Welcome to download the Newest 2passeasy AZ-204 dumps

https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Exam Questions AZ-204

Developing Solutions for Microsoft Azure

https://www.2passeasy.com/dumps/AZ-204/

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

NEW QUESTION 1
- (Topic 8)
You are developing several Azure API Management (APIM) hosted APIs. The APIs have the following requirements:
Require a subscription key to access all APIs.
• Include terms of use that subscribers must accept to use the APIs.
• Administrators must review and accept or reject subscription attempts.
• Limit the count of multiple simultaneous subscriptions. You need to implement the APIs.
What should you do? OB.

A. Create and publish a product.

B. Configure and apply query string-based versioning.
C. Configure and apply header-based versioning.
D. Add a new revision to all API
E. Make the revisions current and add a change log entr

Answer: B

NEW QUESTION 2
- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob.
The app continues to time out after four minutes. The app must process the blob data. You need to ensure the app does not time out and processes the blob data.
Solution: Update the functionTimeout property of the host.json project file to 10 minutes. Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
Instead pass the HTTP trigger payload into an Azure Service Bus queue to be processed by a queue trigger function and return an immediate HTTP success
response.
Note: Large, long-running functions can cause unexpected timeout issues. General best practices include:
Whenever possible, refactor large functions into smaller function sets that work together and return responses fast. For example, a webhook or HTTP trigger
function might require an acknowledgment response within a certain time limit; it's common for webhooks to require an immediate response. You can pass the
HTTP trigger payload into a queue to be
processed by a queue trigger function. This approach lets you defer the actual work and return an immediate response.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-best-practices

NEW QUESTION 3
- (Topic 8)
An organization hosts web apps in Azure. The organization uses Azure Monitor You discover that configuration changes were made to some of the web apps. You
need to identify the configuration changes. Which Azure Monitor log should you review?

A. AppServiceEnvironmentPlatformLogs
B. AppServiceApplogs
C. AppServiceAuditLogs
D. AppServiceConsoteLogs

Answer: C

NEW QUESTION 4
- (Topic 8)
You ate designing a small app that will receive web requests containing encoded geographic coordinates. Calls to the app will occur infrequently.
Which compute solution should you recommend?

A. Azure Functions
B. Azure App Service
C. Azure Batch
D. Azure API Management

Answer: B

NEW QUESTION 5
- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing an Azure solution to collect point-of-sale fPOS) device data from 2,000 stores located throughout the world. A single device can produce 2
megabytes (MB) of data every 24 hours. Each store location has one to five devices that send data.
You must store the device data in Azure Blob storage. Device data must be correlated based on a device identifier. Additional stores are expected to open in the
future.
You need to implement a solution to receive the device data.
Solution: Provision an Azure Event Hub. Configure the machine identifier as the partition key and enable capture.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

A. Yes
B. No

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-programming-guide

NEW QUESTION 6
DRAG DROP - (Topic 8)
A web service provides customer summary information for e-commerce partners. The web service is implemented as an Azure Function app with an HTTP trigger.
Access to the API is provided by an Azure API Management instance. The API Management instance is configured in consumption plan mode. All API calls are
authenticated by using OAuth.
API calls must be cached. Customers must not be able to view cached data for other customers.
You need to configure API Management policies for caching. How should you complete the policy statement?

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: internal caching-type
Choose between the following values of the attribute:
? internal to use the built-in API Management cache,
? external to use the external cache as Azure Cache for Redis
? prefer-external to use external cache if configured or internal cache otherwise.
Box 2: private downstream-caching-type
This attribute must be set to one of the following values.
? none - downstream caching is not allowed.
? private - downstream private caching is allowed.
? public - private and shared downstream caching is allowed.
Box 3: Authorization
<vary-by-header>Authorization</vary-by-header>
<!-- should be present when allow-private-response-caching is "true"-->
Note: Start caching responses per value of specified header, such as Accept, Accept- Charset, Accept-Encoding, Accept-Language, Authorization, Expect, From,
Host, If-Match

NEW QUESTION 7
DRAG DROP - (Topic 8)
You develop and deploy an Azure Logic App that calls an Azure Function app. The Azure Function App includes an OpenAPI (Swagger) definition and uses an
Azure Blob storage account. All resources are secured by using Azure Active Directory (Azure AD).
The Logic App must use Azure Monitor logs to record and store information about runtime data and events. The logs must be stored in the Azure Blob storage
account.
You need to set up Azure Monitor logs and collect diagnostics data for the Azure Logic App.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Answer: A

Explanation:
Step 1: Create a Log Analytics workspace
Before you start, you need a Log Analytics workspace.
Step 2: Install the Logic Apps Management solution
To set up logging for your logic app, you can enable Log Analytics when you create your logic app, or you can install the Logic Apps Management solution in your
Log Analytics workspace for existing logic apps.
Step 3: Add a diagnostic setting to the Azure Logic App Set up Azure Monitor logs
? In the Azure portal, find and select your logic app.
? On your logic app menu, under Monitoring, select Diagnostic settings > Add diagnostic setting.

NEW QUESTION 8
HOTSPOT - (Topic 8)
You are developing a web application that makes calls to the Microsoft Graph API. You register the application in the Azure portal and upload a valid X509
certificate.
You create an appsettings.json file containing the certificate name, client identifier for the application, and the tenant identifier of the Azure active Directory (Azure
AD). You create a method named ReadCertificate to return the X509 certificate by name.
You need to implement code that acquires a token by using the certificate.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-app-configuration?tabs=dotnet#instantiate-the-confidential-client-application-with-
a-client- certificate
https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-acquire-token?tabs=dotnet#acquiretokenforclient-api

NEW QUESTION 9
- (Topic 8)
You are developing a web application that runs as an Azure Web App. The web application stores data in Azure SQL Database and stores files in an Azure
Storage account. The web application makes HTTP requests to external services as part of normal operations.
The web application is instrumented with Application Insights. The external services are OpenTelemetry compliant.
You need to ensure that the customer ID of the signed in user is associated with all operations throughout the overall system.
What should you do?

A. Create a new SpanContext with the TraceRags value set to the customer ID for the signed in user.
B. On the current SpanContext, set the Traceld to the customer ID for the signed in user.
C. Add the customer ID for the signed in user to the CorrelationContext in the web application.
D. Set the header Ocp-Apim-Trace to the customer ID for the signed in user.

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/correlation

NEW QUESTION 10
- (Topic 8)
Your company purchases an Azure subscription and plans to migrate several on-premises virtual machines to Azure. You need to design the infrastructure
required (or the Azure virtual machines solution. What should you include in the design?

A. the number of Azure Storage accounts

B. the settings of the Azure virtual networks
C. the size of the virtual machines
D. the number of Azure regions

Answer: C

NEW QUESTION 10

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user’s Azure AD group membership must be used to
determine the permission level. You need to configure authorization.
Solution:
•Create a new Azure AD application’s manifest, set value of the groupMembershipClaims option to All.
•In the website, use the value of the groups claim from the JWI for the user to determine permissions.
Does the solution meet the goal?

A. Yes
B. No

Answer: A

Explanation:
To configure Manifest to include Group Claims in Auth Token
* 1. Go to Azure Active Directory to configure the Manifest. Click on Azure Active Directory, and go to App registrations to find your application:
* 2. Click on your application (or search for it if you have a lot of apps) and edit the Manifest by clicking on it.
* 3. Locate the “groupMembershipClaims” setting. Set its value to either “SecurityGroup” or “All”. To help you decide which:
“SecurityGroup” - groups claim will contain the identifiers of all security groups of which the user is a member.
“All” - groups claim will contain the identifiers of all security groups and all distribution lists of which the user is a member
Now your application will include group claims in your manifest and you can use this fact in your code.
References:
https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad- groups/

NEW QUESTION 15
- (Topic 8)
You develop and deploy a web app to Azure App Service. The Azure App Service uses a Basic plan in a region.
Users report that the web app is responding must capture the complete call stack to help performance issues in code. Call stack data must be correlated across
app instances. You must minimize cost and impact to users on the web app.
You need to capture the telemetry.
Which three actions should you perform? Each answer presents part Of the solution NOTE: Each correct selection is worth point

A. Enable Application Insights site extensions.

B. Enable Profiler.
C. Restart all apps in the App Service plan.
D. Enable Snapshot debugger.
E. Enable remote debugging.
F. Enable the Always On setting for the app service.
G. Upgrade the Azure App Service plan to Premium

Answer: CDF

NEW QUESTION 17
HOTSPOT - (Topic 8)
You are developing an application that runs in several customer Azure Kubernetes Service clusters, within each cluster, a pod runs that collects performance data
to be analyzed later, a large amount of data is collected so saving latency must be minimized
The performance data must be stored so that pod restarts do not impact the stored data. Write latency should be minimized.
You need to configure blob storage.
How should you complete the YAML configuration? To answer, select the appropriate options in the answer area.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 19
- (Topic 8)
You are a developing a SaaS application that stores data as key value pairs.
You must make multiple editions of the application available. In the lowest cost edition, the performance must be best-effort, and there is no regional failover.
In higher cos! editions customers must be able to select guaranteed performance and support for multiple regions. Azure costs must be minimized.
Which Azure Cosmos OB API should you use for the application?

