2017 June Microsoft Official New Released 70-533 Dumps in Lead2pass.com!
100% Free Download! 100% Pass Guaranteed!
Lead2pass is ready to provide Microsoft candidates with 70-533 exam dumps which can be very helpful for getting Microsoft certification, which means that candidates can easily get access to the services of Microsoft 70-533 exam dumps, which will assure them 100% passing success rate. With Lead2pass 70-533 exam dumps, it will be easy to pass your 70-533 exam at your first time.
Following questions and answers are all new published by Microsoft Official Exam Center: http://www.lead2pass.com/70-533.html
QUESTION 16
Drag and Drop Question
You manage an application deployed to a cloud service that utilizes an Azure Storage account.
The cloud service currently uses the primary access key.
Security policy requires that all shared access keys are changed without causing application downtime.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
QUESTION 17
You manage an Azure web app in standard service tier at the following address: contoso.azurewebsites.net
Your company has a new domain for the site named www.contoso.com that must be accessible by secure socket layer(SSL) encryption.
You need to add a custom domain to the Azure web app and assign an SSL certifcate.
Which three actions should you perform? Each correct answer presents part of the solution.
A. Add SSL binding for the www.contosco.com domain with the IP-based SSL option selected.
B. Create a CNAME record from www.contoso.com to contoso.azurewebsites.net.
C. Create a new file that will redirect the site to the new URL and upload it to the Azure Web site.
D. Add SSL binding for the www.contoso.com domain with the server Nameindication (SNL)SSL option selected.
E. Add www.contoso.com to the list of domain names as a custom domain.
Answer: ABC
Explanation:
Step 1: When adding a CNAME record, you must set the Host Name field to the sub-domain you wish to use.
For example, www. You must set the Address field to the .azurewebsites.netdomain name of your Azure Website. For example, contoso.azurwebsites.net.
* Step 2: Modify the service definition and configuration files
Your application must be configured to use the certificate, and an HTTPS endpoint must be added. As a result, the service definition and service configuration files need to be updated.
* Step 3:
IP based SSL associates a certificate with a domain name by mapping the dedicated public IP address of the server to the domain name. This requires each domain name (contoso.com,
fabricam.com, etc.) associated with your service to have a dedicated IP address. This is the traditional method of associating SSL certificates with a web server.
Reference: Enable HTTPS for an Azure website
http://azure.microsoft.com/en-us/documentation/articles/web-sites-configure-sslcertificate/
QUESTION 18
You manage two datacenters in different geographic regions and one branch office.
You plan to implement a geo-redundant backup solution.
You need to ensure that each datacenter is a cold site for the other.
You create a recovery vault. What should you do next?
A. Install the provider.
B. Upload a certificate to the vault.
C. Generate a vault key.
D. Set all virtual machines to DHCP.
E. Prepare System Center Virtual Machine Manager (SCVMM) servers.
F. Create mappings between the virtual machine (VM) networks.
Answer: C
Explanation:
Within the Azure Portal screen, scroll down to Recovery Services (on the left menu), and click on “Create a New Vault” (this is where your VMs will be replicated to) which will bring up a Data Services / Recovery Services / Site Recovery Vault option, select Quick Create
For the name of the Vault, give it something you’d remember, in my case, I’ll call it RandsVault, and I’ll choose the Region West US since I’m in the Western United States, then click Create Vault
Once the Vault has been created, click on the Right Arrow next to the name of your vault. Under Setup Recovery, choose “Between an on-premise site and Microsoft Azure” so that you are telling the configuration settings that you are going to be replicating between your on-premise datacenter and Azure in the cloud.
You will now see a list of things you need to do which the first thing is to create a key exchange of certificates between Microsoft Azure and your VMM server.
QUESTION 19
You manage a collection of large video files that is stored in an Azure Storage account.
A user wants access to one of your video files within the next seven days.
You need to allow the user access only to the video file, and then revoke access once the user no longer needs it.
What should you do?
A. Give the user the secondary key for the storage account.
Once the user is done with the file, regenerate the secondary key.
B. Create an Ad-Hoc Shared Access Signature for the Blob resource.
Set the Shared Access Signature to expire in seven days.
C. Create an access policy on the container.
Give the external user a Shared Access Signature for the blob by using the policy.
Once the user is done with the file, delete the policy.
D. Create an access policy on the blob.
Give the external user access by using the policy.
Once the user is done with the file, delete the policy.
Answer: C
Explanation:
See 3) below.
By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to other clients without sharing your access key, you have the following options for permitting access:
1.You can set a container’s permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.
2. You can expose a resource via a shared access signature, which enables you to delegate restricted access to a container, blob, table or queue resource by specifying the interval for which the resources are available and the permissions that a client will have to it.
