[Q88-Q104] Use Real AZ-204 - 100% Cover Real Exam Questions [Oct-2021]

Use Real AZ-204 - 100% Cover Real Exam Questions [Oct-2021]

Dumps Brief Outline Of The AZ-204 Exam - ValidBraindumps

NEW QUESTION 88
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level.
You need to configure authorization.
Solution:
Configure and use Integrated Windows Authentication in the website.
In the website, query Microsoft Graph API to load the group to which the user is a member.
Does the solution meet the goal?

A. No
B. Yes

Answer: A

Explanation:
Microsoft Graph is a RESTful web API that enables you to access Microsoft Cloud service resources.
Instead in the Azure AD application's manifest, set value of the groupMembershipClaims option to All. In the website, use the value of the groups claim from the JWT for the user to determine permissions.
Reference:
https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad-groups/

NEW QUESTION 89
You are developing an ASP.NET Core website that uses Azure FrontDoor. The website is used to build custom weather data sets for researchers. Data sets are downloaded by users as Comma Separated Value (CSV) files. The data is refreshed every 10 hours.
Specific files must be purged from the FrontDoor cache based upon Response Header values.
You need to purge individual assets from the Front Door cache.
Which type of cache purge should you use?

A. root domain
B. wildcard
C. single path

Answer: C

Explanation:
These formats are supported in the lists of paths to purge:
* Single path purge: Purge individual assets by specifying the full path of the asset (without the protocol and domain), with the file extension, for example, /pictures/strasbourg.png;
* Wildcard purge: Asterisk (*) may be used as a wildcard. Purge all folders, subfolders, and files under an endpoint with /* in the path or purge all subfolders and files under a specific folder by specifying the folder followed by /*, for example, /pictures/*.
* Root domain purge: Purge the root of the endpoint with "/" in the path.
Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-caching

NEW QUESTION 90
You need to support the requirements for the Shipping Logic App.
What should you use?

A. Site-to-Site (S2S) VPN connection
B. Azure Active Directory Application Proxy
C. On-premises Data Gateway
D. Point-to-Site (P2S) VPN connection

Answer: C

Explanation:
Before you can connect to on-premises data sources from Azure Logic Apps, download and install the on-premises data gateway on a local computer. The gateway works as a bridge that provides quick data transfer and encryption between data sources on premises (not in the cloud) and your logic apps.
The gateway supports BizTalk Server 2016.
Note: Microsoft have now fully incorporated the Azure BizTalk Services capabilities into Logic Apps and Azure App Service Hybrid Connections.
Logic Apps Enterprise Integration pack bring some of the enterprise B2B capabilities like AS2 and X12, EDI standards support Scenario: The Shipping Logic app must meet the following requirements:
* Support the ocean transport and inland transport workflows by using a Logic App.
* Support industry-standard protocol X12 message format for various messages including vessel content details and arrival notices.
* Secure resources to the corporate VNet and use dedicated storage resources with a fixed costing model.
* Maintain on-premises connectivity to support legacy applications and final BizTalk migrations.
Reference:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-gateway-install

NEW QUESTION 91
You are developing a software solution for an autonomous transportation system. The solution uses large data sets and Azure Batch processing to simulate navigation sets for entire fleets of vehicles.
You need to create compute nodes for the solution on Azure Batch.
What should you do?

A. In a .NET method, call the method: BatchClient.PoolOperations.CreateJob
B. In the Azure portal, create a Batch account.
C. In Python, implement the class: JobAddParameter
D. In Azure CLI, run the command: az batch pool create

Answer: A

Explanation:
A Batch job is a logical grouping of one or more tasks. A job includes settings common to the tasks, such as priority and the pool to run tasks on. The app uses the BatchClient.JobOperations.CreateJob method to create a job on your pool.
Note:
Step 1: Create a pool of compute nodes. When you create a pool, you specify the number of compute nodes for the pool, their size, and the operating system. When each task in your job runs, it's assigned to execute on one of the nodes in your pool.
Step 2 : Create a job. A job manages a collection of tasks. You associate each job to a specific pool where that job's tasks will run.
Step 3: Add tasks to the job. Each task runs the application or script that you uploaded to process the data files it downloads from your Storage account. As each task completes, it can upload its output to Azure Storage.
References:
https://docs.microsoft.com/en-us/azure/batch/quick-run-dotnet

