[2017 New] Lead2pass Latest Microsoft 70-533 Exam Questions Free Downloading (1-15)
2017 June Microsoft Official New Released 70-533 Dumps in Lead2pass.com!
100% Free Download! 100% Pass Guaranteed!
There are many companies that provide 70-533 braindumps but those are not accurate and latest ones. Preparation with Lead2pass 70-533 new questions is a best way to pass this certification exam in easy way.
Following questions and answers are all new published by Microsoft Official Exam Center: http://www.lead2pass.com/70-533.html
QUESTION 1
You manage a cloud service that supports features hosted by two instances of an Azure virtual machine (VM).
You discover that occasional outages cause your service to fail.
You need to minimize the impact of outages to your cloud service.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Deploy a third instance of the VM.
B. Configure Load Balancing on the VMs.
C. Redeploy the VMs to belong to an Affinity Group.
D. Configure the VMs to belong to an Availability Set.
Answer: BD
Explanation:
Adding your virtual machine to an availability set helps your application stay available during network failures, local disk hardware failures, and any planned downtime.
Combine the Azure Load Balancer with an Availability Set to get the most application resiliency. The Azure Load Balancer distributes traffic between multiple virtual machines.
http://azure.microsoft.com/en-gb/documentation/articles/virtual-machines-manage-availability/
QUESTION 2
You administer an Azure subscription with an existing cloud service named contosocloudservice. Contosocloudservice contains a set of related virtual machines (VMs) named ContosoDC, ContosoSQL and ContosoWeb1.
You want to provision a new VM within contosocloudservice.
You need to use the latest gallery image to create a new Windows Server 2012 R2 VM that has a target IOPS of 500 for any provisioned disks.
Which PowerShell command should you use?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Explanation:
http://msdn.microsoft.com/library/azure/dn197896.aspx
QUESTION 3
Drag and Drop Question
You administer an Azure Virtual Machine (VM) named server!. The VM is in a cloud service named ContosoService1.
You discover that the VM is experiencing storage issues due to increased application logging on the server.
You need to create a new 256-GB disk and attach it to the server.
Which Power Shell cmdlets should you use? To answer, drag the appropriate cmdlet to the correct location in the Power Shell command. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Explanation:
This example gets a virtual machine object for the virtual machine named “MyVM” in the “myservice” cloud service, updates the virtual machine object by attaching an existing data disk from the repository using the disk name, and then updates the Azure virtual machine.
Windows PowerShell
C:\PS>Get-AzureVM “myservice” -Name “MyVM” `| Add-AzureDataDisk -Import – DiskName “MyExistingDisk” -LUN 0 `| Update-AzureVM
QUESTION 4
Your company has two cloud services named CS01 and CS02.
You create a virtual machine (VM) in CS02 named Accounts.
You need to ensure that users in CS01 can access the Accounts VM by using port 8080.
What should you do?
A. Create a firewall rule.
B. Configure load balancing.
C. Configure port redirection.
D. Configure port forwarding.
E. Create an end point.
Answer: E
Explanation:
All virtual machines that you create in Azure can automatically communicate using a private network channel with other virtual machines in the same cloud service or virtual network. However, other resources on the Internet or other virtual networks require endpoints to handle the inbound network traffic to the virtual machine.
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/
QUESTION 5
Your company network includes an On-Premises Windows Active Directory (AD) that has a DNS domain named contoso.local and an email domain named contoso.com.
You plan to migrate from On-Premises Exchange to Office 365.
You configure DirSync and set all Azure Active Directory {Azure AD) usernames as %username%@contoso.onmicrosoft.com.
You need to ensure that each user is able to log on by using the email domain as the username.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Verify the email domain in Azure AD domains.
B. Run the Set-MsolUserPnncipalName -UserPnncipalName %username%@co ntoso.onmicrosoft.com -NewUserPrincipalName %usemame %@contoso.com Power Shell cmdlet.
C. Edit the ProxyAddress attribute on the On-Premises Windows AD user account.
D. Verify the Windows AD DNS domain in Azure AD domains.
E. Update the On-Premises Windows AD user account UPN to match the email address.
Answer: AB
Explanation:
If you have already set up Active Directory synchronization, the user’s UPN may not match the user’s on-premises UPN defined in Active Directory. To fix this, rename the user’s UPN using the Set-MsolUserPrincipalName cmdlet in the Microsoft Azure Active Directory Module for Windows PowerShell.
https://msdn.microsoft.com/en-us/library/azure/jj151786.aspx
QUESTION 6
You develop a Windows Store application that has a web service backend.
You plan to use the Azure Active Directory Authentication Library to authenticate users to Azure Active Directory (Azure AD) and access directory data on behalf of the user.
You need to ensure that users can log in to the application by using their Azure AD credentials.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Create a native client application in Azure AD.
B. Configure directory integration.
C. Create a web application in Azure AD.
D. Enable workspace join.
E. Configure an Access Control namespace.
Answer: BC
Explanation:
B: An application that wants to outsource authentication to Azure AD must be registered in Azure AD, which registers and uniquely identifies the app in the directory.
C (not A): NativeClient-WindowsStore
A Windows Store application that calls a web API that is secured with Azure AD.
Authentication Scenarios for Azure AD, Basics of Authentication in Azure AD
http://msdn.microsoft.com/en-us/library/azure/dn499820.aspx#BKMK_Auth
https://github.com/AzureADSamples/NativeClient-WindowsStore
QUESTION 7
Your company plans to migrate from On-Premises Exchange to Office 365.
The existing directory has numerous service accounts in your On-Premises Windows Active Directory (AD), stored in separate AD Organizational Units (OU) for user accounts.
You need to prevent the service accounts in Windows AD from syncing with Azure AD.
What should you do?
A. Create an OU filter in the Azure AD Module for Windows PowerShell.
B. Configure directory partitions in miisclient.exe.
C. Set Active Directory ACLs to deny the DirSync Windows AD service account MSOL_AD_SYNC
access to the service account OUs.
D. Create an OU filter in the Azure Management Portal.
Answer: B
Explanation:
One customer, who was looking for OU level filtering to import selected users from On-Premises active directory to Office365.
Configure OU level filtering for Office365 directory synchronization.
1. Logged in to your Domain controller
2. Created an OU (Organisational Unit) from your AD (Active Directory) a. In my case I named it “DirSync”
3. Move all those users you want to sync, to that DirSync OU.
4. From your DirSync Server navigate to <Drive>\Program Files\Microsoft Online Directory Sync\SYNCBUS\Synchronization Service\UIShell
5. Double click on miisclient.exe
6. This opens a console something similar to the below screen capture
Identity Manager, click Management Agents, and then double-click SourceAD.
8. Click Configure Directory Partitions, and then click Containers, as shown in the below screen capture.
11. Click OK on the SourceAD Properties page.
12. Perform a full sync: on the Management Agent tab, right-click SourceAD, click Run, click Full Import Full Sync, and then click OK.
Etc.
http://blogs.msdn.com/b/denotation/archive/2012/11/21/installing-and-configure-dirsync-with-ou-level-filtering-for-office365.aspx
QUESTION 8
You manage an Azure Active Directory (AD) tenant
You plan to allow users to log in to a third-party application by using their Azure AD credentials.
To access the application, users will be prompted for their existing third-party user names and passwords.
You need to add the application to Azure AD.
Which type of application should you add?
A. Existing Single Sign-On with identity provisioning
B. Password Single Sign-On with identity provisioning
C. Existing Single Sign-On without identity provisioning
D. Password Single Sign-On without identity provisioning
Answer: A
Explanation:
* Azure AD supports two different modes for single sign-on:
/ Federation using standard protocols
Configuring Federation-based single sign-on enables the users in your organization to be automatically signed in to a third-party SaaS application by Azure AD using the user account information from Azure AD.
/ Password-based single sign-on
* Support for user provisioning
User provisioning enables automated user provisioning and deprovisioning of accounts in third-party SaaS applications from within the Azure Management Portal, using your Windows Server Active Directory or Azure AD identity information. When a user is given permissions in Azure AD for one of these applications, an account can be automatically created (provisioned) in the target SaaS application.
http://msdn.microsoft.com/en-us/library/azure/dn308588.aspx
QUESTION 9
You plan to use Password Sync on your DirSync Server with Azure Active Directory {Azure AD) on your company network.
You configure the DirSync server and complete an initial synchronization of the users.
Several remote users are unable to log in to Office 365.
You discover multiple event log entries for “Event ID 611 Password synchronization failed for domain.”
You need to resolve the password synchronization issue.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Restart Azure AD Sync Service.
B. Run the Set-FullPasswordSync Power Shell cmdlet.
C. Force a manual synchronization on the DirSync server.
D. Add the DirSync service account to the Schema Admins domain group.
Answer: BC
Explanation:
Changed AB to BC
http://jermsmit.com/office-365-initiate-a-full-password-sync-using-dirsync-jermsmit/
https://jaapwesselius.com/2014/07/28/force-dirsync-to-synchronize-with-office-365/
A.Not Correct, Azure AD Sync or AADSync is the new version of DirSync.
QUESTION 10
You administer an Access Control Service namespace named contosoACS that is used by a web application. ContosoACS currently utilizes Microsoft and Yahoo accounts.
Several users in your organization have Google accounts and would like to access the web application through ContosoACS.
You need to allow users to access the application by using their Google accounts.
What should you do?
A. Register the application directly with Google.
B. Edit the existing Microsoft Account identity provider and update the realm to include Google.
C. Add a new Google identity provider.
D. Add a new WS-Federation identity provider and configure the WS-Federation metadata to point
to the Google sign-in URL.
Answer: C
Explanation:
Configuring Google as an identity provider eliminates the need to create and manage authentication and identity management mechanism. It helps the end user experience if there are familiar authentication procedures.
http://msdn.microsoft.com/en-us/library/azure/gg185976.aspx
QUESTION 11
You publish an application named MyApp to Azure Active Directory (Azure AD).
You grant access to the web APIs through OAuth 2.0.
