.
You need to design the solution with the least amount of effort and without downtime.
Solution: Use Azure Automation DSC.
Does the solution meet the goal?
A.    Yes
B.    No
Answer: A
Explanation:
Azure Automation State Configuration is an Azure service that allows you to write, manage, and compile PowerShell Desired State Configuration (DSC) configurations, import DSC Resources, and assign configurations to target nodes, all in the cloud.
References:
https://docs.microsoft.com/en-us/azure/automation/automation-dsc-overview
QUESTION 409
Your company is developing an e-commerce Azure App Service Web App to support hundreds of restaurant locations around the world. You are designing the messaging solution architecture to support the e-commerce transactions and messages.
The e-commerce application has the following features and requirements:
  
You need to design a solution for the Inventory Distribution feature.
Which Azure service should you use?
A.    Azure Event Hub
B.    Azure Service Bus
C.    Azure Event Grid
D.    Azure Relay
Answer: B
Explanation:
Service Bus is intended for traditional enterprise applications. These enterprise applications require transactions, ordering, duplicate detection, and instantaneous consistency. Service Bus enables cloud-native applications to provide reliable state transition management for business processes.
Incorrect Answers:
A: Azure Event Hubs is a big data pipeline. It facilitates the capture, retention, and replay of telemetry and event stream data.
C: Event Grid is an eventing backplane that enables event-driven, reactive programming.
D: The Azure Relay service enables you to securely expose services that run in your corporate network to the public cloud.
References:
https://docs.microsoft.com/en-us/azure/event-grid/compare-messaging-services
QUESTION 410
A company uses Microsoft Operations Management Suite (OMS) to manage 1,000 virtual machines (VMs) in Azure.
The security officer reports that VMs often are not updated. You recommend to the company that they implement the OMS Update Management solution.
You need to describe the OMS Update Management solution to the company.
Which functionality does the OMS Update Management solution provide?
A.    assessment of Windows and Linux updates on the VMs
B.    alerts regarding VM issues
C.    overview of network activity on the VMs
D.    deployment of required updates to VMs
Answer: A
Explanation:
The Update Management solution in Azure automation allows you to manage operating system updates for your Windows and Linux computers deployed in Azure, on-premises environments, or other cloud providers. You can quickly assess the status of available updates on all agent computers and manage the process of installing required updates for servers.
Note: After updates are assessed for all the Linux and Windows computers in your workspace, you can install required updates by creating an update deployment.
An update deployment is a scheduled installation of required updates for one or more computers.
References:
https://docs.microsoft.com/en-us/azure/operations-management-suite/oms-solution-update-management
QUESTION 411
You manage an application instance. The application consumes data from multiple databases. Application code references database tables using a combination of the server, database, and table name.
You need to migrate the application instance to Azure.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A.    SQL Server Stretch Database
B.    SQL Server in an Azure virtual machine
C.    SQL Managed Instance
D.    Azure SQL Database
Answer: AC
Explanation:
A: SQL Server Stretch Database lets you dynamically stretch warm and cold transactional data from Microsoft SQL Server 2016 to Microsoft Azure. Access SQL Server data if it’s on-premises or stretched to the cloud. You set policy that determines where data is stored and SQL Server moves the data in the background for you. The table is online and ready to query, and you don’t have to change existing queries or applications–it’s completely transparent.
C: Managed Instance allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database changes. At the same time, Managed Instance preserves all PaaS capabilities (automatic patching and version updates, automated backups, high-availability), that drastically reduces management overhead and TCO.
References:
https://azure.microsoft.com/en-us/services/sql-server-stretch-database/
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instance
QUESTION 412
You are designing a security solution for a company’s web application.
You need to secure the web application by using Web Application Firewall (WAF).
For which three types of attacks will the solution protect? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A.    zero-day exploits
B.    SQL injection
C.    DOS attacks
D.    cross-site scripting attacks
E.    DDOS attacks
Answer: BCD
Explanation:
Web Application Firewall features include:
SQL injection protection
Cross site scripting protection
Common Web Attacks Protection such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion attack
Protection against HTTP protocol violations
Protection against HTTP protocol anomalies such as missing host user-agent and accept headers
Prevention against bots, crawlers, and scanners
Detection of common application misconfigurations (that is, Apache, IIS, etc.)
References:
https://docs.microsoft.com/en-us/azure/application-gateway/waf-overview
QUESTION 413
Note: This question is part of a series of questions that present the same scenario. Each question on the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing a live streaming event by using Azure Media Services. The delivery of the video will use HTTP Live Streaming (HLS) to an Azure Content Delivery Network (CDN) streaming endpoint.
Viewers of the content may not be a trusted party and you require the highest level of security.
You must secure the media delivery by using dynamic encryption.
Solution: Use Azure Storage Service Encryption to encrypt all assets with an encryption key and authorization policy. Configure the asset’s delivery policy to deliver by using Advanced Encryption Standard (AES).
Does the solution meet the goal?
A.    Yes
B.    No
Answer: B
Explanation:
You can use Azure Media Services to secure your media from the time it leaves your computer through storage, processing, and delivery. With Media Services, you can deliver your live and on-demand content encrypted dynamically with Advanced Encryption Standard (AES-128) or any of the three major digital rights management (DRM) systems: Microsoft PlayReady, Google Widevine, and Apple FairPlay.
References:
https://docs.microsoft.com/en-us/azure/media-services/previous/media-services-content-protection-overview
QUESTION 414
A company deploys Azure Active Directory (Azure AD) Connect to synchronize identity information from their on-premises Active Directory Domain Services (AD DS) directory to their Azure AD tenant. The identity information that is synchronized includes user accounts, credential hashes for authentication (password sync), and group memberships.
The company plans to deploy several Windows and Linux virtual machines (VMs) to support their applications.
The VMs have the following requirements:
Support domain join, LDAP read, LDAP bind, NTLM and Kerberos authentication, and Group Policy. Allow users to sign in to the domain using their corporate credentials and connect remotely to the VM by using Remote Desktop.
You need to support the VM deployment. Which service should you use?
A.    Active Directory Federation Services (AS FS)
B.    Azure AD Privileged Identity Management
C.    Azure AD Domain Services
D.    Azure AD Managed Service Identity
Answer: C
Explanation:
Azure AD Domain Services provides managed domain services such as domain join, group policy, LDAP, Kerberos/NTLM authentication that are fully compatible with Windows Server Active Directory.
Azure AD Domain Services enables users to sign in to the domain using their corporate credentials – for example, when connecting remotely to machines joined to the domain via Remote Desktop.
References:
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-overview
!!!RECOMMEND!!!
1.|2018 Latest 70-535 Exam Dumps (PDF & VCE) 426Q&As Download:
https://www.braindump2go.com/70-535.html
2.|2018 Latest 70-535 Study Guide Video: