★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-534 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/70-534-dumps.html
It is impossible to pass Microsoft 70-534 exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed Microsoft 70-534 practice questions. You will get a surprising result by our Up to the minute Architecting Microsoft Azure Solutions practice guides.
2021 Oct ms exam 70-534:
Q31. Topic 1, VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because the company recognizes that this usage enables employee productivity. Employees also access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix. The company continues to evaluate and adopt more SaaS applications for its business. VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as Multi-Factor Authentication (MFA). Management enjoys the ease with which MFA
can be enabled and disabled for employees who use cloud-based services. VanArsdel's on-premises directory contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email messages to all its employees about the helpdesk group and how to contact it. Configuring employee access for SaaS applications is often a time-consuming task. It is not always obvious to the helpdesk group which users should be given access to which SaaS applications. The helpdesk group must respond to many phone calls and email messages to solve this problem, which takes up valuable time. The helpdesk group is unable to meet the needs of VanArsdel's employees.
However, many employees do not work with the helpdesk group to solve their access problems. Instead, these employees contact their co-workers or managers to find someone who can help them. Also, new employees are not always told to contact the helpdesk group for access problems. Some employees report that they cannot see all the applications in the Access Panel that they have access to. Some employees report that they must re-enter their passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the company is concerned about how to protect corporate assets that are stored on these devices. The company does not have a strategy to ensure that its data is removed from the devices when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company would like to keep track of all its previous, current, and future customers worldwide. A profile system using third-party authentication is required as well as feedback and support sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:
A single account and credentials for both on-premises and cloud applications Certain applications that are hosted both in Azure and on-site must be accessible to both VanArsdel employees and partners
The service level agreement (SLA) for the solution requires an uptime of 99.9%
The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile app has the following requirements:
The app must display partner information.
The app must alert project managers when changes to the partner information occur.
The app must display project information including an image gallery to view pictures of construction projects.
Project managers must be able to access the information remotely and securely.
Security:
VanArsdel must control access to its resources to ensure sensitive services and information are accessible only by authorized users and/or managed devices.
Employees must be able to securely share data, based on corporate policies, with other VanArsdel employees and with partners who are located on construction job sites.
VanArsdel management does NOT want to create and manage user accounts for partners.
Technical Requirements
Architecture:
VanArsdel requires a non-centralized stateless architecture fonts data and services where application, data, and computing power are at the logical extremes of the network.
VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance.
A mobile service that is used to access contractor information must have automatically scalable, structured storage Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
VanArsdel mobile app must authenticate employees to the company's Active Directory.
Event-triggered alerts must be pushed to mobile apps by using a custom Node.js script.
The customer support app should use an identity provider that is configured by using the Access Control Service for current profile registration and authentication.
The customer support team will adopt future identity providers that are configured through Access Control Service.
Security:
Active Directory Federated Server (AD FS) will be used to extend AD into Azure.
Helpdesk administrators must have access to only the groups of Azure resources they are responsible for. Azure administration will be performed by a separate group.
IT administrative overhead must be minimized.
Permissions must be assigned by using Role Based Access Control (RBAC).
Line of business applications must be accessed securely.
(Topic 1)
You need to prepare the implementation of data storage for the contractor information app.
What should you?
A. Create a storage account and implement multiple data partitions.
B. Create a Cloud Service and a Mobile Service. Implement Entity Group transactions.
C. Create a Cloud Service and a Deployment group. Implement Entity Group transactions.
D. Create a Deployment group and a Mobile Service. Implement multiple data partitions.
Answer: B
Explanation:
* Scenario: / VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance. / A mobile service that is used to access contractor information must have automatically scalable, structured storage
* The basic unit of deployment and scale in Azure is the Cloud Service.
Reference: Performing Entity Group Transactions
https://msdn.microsoft.com/en-us/library/azure/dd894038.aspx
Q32. - (Topic 5)
You need to recommend a technology for processing customer pickup requests.
Which technology should you recommend?
A. Notification hub
B. Queue messaging
C. Mobile Service with push notifications
D. Service Bus messaging
Answer: D
Explanation: Service Bus queues are part of a broader Azure messaging infrastructure
that supports queuing as well as publish/subscribe, Web service remoting, and integration
patterns.
Service Bus Queue support Push-style API (while Azure Queue messaging does not).
Incorrect:
Not A: Notification Hub is only used to push notification, not for processing requests.
Not B As a solution architect/developer, you should consider using Azure Queues when:
*
Your application must store over 80 GB of messages in a queue, where the messages have a lifetime shorter than 7 days.
*
Your application wants to track progress for processing a message inside of the queue. This is useful if the worker processing a message crashes. A subsequent worker can then use that information to continue from where the prior worker left off.
You require server side logs of all of the transactions executed against your queues.
Not C: To process the messages we do not need push notification.