A. Core
B. MongoDB
C. Cassandra
D. Table API

Answer: D

NEW QUESTION 23
- (Topic 8)
You are developing an e-commerce solution that uses a microservice architecture.
You need to design a communication backplane for communicating transactional messages between various parts of the solution. Messages must be
communicated in first- in-first-out (FIFO) order.
What should you use?

A. Azure Storage Queue

B. Azure Event Hub
C. Azure Service Bus
D. Azure Event Grid

Answer: C

Explanation:
As a solution architect/developer, you should consider using Service Bus queues when:
? Your solution requires the queue to provide a guaranteed first-in-first-out (FIFO) ordered delivery.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-bus-queues-compared-contrasted

NEW QUESTION 25
DRAG DROP - (Topic 8)
You develop software solutions for a mobile delivery service. You are developing a mobile app that users can use to order from a restaurant in their area. The app
uses the following workflow:
* 1. A driver selects the restaurants for which they will deliver orders.
* 2. Orders are sent to all available drivers in an area.
* 3. Only orders for the selected restaurants will appear for the driver.
* 4. The first driver to accept an order removes it from the list of available orders.
You need to implement an Azure Service Bus solution.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Create a single Service Bus Namespace
To begin using Service Bus messaging entities in Azure, you must first create a namespace with a name that is unique across Azure. A namespace provides a
scoping container for addressing Service Bus resources within your application.
Box 2: Create a Service Bus Topic for each restaurant for which a driver can receive messages.
Create topics.
Box 3: Create a Service Bus subscription for each restaurant for which a driver can receive orders.

NEW QUESTION 27
- (Topic 8)
You are designing a multi-tiered application that will be hosted on Azure virtual machines. The virtual machines will run Windows Server. Front-end servers will be
accessible from the Internet over port 443. The other servers will NOT be directly accessible over the internet
You need to recommend a solution to manage the virtual machines that meets the following requirement
• Allows the virtual machine to be administered by using Remote Desktop.
• Minimizes the exposure of the virtual machines on the Internet Which Azure service should you recommend?

A. Azure Bastion
B. Service Endpoint
C. Azure Private Link
D. Azure Front Door

Answer: C

NEW QUESTION 32
HOTSPOT - (Topic 8)
You are developing an application to store and retrieve data in Azure Blob storage. The application will be hosted in an on-premises virtual machine (VM). The VM
is connected to Azure by using a Site-to-Site VPN gateway connection. The application is secured by using Azure Active Directory (Azure AD) credentials.
The application must be granted access to the Azure Blob storage account with a start time, expiry time, and read permissions. The Azure Blob storage account
access must use the Azure AD credentials of the application to secure data access. Data access must be able to be revoked if the client application security is
breached.
You need to secure the application access to Azure Blob storage.
Which security features should you use? To answer select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Shared access signature (SAS) token

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

When your application design requires shared access signatures for access to Blob storage, use Azure AD credentials to create a user delegation SAS when
possible for superior security.
Box 2: Stored access policy
Stored access policies give you the option to revoke permissions for a service SAS without
having to regenerate the storage account keys.
A shared access signature can take one of the following two forms:
? Service SAS with stored access policy. A stored access policy is defined on a resource container, which can be a blob container, table, queue, or file share. The
stored access policy can be used to manage constraints for one or more service shared access signatures. When you associate a service SAS with a stored
access policy, the SAS inherits the constraints – the start time, expiry time, and permissions – defined for the stored access policy.
? Ad hoc SAS.

NEW QUESTION 35
HOTSPOT - (Topic 8)
All functions in the app meet the following requirements:
• Run until either a successful run or until 10 run attempts occur.
• Ensure that there are at least 20 seconds between attempts for up to 15 minutes. You need to configure the hostjson file.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 36
HOTSPOT - (Topic 8)
You are configuring a development environment for your team. You deploy the latest Visual Studio image from the Azure Marketplace to your Azure subscription.
The development environment requires several software development kits (SDKs) and third-party components to support application development across the
organization. You install and customize the deployed virtual machine (VM) for your development team. The customized VM must be saved to allow provisioning of
a new team member development environment.
You need to save the customized VM for future provisioning.
Which tools or services should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Azure Powershell
Creating an image directly from the VM ensures that the image includes all of the disks associated with the VM, including the OS disk and any data disks.
Before you begin, make sure that you have the latest version of the Azure PowerShell module.
You use Sysprep to generalize the virtual machine, then use Azure PowerShell to create the image.
Box 2: Azure Blob Storage References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource#create-an-image-of-a-vm-using-powershell

NEW QUESTION 40
HOTSPOT - (Topic 8)
You are a developer building a web site using a web app. The web site stores configuration data in Azure App Configuration. Access to Azure App Configuration
has been configured to use the identity of the web app for authentication. Security requirements specify that no other authentication systems must be used.
You need to load configuration data from Azure App Configuration.
How should you complete the code? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

NEW QUESTION 43
- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing an Azure Service application that processes queue data when it receives a message from a mobile application. Messages may not be sent to
the service consistently.
You have the following requirements:
? Queue size must not grow larger than 80 gigabytes (GB).
? Use first-in-first-out (FIFO) ordering of messages.
? Minimize Azure costs.
You need to implement the messaging solution.
Solution: Use the .Net API to add a message to an Azure Service Bus Queue from the mobile application. Create an Azure Windows VM that is triggered from
Azure Service Bus Queue.
Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
Don't use a VM, instead create an Azure Function App that uses an Azure Service Bus Queue trigger.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-storage-queue- triggered-function

NEW QUESTION 48
- (Topic 8)
You are developing a web application that uses the Microsoft identity platform to authenticate users and resources, The web application calls several REST APIs.
The APIs require an access token from the Microsoft identity platform. You need to request a token.
Which three properties should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A. Application name
B. Application secret
C. Application ID
D. Supported account type
E. Redirect URI/URL

Answer: ABC

NEW QUESTION 52
HOTSPOT - (Topic 8)
You are developing a solution that uses the Azure Storage Client library for .NET. You have the following code: (Line numbers are included for reference only.)

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Yes
AcquireLeaseAsync does not specify leaseTime.
leaseTime is a TimeSpan representing the span of time for which to acquire the lease, which will be rounded down to seconds. If null, an infinite lease will be
acquired. If not null, this must be 15 to 60 seconds.
Box 2: No
The GetBlockBlobReference method just gets a reference to a block blob in this container.
Box 3: Yes
The BreakLeaseAsync method initiates an asynchronous operation that breaks the current lease on this container.

NEW QUESTION 55
- (Topic 8)
You are updating an application that stores data on Azure and uses Azure Cosmos DB for storage. The application stores data in multiple documents associated
with a single username.
The application requires the ability to update multiple documents for a username in a single ACID operation.
You need to configure Azure Cosmos DB.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A. Configure Azure Cosmos DB to use the Azure Cosmos DB for Apache Gremlin API.
B. Configure Azure Cosmos DB to use the Azure Cosmos DB for MongoDB API.
C. Create a collection sharded on username to store documents.
D. Create an unsharded collection to store documents.

Answer: BD

NEW QUESTION 58
- (Topic 8)
You are creating an app that will use CosmosDB for data storage. The app will process batches of relational data.
You need to select an API for the app. Which API should you use?

A. MongoDBAPI
B. Table API
C. SQL API
D. Cassandra API

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Answer: C

Explanation:
For relational data you will need the SQL API
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/choose-api

NEW QUESTION 60
DRAG DROP - (Topic 8)
You are developing a serverless Java application on Azure. You create a new Azure Key Vault to work with secrets from a new Azure Functions application.
The application must meet the following requirements:
? Reference the Azure Key Vault without requiring any changes to the Java code.
? Dynamically add and remove instances of the Azure Functions host based on the number of incoming application events.
? Ensure that instances are perpetually warm to avoid any cold starts.
? Connect to a VNet.
? Authentication to the Azure Key Vault instance must be removed if the Azure Function application is deleted.
You need to grant the Azure Functions application access to the Azure Key Vault.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Step 1: Create the Azure Functions app with a Consumption plan type. Use the Consumption plan for serverless.
Step 2: Create a system-assigned managed identity for the application. Create a system-assigned managed identity for your application.
Key Vault references currently only support system-assigned managed identities. User- assigned identities cannot be used.
Step 3: Create an access policy in Key Vault for the application identity.
Create an access policy in Key Vault for the application identity you created earlier. Enable the "Get" secret permission on this policy. Do not configure the
"authorized application" or
applicationId settings, as this is not compatible with a managed identity.

NEW QUESTION 64
- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob.
The app continues to time out after four minutes. The app must process the blob data. You need to ensure the app does not time out and processes the blob data.
Solution: Pass the HTTP trigger payload into an Azure Service Bus queue to be processed by a queue trigger function and return an immediate HTTP success
response.
Does the solution meet the goal?

A. Yes
B. No

Answer: A

Explanation:
Large, long-running functions can cause unexpected timeout issues. General best practices include:
Whenever possible, refactor large functions into smaller function sets that work together and return responses fast. For example, a webhook or HTTP trigger
function might require an acknowledgment response within a certain time limit; it's common for webhooks to require an immediate response. You can pass the
HTTP trigger payload into a queue to be processedby a queue trigger function. This approach lets you defer the actual work and return an immediate response.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-best-practices

NEW QUESTION 66
- (Topic 8)
You are building a B2B web application that uses Azure B2B collaboration for authentication Paying customers authenticate to Azure B2B using federation
The application allows users to sign up for trial accounts using any email address
When a user converts to a paying customer, the data associated with the teal should be kept, but the user must authenticate using federation
You need to update the user in Azure Active Directory (Azure AD) when they convert to a paying customer
Which Graph API parameter is used to change authentication from one-time passé odes to federation?

A. uscrFlowType
B. Status
C. invittdUstr
D. resetRedemption

Answer: B

NEW QUESTION 68
- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.
You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user’s Azure AD group membership must be used to
determine the permission level.
You need to configure authorization. Solution:
? Create a new Azure AD application. In the application’s manifest, define application roles that match the required permission levels for the application.
? Assign the appropriate Azure AD group to each role. In the website, use the value
of the roles claim from the JWT for the user to determine permissions. Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
To configure Manifest to include Group Claims in Auth Token
? Go to Azure Active Directory to configure the Manifest. Click on Azure Active Directory, and go to App registrations to find your application:
? Click on your application (or search for it if you have a lot of apps) and edit the Manifest by clicking on it.
? Locate the “groupMembershipClaims” setting. Set its value to either “SecurityGroup” or “All”. To help you decide which:
? “SecurityGroup” - groups claim will contain the identifiers of all security groups of which the user is a member.
? “All” - groups claim will contain the identifiers of all security groups and all distribution lists of which the user is a member
Now your application will include group claims in your manifest and you can use this fact in your code.
Reference:
https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad- groups/

NEW QUESTION 73
- (Topic 8)
You have an application that includes an Azure Web app and several Azure Function apps. Application secrets including connection strings and certificates are
stored in Azure Key Vault.
Secrets must not be stored in the application or application runtime environment. Changes to Azure Active Directory (Azure AD) must be minimized.
You need to design the approach to loading application secrets. What should you do?

A. Create a single user-assigned Managed Identity with permission to access Key Vault and configure each App Service to use that Managed Identity.
B. Create a single Azure AD Service Principal with permission to access Key Vault and use a client secret from within the App Services to access Key Vault.
C. Create a system assigned Managed Identity in each App Service with permission to access Key Vault.
D. Create an Azure AD Service Principal with Permissions to access Key Vault for each App Service and use a certificate from within the App Services to access
Key Vault.

Answer: C

Explanation:
Use Key Vault references for App Service and Azure Functions.
Key Vault references currently only support system-assigned managed identities. User- assigned identities cannot be used.
Reference:
https://docs.microsoft.com/en-us/azure/app-service/app-service-key-vault-references

NEW QUESTION 78
- (Topic 8)
You develop and deploy a Java RESTful API to Azure App Service.
You open a browser and navigate to the URL for the API. You receive the following error message:

You need to resolve the error. What should you do?

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

A. Bind an SSL certificate

B. Enable authentication
C. Enable CORS
D. Map a custom domain
E. Add a CDN

Answer: C

Explanation:
We need to enable Cross-Origin Resource Sharing (CORS).
References:
https://medium.com/@xinganwang/a-practical-guide-to-cors-51e8fd329a1f

NEW QUESTION 82
DRAG DROP - (Topic 8)
You develop an application. You plan to host the application on a set of virtual machines (VMs) in Azure.
You need to configure Azure Monitor to collect logs from the application.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Step 1: Create a Log Analytics workspace. First create the workspace.

Step 2: Add a VMInsights solution.

Before a Log Analytics workspace can be used with VM insights, it must have the VMInsights solution installed.
Step 3: Install agents on the VM and VM scale set to be monitored.
Prior to onboarding agents, you must create and configure a workspace. Install or update the Application Insights Agent as an extension for Azure virtual machines
and VM scalet sets.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Step 4: Create an Application Insights resource

Sign in to the Azure portal, and create an Application Insights resource.
Once a workspace-based Application Insights resource has been created, configuring monitoring is relatively straightforward.

NEW QUESTION 86
HOTSPOT - (Topic 8)
A company develops a series of mobile games. All games use a single leaderboard service.
You have the following requirements:
•Code should be scalable and allow for growth.
•Each record must consist of a playedId, gameId, score, and time played.
•When users reach a new high score, the system will save the new score using the SaveScore function below.
•Each game is assigned and Id based on the series title.
You have the following code. (Line numbers are included for reference only.)

You store customer information in an Azure Cosmos database. The following data already exists in the database:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Yes
Code for CosmosDB, example:
// Parse the connection string and return a reference to the storage account. CloudStorageAccount storageAccount = CloudStorageAccount.Parse(
CloudConfigurationManager.GetSetting("StorageConnectionString"));
// Create the table client.
CloudTableClient tableClient = storageAccount.CreateCloudTableClient();
// Retrieve a reference to the table.
CloudTable table = tableClient.GetTableReference("people");
// Create the TableOperation object that inserts the customer entity. TableOperation insertOperation = TableOperation.Insert(customer1);
Box 2: No
A new record will always be added as TableOperation.Insert is used, instead of TableOperation.InsertOrReplace.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Box 3: No
No partition key is used. Box 4: Yes
References:
https://docs.microsoft.com/en-us/azure/cosmos-db/table-storage-how-to-use-dotnet

NEW QUESTION 91
HOTSPOT - (Topic 8)
You are using Azure Front Door Service.
You are expecting inbound files to be compressed by using Brotli compression. You discover that inbound XML files are not compressed. The files are 9
megabytes (MB) in size.
You need to determine the root cause for the issue.
To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: No
Front Door can dynamically compress content on the edge, resulting in a smaller and faster response to your clients. All files are eligible for compression.
However, a file must be of a MIME type that is eligible for compression list.
Box 2: No
Sometimes you may wish to purge cached content from all edge nodes and force them all to retrieve new updated assets. This might be due to updates to your
web application, or to quickly update assets that contain incorrect information.
Box 3: Yes
These profiles support the following compression encodings: Gzip (GNU zip), Brotli

NEW QUESTION 92
HOTSPOT - (Topic 8)
You are building a website that is used to review restaurants. The website will use an Azure CDN to improve performance and add functionality to requests.
You build and deploy a mobile app for Apple iPhones. Whenever a user accesses the website from an iPhone, the user must be redirected to the app store.
You need to implement an Azure CDN rule that ensures that iPhone users are redirected to the app store.
How should you complete the Azure Resource Manager template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: iOS
Azure AD Conditional Access supports the following device platforms:
? Android
? iOS
? Windows Phone
? Windows
? macOS
Box 2: DeliveryRuleIsDeviceConditionParameters
The DeliveryRuleIsDeviceCondition defines the IsDevice condition for the delivery rule. parameters defines the parameters for the condition.
Box 3: HTTP_USER_AGENT
Box 4: DeliveryRuleRequestHeaderConditionParameters DeliveryRuleRequestHeaderCondition defines the RequestHeader condition for the delivery rule.
parameters defines the parameters for the condition.
Box 5: iOS
The Require approved client app requirement only supports the iOS and Android for device platform condition.

