You are developing an application that use an Azure blob named data to store application data. The application creates blob snapshots to allow application state to be reverted to an earlier state. The Azure storage account has soft deleted enabled.
The system performs the following operations in order:
*The blob is updated
*Snapshot 1 is created.
*Snapshot 2 is created.
*Snapshot 1 is deleted.
A system error then deletes the data blob and all snapshots.
You need to determine which application states can be restored.
What is the restorability of the application data? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Box 1: Can be restored
When enabled, soft delete enables you to save and recover your data when blobs or blob snapshots are deleted.
This protection extends to blob data that is erased as the result of an overwrite.
Box 2: Cannot be restored
It has been deleted.
Box 3: Can be restored
It has not been deleted.
References:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-soft-delete

Comment: *

Name: *

Email: *

Verification: *

You are developing a microservices solution. You plan to deploy the solution to a multinode Azure Kubernetes Service (AKS) cluster.
You need to deploy a solution that includes the following features:
* reverse proxy capabilities
* configurable traffic routing
* TLS termination with a custom certificate
Which components should you use? To answer, drag the appropriate components to the correct requirements.
Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Box 1: Helm
To create the ingress controller, use Helm to install nginx-ingress.
Box 2: kubectl
To find the cluster IP address of a Kubernetes pod, use the kubectl get pod command on your local machine, with the option -o wide .
Box 3: Ingress Controller
An ingress controller is a piece of software that provides reverse proxy, configurable traffic routing, and TLS termination for Kubernetes services. Kubernetes ingress resources are used to configure the ingress rules and routes for individual Kubernetes services.
Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure/aks/ingress-basic
https://www.digitalocean.com/community/tutorials/how-to-inspect-kubernetes-networking

Comment: *

Name: *

Email: *

Verification: *

ASP.NET Core API app by using C#. The API app will allow users to authenticate by using Twitter and Azure Active Directory (Azure AD).
Users must be authenticated before calling API methods. You must log the user's name for each method call.
You need to configure the API method calls.
Which values should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

+ Explanation:
Box 1: Authorize
Box 2: X-MS-CLIENT-PRINCIPAL-NAME
App Service passes user claims to your application by using special headers. External requests aren't allowed to set these headers, so they are present only if set by App Service. Some example headers include:
X-MS-CLIENT-PRINCIPAL-NAME
X-MS-CLIENT-PRINCIPAL-ID
Here's the set of headers you get from Easy Auth for a Twitter authenticated user:
{
"cookie": "AppServiceAuthSession=Lx43...xHDTA==",
"x-ms-client-principal-name": "evilSnobu",
"x-ms-client-principal-id": "35....",
"x-ms-client-principal-idp": "twitter",
"x-ms-token-twitter-access-token": "35...Dj",
"x-ms-token-twitter-access-token-secret": "OK3...Jx",
}
References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-authentication-how-to

Comment: *

Name: *

Email: *

Verification: *

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level.
You need to configure authorization.
Solution:
Create a new Azure AD application. In the application's manifest, define application roles that match the required permission levels for the application.
Assign the appropriate Azure AD group to each role. In the website, use the value of the roles claim from the JWT for the user to determine permissions.
Does the solution meet the goal?

• A.Yes
• B.No

Comment: *

Name: *

Email: *

Verification: *

You have an Azure App Services Web App. Azure SQL Database instance. Azure Storage Account and an Azure Redis Cache instance in a resource group.
A developer must be able to publish code to the web app. You must grant the developer the Contribute role to the web app You need to grant the role.
What two commands can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A.New-AzureRmRoleAssignment
• B.az role assignment create
• C.az role definition create
• D.New-AzureRmRoleDefinition

Comment: *

Name: *

Email: *

Verification: *