123ArticleOnline Logo
Welcome to 123ArticleOnline.com!

ALL >> Education >> View Article

70-535 Real Exam

By Author: William Hicks
Total Articles: 33

Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because the company recognizes that this usage enables employee productivity. Employees also access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix. The company continues to evaluate and adopt more SaaS applications for its business. VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as Multi-Factor Authentication (MFA). Management enjoys the ease with which MFA can be enabled and disabled for employees who use cloud-based services. VanArsdel's on-premises directory contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email messages to all its employees about the helpdesk group and how to contact it. Configuring employee access for SaaS applications is often a time-consuming task. It is not always obvious to the helpdesk group which users should be given access to which SaaS applications. The helpdesk group must respond to many phone calls and email messages to solve this problem, which takes up valuable time. The helpdesk group is unable to meet the needs of VanArsdel's employees.
However, many employees do not work with the helpdesk group to solve their access problems. Instead, these employees contact their co-workers or managers to find someone who can help them. Also, new employees are not always told to contact the helpdesk group for access problems. Some employees report that they cannot see all the applications in the Access Panel that they have access to. Some employees report that they must re-enter their passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the company is concerned about how to protect corporate assets that are stored on these devices. The company does not have a strategy to ensure that its data is removed from the devices when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company would like to keep track of all its previous, current, and future customers worldwide. A profile system using third-party authentication is required as well as feedback and support sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:
Question: 1

You need to assign permissions for the Virtual Machine (VM) workloads that you migrate to Azure.
The solution must use the principal of least privileges.
What should you do?

A. Create all VMs in the cloud service named Groupl and then connect to the Azure subscription. Run the following Windows PowerShell command: New-AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName Contributor -ResourceGroupName group1
B. In the Azure portal, select an individual virtual machine and add an owner.
C. In the Azure portal, assign read permission to the user at the subscription level.
D. Create each VM in a separate cloud service and then connect to the Azure subscription. Run the following Windows PowerShell command:Get-AzureVM | New-AzureRoleAssignment -Mail user1@vanarsdelltd.com -RoleDefinitionName Contributor

Answer: A

Explanation:
* Scenario: Permissions must be assigned by using Role Based Access Control (RBAC).
* Role-Based access control (RBAC) in the Azure Portal and Azure Resource Management API allows you to manage access to your subscription at a fine-grained level. With this feature, you can grant access for Active Directory users, groups, or service principals by assigning some roles to them at a particular scope.
Create a role assignment
Use New-AzureRoleAssignment to create a role assignment.
Example: This will create a role assignment for a group at a resource group level.
PS C:\> New-AzureRoleAssignment -ObjectID -RoleDefinitionName Reader -ResourceGroupName group1
References:
https://azure.microsoft.com/en-gb/documentation/articles/role-based-access-control-powershell/

Question: 2

You need to design the system that alerts project managers to data changes in the contractor information app.
Which service should you use?

A. Azure Mobile Service
B. Azure Service Bus Message Queueing
C. Azure Queue Messaging
D. Azure Notification Hub

Answer: C

Question: 3

You need to recommend a solution that allows partners to authenticate.
Which solution should you recommend?

A. Configure the federation provider to trust social identity providers.
B. Configure the federation provider to use the Azure Access Control service.
C. Create a new directory in Azure Active Directory and create a user account for the partner.
D. Create an account on the VanArsdel domain for the partner and send an email message that contains the password to the partner.

Answer: B

Explanation:
* Scenario: The partners all use Hotmail.com email addresses.
* In Microsoft Azure Active Directory Access Control (also known as Access Control Service or ACS), an identity provider is a service that authenticates user or client identities and issues security tokens that ACS consumes.
The ACS Management Portal provides built-in support for configuring Windows Live ID as an ACS Identity Provider.
Incorrect:
Not C, not D: Scenario: VanArsdel management does NOT want to create and manage user accounts for partners.
References:

Question: 4

You are designing a plan to deploy a new application to Azure.
The solution must provide a single sign-on experience for users.
You need to recommend an authentication type.
Which authentication type should you recommend?

A. SAML credential tokens
B. Azure managed access keys
C. Windows Authentication
D. MS-CHAP

Answer: A

Explanation:
A Microsoft cloud service administrator who wants to provide their Azure Active Directory (AD) users with sign-on validation can use a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / identity provider. This is useful where the solution implementer already has a user directory and password store on-premises that can be accessed using SAML 2.0. This existing user directory can be used for sign-on to Office 365 and other Azure AD-secured resources.
References:
https://msdn.microsoft.com/en-us/library/azure/dn641269.aspx?f=255&MSPPError=-2147217396

Question: 5

You need to prepare the implementation of data storage for the contractor information app.
What should you?

A. Create a storage account and implement multiple data partitions.
B. Create a Cloud Service and a Mobile Service. Implement Entity Group transactions.
C. Create a Cloud Service and a Deployment group. Implement Entity Group transactions.
D. Create a Deployment group and a Mobile Service. Implement multiple data partitions.

Answer: B

Explanation:
* Scenario:
/ VanArsdel needs a solution to reduce the number of operations on the contractor information table. Currently, data transfer rates are excessive, and queue length for read/write operations affects performance.
/ A mobile service that is used to access contractor information must have automatically scalable, structured storage
* The basic unit of deployment and scale in Azure is the Cloud Service.
References:
https://msdn.microsoft.com/en-us/library/azure/dd894038.aspx

Question: 6

You need to ensure that users do not need to re-enter their passwords after they authenticate to cloud applications for the first time.
What should you do?

A. Enable Microsoft Account authentication.
B. Set up a virtual private network (VPN) connection between the VanArsdel premises and the Azure datacenter. Set up a Windows Active Directory domain controller in Azure VM. Implement Integrated Windows authentication.
C. Deploy ExpressRoute.
D. Configure Azure Active Directory Sync to use single sign-on (SSO).

Answer: D

Explanation:
Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them.
References:
http://en.wikipedia.org/wiki/Single_sign-on

Question: 7

You need to configure availability for the virtual machines that the company is migrating to Azure.
What should you implement?

A. Traffic Manager
B. Availability Sets
C. Virtual Machine Autoscaling
D. Cloud Services

Answer: D

Explanation:
Scenario: VanArsdel plans to migrate several virtual machine (VM) workloads into Azure.

Total Views: 278Word Count: 1241See All articles From Author

Education Articles

1. Detail Description About Core Java Basics
Author: Infocampus

2. Tang Civilization
Author: Rosemary Charles

3. Why Civil Engineering Got A Huge Scope In Today's World?
Author: Vikrant Institute of Technology & Management (VITM

4. Java Online Training From H2kinfosys
Author: rajitha

5. Tang Writing
Author: Rosemary Charles

6. Introduction Essay
Author: nancy brown

7. Development In An Adolescent: The Roles Schools Play
Author: DIS

8. Microsoft Crm Training | Dynamics 365 - Ms Dynamics Crm Training
Author: millfrederick

9. E-learning Courses
Author: Preethi

10. Ibm Sterling Integrator Online Training
Author: Vasu Buddi

11. Ibm Api Connect | Management Online Training
Author: Vasu Buddi

12. Some Essential Things About Udemy Benefits
Author: expertplus

13. Delhi Digital Zone Digital Marketing Summer Training Program
Author: Sandeep Chahal

14. Learning Activity One
Author: Winnie Melda

15. Bhesajinfo
Author: bhesaj

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: