Practice Free AZ-204 Exam Online Questions
DRAG DROP
You are Implementing an Azure solution that uses Azure Cosmos DB and the latest Azure Cosmos DB SDK. You add a change feed processor to a new container instance.
You attempt to lead a batch of 100 documents. The process falls when reading one of the documents. The solution must monitor the progress of the change feed processor instance on the new container as the change feed is read. You must prevent the change feed processor from retrying the entire batch when one document cannot be read.
You need to implement the change feed processor to read the documents.
Which features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, More than once, or not at all. You may need to drag. The split bat between panes or scroll to view content. Each correct selection is worth one point
You ate developing a web application that uses the Microsoft identity platform to authenticate users and resources. The web application calls several REST APIs.
The APIs require an access token from the Microsoft identity platform.
You need to request a token.
Which three properties should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Application secret
- B . Redirect URI/URL
- C . Application name
- D . Supported account type
- E . Application ID
HOTSPOT
A company develops a series of mobile games. All games use a single leaderboard service.
You have the following requirements:
• Code should be scalable and allow for growth.
• Each record must consist of a playedId, gameId, score, and time played.
• When users reach a new high score, the system will save the new score using the SaveScore function below.
• Each game is assigned and Id based on the series title.
You have the following code. (Line numbers are included for reference only.)
You store customer information in an Azure Cosmos database.
The following data already exists in the database:
You develop the following code. (Line numbers are included for reference only.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: Yes
Code for CosmosDB, example:
// Parse the connection string and return a reference to the storage account. CloudStorageAccount storageAccount = CloudStorageAccount.Parse(
CloudConfigurationManager.GetSetting("StorageConnectionString"));
// Create the table client.
CloudTableClient tableClient = storageAccount.CreateCloudTableClient(); // Retrieve a reference to the table.
CloudTable table = tableClient.GetTableReference("people");
// Create the TableOperation object that inserts the customer entity. TableOperation insertOperation = TableOperation.Insert(customer1);
Box 2: No
A new record will always be added as TableOperation.Insert is used, instead of TableOperation.InsertOrReplace.
Box 3: No
No partition key is used.
Box 4: Yes
Reference: https://docs.microsoft.com/en-us/azure/cosmos-db/table-storage-how-to-use-dotnet
HOTSPOT
You need to implement the corporate website.
How should you configure the solution?
you need to reduce read latency for the retail store solution.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
- A . Create a new composite index for the store location data queries in Azure Cosmos DB. Modify the queries to support parameterized SQL and update the Azure function app to call the new Queries.
- B . Configure Azure Cosmos DB consistency to strong consistency Increase the RUs for the container supporting store location data.
- C . Provision an Azure Cosmos OB dedicated gateway, update blob storage to use the new dedicated gateway endpoint.
- D . Configure Azure Cosmos DB consistency to session consistency. Cache session tokens in a new Azure Redis cache instance after every write. Update reads to use the session token stored in Azure Redis.
- E . Provision an Azure Cosmos DB dedicated gateway Update the Azure Function app connection string to use the new dedicated gateway endpoint.
HOTSPOT
You plan to deploy a web app to App Service on Linux. You create an App Service plan. You create and push a custom Docker image that image that contains the web app to Azure Container Registry.
You need to access the console logs generated from inside the container in real-time.
How should you complete the Azure CLI command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: config
To Configure logging for a web app use the command:
az webapp log config
Box 2: –docker-container-logging
Syntax include:
az webapp log config [–docker-container-logging {filesystem, off}]
Box 3: webapp
To download a web app’s log history as a zip file use the command:
az webapp log download
Box 4: download
Reference: https://docs.microsoft.com/en-us/cli/azure/webapp/log
You need to configure all site configuration settings for the corporate website.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Create a managed identity.
- B . Update the role assignments for the Azure App Configuration store
- C . Create an Azure Key Vault.
- D . Create an Azure App Configuration store.
- E . Update the role assignments for the Azure Key Vault.
DRAG DROP
You are preparing to deploy a medical records application to an Azure virtual machine (VM). The application will be deployed by using a VHD produced by an on-premises build server.
You need to ensure that both the application and related data are encrypted during and after deployment to Azure.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Step 1: Encrypt the on-premises VHD by using BitLocker without a TPM. Upload the VM to Azure Storage
Step 2: Run the Azure PowerShell command Set-AzureRMVMOSDisk
To use an existing disk instead of creating a new disk you can use the Set-AzureRMVMOSDisk command.
Example:
$osDiskName = $vmname+’_osDisk’
$osDiskCaching = ‘ReadWrite’
$osDiskVhdUri = "https://$stoname.blob.core.windows.net/vhds/"+$vmname+"_os.vhd"
$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -Create
Step 3: Run the Azure PowerShell command Set-AzureRmVMDiskEncryptionExtension
Use the Set-AzVMDiskEncryptionExtension cmdlet to enable encryption on a running IaaS virtual machine in Azure.
Incorrect:
Not TPM: BitLocker can work with or without a TPM. A TPM is a tamper resistant security chip on the system board that will hold the keys for encryption and check the integrity of the boot sequence and allows the most secure BitLocker implementation. A VM does not have a TPM.
Reference: https://www.itprotoday.com/iaaspaas/use-existing-vhd-azurerm-vm
DRAG DROP
You are preparing to deploy a medical records application to an Azure virtual machine (VM). The application will be deployed by using a VHD produced by an on-premises build server.
You need to ensure that both the application and related data are encrypted during and after deployment to Azure.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Step 1: Encrypt the on-premises VHD by using BitLocker without a TPM. Upload the VM to Azure Storage
Step 2: Run the Azure PowerShell command Set-AzureRMVMOSDisk
To use an existing disk instead of creating a new disk you can use the Set-AzureRMVMOSDisk command.
Example:
$osDiskName = $vmname+’_osDisk’
$osDiskCaching = ‘ReadWrite’
$osDiskVhdUri = "https://$stoname.blob.core.windows.net/vhds/"+$vmname+"_os.vhd"
$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -Create
Step 3: Run the Azure PowerShell command Set-AzureRmVMDiskEncryptionExtension
Use the Set-AzVMDiskEncryptionExtension cmdlet to enable encryption on a running IaaS virtual machine in Azure.
Incorrect:
Not TPM: BitLocker can work with or without a TPM. A TPM is a tamper resistant security chip on the system board that will hold the keys for encryption and check the integrity of the boot sequence and allows the most secure BitLocker implementation. A VM does not have a TPM.
Reference: https://www.itprotoday.com/iaaspaas/use-existing-vhd-azurerm-vm
You need to investigate the http server log output to resolve the issue with the ContentUploadService.
Which command should you use first?
- A . az webapp log
- B . az ams live-output
- C . az monitor activity-log
- D . az container attach
C
Explanation:
Scenario: Users of the ContentUploadService report that they occasionally see HTTP 502 responses on specific pages.
"502 bad gateway" and "503 service unavailable" are common errors in your app hosted in Azure App Service.
Microsoft Azure publicizes each time there is a service interruption or performance degradation.
The az monitor activity-log command manages activity logs.
Note: Troubleshooting can be divided into three distinct tasks, in sequential order:
✑ Observe and monitor application behavior
✑ Collect data
✑ Mitigate the issue
Reference: https://docs.microsoft.com/en-us/cli/azure/monitor/activity-log