Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

az-204 > (AZ-204 topic) Connect to and Consume Azure Services and Third-party Services > Flashcards

(AZ-204 topic) Connect to and Consume Azure Services and Third-party Services Flashcards

Questions for this domain comprise 20% of the total questions for this exam.

1
Q

Once you have created a resource group in Azure, which is the correct sequence of resources to create to get an Event Hub ready for data ingestion?

  • Create an Event Hub account, then an event hub within that account.
  • Create an Event Hub namespace, then an event hub within that namespace.
  • Create an Event Hub namespace, then an event hub within that namespace, then the encryption scheme.
  • Create an Event Hub, then define the encryption scheme.
A

-Create an Event Hub namespace, then an event hub within that namespace.

All you need is an Event Hub namespace which can contain multiple event hubs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You have created an Azure Management API and now need to change the Backend ServiceUrl. What is the best PowerShell cmdlet to use for this task?

  • Set-AzApiManagementNamedValue
  • Set-AzApiManagementGroup
  • Set-AzApiManagementApi
  • Set-AzApiManagementPolicy
A

-Set-AzApiManagementApi

You got it. The Set-AzApiManagementApi modifies an API, such as changing the Backend ServiceUrl where the API is pointing to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the advantages to using an Azure Service Bus? (choose 3)

  • Application decoupling
  • Application notifications
  • Real-time data statistics
  • Transaction scoping
  • Real time event processing
  • Load balancing
A

-Application decoupling
Producer and consumer of the messages on the service bus don’t have to be online or readily available at the same time.

-Transaction scoping
You can group, or scope, several messages in a single transaction, making it atomic.

-Load balancing
Multiple consumers can read from the service bus queue at the same time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What PowerShell cmdlet would you use to create a new message queue called llamaqueue in the Service Bus namespace ACGServiceBusNS?

  • Get-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue
  • Set-AzServiceBusQueue -g acg204RG -NamespaceName ACGServiceBusNS -n llamaqueue
  • New-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue
  • Create-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue
A

-New-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue

Bingo! You got it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Your company has taken over a service through acquisition. This service is hosted outside of Azure, but the data it produces is needed in real time inside Azure for order processing and account updates. What is the best way to ensure current and future services within Azure can receive this data consistently and in a timely manner?

  • Create an Event Grid and use the system topic for non-Azure services.
  • Use an Azure Notification Hub to facilitate communication between the services inside and outside of Azure.
  • Create a database instance that all the service can read and write to.
  • Create an Event Grid and create a custom topic for non-Azure services.
A

-Create an Event Grid and create a custom topic for non-Azure services.

An Event Grid with a custom topic is an endpoint the service outside Azure can send events to for all other services to consume.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does it mean to route custom events in Azure Event Grid?

  • Setting up a custom topic and subscribing to it from a third party application.
  • Creating a topic in Event Grid for routing events to other Azure services.
  • Creating a custom event handler for processing event topics.
  • When the event subscription can’t route an event, you need a custom event.
A

-Setting up a custom topic and subscribing to it from a third party application.

A custom event topic is a way for third party applications to allow other applications to subscribe to their events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the sequence of events to push a notification to a mobile device using Azure Notification Hub?

  • Store PNS handle, retrieve PNS handle, send notification to Platform Notification Service, send to device.
  • Retrieve PNS handle, send notification to Platform Notification Service, store PNS handle, send to device.
  • Retrieve PNS handle, store PNS handle, send notification to Platform Notification Service, send to device.
  • Send notification to Platform Notification Service, retrieve PNS handle, store PNS handle, send to device.
A

-Retrieve PNS handle, store PNS handle, send notification to Platform Notification Service, send to device.

Yup. You have to retrieve a Platform Notification Service handle before you can do anything.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You have created an API in the Azure API Management, which services a large audience. Some accounts are using the API at a rate that is not sustainable. What is the best way to limit accounts from hitting the API too much in a given period of time?

  • Implement an access restriction policy to restrict the caller IP address.
  • Implement an access restriction policy for the call rate per account.
  • Implement an access restriction policy to set a usage quota per account.
  • Azure API Management can handle almost unlimited increases in rates so this is not an issue.
A

-Implement an access restriction policy for the call rate per account.

A call rate policy will limit the inbound rate to the API at any given time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An existing API in the company is going be moved to Azure for hosting. The API follows the OpenAPI version 3.1.0 definition. What is the best way to move it to Azure?

