Vendor: Microsoft

Exam Code: AZ-204

Exam Name: Developing Solutions for Microsoft Azure

Version: DEMO
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

QUESTION 1
Case Study 1 - Litware Inc
Background
You are a developer for Litware Inc., a SaaS company that provides a solution for managing
employee expenses. The solution consists of an ASP.NET Core Web API project that is deployed
as an Azure Web App.

Overall architecture
Employees upload receipts for the system to process. When processing is complete, the
employee receives a summary report email that details the processing results. Employees then
use a web application to manager their receipts and perform any additional tasks needed for
reimbursement.

Receipt processing
Employees may upload receipts in two ways:
Uploading using an Azure Files mounted folder
Uploading using the web application

Data Storage
Receipt and employee information is stored in an Azure SQL database.

Documentation
Employees are provided with a getting started document when they first use the solution. The
documentation includes details on supported operating systems for Azure File upload, and
instructions on how to configure the mounted folder.

Solution details
Users table

Web Application
You enable MSI for the Web App and configure the Web App to use the security principal name.

Drag and Drop Question

You need to ensure that the upload format issue is resolved.

What code should you add at line RU14?

To answer, drag the appropriate code fragments to the correct locations. Each code fragment
may be used once, more than once, or not at all. You may need to drag the split bar between
panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 2
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

Answer:

Explanation:
Box 1: HttpStatusCode.InternalServerError
HttpStatusCode.InternalServerError is equivalent to HTTP status 500. InternalServerError
indicates that a generic error has occurred on the server.

Box 2: CannotDeleteFileOrDirectory
HttpResponseMessage.ReasonPhrase Property gets or sets the reason phrase which typically is
sent by servers together with the status code.
Scenario: Upload format issue
Employees occasionally report an issue with uploading a receipt using the web application. They
report that when they upload a receipt using the Azure File Share, the receipt does not appear in
their profile. When this occurs, they delete the file in the file share and use the web application,
which returns a 500 Internal Server error page.

References:
https://docs.microsoft.com/en-
us/dotnet/api/system.net.httpstatuscode?redirectedfrom=MSDN&view=netframework-4.7.2

QUESTION 2
Case Study 2 - Coho Winery
LabelMaker app
Coho Winery produces bottles, and distributes a variety of wines globally. You are developer
implementing highly scalable and resilient applications to support online order processing by
using Azure solutions.

Coho Winery has a LabelMaker application that prints labels for wine bottles. The application
sends data to several printers. The application consists of five modules that run independently on
virtual machines (VMs). Coho Winery plans to move the application to Azure and continue to
support label creation.

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 3
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

External partners send data to the LabelMaker application to include artwork and text for custom
label designs.

You need to meet the LabelMaker application security requirement.

What should you do?

A. Create a conditional access policy and assign it to the Azure Kubernetes Service cluster.
B. Place the Azure Active Directory account into an Azure AD group. Create a ClusterRoleBinding
and assign it to the group.
C. Create a RoleBinding and assign it to the Azure AD account.
D. Create a Microsoft Azure Active Directory service principal and assign it to the Azure Kubernetes
Service (AKS) cluster.

Answer: B
Explanation:
Scenario: The LabelMaker applications must be secured by using an AAD account that has full
access to all namespaces of the Azure Kubernetes Service (AKS) cluster.
Permissions can be granted within a namespace with a RoleBinding, or cluster-wide with a
ClusterRoleBinding.
References:
https://kubernetes.io/docs/reference/access-authn-authz/rbac/

QUESTION 3
Case Study 3 - City Power & Light
Background
City Power & Light company provides electrical infrastructure monitoring solutions for homes and
businesses. The company is migrating solutions to Azure.

Current environment
Architecture overview
The company has a public website located at http://www.cpandl.com/. The site is a single-page
web application that runs in Azure App Service on Linux. The website uses files stored in Azure
Storage and cached in Azure Content Delivery Network (CDN) to serve static content.