3. You can use a stored access policy to manage shared access signatures for a container or its blobs, for a queue, or for a table. The stored access policy gives you an additional measure of control over your shared access signatures and also provides a straightforward means to revoke them.
QUESTION 20
You administer an Azure Storage account named contoso storage.
The account has queue containers with logging enabled.
You need to view all log files generated during the month of July 2014.
Which URL should you use to access the list?
A. http://contosostorage.queue.core.windows.net/Slogs?
restype=container&comp=list&prefix=queue/2014/07
B. http://contosostorage.queue.core.windows.net/Sfiles?
restype=container&comp=list&prefix=queue/2014/07
C. http://contosostorage.blob.core.windows.net/Sfiles?
restype=container&comp=list&prefix=blob/2014/07
D. http://contosostorage.blob.core.windows.net/Slogs?
restype=container&comp=list&prefix=blob/2014/07
Answer: D
Explanation:
All logs are stored in block blobs in a container named $logs, which is automatically created when Storage Analytics is enabled for a storage account. The $logs container is located in the blob namespace of the storage account, for example: http://.blob.core.windows.net/$logs.
This container cannot be deleted once Storage Analytics has been enabled, though its contents can be deleted.
http://msdn.microsoft.com/library/azure/hh343262.aspx
QUESTION 21
You manage an Azure subscription with virtual machines (VMs) that are running in Standard mode.
You need to reduce the storage costs associated with the VMs.
What should you do?
A. Locate and remove orphaned disks.
B. Add the VMs to an affinity group.
C. Change VMs to the Basic tier.
D. Delete the VHD container.
Answer: A
Explanation:
http://azure.microsoft.com/en-us/pricing/details/virtual-machines
QUESTION 22
You manage several Azure virtual machines (VMs).
You create a custom image to be used by employees on the development team.
You need to ensure that the custom image is available when you deploy new servers.
Which Azure Power Shell cmdlet should you use?
A. Update-AzureVMImage
B. Add-AzureVhd
C. Add-AzureVMImage
D. Update-AzureDisk
E. Add-AzureDataDisk
Answer: C
Explanation:
The Add-AzureVMImage cmdlet adds an operating system image to the image repository.
The image should be a generalized operating system image, using either Sysprep for Windows or, for Linux, using the appropriate tool for the distribution.
Example
This example adds an operating system image to the repository.
Windows PowerShell
C:\PS>Add-AzureVMImage -ImageName imageName -MediaLocation
http://yourstorageaccount.blob.core.azure.com/container/sampleImage.vhd -Label
QUESTION 23
You manage an Azure virtual network that hosts 15 virtual machines (VMs) on a single subnet which is used for testing a line of business (LOB) application.
The application is deployed to a VM named TestWebServiceVM.
You need to ensure that TestWebServiceVM always starts by using the same IP address.
You need to achieve this goal by using the least amount of administrative effort.
What should you do?
A. Use the Management Portal to configure TestWebServiceVM.
B. Use RDP to configure TestWebServiceVM.
C. Run the Set-AzureStaticVNetIP PowerShell cmdlet.
D. Run the Get-AzureReservedIP PowerShell cmdlet.
Answer: C
Explanation:
Specify a static internal IP for a previously created VM
If you want to set a static IP address for a VM that you previously created, you can do so by using the following cmdlets. If you already set an IP address for the VM and you want to change it to a different IP address, you’ll need to remove the existing static IP address before running these cmdlets. See the instructions below to remove a static IP. For this procedure, you’ll use the Update-AzureVM cmdlet. The Update-AzureVM cmdlet restarts the VM as part of the update process. The DIP that you specify will be assigned after the VM restarts. In this example, we set the IP address for VM2, which is located in cloud service StaticDemo.
Get-AzureVM -ServiceName StaticDemo -Name VM2 | Set-AzureStaticVNetIP -IPAddress 192.168.4.7 | Update-AzureVM
http://msdn.microsoft.com/en-us/library/azure/dn630228.aspx
QUESTION 24
Drag and Drop Question
You administer two virtual machines (VMs) that are deployed to a cloud service.
The VMs are part of a virtual network.
The cloud service monitor and virtual network configuration are configured as shown in the exhibits. (Click the Exhibits button.)
You need to create an internal load balancer named fabLoadBalancer that has a static IP address of 172.16.0.100.
Which value should you use in each parameter of the Power Shell command? To answer, drag the appropriate value to the correct location in the Power Shell command. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 25
Your network environment includes remote employees.
You need to create a secure connection for the remote employees who require access to your Azure virtual network.
What should you do?
