DRAG DROP - You are creating an Azure Cosmos DB account that makes use of the SQL API. Data will be added to the account every day by a web application. You need to ensure that an email notification is sent when information is received from IoT devices, and that compute cost is reduced. You decide to deploy a function app. Which of the ...

Author: James · Last updated May 11, 2026

This question requires that you evaluate the underlined text to determine if it is correct. You company has an on-premises deployment of MongoDB, and an Azure Cosmos DB account that makes use of the MongoDB API. You need to devise a strategy to migrate MongoDB to the Azure Cosmos DB account. You include the Data Management Gateway tool in your migration strategy. Instructions: Review the ...

Review of the Scenario: You have an on-premises MongoDB deployment and an Azure Cosmos DB account that uses the MongoDB API. Your goal is to migrate MongoDB to the Azure Cosmos DB account, and you've included the Data Management Gateway tool in your migration strategy. Key Concepts: - Data Management Gateway: The Data Management Gateway is typically used for managing data movement in hybrid scenarios, such as for Azure Data Factory or SQL Server Data Migration scenarios, but it's not specifically for MongoDB migration. Evaluating the Options: A) No change required - The statement is not correct because Data Management Gateway is not the proper tool for migrating MongoDB to Azure Cosmos DB. The Data Management Gateway is not used for migrating MongoDB databases; it is used in different data migration scenarios such as for Azure Data Factory or other hybrid data integration services. B) mongorestore - mongorestore is a utility provided by MongoDB that is specifically designed to restore data from BSON dump files into a MongoDB database. It is a valid tool for migrating data between on-premises MongoDB instances and other MongoDB-compatible services, like Azure Cosmos DB using the MongoDB API...

Author: ThunderBear · Last updated May 11, 2026

You are developing an e-Commerce Web App. You want to use Azure Key Vault to ensure that sign-ins to the e-Commerce Web App are secured by using Azure App Service authentication and...

Scenario Overview: You are developing an e-Commerce Web App, and you want to secure sign-ins using Azure App Service authentication and Azure Active Directory (AAD). In this context, Azure Key Vault is being used to securely manage secrets, such as credentials, keys, and certificates, but the focus is on securing sign-ins using Azure App Service authentication and AAD. Evaluating the Options: A) Run the az keyvault secret command: - az keyvault secret command is used to interact with Azure Key Vault to manage secrets (e.g., retrieving, setting, or deleting secrets). While Azure Key Vault may store secrets used by your application, this option doesn't directly deal with the configuration required to secure sign-ins to your web app using Azure Active Directory (AAD) and Azure App Service authentication. - Why Rejected: This command is related to secret management, not user authentication or integration with Azure Active Directory (AAD) for securing sign-ins. B) Enable Azure AD Connect: - Azure AD Connect is a tool used for integrating on-premises directories (like Active Directory) with Azure Active Directory. It is generally used when you want to synchronize on-premises Active Directory users with Azure AD for hybrid identity management. - Why Rejected: Since you are building a web app that integrates with Azure AD directly (and not an on-premises Active Directory), Azure AD Connect isn't necessary for enabling authentication for an Azure App Service web app. C) Enable Managed Service Identity (MSI): - Managed Service Identity (MSI) (also known as ...

Author: Elizabeth · Last updated May 11, 2026

This question requires that you evaluate the underlined text to determine if it is correct. Your Azure Active Directory Azure (Azure AD) tenant has an Azure subscription linked to it. Your developer has created a mobile application that obtains Azure AD access tokens using the OAuth 2 implicit grant type. The mobile application must be registered in Azure AD. You require a redirect URI from the developer for registration purposes. Instr...

Let's break down the situation step by step to evaluate the underlined text and determine which option makes the statement correct: Analysis of the given statement: - The mobile application must be registered in Azure AD: This is correct. For an app to use Azure AD for authentication, it must be registered within Azure AD. - You require a redirect URI from the developer for registration purposes: This part is accurate. When registering an application in Azure AD, you do need to provide a redirect URI (Uniform Resource Identifier) to which the user will be redirected after they authenticate successfully. OAuth 2.0 Implicit Grant Flow: In OAuth 2.0, the implicit grant type is typically used for client-side (public) applications such as mobile applications. When using this flow, the redirect URI is required to send the authentication response (access token) back to the application. Reviewing the options: - A) No change required: - This would be correct if the underlying text was accurate. In this context, the statement says "You require a redirect URI," which is correct in the context of registering a mobile application for OAuth 2...

Author: VioletCheetah55 · Last updated May 11, 2026

You are creating an Azure key vault using PowerShell. Objects deleted from the key vault must be kept for a set period of 90 days. Which two of the following parame...

To meet the requirement that objects deleted from the Azure Key Vault must be kept for a set period of 90 days, the parameters that need to be used must be related to the retention and protection of deleted objects. Analysis of the options: - A) EnabledForDeployment: - This option is related to whether a Key Vault can be used in the context of a deployment, but it does not influence the retention of deleted objects. So, it is not relevant for the requirement of retaining deleted objects for 90 days. - B) EnablePurgeProtection: - EnablePurgeProtection is an important option for ensuring that deleted objects are not permanently purged from the Key Vault. When purge protection is enabled, deleted objects are retained for a specified period (default 90 days) before they can be permanently deleted. This is directly related to the requirement to retain deleted objects. - C) EnabledForTe...

Author: GlowingTiger · Last updated May 11, 2026

HOTSPOT - You have an Azure Active Directory (Azure AD) tenant. You want to implement multi-factor authentication by making use of a conditional access policy. The conditional access policy must be applied to all users when they access the Azure portal. Which three settings should you configu...

Author: Aria · Last updated May 11, 2026

You manage an Azure SQL database that allows for Azure AD authentication. You need to make sure that database developers can connect to the SQL database via Microsoft SQL Server Management Studio (SSMS). You also need to make sure the developers use their on-premises Active Directory account for authenti...

Analysis of the options: To meet the requirement of allowing database developers to connect to the Azure SQL database using their on-premises Active Directory account with minimal authentication prompts, let’s analyze each option. - A) Azure AD token: - An Azure AD token is used for authentication to Azure resources, but it requires an application to handle acquiring the token programmatically. While it can be used to authenticate to Azure SQL databases, it may not meet the requirement of using an on-premises Active Directory account and could involve additional complexity like acquiring tokens from Azure AD, which may prompt for authentication or require additional configuration. This would not minimize authentication prompts for developers. - B) Azure Multi-Factor authentication: - Azure Multi-Factor Authentication (MFA) is an added layer of security requiring a second form of verification, such as a phone number, mobile app, or security key. While MFA enhances security, it introduces additional prompts and is not focused on minimizing the authentication experience. The goal here is to use the on-premises Active Directory account with minimal prompts, so MFA is not directly relevant to this specific requirement. - C) Active Directory integrated authentication: - Active Directory integrated authentication (also known as Windo...

Author: Max · Last updated May 11, 2026

You are developing an application to transfer data between on-premises file servers and Azure Blob storage. The application stores keys, secrets, and certificates in Azure Key Vault and makes use of the Azure Key Vault APIs. You want to configure the application to allow re...

Analysis of the options: To meet the requirement of allowing recovery of an accidental deletion of the key vault or key vault objects for 90 days, you need to enable Soft Delete and Purge Protection in Azure Key Vault. These features help ensure that deleted objects (keys, secrets, certificates) are retained for a specified period (usually 90 days), and prevent them from being permanently deleted before the retention period expires. Let’s break down each option: - A) Run the Add-AzKeyVaultKey cmdlet: - The Add-AzKeyVaultKey cmdlet is used to add a new key to an Azure Key Vault, but it does not configure deletion or retention policies. This cmdlet doesn't address the requirement for enabling Soft Delete or Purge Protection for accidental deletion recovery, so it is not relevant for this scenario. - B) Run the az keyvault update --enable-soft-delete true --enable-purge-protection true CLI: - This option uses the Azure CLI to update an existing Key Vault and enable Soft Delete and Purge Protection. - Soft Delete ensures that deleted Key Vault objects are retained for 90 days, making them recoverable. - Purge Protection prevents these deleted objects from being permanently purged bef...

Author: Harper · Last updated May 11, 2026

HOTSPOT - You have developed a Web App for your company. The Web App provides services and must run in multiple regions. You want to be notified whenever the Web App uses more than 85 percent of the available CPU cores over a 5 minute period. Your solution must minimize costs. Which command should y...

Author: Charlotte · Last updated May 11, 2026

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. You are configuring a web app that delivers streaming video to users. The application makes use of continuous integration and deployment. You need to ensure that the application is highly available and that the users' streaming experience is constant. You also want...

Analysis of the solution: The solution involves using Azure Redis Cache to help ensure high availability and deliver a constant streaming experience for users, while storing data in the geographic location nearest to the user. Let’s break down whether this solution effectively meets the goal: - High Availability: - Azure Redis Cache is designed to provide a fast, in-memory data store, often used to cache data and improve application performance. It offers features like Geo-replication and failover, which can enhance high availability and resiliency. However, while Redis Cache can improve performance and reduce latency, it does not directly address ensuring the high availability of the streaming video application itself. Other components, such as Azure Front Door or Azure Traffic Manager, would typically be needed to provide more direct solutions for high availability across regions for the streaming service. - Consistent User Streaming Experience: - Redis Cache is a powerful tool for caching data and providing low-latency access to frequently accessed data. It can help improve response times by caching frequently requested information (such as metadata or session state). However, Redis Cache itself ...

Author: Noah Williams · Last updated May 11, 2026

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. You are configuring a web app that delivers streaming video to users. The application makes use of continuous integration and deployment. You need to ensure that the application is highly available and that the users' streaming experience is constant. You also want to configure th...

Analysis of the solution: The solution involves the use of Azure Content Delivery Network (CDN) in the design to ensure high availability, consistent user streaming experience, and storing data in a geographic location nearest to the user. Let’s break down whether this solution effectively meets the goal: - High Availability: - Azure CDN provides high availability by caching content at strategically located edge nodes across the globe. This means that if one edge node experiences issues, traffic can be rerouted to another, ensuring high availability. The CDN itself doesn’t guarantee 100% uptime, but it does provide a distributed and redundant architecture that increases the overall availability of the content delivery system. - Consistent User Streaming Experience: - Azure CDN is designed specifically for content delivery, including video streaming. By caching video content at edge locations near users, it minimizes latency and ensures that users receive a consistent and smooth streaming experienc...

Author: Noah Williams · Last updated May 11, 2026

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. You are configuring a web app that delivers streaming video to users. The application makes use of continuous integration and deployment. You need to ensure that the application is highly available and that the users' streaming experience is constant. You also want to conf...

