Practice Set 1 Flashcards

1
Q

You are writing code to create and run an Azure Batch job.
You have created a pool of compute nodes.
You need to choose the right class and its method to submit a batch job to the Batch service.
Which method should you use?

A. JobOperations.EnableJobAsync(String, IEnumerable,CancellationToken)

B. JobOperations.CreateJob()

C. CloudJob.Enable(IEnumerable)

D. JobOperations.EnableJob(String,IEnumerable)

E. CloudJob.CommitAsync(IEnumerable, CancellationToken)

A

Correct Answer: E
A Batch job is a logical grouping of one or more tasks. A job includes settings common to the tasks, such as priority and the pool to run tasks on. The app uses the
BatchClient.JobOperations.CreateJob method to create a job on your pool.
The Commit method submits the job to the Batch service. Initially the job has no tasks.
{
CloudJob job = batchClient.JobOperations.CreateJob();
job.Id = JobId;
job.PoolInformation = new PoolInformation { PoolId = PoolId }; job.Commit();
}

References:
https://docs.microsoft.com/en-us/azure/batch/quick-run-dotnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You are developing Azure WebJobs.
You need to recommend a WebJob type for each scenario.
Which WebJob type should you recommend? To answer, drag the appropriate WebJob types to the correct scenarios. Each WebJob type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

A

Box 1: Continuous -
Continuous runs on all instances that the web app runs on. You can optionally restrict the WebJob to a single instance.

Box 2: Triggered -
Triggered runs on a single instance that Azure selects for load balancing.

Box 3: Continuous -
Continuous supports remote debugging.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You are developing a software solution for an autonomous transportation system. The solution uses large data sets and Azure Batch processing to simulate navigation sets for entire fleets of vehicles.
You need to create compute nodes for the solution on Azure Batch.
What should you do?

A. In the Azure portal, add a Job to a Batch account.

B. In a .NET method, call the method: BatchClient.JobOperations.CreateJob

C. In Python, implement the class: JobAddParameter

D. In Azure CLI, run the command: az batch pool create

E. In a .NET method, call the method: BatchClient.PoolOperations.CreatePool

F. In Python, implement the class: TaskAddParameter

G. In the Azure CLI, run the command: az batch account create

A

Correct Answer: B
A Batch job is a logical grouping of one or more tasks. A job includes settings common to the tasks, such as priority and the pool to run tasks on. The app uses the
BatchClient.JobOperations.CreateJob method to create a job on your pool.
Note:
Step 1: Create a pool of compute nodes. When you create a pool, you specify the number of compute nodes for the pool, their size, and the operating system.
When each task in your job runs, it’s assigned to execute on one of the nodes in your pool.
Step 2: Create a job. A job manages a collection of tasks. You associate each job to a specific pool where that job’s tasks will run.
Step 3: Add tasks to the job. Each task runs the application or script that you uploaded to process the data files it downloads from your Storage account. As each task completes, it can upload its output to Azure Storage.
Incorrect Answers:
C, F: To create a Batch pool in Python, the app uses the PoolAddParameter class to set the number of nodes, VM size, and a pool configuration.
E: BatchClient.PoolOperations does not have a CreateJob method.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You are deploying an Azure Kubernetes Services (AKS) cluster that will use multiple containers.
You need to create the cluster and verify that the services for the containers are configured correctly and available.
Which four commands should you use to develop the solution? To answer, move the appropriate command segments from the list of command segments to the answer area and arrange them in the correct order.
Select and Place:

A

Step 1: az group create -
Create a resource group with the az group create command. An Azure resource group is a logical group in which Azure resources are deployed and managed.
Example: The following example creates a resource group named myAKSCluster in the eastus location. az group create –name myAKSCluster –location eastus

Step 2 : az aks create -
Use the az aks create command to create an AKS cluster.

Step 3: kubectl apply -
To deploy your application, use the kubectl apply command. This command parses the manifest file and creates the defined Kubernetes objects.

