[Q159-Q181] Valid AZ-204 Practice Test Dumps with 100% Passing Guarantee [Oct-2022]

Valid AZ-204 Practice Test Dumps with 100% Passing Guarantee [Oct-2022]

AZ-204 PDF Dumps Are Helpful To produce Your Dreams Correct QA's

Microsoft Developing Solutions for Azure Exam Certification Details:

Number of Questions	40-60
Schedule Exam	Pearson VUE
Exam Code	AZ-204
Sample Questions	Microsoft Developing Solutions for Azure Sample Questions

NEW QUESTION 159
You develop software solutions for a mobile delivery service. You are developing a mobile app that users can use to order from a restaurant in their are a. The app uses the following workflow:
1. A driver selects the restaurants for which they will deliver orders.
2. Orders are sent to all available drivers in an area.
3. Only orders for the selected restaurants will appear for the driver.
4. The first driver to accept an order removes it from the list of available orders.
You need to implement an Azure Service Bus solution.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-messaging-overview

NEW QUESTION 160
You are developing an application to securely transfer data between on-premises file systems and Azure Blob storage. The application stores keys, secrets, and certificates in Azure Key Vault. The application uses the Azure Key Vault APIs.
The Application must allow recovery of an accidental deletion of the key vault or key vault objects. Key Vault objects must be retained for 90 days after deletion.
You need to protect the key vault and key vault object.
Which Azure key Vault feature should you use?

Answer:

Explanation:

NEW QUESTION 161
YOU need to reliably identify the delivery driver profile information.
How should you configure the system? To answer, select the appropriate options in the answer area.
NOTE Each correct selection is worth one point.

Answer:

Explanation:

Text, letter Description automatically generated

NEW QUESTION 162
You are developing a medical records document management website. The website is used to store scanned copies of patient intake forms. If the stored intake forms are downloaded from storage by a third party, the content of the forms must not be compromised.
You need to store the intake forms according to the requirements.
Solution:
* Create a Azure Key Vault key named skey.
* Encrypt the intake forms using the public key portion of skey.
* Store the encrypted data in Azure Blob storage
Does the solution meet the goal?

A. No
B. Yes

Answer: B

NEW QUESTION 163
You need to configure Azure CDN for the Shipping web site.
Which configuration options should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Scenario: Shipping website
Use Azure Content Delivery Network (CDN) and ensure maximum performance for dynamic content while minimizing latency and costs.
Tier: Standard
Profile: Akamai
Optimization: Dynamic site acceleration
Dynamic site acceleration (DSA) is available for Azure CDN Standard from Akamai, Azure CDN Standard from Verizon, and Azure CDN Premium from Verizon profiles.
DSA includes various techniques that benefit the latency and performance of dynamic content. Techniques include route and network optimization, TCP optimization, and more.
You can use this optimization to accelerate a web app that includes numerous responses that aren't cacheable.
Examples are search results, checkout transactions, or real-time data. You can continue to use core Azure CDN caching capabilities for static data.
Reference:
https://docs.microsoft.com/en-us/azure/cdn/cdn-optimization-overview

NEW QUESTION 164
You are developing a .NET Core model-view controller (MVC) application hosted on Azure for a health care system that allows providers access to their information.
You develop the following code:

You define a role named SysAdmin.
You need to ensure that the application meets the following authorization requirements:
* Allow the ProviderAdmin and SysAdmin roles access to the Partner controller regardless of whether the user holds an editor claim of partner.
* Limit access to the Manage action of the controller to users with an editor claim of partner who are also members of the SysAdmin role.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1:
Allow the ProviderAdmin and SysAdmin roles access to the Partner controller regardless of whether the user holds an editor claim of partner.
Box 2:
Limit access to the Manage action of the controller to users with an editor claim of partner who are also members of the SysAdmin role.

NEW QUESTION 165
You develop Azure solutions.
You must connect to a No-SQL globally-distributed database by using the .NET API.
You need to create an object to configure and execute requests in the database.
Which code segment should you use?

A. new CosmosClient(EndpointUri, PrimaryKey);
B. new Container(EndpointUri, PrimaryKey);
C. new Database(Endpoint, PrimaryKey);

Answer: A

Explanation:
Example:
// Create a new instance of the Cosmos Client
this.cosmosClient = new CosmosClient(EndpointUri, PrimaryKey)
//ADD THIS PART TO YOUR CODE
await this.CreateDatabaseAsync();
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/sql-api-get-started
Implement Azure security
Testlet 1
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Requirements
ContentAnalysisService
The company's data science group built ContentAnalysisService which accepts user generated content as a string and returns a probable value for inappropriate content. Any values over a specific threshold must be reviewed by an employee of Contoso, Ltd.
You must create an Azure Function named CheckUserContent to perform the content checks.
Costs
You must minimize costs for all Azure services.
Manual review
To review content, the user must authenticate to the website portion of the ContentAnalysisService using their Azure AD credentials. The website is built using React and all pages and API endpoints require authentication.
In order to review content a user must be part of a ContentReviewer role. All completed reviews must include the reviewer's email address for auditing purposes.
High availability
All services must run in multiple regions. The failure of any service in a region must not impact overall application availability.
Monitoring
An alert must be raised if the ContentUploadService uses more than 80 percent of available CPU-cores.
Security
You have the following security requirements:
* Any web service accessible over the Internet must be protected from cross site scripting attacks.
* All websites and services must use SSL from a valid root certificate authority.
* Azure Storage access keys must only be stored in memory and must be available only to the service.
* All Internal services must only be accessible from Internal Virtual Networks (VNets)
* All parts of the system must support inbound and outbound traffic restrictions.
* All service calls must be authenticated by using Azure AD.
User agreements
When a user submits content, they must agree to a user agreement. The agreement allows employees of Contoso.Ltd to review content, store cookies on user devices and track user's IP addresses.
Information regarding agreements is used by multiple divisions within Contoso, Ltd.
User responses must not be lost and must be available to all parties regardless of individual service uptime.
The volume of agreements is expected to be in the millions per hour.
Validation testing
When a new version of the ContentAnalysisService is available the previous seven days of content must be processed with the new version to verify that the new version does not significantly deviate from the old version.
Issues
Users of the ContentUploadService report that they occasionally see HTTP 502 responses on specific pages.
Code
ContentUploadService

Implement Azure security
Testlet 2
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Current environment
Windows Server 2016 virtual machine
The virtual machine (VM) runs BizTalk Server 2016. The VM runs the following workflows:
* Ocean Transport - This workflow gathers and validates container information including container contents and arrival notices at various shipping ports.
* Inland Transport - This workflow gathers and validates trucking information including fuel usage, number of stops, and routes.
The VM supports the following REST API calls:
* Container API - This API provides container information including weight, contents, and other attributes.
* Location API - This API provides location information regarding shipping ports of call and tracking stops.
* Shipping REST API - This API provides shipping information for use and display on the shipping website.
Shipping Data
The application uses MongoDB JSON document storage database for all container and transport information.
Shipping Web Site
The site displays shipping container tracking information and container contents. The site is located at http:// shipping.wideworldimporters.com/ Proposed solution The on-premises shipping application must be moved to Azure. The VM has been migrated to a new Standard_D16s_v3 Azure VM by using Azure Site Recovery and must remain running in Azure to complete the BizTalk component migrations. You create a Standard_D16s_v3 Azure VM to host BizTalk Server. The Azure architecture diagram for the proposed solution is shown below:

Requirements
Shipping Logic app
The Shipping Logic app must meet the following requirements:
* Support the ocean transport and inland transport workflows by using a Logic App.
* Support industry-standard protocol X12 message format for various messages including vessel content details and arrival notices.
* Secure resources to the corporate VNet and use dedicated storage resources with a fixed costing model.
* Maintain on-premises connectivity to support legacy applications and final BizTalk migrations.
Shipping Function app
Implement secure function endpoints by using app-level security and include Azure Active Directory (Azure AD).
REST APIs
The REST API's that support the solution must meet the following requirements:
* Secure resources to the corporate VNet.
* Allow deployment to a testing location within Azure while not incurring additional costs.
* Automatically scale to double capacity during peak shipping times while not causing application downtime.
* Minimize costs when selecting an Azure payment model.
Shipping data
Data migration from on-premises to Azure must minimize costs and downtime.
Shipping website
Use Azure Content Delivery Network (CDN) and ensure maximum performance for dynamic content while minimizing latency and costs.
Issues
Windows Server 2016 VM
The VM shows high network latency, jitter, and high CPU utilization. The VM is critical and has not been backed up in the past. The VM must enable a quick restore from a 7-day snapshot to include in-place restore of disks in case of failure.
Shipping website and REST APIs
The following error message displays while you are testing the website:
Failed to load http://test-shippingapi.wideworldimporters.com/: No 'Access- Control-Allow-Origin' header is present on the requested resource. Origin
'http://test.wideworldimporters.com/' is therefore not allowed access.

NEW QUESTION 166
You need to add code at line AM10 of the application manifest to ensure that the requirement for manually reviewing content can be met.
How should you complete the code? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: sid
Sid: Session ID, used for per-session user sign-out. Personal and Azure AD accounts.
Scenario: Manual review
To review content, the user must authenticate to the website portion of the ContentAnalysisService using their Azure AD credentials. The website is built using React and all pages and API endpoints require authentication.
In order to review content a user must be part of a ContentReviewer role.
Box 2: email
Scenario: All completed reviews must include the reviewer's email address for auditing purposes.

NEW QUESTION 167
You have an Azure Web app that uses Cosmos DB as a data store. You create a CosmosDB container by running the following PowerShell script:
$resourceGroupName = "testResourceGroup"
$accountName = "testCosmosAccount"
$databaseName = "testDatabase"
$containerName = "testContainer"
$partitionKeyPath = "/EmployeeId"
$autoscaleMaxThroughput = 5000
New-AzCosmosDBSqlContainer
-ResourceGroupName $resourceGroupName
-AccountName $accountName
-DatabaseName $databaseName
-Name $containerName
-PartitionKeyKind Hash
-PartitionKeyPath $partitionKeyPath
-AutoscaleMaxThroughput $autoscaleMaxThroughput
You create the following queries that target the container:
SELECT * FROM c WHERE c.EmployeeId > '12345'
SELECT * FROM c WHERE c.UserID = '12345'
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/how-to-choose-offer
https://docs.microsoft.com/en-us/azure/cosmos-db/how-to-query-container

NEW QUESTION 168
You develop and deploy an Azure Logic App that calls an Azure Function app. The Azure Function App includes an OpenAPI (Swagger) definition and uses an Azure Blob storage account. All resources are secured by using Azure Active Directory (Azure AD).
The Logic App must use Azure Monitor logs to record and store information about runtime data and events. The logs must be stored in the Azure Blob storage account.
You need to set up Azure Monitor logs and collect diagnostics data for the Azure Logic App.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

1 - Create a Log Analytics workspace
2 - Install the Logic Apps Management solution.
3 - Add a diagnostic setting to the Azure Logic App.
Reference:
https://docs.microsoft.com/en-us/azure/logic-apps/monitor-logic-apps-log-analytics

NEW QUESTION 169
You need to update the APIs to resolve the testing error.
How should you complete the Azure CLI command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
http://donovanbrown.com/post/How-to-clear-No-Access-Control-Allow-Origin-header-error-with-Azure-App-Service

NEW QUESTION 170
You are preparing to deploy an application to an Azure Kubernetes Service (AKS) cluster.
The application must only be available from within the VNet that includes the cluster.
You need to deploy the application.
How should you complete the deployment YAML? To answer, drag the appropriate YAML segments to the correct locations. Each YAML segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

To create an internal load balancer, create a service manifest named internal-lb.yaml with the service type LoadBalancer and the azure-load-balancer-internal annotation as shown in the following example:
YAML:
apiVersion: v1
kind: Service
metadata:
name: internal-app
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: internal-app
References:
https://docs.microsoft.com/en-us/azure/aks/internal-lb

NEW QUESTION 171
A company backs up all manufacturing data to Azure Blob Storage. Admins move blobs from hot storage to archive tier storage every month.
You must automatically move blocks to Archive tier after they have not been accessed for 180 days. The path for any item that is not archived must be placed in an existing queue. This operation must be performed automatically once a month. You set the value of TierAgeInDays to 180.
How should you configure the Logic App? To answer, drag the appropriate triggers or action blocks to the correct trigger or action slots. Each trigger or action block may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-perform-data-operations

NEW QUESTION 172
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to the service consistently.
You have the following requirements:
- Queue size must not grow larger than 80 gigabytes (GB).
- Use first-in-first-out (FIFO) ordering of messages.
- Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Storage Queue from the mobile application. Create an Azure VM that is triggered from Azure Storage Queue events.
Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
Don't use a VM, instead create an Azure Function App that uses an Azure Service Bus Queue trigger.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-storage-queue-triggered- function

NEW QUESTION 173
You develop a web app that uses tier D1 app service plan by using the Web Apps feature of Microsoft Azure App Service.
Spikes in traffic have caused increases in page load times.
You need to ensure that the web app automatically scales when CPU load is about 85 percent and minimize costs.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.

