Practice Free AZ-204 Exam Online Questions
DRAG DROP
You develop and deploy an Azure App Service —- app. The web app accesses data in an Azure SQL
database
You must update the web app to store frequently used data m a new Azure Cache for Redis Premium instance.
You need to implement the Azure Cache for Redis features.
Which feature should you implement? To answer, drag the appropriate feature to the correct requirements Each feature may be used once, more than once, or not at all You may need to ———— between panes or scroll to view content. NOTE Each correct selection is worth one point
You are developing a mobile app that uses an API which stores geospabal data in Azure Cosmos D& The app will be used to find restaurants in a particular area and related information including food types, menu information and the optimal route to a selected restaurant from the user’s current location.
Which Azure Cosmos DB API should you use for the API?
- A . MongoDB
- B . Gremlin
- C . Cassandra
- D . Core
HOTSPOT
An organization deploys a Mob storage account. Users take multiple snapshots of the blob storage account over time.
You need to delete all snapshots or the blob storage account. You must not delete the blob storage account itself.
How should you complete the code segment? To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT
You need to add code at line PC26 of Processing.cs to ensure that security policies are met.
How should you complete the code that you will add at line PC26? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: var key = await Resolver.ResolveKeyAsyn(keyBundle,KeyIdentifier.CancellationToken.None);
Box 2: var x = new BlobEncryptionPolicy(key,resolver);
Example:
// We begin with cloudKey1, and a resolver capable of resolving and caching Key Vault secrets. BlobEncryptionPolicy encryptionPolicy = new BlobEncryptionPolicy(cloudKey1, cachingResolver); client.DefaultRequestOptions.EncryptionPolicy = encryptionPolicy;
Box 3: cloudblobClient. DefaultRequestOptions.EncryptionPolicy = x;
Reference: https://github.com/Azure/azure-storage-net/blob/master/Samples/GettingStarted/EncryptionSamples/KeyRotation/Program.cs
You manage a data processing application that receives requests from an Azure Storage queue.
You need to manage access to the queue.
You have the following requirements:
✑ Provide other applications access to the Azure queue.
✑ Ensure that you can revoke access to the queue without having to regenerate the storage account keys.
✑ Specify access at the queue level and not at the storage account level.
Which type of shared access signature (SAS) should you use?
- A . Service SAS with a stored access policy
- B . Account SAS
- C . User Delegation SAS
- D . Service SAS with ad hoc SAS
A
Explanation:
A service SAS is secured with the storage account key. A service SAS delegates access to a resource in only one of the Azure Storage services: Blob storage, Queue storage, Table storage, or Azure Files.
Stored access policies give you the option to revoke permissions for a service SAS without having to regenerate the storage account keys.
Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
HOTSPOT
Your company is migrating applications to Azure. The IT department must allow internal developers to communicate with Microsoft support.
The service agents of the IT department must only have view resources and create support ticket permissions to all subscriptions. A new custom role must be created by reusing a default role definition and changing the permissions.
You need to create the custom role.
To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: Set-AzureRmRoleDefinition Input-File C:SupportRole.json
The Set-AzureRmRoleDefinition cmdlet updates an existing custom role in Azure Role-Based Access Control. Provide the updated role definition as an input to the command as a JSON file or a PSRoleDefinition object.
The role definition for the updated custom role MUST contain the Id and all other required properties of the role even if they are not updated: DisplayName, Description, Actions, AssignableScope
Box 2: "*/read*."* Microsoft.Support/*"
Microsoft.Support/* Create and manage support tickets
"Microsoft.Support" role definition azure
Incorrect Answers:
Get-AzureRmRoleDefinition. The Get-AzureRmRoleDefinition command does not have an action section.
First, use the Get-AzureRmRoleDefinition command to retrieve the custom role that you wish to modify. Then, modify the properties that you wish to change. Finally, save the role definition using the Set-AzureRmRoleDefinition command.
Reference: https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles-powershell
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear on the review screen.
You are implementing an application by using Azure Event Grid to push near-real-time information to customers.
You have the following requirements:
• You must send events to thousands of customers that include hundreds of various event types.
• The events must be filtered by event type before processing.
• Authentication and authorization must be handled by using Microsoft Entra ID.
• The events must be published to a single endpoint
You need to implement Azure Event Gnd.
Solution: Publish events to a system topic. Create an event subscription for each customer.
Does the solution meet the goal?
- A . Yes
- B . No
HOTSPOT
You need to implement the Azure Function for delivery driver profile information.
Which configurations should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Code Library: MSAL
API: Microsoft Graph
https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-overview
DRAG DROP
You are preparing to deploy an application to an Azure Kubernetes Service (AKS) cluster.
The application must only be available from within the VNet that includes the cluster.
You need to deploy the application.
How should you complete the deployment YAML? To answer, drag the appropriate YAML segments to the correct locations. Each YAML segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Explanation:
To create an internal load balancer, create a service manifest named internal-lb.yaml with the service type LoadBalancer and the azure-load-balancer-internal annotation as shown in the following example:
YAML:
apiVersion: v1
kind: Service
metadata:
name: internal-app
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
spec:
type: LoadBalancer
ports:
– port: 80 selector:
app: internal-app
Reference: https://docs.microsoft.com/en-us/azure/aks/internal-lb
DRAG DROP
You are developing a REST web service. Customers will access the service by using an Azure API Management instance.
The web service does not correctly handle conflicts. Instead of returning an HTTP status code of 409, the service returns a status code of 500. The body of the status message contains only the word conflict.
You need to ensure that conflicts produce the correct response.
How should you complete the policy? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: on-error
Policies in Azure API Management are divided into inbound, backend, outbound, and on-error.
If there is no on-error section, callers will receive 400 or 500 HTTP response messages if an error condition occurs.
Box 2: context
Box 3: context
Box 4: set-status
The return-response policy aborts pipeline execution and returns either a default or custom response to the caller. Default response is 200 OK with no body.
Custom response can be specified via a context variable or policy statements.
Syntax:
<return-response response-variable-name="existing context variable"> <set-header/>
<set-body/>
<set-status/>
</return-response>
Box 5: on-error
Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-error-handling-policies
https://docs.microsoft.com/en-us/azure/api-management/api-management-transformation-policies