(AZ-204 topic) Connect to and Consume Azure Services and Third-party Services Flashcards
Questions for this domain comprise 20% of the total questions for this exam.
Once you have created a resource group in Azure, which is the correct sequence of resources to create to get an Event Hub ready for data ingestion?
- Create an Event Hub account, then an event hub within that account.
- Create an Event Hub namespace, then an event hub within that namespace.
- Create an Event Hub namespace, then an event hub within that namespace, then the encryption scheme.
- Create an Event Hub, then define the encryption scheme.
-Create an Event Hub namespace, then an event hub within that namespace.
All you need is an Event Hub namespace which can contain multiple event hubs.
You have created an Azure Management API and now need to change the Backend ServiceUrl. What is the best PowerShell cmdlet to use for this task?
- Set-AzApiManagementNamedValue
- Set-AzApiManagementGroup
- Set-AzApiManagementApi
- Set-AzApiManagementPolicy
-Set-AzApiManagementApi
You got it. The Set-AzApiManagementApi modifies an API, such as changing the Backend ServiceUrl where the API is pointing to.
What are the advantages to using an Azure Service Bus? (choose 3)
- Application decoupling
- Application notifications
- Real-time data statistics
- Transaction scoping
- Real time event processing
- Load balancing
-Application decoupling
Producer and consumer of the messages on the service bus don’t have to be online or readily available at the same time.
-Transaction scoping
You can group, or scope, several messages in a single transaction, making it atomic.
-Load balancing
Multiple consumers can read from the service bus queue at the same time.
What PowerShell cmdlet would you use to create a new message queue called llamaqueue in the Service Bus namespace ACGServiceBusNS?
- Get-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue
- Set-AzServiceBusQueue -g acg204RG -NamespaceName ACGServiceBusNS -n llamaqueue
- New-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue
- Create-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue
-New-AzServiceBusQueue -ResourceGroupName acg204RG -NamespaceName ACGServiceBusNS -Name llamaqueue
Bingo! You got it.
Your company has taken over a service through acquisition. This service is hosted outside of Azure, but the data it produces is needed in real time inside Azure for order processing and account updates. What is the best way to ensure current and future services within Azure can receive this data consistently and in a timely manner?
- Create an Event Grid and use the system topic for non-Azure services.
- Use an Azure Notification Hub to facilitate communication between the services inside and outside of Azure.
- Create a database instance that all the service can read and write to.
- Create an Event Grid and create a custom topic for non-Azure services.
-Create an Event Grid and create a custom topic for non-Azure services.
An Event Grid with a custom topic is an endpoint the service outside Azure can send events to for all other services to consume.
What does it mean to route custom events in Azure Event Grid?
- Setting up a custom topic and subscribing to it from a third party application.
- Creating a topic in Event Grid for routing events to other Azure services.
- Creating a custom event handler for processing event topics.
- When the event subscription can’t route an event, you need a custom event.
-Setting up a custom topic and subscribing to it from a third party application.
A custom event topic is a way for third party applications to allow other applications to subscribe to their events.
What is the sequence of events to push a notification to a mobile device using Azure Notification Hub?
- Store PNS handle, retrieve PNS handle, send notification to Platform Notification Service, send to device.
- Retrieve PNS handle, send notification to Platform Notification Service, store PNS handle, send to device.
- Retrieve PNS handle, store PNS handle, send notification to Platform Notification Service, send to device.
- Send notification to Platform Notification Service, retrieve PNS handle, store PNS handle, send to device.
-Retrieve PNS handle, store PNS handle, send notification to Platform Notification Service, send to device.
Yup. You have to retrieve a Platform Notification Service handle before you can do anything.
You have created an API in the Azure API Management, which services a large audience. Some accounts are using the API at a rate that is not sustainable. What is the best way to limit accounts from hitting the API too much in a given period of time?
- Implement an access restriction policy to restrict the caller IP address.
- Implement an access restriction policy for the call rate per account.
- Implement an access restriction policy to set a usage quota per account.
- Azure API Management can handle almost unlimited increases in rates so this is not an issue.
-Implement an access restriction policy for the call rate per account.
A call rate policy will limit the inbound rate to the API at any given time.
An existing API in the company is going be moved to Azure for hosting. The API follows the OpenAPI version 3.1.0 definition. What is the best way to move it to Azure?
- Create translation process using Azure Functions and import the API into API Management.
- Use API Management to import the JSON definition of the API.
- Add the API Management third party plugin for Swagger, which allows importing of OpenAPI definitions.