Answer:

Explanation:

1 - Configure the web app to the Standard App Service Tier
2 - Enable autoscaling on the web app
3 - Add a scale rule
4 - Add a Scale condition
Reference:
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-autoscale-get-started

NEW QUESTION 174
A company has multiple warehouse. Each warehouse contains IoT temperature devices which deliver temperature data to an Azure Service Bus queue.
You need to send email alerts to facility supervisors immediately if the temperature at a warehouse goes above or below specified threshold temperatures.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

NEW QUESTION 175
You need to add markup at line AM04 to implement the ContentReview role.
How should you complete the markup? To answer, drag the appropriate json segments to the correct locations.
Each json segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: allowedMemberTypes
allowedMemberTypes specifies whether this app role definition can be assigned to users and groups by setting to "User", or to other applications (that are accessing this application in daemon service scenarios) by setting to "Application", or to both.
Note: The following example shows the appRoles that you can assign to users.
"appId": "8763f1c4-f988-489c-a51e-158e9ef97d6a",
"appRoles": [
{
"allowedMemberTypes": [
"User"
],
"displayName": "Writer",
"id": "d1c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"description": "Writers Have the ability to create tasks.",
"value": "Writer"
}
],
"availableToOtherTenants": false,
Box 2: User
Scenario: In order to review content a user must be part of a ContentReviewer role.
Box 3: value
value specifies the value which will be included in the roles claim in authentication and access tokens.
Reference:
https://docs.microsoft.com/en-us/graph/api/resources/approle

NEW QUESTION 176
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level. You need to configure authorization.
Solution: Configure the Azure Web App for the website to allow only authenticated requests and require Azure AD log on.
Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
Instead in the Azure AD application's manifest, set value of the groupMembershipClaims option to All.
References:
https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad-groups/

NEW QUESTION 177
You are preparing to deploy an Azure virtual machine (VM) based application. The VMs that run the application have the following requirements:
* When a VM is provisioned the firewall must be automatically configured before it can access Azure resources.
* Supporting services must be installed by using an Azure PowerShell script that is stored in Azure Storage You need to ensure that the requirements are met.
Which features should you use? To answer, drag the appropriate features to the correct requirements.

Answer:

Explanation:

Explanation

NEW QUESTION 178
You are developing an ASP.NET Core Web API web service. The web service uses Azure Application Insights for all telemetry and dependency tracking. The web service reads and writes data to a database other than Microsoft SQL Server.
You need to ensure that dependency tracking works for calls to the third-party database.
Which two Dependency Telemetry properties should you store in the database? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Telemetry.Id
B. Telemetry.Context.Operation.Id
C. Tetemetry.Context.Cloud.Rolelnstance
D. Telemetry.Name
E. Telemetry.ContextSession.Id

Answer: A,B

Explanation:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/custom-operations-tracking Example:
public async Task Enqueue(string payload)
{
// StartOperation is a helper method that initializes the telemetry item
// and allows correlation of this operation with its parent and children.
var operation = telemetryClient.StartOperation<DependencyTelemetry>("enqueue " + queueName); operation.Telemetry.Type = "Azure Service Bus"; operation.Telemetry.Data = "Enqueue " + queueName; var message = new BrokeredMessage(payload);
// Service Bus queue allows the property bag to pass along with the message.
// We will use them to pass our correlation identifiers (and other context)
// to the consumer.
message.Properties.Add("ParentId", operation.Telemetry.Id);
message.Properties.Add("RootId", operation.Telemetry.Context.Operation.Id); Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/custom-operations-tracking

NEW QUESTION 179
Hotspot Question
A company is developing a software as a service (SaaS) solution in Azure for other business to manage customers. The solution includes the following Azure SQL Database instances.
Customer data exists in all databases.

Customers may request that the company remove data that relates to the customer. If a customer makes a deletion request, all details from the customer must be removed from the solution. All deletions for a customer must occur in one distributed transaction that includes the CRM, ERP, and Marketing databases.
You need to activate support for transactions over multiple databases on the same logical server and activate support for transactions over multiple servers.
Which actions and Azure PowerShell command should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: Use a transaction scope
The TransactionScope class establishes an ambient transaction in .NET. (An "ambient transaction" is one that lives in the current thread.) All connections opened within the TransactionScope participate in the transaction. If different databases participate, the transaction is automatically elevated to a distributed transaction.
Box 2: New-AzureRmSqlServerCommunicationLink
New-AzureRmSqlServerCommunicationLink: Use this cmdlet to create a new communication relationship between two logical servers in Azure SQL DB. The relationship is symmetric which means both servers can initiate transactions with the other server.
References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-elastic-transactions-overview

NEW QUESTION 180
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level.
You need to configure authorization.
Solution:
Create a new Azure AD application. In the application's manifest, define application roles that match the required permission levels for the application.
Assign the appropriate Azure AD group to each role. In the website, use the value of the roles claim from the JWT for the user to determine permissions.
Does the solution meet the goal?