API Management and Azure Function App functions are used to process and store data in Azure
Database for PostgreSQL. API Management is used to broker communications to the Azure
Function app functions for Logic app integration. Logic apps are used to orchestrate the data
processing while Service Bus and Event Grid handle messaging and events.

The solution uses Application Insights, Azure Monitor, and Azure Key Vault.

You need to correct the RequestUserApproval Function app error.

What should you do?

A. Update line RA13 to use the async keyword and return an HttpRequest object value.
B. Configure the Function app to use an App Service hosting plan. Enable the Always On setting of
the hosting plan.
C. Update the function to be stateful by using Durable Functions to process the request payload.
D. Update the functionTimeout property of the host.json project file to 15 minutes.

Answer: C
Explanation:

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 4
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

Async operation tracking

The HTTP response mentioned previously is designed to help implement long-running HTTP
async APIs with Durable Functions. This pattern is sometimes referred to as the polling consumer
pattern.
Both the client and server implementations of this pattern are built into the Durable Functions
HTTP APIs.

Function app
You perform local testing for the RequestUserApproval function. The following error message
displays:
'Timeout value of 00:10:00 exceeded by function: RequestUserApproval' The same error
message displays when you test the function in an Azure development environment when you
run the following Kusto query:
FunctionAppLogs
| where FunctionName = = "RequestUserApproval"

References:
https://docs.microsoft.com/en-us/azure/azure-functions/durable/durable-functions-http-features
https://docs.microsoft.com/en-us/azure/azure-functions/durable/durable-functions-
overview?tabs=csharp#human

QUESTION 4
Background
Best for You Organics Company is a global restaurant franchise that has multiple locations. The
company wants to enhance user experiences and vendor integrations. The company plans to
implement automated mobile ordering and delivery services.

Best For You Organics hosts an Azure web app at the URL https://www.bestforyouorganics.com.
Users can use the web app to browse restaurant locations, menu items, nutritional, information,
and company information. The company developed and deployed a cross-platform mobile app.

Requirements
You must develop a chartbot by using the Bot Builder SDK and Language Understanding
Intelligence Service (LUIS). The chatbot must allow users to order food for pickup or delivery.

You need to resolve the delivery API error.

What should you do?

A. Implement simple retry by using the EnableRetryOnFailure feature of Entity Framework.

B. Implement exponential backoff by using the EnableRetryOnFailure feature of Entity Framework.
C. Implement the Circuit Breaker pattern by using the EnbaleRetryOnFailure feature of Entity
Framework.
D. Invoke accustom execution strategy in Entity Framework.

Answer: A
Explanation:
Scenario: The Delivery API intermittently throws the following exception:

A useful method to get rid of this error is to use RETRY LOGIC of Entity Framework 1.1.0

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 5
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

services.AddDbContext<DbContext>(options =>
options.UseSqlServer('yourconnectionstring', ...sqlServerOptionsAction: sqlOptions =>
...{
......sqlOptions.EnableRetryOnFailure(
.........maxRetryCount: 5,
.........maxRetryDelay: TimeSpan.FromSeconds(30),
.........errorNumbersToAdd: new List<int>() { 19 });
...}));
In Retry logic, error 19 is not included. So you have to pass the error code 19 to set retry logic for
error code 19.
References:
https://stackoverflow.com/questions/47558062/error-19-physical-connection-error/47559967

QUESTION 5
Case Study 5 - Wide World Importers
Background
Wide World Importers is moving all their datacenters to Azure. The company has developed
several applications and services to support supply chain operations and would like to leverage
serverless computing where possible.

Current environment
Windows Server 2016 virtual machine

This virtual machine (VM) runs Biz Talk Server 2016. The VM runs the following workflows:

Ocean Transport – This workflow gathers and validates container information including
container contents and arrival notices at various shipping ports.
Inland Transport – This workflow gathers and validates trucking information including fuel
usage, number of stops, and routes.

The VM supports the following REST API calls:

Container API – This API provides container information including weight, contents, and other
attributes.
Location API – This API provides location information regarding shipping ports of call and truck
stops.
Shipping REST API – This API provides shipping information for use and display on the
shipping website.

Shipping Data
The application uses MongoDB JSON document storage database for all container and transport
information.

Shipping Web Site

The site displays shipping container tracking information and container contents. The site is
located at http://shipping.wideworldimporters.com

You need to migrate on-premises shipping data to Azure.

What should you use?

A. Azure Cosmos DB Data Migration tool (dt.exe)

B. Azure Database Migration service
C. AzCopy

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 6
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

D. Azure Migrate

Answer: B
Explanation:
Migrate from on-premises or cloud implementations of MongoDB to Azure Cosmos DB with
minimal downtime by using Azure Database Migration Service. Perform resilient migrations of
MongoDB data at scale and with high reliability.
Scenario: Data migration from on-premises to Azure must minimize costs and downtime.
The application uses MongoDB JSON document storage database for all container and transport
information.

References:
https://azure.microsoft.com/en-us/updates/mongodb-to-azure-cosmos-db-online-and-offline-
migrationsare-now-available/

QUESTION 6
Case Study 6 - Contoso, Ltd
Background
Overview
You are a developer for Contoso, Ltd. The company has a social networking website that is
developed as a Single Page Application (SPA). The main web application for the social
networking website loads user uploaded content from blob storage.

You are developing a solution to monitor uploaded data for inappropriate content. The following
process occurs when users upload content by using the SPA:

Messages are sent to ContentUploadService.

Content is processed by ContentAnalysisService.
After processing is complete, the content is posted to the social network or a rejection message
is posted in its place.

The ContentAnalysisService is deployed with Azure Container Instances from a private Azure
Container Registry named contosoimages.

The solution will use eight CPU cores.

Azure Active Directory

Contoso, Ltd. uses Azure Active Directory (Azure AD) for both internal and guest accounts.

You need to investigate the http server log output to resolve the issue with the
ContentUploadService.

Which command should you use first?

A. az webapp log
B. az ams live-output
C. az monitor activity-log
D. az container attach

Answer: D
Explanation:
The ContentAnalysisService is deployed with Azure Container Instances from a private Azure
Container Registry named contosoimages.

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 7
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

ConentCotainerService is hosted in container services. Hense, the correct answer is az container

attach.

Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-get-logs#attach-
output-streams
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-get-logs

QUESTION 7
Case Study 7 - Proseware, Inc
Background
You are a developer for Proseware, Inc. You are developing an application that applies a set of
governance policies for Proseware’s internal services, external services, and applications. The
application will also provide a shared library for common functionality.

Requirements
Policy service
You develop and deploy a stateful ASP.NET Core 2.1 web application named Policy service to an
Azure App Service Web App. The application reacts to events from Azure Event Grid and
performs policy actions based on those events.

The application must include the Event Grid Event ID field in all Application Insights telemetry.

Policy service must use Application Insights to automatically scale with the number of policy
actions that it is performing.

You need to resolve a notification latency issue.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A. Ensure that the Azure Function is set to use a consumption plan.

B. Ensure that the Azure Function is using an App Service plan.
C. Set Always On to false.
D. Set Always On to true.

Answer: BD
Explanation:
Always On enables waking up on HTTP trigger, but does not prevent the exceeding the max time
out time of 230 seconds.
If your function app is on the Consumption plan, there can be up to a 10-minute delay in
processing new blobs if a function app has gone idle. To avoid this latency, you can switch to an
App Service plan with Always On enabled. You can also use an Event Grid trigger with your Blob
storage account.

References:
https://docs.microsoft.com/en-us/azure/azure-functions/dedicated-plan#always-on
https://github.com/Azure/Azure-Functions/wiki/Enable-Always-On-when-running-on-dedicated-
App-Service-Plan
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview
https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-storage-blob-
trigger?tabs=csharp#event-grid-trigger

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 8
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

QUESTION 8
Case Study 8 - VanArsdel, Ltd
Background
VanArsdel, Ltd. is a global office supply company. The company is based in Canada and has
retail store locations across the world. The company is developing several cloud-based solutions
to support their stores, distributors, suppliers, and delivery services.