NEW QUESTION 93
HOTSPOT - (Topic 8)
You implement an Azure solution to include Azure Cosmos DB. the latest Azure Cosmos DB SDK, and the Azure Cosmos DB for NoSQL API. You also implement
a change feed processor on a new container instance by using the Azure Functions trigger for Azure Cosmos DB.
A large batch of documents continues to fail when reading one of the documents in the batch. The same batch of documents is continuously retried by the
triggered function and a new batch of documents must be read.
You need to implement the change feed processor to read the documents.
Which feature should you implement? To answer, select the appropriate features in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

NEW QUESTION 94
HOTSPOT - (Topic 8)
You are developing an application that uses Azure Storage to store customer data. The data must only be decrypted by the customer and the customer must be
provided a script to rotate keys.
You need to provide a script to rotate keys to the customer.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 98
- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the
solution meets the stated goals.
You are developing and deploying several ASP.Net web applications to Azure App Service. You plan to save session state information and HTML output. You
must use a storage mechanism with the following requirements:
•Share session state across all ASP.NET web applications
•Support controlled, concurrent access to the same session state data for multiple readers and a single writer

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

•Save full HTTP responses for concurrent requests You need to store the information.
Proposed Solution: Deploy and configure Azure Cache for Redis. Update the web applications.
Does the solution meet the goal?

A. Yes
B. No

Answer: A

Explanation:
The session state provider for Azure Cache for Redis enables you to share session information between different instances of an ASP.NET web application.
The same connection can be used by multiple concurrent threads. Redis supports both read and write operations.
The output cache provider for Azure Cache for Redis enables you to save the HTTP responses generated by an ASP.NET web application.
Note: Using the Azure portal, you can also configure the eviction policy of the cache, and control access to the cache by adding users to the roles provided. These
roles, which define the operations that members can perform, include Owner, Contributor, and Reader. For example, members of the Owner role have complete
control over the cache (including security) and its contents, members of the Contributor role can read and write information
in the cache, and members of the Reader role can only retrieve data from the cache.
Reference:
https://docs.microsoft.com/en-us/azure/architecture/best-practices/caching

NEW QUESTION 100

HOTSPOT - (Topic 8)
You develop a containerized application. You plan to deploy the application to a new Azure Container instance by using a third-party continuous integration and
continuous delivery (CI/CD) utility.
The deployment must be unattended and include all application assets. The third-party utility must only be able to push and pull images from the registry. The
authentication must be managed by Azure Active Directory (Azure AD). The solution must use the principle of least privilege.
You need to ensure that the third-party utility can access the registry.
Which authentication options should you use? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Service principal
Applications and container orchestrators can perform unattended, or "headless," authentication by using an Azure Active Directory (Azure AD) service principal.
Box 2: AcrPush
AcrPush provides pull/push permissions only and meets the principle of least privilege.

NEW QUESTION 103

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob.
The app continues to time out after four minutes. The app must process the blob data. You need to ensure the app does not time out and processes the blob data.
Solution: Use the Durable Function async pattern to process the blob data. Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
Instead pass the HTTP trigger payload into an Azure Service Bus queue to be processed by a queue trigger function and return an immediate HTTP success
response.
Note: Large, long-running functions can cause unexpected timeout issues. General best practices include:
Whenever possible, refactor large functions into smaller function sets that work together and return responses fast. For example, a webhook or HTTP trigger

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

function might require an acknowledgment response within a certain time limit; it's common for webhooks to require an immediate response. You can pass the
HTTP trigger payload into a queue to be processed by a queue trigger function. This approach lets you defer the actual work and return an immediate response.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-best-practices

NEW QUESTION 105

- (Topic 8)
You are implementing an Azure API app that uses built-in authentication and authorization functionality.
All app actions must be associated with information about the current user. You need to retrieve the information about the current user.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. HTTP headers
B. environment variables
C. /.auth/me HTTP endpoint
D. /.auth/login endpoint

Answer: AC

Explanation:
A: After App Service Authentication has been configured, users trying to access your API are prompted to sign in with their organizational account that belongs to
the same Azure AD as the Azure AD application used to secure the API. After signing in, you are able to access the information about the current user through the
HttpContext.Current.User property.
C: While the server code has access to request headers, client code can access GET
/.auth/me to get the same access tokens (
References:
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-auth-aad
https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/guidance/connect-to-api-secured-with-aad

NEW QUESTION 108

- (Topic 8)
You develop a solution that uses Azure Virtual Machines (VMs).
The VMs contain code that must access resources in an Azure resource group. You grant the VM access to the resource group in Resource Manager.
You need to obtain an access token that uses the VMs system-assigned managed identity. Which two actions should you perform? Each correct answer presents
part of the solution.

A. Use PowerShell on a remote machine to make a request to the local managed identity for Azure resources endpoint.
B. Use PowerShell on the VM to make a request to the local managed identity for Azure resources endpoint.
C. From the code on the V
D. call Azure Resource Manager using an access token.
E. From the code on the V
F. call Azure Resource Manager using a SAS token.
G. From the code on the V
H. generate a user delegation SAS token.

Answer: BC

NEW QUESTION 111

- (Topic 8)
You are developing several Azure API Management (APIM) hosted APIs.
You must inspect request processing of the APIs in APIM. Requests to APIM by using a REST client must also be included. The request inspection must include
the following information:
• requests APIM sent to the API backend and the response it received
• policies applied to the response before sending back to the caller
• errors that occurred during the processing of the request and the policies applied to the errors
• original request APIM received from the caller and the policies applied to the request You need to inspect the APIs.
Which three actions should you do? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A. Enable the Allow tracing setting for the subscription used to inspect the API.
B. Add the Ocp-Apim-Trace header value to the API call with a value set to true
C. Add the Ocp-Apim-Subscription-Key header value to the key for a subscription that allows access to the API.
D. Create and configure a custom polic
E. Apply the policy to the outbound policy section with an API scope.
F. Create and configure a custom polic
G. Apply the policy to the inbound policy section with a global scope.

Answer: ABC

Explanation:
The correct answer is A, B, and C. To inspect request processing of the APIs in APIM, you need to do the following three actions:
? Enable the Allow tracing setting for the subscription used to inspect the API. This
setting allows you to trace request processing in APIM using the test console, a REST client, or a client app.You can enable this setting in the portal by selecting
Subscriptions and then selecting the subscription you want to use for debugging1.
? Add the Ocp-Apim-Trace header value to the API call with a value set to true. This
header triggers tracing when making requests to APIM using a REST client or a client app.You also need to add the Ocp-Apim-Subscription-Key header value to
the key for a subscription that allows access to the API1.
? Add the Ocp-Apim-Subscription-Key header value to the key for a subscription that
allows access to the API. This header authenticates your request and grants you access to the API.You can find the key for your subscription in the portal by
selecting Subscriptions and then selecting Show/hide keys1.
You do not need to create and configure a custom policy for tracing request processing.The trace policy is used to add a custom trace into the request tracing

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

output,Application Insights telemetries, and/or resource logs2. It is not required for inspecting the APIs.

NEW QUESTION 116

DRAG DROP - (Topic 8)
You are developing an application to use Azure Blob storage. You have configured Azure Blob storage to include change feeds.
A copy of your storage account must be created in another region. Data must be copied from the current storage account to the new storage account directly
between the storage servers.
You need to create a copy of the storage account in another region and copy the data.
In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-move?tabs=azure-portal#modify-the-template

NEW QUESTION 118

HOTSPOT - (Topic 8)
You plan to deploy a web app to App Service on Linux. You create an App Service plan. You create and push a custom Docker image that image that contains the
web app to Azure Container Registry.
You need to access the console logs generated from inside the container in real-time. How should you complete the Azure CLI command? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: config
To Configure logging for a web app use the command: az webapp log config
Box 2: --docker-container-logging Syntax include:
az webapp log config [--docker-container-logging {filesystem, off}]
Box 3: webapp
To download a web app's log history as a zip file use the command: az webapp log download
Box 4: download References:

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

https://docs.microsoft.com/en-us/cli/azure/webapp/log

NEW QUESTION 119

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop and deploy an Azure App Service API app to a Windows-hosted deployment slot named Development. You create additional deployment slots
namedTestingand Production. You enable auto swap on the Production deployment slot.
You need to ensure that scripts run and resources are available before a swap operation occurs.
Solution: Update the web.config file to include the applicationInitialization configuration element. Specify custom initialization actions to run the scripts.
Does the solution meet the goal?

A. Yes
B. No

Answer: A

Explanation:
Specify custom warm-up.
Some apps might require custom warm-up actions before the swap. The applicationInitialization configuration element in web.config lets you specify custom
initialization actions. The swap operation waits for this custom warm-up to finish before swapping with the target slot. Here's a sample web.config fragment.
<system.webServer>
<applicationInitialization>
<add initializationPage="/" hostName="[app hostname]" />
<add initializationPage="/Home/About" hostName="[app hostname]" />
</applicationInitialization>
</system.webServer>
Reference:
https://docs.microsoft.com/en-us/azure/app-service/deploy-staging-slots#troubleshoot- swaps

NEW QUESTION 121

HOTSPOT - (Topic 8)
You are developing a back-end Azure App Service that scales based on the number of
messages contained in a Service Bus queue.
A rule already exists to scale up the App Service when the average queue length of unprocessed and valid queue messages is greater than 1000.
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not met.
How should you configure the Scale rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Service bus queue

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

You are developing a back-end Azure App Service that scales based on the number of messages contained in a Service Bus queue.
Box 2: ActiveMessage Count
ActiveMessageCount: Messages in the queue or subscription that are in the active state and ready for delivery.
Box 3: Count
Box 4: Less than or equal to
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not met.
Box 5: Decrease count by

NEW QUESTION 126

- (Topic 8)
Your company is developing an Azure API.
You need to implement authentication for the Azure API. You have the following requirements:
? All API calls must be secure.
? Callers to the API must not send credentials to the API.
Which authentication mechanism should you use?

A. Basic
B. Anonymous
C. Managed identity
D. Client certificate

Answer: C

Explanation:
Use the authentication-managed-identity policy to authenticate with a backend service using the managed identity of the API Management service. This policy
essentially uses the managed identity to obtain an access token from Azure Active Directory for accessing the specified resource. After successfully obtaining the
token, the policy will set the value of the token in the Authorization header using the Bearer scheme.
Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure/api-management/api-management- authentication-policies

NEW QUESTION 131

- (Topic 8)
You develop and deploy an ASP.NET web app to Azure App Service. You use Application Insights telemetry to monitor the app.
You must test the app to ensure that the app is available and responsive from various points around the world and at regular intervals. If the app is not responding,
you must send an alert to support staff.
You need to configure a test for the web app.
Which two test types can you use? Each correct answer presents a complete solution.
NOTE:Each correct selection is worth one point.

A. integration
B. multi-step web
C. URL ping
D. unit
E. load

Answer: BC

Explanation:
There are three types of availability tests:
? URL ping test: a simple test that you can create in the Azure portal.
? Multi-step web test: A recording of a sequence of web requests, which can be played back to test more complex scenarios. Multi-step web tests are created in
Visual Studio Enterprise and uploaded to the portal for execution.
? Custom Track Availability Tests: If you decide to create a custom application to run availability tests, the TrackAvailability() method can be used to send the
results to Application Insights.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/monitor-web-app-availability

NEW QUESTION 133

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop and deploy an Azure App Service API app to a Windows-hosted deployment slot named Development. You create additional deployment slots
namedTestingand Production. You enable auto swap on the Production deployment slot.
You need to ensure that scripts run and resources are available before a swap operation occurs.
Solution: Update the app with a method named statuscheck to run the scripts. Update the app settings for the app. Set the
WEBSITE_SWAP_WARMUP_PING_PATH and WEBSITE_SWAP_WARMUP_PING_STATUSES with a path to the new method and appropriate response codes.
Does the solution meet the goal?

A. Yes
B. No

Answer: A

Explanation:
These are valid warm-up behavior options, but are not helpful in fixing swap problems. Instead update the web.config file to include the applicationInitialization
configuration
element. Specify custom initialization actions to run the scripts.
Note: Some apps might require custom warm-up actions before the swap. The
applicationInitialization configuration element in web.config lets you specify custom initialization actions. The swap operation waits for this custom warm-up to finish

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

before swapping with the target slot. Here's a sample web.config fragment.
<system.webServer>
<applicationInitialization>
<add initializationPage="/" hostName="[app hostname]" />
<add initializationPage="/Home/About" hostName="[app hostname]" />
</applicationInitialization>
</system.webServer>
Reference:
https://docs.microsoft.com/en-us/azure/app-service/deploy-staging-slots#troubleshoot- swaps

NEW QUESTION 138

DRAG DROP - (Topic 8)
You are developing a web service that will run on Azure virtual machines that use Azure Storage. You configure all virtual machines to use managed identities.
You have the following requirements:
? Secret-based authentication mechanisms are not permitted for accessing an Azure Storage account.
? Must use only Azure Instance Metadata Service endpoints.
You need to write code to retrieve an access token to access Azure Storage. To answer, drag the appropriate code segments to the correct locations. Each code
segment may be used once or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Azure Instance Metadata Service endpoints "/oauth2/token" Box 1: http://169.254.169.254/metadata/identity/oauth2/token
Sample request using the Azure Instance Metadata Service (IMDS) endpoint (recommended):
GET 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02- 01&resource=https://management.azure.com/' HTTP/1.1 Metadata: true
Box 2: JsonConvert.DeserializeObject<Dictionary<string,string>>(payload); Deserialized token response; returning access code.

NEW QUESTION 139

DRAG DROP - (Topic 8)
You develop a gateway solution for a public facing news API.
The news API back end is implemented as a RESTful service and hosted in an Azure App Service instance.
You need to configure back-end authentication for the API Management service instance. Which target and gateway credential type should you use? To answer,
drag the appropriate
values to the correct parameters. Each value may be used once, more than once, or not at
all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Azure Resource Box 2: Client cert

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

API Management allows to secure access to the back-end service of an API using client certificates.