  • Create translation process using Azure Functions and import the API into API Management.
  • Use API Management to import the JSON definition of the API.
  • Add the API Management third party plugin for Swagger, which allows importing of OpenAPI definitions.
  • Import the API into a serverless Azure Function App, then ingest the Function App with Azure API Management.
A

-Use API Management to import the JSON definition of the API.

Azure API Management supports OpenAPI 100% and you can both import and export the format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the Azure CLI command to create a new API Management API named “llamadrama” with the endpoint “llama”?

  • az apim api revision create –service-name llamadrama -g az204RG –api-id LlamaDrama –api-revision ‘/llama’ –api-revision 1
  • az apim api create –service-name llamadrama -g az204RG –api-id LlamaDrama –path ‘/llama’ –display-name ‘Llama Drama’
  • az apim api operation create –service-name llamadrama -g az204RG –api-id LlamaDrama –url-template “/llama/{param1}/{param2}” –method “GET” –display-name ‘Llama Drama’
  • az apim api release create –service-name llamadrama -g az204RG –api-id LlamaDrama –api-revision ‘/llama’ –api-revision 1
A

-az apim api create –service-name llamadrama -g az204RG –api-id LlamaDrama –path ‘/llama’ –display-name ‘Llama Drama’

‘az apim api create’ creates a new API Management API named “llamadrama” with the endpoint “llama.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In an Azure Event Grid, what does a subscription define?

  • A subscription defines which services can receive events.
  • A subscription is the origin of an event.
  • A subscription defines the access policies for the Event Grid.
  • A subscription defines which events on a topic you’re interested in receiving.
A

-A subscription defines which events on a topic you’re interested in receiving.

When creating the subscription, you provide an endpoint for handling the event. You can filter the events that are sent to the endpoint.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does it mean to use the “peeking” scenario for Azure Queue Storage queues?

  • Move a message from one queue to another queue.
  • Get the queue placement of a specific message on the queue.
  • Create a “ghost” message for testing the queue.
  • Retrieve queue message without removing it from the queue.
A

-Retrieve queue message without removing it from the queue.

You can peek at messages to see what fortunes they contain, and still leave the message on the queue. This is useful for a range of scenarios.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You want to create a logic app that monitors changes to a virtual machine named VM01 and sends an email to you about those changes. What should you do?

What the appropriate steps in the correct order?

A

You would choose the following:

  1. Create an Azure resource for your logic app.
  2. Choose a logic app template to build your logic app.
  3. Add an event grid trigger to create a logic app instance.
  4. Subscribe your logic app to publisher events.
  5. Add a condition to run your logic app workflow.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You are the administrator of the Nutex Corporation. You want to configure your Azure API Management instance to protect an API by using Oauth 2.0 protocol with Azure AD. You must pre-authorize your requests in API Management by validating the access tokens of each incoming request. If a request does not have a valid token, API Management has to block it.

What must you do?

  • Add an authorization header to the request.
  • Register the client application in Azure AD.
  • Configure a JWT validation policy.
  • In API Management, select Authorization code as the Authorization grant type.
A
  • Configure a JWT validation policy.

You would configure a JWT validation policy. The JWT validation policy pre-authorizes requests in API Management by validating the access tokens of each incoming request. API Management blocks the incoming request if the request does not have a valid token.

You would not register the client application in Azure AD. This solution will not block a request if there is no valid token. You can register an application (backend-app) in Azure AD to represent the API and also the client application, which needs to call the API, but with that, you do not block an invalid token.

You would not add an authorization header to the request because with this step you configure a call to the API from the developer portal.

You would not select Authorization code as the Authorization grant type in API Management because that action enables Oauth 2.0 user authorization in the Developer Console.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You are working as a developer for the Nutex Corporation. You are implementing a solution that sends Azure Events to an external security information and event management (SIEM) system. The external SIEM solution accepts only Kafka standard messages. Your main administrator created an Event Hub for this, but you notice that it is not working. The Event Hubs looks like the following graphic (SEE ATTACHED IMAGE).

Which step should you perform first to integrate with an external SIEM solution?

  • Configure Azure Monitor to send relevant security logs.
  • Upgrade to Standard Tier.
  • Generate sample events and check on the destination services.
  • Add Azure Active Directory to the Event Hub.
A
  • Upgrade to Standard Tier.

In this scenario, you are using the Basic tier. You would need to upgrade to Standard Tier. The Standard Tier plan and above supports Kafka messages in Event Hub. The Basic tier does not.

