The latest updated Microsoft AZ-204 exam dumps and free AZ-204 exam practice questions and answers! Latest updates from Lead4Pass Microsoft AZ-204 Dumps PDF and AZ-204 Dumps VCE, Lead4Pass AZ-204 exam questions updated and answers corrected!
Get the full Microsoft AZ-204 dumps from https://www.leads4pass.com/az-204.html (VCE&PDF)
Latest AZ-204 PDF for free
Share the Microsoft AZ-204 Dumps PDF for free From Lead4pass AZ-204 Dumps part of the distraction collected on Google Drive shared by Lead4pass
https://drive.google.com/file/d/1YIOpqZrnO3KBah69QCV3ip9P4xnC74Me/
The latest updated Microsoft AZ-204 Exam Practice Questions and Answers Online Practice Test is free to share from Lead4Pass (Q1-Q13)
QUESTION 1
DRAG DROP
You are developing a Docker/Go using Azure App Service Web App for Containers. You plan to run the container in an
App Service on Linux. You identify a Docker container image to use.
None of your current resource groups reside in a location that supports Linux. You must minimize the number of
resource groups required.
You need to create the application and perform an initial deployment.
Which three Azure CLI commands should you use to develop the solution? To answer, move the appropriate
commands from the list of commands to the answer area and arrange them in the correct order.
Select and Place:
Correct Answer:
You can host native Linux applications in the cloud by using Azure Web Apps. To create a Web App for Containers, you
must run Azure CLI commands that create a group, then a service plan, and finally the web app itself.
Step 1: az group create
In the Cloud Shell, create a resource group with the az group create command.
Step 2: az appservice plan create
In the Cloud Shell, create an App Service plan in the resource group with the az appservice plan create command.
Step 3: az webapp create
In the Cloud Shell, create a web app in the myAppServicePlan App Service plan with the az web app create command.
Don\\’t forget to replace it with a unique app name, and with your Docker ID.
References: https://docs.microsoft.com/mt-mt/azure/app-service/containers/quickstart-docker-go?view=sql-serverver15
QUESTION 2
HOTSPOT
You need to configure API Management for authentication.
Which policy values should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: Validate JWT
The validate-jwt policy enforces the existence and validity of a JWT extracted from either a specified HTTP Header or a
specified query parameter.
Scenario: User authentication (see step 5 below)
The following steps detail the user authentication process:
1.
The user selects Sign in on the website.
2.
The browser redirects the user to the Azure Active Directory (Azure AD) sign-in page.
3.
The user signs in.
4.
Azure AD redirects the user\\’s session back to the web application. The URL includes an access token.
5.
The web application calls an API and includes the access token in the authentication header. The application ID is sent
as the audience (‘aud’) claim in the access token.
6.
The back-end API validates the access token.
Incorrect Answers:
1.
Limit call rate by key – Prevents API usage spikes by limiting call rate, on a per-key basis.
2.
Restrict caller IPs – Filters (allows/denies) calls from specific IP addresses and/or address ranges.
3.
Check HTTP header – Enforces the existence and/or value of an HTTP Header.
Box 2: Outbound
Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies
QUESTION 3
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You develop an HTTP-triggered Azure Function app to process Azure Storage blob data. The app is triggered using an
output binding on the blob.
The app continues to time out after four minutes. The app must process the blob data.
You need to ensure the app does not time out and processes the blob data.
Solution: Configure the app to use an App Service hosting plan and enable the Always On setting.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: B
Instead, pass the HTTP trigger payload into an Azure Service Bus queue to be processed by a queue trigger function
and return an immediate HTTP success response.
Note: Large, long-running functions can cause unexpected timeout issues. General best practices include:
Whenever possible, refactor large functions into smaller function sets that work together and return responses fast. For
example, a webhook or HTTP trigger function might require an acknowledgment response within a certain time limit;
it\\’s
common for webhooks to require an immediate response. You can pass the HTTP trigger payload into a queue to be
processed by a queue trigger function. This approach lets you defer the actual work and return an immediate response.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-best-practices
QUESTION 4
HOTSPOT
You develop a news and blog content delivery app for Windows devices.
A notification must arrive on a user\\’s device when there is a new article available for them to view.
You need to implement push notifications.
How should you complete the code segment? To answer, select the appropriate options in the answer area;
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 5
You have an Azure App Services Web App Azure SQL Database instance Azure Storage Account, and an Azure Redis
Cache instance in a resource group.
A developer must be able to publish code to the web app. You must grant the developer the Contribute role to the web
app.
You need to grant the role.
Which two commands can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. az role assignment create
B. az role definition create
C. New-AzureRmRoleAssignment
D. New-AzureRmRoleDefinition
Correct Answer: AC
A: The az role assignment create command creates a new role assignment for a user, group, or service principal.
Example: Create a role assignment for an assignee.
az role assignment create –assignee sp_name –role a_role
C: The New-AzureRmRoleAssignment command assigns the specified RBAC role to the specified principal, at the
specified scope.