- Import the API into a serverless Azure Function App, then ingest the Function App with Azure API Management.
-Use API Management to import the JSON definition of the API.
Azure API Management supports OpenAPI 100% and you can both import and export the format.
What is the Azure CLI command to create a new API Management API named “llamadrama” with the endpoint “llama”?
- az apim api revision create –service-name llamadrama -g az204RG –api-id LlamaDrama –api-revision ‘/llama’ –api-revision 1
- az apim api create –service-name llamadrama -g az204RG –api-id LlamaDrama –path ‘/llama’ –display-name ‘Llama Drama’
- az apim api operation create –service-name llamadrama -g az204RG –api-id LlamaDrama –url-template “/llama/{param1}/{param2}” –method “GET” –display-name ‘Llama Drama’
- az apim api release create –service-name llamadrama -g az204RG –api-id LlamaDrama –api-revision ‘/llama’ –api-revision 1
-az apim api create –service-name llamadrama -g az204RG –api-id LlamaDrama –path ‘/llama’ –display-name ‘Llama Drama’
‘az apim api create’ creates a new API Management API named “llamadrama” with the endpoint “llama.”
In an Azure Event Grid, what does a subscription define?
- A subscription defines which services can receive events.
- A subscription is the origin of an event.
- A subscription defines the access policies for the Event Grid.
- A subscription defines which events on a topic you’re interested in receiving.
-A subscription defines which events on a topic you’re interested in receiving.
When creating the subscription, you provide an endpoint for handling the event. You can filter the events that are sent to the endpoint.
What does it mean to use the “peeking” scenario for Azure Queue Storage queues?
- Move a message from one queue to another queue.
- Get the queue placement of a specific message on the queue.
- Create a “ghost” message for testing the queue.
- Retrieve queue message without removing it from the queue.
-Retrieve queue message without removing it from the queue.
You can peek at messages to see what fortunes they contain, and still leave the message on the queue. This is useful for a range of scenarios.
You want to create a logic app that monitors changes to a virtual machine named VM01 and sends an email to you about those changes. What should you do?
What the appropriate steps in the correct order?
You would choose the following:
- Create an Azure resource for your logic app.
- Choose a logic app template to build your logic app.
- Add an event grid trigger to create a logic app instance.
- Subscribe your logic app to publisher events.
- Add a condition to run your logic app workflow.
You are the administrator of the Nutex Corporation. You want to configure your Azure API Management instance to protect an API by using Oauth 2.0 protocol with Azure AD. You must pre-authorize your requests in API Management by validating the access tokens of each incoming request. If a request does not have a valid token, API Management has to block it.
What must you do?
- Add an authorization header to the request.
- Register the client application in Azure AD.
- Configure a JWT validation policy.
- In API Management, select Authorization code as the Authorization grant type.
- Configure a JWT validation policy.
You would configure a JWT validation policy. The JWT validation policy pre-authorizes requests in API Management by validating the access tokens of each incoming request. API Management blocks the incoming request if the request does not have a valid token.
You would not register the client application in Azure AD. This solution will not block a request if there is no valid token. You can register an application (backend-app) in Azure AD to represent the API and also the client application, which needs to call the API, but with that, you do not block an invalid token.
You would not add an authorization header to the request because with this step you configure a call to the API from the developer portal.
You would not select Authorization code as the Authorization grant type in API Management because that action enables Oauth 2.0 user authorization in the Developer Console.
You are working as a developer for the Nutex Corporation. You are implementing a solution that sends Azure Events to an external security information and event management (SIEM) system. The external SIEM solution accepts only Kafka standard messages. Your main administrator created an Event Hub for this, but you notice that it is not working. The Event Hubs looks like the following graphic (SEE ATTACHED IMAGE).
Which step should you perform first to integrate with an external SIEM solution?
- Configure Azure Monitor to send relevant security logs.
- Upgrade to Standard Tier.
- Generate sample events and check on the destination services.
- Add Azure Active Directory to the Event Hub.
- Upgrade to Standard Tier.
In this scenario, you are using the Basic tier. You would need to upgrade to Standard Tier. The Standard Tier plan and above supports Kafka messages in Event Hub. The Basic tier does not.
You would not configure Azure Monitor as the first step. This would be the second step in sending logs. You will need to support Kafka messages in Event Hub first.
You would not add Azure Active Directory to the Event Hub. This is an optional step. You would only perform this step if you want to include logs from Azure Active Directory in SIEM.
You would not generate sample events and check on destination services. This action will not reach the destination SIEM because the basic Plan does not support Kafka.