16 tips on How to 70-534 Test Like a Badass [17 to 32]

70-534 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!


Product Description:
Exam Number/Code: 70-534
Exam name: Architecting Microsoft Azure Solutions
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Free Certification Real IT 70-534 Exam pdf Collection

Exam Code: 70-534 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Architecting Microsoft Azure Solutions
Certification Provider: Microsoft
Free Today! Guaranteed Training- Pass 70-534 Exam.

2016 May 70-534 Study Guide Questions:

Q17. HOTSPOT - (Topic 6) 

Resources must authenticate to an identity provider. 

You need to configure the Azure Access Control service. 

What should you recommend? To answer, select the appropriate responses for each requirement in the answer area. 


Q18. - (Topic 6) 

You are designing a distributed application for Azure. 

The application must securely integrate with on-premises servers. 

You need to recommend a method of enabling Internet Protocol security (IPsec)-protected 

connections between on-premises servers and the distributed application. 

What should you recommend? 

A. Azure Access Control 

B. Azure Content Delivery Network (CDN) 

C. Azure Service Bus 

D. Azure Site-to-Site VPN 

Answer: D 

Explanation: IPsec can be used on Azure Site-to-Site VPN connections. Distributed applications can used the IPSec VPN connections to communicate. 

Reference: About Virtual Network Secure Cross-Premises Connectivity 


Q19. - (Topic 6) 

You are designing an Azure application that processes graphical image files. The graphical Images are processed in batches by remote applications that run on multiple servers. 

You have the following requirements: 

. The application must remain operational during batch-processing operations. 

. Users must be able to roll back each image to a previous version. 

You need to ensure that each remote application has exclusive access to an image while the application processes the image. Which type of storage should you use to store the images? 

A. Table service 

B. Queue service 

C. Blob service 

D. A single Azure VHD that is attached to the web role 

Answer: C 

Explanation: * Blob Leases allow you to claim ownership to a Blob. Once you have the lease you can then update the Blob or delete the Blob without worrying about another process changing it underneath you. When a Blob is leased, other processes can still read it, but any attempt to update it will fail. You can update Blobs without taking a lease first, but you do run the chance of another process also attempting to modify it at the same time. 

* You can opt to use either optimistic or pessimistic concurrency models to manage access to blobs and containers in the blob service. 

: Azure Blob Storage Part 8: Blob Leases http://justazure.com/azure-blob-storage-part-8-blob-leases/ Reference: Using Blob Leases to Manage Concurrency with Table Storage http://www.azurefromthetrenches.com/?p=1371 

Q20. - (Topic 6) 

You are designing an Azure application. The application includes two web roles and three instances of a worker role. The web roles send requests to the worker role by using one or more Azure Queues. 

You need to recommend a queue design for sending requests to the worker role. 

What should you recommend? 

A. Create a queue for each combination of web roles and worker role instances. Send requests to all worker role instances based on the sending web role. 

B. Create a single queue. Send all requests on the single queue. 

C. Create a queue for each worker role instance. Send requests on each worker queue by using a round robin rotation. 

D. Create a queue for each web role. Send requests on all queues at the same time. 

Answer: B 

Explanation: To communicate with the worker role, a web role instance places messages on to a queue. A worker role instance polls the queue for new messages, retrieves them, and processes them. There are a couple of important things to know about the way the queue service works in Azure. First, you reference a queue by name, and multiple role instances can share a single queue. Second, there is no concept of a typed message; you construct a message from either a string or a byte array. An individual message can be no more than 64 kilobytes (KB) in size. 

Reference: 5 – Executing Background Tasks 


Reference: .NET Multi-Tier Application Using Service Bus Queues http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-dotnet-multi-tier-app-using-service-bus-queues/ 

Q21. DRAG DROP - (Topic 3) 

You need to recommend network connectivity solutions for the experimental applications. 

What should you recommend? To answer, drag the appropriate solution to the correct network connection requirements. Each solution may be used once, more than once, or not 

at all. You may need to drag the split bar between panes or scroll to view content. 


Topic 4, Lucerne Publishing



Lucerne Publishing creates, stores, and delivers online media for advertising companies.

This media is streamed to computers by using the web, and to mobile devices around the world by using native applications. The company currently supports the iOS, Android, and Windows Phone 8.1 platform.

Lucerne Publishing uses proprietary software to manage its media workflow. This software has reached the end of its lifecycle. The company plans to move its media workflows to the cloud. Lucerne Publishing provides access to its customers, who are third-party companies, so that they can download, upload, search, and index media that is stored on

Lucerne Publishing servers.