You would not configure Azure Monitor as the first step. This would be the second step in sending logs. You will need to support Kafka messages in Event Hub first.

You would not add Azure Active Directory to the Event Hub. This is an optional step. You would only perform this step if you want to include logs from Azure Active Directory in SIEM.

You would not generate sample events and check on destination services. This action will not reach the destination SIEM because the basic Plan does not support Kafka.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You are the administrator of the Nutex Corporation. You want to use Firebase Cloud Messaging together with Azure Notification Hub to push notifications to all registrations and to registered devices.

Which task or code snippet would you NOT use for that?

  • Use foreach (var category in categories) {templateParams[“messageParam”] = “Breaking “ + category + “ News!”; await hub.SendTemplateNotificationAsync(templateParams, category);}
  • In the build.gradle file, add: implementation ‘com.google.firebase:firebase-core:16.0.8’; implementation ‘com.google.firebase:firebase-messaging:17.3.4
  • Use Config.MessageHandlers.Add(new AuthenticationTestHandler());
  • In the build.gradle file, add: classpath ‘com.google.gms:google-services:4.0.1’
  • In the build.gradle file, add: apply plugin: ‘com.google.gms.google-services’
A

You would not choose Config.MessageHandlers.Add(new AuthenticationTestHandler());, because with that code snippet, you register the message handler to use a push notification for Firebase Cloud Messaging. You do not need to do push notifications to all registrations and push notifications to registered devices.

You would add: apply plugin: ‘com.google.gms.google-services’ in the build.gradle file, because to push notifications to all registrations, you have to add that code line to the build.gradle file.

You would add: implementation ‘com.google.firebase:firebase-core:16.0.8’; implementation ‘com.google.firebase:firebase-messaging:17.3.4 in the build.gradle file, because you have to add that code line to the build.gradle file to push notifications to all registrations.

You would add: classpath ‘com.google.gms:google-services:4.0.1’ in the build.gradle file, because you have to add that code line to the build.gradle file to push notifications to all registrations.

You would use foreach (var category in categories)

  • {templateParams[“messageParam”] = “Breaking “ + category + “ News!”; await hub.SendTemplateNotificationAsync(templateParams, category);}*, because with that, you can implement push notification to specific devices through categories and tags.
  • Use Config.MessageHandlers.Add(new AuthenticationTestHandler());
17
Q

You want to access data sources on-premises from your logic apps. You take the following actions:

  • You download and install the data gateway on a Windows Server 2012 R2 server.
  • You create an Azure resource for the gateway.
  • You attempt to create a connection between your logic app and your on-premises data source by using the gateway.

You run the following Test-NetConnection command and see the following output:

Test-NetConnection -ComputerName watchdog.servicebus.windows.net -Port 9350

ComputerName : watchdog.servicebus.windows.net
RemoteAddress : 70.37.104.240
RemotePort : 5672
InterfaceAlias : vEthernet (Broadcom NetXtreme Gigabit Ethernet - Virtual Switch)
SourceAddress : 10.10.10.98
PingSucceeded : False
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded : False

You determine that your gateway is blocked by a firewall. Which ports must be configured on the firewall for the data gateway to create an outbound connection to the Azure Service Bus? (Choose all that apply.)

  • 80
  • 13000-13050
  • 7890-7899
  • 9350-9354
  • 5671-5672
  • 4201-4299
  • 389
  • 443
A
  • 9350-9354 for Listeners on Service Bus Relay over TCP.
  • 5671-5672 for Advanced Message Queuing Protocol (AMQP)
  • 443 for HTTPS

The attached image shows the ports needed to be open on a firewall in order to create an outbound connection to the Azure Service Bus.

You would not open ports 7890-7899. This range is used for the iControl Internet Cafe Suite Administration software, which is not needed here.

You would not open port 80. This is used for HTTP, and HTTPS or port 443 is required in this scenario.

You would not open port 389. This port is used for Lightweight Directory Access Protocol (LDAP), which is not needed.

You would not open ports 13000-13050 or ports 4201-4299. These ranges are used by online games and are not needed.

18
Q

You are the administrator of the Nutex Corporation. You must configure policies for your API’s using API Management service and API gateways.

Which of the following policies are NOT access restriction policies? (Choose all that apply.)

  • Limit call rate by subscription
  • Check HTTP header
  • Set usage quota by key
  • Authentication-basic policy
  • Authentication-certificate policy
  • Restrict caller IPs
  • Cross-domain policy
A
  • Authentication-basic policy
  • Authentication-certificate policy
  • Cross-domain policy

You would use an Authentication-basic policy because this kind of policy is an API Management authentication policy and not an access restriction policy. With this policy, you authenticate with a backend service using Basic authentication.