Analysis of the solution: The solution involves the use of a Storage Area Network (SAN) to ensure high availability, constant user streaming experience, and storing data in a geographic location nearest to the user. Let’s break down whether this solution effectively meets the goal: - High Availability: - A Storage Area Network (SAN) is a high-performance storage solution typically used in on-premises environments for providing centralized storage access across a network. While SANs are excellent for managing large volumes of data and ensuring data availability in traditional on-prem environments, they are not inherently designed to work with web applications hosted in cloud environments like Azure. Additionally, SANs are not typically geographically distributed, so they don’t offer the same level of redundancy or availability across different regions as cloud-native solutions such as Azure Blob Storage with Content Delivery Network (CDN) would. - Consistent User Streaming Experience: - SANs are not optimized for delivering streaming content to a large number of users, especially across geographically distributed locations. They are designed for block-level storage access, not content distribution or streaming. A SAN would like...

Author: Joseph · Last updated May 11, 2026

You develop a Web App on a tier D1 app service plan. You notice that page load times increase during periods of peak traffic. You want to implement automatic scaling when CPU load is...

Analysis of the options: You are experiencing increased page load times during periods of peak traffic on a D1 app service plan, and you want to implement automatic scaling when CPU load exceeds 80 percent, while minimizing costs. Let's evaluate each option: - A) Enable autoscaling on the Web App: - Enabling autoscaling is a solution that allows your web app to automatically scale out (increase the number of instances) based on resource utilization like CPU load, memory, etc. Since the D1 app service plan is on the Shared tier, autoscaling is not supported with this tier. Thus, enabling autoscaling directly on the D1 plan is not possible. To enable autoscaling, you would need to upgrade to a higher tier, such as Standard or Premium. - B) Switch to the Premium App Service tier plan: - The Premium App Service tier supports features like autoscaling, increased performance, and additional capabilities. However, the Premium tier is a higher-cost option, and you mentioned that your goal is to minimize costs. This tier would likely be overkill for the scenario, especially when the Standard tier might be sufficient to meet the performance requirements with automatic scaling while still being more cost-effective than the Premium tier. - C) Switch to the Standard App Service tier plan: - The Standard App Service tier supports autoscaling and CPU-based scaling triggers. This would allow your web app to s...

Author: Kunal · Last updated May 11, 2026

Your company's Azure subscription includes an Azure Log Analytics workspace. Your company has a hundred on-premises servers that run either Windows Server 2012 R2 or Windows Server 2016, and is linked to the Azure Log Analytics workspace. The Azure Log Analytics workspace is set up to gather performance counters associated with security from these linked servers. You must configure alerts based on the information gathered by the Azure Log Analytics workspace. You have to make sure that alert rules allow for dimensions, and that alert creation time should be kept to a minimum....

To address the requirements in your scenario, we need to break down the requirements and select the appropriate signal type for alert creation. Let's evaluate each option based on key factors such as the data source, dimensions, creation time, and notification needs. Option Analysis: 1. The Activity log signal type (A): - What it is: The Activity log signal type is used to track Azure resource management events, such as resource creation, modification, and deletion. These logs are related to Azure resources (not on-premises servers) and provide insights into who did what, when, and where within your Azure subscription. - Why it's not suitable: The Activity log does not deal with performance counters, metrics, or security-related events from your on-premises servers. The data source for Activity logs is Azure resource events, not on-premises systems, and it doesn't meet the requirement of monitoring performance counters or security information from the on-premises servers. 2. The Application Log signal type (B): - What it is: The Application log signal type focuses on application-specific logs, such as logs generated by an application running on a server or a custom solution. These logs may include event logs related to specific software applications. - Why it's not suitable: The Application Log signal type is geared toward application-level logs rather than system-level performance counters. The scenario you describe is focused on monitoring performance counters related to security, which does not align with application-specific logs. 3. The Metric signal type (C): - What it is: The Metric signal type is used for monitoring and alerting based on numeric values collected from Azure resources, such as CPU utilization, memory usage, or other performance counters. It also supports dimension...

Author: Ava · Last updated May 11, 2026

You are developing a .NET Core MVC application that allows customers to research independent holiday accommodation providers. You want to implement Azure Search to allow the application to search the index by using various criteria to locate documents related to accommodati...

To implement Azure Search in your .NET Core MVC application, and enable searching with regular expressions, you need to understand how Azure Search works and which configuration is needed to perform such queries. Option Analysis: 1. A) Configure the SearchMode property of the SearchParameters class: - What it is: The `SearchMode` property in `SearchParameters` is used to define how the search engine interprets the search query. It has two possible values: `all` or `any`. - `all`: The query will return results that contain all the search terms. - `any`: The query will return results that contain any of the search terms. - Why it's not suitable: The `SearchMode` property doesn't provide the ability to specify regular expressions in queries. It's primarily for controlling how multiple search terms are handled in terms of whether all or any terms must be matched. 2. B) Configure the QueryType property of the SearchParameters class: - What it is: The `QueryType` property specifies the type of query to be executed. It can either be `simple` or `full`: - `simple`: Uses a simple keyword search with basic operators (AND, OR, etc.). - `full`: Allows for more advanced querying, such as phrase searches, proximity searches, and the use of regular expressions. - Why it's suitable: The `QueryType` property, when set to `full`, allows more advanced queries, including regular expressions. This is the key feature needed for implementing regular expression-based searches in your scenario. If you set the `QueryType` to `full`, Azure Search will interpret the query as a full-text search, which can support complex q...

Author: Carlos Garcia · Last updated May 11, 2026

You are a developer at your company. You need to update the definitions for an existing Logic App. ...

When you need to update the definitions for an existing Logic App, you need to understand the available options for editing or modifying the Logic App. Let's evaluate the options based on this requirement. Option Analysis: 1. A) The Enterprise Integration Pack (EIP): - What it is: The Enterprise Integration Pack (EIP) is an extension of Azure Logic Apps that provides additional capabilities such as B2B integration, support for enterprise messaging patterns, and enhanced connectors for services like AS2, X12, and EDIFACT. - Why it's not suitable: The EIP is specifically useful when you're dealing with complex integrations, especially for scenarios such as B2B communications. It is not a tool for editing or updating Logic App definitions. It doesn't allow you to directly edit or manage Logic App workflows but provides additional functionality for specific integration needs. 2. B) The Logic App Code View: - What it is: The Logic App Code View provides a JSON representation of the Logic App workflow. In this view, you can directly modify the Logic App definition as raw JSON. - Why it’s suitable: This option is appropriate when you want to manually edit the underlying JSON code of the Logic App workflow. It’s useful for users who are familiar with the JSON schema of Logic Apps and want to fine-tune or manually update the Logic App definition. However, this view is primarily for advanced users and allows for low-level editing of the Logic App definition. It's suitable for developers who need full control over the workflow’s code but might not always be the easiest for general updates. 3. C) The API Connections:...

Author: FlamePhoenix2025 · Last updated May 11, 2026

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. You are developing a solution for a public facing API. The API back end is hosted in an Azure App Service instance. You have implemented a RESTful service for the API back end. You must configure ba...

To evaluate whether the solution meets the goal of configuring back-end authentication for the API Management service instance, let's break down the key requirements and the provided solution. Requirement: You need to configure back-end authentication for the API Management service instance that fronts the public-facing API hosted in an Azure App Service instance. Provided Solution: The solution involves configuring Basic gateway credentials for the Azure resource. What is Basic Gateway Credentials? - Basic authentication is a simple authentication mechanism where the client sends the username and password encoded in the `Authorization` header of the HTTP request. It's typically used for authenticating against an API backend that requires credentials for access. - Gateway credentials refer to credentials that are used for authenticating requests made from the API Management service to the back end. Does the Solution Meet the Goal? - Back-end Authentication: When using API Management (APIM), back-end authentication typically involves ensuring that API Management can authenticate to the backend (in this case, the Azure App Service hosting your RESTful API). This can be done through various mechanisms, including: - OAuth (preferred for security reasons) - Basic Authentication (simpler, but less secure ...

Author: Daniel · Last updated May 11, 2026

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. You are developing a solution for a public facing API. The API back end is hosted in an Azure App Service instance. You have implemented a RESTful service for the API back end. You must configure back-end...

To determine whether the solution meets the goal of configuring back-end authentication for the API Management (APIM) service instance, let's analyze the requirements and the solution provided. Requirement: You need to configure back-end authentication for the API Management service that fronts the public-facing API hosted on an Azure App Service instance. Provided Solution: The solution involves configuring Client certificate gateway credentials for the HTTP(s) endpoint. What are Client Certificate Gateway Credentials? - Client certificates are used to authenticate requests made to a server. In this case, the API Management service would use a client certificate to authenticate itself to the back-end Azure App Service instance. - When an API Management service makes a request to a back-end API, the client certificate can be included in the request headers to authenticate the client (API Management) to the back end. Does the Solution Meet the Goal? - Back-end Authentication: To secure access to the backend API hosted in the Azure App Service, there needs to be an authentication mechanism in place that ensures only authorized services (like the API Management service) can access it. - Client Certificates are a strong authentication method for securing access to back-end services, especially in enterprise environments, where mutual TLS (Transport Layer Security) can be used. This method ensures that both the client (API Management) and the server (Azure App Service) authenticate each other, which provides a high lev...

Author: Maya · Last updated May 11, 2026

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. You are developing a solution for a public facing API. The API back end is hosted in an Azure App Service instance. You have implemented a RESTful service for the API back end. You must configure back...

The solution does not meet the goal. Here's why: In this scenario, the goal is to configure back-end authentication for an API Management service instance in Azure. For the API back-end authentication, there are different ways to secure communication between the API Management (APIM) service and the back-end API. One of the methods is to use Basic authentication (via Basic gateway credentials). However, Basic authentication by itself is considered less secure and is not the best practice, especially for public-facing services. Analysis of the Selected Option: - Basic Gateway Credentials: - Security: Basic authentication sends the username and password with every request, which can be intercepted easily unless it is wrapped in HTTPS (TLS). Even then, it's still not as secure as modern alternatives like OAuth, client certificates, or JWT tokens. - ...

Author: FrostFalcon88 · Last updated May 11, 2026

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. You are developing a solution for a public facing API. The API back end is hosted in an Azure App Service instance. You have implemented a RESTful service for the API back end. You must configure back-en...

Yes, the solution meets the goal. Here's an explanation of why: In this scenario, the goal is to configure back-end authentication for the API Management (APIM) service instance, specifically for a public-facing API that is hosted on an Azure App Service instance. The solution involves configuring Client Certificate (Client cert) gateway credentials for the Azure resource. Analysis of the Selected Option: - Client Certificate Authentication: - Security: Using client certificates for authentication is a much more secure option than Basic authentication. It ensures that only authorized clients, which possess the correct client certificate, are allowed to access the back-end API. - Use Case: Client certificate authentication is suitable for secure communications between systems, particularly in scenarios where you want to tightly control access to resources (e.g., public-facing APIs). It provides mutual TLS (mTLS), where both the client and server authenticate each other. - Recommendation: For enterprise-grade or public-facing APIs, client certificates are a recommended approach ...

Author: Kai · Last updated May 11, 2026

You are developing a .NET Core MVC application that allows customers to research independent holiday accommodation providers. You want to implement Azure Search to allow the application to search the index by using various criteria to locate documents related to accommodation venues. You want the application to list ho...

The correct option is D) Configure the Filter property of the SearchParameters class. Here's the reasoning behind it: Why Option D is Correct: - Filter Property of SearchParameters: - Azure Search allows filtering search results using the `Filter` property of the `SearchParameters` class. - In your scenario, you want to search for holiday accommodation venues based on criteria such as price range and proximity to an airport. The `Filter` property allows you to define a query that limits the search results based on these conditions. - For example, you can use filters to define a price range like `"price ge 100 and price le 500"` or to search by proximity to an airport using geo-spatial queries like `"geo.distance(location, 'lat,long') le 10"`. - This makes the `Filter` property the ideal choice because it can handle conditions like price range and distance, which are exactly what you're trying to achieve. Why Other Options are Incorrect: - Option A: Configure the SearchMode property of the SearchParameters class: - The `SearchMode` property defines how the search engine interprets the query terms (i.e., whether it should use "all" or "any" of the search terms to match documents). This is more relevant for controlling how search terms are matched across fields, not for applying specific conditions like price range or distance. - It doesn't hel...

Author: Zain · Last updated May 11, 2026

You are a developer at your company. You need to edit the workflows for an existing Logic App. Wha...

The correct option is D) the Logic Apps Designer. Here's the reasoning behind the correct and incorrect options: Why Option D is Correct: - Logic Apps Designer: - The Logic Apps Designer is the graphical interface provided by Azure to design, create, and edit workflows for Logic Apps. It is specifically tailored for creating and editing the workflows of Logic Apps, making it the most user-friendly and intuitive tool for modifying an existing Logic App workflow. - With the Logic Apps Designer, you can visually design the workflow, define triggers, configure actions, and set conditions in a way that is accessible even for non-developers. It is the ideal choice when you need to make changes or edits to an existing Logic App. Why Other Options are Incorrect: - Option A: the Enterprise Integration Pack (EIP): - The Enterprise Integration Pack (EIP) is an add-on for Logic Apps that provides additional capabilities such as B2B integration, AS2, and XML-based protocols. While it extends the functionality of Logic Apps, it does not serve as the tool to edit the workflows themselves. - EIP is useful for more specialized enterprise integration scenarios but does not directly provide the ability to edit workflows. - Option B: the ...

Author: Zara1234 · Last updated May 11, 2026

DRAG DROP - You are a developer for a company that provides a bookings management service in the tourism industry. You are implementing Azure Search for the tour agencies listed in your company's solution. You create the index in Azure Search. You now need to use the Azure Search .NET SDK to import the relevant data into the Azure Search service. Which three actions should yo...

Author: Julian · Last updated May 11, 2026

You are developing an application that applies a set of governance policies for internal and external services, as well as for applications. You develop a stateful ASP.NET Core 2.1 web application named PolicyApp and deploy it to an Azure App Service Web App. The PolicyApp reacts to events from Azure Event Grid and performs policy actions based on those events. You have the following requirements: * Authentication events must be us...

To determine the best solution, we need to carefully consider the requirements and the key aspects of each option provided. Let's break down the requirements and examine each option: Requirements: 1. Authentication events must be used to monitor users when they sign in and sign out. 2. All authentication events must be processed by PolicyApp. 3. Sign outs must be processed as fast as possible. Analysis of Options: Option A: Create a new Azure Event Grid subscription for all authentication events. Use the subscription to process sign-out events. - Pros: - A single Event Grid subscription for all authentication events could potentially allow the application to capture both sign-in and sign-out events. - Cons: - This approach does not necessarily optimize sign-out events for speed. It processes all authentication events together, which might delay processing sign-out events due to the time it takes to process sign-in events as well. - Lack of separation between different types of events could add overhead to handling sign-out events swiftly, especially if there's significant traffic. Option B: Create a separate Azure Event Grid handler for sign-in and sign-out events. - Pros: - This option allows you to have dedicated handling for sign-in and sign-out events, which is important to ensure that sign-out events are processed as fast as possible. - The separation of handlers ensures that sign-out events can be processed independently of other types of events, which is aligned with the requirement for processing sign-outs quickly. - Cons: - Managing two separate handlers might introduce additional complexity but is still viable if speed is critical for sign-out events. ...

Author: Akash · Last updated May 11, 2026

HOTSPOT - You are developing a C++ application that compiles to a native application named process.exe. The application accepts images as input and returns images in one of the following image formats: GIF, PNG, or JPEG. You must deploy the application as an Azure Function. You need to configure the function and host json files. How should y...

Author: Benjamin · Last updated May 11, 2026

HOTSPOT - You are developing an Azure Static Web app that contains training materials for a tool company. Each tool's training material is contained in a static web page that is linked from the tool's publicly available description page. A user must be authenticated using Azure AD prior to viewing training. You need to ensure that the user can view training material pages after authenti...

Author: Ava · Last updated May 11, 2026

HOTSPOT - You are authoring a set of nested Azure Resource Manager templates to deploy Azure resources. You author an Azure Resource Manager template named mainTemplate.json that contains the following linked templates: linkedTemplate1.json, linkedTemplate2.json. You add parameters to a parameters template file named mainTemplate.parameters,json. You save all templates on a local device in the C: emplates folder. You have the following requirements: * Store the templates in Azure for later deployment. * Enable versioning of the templates. * Manage access to the templates by using Azure RBAC. * Ensure that users have...

Author: Isabella · Last updated May 11, 2026

HOTSPOT - You are developing a service where customers can report news events from a browser using Azure Web PubSub. The service is implemented as an Azure Function App that uses the JSON WebSocket subprotocol to receive news events. You need to implement the bindings for the Azure Function App. How should yo...