Step 4: az aks get-credentials -
Configure it with the credentials for the new AKS cluster. Example: az aks get-credentials –name aks-cluster –resource-group aks-resource-group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You are preparing to deploy a medical records application to an Azure virtual machine (VM). The application will be deployed by using a VHD produced by an on-premises build server.
You need to ensure that both the application and related data are encrypted during and after deployment to Azure.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

A

Correct Answer: Explanation
Step 1: Encrypt the on-premises VHD by using BitLocker without a TPM. Upload the VM to Azure Storage
Step 2: Run the Azure PowerShell command Set-AzureRMVMOSDisk
To use an existing disk instead of creating a new disk you can use the Set-AzureRMVMOSDisk command.
Example:
$osDiskName = $vmname+’_osDisk’
$osDiskCaching = ‘ReadWrite’
$osDiskVhdUri = “https://$stoname.blob.core.windows.net/vhds/”+$vmname+”_os.vhd”
$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -Create
Step 3: Run the Azure PowerShell command Set-AzureRmVMDiskEncryptionExtension
Use the Set-AzVMDiskEncryptionExtension cmdlet to enable encryption on a running IaaS virtual machine in Azure.
Incorrect:
Not TPM: BitLocker can work with or without a TPM. A TPM is a tamper resistant security chip on the system board that will hold the keys for encryption and check the integrity of the boot sequence and allows the most secure BitLocker implementation. A VM does not have a TPM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You plan to create a Docker image that runs as ASP.NET Core application named ContosoApp. You have a setup script named setupScript.ps1 and a series of application files including ContosoApp.dll.
You need to create a Dockerfile document that meets the following requirements:
✑ Call setupScript.ps1 when the container is built.
✑ Run ContosoApp.dll when the container starts.
The Docker document must be created in the same folder where ContosoApp.dll and setupScript.ps1 are stored.
Which four commands should you use to develop the solution? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
Select and Place:

A

Correct Answer: Explanation
Step 1: WORKDIR /apps/ContosoApp
Step 2: COPY ./-
The Docker document must be created in the same folder where ContosoApp.dll and setupScript.ps1 are stored.
Step 3: EXPOSE ./ContosApp/ /app/ContosoApp
Step 4: CMD powershell ./setupScript.ps1
ENTRYPOINT [“dotnet”, “ContosoApp.dll”]
You need to create a Dockerfile document that meets the following requirements:
✑ Call setupScript.ps1 when the container is built.
✑ Run ContosoApp.dll when the container starts.
References:
https://docs.microsoft.com/en-us/azure/app-service/containers/tutorial-custom-docker-image

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You are creating a script that will run a large workload on an Azure Batch pool. Resources will be reused and do not need to be cleaned up after use.
You have the following parameters:
$script - the script that will run across the batch pool
$image - the image that pool worker process will use
$sku - the node agent SKU ID
$numberOfJobs - number of jobs to run
You need to write an Azure CLI script that will create the jobs, tasks, and the pool.
In which order should you arrange the commands to develop the solution? To answer, move the appropriate commands from the list of command segments to the answer area and arrange them in the correct order.

A

Correct Answer: Explanation
Step 1: az batch pool create -
# Create a new Linux pool with a virtual machine configuration. az batch pool create \
–id mypool \
–vm-size Standard_A1 \
–target-dedicated 2 \
–image canonical:ubuntuserver:16.04-LTS \
–node-agent-sku-id “batch.node.ubuntu 16.04”
Step 2: az batch job create -
# Create a new job to encapsulate the tasks that are added.
az batch job create \
–id myjob \
–pool-id mypool
Step 3: az batch task create -
# Add tasks to the job. Here the task is a basic shell command. az batch task create \
–job-id myjob \
–task-id task1 \
–command-line “/bin/bash -c ‘printenv AZ_BATCH_TASK_WORKING_DIR’”
Step 4: for i in {1..$numberOfJobs} do

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You are developing a Docker/Go using Azure App Service Web App for Containers. You plan to run the container in an App Service on Linux. You identify a
Docker container image to use.
None of your current resource groups reside in a location that supports Linux. You must minimize the number of resource groups required.
You need to create the application and perform an initial deployment.
Which three Azure CLI commands should you use to develop the solution? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
Select and Place:

