70-533 | You administer an Azure Active Directory (Azure AD)…

Question: 21

You administer an Azure Active Directory (Azure AD) tenant that has a SharePoint web application named TeamSite1. TeamSite1 accesses your Azure AD tenant for user information. The application access key for TeamSite1 has been compromised. You need to ensure that users can continue to use TeamSite1 and that the compromised key does not allow access to the data in your Azure AD tenant. Which two actions should you perform? Each correct answer presents part of the solution.

A. Remove the compromised key from the application definition for TeamSite1.
B. Delete the application definition for TeamSite1.
C. Generate a new application key for TeamSite1.
D. Generate a new application definition for TeamSite1.
E. Update the existing application key.

Answer: A,C

70-533 | Your company plans to migrate from On-Premises Exchange…

Question: 20

Your company plans to migrate from On-Premises Exchange to Exchange Online in Office 365. You plan to integrate your existing Active Directory Domain Services (AD DS) infrastructure with Azure AD. You need to ensure that users can log in by using their existing AD DS accounts and passwords. You need to achieve this goal by using minimal additional systems. Which two actions should you perform? Each answer presents part of the solution.

A. Configure Password Sync.
B. Set up a DirSync Server.
C. Set up an Active Directory Federation Services Server.
D. Set up an Active Directory Federation Services Proxy Server.

Answer: B,C

70-533 | Your company is launching a public…

Question: 19

Your company is launching a public website that allows users to stream videos. You upload multiple video files to an Azure storage container. You need to give anonymous users read access to all of the video files in the storage container. What should you do?

A. Edit each blob’s metadata and set the access policy to Public Blob.
B. Edit the container metadata and set the access policy to Public Container.
C. Move the files into a container sub-directory and set the directory access level to Public Blob.
D. Edit the container metadata and set the access policy to Public Blob.

Answer: C

70-533 | You are migrating an existing solution…..

Question: 18

You are migrating an existing solution to Azure. The solution includes a user interface tier and a database tier. The user interface tier runs on multiple virtual machines (VMs). The user interface tier has a website that uses Node.js. The user interface tier has a background process that uses Python. This background process runs as a scheduled job. The user interface tier is updated frequently. The database tier uses a self-hosted MySQL database. The user interface tier requires up to 25 CPU cores. You must be able to revert the user interface tier to a previous version if updates to the website cause technical problems. The database requires up to 50 GB of memory. The database must run in a single VM. You need to deploy the solution to Azure. What should you do first?

A. Deploy the entire solution to an Azure website. Use a web job that runs continuously to host the database.
B. Deploy the database to a VM that runs Windows Server on the Standard tier.
C. Deploy the entire solution to an Azure website. Run the database by using the Azure data management services.
D. Deploy the user interface tier to a VM. Use multiple availability sets to continuously deploy updates from Microsoft Visual Studio Online.

Answer: C

70-533|You manage a cloud service named fabrikamReports

Question: 17

You manage a cloud service named fabrikamReports that is deployed in an Azure data center. You deploy a virtual machine (VM) named fabrikamSQL into a virtual network named fabrikamVNet. FabrikamReports must communicate with fabrikamSQL. You need to add fabrikam Reports to fabrikamVNet. Which file should you modify?

A. the network configuration file for fabrikamVNet
B. the service definition file (.csdef) for fabrikamReports
C. the service definition file (.csdef) for fabrikamSQL
D. the service configuration file (.cscfg) for fabrikamReports
E. the service configuration file (.cscfg) fabrikamSQL

Answer: B

Explanation:
Azure Service Definition Schema (.csdef File) The service definition file defines the service model for an application. The file contains the definitions for the roles that are available to a cloud service, specifies the service endpoints, and establishes configuration settings for the service.

Incorrect:
not D, not E: The service configuration file (.cscfg) specifies the number of role instances to deploy for each role in the service, the values of any configuration settings, and the thumbprints for any certificates associated with a role.

Reference: Azure Service Definition Schema (.csdef File)

70-533 | You migrate a Windows Server .NET web application to Azure Cloud Services.You need enable trace logging for the application.

Question : 16

You migrate a Windows Server .NET web application to Azure Cloud Services.You need enable trace logging for the application.Which two actions should you perform? Each correct answer presents part of the solution.

A. Update the service definition file.
B. Update the Azure diagnostics configuration.
C. Update the service configuration file.
D. Enable verbose monitoring.
E. Update the application web.config file.

Answer : AB

70-533 | Your network includes a legacy application named LegacyApp1. The application only runs in the Microsoft .NET 3.5 Framework on Windows Server 2008.

Question : 15

Your network includes a legacy application named LegacyApp1. The application only runs in the Microsoft .NET 3.5 Framework on Windows Server 2008.You plan to deploy to Azure Cloud Services.You need to ensure that LegacyApp1 will run correctly in the new environment.What are two possible ways to achieve this goal? Each correct answer presents a complete solution.

A. Upload a VHD with Windows Server 2008 installed.
B. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 2.
C. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 1.
D. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 3.

Answer : BC

70-533 | Your company network includes users in multiple directories.You plan to publish a software-as-a-service application named SaasApp1 to Azure Active Directory.

Question : 14

Your company network includes users in multiple directories.You plan to publish a software-as-a-service application named SaasApp1 to Azure Active Directory.You need to ensure that all users can access SaasApp1.What should you do?

A. Configure the Federation Metadata URL
B. Register the application as a web application.
C. Configure the application as a multi-tenant.
D. Register the application as a native client application.

Answer : C

70-533 | You publish an application named MyApp to Azure Active Directory (Azure AD).You grant access to the web APIs through OAuth 2.0.MyApp is generating numerous user consent prompts.

Question : 13

You publish an application named MyApp to Azure Active Directory (Azure AD).You grant access to the web APIs through OAuth 2.0.MyApp is generating numerous user consent prompts.You need to reduce the amount of user consent prompts.What should you do?

A. Enable Multi-resource refresh tokens.
B. Enable WS-federation access tokens.
C. Configure the Open Web Interface for .NET.
D. Configure SAML 2.0.

Answer : A

70-533 | You administer an Access Control Service namespace named contosoACS that is used by a web application.

Question : 12

You administer an Access Control Service namespace named contoso ACS that is used by a web application. ContosoACS currently utilizes Microsoft and Yahoo accounts.Several users in your organization have Google accounts and would like to access the web application through Contoso ACS.You need to allow users to access the application by using their Google accounts.What should you do?

A. Register the application directly with Google.
B. Edit the existing Microsoft Account identity provider and update the realm to include Google.
C. Add a new Google identity provider.
D. Add a new WS-Federation identity provider and configure the WS-Federation metadata to point to the Google sign-in URL.

Answer : C

70-533 Sample Question : 11

Question : 11

You plan to use Password Sync on your DirSync Server with Azure Active Directory {Azure AD) on your company network.You configure the DirSync server and complete an initial synchronization of the users.Several remote users are unable to log in to Office 365.You discover multiple event log entries for “Event ID 611 Password synchronization failed for domain.You need to resolve the password synchronization issue.Which two actions should you perform? Each correct answer presents part of the solution.

bRestart Azure AD Sync Service.
B. Run the Set-FullPasswordSync Power Shell cmdlet.
C. Force a manual synchronization on the DirSync server.
D. Add the DirSync service account to the Schema Admins domain group.

Answer : AB

70-533 Sample Question : 10

Question : 10

You manage an Azure Active Directory (AD) tenant You plan to allow users to log in to a third-party application by using their Azure AD credentials.To access the application, users will be prompted for their existing third-party user names and passwords.You need to add the application to Azure AD.Which type of application should you add?

A. Existing Single Sign-On with identity provisioning
B. Password Single Sign-On with identity provisioning
C. Existing Single Sign-On without identity provisioning
D. Password Single Sign-On without identity provisioning

Answer : A

70-533 Sample Question : 9

Question : 9

Your company plans to migrate from On-Premises Exchange to Office 365.The existing directory has numerous service accounts in your On-Premises Windows Active Directory (AD), stored in separate AD Organizational Units (OU) for user accounts.You need to prevent the service accounts in Windows AD from syncing with Azure AD.What should you do?

A. Create an OU filter in the Azure AD Module for Windows PowerShell.
B. Configure directory partitions in miisclient.exe.
C. Set Active Directory ACLs to deny the DirSync Windows AD service account MSOL_AD_SYNC access to the service account OUs.
D. Create an OU filter in the Azure Management Portal.

Answer : B

70-533 Sample Question : 8

Question : 8

You develop a Windows Store application that has a web service backend.You plan to use the Azure Active Directory Authentication Library to authenticate users to Azure Active Directory (Azure AD) and access directory data on behalf of the user.You need to ensure that users can log in to the application by using their Azure AD credentials.Which two actions should you perform? Each correct answer presents part of the solution.

A. Create a native client application in Azure AD.
B. Configure directory integration.
C. Create a web application in Azure AD.
D. Enable workspace join.
E. Configure an Access Control namespace.

Answer : BC

70-533 Sample Question : 7

Question : 7

Your company network includes an On-Premises Windows Active Directory (AD) that has a DNS domain named contoso.local and an email domain named contoso.com.You plan to migrate from On-Premises Exchange to Office 365.You configure DirSync and set all Azure Active Directory {Azure AD) usernames as [email protected] need to ensure that each user is able to log on by using the email domain as the username.Which two actions should you perform? Each correct answer presents part of the solution.

A. Verify the email domain in Azure AD domains.
B. Run the Set-MsolUserPnncipalName -UserPnncipalName [email protected] ntoso.onmicrosoft.com -NewUserPrincipalName %usemame [email protected] Power Shell cmdlet.
C. Edit the ProxyAddress attribute on the On-Premises Windows AD user account.
D. Verify the Windows AD DNS domain in Azure AD domains.
E. Update the On-Premises Windows AD user account UPN to match the email address.

Answer : CD

70-533 Sample Question : 6

Question : 6

Your company has two cloud services named CS01 and CS02.You create a virtual machine (VM) in CS02 named Accounts.You need to ensure that users in CS01 can access the Accounts VM by using port 8080.What should you do?

A. Create a firewall rule.
B. Configure load balancing.
C. Configure port redirection.
D. Configure port forwarding.
E. Create an end point.

Answer : E

Search Words: 70-533 Study Material real exam questions answers practice test braindumps, free Q&A online dumps download and free 70-533 Study Material discount coupon code available.

Leave a Comment.

5 + 2 =