Apps and Applications

Lucerne Publishing develops the applications that customers use to deliver media. The company currently provides the following media delivery applications:

Lucerne Media W - a web application that delivers media by using any browser

Lucerne Media M - a mobile app that delivers media by using Windows Phone 8.1

Lucerne Media A - a mobile app that delivers media by using an iOS device

Lucerne Media N - a mobile app that delivers media by using an Android device

Lucerne Media D - a desktop client application that customer's install on their local computer

Business Requirements

Lucerne Publishing's customers and their consumers have the following requirements:

Access to media must be time-constricted once media is delivered to a consumer.

The time required to download media to mobile devices must be minimized.

Customers must have 24-hour access to media downloads regardless of their location or time zone.

Lucerne Publishing must be able to monitor the performance and usage of its customer-facing app.

Lucerne Publishing wants to make its asset catalog searchable without requiring a database redesign.

Customers must be able to access all data by using a web application. They must also be able to access data by using a mobile app that is provided by Lucerne


Customers must be able to search for media assets by key words and media type.

Lucerne Publishing wants to move the asset catalog database to the cloud without formatting the source data.

Other Requirements


Code and current development documents must be backed up at all times. All solutions must be automatically built and deployed to Azure when code is checked in to source control.

Network Optimization

Lucerne Publishing has a .NET web application that runs on Azure. The web application analyzes storage and the distribution of its media assets. It needs to monitor the utilization of the web application. Ultimately, Lucerne Publishing hopes to cut its costs by reducing data replication without sacrificing its quality of service to its customers. The solution has the following requirements:

Optimize the storage location and amount of duplication of media.

Vary several parameters including the number of data nodes and the distance from node to customers.

Minimize network bandwidth.

Lucerne Publishing wants be notified of exceptions in the web application.

Technical Requirements

Data Mining

Lucerne Publishing constantly mines its data to identify customer patterns. The company plans to replace the existing on-premises cluster with a cloud-based solution. Lucerne Publishing has the following requirements:

Virtual machines:

The data mining solution must support the use of hundreds to thousands of processing cores.

Minimize the number of virtual machines by using more powerful virtual machines.

Each virtual machine must always have eight or more processor cores available.

Allow the number of processor cores dedicated to an analysis to grow and shrink automatically based on the demand of the analysis.

Virtual machines must use remote memory direct access to improve performance.

Task scheduling:

The solution must automatically schedule jobs. The scheduler must distribute the jobs based on the demand and available resources.

Data analysis results:

The solution must provide a web service that allows applications to access the results of analyses.

Other Requirements

Feature Support

Ad copy data must be searchable in full text.

Ad copy data must indexed to optimize search speed.

Media metadata must be stored in Azure Table storage.

Media files must be stored in Azure BLOB storage.

The customer-facing website must have access to all ad copy and media.

The customer-facing website must automatically scale and replicate to locations around the world.

Media and data must be replicated around the world to decrease the latency of data transfers.

Media uploads must have fast data transfer rates (low latency) without the need to upload the data offline.


Customer access must be managed by using Active Directory.

Media files must be encrypted by using the PlayReady encryption method.

Customers must be able to upload media quickly and securely over a private connection with no opportunity for internet snooping.

19. HOTSPOT - (Topic 4) 

The company has two corporate offices. Customers will access the websites from datacenters around the world. 

You need to architect the global website strategy to meet the business requirements. Use the drop-down menus to select the answer choice that answers each question. 



Up to the minute 70-534 free exam questions:

Q22. - (Topic 6) 

You have several virtual machines (VMs) that run in Azure. You also have a single System Center 2012 R2 Configuration Manager (SCCM) primary site on-premises. 

You have the following requirements: 

All VMs must run on the same virtual network. 

Network traffic must be minimized between the on-premises datacenter and Azure. 

The solution minimize complexity. 

You need to use SCCM to collect inventory and deploy software to Azure VMs. 

What should you do first? 

A. Configure client push for the Azure virtual network. 

B. Enable and configure Operations Insights in Azure. 

C. Install a cloud distribution point on an Azure VM. 

D. Install a secondary site underneath the primary site onto an Azure VM. 

Answer: C 

Explanation: Cloud-based distribution Point, a Configuration Manager Site System Role in the Cloud 

Much of the Configuration Manager topology is made up of distribution points, they are very helpful in many situations where bandwidth and geographical separation are the facts of life, but also hard to manage if you have hundreds or even thousands of them. 

This feature started with the vision that it makes perfect sense to have big distribution points in the Windows Azure cloud where one should not worry about things like (but not limited to) size, performance, reliability, security, access from all around the world, hardware/software update issues etc. 

Note: Content management in System Center 2012 Configuration Manager provides the tools for you to manage content files for applications, packages, software updates, and operating system deployment. Configuration Manager uses distribution points to store files that are required for software to run on client computers. These distribution points function as distribution centers for the content files and let users download and run the software. 