A

You can host native Linux applications in the cloud by using Azure Web Apps. To create a Web App for Containers, you must run Azure CLI commands that create a group, then a service plan, and finally the web app itself.
Step 1: az group create -
In the Cloud Shell, create a resource group with the az group create command.
Step 2: az appservice plan create
In the Cloud Shell, create an App Service plan in the resource group with the az appservice plan create command.
Step 3: az webapp create -
In the Cloud Shell, create a web app in the myAppServicePlan App Service plan with the az webapp create command. Don’t forget to replace with a unique app name, and <docker-id> with your Docker ID.</docker-id>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You are preparing to deploy an Azure virtual machine (VM)-based application. The VMs that run the application have the following requirements:
✑ When a VM is provisioned the firewall must be automatically configured before it can access Azure resources
✑ Supporting services must be installed by using an Azure PowerShell script that is stored in Azure Storage
You need to ensure that the requirements are met.
Which features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

A

References:
https://docs.microsoft.com/en-us/azure/automation/automation-hybrid-runbook-worker https://docs.microsoft.com/en-us/azure/virtual-machines/windows/run-command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Fourth Coffee has an ASP.NET Core web app that runs in Docker. The app is mapped to the www.fourthcoffee.com domain.
Fourth Coffee is migrating this application to Azure.
You need to provision an App Service Web App to host this docker image and map the custom domain to the App Service web app.
A resource group named FourthCoffeePublicWebResourceGroup has been created in the WestUS region that contains an App Service Plan named
AppServiceLinuxDockerPlan.
Which order should the CLI commands be used to develop the solution? To answer, move all of the Azure CLI command from the list of commands to the answer area and arrange them in the correct order.

A

Step 1: #bin/bash -
The appName is used when the webapp-name is created in step 2.
Step 2: az webapp config hostname add
The webapp-name is used when the webapp is created in step 3.

Step 3: az webapp create -
Create a web app. In the Cloud Shell, create a web app in the myAppServicePlan App Service plan with the az webapp create command.
Step : az webapp confing container set
In Create a web app, you specified an image on Docker Hub in the az webapp create command. This is good enough for a public image. To use a private image, you need to configure your Docker account ID and password in your Azure web app.
In the Cloud Shell, follow the az webapp create command with az webapp config container set.
References:
https://docs.microsoft.com/en-us/azure/app-service/containers/tutorial-custom-docker-image

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You develop a serverless application using several Azure Functions. These functions connect to data from within the code.
You want to configure tracing for an Azure Function App project.
You need to change configuration settings in the host.json file.
Which tool should you use?

A. Visual Studio

B. Azure portal

C. Azure PowerShell

D. Azure Functions Core Tools (Azure CLI)

A

The function editor built into the Azure portal lets you update the function.json file and the code file for a function. The host.json file, which contains some runtime- specific configurations, is in the root folder of the function app.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You are developing a mobile instant messaging app for a company.
The mobile app must meet the following requirements:
✑ Support offline data sync.
✑ Update the latest messages during normal sync cycles.
You need to implement Offline Data Sync.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Retrieve records from Offline Data Sync on every call to the PullAsync method.

