HOTSPOT - You have an Azure subscription that contains 50 Azure SQL databases. You create an Azure Resource Manager (ARM) template named Template1 that enables Transparent Data Encryption (TDE). You need to create an Azure Policy definition named Policy1 that will use Template1 to enable TDE for any noncompliant Azure SQL databases. How should you configure Policy1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 62
You have an Azure subscription. The subscription contains a tiered app named App1 that is distributed across multiple containers hosted in Azure Container Instances. You need to deploy an Azure Monitor monitoring solution for App. The solution must meet the following requirements: • Support using synthetic transaction monitoring to monitor traffic between the App1 components. • Minimize development effort. What should you include in the solution?
A. Network insights
B. Application Insights
C. Container insights
D. Log Analytics Workspace insights
Question 63
HOTSPOT - You have an Azure subscription that contains the resources shown in the following table: Log files from App1 are registered to App1Logs. An average of 120 GB of log data is ingested per day. You configure an Azure Monitor alert that will be triggered if the App1 logs contain error messages. You need to minimize the Log Analytics costs associated with App1. The solution must meet the following requirements: • Ensure that all the log files from App1 are ingested to App1Logs. • Minimize the impact on the Azure Monitor alert. Which resource should you modify, and which modification should you perform? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 64
You have 12 Azure subscriptions and three projects. Each project uses resources across multiple subscriptions. You need to use Microsoft Cost Management to monitor costs on a per project basis. The solution must minimize administrative effort. Which two components should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. budgets
B. resource tags
C. custom role-based access control (RBAC) roles
D. management groups
E. Azure boards
Question 65
HOTSPOT - You have an Azure subscription that contains multiple storage accounts. You assign Azure Policy definitions to the storage accounts. You need to recommend a solution to meet the following requirements: • Trigger on-demand Azure Policy compliance scans. • Raise Azure Monitor non-compliance alerts by querying logs collected by Log Analytics. What should you recommend for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 66
HOTSPOT - You have an Azure subscription. You plan to deploy five storage accounts that will store block blobs and five storage accounts that will host file shares. The file shares will be accessed by using the SMB protocol. You need to recommend an access authorization solution for the storage accounts. The solution must meet the following requirements: • Maximize security. • Prevent the use of shared keys. • Whenever possible, support time-limited access. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 67
HOTSPOT - You have an Azure subscription. The subscription contains 100 virtual machines that run Windows Server 2022 and have the Azure Monitor Agent installed. You need to recommend a solution that meets the following requirements: • Forwards JSON-formatted logs from the virtual machines to a Log Analytics workspace • Transforms the logs and stores the data in a table in the Log Analytics workspace What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 68
You have 100 servers that run Windows Server 2012 R2 and host Microsoft SQL Server 2014 instances. The instances host databases that have the following characteristics: - Stored procedures are implemented by using CLR. - The largest database is currently 3 TB. None of the databases will ever exceed 4 TB. You plan to move all the data from SQL Server to Azure. You need to recommend a service to host the databases. The solution must meet the following requirements: - Whenever possible, minimize management overhead for the migrated databases. - Ensure that users can authenticate by using Azure Active Directory (Azure AD) credentials. - Minimize the number of database changes required to facilitate the migration. What should you include in the recommendation?
A. Azure SQL Database elastic pools
B. Azure SQL Managed Instance
C. Azure SQL Database single databases
D. SQL Server 2016 on Azure virtual machines
SQL Managed Instance allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database changes. At the same time, SQL Managed Instance preserves all PaaS capabilities (automatic patching and version updates, automated backups, high availability) that drastically reduce management overhead and TCO. Reference: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instance
Question 69
You have an Azure subscription that contains an Azure Blob Storage account named store1. You have an on-premises file server named Server1 that runs Windows Server 2016. Server1 stores 500 GB of company files. You need to store a copy of the company files from Server1 in store1. Which two possible Azure services achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. an Azure Logic Apps integration account
B. an Azure Import/Export job
C. Azure Data Factory
D. an Azure Analysis services On-premises data gateway
E. an Azure Batch account
B: You can use the Azure Import/Export service to securely export large amounts of data from Azure Blob storage. The service requires you to ship empty drives to the Azure datacenter. The service exports data from your storage account to the drives and then ships the drives back. C: Big data requires a service that can orchestrate and operationalize processes to refine these enormous stores of raw data into actionable business insights. Azure Data Factory is a managed cloud service that's built for these complex hybrid extract-transform-load (ETL), extract-load-transform (ELT), and data integration projects. Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-data-from-blobs https://docs.microsoft.com/en-us/azure/data-factory/introduction
Question 70
You have an Azure subscription that contains two applications named App1 and App2. App1 is a sales processing application. When a transaction in App1 requires shipping, a message is added to an Azure Storage account queue, and then App2 listens to the queue for relevant transactions. In the future, additional applications will be added that will process some of the shipping requests based on the specific details of the transactions. You need to recommend a replacement for the storage account queue to ensure that each additional application will be able to read the relevant transactions. What should you recommend?
A. one Azure Data Factory pipeline
B. multiple storage account queues
C. one Azure Service Bus queue
D. one Azure Service Bus topic
A queue allows processing of a message by a single consumer. In contrast to queues, topics and subscriptions provide a one-to-many form of communication in a publish and subscribe pattern. It's useful for scaling to large numbers of recipients. Each published message is made available to each subscription registered with the topic. Publisher sends a message to a topic and one or more subscribers receive a copy of the message, depending on filter rules set on these subscriptions. Reference: https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-queues-topics-subscriptions