Reference: Azure Queues and Service Bus Queues - Compared and Contrasted
https://msdn.microsoft.com/en-us/library/azure/hh767287.aspx
Topic 6, Mix Questions
31. - (Topic 6)
Contoso, Ltd., uses Azure websites for public-facing customer websites. The company has a mobile app that requires customers sign in by using a Contoso customer account.
Customers must be able to sign on to the websites and mobile app by using a Microsoft, Facebook, or Google account. All transactions must be secured in-transit regardless of device.
You need to configure the websites and mobile app to work with external identity providers.
Which three actions should you perform? Each correct answer presents part of the solution.
A. Request a certificate from a domain registrar for the website URL, and enable TLS/SSL.
B. Configure IPsec for the websites and the mobile app.
C. Configure the KerberosTokenProfile 1.1 protocol.
D. Configure OAuth2 to connect to an external authentication provider.
E. Build an app by using MVC 5 that is hosted in Azure to provide a framework for the underlying authentication.
Answer: A,D,E
Explanation: DE: This tutorial shows you how to build an ASP.NET MVC 5 web application that enables users to log in using OAuth 2.0 with credentials from an external authentication provider, such as Facebook, Twitter, LinkedIn, Microsoft, or Google.
A:
*
You will now be redirected back to the Register page of the MvcAuth application where you can register your Google account. You have the option of changing the local email registration name used for your Gmail account, but you generally want to keep the default email alias (that is, the one you used for authentication). Click Register.
*
To connect to authentication providers like Google and Facebook, you will need to set up IIS-Express to use SSL.
Reference: Code! MVC 5 App with Facebook, Twitter, LinkedIn and Google OAuth2 Sign-on (C#)
http://www.asp.net/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on
Q33. - (Topic 6)
You design an Azure web application. The web application is accessible by default as a standard cloudapp.net URL.
You need to recommend a DNS resource record type that will allow you to configure access to the web application by using a custom domain name.
Which DNS record type should you recommend?
A. SRV
B. MX
C. CNAME
D. A
Answer: C
Explanation: A CNAME record maps a specific domain, such as contoso.com or www.contoso.com, to a canonical domain name. In this case, the canonical domain name is the <myapp>.cloudapp.net domain name of your Azure hosted application. Once created, the CNAME creates an alias for the <myapp>.cloudapp.net. The CNAME entry will resolve to the IP address of your <myapp>.cloudapp.net service automatically, so if the IP address of the cloud service changes, you do not have to take any action.
Incorrect: Not D:
*
Since an A record is mapped to a static IP address, it cannot automatically resolve changes to the IP address of your Cloud Service.
*
An A record maps a domain, such as contoso.com or www.contoso.com, or a wildcard domain such as *.contoso.com, to an IP address. In the case of an Azure Cloud Service, the virtual IP of the service. So the main benefit of an A record over a CNAME record is that you can have one entry that uses a wildcard, such as *.contoso.com, which would handle requests for multiple sub-domains such as mail.contoso.com, login.contoso.com, or
www.contso.com.
Reference: Configuring a custom domain name for an Azure cloud service
http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-custom-domain-name/
Q34. - (Topic 4)
You need to ensure that the website scales. What should you do?
A. Deploy Traffic Manager and configure it to route user traffic to specified endpoints to other Azure datacenters.
B. Enter multiple DNS entries in each virtual network to route requests to other Azure datacenters.
C. Set up a new Azure datacenter to Azure datacenter VPN to enable the solution to communicate across regions.
D. Use a virtual network to route network traffic in a single Azure datacenter.
Answer: C
Explanation: Scenario: The customer-facing website must automatically scale and replicate to locations around the world. Azure ExpressRoute enables you to create private connections between Azure datacenters and infrastructure that’s on your premises or in a colocation environment. ExpressRoute connections do not go over the public Internet, and offer more reliability, faster speeds, lower latencies and higher security than typical connections over the Internet. In some cases, using ExpressRoute connections to transfer data between on-premises and Azure can also yield significant cost benefits.
Reference: ExpressRoute, Experience a faster, private connection to Azure
http://azure.microsoft.com/en-us/services/expressroute/
Topic 5, Northwind traders
Background
Overview
Northwind Electric Cars is the premier provider of private, low-cost transportation in Denver. Northwind drivers are company employees who work together as a team. The founding partners believe that by hiring their drivers as employees, their drivers focus on providing a great customer experience. Northwind Electric Cars has a reputation for offering fast, reliable, and friendly service, due largely to their extensive network of drivers and their proprietary dispatching software named NorthRide.
Northwind Electric Cars drivers depend on frequent, automatic updates for the NorthRide mobile app. The Northwind management team is concerned about unplanned system downtime and slow connection speeds caused by high usage. Additionally, Northwind's inhouse data storage solution is unsustainable because of the new influx of customer data that is retained. Data backups are made periodically on DVDs and stored on-premises at corporate headquarters.