B. Retrieve records from Offline Data Sync using an Incremental Sync.

C. Push records to Offline Data Sync using an Incremental Sync.

D. Return the updatedAt column from the Mobile Service Backend and implement sorting by using the column.

E. Return the updatedAt column from the Mobile Service Backend and implement sorting by the message id.

A

Correct Answer: BE
B: Incremental Sync: the first parameter to the pull operation is a query name that is used only on the client. If you use a non-null query name, the Azure Mobile
SDK performs an incremental sync. Each time a pull operation returns a set of results, the latest updatedAt timestamp from that result set is stored in the SDK local system tables. Subsequent pull operations retrieve only records after that timestamp.
E (not D): To use incremental sync, your server must return meaningful updatedAt values and must also support sorting by this field. However, since the SDK adds its own sort on the updatedAt field, you cannot use a pull query that has its own orderBy clause.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You are developing a solution for a hospital to support the following use cases:
✑ The most recent patient status details must be retrieved even if multiple users in different locations have updated the patient record.
✑ Patient health monitoring data retrieved must be the current version or the prior version.
✑ After a patient is discharged and all charges have been assessed, the patient billing record contains the final charges.
You provision a Cosmos DB NoSQL database and set the default consistency level for the database account to Strong. You set the value for Indexing Mode to
Consistent.
You need to minimize latency and any impact to the availability of the solution. You must override the default consistency level at the query level to meet the required consistency guarantees for the scenarios.
Which consistency levels should you implement? To answer, drag the appropriate consistency levels to the correct requirements. Each consistency level may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

A

Box 1: Strong -
Strong: Strong consistency offers a linearizability guarantee. The reads are guaranteed to return the most recent committed version of an item. A client never sees an uncommitted or partial write. Users are always guaranteed to read the latest committed write.

Box 2: Bounded staleness -
Bounded staleness: The reads are guaranteed to honor the consistent-prefix guarantee. The reads might lag behind writes by at most “K” versions (that is
“updates”) of an item or by “t” time interval. When you choose bounded staleness, the “staleness” can be configured in two ways:
The number of versions (K) of the item
The time interval (t) by which the reads might lag behind the writes

Box 3: Eventual -
Eventual: There’s no ordering guarantee for reads. In the absence of any further writes, the replicas eventually converge.
Incorrect Answers:
Consistent prefix: Updates that are returned contain some prefix of all the updates, with no gaps. Consistent prefix guarantees that reads never see out-of-order writes.
References:
https://docs.microsoft.com/en-us/azure/cosmos-db/consistency-levels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You are creating a CLI script that creates an Azure web app related services in Azure App Service. The web app uses the following variables:
$gitrepo: https://github.com/contos/webapp
&webappName: webapp1103

You need to automatically deploy code from GitHub to the newly created web app.
How should you complete the script? To answer, select the appropriate options in the answer area.

A

Correct Answer: Explanation
Box 1: az appservice plan create
The azure group creates command successfully returns JSON result. Now we can use resource group to create a azure app service plan
Box 2: az webapp create -
Create a new web app..
Box 3: –plan $webappname -
..with the serviceplan we created in step.
Box 4: az webapp deployment -
Continuous Delivery with GitHub. Example:
az webapp deployment source config –name firstsamplewebsite1 –resource-group websites–repo-url $gitrepo –branch master –git-token $token
Box 5: –repo-url $gitrepo –branch master –manual-integration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You are developing an Azure Web App. You configure TLS mutual authentication for the web app.
You need to validate the client certificate in the web app. To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A

Accessing the client certificate from App Service.
If you are using ASP.NET and configure your app to use client certificate authentication, the certificate will be available through the HttpRequest.ClientCertificate property. For other application stacks, the client cert will be available in your app through a base64 encoded value in the “X-ARR-ClientCert” request header. Your application can create a certificate from this value and then use it for authentication and authorization purposes in your application.
References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You host an on-premises ASP.NET Web API at the company headquarters. The Web API is consumed by applications running at the company’s branch offices using the Azure Relay service. All the users of the applications are on the same Azure Active Directory (Azure AD).
You need to ensure that the applications can consume the Web API.
What should you do?

A. Create a Shared Access policy for Send permissions and another for Receive permissions.

B. Create separate Azure AD groups named Senders and Receivers. In Access Control (IAM) for the Relay namespace, assign Senders the Reader role and assign Receivers the Reader role.

C. Create dedicated Azure AD identities named Sender and Receiver. Assign Sender the Azure AD Identity Reader role. Assign Receiver the Azure AD Identity Reader role. Configure applications to use the respective identities.

D. Create a Shared Access policy for the namespace. Use a connection string in Web API and use a different connection string in consumer applications.