NEW QUESTION 92
You are deploying an Azure Kubernetes Services (AKS) cluster that will use multiple containers.
You need to create the cluster and verify that the services for the containers are configured correctly and available.
Which four commands should you use to develop the solution? To answer, move the appropriate command segments from the list of command segments to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

Step 1: az group create
Create a resource group with the az group create command. An Azure resource group is a logical group in which Azure resources are deployed and managed.
Example: The following example creates a resource group named myAKSCluster in the eastus location.
az group create --name myAKSCluster --location eastus
Step 2 : az aks create
Use the az aks create command to create an AKS cluster.
Step 3: kubectl apply
To deploy your application, use the kubectl apply command. This command parses the manifest file and creates the defined Kubernetes objects.
Step 4: az aks get-credentials
Configure it with the credentials for the new AKS cluster. Example:
az aks get-credentials --name aks-cluster --resource-group aks-resource-group References:
https://docs.bitnami.com/azure/get-started-aks/

NEW QUESTION 93
You need to support the requirements for the Shipping Logic App.
What should you use?

A. Site-to-Site (S2S) VPN connection
B. Azure Active Directory Application Proxy
C. On-premises Data Gateway
D. Point-to-Site (P2S) VPN connection

Answer: C

Explanation:
Explanation
Before you can connect to on-premises data sources from Azure Logic Apps, download and install the on-premises data gateway on a local computer. The gateway works as a bridge that provides quick data transfer and encryption between data sources on premises (not in the cloud) and your logic apps.
The gateway supports BizTalk Server 2016.
Note: Microsoft have now fully incorporated the Azure BizTalk Services capabilities into Logic Apps and Azure App Service Hybrid Connections.
Logic Apps Enterprise Integration pack bring some of the enterprise B2B capabilities like AS2 and X12, EDI standards support Scenario: The Shipping Logic app must meet the following requirements:
* Support the ocean transport and inland transport workflows by using a Logic App.
* Support industry-standard protocol X12 message format for various messages including vessel content details and arrival notices.
* Secure resources to the corporate VNet and use dedicated storage resources with a fixed costing model.
* Maintain on-premises connectivity to support legacy applications and final BizTalk migrations.
Reference:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-gateway-install
Topic 1, Windows Server 2016 virtual machine
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the button to return to the question.
Current environment
Windows Server 2016 virtual machine
The virtual machine (VM) runs BizTalk Server 2016. The VM runs the following workflows:
* Ocean Transport - This workflow gathers and validates container information including container contents and arrival notices at various shipping ports.
* Inland Transport - This workflow gathers and validates trucking information including fuel usage, number of stops, and routes.
The VM supports the following REST API calls:
* Container API - This API provides container information including weight, contents, and other attributes.
* Location API - This API provides location information regarding shipping ports of call and tracking stops.
* Shipping REST API - This API provides shipping information for use and display on the shipping website.
Shipping Data
The application uses MongoDB JSON document storage database for all container and transport information.
Shipping Web Site
The
site displays shipping container tracking information and container contents. The site is located at
http://shipping.wideworldimporters.com/
Proposed solution
The on-premises shipping application must be moved to Azure. The VM has been migrated to a new Standard_D16s_v3 Azure VM by using Azure Site Recovery and must remain running in Azure to complete the BizTalk component migrations. You create a Standard_D16s_v3 Azure VM to host BizTalk Server. The Azure architecture diagram for the proposed solution is shown below:

Requirements
Shipping Logic app
The Shipping Logic app must meet the following requirements:
* Support the ocean transport and inland transport workflows by using a Logic App.
* Support industry-standard protocol X12 message format for various messages including vessel content details and arrival notices.
* Secure resources to the corporate VNet and use dedicated storage resources with a fixed costing model.
* Maintain on-premises connectivity to support legacy applications and final BizTalk migrations.
Shipping Function app
Implement secure function endpoints by using app-level security and include Azure Active Directory (Azure AD).
REST APIs
The REST API's that support the solution must meet the following requirements:
* Secure resources to the corporate VNet.
* Allow deployment to a testing location within Azure while not incurring additional costs.
* Automatically scale to double capacity during peak shipping times while not causing application downtime.
* Minimize costs when selecting an Azure payment model.
Shipping data
Data migration from on-premises to Azure must minimize costs and downtime.
Shipping website
Use Azure Content Delivery Network (CDN) and ensure maximum performance for dynamic content while minimizing latency and costs.
Issues
Windows Server 2016 VM
The VM shows high network latency, jitter, and high CPU utilization. The VM is critical and has not been backed up in the past. The VM must enable a quick restore from a 7-day snapshot to include in-place restore of disks in case of failure.
Shipping website and REST APIs
The following error message displays while you are testing the website:
Failed
to load http://test-shippingapi.wideworldimporters.com/: No
'Access-Control-Allow-Origin' header is present on the requested resource. Origin '
http://test.wideworldimporters.com/' is therefore not allowed access.

NEW QUESTION 94
A company runs an international travel and bookings management service. The company plans to begin offering restaurant bookings. You must develop a solution that uses Azure Search and meets the following requirements:
* Users must be able to search for restaurants by name, description, location, and cuisine.
* Users must be able to narrow the results further by location, cuisine, rating, and family-friendliness.
* All words in descriptions must be included in searches.
You need to add annotations to the restaurant class.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://www.henkboelman.com/azure-search-the-basics/

NEW QUESTION 95
You are developing an application. You have an Azure user account that has access to two subscriptions.
You need to retrieve a storage account key secret from Azure Key Vault.
In which order should you arrange the PowerShell commands to develop the solution? To answer, move all commands from the list of commands to the answer area and arrange them in the correct order.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/bs-latn-ba/Azure/key-vault/key-vault-key-rotation-log-monitoring

NEW QUESTION 96
You plan to create a Docker image that runs an ASP.NET Core application named ContosoApp. You have a setup script named setupScript.ps1 and a series of application files including ContosoApp.dll.
You need to create a Dockerfile document that meets the following requirements:
Call setupScripts.ps1 when the container is built.
Run ContosoApp.dll when the container starts.
The Dockerfile document must be created in the same folder where ContosoApp.dll and setupScript.ps1 are stored.
Which five commands should you use to develop the solution? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.

Answer:

Explanation:

NEW QUESTION 97
You plan to deploy a web app to App Service on Linux. You create an App Service plan. You create and push a custom Docker image that image that contains the web app to Azure Container Registry.
You need to access the console logs generated from inside the container in real-time.
How should you complete the Azure CLI command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: config
To Configure logging for a web app use the command:
az webapp log config
Box 2: --docker-container-logging
Syntax include:
az webapp log config [--docker-container-logging {filesystem, off}]
Box 3: webapp
To download a web app's log history as a zip file use the command:
az webapp log download
Box 4: download
References:
https://docs.microsoft.com/en-us/cli/azure/webapp/log

NEW QUESTION 98
Contoso, Ltd. provides an API to customers by using Azure API Management (APIM). The API authorizes users with a JWT token.
You must implement response caching for the APIM gateway. The caching mechanism must detect the user ID of the client that accesses data for a given location and cache the response for that user ID.
You need to add the following policies to the policies file:
* a set-variable policy to store the detected user identity
* a cache-lookup-value policy
* a cache-store-value policy
* a find-and-replace policy to update the response body with the user profile information To which policy section should you add the policies? To answer, drag the appropriate sections to the correct policies. Each section may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point

Answer:

Explanation:

Explanation

Box 1: Inbound.
A set-variable policy to store the detected user identity.
Example:
<policies>
<inbound>

