Microsoft AZ-204 Exam Questions Instant Access

Question 1

You develop applications that integrate with a Microsoft Entra tenant. You plan to implement a permission classification in the tenant. You need to select permissions to include in your classification. Which permissions should you select?

Adelegated permissions that require only user consent

Bdelegated permissions that require admin consent

Capp-only access permissions that require only user consent

Dapp-only access permissions that require admin consent

Answer : B

Question 2

You are developing an ASP.NET Core website that uses Azure FrontDoor. The website is used to build custom weather data sets for researchers. Data sets are downloaded by users as Comma Separated Value (CSV) files. The data is refreshed every 10 hours.

Specific files must be purged from the FrontDoor cache based upon Response Header values.

You need to purge individual assets from the Front Door cache.

Which type of cache purge should you use?

Asingle path

Bwildcard

Croot domain

Answer : A

These formats are supported in the lists of paths to purge:

Single path purge: Purge individual assets by specifying the full path of the asset (without the protocol and domain), with the file extension, for example, /pictures/strasbourg.png;

Wildcard purge: Asterisk (*) may be used as a wildcard. Purge all folders, subfolders, and files under an endpoint with /* in the path or purge all subfolders and files under a specific folder by specifying the folder followed by /*, for example, /pictures/*.

Root domain purge: Purge the root of the endpoint with '/' in the path.

https://docs.microsoft.com/en-us/azure/frontdoor/front-door-caching

Question 3

You need to ensure receipt processing occurs correctly.

What should you do?

AUse blob properties to prevent concurrency problems

BUse blob SnapshotTime to prevent concurrency problems

CUse blob metadata to prevent concurrency problems

DUse blob leases to prevent concurrency problems

Answer : D

You can create a snapshot of a blob. A snapshot is a read-only version of a blob that's taken at a point in time. Once a snapshot has been created, it can be read, copied, or deleted, but not modified. Snapshots provide a way to back up a blob as it appears at a moment in time.

Scenario: Processing is performed by an Azure Function that uses version 2 of the Azure Function runtime. Once processing is completed, results are stored in Azure Blob Storage and an Azure SQL database. Then, an email summary is sent to the user with a link to the processing report. The link to the report must remain valid if the email is forwarded to another user.

https://docs.microsoft.com/en-us/rest/api/storageservices/creating-a-snapshot-of-a-blob

Question 4

You are preparing to deploy an ASP.NET Core website to an Azure Web App from a GitHub repository. The website includes static content generated by a script.

You plan to use the Azure Web App continuous deployment feature.

You need to run the static generation script before the website starts serving traffic.

What are two possible ways to achieve this goal? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

ACreate a file named .deployment in the root of the repository that calls a script which generates the static content and deploys the website.

BAdd a PreBuild target in the websites csproj project file that runs the static content generation script.

CCreate a file named run.cmd in the folder /run that calls a script which generates the static content and deploys the website.

DAdd the path to the static content generation tool to WEBSITE_RUN_FROM_PACKAGE setting in the host.json file.

Answer : A, D

A: To customize your deployment, include a .deployment file in the repository root.

You just need to add a file to the root of your repository with the name .deployment and the content:

[config]

command = YOUR COMMAND TO RUN FOR DEPLOYMENT

this command can be just running a script (batch file) that has all that is required for your deployment, like copying files from the repository to the web root directory for example.

D: In Azure, you can run your functions directly from a deployment package file in your function app. The other option is to deploy your files in the d:\home\site\wwwroot directory of your function app (see A above).

To enable your function app to run from a package, you just add a WEBSITE_RUN_FROM_PACKAGE setting to your function app settings.

Note: The host.json metadata file contains global configuration options that affect all functions for a function app.

https://github.com/projectkudu/kudu/wiki/Custom-Deployment-Script

https://docs.microsoft.com/bs-latn-ba/azure/azure-functions/run-functions-from-deployment-package

Question 5

You need to ensure the security policies are met.

What code do you add at line CS07 of ConfigureSSE.ps1?

A--PermissionsToKeys create, encrypt, decrypt

B--PermissionsToCertificates create, encrypt, decrypt

C--PermissionsToCertificates wrapkey, unwrapkey, get

D--PermissionsToKeys wrapkey, unwrapkey, get

Answer : B

Scenario: All certificates and secrets used to secure data must be stored in Azure Key Vault.

You must adhere to the principle of least privilege and provide privileges which are essential to perform the intended function.

The Set-AzureRmKeyValutAccessPolicy parameter -PermissionsToKeys specifies an array of key operation permissions to grant to a user or service principal. The acceptable values for this parameter: decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge

https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/set-azurermkeyvaultaccesspolicy

Question 6

D18912E1457D5D1DDCBD40AB3BF70D5D

You are building a website that uses Azure Blob storage for data storage. You configure Azure Blob storage lifecycle to move all blobs to the archive tier after 30 days.

Customers have requested a service-level agreement (SLA) for viewing data older than 30 days.

You need to document the minimum SLA for data recovery.

Which SLA should you use?

Aat least two days

Bbetween one and 15 hours

Cat least one day

Dbetween zero and 60 minutes

Answer : B

The archive access tier has the lowest storage cost. But it has higher data retrieval costs compared to the hot and cool tiers. Data in the archive tier can take several hours to retrieve depending on the priority of the rehydration. For small objects, a high priority rehydrate may retrieve the object from archive in under 1 hour.

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers?tabs=azure-portal

Question 7

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage Blob storage. The storage account type is General-purpose V2.

When photos are uploaded, they must be processed to produce and save a mobile-friendly version of the image. The process to produce a mobile-friendly version of the image must start in less than one minute.

You need to design the process that starts the photo processing.

Solution: Move photo processing to an Azure Function triggered from the blob upload.

Does the solution meet the goal?

AYes

BNo

Answer : A

Azure Storage events allow applications to react to events. Common Blob storage event scenarios include image or video processing, search indexing, or any file-oriented workflow.

Events are pushed using Azure Event Grid to subscribers such as Azure Functions, Azure Logic Apps, or even to your own http listener.

Note: Only storage accounts of kind StorageV2 (general purpose v2) and BlobStorage support event integration. Storage (general purpose v1) does not support integration with Event Grid.

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview

Microsoft Developing Solutions for Microsoft Azure AZ-204 Exam Questions