Incorrect Answers:
B, D: Creates a custom role in Azure RBAC.
References:
https://docs.microsoft.com/en-us/cli/azure/role/assignment?view=azure-cli-latest#az-role-assignment-create https://docs.microsoft.com/en-us/powershell/module/azurerm.resources/new-azurermroleassignment?view=azurermps-6.13.0
QUESTION 6
DRAG DROP
You are developing a software solution for an autonomous transportation system. The solution uses large data sets and
Azure Batch processing to simulate navigation sets for entire fleets of vehicles.
You need to create compute nodes for the solution on Azure Batch.
What should you do?
Put the actions in the correct order.
Select and Place:
Correct Answer:
With the Azure CLI:
Step 1: In the Azure CLI, run the command: az batch account create
First, we create a batch account.
Step 2: In Azure CLI, run the command: az batch pool create
Now that you have a Batch account, create a sample pool of Linux compute nodes using the az batch pool create
command.
Step 3: In Azure CLI, run the command: az batch job create
Now that you have a pool, create a job to run on it. A Batch job is a logical group for one or more tasks. A job includes
settings common to the tasks, such as priority and the pool to run tasks on. Create a Batch job by using the az batch
job
create command.
Step 4: In Azure CLI, run the command: az batch task create
Now use the az batch task create command to create some tasks to run in the job.
References:
https://docs.microsoft.com/en-us/azure/batch/quick-create-cli
QUESTION 7
DRAG DROP
You are implementing an order processing system. A point of sale application publishes orders to topics in an Azure
Service Bus queue. The Label property for the topic includes the following data:
You need to implement filtering and maximize throughput while evaluating filters. Which filter types should you implement? To answer, drag the appropriate filter types to the correct subscriptions. Each
filter type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll
to view content.
NOTE: Each correct selection is worth one point. Select and Place:
Correct Answer:
FutureOrders: SQLFilter HighPriortyOrders: CorrelationFilter CorrelationID only InternationalOrders: SQLFilter Country
NOT USA requires an SQL Filter HighQuantityOrders: SQLFilter Need to use relational operators so an SQL Filter is
needed. all orders: No Filter SQL Filter: SQL Filters – A SqlFilter holds a SQL-like conditional expression that is
evaluated in the broker against the arriving messages\\’ user-defined properties and system properties. All system
properties must be prefixed with sys. in the conditional expression. The SQL-language subset for filter conditions tests
for the existence of properties (EXISTS), as well as for null-values (IS NULL), logical NOT/AND/OR, relational
operators, simple numeric arithmetic, and simple text pattern matching with LIKE. Correlation Filters – A CorrelationFilter
holds a set of conditions that are matched against one or more of an arriving message\\’s user and system properties. A
common use is to match against the CorrelationId property, but the application can also choose to match against
ContentType, Label, MessageId, ReplyTo, ReplyToSessionId, SessionId, To, and any user-defined properties. A match
exists when an arriving message\\’s value for a property is equal to the value specified in the correlation filter. For string
expressions, the comparison is case-sensitive. When specifying multiple match properties, the filter combines them as a
logical AND condition, meaning for the filter to match, all conditions must match. Boolean filters – The TrueFilter and
FalseFilter either cause all arriving messages (true) or none of the arriving messages (false) to be selected for the
subscription. References: https://docs.microsoft.com/en-us/azure/service-bus-messaging/topic-filters
QUESTION 8
HOTSPOT
You need to add code at line AM09 to ensure that users can review content using ContentAnalysisService.
How should you complete the code? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: “oauth2Permissions”: [“login”]
oauth2Permissions specifies the collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to
client apps. These permission scopes may be granted to client apps during consent.
Box 2: “oauth2AllowImplicitFlow”:true
For applications (Angular, Ember.js, React.js, and so on), the Microsoft identity platform supports the OAuth 2.0 Implicit
Grant flow.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-app-manifest
QUESTION 9
You are implementing an Azure API app that uses built-in authentication and authorization functionality.
All app actions must be associated with information about the current user.
You need to retrieve the information about the current user.
What are two ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. HTTP headers
B. environment variables
C. /.auth/me HTTP endpoint
D. /.auth/login endpoint
Correct Answer: AC
A: After App Service Authentication has been configured, users trying to access your API are prompted to sign in with
their organizational account that belongs to the same Azure AD as the Azure AD application used to secure the API.
After signing in, you are able to access the information about the current user through the HttpContext.Current.User
property.
C: While the server code has access to request headers, client code can access GET /.auth/me to get the same access
tokens (
References: https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-auth-aad
https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/guidance/connect-to-api-secured-with-aad
QUESTION 10
You are creating a hazard notification system that has a single signaling server which triggers audio and visual alarms
to start and stop.
You implement Azure Service Bus to publish alarms. Each alarm controller uses Azure Service Bus to receive alarm
signals as part of a transaction. Alarm events must be recorded for audit purposes. Each transaction record must
include information about the alarm type that was activated.
You need to implement a reply trail auditing solution.
NOTE: Each correct selection is worth one point.
A. Assign the value of the hazard message MessageId property to the DeliveryCount property.
B. Assign the value of the hazard message SequenceNumber property to the DeliveryCount property.
C. Assign the value of the hazard message MessageId property to the SequenceNumber property.
D. Assign the value of the hazard message MessageId property to the CorrelationId property.
E. Assign the value of the hazard message SessionID property to the SequenceNumber property…
F. Assign the value of the hazard message SessionID property to the ReplyToSessionId property.
Correct Answer: DF
D: CorrelationId: Enables an application to specify a context for the message for the purposes of correlation; for
example, reflecting the MessageId of a message that is being replied to.
F: ReplyToSessionId: This value augments the ReplyTo information and specifies which SessionId should be set for the
reply when sent to the reply entity.
Incorrect Answers:
A, B: DeliveryCount
A number of deliveries that have been attempted for this message. The count is incremented when a message lock
expires, or the message is explicitly abandoned by the receiver. This property is read-only.
C, E: SequenceNumber
The sequence number is a unique 64-bit integer assigned to a message as it is accepted and stored by the broker and
functions as its true identifier. For partitioned entities, the topmost 16 bits reflect the partition identifier. Sequence
numbers
monotonically increase and are gapless. They roll over to 0 when the 48-64 bit range is exhausted. This property is read-only.
References: https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-messages-payloads
QUESTION 11
You are developing a web app that is protected by Azure Web Application Firewall (WAF). All traffic to the web app is
routed through an Azure Application Gateway instance that is used by multiple web apps. The web app address is
contoso.azurewebsites.net.
All traffic must be secured with SSL. The Azure Application Gateway instance is used by multiple web apps.
You need to configure the Azure Application Gateway for the app.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. In the Azure Application Gateway\\’s HTTP setting, enable the Use for App service setting.
B. Convert the web app to run in an Azure App Service Environment (ASE).
C. Add an authentication certificate for contoso.azurewebsites.net to the Azure Application gateway.
D. In the Azure Application Gateway\\’s HTTP setting set the value of the Override backend path option to
contoso22.azurewebsites.net.
Correct Answer: AD
D: The ability to specify a host override is defined in the HTTP settings and can be applied to any back-end pool during
rule creation. The ability to derive the hostname from the IP or FQDN of the back-end pool members. HTTP settings
also
provide an option to dynamically pick the hostname from a back-end pool member\\’s FQDN if configured with the
option to derive hostname from an individual back-end pool member.
A (not C): SSL termination and end-to-end SSL with multi-tenant services.
In the case of end-to-end SSL, trusted Azure services such as Azure App Service web apps do not require whitelisting the
backends in the application gateway. Therefore, there is no need to add any authentication certificates.
Reference: https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-web-app-overview
QUESTION 12
HOTSPOT
You need to secure the Shipping Function app.
How should you configure the app? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Scenario: Shipping Function app: Implement secure function endpoints by using app-level security and include Azure
Active Directory (Azure AD).
Box 1: Function
Box 2: JSON based Token (JWT)
Azure AD uses JSON based tokens (JWTs) that contain claims
Box 3: HTTP
How a web app delegates sign-in to Azure AD and obtains a token
User authentication happens via the browser. The OpenID protocol uses standard HTTP protocol messages.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios
QUESTION 13
A company uses Azure SQL Database to store data for an app. The data includes sensitive information.
You need to implement measures that allow only members of the manager’s group to see sensitive information.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Include the manager’s group.
B. Exclude the manager’s group.
C. Exclude the administrator’s group.
D. Navigate to the following URL: PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-44444
4444444/resouceGroupos/rg01/providers/Microsoft.Sql/servers/server01/databases/customers/
transparentDataEncryption/current?api-version=2014-04-01
E. Run the following Azure PowerShell command: New-AzureRmSqlDatabaseDataMaskingRule -SchemaName “dbo”
-TableName “customers” -ColumnName “ssn” -MaskingFunction “Default”
Correct Answer: BE
Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how
much of the sensitive data to reveal with minimal impact on the application layer.
SQL users excluded from masking – A set of SQL users or AAD identities that get unmasked data in the SQL query
results.
Note: The New-AzureRmSqlDatabaseDataMaskingRule cmdlet creates a data masking rule for an Azure SQL
database.
References:
https://docs.microsoft.com/en-us/powershell/module/azurerm.sql/newazurermsqldatabasedatamaskingrule?view=azurermps-6.13.0
Fulldumps shares the latest updated Microsoft AZ-204 exam exercise questions, AZ-204 dumps pdf for free.
All exam questions and answers come from the Lead4pass exam dumps shared part! Lead4pass updates throughout the year and shares a portion of your exam questions for free to help you understand the exam content and enhance your exam experience!
Get the full Microsoft AZ-204 exam dumps questions at: https://www.leads4pass.com/az-204.html (pdf&vce)
ps.
Get free Microsoft AZ-204 dumps PDF online: https://drive.google.com/file/d/1YIOpqZrnO3KBah69QCV3ip9P4xnC74Me/