Current environment
Corporate website
The company provides a public website located at http://www.vanarsdelltd.com. The website
consists of a React JavaScript user interface, HTML, CSS, image assets, and several APIs
hosted in Azure Functions.

Retail Store Locations

The company supports thousands of store locations globally. Store locations send data every
hour to an Azure Blob storage account to support inventory, purchasing and delivery services.
Each record includes a location identifier and sales transaction information.

Question
You need to grant access to the retail store location data for the inventory service development
effort.
What should you use?

A. Azure AD access token

B. Azure RBAC role
C. Shared access signature (SAS) token
D. Azure AD ID token
E. Azure AD refresh token

Answer: C
Explanation:
A shared access signature (SAS) provides secure delegated access to resources in your storage
account. With a SAS, you have granular control over how a client can access your data. For
example:
What resources the client may access.
What permissions they have to those resources.
How long the SAS is valid.
Note: Inventory services:
The company has contracted a third-party to develop an API for inventory processing that
requires access to a specific blob within the retail store storage account for three months to
include read-only access to the data.

Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview

QUESTION 9
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result,
these questions will not appear in the review screen.

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 9
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

You develop a software as a service (SaaS) offering to manage photographs. Users upload
photos to a web service which then stores the photos in Azure Storage Blob storage. The storage
account type is General-purpose V2.

When photos are uploaded, they must be processed to produce and save a mobile-friendly
version of the image. The process to produce a mobile-friendly version of the image must start in
less than one minute.

You need to design the process that starts the photo processing.

Solution: Use the Azure Blob Storage change feed to trigger photo processing.

Does the solution meet the goal?

A. Yes
B. No

Answer: B
Explanation:
The change feed is a log of changes that are organized into hourly segments but appended to
and updated every few minutes. These segments are created only when there are blob change
events that occur in that hour.
Instead catch the triggered event, so move the photo processing to an Azure Function triggered
from the blob upload.

Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-change-feed
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview

QUESTION 10
You are developing an Azure App Service REST API.

The API must be called by an Azure App Service web app. The API must retrieve and update
user profile information stored in Azure Active Directory (Azure AD).

You need to configure the API to make the updates.

Which two tools should you use? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A. Microsoft Graph API

B. Microsoft Authentication Library (MSAL)
C. Azure API Management
D. Microsoft Azure Security Center
E. Microsoft Azure Key Vault SDK

Answer: AB
Explanation:
A: You can use the Azure AD REST APIs in Microsoft Graph to create unique workflows between
Azure AD resources and third-party services. Enterprise developers use Microsoft Graph to
integrate Azure AD identity management and other services to automate administrative

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 10
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

workflows, such as employee onboarding (and termination), profile maintenance, license

deployment, and more.
B: MSAL is needed to get the tokens and pass it in Graph API request.

Reference:
https://docs.microsoft.com/en-us/graph/azuread-identity-access-management-concept-overview

QUESTION 11
You develop a REST API. You implement a user delegation SAS token to communicate with
Azure Blob storage.

The token is compromised.

You need to revoke the token.

What are two possible ways to achieve this goal? Each correct answer presents a complete
solution.

NOTE: Each correct selection is worth one point.

A. Revoke the delegation key.

B. Delete the stored access policy.
C. Regenerate the account key.
D. Remove the role assignment for the security principle.

Answer: AD
Explanation:
If you believe that a SAS has been compromised, then you should revoke the SAS. You can
revoke a user delegation SAS either by revoking the user delegation key, or by changing or
removing RBAC role assignments for the security principal used to create the SAS.

Reference:
https://docs.microsoft.com/en-us/rest/api/storageservices/create-user-delegation-sas#revoke-a-
user-delegation-sas

QUESTION 12
You develop and deploy an Azure Logic app that calls an Azure Function app. The Azure
Function app includes an OpenAPI (Swagger) definition and uses an Azure Blob storage account.
All resources are secured by using Azure Active Directory (Azure AD).

The Azure Logic app must securely access the Azure Blob storage account. Azure AD resources
must remain if the Azure Logic app is deleted.