MyApp is generating numerous user consent prompts.
You need to reduce the amount of user consent prompts.
What should you do?
A. Enable Multi-resource refresh tokens.
B. Enable WS-federation access tokens.
C. Configure the Open Web Interface for .NET.
D. Configure SAML 2.0.
Answer: A
Explanation:
When using the Authorization Code Grant Flow, you can configure the client to call multiple resources. Typically, this would require a call to the authorization endpoint for each target service. To avoid multiple calls and multiple user consent prompts, and reduce the number of refresh tokens the client needs to cache, Azure Active Directory (Azure AD) has implemented multi-resource refresh tokens. This feature allows you to use a single refresh token to request access tokens for multiple resources.
QUESTION 12
Your company network includes users in multiple directories.
You plan to publish a software-as-a-service application named SaasApp1 to Azure Active Directory.
You need to ensure that all users can access SaasApp1.
What should you do?
A. Configure the Federation Metadata URL
B. Register the application as a web application.
C. Configure the application as a multi-tenant.
D. Register the application as a native client application.
Answer: C
Explanation:
* When you get deeper into using Windows Azure Active Directory, you’ll run into new terminology. For instance, is called “directory” is also referred to as a Windows Azure AD Tenant or simply as “tenant.” This stems from the fact that WAAD ()Windows Azure Active Directory is a shared service for many clients. In this service, every client gets its own separate space for which the client is the tenant. In the case of WAAD this space is a directory. This might be a little confusing, because you can create multiple directories, in WAAD terminology multiple tenants, even though you are a single client.
* Multitenant Applications in Azure
A multitenant application is a shared resource that allows separate users, or “tenants,” to view the application as though it was their own. A typical scenario that lends itself to a multitenant application is one in which all users of the application may wish to customize the user experience but otherwise have the same basic business requirements. Examples of large multitenant applications are Office 365, Outlook.com, and visualstudio.com.
http://msdn.microsoft.com/en-us/library/azure/dn151789.aspx
QUESTION 13
Drag and Drop Question
You administer an Azure SQL database named contosodb that is running in Standard/Si tier.
The database is in a server named server1 that is a production environment.
You also administer a database server named server2 that is a test environment. Both database servers are in the same subscription and the same region but are on different physical clusters.
You need to copy contosodb to the test environment.
Which three steps should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
QUESTION 14
You are migrating a local virtual machine (VM) to an Azure VM.
You upload the virtual hard disk (VHD) file to Azure Blob storage as a Block Blob.
You need to change the Block 8lob to a page blob.
What should you do?
A. Delete the Block Blob and re-upload the VHD as a page blob.
B. Update the type of the blob programmatically by using the Azure Storage .NET SDK.
C. Update the metadata of the current blob and set the Blob-Type key to Page.
D. Create a new empty page blob and use the Azure Blob Copy Power Shell cmdlet to copy the current
data to the new blob.
Answer: A
Explanation:
* To copy the data files to Windows Azure Storage by using one of the following methods: AzCopy Tool, Put Blob (REST API) and Put Page (REST API), or Windows Azure Storage Client Library for .NET or a third-party storage explorer tool.
Important: When using this new enhancement, always make sure that you create a page blob not a block blob.
* Azure has two main files storage format:
Page blob: mainly used for vhd’s (CloudPageBlob)
Block Blob: for other files (CloudBlockBlob)
http://msdn.microsoft.com/en-us/library/dn466429.aspx
QUESTION 15
You administer a Microsoft Azure SQL Database data base in the US Central region named contosodb. Contosodb runs on a Standard tier within the SI performance level.
You have multiple business-critical applications that use contosodb.
You need to ensure that you can bring contosodb back online in the event of a natural disaster in the US Central region.
You want to achieve this goal with the least amount of downtime.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Upgrade to S2 performance level.
B. Use active geo-replication.
C. Use automated Export.
D. Upgrade to Premium tier.
E. Use point in time restore.
F. Downgrade to Basic tier.
Answer: BD
Explanation:
B: The Active Geo-Replication feature implements a mechanism to provide database redundancy within the same Microsoft Azure region or in different regions (geo- redundancy).
One of the primary benefits of Active Geo-Replication is that it provides a database-level disaster recovery solution. Using Active Geo-Replication, you can configure a user database in the Premium service tier to replicate transactions to databases on different Microsoft Azure SQL Database servers within the same or different regions. Cross-region redundancy enables applications to recover from a permanent loss of a datacenter caused by natural disasters, catastrophic human errors, or malicious acts.
D: Active Geo-Replication is available for databases in the Premium service tier only.
http://msdn.microsoft.com/en-us/library/azure/dn741339.aspx
We give you the proper and complete training with free 70-533 Lead2pass updates. Our braindumps will defiantly make you perfect to that level you can easily pass the exam in first attempt.
70-533 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDeFgyaGRNaE5iaFk
2017 Microsoft 70-533 exam dumps (All 217 Q&As) from Lead2pass:
http://www.lead2pass.com/70-533.html [100% Exam Pass Guaranteed]