Author: Isabella1 · Last updated May 11, 2026

HOTSPOT - You are building a software-as-a-service (SaaS) application that analyzes DNA data that will run on Azure virtual machines (VMs) in an availability zone. The data is stored on managed disks attached to the VM. The performance of the analysis is determined by the speed of the disk attached to the VM. You have the following requirements: * The application must be able to quickly revert to the previous day's data if a systemic error is detected. * The application must minimize downtime in the case of an Azure datacenter outage. You need to provision t...

Author: Ahmed · Last updated May 11, 2026

HOTSPOT - You are developing an application that includes two Docker containers. The application must meet the following requirements: * The containers must not run as root. * The containers must be deployed to Azure Container Instances by using a YAML file. * The containers must share a lifecycle, resources, local network, and storage volume. * The storage volume must persist through container crashes. * The storage volume must be deployed on stop or restart of the containers. You need ...

Author: Lucas Carter · Last updated May 11, 2026

HOTSPOT - You have a Dockerfile that builds a container image named image1. The container image and its base image are stored in separate repositories of an Azure Container registry named registry1. The codebase of image1 is stored in a GitHub repo named app1 of an account named account1. You plan to implement automatic updates to image1 whenever its base image is updated or an update to the main branch of the GitHub repo occurs. You need to complete the Azure CLI...

Author: Sam · Last updated May 11, 2026

HOTSPOT - You are implementing a software as a service (SaaS) ASP.NET Core web service that will run as an Azure Web App. The web service will use an on-premises SQL Server database for storage. The web service also includes a WebJob that processes data updates. Four customers will use the web service. * Each instance of the WebJob processes data for a single customer and must run as a singleton instance. * Each deployment must be tested by using deployment slots prior to serving production data. * Azure costs must be minimized. * Azure resources must be located in a...

Author: Olivia Johnson · Last updated May 11, 2026

DRAG DROP - You are a developer for a software as a service (SaaS) company that uses an Azure Function to process orders. The Azure Function currently runs on an Azure Function app that is triggered by an Azure Storage queue. You are preparing to migrate the Azure Function to Kubernetes using Kubernetes-based Event Driven Autoscaling (KEDA). You need to configure Kubernetes Custom Resource Definitions (CRD) for the Azure Function. Which CRDs should you configure? To answer, drag the appropriate CRD types to the c...

Author: Isabella · Last updated May 11, 2026

HOTSPOT - You are creating a CLI script that creates an Azure web app and related services in Azure App Service. The web app uses the following variables: You need to automatically deploy code from GitHub to the newly created web app. How should you complete the script? To...

Author: Scarlett · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage Blob storage. The storage account type is General-purpose V2. When photos are uploaded, they must be processed to produce and...

To determine whether the solution meets the goal, let's analyze the problem and solution carefully. Requirements: 1. Users upload photos to a web service, which stores them in Azure Storage Blob storage. 2. The photo must be processed to produce a mobile-friendly version. 3. The processing must start in less than one minute after the photo is uploaded. Solution Analysis: Trigger the photo processing from Blob storage events. - Blob storage events (e.g., BlobCreated) can be used to trigger actions based on events in a storage account. Azure Event Grid can listen to these events and trigger downstream processes. - This method is highly appropriate for starting a process after a new file (photo) is uploaded to Blob storage. - Event Grid is a real-time eventing platform that typically processes events within seconds, making it a good candidate to m...

Author: John · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop and deploy an Azure App Service API app to a Windows-hosted deployment slot named Development. You create additional deployment slots named Testing and Production. You enable auto swap on the Production deployment slot. Y...

Goal: The goal is to ensure that scripts run and resources are available before a swap operation occurs when using Azure App Service deployment slots, specifically during the swap to the Production slot with auto-swap enabled. Analysis of Solution: Update the web.config file to include the applicationInitialization configuration element. Specify custom initialization actions to run the scripts. Understanding the Solution: - The applicationInitialization element in the `web.config` file is used to define initialization tasks for the application before it fully starts up, which includes custom scripts or resource preparations. - This element helps ensure that the application has completed its initialization actions before serving requests, which can be crucial during a slot swap when ensuring that the app is ready to serve traffic without errors. Why this solution could work: - Auto swap: When using auto swap, the app in the staging slot is swapped into the production slot automatically. However, you need to ensure that the app in the production slot is fully initialized before the swap happens. - The applicationInitialization element in the `web.config` helps you specify custom initialization scripts to run before the application becomes available to handle traffic. This can ensure that the app in the Production slot i...

Author: Michael · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop and deploy an Azure App Service API app to a Windows-hosted deployment slot named Development. You create additional deployment slots named Testing and Production. You en...

Goal: The goal is to ensure that scripts run and resources are available before a swap operation occurs, particularly when deploying to the Production slot with auto swap enabled. Solution: Enable auto swap for the Testing slot. Deploy the app to the Testing slot. Analysis of Solution: 1. Auto swap on the Production slot: - When auto swap is enabled on the Production slot, it means the app in the Testing slot is swapped to Production automatically after deployment to the Testing slot is complete. This ensures that the Production slot always contains the most recent version of the app deployed to the Testing slot. 2. Auto swap on the Testing slot: - Enabling auto swap for the Testing slot would mean that the app is swapped into the Production slot automatically after deployment. This is the usual approach when testing an app before promoting it to Production. - However, this solution proposes enabling auto swap for the Testing slot and deploying to it. This doesn't address the requirement of ensuring resources are available and scripts are run before the swap to Product...