You need to secure the Azure Logic app.

What should you do?

A. Create a user-assigned managed identity and assign role-based access controls.

B. Create an Azure AD custom role and assign the role to the Azure Blob storage account.
C. Create an Azure Key Vault and issue a client certificate.
D. Create a system-assigned managed identity and issue a client certificate.
E. Create an Azure AD custom role and assign role-based access controls.

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 11
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

Answer: A
Explanation:
To give a managed identity access to an Azure resource, you need to add a role to the target
resource for that identity.
Note: To easily authenticate access to other resources that are protected by Azure Active
Directory (Azure AD) without having to sign in and provide credentials or secrets, your logic app
can use a managed identity (formerly known as Managed Service Identity or MSI). Azure
manages this identity for you and helps secure your credentials because you don't have to
provide or rotate secrets.
If you set up your logic app to use the system-assigned identity or a manually created, user-
assigned identity, the function in your logic app can also use that same identity for authentication.

Reference:
https://docs.microsoft.com/en-us/azure/logic-apps/create-managed-service-identity
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-mutual-
certificates-for-clients

QUESTION 13
You are developing a solution that will use a multi-partitioned Azure Cosmos DB database. You
plan to use the latest Azure Cosmos DB SDK for development.

The solution must meet the following requirements:

- Send insert and update operations to an Azure Blob storage account.

- Process changes to all partitions immediately.
- Allow parallelization of change processing.

You need to process the Azure Cosmos DB operations.

What are two possible ways to achieve this goal? Each correct answer presents a complete
solution.

NOTE: Each correct selection is worth one point.

A. Create an Azure App Service API and implement the change feed estimator of the SDK. Scale
the API by using multiple Azure App Service instances.
B. Create a background job in an Azure Kubernetes Service and implement the change feed feature
of the SDK.
C. Create an Azure Function to use a trigger for Azure Cosmos DB. Configure the trigger to connect
to the container.
D. Create an Azure Function that uses a FeedIterator object that processes the change feed by
using the pull model on the container. Use a FeedRange objext to parallelize the processing of
the change feed across multiple functions.

Answer: CD
Explanation:
Azure Functions is the simplest option if you are just getting started using the change feed. Due
to its simplicity, it is also the recommended option for most change feed use cases. When you
create an Azure Functions trigger for Azure Cosmos DB, you select the container to connect, and
the Azure Function gets triggered whenever there is a change in the container. Because Azure
Functions uses the change feed processor behind the scenes, it automatically parallelizes
change processing across your container's partitions.
Note: You can work with change feed using the following options:

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 12
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

- Using change feed with Azure Functions

- Using change feed with change feed processor

Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/read-change-feed#azure-functions
https://docs.microsoft.com/en-us/azure/cosmos-db/change-feed-pull-model#using-feedrange-for-
parallelization

QUESTION 14
You are developing a road tollway tracking application that sends tracking events by using Azure
Event Hubs using premium tier.
Each road must have a throttling policy uniquely assigned.
You need to configure the event hub to allow for per-road throttling.
What should you do?

A. Use a unique consumer group for each road.

B. Ensure each road stores events in a different partition.
C. Ensure each road has a unique connection string.
D. Use a unique application group for each road.

Answer: D
Explanation:
An application group is a collection of client applications that connect to an Event Hubs
namespace sharing a unique identifying condition such as the security context - shared access
policy or Azure Active Directory (Azure AD) application ID.
Azure Event Hubs enables you to define resource access policies such as throttling policies for a
given application group and controls event streaming (publishing or consuming) between client
applications and Event Hubs.

Reference:
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-features.

QUESTION 15
You are building a loyalty program for a major snack producer. When customers buy a snack at
any of 100 participating retailers the event is recorded in Azure Event Hub. Each retailer is given
a unique identifier that is used as the primary identifier for the loyalty program.
Retailers must be able to be added or removed at any time. Retailers must only be able to record
sales for themselves.
You need to ensure that retailers can record sales.
What should you do?