NEW QUESTION 142

DRAG DROP - (Topic 8)
Fourth Coffee has an ASP.NET Core web app that runs in Docker. The app is mapped to the www.fourthcoffee.com domain.
Fourth Coffee is migrating this application to Azure.
You need to provision an App Service Web App to host this docker image and map the custom domain to the App Service web app.
A resource group named FourthCoffeePublicWebResourceGroup has been created in the WestUS region that contains an App Service Plan named
AppServiceLinuxDockerPlan.
Which order should the CLI commands be used to develop the solution? To answer, move all of the Azure CLI command from the list of commands to the answer
area and arrange them in the correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Step 1: #bin/bash
The appName is used when the webapp-name is created in step 2.
Step 2: az webapp config hostname add
The webapp-name is used when the webapp is created in step 3.
Step 3: az webapp create
Create a web app. In the Cloud Shell, create a web app in the myAppServicePlan App Service plan with the az webapp create command.
Step : az webapp confing container set
In Create a web app, you specified an image on Docker Hub in the az webapp create command. This is good enough for a public image. To use a private image,
you need to configure your Docker account ID and password in your Azure web app.
In the Cloud Shell, follow the az webapp create command with az webapp config container set.
References:
https://docs.microsoft.com/en-us/azure/app-service/containers/tutorial-custom-docker- image

NEW QUESTION 145

- (Topic 8)
You develop and deploy an Azure App Service web app. The app is deployed to multiple regions and uses Azure Traffic Manager. Application Insights is enabled
for the app.
You need to analyze app uptime for each month.
Which two solutions win achieve the goal? Each correct answer presents a complete solution
NOTE: Each correct selection is worth one point

A. Application Insights alerts

B. Application Insights web tests
C. Azure Monitor logs
D. Azure Monitor metrics

Answer: AC

Explanation:
Reference:
https://azure.microsoft.com/en-us/blog/creating-a-web-test-alert-programmatically-with-application-insights/

NEW QUESTION 149

HOTSPOT - (Topic 8)
You are developing an application that monitors data added to an Azure Blob storage account.
You need to process each change made to the storage account.
How should you complete the code segment? TO answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 150

DRAG DROP - (Topic 8)
Your company has several websites that use a company logo image. You use Azure Content Delivery Network (CDN) to store the static image.
You need to determine the correct process of how the CDN and the Point of Presence (POP) server will distribute the image and list the items in the correct order.
In which order do the actions occur? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Step 1: A user requests the image..
A user requests a file (also called an asset) by using a URL with a special domain name, such as <endpoint name>.azureedge.net. This name can be an endpoint
hostname or a custom domain. The DNS routes the request to the best performing POP location, which is usually the POP that is geographically closest to the
user.
Step 2: If no edge servers in the POP have the..

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

If no edge servers in the POP have the file in their cache, the POP requests the file from the origin server. The origin server can be an Azure Web App, Azure
Cloud Service, Azure Storage account, or any publicly accessible web server.
Step 3: The origin server returns the..
The origin server returns the file to an edge server in the POP.
An edge server in the POP caches the file and returns the file to the original requestor (Alice). The file remains cached on the edge server in the POP until the time-
to-live (TTL) specified by its HTTP headers expires. If the origin server didn't specify a TTL, the default TTL is seven days.
Step 4: Subsequent requests for..
Additional users can then request the same file by using the same URL that the original user used, and can also be directed to the same POP.
If the TTL for the file hasn't expired, the POP edge server returns the file directly from the cache. This process results in a faster, more responsive user experience.
References:
https://docs.microsoft.com/en-us/azure/cdn/cdn-overview

NEW QUESTION 151

DRAG DROP - (Topic 8)
A company backs up all manufacturing data to Azure Blob Storage. Admins move blobs from hot storage to archive tier storage every month.
You must automatically move blocks to Archive tier after they have not been accessed for 180 days. The path for any item that is not archived must be placed in
an existing queue. This operation must be performed automatically once a month. You set the value of TierAgeInDays to 180.
How should you configure the Logic App? To answer, drag the appropriate triggers or action blocks to the correct trigger or action slots. Each trigger or action
block may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Recurrence Box 2: Insert Entity
Box 3 (if true): Tier Blob
Box 4: (if false): Leave blank.
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-perform-data- operations

NEW QUESTION 156

DRAG DROP - (Topic 8)
You develop software solutions for a mobile delivery service. You are developing a mobile app that users can use to order from a restaurant in their area. The app

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

uses the following workflow:

? A driver selects the restaurants from which they will deliver orders.
? Orders are sent to all available drivers in an area.
? Only orders for the selected restaurants will appear for the driver.
? The first driver to accept an order removes it from the list of available orders.
You need to implement an Azure Service Bus solution.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Create a single Service Bus Namespace
To begin using Service Bus messaging entities in Azure, you must first create a namespace with a name that is unique across Azure. A namespace provides a
scoping container for addressing Service Bus resources within your application.
Box 2: Create a Service Bus Topic for each restaurant for which a driver can receive messages.
Create topics.
Box 3: Create a Service Bus subscription for each restaurant for which a driver can receive orders.

NEW QUESTION 157

- (Topic 8)
You develop an app that allows users to upload photos and videos to Azure storage. The app uses a storage REST API call to upload the media to a blob storage
account named Account1. You have blob storage containers named Container1 and Container2.
Uploading of videos occurs on an irregular basis.
You need to copy specific blobs from Container1 to Container2 when a new video is uploaded.
What should you do?

A. Copy blobs to Container2 by using thePut Bloboperation of the Blob Service REST API
B. Create anEvent Gridtopic that uses theStart-AzureStorageBlobCopycmdlet
C. UseAzCopywith theSnapshotswitch to copy blobs to Container2
D. Download the blob to a virtual machine and then upload the blob to Container2

Answer: B

Explanation:
The Start-AzureStorageBlobCopy cmdlet starts to copy a blob. Example 1: Copy a named blob
C:\PS>Start-AzureStorageBlobCopy -SrcBlob "ContosoPlanning2015" -DestContainer "ContosoArchives" -SrcContainer "ContosoUploads"
This command starts the copy operation of the blob named ContosoPlanning2015 from the container named ContosoUploads to the container named
ContosoArchives.
Reference:
https://docs.microsoft.com/en-us/powershell/module/azure.storage/start- azurestorageblobcopy?view=azurermps-6.13.0

NEW QUESTION 158

HOTSPOT - (Topic 8)
You have an Azure Batch project that processes and converts files and stores the files in Azure storage. You are developing a function to start the batch job.
You add the following parameters to the function.

You must ensure that converted files are placed in the container referenced by the outputContainerSasUrl parameter. Files which fail to convert are places in the
container referenced by the failedContainerSasUrl parameter.
You need to ensure the files are correctly processed.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: CreateJob
Box 2: TaskSuccess
TaskSuccess: Upload the file(s) only after the task process exits with an exit code of 0.
Incorrect: TaskCompletion: Upload the file(s) after the task process exits, no matter what the exit code was.
Box 3: TaskFailure
TaskFailure:Upload the file(s) only after the task process exits with a nonzero exit code.
Box 4: OutputFiles
To specify output files for a task, create a collection of OutputFile objects and assign it to
the CloudTask.OutputFiles property when you create the task.
References: https://docs.microsoft.com/en-
us/dotnet/api/microsoft.azure.batch.protocol.models.outputfileuploadcondition https://docs.microsoft.com/en-us/azure/batch/batch-task-output-files

NEW QUESTION 159

DRAG DROP - (Topic 8)
You are developing an Azure solution to collect inventory data from thousands of stores located around the world. Each store location will send the inventory data
hourly to an Azure Blob storage account for processing.
The solution must meet the following requirements:
? Begin processing when data is saved to Azure Blob storage.
? Filter data based on store location information.
? Trigger an Azure Logic App to process the data for output to Azure Cosmos DB.
? Enable high availability and geographic distribution.
? Allow 24-hours for retries.
? Implement an exponential back off data processing.
You need to configure the solution.
What should you implement? To answer, select the appropriate options in the answer area.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Azure Event Grid
Blob storage events are pushed using Azure Event Grid to subscribers such as Azure Functions, Azure Logic Apps, or even to your own http listener. Event Grid
provides reliable event delivery to your applications through rich retry policies and dead-lettering.
Box 2: Azure Logic App
Event Grid uses event subscriptions to route event messages to subscribers. This image illustrates the relationship between event publishers, event subscriptions,
and event handlers.

Diagram
Description automatically generated
Box 3: Azure Service Bus
The Event Grid service doesn't store events. Instead, events are stored in the Event Handlers, including ServiceBus, EventHubs, Storage Queue, WebHook
endpoint, or many other supported Azure Services.

NEW QUESTION 163

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage
Blob storage. The storage account type is General-purpose V2.
When photos are uploaded, they must be processed to produce and save a mobile-friendly version of the image. The process to produce a mobile-friendly version
of the image must start in less than one minute.
You need to design the process that starts the photo processing. Solution: Trigger the photo processing from Blob storage events. Does the solution meet the
goal?