Author: BlazingPhoenix22 · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop and deploy an Azure App Service API app to a Windows-hosted deployment slot named Development. You create additional deployment slots named Testing and Production. You enable auto swap on the Production deployment slot. Y...

Goal: The goal is to ensure that scripts run and resources are available before the swap operation occurs when deploying to the Production slot with auto swap enabled. Solution: Disable auto swap. Update the app with a method named `statuscheck` to run the scripts. Re-enable auto swap and deploy the app to the Production slot. Analysis of Solution: 1. Disabling auto swap: - Disabling auto swap temporarily ensures that the app in the Production slot is not swapped immediately after deployment to the Testing slot. This gives you control over when the swap happens. - By disabling auto swap, you can manually control when the app in the Testing slot gets swapped to Production, allowing time to ensure scripts and resources are fully available before the swap. 2. Updating the app with a `statuscheck` method: - By creating a `statuscheck` method in the app, you can implement logic that ensures the app performs necessary initialization tasks (such as running scripts or making sure resources are ready) before the app is considered fully initialized. - This method can be invoked before the swap happens, ensuring the required resources and scripts are run in time. This can also be used to verify the status of the app before proceeding with the swap. 3. Re-enabling auto swap: - After...

Author: Leo · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage Blob storage. The storage account type is General-purpose V2. When photos are uploaded, they must be processed to produce and save a mobi...

The proposed solution is to convert the Azure Storage account to a BlockBlobStorage storage account. Let's evaluate whether this solution meets the goal of starting the photo processing within less than one minute after the photos are uploaded. Key Factors to Consider: 1. Storage Account Types: - General-purpose V2 accounts support a wide range of workloads and are the most flexible in terms of the types of data they store (blobs, files, queues, tables, etc.). They also support various blob types, including block blobs. - BlockBlobStorage accounts are optimized specifically for storing block blobs, which are ideal for unstructured data like images. However, they do not support other Azure services like Azure Files or Queues. They also don't have certain capabilities, such as the ability to integrate with certain other types of services that may be present in a general-purpose V2 account. 2. Photo Processing Requirement: - The photo processing task needs to be triggered and start within one minute of the photo upload. This requires integration with Azure services like Azure Functions, Logic Apps, or Event Grid to react to events like the creation of new blobs in storage. - Event Grid can trigger actions in response to events in a General-purpose V2 stor...

Author: Michael · Last updated May 11, 2026

HOTSPOT - You are developing an Azure Web App. You configure TLS mutual authentication for the web app. You need to validate the client certificate in the web app. To answer, select the appropriate o...

Author: Aarav · Last updated May 11, 2026

DRAG DROP - You are developing a Docker/Go using Azure App Service Web App for Containers. You plan to run the container in an App Service on Linux. You identify a Docker container image to use. None of your current resource groups reside in a location that supports Linux. You must minimize the number of resource groups required. You need to create the application and perform an initial deployment. Which three Azure CLI comma...

Author: Emily · Last updated May 11, 2026

DRAG DROP - Fourth Coffee has an ASP.NET Core web app that runs in Docker. The app is mapped to the www.fourthcoffee.com domain. Fourth Coffee is migrating this application to Azure. You need to provision an App Service Web App to host this docker image and map the custom domain to the App Service web app. A resource group named FourthCoffeePublicWebResourceGroup has been created in the WestUS region that contains an App Service Plan named AppServiceLinuxDockerPlan. Which or...

Author: StarryEagle42 · Last updated May 11, 2026

DRAG DROP - You are developing a serverless Java application on Azure. You create a new Azure Key Vault to work with secrets from a new Azure Functions application. The application must meet the following requirements: * Reference the Azure Key Vault without requiring any changes to the Java code. * Dynamically add and remove instances of the Azure Functions host based on the number of incoming application events. * Ensure that instances are perpetually warm to avoid any cold starts. * Connect to a VNet. * Authentication to the Azure Key Vault instance must be removed if the Azure Function application is deleted. ...

Author: Lucas Carter · Last updated May 11, 2026

You develop a website. You plan to host the website in Azure. You expect the website to experience high traffic volumes after it is published. You must ensure that the website remains available and r...

Option Analysis: A) Deploy the website to a virtual machine. Configure the virtual machine to automatically scale when the CPU load is high. - Pros: A virtual machine (VM) can be configured to scale based on CPU load, offering flexibility and full control over the environment. - Cons: VMs are generally more expensive compared to Azure App Services, as they require management, maintenance, and typically more resources. Scaling a VM involves creating additional instances of the VM, which could lead to unnecessary cost and complexity, especially when managing traffic spikes. - Use Case: This option is more suitable for custom applications that require full control over the operating system or dependencies. - Reasoning: High traffic and automatic scaling in this setup would likely result in higher infrastructure costs and complex management. This could be avoided by leveraging managed services. B) Deploy the website to an App Service that uses the Shared service tier. Configure the App Service plan to automatically scale when the CPU load is high. - Pros: The Shared service tier is cost-effective and easy to set up. It provides automatic scaling based on demand, with minimal maintenance overhead. - Cons: The Shared tier comes with significant limitations in terms of resources (CPU, memory, and storage), which may not be suitable for high-traffic scenarios. It can also have lower performance due to resource sharing between customers. - Use Case: Best for small-scale websites with low to moderate traffic. It’s not ideal for high-traffic sites, as performance could degrade under heavy load. - Reasoning: Given that you expect high traffic, the Shared tier would not provide the necessary performance and scalability to meet the demands of the website, and it could also lead to slower response times due to resource sharing. C) Deploy the website to a virtual machine. Configure a Scale Set to increase the virtual machine instance count when the CPU load is high. - Pros: Virtual Machine Scale Sets (VMSS) allow for automatic scaling, providing the flexibility to scale out by adding additional VM instances based on demand. This is an idea...