A. Deploy Windows Server 2012 RRAS.
B. Configure a point-to-site VPN.
C. Configure an ExpressRoute.
D. Configure a site-to-site VPN.
Answer: B
Explanation:
New Point-To-Site Connectivity
With today’s release we’ve added an awesome new feature that allows you to setup VPN connections between individual computers and a Windows Azure virtual network without the need for a VPN device. We call this feature Point-to-Site Virtual Private Networking. This feature greatly simplifies setting up secure connections between Windows Azure and client machines, whether from your office environment or from remote locations.
It is especially useful for developers who want to connect to a Windows Azure Virtual Network (and to the individual virtual machines within it) from either behind their corporate firewall or a remote location. Because it is point-to-site they do not need their IT staff to perform any activities to enable it, and no VPN hardware needs to be installed or configured. Instead you can just use the built-in Windows VPN client to tunnel to your Virtual Network in Windows Azure.
http://azure.microsoft.com/blog/2013/04/26/virtual-network-adds-new-capabilities-for-cross-premises-connectivity/
QUESTION 26
Drag and Drop Question
Your development team has created a new solution that is deployed in a virtual network named fabDevVNet.
Your testing team wants to begin testing the solution in a second Azure subscription.
You need to create a virtual network named fabTestVNet that is identical to fabDevVNet.
You want to achieve this goal by using the least amount of administrative effort.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
QUESTION 27
Drag and Drop Question
You have a solution deployed into a virtual network in Azure named fabVNet.
The fabVNet virtual network has three subnets named Apps, Web, and DB that are configured as shown in the exhibit. (Click the Exhibits button.)
You want to deploy two new VMs to the DB subnet.
You need to modify the virtual network to expand the size of the DB subnet to allow more IP addresses.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
QUESTION 28
You manage a cloud service that has a web role named fabWeb.
You create a virtual network named fabVNet that has two subnets defined as Web and Apps.
You need to be able to deploy fabWeb into the Web subnet.
What should you do?
A. Modify the service definition (csdef) for the cloud service.
B. Run the Set-AzureSubnet PowerShell cmdlet.
C. Run the Set-AzureVNetConfig PowerShell cmdlet.
D. Modify the network configuration file.
E. Modify the service configuration (cscfg) for the fabWeb web role.
Answer: E
Explanation:
To deploy a cloud service into the Apps subnet in the virtual network, you need to add a element to the cloud service configuration file with settings identify-ing the Apps subnet in the virtual network.
When the cloud service with this configuration is deployed, Azure will identify the network configuration and provision the virtual machine instances in the Apps subnet.
https://outhereinthefield.wordpress.com/2014/05/23/adding-a-windows-azure-cloud-service-to-virtual-network/
QUESTION 29
Drag and Drop Question
You manage two solutions in separate Azure subscriptions.
You need to ensure that the two solutions can communicate on a private network.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Note: In this procedure, we’ll walk you through connecting two virtual networks, VNet1 and VNet2. You’ll need to be comfortable with networking in order to substitute the IP address ranges that are compatible with your network design requirements. From an Azure virtual network, connecting to another Azure virtual network is the same as connecting to an on premises network via Site-to-site (S2S) VPN.
This procedure primarily uses the Management Portal, however, you must use Microsoft Azure PowerShell cmdlets to connect the VPN gateways.
QUESTION 30
Your company has recently signed up for Azure.
You plan to register a Data Protection Manager (DPM) server with the Azure Backup service.
You need to recommend a method for registering the DPM server with the Azure Backup vault.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Import a self-signed certificate created using the makecert tool.
B. Import a self-signed certificate created using the createcert tool.
C. Import an X.509 v3 certificate with valid clientauthentication EKU.
D. Import an X.509 v3 certificate with valid serverauthentication EKU.
Answer: AC
Explanation:
A: You can create a self-signed certificate using the makecert tool, or use any valid SSL certificate issued by a Certification Authority (CA) trusted by Microsoft, whose root certificates are distributed via the Microsoft Root Certificate Program.
C: The certificate must have a valid ClientAuthentication EKU.
http://technet.microsoft.com/en-us/library/dn296608.aspx
Lead2pass are committed on providing you with the latest and most accurate 70-533 exam dumps. Our 70-533 dump is rich in variety. We offer 70-533 PDF dumps and 70-533 VCE dumps. We ensure you can pass the 70-533 easily. Welcome to Lead2pass.com.
70-533 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDeFgyaGRNaE5iaFk
2017 Microsoft 70-533 exam dumps (All 217 Q&As) from Lead2pass:
http://www.lead2pass.com/70-533.html [100% Exam Pass Guaranteed]