- (Exam Topic 1)
You plan to migrate App1 to Azure. The solution must meet the authentication and authorization requirements. Which type of endpoint should App1 use to obtain an access token?
Correct Answer:D
Scenario: To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app.
Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication. Applications may use the managed identity to obtain Azure AD tokens.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
- (Exam Topic 4)
You have an on-premises network that uses an IP address space of 172.16.0.0/16. You plan to deploy 25 virtual machines to a new Azure subscription. You identify the following technical requirements:
• All Azure virtual machines must be placed on the same subnet named Subnet1.
• All the Azure virtual machines must be able to communicate with all on-premises servers.
• The servers must be able to communicate between the on-premises network and Azure by using a site-to-site VPN.
You need to recommend a subnet design that meets the technical requirements.
What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnets. Each network address may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
NOTE: Each correct selection is worth one point.
Solution:
Does this meet the goal?
Correct Answer:A
- (Exam Topic 4)
You plan to import data from your on-premises environment to Azure. The data Is shown in the following table.
What should you recommend using to migrate the data? To answer, drag the appropriate tools to the correct data sources-Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Solution:
References:
https://docs.microsoft.com/en-us/azure/dms/tutorial-sql-server-to-azure-sql https://docs.microsoft.com/en-us/azure/cosmos-db/import-data
Does this meet the goal?
Correct Answer:A
- (Exam Topic 4)
You have an Azure subscription that contains a virtual network named VNET1 and 10 virtual machines. The virtual machines are connected to VNET1.
You need to design a solution to manage the virtual machines from the internet. The solution must meet the following requirements:
• Incoming connections to the virtual machines must be authenticated by using Azure Multi-Factor Authentication (MFA) before network connectivity is allowed.
• Incoming connections must use TLS and connect to TCP port 443.
• The solution must support RDP and SSH.
What should you Include In the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Solution:
Does this meet the goal?
Correct Answer:A
- (Exam Topic 1)
How should the migrated databases DB1 and DB2 be implemented in Azure?
Solution:
Table Description automatically generated
Box 1: SQL Managed Instance
Scenario: Once migrated to Azure, DB1 and DB2 must meet the following requirements: 
Maintain availability if two availability zones in the local Azure region fail.
Fail over automatically. Minimize I/O latency.
The auto-failover groups feature allows you to manage the replication and failover of a group of databases on a server or all databases in a managed instance to another region. It is a declarative abstraction on top of the existing active geo-replication feature, designed to simplify deployment and management of geo-replicated databases at scale. You can initiate a geo-failover manually or you can delegate it to the Azure service based on a user-defined policy. The latter option allows you to automatically recover multiple related databases in a secondary region after a catastrophic failure or other unplanned event that results in full or partial loss of the SQL Database or SQL Managed Instance availability in the primary region.
Box 2: Business critical
SQL Managed Instance is available in two service tiers:
General purpose: Designed for applications with typical performance and I/O latency requirements. Business critical: Designed for applications with low I/O latency requirements and minimal impact of
underlying maintenance operations on the workload.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/auto-failover-group-overview https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/sql-managed-instance-paas-overview
Does this meet the goal?
Correct Answer:A