Apps
NorthRide App
Northwind drivers use the NorthRide app to meet customer pickup requests. The app uses a GPS transponder in each Northwind vehicle and Bing Maps APIs to monitor the location of each vehicle in the fleet in real time. NorthRide allows Northwind dispatchers to optimize their driver coverage throughout the city.
When new customers call, the dispatcher enters their pickup locations into NorthRide.
NorthRide identifies the closest available driver. The dispatcher then contacts the driver with the pick-up details. This process usually results in a pick-up time that is far faster than the industry average.
Drivers use NorthRide to track the number of miles they drive and the number of customers they transport. Drivers also track their progress towards their established goals, which are measured by using key performance indicators (KPIs).
NorthRide App 2.0
Northwind Electric Cars is growing quickly. New callers often wait for their calls to be answered because the dispatchers are contacting their drivers to arrange pickups for other customers.
To support the growth of the business, Northwind's development team completes an overhaul of the NorthRide system that it has named NorthRide 2.0. When a dispatcher enters a customer's pickup location, the address and driving directions are automatically sent to the driver who is closest to the customer's pickup location.
Drivers indicate their availability on the NorthRide mobile app and can view progress towards their KPI's in real time. Drivers can also record customer ratings and feedback for each pickup.
Business Requirements
Apps
NorthRideFinder App
Northwind Electric Cars needs a customer-facing website and mobile app that allows customers to schedule pickups. Customers should also be able to create profiles that will help ensure the customer gets a ride faster by storing customer information.
Predictor App
Northwind Electric Cars needs a new solution named Predictor. Predictor is an employeefacing mobile app. The app predicts periods of high usage and popular pickup locations and provides various ways to view this predictive data. Northwind uses this information to better distribute its drivers. Northwind wants to use the latest Azure technology to create this solution.
Other Requirements
On-premises data must be constantly backed up.
Mobile data must be protected from loss, even if connectivity with the backend is lost.
Dispatch offices need to have seamless access to both their primary data center and the applications and services that are hosted in the Azure cloud.
Connectivity needs to be redundant to on-premises and cloud services, while providing a way for each dispatch office to continue to operate even if one or all of the connection options fail.
The management team requires that operational data is accessible 24/7 from any office location.
Technical Requirements
Apps and Website
NorthRide / NorthRideFinder Apps:
The solution must support on-premises and Azure data storage.
The solution must scale as necessary based on the current number of concurrent users.
Customer pickup requests from NorthRideFinder must be asynchronous.
The customer pickup request system will be high in volume, and each request will have a short life span.
Data for NorthRideFinder must be protected during a loss of connectivity.
NorthRide users must authenticate to the company's Azure Active Directory.
Northwind Public Website
The customer website must use a WebJob to process profile images into thumbnails
The customer website must be developed with lowest cost and difficulty in mind.
The customer website must automatically scale to minimize response times for customers.
Other Requirements
Data Storage:
The data storage must interface with an on-premises Microsoft SQL backend database.
A disaster recovery system needs to be in place for large amounts of data that will backup to Azure.
Backups must be fully automated and managed the Azure Management Portal.
The recovery system for company data must use a hybrid solution to back up both the on-premises Microsoft SQL backend and any Azure storage.
Predictive Routing:
An Azure solution must be used for prediction systems.
Predictive analytics must be published as a web service and accessible by using the REST API.
Security:
The NorthRide app must use an additional level of authentication other than the employee's password.
Access must be secured in NorthRide without opening a firewall port.
Company policy prohibits inbound connections from internet callers to the onpremises network.
Customer usernames in NorthRideFinder cannot exceed 10 characters.
Customer data in NorthRideFinder can be received only by the user ID that is associated with the data.
25. - (Topic 5)
You need to recommend a solution that meets the requirements for data storage for the NorthRide app.
What should you include in the recommendation?
A. Azure Remote App
B. Azure Service Bus
C. Azure Connect
D. Azure SQL Database
Answer: B
Explanation: Service Bus queues are part of a broader Azure messaging infrastructure
that supports queuing as well as publish/subscribe, Web service remoting, and integration
patterns.
Service Bus Queue support Push-style API (while Azure Queue messaging does not).
Reference: Azure Queues and Service Bus Queues - Compared and Contrasted
https://msdn.microsoft.com/en-us/library/azure/hh767287.aspx
Q35. - (Topic 6)
You have several virtual machines (VMs) that run in Azure. You also have a single System Center 2012 R2 Configuration Manager (SCCM) primary site on-premises.
You have the following requirements:
All VMs must run on the same virtual network.
Network traffic must be minimized between the on-premises datacenter and Azure.
The solution minimize complexity.
You need to use SCCM to collect inventory and deploy software to Azure VMs.
What should you do first?
