AZ-204 Exam Question 256
Case Study 5
Requirements
Receipt processing
Concurrent processing of a receipt must be prevented.
Logging
Azure Application Insights is used for telemetry and logging in both the processor and the web application. The processor also has TraceWriter logging enabled. Application Insights must always contain all log messages.
Disaster recovery
Regional outage must not impact application availability. All DR operations must not be dependent on application running and must ensure that data in the DR region is up to date.
Security
* Users' SecurityPin must be stored in such a way that access to the database does not allow the viewing of SecurityPins. The web application is the only system that should have access to SecurityPins.
* All certificates and secrets used to secure data must be stored in Azure Key Vault.
* You must adhere to the principle of least privilege and provide privileges which are essential to perform the intended function.
* All access to Azure Storage and Azure SQL database must use the application's Managed Service Identity (MSI)
* Receipt data must always be encrypted at rest.
* All data must be protected in transit
* User's expense account number must be visible only to logged in users. All other views of the expense account number should include only the last segment, with the remaining parts obscured.
* In the case of a security breach access to all summary reports must be revoked without impacting other parts of the system.
Issues
Upload format issue
Employees occasionally report an issue with uploading a receipt using the web application. They report that when they upload a receipt using the Azure File Share, the receipt does not appear in their profile. When this occurs, they delete the file in the file share and use the web application, which returns a 500 Internal Server error page.
Capacity issue
During busy periods, employees report long delays between the time they upload the receipt and when it appears in the web application.
Log capacity issue
Developers report that the number of log message in the trace output for the processor is too high, resulting in lost log messages.
Application code
Processing.cs
Database.cs
ReceiptUploader.cs
ConfigureSSE.ps1
Drag and Drop Question
You need to add code at line PC32 in Processing.cs to implement the GetCredentials method in the Processing class.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Requirements
Receipt processing
Concurrent processing of a receipt must be prevented.
Logging
Azure Application Insights is used for telemetry and logging in both the processor and the web application. The processor also has TraceWriter logging enabled. Application Insights must always contain all log messages.
Disaster recovery
Regional outage must not impact application availability. All DR operations must not be dependent on application running and must ensure that data in the DR region is up to date.
Security
* Users' SecurityPin must be stored in such a way that access to the database does not allow the viewing of SecurityPins. The web application is the only system that should have access to SecurityPins.
* All certificates and secrets used to secure data must be stored in Azure Key Vault.
* You must adhere to the principle of least privilege and provide privileges which are essential to perform the intended function.
* All access to Azure Storage and Azure SQL database must use the application's Managed Service Identity (MSI)
* Receipt data must always be encrypted at rest.
* All data must be protected in transit
* User's expense account number must be visible only to logged in users. All other views of the expense account number should include only the last segment, with the remaining parts obscured.
* In the case of a security breach access to all summary reports must be revoked without impacting other parts of the system.
Issues
Upload format issue
Employees occasionally report an issue with uploading a receipt using the web application. They report that when they upload a receipt using the Azure File Share, the receipt does not appear in their profile. When this occurs, they delete the file in the file share and use the web application, which returns a 500 Internal Server error page.
Capacity issue
During busy periods, employees report long delays between the time they upload the receipt and when it appears in the web application.
Log capacity issue
Developers report that the number of log message in the trace output for the processor is too high, resulting in lost log messages.
Application code
Processing.cs
Database.cs
ReceiptUploader.cs
ConfigureSSE.ps1
Drag and Drop Question
You need to add code at line PC32 in Processing.cs to implement the GetCredentials method in the Processing class.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
AZ-204 Exam Question 257
You are authoring a set of nested Azure Resource Manager templates to deploy Azure resources. You author an Azure Resource Manager template named mainTempIate.json that contains the following linked templates:
linkedTemplatel.json, linkedTemplate2json.
You add parameters to a parameters template file named mainTemplate.parameters.json. You save all templates on a local device in the C:\templates\ folder.
You have the following requirements:
* Store the templates in Azure for later deployment.
* Enable versioning of the templates.
* Manage access to the templates by using Azure RBAC
You need to store the templates in Azure.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
linkedTemplatel.json, linkedTemplate2json.
You add parameters to a parameters template file named mainTemplate.parameters.json. You save all templates on a local device in the C:\templates\ folder.
You have the following requirements:
* Store the templates in Azure for later deployment.
* Enable versioning of the templates.
* Manage access to the templates by using Azure RBAC
You need to store the templates in Azure.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-204 Exam Question 258
You provision virtual machines (VMs) as development environments.
One VM does not have host.
The VM is stuck in a Windows update process. You attach the OS disk for the affected VM to a recovery VM.
You need to correct the issue.
In which order should you perform the actions' To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
One VM does not have host.
The VM is stuck in a Windows update process. You attach the OS disk for the affected VM to a recovery VM.
You need to correct the issue.
In which order should you perform the actions' To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
AZ-204 Exam Question 259
You need to secure the Shipping Function app.
How should you configure the app? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
How should you configure the app? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-204 Exam Question 260
You plan to deploy a new application to a Linux virtual machine (VM) that is hosted in Azure.
The entire VM must be secured at rest by using industry-standard encryption technology to address organizational security and compliance requirements.
You need to configure Azure Disk Encryption for the VM.
How should you complete the Azure Cli commands? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
The entire VM must be secured at rest by using industry-standard encryption technology to address organizational security and compliance requirements.
You need to configure Azure Disk Encryption for the VM.
How should you complete the Azure Cli commands? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