Clients must have access to at least one distribution point from which they can download the files. 

Reference: New Distribution Points in Configuration Manager SP1 


Q23. - (Topic 6) 

A company has 10 on-premises SQL databases. The company plans to move the databases to SQL Server 2012 that runs in Azure Infrastructure-as-a-Service (IaaS). After migration, the databases will support a limited number of Azure websites in the same Azure Virtual Network. 

You have the following requirements: 

. You must restore copies of existing on-premises SQL databases to the SQL 

servers that run in Azure IaaS. 

. You must be able to manage the SQL databases remotely. 

. You must not open a direct connection from all of the machines on the on-

premises network to Azure. 

. Connections to the databases must originate from only five Windows computers. 

You need to configure remote connectivity to the databases. 

Which technology solution should you implement? 

A. Azure Virtual Network site-to-site VPN 

B. Azure Virtual Network multi-point VPN 

C. Azure Virtual Network point-to-site VPN 

D. Azure ExpressRoute 

Answer: C 

Explanation: A point-to-site VPN would meet the requirements. 

Reference: Configure a Point-to-Site VPN connection to an Azure Virtual Network 


Q24. - (Topic 6) 

You design an Azure web application. The web application is accessible by default as a standard cloudapp.net URL. 

You need to recommend a DNS resource record type that will allow you to configure access to the web application by using a custom domain name. 

Which DNS record type should you recommend? 


B. MX 


D. A 

Answer: C 

Explanation: A CNAME record maps a specific domain, such as contoso.com or www.contoso.com, to a canonical domain name. In this case, the canonical domain name is the <myapp>.cloudapp.net domain name of your Azure hosted application. Once created, the CNAME creates an alias for the <myapp>.cloudapp.net. The CNAME entry will resolve to the IP address of your <myapp>.cloudapp.net service automatically, so if the IP address of the cloud service changes, you do not have to take any action. 

Incorrect: Not D: 

Since an A record is mapped to a static IP address, it cannot automatically resolve changes to the IP address of your Cloud Service. 

An A record maps a domain, such as contoso.com or www.contoso.com, or a wildcard domain such as *.contoso.com, to an IP address. In the case of an Azure Cloud Service, the virtual IP of the service. So the main benefit of an A record over a CNAME record is that you can have one entry that uses a wildcard, such as *.contoso.com, which would handle requests for multiple sub-domains such as mail.contoso.com, login.contoso.com, or 


Reference: Configuring a custom domain name for an Azure cloud service 


Q25. - (Topic 1) 

You need to ensure that users do not need to re-enter their passwords after they authenticate to cloud applications for the first time. 

What should you do? 

A. Enable Microsoft Account authentication. 

B. Set up a virtual private network (VPN) connection between the VanArsdel premises and Azure datacenter. Set up a Windows Active Directory domain controller in Azure VM. Implement Integrated Windows authentication. 

C. Deploy ExpressRoute. 

D. Configure Azure Active Directory Sync to use single sign-on (SSO). 

Answer: D 

Explanation: Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. 

Reference: http://en.wikipedia.org/wiki/Single_sign-on 

Q26. - (Topic 1) 

You are designing a plan to deploy a new application to Azure. The solution must provide a 

single sign-on experience for users. 

You need to recommend an authentication type. 

Which authentication type should you recommend? 

A. SAML credential tokens 

B. Azure managed access keys 

C. Windows Authentication 


Answer: A 

Explanation: A Microsoft cloud service administrator who wants to provide their Azure Active Directory (AD) users with sign-on validation can use a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / identity provider. This is useful where the solution implementer already has a user directory and password store on-premises that can be accessed using SAML 2.0. This existing user directory can be used for sign-on to Office 365 and other Azure AD-secured resources. 

Reference: Use a SAML 2.0 identity provider to implement single sign-on 



Breathing 70-534 bible:

Q27. - (Topic 6) 

You are designing an Azure development environment. Team members learn Azure development techniques by training in the development environment. 

The development environment must auto scale and load balance additional virtual machine (VM) instances. 

You need to recommend the most cost-effective compute-instance size that allows team members to work with Azure in the development environment. 

What should you recommend? 

A. Azure A1 standard VM Instance 

B. Azure A2 basic VM Instance 

C. Azure A3 basic VM Instance 

D. Azure A9 standard VM Instance 

Answer: A 

Explanation: Azure A1 standard VM Instance would be cheapest with 1 CPU core, 0.75 GB RAM, and 40 GB HD. It would be good enough for training purposes. 

Reference: Virtual Machines Pricing, Launch Windows Server and Linux in minutes 


Q28. - (Topic 6) 

A company has a very large dataset that includes sensitive information. The dataset is over 30 TB in size. 