A. Yes
B. NO

Answer: B

Explanation:
You need to catch the triggered event, so move the photo processing to an Azure Function triggered from the blob upload
Note: Azure Storage events allow applications to react to events. Common Blob storage event scenarios include image or video processing, search indexing, or
any file-oriented workflow.
Events are pushed using Azure Event Grid to subscribers such as Azure Functions, Azure Logic Apps, or even to your own http listener.
Note: Only storage accounts of kind StorageV2 (general purpose v2) and BlobStorage support event integration. Storage (general purpose v1) does not support
integration with Event Grid.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview

NEW QUESTION 166

- (Topic 8)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Use the Reader role-based access control (RBAC) role to authenticate the VM with Azure Resource Manager.
Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
Instead run the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm

NEW QUESTION 168

DRAG DROP - (Topic 8)
You are a developer for a software as a service (SaaS) company that uses an Azure Function to process orders. The Azure Function currently runs on an Azure
Function app that is triggered by an Azure Storage queue.
You are preparing to migrate the Azure Function to Kubernetes using Kubernetes-based Event Driven Autoscaling (KEDA).
You need to configure Kubernetes Custom Resource Definitions (CRD) for the Azure Function.
Which CRDs should you configure? To answer, drag the appropriate CRD types to the correct locations. Each CRD type may be used once, more than once, or
not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Deployment
To deploy Azure Functions to Kubernetes use the func kubernetes deploy command has several attributes that directly control how our app scales, once it is
deployed to Kubernetes.
Box 2: ScaledObject
With --polling-interval, we can control the interval used by KEDA to check Azure Service
Bus Queue for messages.
Example of ScaledObject with polling interval apiVersion: keda.k8s.io/v1alpha1
kind: ScaledObject metadata:
name: transformer-fn namespace: tt labels:
deploymentName: transformer-fn spec:
scaleTargetRef: deploymentName: transformer-fn pollingInterval: 5
minReplicaCount: 0
maxReplicaCount: 100
Box 3: Secret
Store connection strings in Kubernetes Secrets. Example: to create the Secret in our demo Namespace:
# create the k8s demo namespace kubectl create namespace tt
# grab connection string from Azure Service Bus KEDA_SCALER_CONNECTION_STRING=$(az servicebus queue authorization-rule keys list \
-g $RG_NAME \
--namespace-name $SBN_NAME \
--queue-name inbound \
-n keda-scaler \
--query "primaryConnectionString" \
-o tsv)
# create the kubernetes secret
kubectl create secret generic tt-keda-auth \
--from-literal KedaScaler=$KEDA_SCALER_CONNECTION_STRING \

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

--namespace tt

NEW QUESTION 170

HOTSPOT - (Topic 8)
You are working for a company that designs mobile applications. They maintain a server where player records are assigned to their different games. The tracking
system is new and in development.
The application uses Entity Framework to connect to an Azure Database. The database holds a Player table and Game table.
When adding a player, the code should insert a new player record, and add a relationship between an existing game record and the new player record.
The application will call CreatePlayerWithGame with the correct gameIdand the playerId to start the process. (Line numbers are included for reference only.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Many-to-many relationships without an entity class to represent the join table are not yet supported. However, you can represent a many-to-many relationship by
including an entity class for the join table and mapping two separate one-to-many relationships.
protected override void OnModelCreating(ModelBuilder modelBuilder)

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

{
modelBuilder.Entity<PostTag>()
HasKey(t => new { t.PostId, t.TagId });
modelBuilder.Entity<PostTag>() HasOne(pt => pt.Post) WithMany(p => p.PostTags) HasForeignKey(pt => pt.PostId);
modelBuilder.Entity<PostTag>() HasOne(pt => pt.Tag) WithMany(t => t.PostTags) HasForeignKey(pt => pt.TagId);
}
}

NEW QUESTION 171

- (Topic 7)
you need to reduce read latency for the retail store solution.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Create a new composite index for the store location data queries in Azure Cosmos D
B. Modify the queries to support parameterized SQL and update the Azure function app to call the new Queries.
C. Configure Azure Cosmos DB consistency to strong consistency Increase the RUs for the container supporting store location data.
D. Provision an Azure Cosmos OB dedicated gateway, update blob storage to use the new dedicated gateway endpoint.
E. Configure Azure Cosmos DB consistency to session consistenc
F. Cache session tokens in a new Azure Redis cache instance after every writ
G. Update reads to use the session token stored in Azure Redis.
H. Provision an Azure Cosmos DB dedicated gateway Update the Azure Function app connection string to use the new dedicated gateway endpoint.

Answer: CD

NEW QUESTION 174

HOTSPOT - (Topic 7)
YOU need to reliably identify the delivery driver profile information.
How should you configure the system? To answer, select the appropriate options in the answer area.
NOTE Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 179

- (Topic 7)
You need to implement a solution to resolve the retail store location data issue.
Which three Azure Blob features should you enable? Each correct answer presents part of the solution.
NOTE Each correct selection is worth one point

A. Immutability
B. Snapshots
C. Versioning
D. Soft delete
E. Object replication

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

F. Change feed

Answer: CDF

Explanation:
Scenario: You must perform a point-in-time restoration of the retail store location data due to an unexpected and accidental deletion of data.
Before you enable and configure point-in-time restore, enable its prerequisites for the storage account: soft delete, change feed, and blob versioning.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/point-in-time-restore-manage

NEW QUESTION 180

- (Topic 5)
You need to ensure the security policies are met.
What code do you add at line CS07 of ConfigureSSE.ps1?

A. –PermissionsToKeys create, encrypt, decrypt

B. –PermissionsToCertificates create, encrypt, decrypt
C. –PermissionsToCertificates wrapkey, unwrapkey, get
D. –PermissionsToKeys wrapkey, unwrapkey, get

Answer: B

Explanation:
Scenario: All certificates and secrets used to secure data must be stored in Azure Key Vault.
You must adhere to the principle of least privilege and provide privileges which are essential to perform the intended function.
The Set-AzureRmKeyValutAccessPolicy parameter -PermissionsToKeys specifies an array of key operation permissions to grant to a user or service principal. The
acceptable values for this parameter: decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge
Reference:
https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/set- azurermkeyvaultaccesspolicy

NEW QUESTION 181

DRAG DROP - (Topic 5)
You need to add code at line PC32 in Processing.cs to implement the GetCredentials method in the Processing class.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than
once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: AzureServiceTokenProvider()
Box 2: tp.GetAccessTokenAsync("..")
Acquiring an access token is then quite easy. Example code: private async Task<string> GetAccessTokenAsync()
{
var tokenProvider = new AzureServiceTokenProvider();
return await tokenProvider.GetAccessTokenAsync("https://storage.azure.com/");
}

NEW QUESTION 183

- (Topic 5)
You need to ensure receipt processing occurs correctly. What should you do?

A. Use blob properties to prevent concurrency problems

B. Use blob SnapshotTime to prevent concurrency problems
C. Use blob metadata to prevent concurrency problems
D. Use blob leases to prevent concurrency problems

Answer: D

Explanation:
You can create a snapshot of a blob. A snapshot is a read-only version of a blob that's taken at a point in time. Once a snapshot has been created, it can be read,
copied, or deleted, but not modified. Snapshots provide a way to back up a blob as it appears at a moment in time.
Scenario: Processing is performed by an Azure Function that uses version 2 of the Azure Function runtime. Once processing is completed, results are stored in
Azure Blob Storage and an Azure SQL database. Then, an email summary is sent to the user with a link to the processing report. The link to the report must
remain valid if the email is forwarded to another user.
Reference:

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

https://docs.microsoft.com/en-us/rest/api/storageservices/creating-a-snapshot-of-a-blob

