PrepAway - Latest Free Exam Questions & Answers

Category: 70-534 (v.3)

Exam 70-534: Architecting Microsoft Azure Solutions (update January 2nd, 2017)

You need to assign permissions for the Virtual Machine workloads that you migrate to Azure

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

You need to assign permissions for the Virtual Machine workloads that you migrate to Azure.
The solution must use the principal of least privileges.
What should you do?

What should you recommend?

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

DRAG DROP
You need to recommend data storage mechanisms for the solution.
What should you recommend? To answer, drag the appropriate data storage mechanism to the
correct information type. Each data storage mechanism may be used once, more than once, or not
at all. You may need to drag the split bar between panes or scroll to view content.

Which service should you use?

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

You need to design the system that alerts project managers to data changes in the contractor
information app.
Which service should you use?

Which solution should you recommend?

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

You need to recommend a solution that allows partners to authenticate.
Which solution should you recommend?

You need to design the contractor information app.What should you recommend? To answer, select the appropriate

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

HOTSPOT
You need to design the contractor information app.What should you recommend? To answer, select the appropriate options in the answer area.

Which authentication type should you recommend?

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

You are designing a plan to deploy a new application to Azure. The solution must provide a single
sign-on experience for users.
You need to recommend an authentication type.
Which authentication type should you recommend?

You need to prepare the implementation of data storage for the contractor information app

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

You need to prepare the implementation of data storage for the contractor information app.
What should you?

You need to ensure that users do not need to re-enter their passwords after they authenticate to cloud applica

###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.

###EndCaseStudy###

You need to ensure that users do not need to re-enter their passwords after they authenticate to
cloud applications for the first time.
What should you do?

Which technologies should you recommend?