A. Use publisher policies for retailers.

B. Create a partition for each retailer.
C. Define a namespace for each retailer.

Answer: A
Explanation:
Event Hubs enables granular control over event publishers through publisher policies. Publisher
policies are run-time features designed to facilitate large numbers of independent event
publishers. With publisher policies, each publisher uses its own unique identifier when publishing
events to an event hub.
Incorrect:
Not C: An Event Hubs namespace is a management container for event hubs (or topics, in Kafka

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 13
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

parlance). It provides DNS-integrated network endpoints and a range of access control and
network integration management features such as IP filtering, virtual network service endpoint,
and Private Link.

Reference:
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-features

QUESTION 16
Hotspot Question

You deploy an ASP.NET web app to Azure App Service.

You must monitor the web app by using Application Insights.
You need to configure Application Insights to meet the requirements.

Which feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 14
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

Explanation:
Box 1: Smart Detection
Smart detection automatically warns you of potential performance problems and failure anomalies
in your web application. It performs proactive analysis of the telemetry that your app sends to
Application Insights. If there is a sudden rise in failure rates, or abnormal patterns in client or
server performance, you get an alert. This feature needs no configuration. It operates if your
application sends enough telemetry.

Box 2: Snapshot Debugger

When an exception occurs, you can automatically collect a debug snapshot from your live web
application. The snapshot shows the state of source code and variables at the moment the
exception was thrown. The Snapshot Debugger in Azure Application Insights monitors exception
telemetry from your web app. It collects snapshots on your top-throwing exceptions so that you
have the information you need to diagnose issues in production.

Box 3: Profiler
Azure Application Insights Profiler provides performance traces for applications running in
production in Azure. Profiler:
Captures the data automatically at scale without negatively affecting your users.
Helps you identify the “hot” code path spending the most time handling a particular web request.

Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/proactive-diagnostics
https://docs.microsoft.com/en-us/azure/azure-monitor/snapshot-debugger/snapshot-debugger
https://docs.microsoft.com/en-us/azure/azure-monitor/profiler/profiler-overview

QUESTION 17
You develop and deploy a web application to Azure App Service. The application accesses data
stored in an Azure Storage account. The account contains several containers with several blobs
with large amounts of data. You deploy all Azure resources to a single region.

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 15
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

You need to move the Azure Storage account to the new region. You must copy all data to the
new region.

What should you do first?

A. Export the Azure Storage account Azure Resource Manager template

B. Initiate a storage account failover
C. Configure object replication for all blobs
D. Use the AzCopy command line tool
E. Create a new Azure Storage account in the current region
F. Create a new subscription in the current region

Answer: A
Explanation:
To move a storage account, create a copy of your storage account in another region. Then, move
your data to that account by using AzCopy, or another tool of your choice and finally, delete the
resources in the source region.
To get started, export, and then modify a Resource Manager template.

Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-move?tabs=azure-
portal

QUESTION 18
Note: The question is included in a number of questions that depicts the identical set-up.
However, every question has a distinctive result. Establish if the solution satisfies the
requirements.

You are developing a solution for a public facing API.

The API back end is hosted in an Azure App Service instance. You have implemented a RESTful
service for the API back end.

You must configure back-end authentication for the API Management service instance.

Solution: You configure Client cert gateway credentials for the Azure resource.

Does the solution meet the goal?

A. Yes
B. No

Answer: B
Explanation:
Cert client credentials can be defined for HTTP endpoint, not an App Service.
Design Tab -> Backend panel -> HTTP(s) endpoint -> And you have None, Basic and Certificate

Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-authentication-
policies#Basic
https://docs.microsoft.com/en-us/azure/api-management/api-management-authentication-
policies#ClientCertificate

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 16
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-mutual-
certificates#configure-an-api-to-use-client-certificate-for-gateway-authentication

QUESTION 19
Your company’s Azure subscription includes an Azure Log Analytics workspace.

Your company has a hundred on-premises servers that run either Windows Server 2012 R2 or
Windows Server 2016, and is linked to the Azure Log Analytics workspace. The Azure Log
Analytics workspace is set up to gather performance counters associated with security from these
linked servers.