A. Configure client push for the Azure virtual network.
B. Enable and configure Operations Insights in Azure.
C. Install a cloud distribution point on an Azure VM.
D. Install a secondary site underneath the primary site onto an Azure VM.
Answer: C
Explanation: Cloud-based distribution Point, a Configuration Manager Site System Role in the Cloud
Much of the Configuration Manager topology is made up of distribution points, they are very helpful in many situations where bandwidth and geographical separation are the facts of life, but also hard to manage if you have hundreds or even thousands of them.
This feature started with the vision that it makes perfect sense to have big distribution points in the Windows Azure cloud where one should not worry about things like (but not limited to) size, performance, reliability, security, access from all around the world, hardware/software update issues etc.
Note: Content management in System Center 2012 Configuration Manager provides the tools for you to manage content files for applications, packages, software updates, and operating system deployment. Configuration Manager uses distribution points to store files that are required for software to run on client computers. These distribution points function as distribution centers for the content files and let users download and run the software.
Clients must have access to at least one distribution point from which they can download the files.
Reference: New Distribution Points in Configuration Manager SP1
http://blogs.technet.com/b/configmgrteam/archive/2013/01/31/new-distribution-points-in-configuration-manager-sp1.aspx
Up to the minute mva 70-534:
Q36. DRAG DROP - (Topic 6)
You are migrating Active Directory Domain Services (AD DS) domains to Azure.
You need to recommend the least complex directory synchronization solution.
What should you recommend? To answer, drag the appropriate solution to the correct client requirement. Each solution may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q37. - (Topic 5)
You need to design the authentication solution for the NorthRide app. Which solution should you use?
A. Azure Active Directory Basic with multi-factor authentication for the cloud and on-premises users.
B. Active Directory Domain Services with mutual authentication
C. Azure Active Directory Premium and add multi-factor authentication the for cloud users
D. Active Directory Domain Services with multi-factor authentication
Answer: C
Explanation: * Scenario: The NorthRide app must use an additional level of authentication other than the employee's password.
* Azure Multi-Factor Authentication is the multi-factor authentication service that requires users to also verify sign-ins using a mobile app, phone call or text message. It is available to use with Azure Active Directory, to secure on-premise resources with the Azure Multi-Factor Authentication Server, and with custom applications and directories using the SDK.
Reference: What is Azure Multi-Factor Authentication?
https://azure.microsoft.com/en-us/documentation/articles/multi-factor-authentication/
Reference: Azure Active Directory Pricing
http://azure.microsoft.com/en-gb/pricing/details/active-directory/
Q38. HOTSPOT - (Topic 6)
Resources must authenticate to an identity provider.
You need to configure the Azure Access Control service.
What should you recommend? To answer, select the appropriate responses for each requirement in the answer area.
Answer:
Q39. - (Topic 4)
You need to analyze Lucerne’s performance monitoring solution.
Which three applications should you monitor? Each correct answer presents a complete solution.
A. The Lucerne Media-D application
B. The data mining application
C. The Lucerne Media-W application
D. The Lucerne Media-M app
E. The Lucerne Media-N app
Answer: C,D,E
Explanation: Monitor the web application and the mobile apps.
C: Lucerne Media W - a web application that delivers media by using any browser
D: Lucerne Media M - a mobile app that delivers media by using Windows Phone 8.1
E: Lucerne Media N - a mobile app that delivers media by using an Android device
* Scenario:
/ Lucerne Publishing must be able to monitor the performance and usage of its customer-
facing app.
/ Customers must be able to access all data by using a web application. They must also be
able to access data by using a mobile app that is provided by Lucerne Publishing.
Q40. - (Topic 6)
You are designing an Azure application. The application includes two web roles and three instances of a worker role. The web roles send requests to the worker role by using one or more Azure Queues.
You need to recommend a queue design for sending requests to the worker role.
What should you recommend?
A. Create a queue for each combination of web roles and worker role instances. Send requests to all worker role instances based on the sending web role.
B. Create a single queue. Send all requests on the single queue.
C. Create a queue for each worker role instance. Send requests on each worker queue by using a round robin rotation.
D. Create a queue for each web role. Send requests on all queues at the same time.
Answer: B
Explanation: To communicate with the worker role, a web role instance places messages on to a queue. A worker role instance polls the queue for new messages, retrieves them, and processes them. There are a couple of important things to know about the way the queue service works in Azure. First, you reference a queue by name, and multiple role instances can share a single queue. Second, there is no concept of a typed message; you construct a message from either a string or a byte array. An individual message can be no more than 64 kilobytes (KB) in size.
Reference: 5 – Executing Background Tasks
https://msdn.microsoft.com/en-gb/library/ff803365.aspx
Reference: .NET Multi-Tier Application Using Service Bus Queues http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-dotnet-multi-tier-app-using-service-bus-queues/