NEW QUESTION 184

DRAG DROP - (Topic 4)
You need to implement the Log policy.
How should you complete the Azure Event Grid subscription? To answer, drag the appropriate JSON segments to the correct locations. Each JSON segment may
be used once, more than once, or not at all. You may need to drag the split bar between panes to view content.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1:WebHook
Scenario: If an anomaly is detected, an Azure Function that emails administrators is called by using an HTTP WebHook.
endpointType: The type of endpoint for the subscription (webhook/HTTP, Event Hub, or
queue).
Box 2: SubjectBeginsWith
Box 3: Microsoft.Storage.BlobCreated Scenario: Log Policy
All Azure App Service Web Apps must write logs to Azure Blob storage. All log files should be saved to a container named logdrop. Logs must remain in the
container for 15 days.
Example subscription schema
{
"properties": { "destination": {
"endpointType": "webhook", "properties": { "endpointUrl":
"https://example.azurewebsites.net/api/HttpTriggerCSharp1?code=VXbGWce53l48Mt8wuo tr0GPmyJ/nDT4hgdFj9DpBiRt38qqnnm5OFg=="
}
},
"filter": {
"includedEventTypes": [ "Microsoft.Storage.BlobCreated", "Microsoft.Storage.BlobDeleted"
],
"subjectBeginsWith": "blobServices/default/containers/mycontainer/log", "subjectEndsWith": ".jpg",
"isSubjectCaseSensitive ": "true"
}
}
}

NEW QUESTION 188

HOTSPOT - (Topic 3)
You need to correct the Azure Logic app error message.
Which configuration values should you use? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Scenario: You test the Logic app in a development environment. The following error message displays:
'400 Bad Request'
Troubleshooting of the error shows an HttpTrigger action to call the RequestUserApproval function.
Note: If the inbound call's request body doesn't match your schema, the trigger returns an HTTP 400 Bad Request error.
Box 1: function
If you have an Azure function where you want to use the system-assigned identity, first enable authentication for Azure functions.
Box 2: system-assigned
Your logic app or individual connections can use either the system-assigned identity or a single user-assigned identity, which you can share across a group of logic
apps, but not both.

NEW QUESTION 189

HOTSPOT - (Topic 3)
You need to configure Azure Service Bus to Event Grid integration.
Which Azure Service Bus settings should you use? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Premium
Service Bus can now emit events to Event Grid when there are messages in a queue or a subscription when no receivers are present. You can create Event Grid
subscriptions to your Service Bus namespaces, listen to these events, and then react to the events by starting a receiver. With this feature, you can use Service
Bus in reactive programming models.
To enable the feature, you need the following items:
A Service Bus Premium namespace with at least one Service Bus queue or a Service Bus topic with at least one subscription.
Contributor access to the Service Bus namespace. Box 2: Contributor

NEW QUESTION 191

HOTSPOT - (Topic 3)
You need to configure security and compliance for the corporate website files.
Which Azure Blob storage settings should you use? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Explanation:
Box 1: role-based access control (RBAC)
Azure Storage supports authentication and authorization with Azure AD for the Blob and Queue services via Azure role-based access control (Azure RBAC).
Scenario: File access must restrict access by IP, protocol, and Azure AD rights.
Box 2: change feed
The purpose of the change feed is to provide transaction logs of all the changes that occur to the blobs and the blob metadata in your storage account.
The file updates must be read-only, stored in the order in which they occurred, include only create, update, delete, and copy operations, and be retained for
compliance reasons.

NEW QUESTION 194

HOTSPOT - (Topic 2)
You need to add code at line AM09 to ensure that users can review content using ContentAnalysisService.
How should you complete the code? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: "oauth2Permissions": ["login"]
oauth2Permissions specifies the collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. These permission scopes may
be granted to client apps during consent.
Box 2: "oauth2AllowImplicitFlow":true
For applications (Angular, Ember.js, React.js, and so on), Microsoft identity platform supports the OAuth 2.0 Implicit Grant flow.

NEW QUESTION 195

- (Topic 2)
You need to configure the ContentUploadService deployment.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A. Add the following markup to line CS23: types: Private

B. Add the following markup to line CS24: osType: Windows
C. Add the following markup to line CS24: osType: Linux
D. Add the following markup to line CS23: types: Public

Answer: C

Explanation:
Scenario: All Internal services must only be accessible from Internal Virtual Networks (VNets)
There are three Network Location types – Private, Public and Domain Reference:
https://devblogs.microsoft.com/powershell/setting-network-location-to-private/

NEW QUESTION 198

- (Topic 2)
You need to investigate the http server log output to resolve the issue with the ContentUploadService.
Which command should you use first?

A. az webapp log
B. az ams live-output
C. az monitor activity-log
D. az container attach

Answer: C

Explanation:
Scenario: Users of the ContentUploadService report that they occasionally see HTTP 502 responses on specific pages.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

"502 bad gateway" and "503 service unavailable" are common errors in your app hosted in Azure App Service.
Microsoft Azure publicizes each time there is a service interruption or performance degradation.
The az monitor activity-log command manages activity logs.
Note: Troubleshooting can be divided into three distinct tasks, in sequential order:
? Observe and monitor application behavior
? Collect data
? Mitigate the issue
Reference:
https://docs.microsoft.com/en-us/cli/azure/monitor/activity-log

NEW QUESTION 199

- (Topic 2)
You need to monitor ContentUploadService accourding to the requirements. Which command should you use?

A. az monitor metrics alert create –n alert –g … - -scopes … - -condition "avg Percentage CPU > 8"
B. az monitor metrics alert create –n alert –g … - -scopes … - -condition "avg Percentage CPU > 800"
C. az monitor metrics alert create –n alert –g … - -scopes … - -condition "CPU Usage > 800"
D. az monitor metrics alert create –n alert –g … - -scopes … - -condition "CPU Usage > 8"

Answer: B

Explanation:
Scenario: An alert must be raised if the ContentUploadService uses more than 80 percent of available CPU-cores
Reference:
https://docs.microsoft.com/sv-se/cli/azure/monitor/metrics/alert

NEW QUESTION 203

HOTSPOT - (Topic 2)
You need to ensure that validation testing is triggered per the requirements.
How should you complete the code segment? To answer, select the appropriate values in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: RepositoryUpdated
When a new version of the ContentAnalysisService is available the previous seven days of content must be processed with the new version to verify that the new
version does not significantly deviate from the old version.
Box 2: service
Box 3: imageCollection

NEW QUESTION 206

HOTSPOT - (Topic 1)
You need to resolve the Shipping web site error.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

How should you configre the Azure Table Storage service? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: AllowedOrigins
A CORS request will fail if Access-Control-Allow-Origin is missing.
Scenario:
The following error message displays while you are testing the website:

Box 2: http://test-shippingapi.wideworldimporters.com Syntax: Access-Control-Allow-Origin: *

Access-Control-Allow-Origin: <origin> Access-Control-Allow-Origin: null
<origin> Specifies an origin. Only a single origin can be specified. Box 3: AllowedOrigins
Box 4: POST
The only allowed methods are GET, HEAD, and POST. In this case POST is used. "<Corsrule>" "allowedmethods" Failed to load no "Access-control-Origin"
header is present
References:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin

NEW QUESTION 207

HOTSPOT - (Topic 1)
You need to secure the Shipping Function app.
How should you configure the app? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

Scenario: Shipping Function app: Implement secure function endpoints by using app-level security and include Azure Active Directory (Azure AD).
Box 1: Function
Box 2: JSON based Token (JWT)
Azure AD uses JSON based tokens (JWTs) that contain claims
Box 3: HTTP
How a web app delegates sign-in to Azure AD and obtains a token
User authentication happens via the browser. The OpenID protocol uses standard HTTP protocol messages.
References:
https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios

NEW QUESTION 209

......

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-204 dumps
https://www.2passeasy.com/dumps/AZ-204/ (365 New Questions)

THANKS FOR TRYING THE DEMO OF OUR PRODUCT

Visit Our Site to Purchase the Full Set of Actual AZ-204 Exam Questions With Answers.

We Also Provide Practice Exam Software That Simulates Real Exam Environment And Has Many Self-Assessment Features. Order the
AZ-204 Product From:

https://www.2passeasy.com/dumps/AZ-204/

Money Back Guarantee

AZ-204 Practice Exam Features:

* AZ-204 Questions and Answers Updated Frequently

* AZ-204 Practice Questions Verified by Expert Senior Certified Staff

* AZ-204 Most Realistic Questions that Guarantee you a Pass on Your FirstTry

* AZ-204 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

Powered by TCPDF (www.tcpdf.org)