A

Correct Answer: D
To begin using Service Bus messaging entities in Azure, you must first create a namespace with a name that is unique across Azure. A namespace provides a scoping container for addressing Service Bus resources within your application.
When you publish an application through Azure Active Directory Application Proxy, you create an external URL for your users to go to when they’re working remotely. This URL gets the default domain yourtenant.msappproxy.net.
References:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-configure-custom-domain

17
Q

You manage several existing Logic Apps.
You need to change definitions, add new logic, and optimize these apps on a regular basis.
What should you use? To answer, drag the appropriate tools to the correct functionalities. Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

A

Box 1: Enterprise Integration Pack
After you create an integration account that has partners and agreements, you are ready to create a business to business (B2B) workflow for your logic app with the Enterprise Integration Pack.
Box 2: Code View Editor -
To work with logic app definitions in JSON, open the Code View editor when working in the Azure portal or in Visual Studio, or copy the definition into any editor that you want.
Box 3: Logical Apps Designer -
You can build your logic apps visually with the Logic Apps Designer, which is available in the Azure portal through your browser and in Visual Studio.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-enterprise-integration-b2b https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-author-definitions https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview

18
Q

You are implementing an Azure API app that uses built-in authentication and authorization functionality.
All app actions must be associated with information about the current user.
You need to retrieve the information about the current user.
What are two ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. HTTP headers

B. environment variables

C. /.auth/me HTTP endpoint

D. /.auth/login endpoint

A

Correct Answer: AC
A: After App Service Authentication has been configured, users trying to access your API are prompted to sign in with their organizational account that belongs to the same Azure AD as the Azure AD application used to secure the API. After signing in, you are able to access the information about the current user through the
HttpContext.Current.User property.
C: While the server code has access to request headers, client code can access GET /.auth/me to get the same access tokens (
References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-auth-aad https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/guidance/connect-to-api-secured-with-aad

19
Q

You are developing a back-end Azure App Service that scales based on the number of messages contained in a Service Bus queue.
A rule already exists to scale up the App Service when the average queue length of unprocessed and valid queue messages is greater than 1000.
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not met.
How should you configure the Scale rule? To answer, select the appropriate options in the answer area.

A

Correct Answer: Explanation
Box 1: Service bus queue -
You are developing a back-end Azure App Service that scales based on the number of messages contained in a Service Bus queue.
Box 2: ActiveMessage Count -
ActiveMessageCount: Messages in the queue or subscription that are in the active state and ready for delivery.
Box 3: Average - Question specifies “average queue length”
Box 4: Less than or equal to -
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not met.
Box 5: Decrease count by - its mentioned “a new rule that will [continuously] scale down the App Service” to it should be Decrease count by

20
Q

You have a web app named MainApp. You are developing a triggered App Service background task by using the WebJobs SDK. This task automatically invokes a function code whenever any new data is received in a queue.
You need to configure the services.
Which service should you use for each scenario? To answer, drag the appropriate services to the correct scenarios. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

A

Correct Answer: Explanation
Box 1: WebJobs -
A WebJob is a simple way to set up a background job, which can process continuously or on a schedule. WebJobs differ from a cloud service as it gives you get less fine-grained control over your processing environment, making it a more true PaaS service.

Box 2: Flow -
Incorrect Answers:
Azure Logic Apps is a cloud service that helps you schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on premises, or both

21
Q

A company is developing a mobile app for field service employees using Azure App Service Mobile Apps as the backend.
The company’s network connectivity varies throughout the day. The solution must support offline use and synchronize changes in the background when the app is online app.
You need to implement the solution.
How should you complete the code segment? To answer, select the appropriate options in the answer area.