<set-variable
name="enduserid"
value="@(context.Request.Headers.GetValueOrDefault("Authorization","").Split(' ')[1].AsJwt()?.Subject)"
/>
Box 2: Inbound
A cache-lookup-value policy
Example:
<inbound>
<base />
<cache-lookup vary-by-developer="true | false" vary-by-developer-groups="true | false" downstream-caching-type="none | private | public" must-revalidate="true | false">
<vary-by-query-parameter>parameter name</vary-by-query-parameter> 
</cache-lookup>
</inbound>
Box 3: Outbound
A cache-store-value policy.
Example:
<outbound>
<base />
<cache-store duration="3600" />
</outbound>
Box 4: Outbound
A find-and-replace policy to update the response body with the user profile information.
Example:
<outbound>

<find-and-replace
from='"$userprofile$"'
to="@((string)context.Variables["userprofile"])" />
<base />
</outbound>
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-caching-policies
https://docs.microsoft.com/en-us/azure/api-management/api-management-sample-cache-by-key

NEW QUESTION 99
Your company is migrating applications to Azure. The IT department must allow internal developers to communicate with Microsoft support.
The service agents of the IT department must only have view resources and create support ticket permissions to all subscriptions. A new custom role must be created by reusing a default role definition and changing the permissions.
You need to create the custom role.
To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles-powershell

NEW QUESTION 100
You are developing an ASP.NET Core app that includes feature flags which are managed by Azure App Configuration. You create an Azure App Configuration store named AppFeatureFlagStore that contains a feature flag named Export.
You need to update the app to meet the following requirements:
Use the Export feature in the app without requiring a restart of the app.
Validate users before users are allowed access to secure resources.
Permit users to access secure resources.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.builder.iapplicationbuilder?view=aspnetcore-5.0

NEW QUESTION 101
A web service provides customer summary information for e-commerce partners. The web service is implemented as an Azure Function app with an HTTP trigger. Access to the API is provided by an Azure API Management instance. The API Management instance is configured in consumption plan mode. All API calls are authenticated by using OAuth.
API calls must be cached. Customers must not be able to view cached data for other customers.
You need to configure API Management policies for caching.
How should you complete the policy statement?

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-caching-policies

NEW QUESTION 102
You have an Azure Batch project that processes and converts files and stores the files in Azure storage. You are developing a function to start the batch job.
You add the following parameters to the function.

You must ensure that converted files are placed in the container referenced by the outputContainerSasUrl parameter. Files which fail to convert are places in the container referenced by the failedContainerSasUrl parameter.
You need to ensure the files are correctly processed.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: CreateJob
Box 2: TaskSuccess
TaskSuccess: Upload the file(s) only after the task process exits with an exit code of 0.
Incorrect: TaskCompletion: Upload the file(s) after the task process exits, no matter what the exit code was.
Box 3: TaskFailure
TaskFailure:Upload the file(s) only after the task process exits with a nonzero exit code.
Box 4: OutputFiles
To specify output files for a task, create a collection of OutputFile objects and assign it to the CloudTask.OutputFiles property when you create the task.
References:
https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.batch.protocol.models.outputfileuploadcondition
https://docs.microsoft.com/en-us/azure/batch/batch-task-output-files

NEW QUESTION 103
You are developing an ASP.NET Core app that includes feature flags which are managed by Azure App Configuration. You create an Azure App Configuration store named AppFeatureFlagStore that contains a feature flag named Export.
You need to update the app to meet the following requirements:
* Use the Export feature in the app without requiring a restart of the app.
* Validate users before users are allowed access to secure resources.
* Permit users to access secure resources.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: UseAuthentication
Need to validate users before users are allowed access to secure resources.
UseAuthentication adds the AuthenticationMiddleware to the specified IApplicationBuilder, which enables authentication capabilities.
Box 2: UseAuthorization
Need to permit users to access secure resources.
UseAuthorization adds the AuthorizationMiddleware to the specified IApplicationBuilder, which enables authorization capabilities.
Box 3: UseStaticFiles
Need to use the Export feature in the app without requiring a restart of the app.
UseStaticFiles enables static file serving for the current request path Reference:
https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.builder.iapplicationbuilder?view=aspnetcore-5.