You must configure alerts based on the information gathered by the Azure Log Analytics
workspace.

You have to make sure that alert rules allow for dimensions, and that alert creation time should
be kept to a minimum. Furthermore, a single alert notification must be created when the alert is
created and when the alert is resolved.

You need to make use of the necessary signal type when creating the alert rules.

Which of the following is the option you should use?

A. The Activity log signal type.

B. The Application Log signal type.
C. The Metric signal type.
D. The Audit Log signal type.

Answer: C
Explanation:
Metric alerts in Azure Monitor provide a way to get notified when one of your metrics cross a
threshold. Metric alerts work on a range of multi-dimensional platform metrics, custom metrics,
Application Insights standard and custom metrics.
Note: Signals are emitted by the target resource and can be of several types. Metric, Activity log,
Application Insights, and Log.

Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric

QUESTION 20
You develop a Web App on a tier D1 app service plan.

You notice that page load times increase during periods of peak traffic.

You want to implement automatic scaling when CPU load is above 80 percent. Your solution
must minimize costs.

What should you do first?

A. Enable autoscaling on the Web App.

B. Switch to the Premium App Service tier plan.
C. Switch to the Standard App Service tier plan.
D. Switch to the Azure App Services consumption plan.

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 17
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

Answer: C
Explanation:
Configure the web app to the Standard App Service Tier. The Standard tier supports auto-scaling,
and we should minimize the cost. We can then enable autoscaling on the web app, add a scale
rule and add a Scale condition.

Reference:
https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-autoscale-get-
started
https://azure.microsoft.com/en-us/pricing/details/app-service/plans/

QUESTION 21
You manage an Azure SQL database that allows for Azure AD authentication.

You need to make sure that database developers can connect to the SQL database via Microsoft
SQL Server Management Studio (SSMS). You also need to make sure the developers use their
on-premises Active Directory account for authentication. Your strategy should allow for
authentication prompts to be kept to a minimum.

Which of the following should you implement?

A. Azure AD token.
B. Azure Multi-Factor authentication.
C. Active Directory integrated authentication.
D. OATH software tokens.

Answer: C
Explanation:
Azure AD can be the initial Azure AD managed domain. Azure AD can also be an on-premises
Active Directory Domain Services that is federated with the Azure AD.

Using an Azure AD identity to connect using SSMS or SSDT

The following procedures show you how to connect to a SQL database with an Azure AD identity
using SQL Server Management Studio or SQL Server Database Tools.

Active Directory integrated authentication

Use this method if you are logged in to Windows using your Azure Active Directory credentials
from a federated domain.

1. Start Management Studio or Data Tools and in the Connect to Server (or Connect to Database
Engine) dialog box, in the Authentication box, select Active Directory - Integrated. No password is
needed or can be entered because your existing credentials will be presented for the connection.
2. Select the Options button, and on the Connection Properties page, in the Connect to database
box, type the name of the user database you want to connect to. (The AD domain name or tenant
ID” option is only supported for Universal with MFA connection options, otherwise it is greyed
out.)

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 18
http://www.passleader.com
 ★ Instant Download ★ PDF And VCE ★ 100% Passing Guarantee ★ 100% Money Back Guarantee

Thank You for Trying Our Product

Passleader Certification Exam Features:

★ More than 99,900 Satisfied Customers Worldwide.

★ Average 99.9% Success Rate.

★ Free Update to match latest and real exam scenarios.

★ Instant Download Access! No Setup required.

★ Questions & Answers are downloadable in PDF format and

VCE test engine format.

★ Multi-Platform capabilities - Windows, Laptop, Mac, Android, iPhone, iPod, iPad.

★ 100% Guaranteed Success or 100% Money Back Guarantee.

★ Fast, helpful support 24x7.

View list of all certification exams: http://www.passleader.com/all-products.html

10% Discount Coupon Code: ASTR14

Get Latest & Actual AZ-204 Exam's Question and Answers from Passleader. 19
http://www.passleader.com