###BeginCaseStudy###
Case Study: 2
Trey Research
Background
Overview
Trey Research conducts agricultural research and sells the results to the agriculture and food
industries. The company uses a combination of on-premises and third-party server clusters to
meet its storage needs. Trey Research has seasonal demands on its services, with up to 50
percent drops in data capacity and bandwidth demand during low-demand periods. They plan
to host their websites in an agile, cloud environment where the company can deploy and
remove its websites based on its business requirements rather than the requirements of the
hosting company.
A recent fire near the datacenter that Trey Research uses raises the management team’s
awareness of the vulnerability of hosting all of the company’s websites and data at any single
location. The management team is concerned about protecting its data from loss as a result of
a disaster.
Websites
Trey Research has a portfolio of 300 websites and associated background processes that are
currently hosted in a third-party datacenter. All of the websites are written in ASP.NET, and
the background processes use Windows Services. The hosting environment costs Trey
Research approximately S25 million in hosting and maintenance fees.
Infrastructure
Trey Research also has on-premises servers that run VMs to support line-of-business
applications. The company wants to migrate the line-of-business applications to the cloud,
one application at a time. The company is migrating most of its production VMs from an
aging VMWare ESXi farm to a Hyper-V cluster that runs on Windows Server 2012.
Applications
DistributionTracking
Trey Research has a web application named Distributiontracking. This application constantly
collects realtime data that tracks worldwide distribution points to customer retail sites. This
data is available to customers at all times.
The company wants to ensure that the distribution tracking data is stored at a location that is
geographically close to the customers who will be using the information. The system must
continue running in the event of VM failures without corrupting data. The system is
processor intensive and should be run in a multithreading environment.
HRApp
The company has a human resources (HR) application named HRApp that stores data in an
on-premises SQL Server database. The database must have at least two copies, but data to
support backups and business continuity must stay in Trey Research locations only. The data
must remain on-premises and cannot be stored in the cloud.
HRApp was written by a third party, and the code cannot be modified. The human resources
data is used by all business offices, and each office requires access to the entire database.Users report that HRApp takes all night to generate the required payroll reports, and they
would like to reduce this time.
MetricsTracking
Trey Research has an application named MetricsTracking that is used to track analytics for
the DistributionTracking web application. The data MetricsTracking collects is not customerfacing. Data is stored on an on-premises SQL Server database, but this data should be moved
to the cloud. Employees at other locations access this data by using a remote desktop
connection to connect to the application, but latency issues degrade the functionality.
Trey Research wants a solution that allows remote employees to access metrics data without
using a remote desktop connection. MetricsTracking was written in-house, and the
development team is available to make modifications to the application if necessary.
However, the company wants to continue to use SQL Server for MetricsTracking.
Business Requirements
Business Continuity
You have the following requirements:
• Move all customer-facing data to the cloud.
• Web servers should be backed up to geographically separate locations,
• If one website becomes unavailable, customers should automatically be routed to
websites that are still operational.
• Data must be available regardless of the operational status of any particular website.
• The HRApp system must remain on-premises and must be backed up.
• The MetricsTracking data must be replicated so that it is locally available to all Trey
Research offices.
Auditing and Security
You have the following requirements:
• Both internal and external consumers should be able to access research results.
• Internal users should be able to access data by using their existing company
credentials without requiring multiple logins.
• Consumers should be able to access the service by using their Microsoft credentials.
• Applications written to access the data must be authenticated.
• Access and activity must be monitored and audited.
• Ensure the security and integrity of the data collected from the worldwide distribution
points for the distribution tracking application.
Storage and Processing
You have the following requirements:
• Provide real-time analysis of distribution tracking data by geographic location.
• Collect and store large datasets in real-time data for customer use.
• Locate the distribution tracking data as close to the central office as possible to
improve bandwidth.
• Co-locate the distribution tracking data as close to the customer as possible based on
the customer’s location.
• Distribution tracking data must be stored in the JSON format and indexed by
metadata that is stored in a SQL Server database.
• Data in the cloud must be stored in geographically separate locations, but kept with
the same political boundaries.
Technical RequirementsMigration
You have the following requirements:
• Deploy all websites to Azure.
• Replace on-premises and third-party physical server clusters with cloud-based
solutions.
• Optimize the speed for retrieving exiting JSON objects that contain the distribution
tracking data.
• Recommend strategies for partitioning data for load balancing.
Auditing and Security
You have the following requirements:
• Use Active Directory for internal and external authentication.
• Use OAuth for application authentication.
Business Continuity
You have the following requirements:
• Data must be backed up to separate geographic locations.
• Web servers must run concurrent versions of all websites in distinct geographic
locations.
• Use Azure to back up the on-premises MetricsTracking data.
• Use Azure virtual machines as a recovery platform for MetricsTracking and HRApp.
• Ensure that there is at least one additional on-premises recovery environment for the
HRApp.

###EndCaseStudy###

DRAG DROP
You need to ensure that customer data is secured both in transit and at rest.
Which technologies should you recommend? To answer, drag the appropriate technology to the
correct security requirement. Each technology may be used once, more than once, or not at all. You
may need to drag the split bar between panes or scroll to view content.

what should you recommend?