A
Correct Answer: Explanation
Box 1: var todoTable = client GetSyncTable<todoitem>()<br>To setup offline access, when connecting to your mobile service, use the method GetSyncTable instead of GetTable (example):<br>IMobileServiceSyncTable todoTable = App.MobileService.GetSyncTable(); /<br>Box 2: await todoTable.PullAsync("allTodoItems",todo.Table.CreateQuery());<br>Your app should now use IMobileServiceSyncTable (instead of IMobileServiceTable) for CRUD operations. This will save changes to the local database and also keep a log of the changes. When the app is ready to synchronize its changes with the Mobile Service, use the methods PushAsync and PullAsync (example): await App.MobileService.SyncContext.PushAsync(); await todoTable.PullAsync();<br>References:<br>https://azure.microsoft.com/es-es/blog/offline-sync-for-mobile-services/</todoitem>
22
Q

A company is developing a solution that allows smart refrigerators to send temperature information to a central location.
The solution must receive and store messages until they can be processed. You create an Azure Service Bus instance by providing a name, pricing tier, subscription, resource group, and location.
You need to complete the configuration.
Which Azure CLI or PowerShell command should you run?

A

Correct Answer: B
# Create a Service Bus messaging namespace with a unique name. Example: namespaceName=myNameSpace$RANDOM az servicebus namespace create –resource-group $resourceGroupName –name $namespaceName –location eastus
References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-quickstart-cli

23
Q

You are a developer for a SaaS company that offers many web services.
All web services for the company must meet the following requirements:
✑ Use API Management to access the services
✑ Use OpenID Connect for authentication.

Prevent anonymous usage -

A recent security audit found that several web services can be called without any authentication.
Which API Management policy should you implement?

A. validate-jwt

B. jsonp

C. authentication-certificate

D. check-header

A

Correct Answer: A
Add the validate-jwt policy to validate the OAuth token for every incoming request.
Incorrect Answers:
B: The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients.
JSONP is a method used in JavaScript programs to request data from a server in a different domain. JSONP bypasses the limitation enforced by most web browsers where access to web pages must be in the same domain.
JSONP - Adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients.
References:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad

24
Q

You develop a website. You plan to host the website in Azure. You expect the website to experience high traffic volumes after it is published.
You must ensure that the website remains available and responsive while minimizing cost.
You need to deploy the website.
What should you do?

A. Deploy the website to a virtual machine. Configure the virtual machine to automatically scale when the CPU load is high.

B. Deploy the website to an App Service that uses the Shared service tier. Configure the App service plan to automatically scale when the CPU load is high.

C. Deploy the website to an App Service that uses the Standard service tier. Configure the App service plan to automatically scale when the CPU load is high.

D. Deploy the website to a virtual machine. Configure a Scale Set to increase the virtual machine instance count when the CPU load is high.

A

Correct Answer: C
Windows Azure Web Sites (WAWS) offers 3 modes: Standard, Free, and Shared.
Standard mode carries an enterprise-grade SLA (Service Level Agreement) of 99.9% monthly, even for sites with just one instance.
Standard mode runs on dedicated instances, making it different from the other ways to buy Windows Azure Web Sites.
Incorrect Answers:
B: Shared and Free modes do not offer the scaling flexibility of Standard, and they have some important limits.
Shared mode, just as the name states, also uses shared Compute resources, and also has a CPU limit. So, while neither Free nor Shared is likely to be the best choice for your production environment due to these limits.

25
Q

You are implementing a software as a service (SaaS) ASP.NET Core web service that will run as an Azure Web App. The web service will use an on-premises
SQL Server database for storage. The web service also includes a WebJob that processes data updates. Four customers will use the web service.
✑ Each instance of the WebJob processes data for a single customer and must run as a singleton instance.
✑ Each deployment must be tested by using deployment slots prior to serving production data.
✑ Azure costs must be minimized.
✑ Azure resources must be located in an isolated network.
You need to configure the App Service plan for the Web App.
How should you configure the App Service plan? To answer, select the appropriate settings in the answer area.

A

Number of VM instances: 4 -
You are not charged extra for deployment slots.

Pricing tier: Isolated -
The App Service Environment (ASE) is a powerful feature offering of the Azure App Service that gives network isolation and improved scale capabilities. It is essentially a deployment of the Azure App Service into a subnet of a customer’s Azure Virtual Network (VNet).
References:
https://azure.microsoft.com/sv-se/blog/announcing-app-service-isolated-more-power-scale-and-ease-of-use/