Author: Benjamin · Last updated May 11, 2026

HOTSPOT - A company is developing a Java web app. The web app code is hosted in a GitHub repository located at https://github.com/Contoso/webapp. The web app must be evaluated before it is moved to production. You must deploy the initial code release to a deployment slot named staging. You need to create the web app and deploy the code. How shoul...

Author: Ethan Smith · Last updated May 11, 2026

HOTSPOT - You have a web service that is used to pay for food deliveries. The web service uses Azure Cosmos DB as the data store. You plan to add a new feature that allows users to set a tip amount. The new feature requires that a property named tip on the document in Cosmos DB must be present and contain a numeric value. There are many existing websites and mobile apps that use the web s...

Author: Emma · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob. The app continu...

Solution Analysis: The Scenario: - You are working with an Azure Function app that processes Azure Storage blob data. - The app uses an HTTP trigger and is triggered by an output binding on the blob. - The app continues to time out after four minutes, but you need it to process the blob data without timing out. The Proposed Solution: - The solution proposes using the Durable Function async pattern to process the blob data. Key Points for Evaluation: 1. Timeout Issue with Azure Functions: - Standard Azure Functions (like HTTP-triggered or blob-triggered) have a default execution timeout of 5 minutes (for consumption plans). This means the function will be automatically terminated if it exceeds this time. - To process tasks that may take longer (more than 5 minutes), you need a Durable Function. Durable Functions allow for long-running operations that can be broken down into smaller tasks and tracked, thus avoiding timeouts. 2. Durable Function Async Pattern: - Durable Functions are specifically designed to handle workflows that may involve long-running tasks (like waiting for external services or processi...

Author: Sam · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob. The app continues to time out after four minutes. The app must process the b...

Solution Analysis: The Scenario: - You have an HTTP-triggered Azure Function app that processes Azure Storage blob data. - The app is currently timing out after four minutes when processing the data. - The app needs to process the blob data without timing out. The Proposed Solution: - The solution suggests passing the HTTP trigger payload into an Azure Service Bus queue for processing by a queue trigger function and returning an immediate HTTP success response. Key Points for Evaluation: 1. Issue with Timeout: - As mentioned earlier, HTTP-triggered Azure Functions have a timeout limit (typically 5 minutes for consumption plan). If the function takes longer than this limit, it will time out, which is the issue you're experiencing. 2. Service Bus Queue and Queue Trigger Function: - Using a Service Bus queue decouples the HTTP request from the actual processing. The HTTP-triggered function will push the request to the queue, allowing the function to return an HTTP success response immediately (thus preventing a timeout). - A separate queue trigger function will pick up the message from the queue and process the blob data. This allows for asynchronous processing, meaning the function can handle long-running tasks without being bound by the HTTP function’s timeout limits. - This approach ensures that the HTTP function is not blocked by long-running tasks and can immediately respond with success while delegating the actual work to another function, which can run indef...

Author: Mia · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop an HTTP triggered Azure Function app to process Azure Storage blob data. The app is triggered using an output binding on the blob. The app continues to time out ...

To determine if the solution meets the goal, let's analyze the solution and the context: Scenario - An HTTP-triggered Azure Function is processing Azure Storage blob data. - The app continues to time out after four minutes. - The goal is to ensure the app does not time out and processes the blob data successfully. Solution Provided - The solution involves configuring the app to use an App Service hosting plan and enabling the Always On setting. Key Factors: 1. Timeout Limitation: - Azure Functions on a Consumption plan have a maximum timeout of 5 minutes for HTTP-triggered functions. This can be extended to 60 minutes if needed, but it has inherent limitations when processing long-running tasks. - In contrast, an App Service hosting plan does not have the same timeout limitations and can run indefinitely as long as the app is healthy, which makes it suitable for longer-running tasks. 2. Always On Setting: - Enabling the Always On setting ensures that the function app is always running and does not go idle, which is necessary for avoiding timeouts, especially when dealing with long-running operations. This setting is typically available on App Service hos...

Author: Noah · Last updated May 11, 2026

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage Blob storage. The storage account type is General-purpose V2. When photos are uploaded, they must be processed to produce and save a mobile...

Scenario: - A software as a service (SaaS) offering is used to manage photographs. - Users upload photos to Azure Storage Blob storage, and once uploaded, a mobile-friendly version must be processed. - The processing should start in less than one minute. Solution Provided: - Move photo processing to an Azure Function triggered from the blob upload. Key Factors: 1. Azure Function with Blob Trigger: - Azure Functions offer a blob trigger that starts execution when a new blob is uploaded to a specified storage container. - The blob trigger is well-suited for this scenario because it allows the function to automatically start when a new image is uploaded to Blob storage. This triggers the photo processing workflow immediately, ensuring that the processing begins promptly (within the desired one-minute window). - Azure Functions can be very responsive, as the blob trigger mechanism is highly efficient and typically starts processing within seconds of the upload. Therefore, it meets the requirement of starting processing in less than one minute. 2. General-purpose V2 Storage Account: - Since the storage account is of type General-purpose V2, it supports a wide variety of features, including the ability to trigger Azure Functions on blob uploads. - Blob triggers are designed to work efficiently with General-purpose V2 storage accounts, so this is a good fit for the...

Author: Sofia2021 · Last updated May 11, 2026