###BeginCaseStudy###
Case Study: 2
Trey Research
Background
Overview
Trey Research conducts agricultural research and sells the results to the agriculture and food
industries. The company uses a combination of on-premises and third-party server clusters to
meet its storage needs. Trey Research has seasonal demands on its services, with up to 50
percent drops in data capacity and bandwidth demand during low-demand periods. They plan
to host their websites in an agile, cloud environment where the company can deploy and
remove its websites based on its business requirements rather than the requirements of the
hosting company.
A recent fire near the datacenter that Trey Research uses raises the management team’s
awareness of the vulnerability of hosting all of the company’s websites and data at any single
location. The management team is concerned about protecting its data from loss as a result of
a disaster.
Websites
Trey Research has a portfolio of 300 websites and associated background processes that are
currently hosted in a third-party datacenter. All of the websites are written in ASP.NET, and
the background processes use Windows Services. The hosting environment costs Trey
Research approximately S25 million in hosting and maintenance fees.
Infrastructure
Trey Research also has on-premises servers that run VMs to support line-of-business
applications. The company wants to migrate the line-of-business applications to the cloud,
one application at a time. The company is migrating most of its production VMs from an
aging VMWare ESXi farm to a Hyper-V cluster that runs on Windows Server 2012.
Applications
DistributionTracking
Trey Research has a web application named Distributiontracking. This application constantly
collects realtime data that tracks worldwide distribution points to customer retail sites. This
data is available to customers at all times.
The company wants to ensure that the distribution tracking data is stored at a location that is
geographically close to the customers who will be using the information. The system must
continue running in the event of VM failures without corrupting data. The system is
processor intensive and should be run in a multithreading environment.
HRApp
The company has a human resources (HR) application named HRApp that stores data in an
on-premises SQL Server database. The database must have at least two copies, but data to
support backups and business continuity must stay in Trey Research locations only. The data
must remain on-premises and cannot be stored in the cloud.
HRApp was written by a third party, and the code cannot be modified. The human resources
data is used by all business offices, and each office requires access to the entire database.Users report that HRApp takes all night to generate the required payroll reports, and they
would like to reduce this time.
MetricsTracking
Trey Research has an application named MetricsTracking that is used to track analytics for
the DistributionTracking web application. The data MetricsTracking collects is not customerfacing. Data is stored on an on-premises SQL Server database, but this data should be moved
to the cloud. Employees at other locations access this data by using a remote desktop
connection to connect to the application, but latency issues degrade the functionality.
Trey Research wants a solution that allows remote employees to access metrics data without
using a remote desktop connection. MetricsTracking was written in-house, and the
development team is available to make modifications to the application if necessary.
However, the company wants to continue to use SQL Server for MetricsTracking.
Business Requirements
Business Continuity
You have the following requirements:
• Move all customer-facing data to the cloud.
• Web servers should be backed up to geographically separate locations,
• If one website becomes unavailable, customers should automatically be routed to
websites that are still operational.
• Data must be available regardless of the operational status of any particular website.
• The HRApp system must remain on-premises and must be backed up.
• The MetricsTracking data must be replicated so that it is locally available to all Trey
Research offices.
Auditing and Security
You have the following requirements:
• Both internal and external consumers should be able to access research results.
• Internal users should be able to access data by using their existing company
credentials without requiring multiple logins.
• Consumers should be able to access the service by using their Microsoft credentials.
• Applications written to access the data must be authenticated.
• Access and activity must be monitored and audited.
• Ensure the security and integrity of the data collected from the worldwide distribution
points for the distribution tracking application.
Storage and Processing
You have the following requirements:
• Provide real-time analysis of distribution tracking data by geographic location.
• Collect and store large datasets in real-time data for customer use.
• Locate the distribution tracking data as close to the central office as possible to
improve bandwidth.
• Co-locate the distribution tracking data as close to the customer as possible based on
the customer’s location.
• Distribution tracking data must be stored in the JSON format and indexed by
metadata that is stored in a SQL Server database.
• Data in the cloud must be stored in geographically separate locations, but kept with
the same political boundaries.
Technical RequirementsMigration
You have the following requirements:
• Deploy all websites to Azure.
• Replace on-premises and third-party physical server clusters with cloud-based
solutions.
• Optimize the speed for retrieving exiting JSON objects that contain the distribution
tracking data.
• Recommend strategies for partitioning data for load balancing.
Auditing and Security
You have the following requirements:
• Use Active Directory for internal and external authentication.
• Use OAuth for application authentication.
Business Continuity
You have the following requirements:
• Data must be backed up to separate geographic locations.
• Web servers must run concurrent versions of all websites in distinct geographic
locations.
• Use Azure to back up the on-premises MetricsTracking data.
• Use Azure virtual machines as a recovery platform for MetricsTracking and HRApp.
• Ensure that there is at least one additional on-premises recovery environment for the
HRApp.

###EndCaseStudy###

HOTSPOT
You need to plan the business continuity strategy.
For each requirement, what should you recommend? To answer, select the appropriate option from
each list in the answer area.


Page 1 of 712345...Last »