AZ-204 Exam Dumps, AZ-204 Exam Questions, AZ-204 PDF Dumps, AZ-204 VCE Dumps, Microsoft Exam

(2020-New-Exams)Braindump2go AZ-204 Exam Dumps in PDF and VCE Free AZ-204 Exam Questions(q28-q38)

2020/Apr New Braindump2go AZ-204 Exam Dumps with PDF and VCE Free Released Today! Following are some new AZ-204 Exam Questions

QUESTION 28
Your company is developing an Azure API.
You need to implement authentication for the Azure API. You have the following requirements: All API calls must be secure.
Callers to the API must not send credentials to the API. Which authentication mechanism should you use?
A. Basic
B. Anonymous
C. Managed identity
D. Client certificate

Correct Answer: C

Explanation:
Use the authentication-managed-identity policy to authenticate with a backend service using the managed identity of the API Management service. This policy essentially uses the managed identity to obtain an access token from Azure Active Directory for accessing the specified resource. After successfully obtaining the token, the policy will set the value of the token in the Authorization header using the Bearer scheme.
Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure/api-management/api-management-authentication-policies

QUESTION 29
You are a developer for a SaaS company that offers many web services. All web services for the company must meet the following requirements:
Use API Management to access the services Use OpenID Connect for authentication Prevent anonymous usage
A recent security audit found that several web services can be called without any authentication. Which API Management policy should you implement?
A. jsonp
B. authentication-certificate
C. check-header
D. validate-jwt
Correct Answer: D

Explanation:
Add the validate-jwt policy to validate the OAuth token for every incoming request.
Incorrect Answers:
A: The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients. JSONP is a method used in JavaScript programs to request data from a server in a different domain. JSONP bypasses the limitation enforced by most web browsers where access to web pages must be in the same domain.
JSONP – Adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients. Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad

QUESTION 30
DRAG DROP
Contoso, Ltd. provides an API to customers by using Azure API Management (APIM). The API authorizes users with a JWT token.
You must implement response caching for the APIM gateway. The caching mechanism must detect the user ID of the client that accesses data for a given location and cache the response for that user ID.
You need to add the following policies to the policies file:
a set-variable policy to store the detected user identity a cache-lookup-value policy
a cache-store-value policy
a find-and-replace policy to update the response body with the user profile information
To which policy section should you add the policies? To answer, drag the appropriate sections to the correct policies. Each section may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
image_thumb
Correct Answer:

image_thumb[1]

Explanation:
Box 1: Inbound.
A set-variable policy to store the detected user identity. Example:
< policies>
< inbound>
< !– How you determine user identity is application dependent –>
<set-variable name=”enduserid”
value=”@(context.Request.Headers.GetValueOrDefault(“Authorization”,””).Split(‘ ‘)[1].AsJwt()?.Subject)” />
Box 2: Inbound
A cache-lookup-value policy Example:
< inbound>
< base />
< cache-lookup vary-by-developer=”true | false” vary-by-developer-groups=”true | false” downstream-caching-type=”none | private | public” must- revalidate=”true | false”>
< vary-by-query-parameter>parameter name</vary-by-query-parameter> <!– optional, can repeated several times –>
< /cache-lookup>
< /inbound>
Box 3: Outbound
A cache-store-value policy. Example:
< outbound>
< base />
< cache-store duration=”3600″ />
< /outbound>
Box 4: Outbound
A find-and-replace policy to update the response body with the user profile information. Example:
< outbound>
< !– Update response body with user profile–>
<find-and-replace from='”$userprofile$”‘
to=”@((string)context.Variables[“userprofile”])” />
< base />
< /outbound>

Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-caching-policies https://docs.microsoft.com/en-us/azure/api-management/api-management-sample-cache-by-key

QUESTION 31
DRAG DROP
You develop a web application.
You need to register the application with an active Azure Active Directory (Azure AD) tenant.
Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
image_thumb[2]
Correct Answer:
image_thumb[3]
Explanation:
Register a new application using the Azure portal
1. Sign in to the Azure portal using either a work or school account or a personal Microsoft account.
2. If your account gives you access to more than one tenant, select your account in the upper right corner. Set your portal session to the Azure AD tenant that you want.
3. Search for and select Azure Active Directory. Under Manage, select App registrations.
4. Select New registration. (Step 1)
5. In Register an application, enter a meaningful application name to display to users.
6. Specify who can use the application. Select the Azure AD instance. (Step 2)
7. Under Redirect URI (optional), select the type of app you’re building: Web or Public client (mobile & desktop). Then enter the redirect URI, or reply URL, for your application. (Step 3)
8. When finished, select Register.

QUESTION 32
You have a new Azure subscription. You are developing an internal website for employees to view sensitive data. The website uses Azure Active Directory (Azure AD) for authentication.
You need to implement multifactor authentication for the website.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Configure the website to use Azure AD B2C.
B. In Azure AD, create a new conditional access policy.
C. Upgrade to Azure AD Premium.
D. In Azure AD, enable application proxy.
E. In Azure AD conditional access, enable the baseline policy.
Correct Answer: BC

Explanation:
B: MFA Enabled by conditional access policy. It is the most flexible means to enable two-step verification for your users. Enabling using conditional access policy only works for Azure MFA in the cloud and is a premium feature of Azure AD.
C: Multi-Factor Authentication comes as part of the following offerings:
Azure Active Directory Premium licenses – Full featured use of Azure Multi-Factor Authentication Service (Cloud) or Azure Multi-Factor Authentication Server (On-premises).
Multi-Factor Authentication for Office 365 Azure Active Directory Global Administrators
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted

QUESTION 33
DRAG DROP
You are developing an application. You have an Azure user account that has access to two subscriptions. You need to retrieve a storage account key secret from Azure Key Vault.
In which order should you arrange the PowerShell commands to develop the solution? To answer, move all commands from the list of commands to the answer area and arrange them in the correct order.
Select and Place:
image_thumb[4]
Correct Answer:
image_thumb[5]
Explanation:
Step 1: Get-AzSubscription
If you have multiple subscriptions, you might have to specify the one that was used to create your key vault. Enter the following to see the subscriptions for your account:
Get-AzSubscription
Step 2: Set-AzContext -SubscriptionId
To specify the subscription that’s associated with the key vault you’ll be logging, enter: Set-AzContext -SubscriptionId <subscriptionID>
Step 3: Get-AzStorageAccountKey You must get that storage account key.
Step 4: $secretvalue = ConvertTo-SecureString <storageAccountKey> -AsPlainText -Force
Set-AzKeyVaultSecret -VaultName <vaultName> -Name <secretName> -SecretValue $secretvalue
After retrieving your secret (in this case, your storage account key), you must convert that key to a secure string, and then create a secret with that value in your key vault.
Step 5: Get-AzKeyVaultSecret
Next, get the URI for the secret you created. You’ll need this URI in a later step to call the key vault and retrieve your secret. Run the following PowerShell command and make note of the ID value, which is the secret’s URI:
Get-AzKeyVaultSecret –VaultName <vaultName>
Reference:
https://docs.microsoft.com/bs-latn-ba/Azure/key-vault/key-vault-key-rotation-log-monitoring

QUESTION 34
You are developing an ASP.NET Core Web API web service. The web service uses Azure Application Insights for all telemetry and dependency tracking. The web service reads and writes data to a database other than Microsoft SQL Server.
You need to ensure that dependency tracking works for calls to the third-party database.
Which two dependency telemetry properties should you use? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Telemetry.Context.Cloud.RoleInstance
B. Telemetry.Id
C. Telemetry.Name
D. Telemetry.Context.Operation.Id
E. Telemetry.Context.Session.Id
Correct Answer: BD

Explanation:
Example:
public async Task Enqueue(string payload)
{
// StartOperation is a helper method that initializes the telemetry item
// and allows correlation of this operation with its parent and children.
var operation = telemetryClient.StartOperation<DependencyTelemetry>(“enqueue ” + queueName);
operation.Telemetry.Type = “Azure Service Bus”; operation.Telemetry.Data = “Enqueue ” + queueName;
var message = new BrokeredMessage(payload);
// Service Bus queue allows the property bag to pass along with the message.
// We will use them to pass our correlation identifiers (and other context)
// to the consumer.
message.Properties.Add(“ParentId”, operation.Telemetry.Id); message.Properties.Add(“RootId”, operation.Telemetry.Context.Operation.Id);
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/custom-operations-tracking

QUESTION 35
HOTSPOT
You are using Azure Front Door Service.
You are expecting inbound files to be compressed by using Brotli compression. You discover that inbound XML files are not compressed. The files are 9 megabytes (MB) in size.
You need to determine the root cause for the issue.
To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
image_thumb[6]
Correct Answer:

image_thumb[7]

Explanation:
Box 1: No
Front Door can dynamically compress content on the edge, resulting in a smaller and faster response to your clients. All files are eligible for compression. However, a file must be of a MIME type that is eligible for compression list.
Box 2: No
Sometimes you may wish to purge cached content from all edge nodes and force them all to retrieve new updated assets. This might be due to updates to your web application, or to quickly update assets that contain incorrect information.
Box 3: Yes
These profiles support the following compression encodings: Gzip (GNU zip), Brotli
Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-caching

QUESTION 36
HOTSPOT
You are developing an Azure App Service hosted ASP.NET Core web app to deliver video on-demand streaming media. You enable an Azure Content Delivery Network (CDN) Standard for the web endpoint. Customer videos are downloaded from the web app by using the following example URL.: http://www.contoso.com/ content.mp4?quality=1
All media content must expire from the cache after one hour. Customer videos with varying quality must be delivered to the closest regional point of presence (POP) node.
You need to configure Azure CDN caching rules.
Which options should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
image_thumb[8]
Correct Answer:

image_thumb[9]

Explanation:
Box 1: Override
Override: Ignore origin-provided cache duration; use the provided cache duration instead. This will not override cache-control: no-cache. Set if missing: Honor origin-provided cache-directive headers, if they exist; otherwise, use the provided cache duration.
Incorrect:
Bypass cache: Do not cache and ignore origin-provided cache-directive headers.
Box 2: 1 hour
All media content must expire from the cache after one hour.
Box 3: Cache every unique URL
Cache every unique URL: In this mode, each request with a unique URL, including the query string, is treated as a unique asset with its own cache. For example, the response from the origin server for a request for example.ashx?q=test1 is cached at the POP node and returned for subsequent caches with the same query string. A request for example.ashx?q=test2 is cached as a separate asset with its own time-to-live setting.
Incorrect Answers:
Bypass caching for query strings: In this mode, requests with query strings are not cached at the CDN POP node. The POP node retrieves the asset directly from the origin server and passes it to the requestor with each request.
Ignore query strings: Default mode. In this mode, the CDN point-of-presence (POP) node passes the query strings from the requestor to the origin server on the first request and caches the asset. All subsequent requests for the asset that are served from the POP ignore the query strings until the cached asset expires.
Reference:
https://docs.microsoft.com/en-us/azure/cdn/cdn-query-string

QUESTION 37
DRAG DROP
You develop a web app that uses tier D1 app service plan by using the Web Apps feature of Microsoft Azure App Service. Spikes in traffic have caused increases in page load times.
You need to ensure that the web app automatically scales when CPU load is about 85 percent and minimize costs.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
Select and Place:
image_thumb[10]
Correct Answer:

image_thumb[11]

Explanation:
Step 1: Configure the web app to the Standard App Service Tier
The Standard tier supports auto-scaling, and we should minimize the cost.
Step 2: Enable autoscaling on the web app First enable autoscale
Step 3: Add a scale rule
Step 4: Add a Scale condition
Reference:
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-autoscale-get-started

QUESTION 38
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to the service consistently.
You have the following requirements:
Queue size must not grow larger than 80 gigabytes (GB). Use first-in-first-out (FIFO) ordering of messages.
Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Service Bus Queue from the mobile application. Create an Azure Function App that uses an Azure Service Bus Queue trigger.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: A
Explanation:
You can create a function that is triggered when messages are submitted to an Azure Storage queue.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-storage-queue-triggered-function


Resources From:

1.2020 Latest Braindump2go AZ-204 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/az-204.html

2.2020 Latest Braindump2go AZ-204 PDF and AZ-204 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1qSt-4_6x_lmYQoqET8lOEQmDK4tWxrUP?usp=sharing

3.2020 Free Braindump2go AZ-204 PDF Download from:
https://www.braindump2go.com/free-online-pdf/AZ-204-Exam-Dumps(31-40).pdf

https://www.braindump2go.com/free-online-pdf/AZ-204-PDF(1-5).pdf

https://www.braindump2go.com/free-online-pdf/AZ-204-PDF-Dumps(21-30).pdf

https://www.braindump2go.com/free-online-pdf/AZ-204-VCE(13-20).pdf

https://www.braindump2go.com/free-online-pdf/AZ-204-VCE-Dumps(6-12).pdf

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!