You have a standard business-class ISP internet connection that is rated at 100 megabits/second. 

You have 10 4-TB hard drives that are approved to work with the Azure Import/Export Service. 

You need to migrate the dataset to Azure. The solution must meet the following requirements: 

The dataset must be transmitted securely to Azure. 

Network bandwidth must not increase. 

Hardware costs must be minimized. 

What should you do? 

A. Prepare the drives with the Azure Import/Export tool and then create the import job. Ship the drives to Microsoft via a supported carrier service. 

B. Create an export job and then encrypt the data on the drives by using the Advanced Encryption Standard (AES). Create a destination Blob to store the export data. 

C. Create an import job and then encrypt the data on the drives by using the Advanced Encryption Standard (AES). Create a destination Blob to store the import data. 

D. Prepare the drives by using Sysprep.exe and then create the import job. Ship the drives to Microsoft via a supported carrier service. 

Answer: A 

Explanation: You can use the Microsoft Azure Import/Export service to transfer large amounts of file data to Azure Blob storage in situations where uploading over the network is prohibitively expensive or not feasible. 

Reference: Use the Microsoft Azure Import/Export Service to Transfer Data to Blob Storage 


Q29. - (Topic 6) 

You are the administrator for a company named Contoso, Ltd. 

Contoso also has an Azure subscription and uses many on-premises Active Directory products as roles in Windows Server including the following: 

Active Directory Domain Services (AD DS) 

Active Directory Certificate Services (AD CS) 

Active Directory Rights Management Services (AD RMS) 

Active Directory Lightweight Directory Services (AD LDS) 

Active Directory Federation Services (AD FS). 

Contoso must use the directory management services available in Azure Active Directory. 

You need to provide information to Contoso on the similarities and differences between Azure Active Directory and the Windows Server Active Directory family of services. 

Which feature does Azure Active Directory and on-premises Active Directory both support? 

A. Using the GraphAPI to query the directory 

B. Issuing user certificates 

C. Supporting single sign-on (SSO) 

D. Querying the directory with LDAP 

Answer: C 

Explanation: AD FS supports Web single-sign-on (SSO) technologies, and so does Azure 

Active Directory. 

If you want single sign on we usually suggest using ADFS if you’re a Windows shop. Going 

forward though, Azure Active Directory is another alternative you can use. 

Reference: Using Azure Active Directory for Single Sign On with Yammer 


Q30. - (Topic 5) 

You need to design the authentication solution for the NorthRide app. Which solution should you use? 

A. Azure Active Directory Basic with multi-factor authentication for the cloud and on-premises users. 

B. Active Directory Domain Services with mutual authentication 

C. Azure Active Directory Premium and add multi-factor authentication the for cloud users 

D. Active Directory Domain Services with multi-factor authentication 

Answer: C 

Explanation: * Scenario: The NorthRide app must use an additional level of authentication other than the employee's password. 

* Azure Multi-Factor Authentication is the multi-factor authentication service that requires users to also verify sign-ins using a mobile app, phone call or text message. It is available to use with Azure Active Directory, to secure on-premise resources with the Azure Multi-Factor Authentication Server, and with custom applications and directories using the SDK. 

Reference: What is Azure Multi-Factor Authentication? 


Reference: Azure Active Directory Pricing 


Q31. - (Topic 6) 

You are evaluating an Azure application. The application includes the following elements: 

. A web role that provides the ASP.NET user interface and business logic 

. A single SQL database that contains all application data 

Each webpage must receive data from the business logic layer before returning results to the client. Traffic has increased significantly. The business logic is causing high CPU usage. 

You need to recommend an approach for scaling the application. 

What should you recommend? 

A. Store the business logic results in Azure Table storage. 

B. Vertically partition the SQL database. 

C. Move the business logic to a worker role. 

D. Store the business logic results in Azure local storage. 

Answer: C 

Explanation: For Cloud Services in Azure applications need both web and worker roles to scale well. 

Reference: Application Patterns and Development Strategies for SQL Server in Azure Virtual Machines 


Q32. - (Topic 6) 

You are designing an Azure web application. 

All users must authenticate by using Active Directory Domain Services (AD DS) credentials. 

You need to recommend an approach to enable single sign-on to the application for domain-authenticated users. 

Which two actions should you recommend? Each correct answer presents part of the solution. 

A. Use Forms authentication to generate claims. 

B. Use the SQL membership provider in the web application. 

C. Use Windows Identity Foundation in the web application. 

D. Use Active Directory Federation Services (AD FS) to generate claims. 

Answer: C,D 

Reference: What is Windows Identity Foundation? 


Reference: DirSync with Single Sign-On 


see more http://www.pdfcollection.net/70-534-pdf.html