You would use an Authentication-certificate policy because this kind of policy is an API Management authentication policy and not an access restriction policy. With this policy, you authenticate with a backend service using a client certificate.

You would use a cross-domain policy. With this kind of policy, you make the API accessible from Adobe Flash and Microsoft Silverlight browser-based clients.

You would not use a check-header policy because this is an access restriction policy. You can use the check-header policy to enforce a request that has a specified HTTP header. You can optionally check to see if the header has a specific value or check for a range of allowed values. If the check fails, the policy terminates request processing and returns the HTTP status code and error message specified by the policy.

You would not use a limit call rate by subscription policy because this is an access restriction policy. The rate-limit policy prevents API usage spikes on a per subscription basis by limiting the call rate to a specified number in a specified time period. When this policy is triggered, the caller receives a 429 Too Many Requests response status code.

You would not use a restrict caller IPs policy because this is an access restriction policy. The IP-filter policy filters (allows/denies) calls from specific IP addresses or address ranges.

You would not use a set usage quota-by-key policy because the quota-by-key policy enforces a renewable or lifetime call volume and/or bandwidth quota on a per key basis. The key can have an arbitrary string value and is typically provided using a policy expression. Optional increment conditions can be added to specify which requests should be counted towards the quota. If multiple policies would increment the same key value, it is incremented only once per request. When the call limit is reached, the caller receives a 403 Forbidden response status code.

19
Q

A company is building a traffic monitoring system. The system would be monitoring the traffic along 4 highways. The system would be responsible for producing a time series-based analysis report for each highway.

The traffic sensors on each highway have been configured to send its data to Azure Event Hubs. The data from Event Hubs is then consumed by three departments. Each department makes use of an Azure Web App to display the data.

You have to implement the Azure Event Hub instance. You need to implement a solution which ensures data throughput is maximized and latency is minimized.

Which of the following would you use as the partition key?

  • Highway
  • Department
  • Timestamp
  • Datestamp
A
  • Highway

Since the data would come in for each highway, the highway represented by probably a highway number would be ideal for the partition key.

https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-features#partitions

20
Q

Which of the following needs to be used to secure the Logic App?

  • Azure App Service Environment
  • Azure AD B2B Integration
  • Integration Service Environment
  • VNet service endpoint
A

Here we need to comply with the following requirement of the case study

“Resources used by the Azure Logic App must be secured to the corporate virtual network and also use dedicated storage resources with a fixed costing model”

For this we should use Integration Service Environment

https: //azure.microsoft.com/en-us/blog/announcing-azure-integration-service-environment-for-logic-apps/
* Integration Service Environment

21
Q

You are developing an application that is going to making use of the Azure Service Bus. You have to create filters based on the different types of subscribers that would subscribe to the topic. The broad classification of these subscribers are

  • Subscribers should be able to receive all messages being sent to the topic
  • Subscribers should NOT be able to receive all messages being sent to the topic
  • Subscribers should be able to receive messages based on a SQL-like conditional expression

Which of the following would you use as the filter condition for the requirement?

“Subscribers should be able to receive all messages being sent to the topic”

  • Boolean filters
  • Primary filters
  • SQL filters
  • Correlation filters
A
  • Boolean filters
    https: //docs.microsoft.com/en-us/azure/service-bus-messaging/topic-filters
22
Q

A company is implementing an order processing system. The orders are going to be published to an Azure Service Bus topic. The properties of the messages that would be sent are as follows.

Property - Description

Location - The region of the shipment

CorrelationID - Used as the priority value for the order

Quantity - User defined property that defines the order quantity

Audited - User defined property that defines the order date

LaterOrders - This subscription will be used in the future and should not accept any orders at the moment

HighPriorityOrders - Here all the high priority orders should be sent

GlobalOrders - Here the order where the region is not USA should be sent

HighOrders - Orders where the quantity is greater than 1000 should be sent

AllOrders - For auditing purposes, all orders should be sent here

You need to implement the right filters for each of the subscriptions given above.

Which of the following would you implement for the Subscription – AllOrders?

  • SqlFilter
  • CorrelationFilter
  • TrueFilter
  • FalseFilter
A
  • TrueFilter
    https: //docs.microsoft.com/en-us/azure/service-bus-messaging/topic-filters

az-204 (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions