Press "Enter" to skip to content

Top Microsoft 70-535 software Choices

We provide real 70-535 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Microsoft 70-535 Exam quickly & easily. The 70-535 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Microsoft 70-535 dumps pdf and vce product and material, you can easily pass the 70-535 exam.


Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 70-535 Exam Dumps (PDF & VCE):
Available on:

P.S. Breathing 70-535 preparation exams are available on Google Drive, GET MORE:

New Microsoft 70-535 Exam Dumps Collection (Question 4 – Question 13)

Question No: 4

Your company has recently signed up for Azure. You plan to register a Data Protection Manager (DPM) server with the Azure Backup service. You need to recommend a method for registering the DPM server with the Azure Backup vault.

What are two possible ways to achieve this goal? Each correct answer presents a complete solution.

A. Import a self-signed certificate created using the makecert tool.

B. Import a self-signed certificate created using the createcert tool.

C. Import an X.509 v3 certificate with valid clientauthentication EKU.

D. Import an X.509 v3 certificate with valid serverauthentication EKU.

Answer: A,C


The certificate used for the backup vault in Azure must fulfill the following prerequisites: References:

Question No: 5

You develop a set of Power Shell scripts that will run when you deploy new virtual machines (VMs). You need to ensure that the scripts are executed on new VMs.

You want to achieve this goal by using the least amount of administrative effort. What should you do?

A. Create a new GPO to execute the scripts as a logon script.

B. Create a SetupComplete.cmd batch file to call the scripts after the VM starts.

C. Create a new virtual hard disk (VHD) that contains the scripts.

D. Load the scripts to a common file share accessible by the VMs.

E. Set the VMs to execute a custom script extension.

Answer: E


Custom Script Extension can automatically download scripts and files from Azure Storage and launch a PowerShell script on the VM which in turn can install additional software components. And just like with any other VM Extension, this can be added during VM creation or after the VM has been running.


Question No: 6

You manage a software-as-a-service application named SaasApp1 that provides user management features in a multi-directory environment. You plan to offer SaasApp1 to other organizations that use Azure Active Directory.

You need to ensure that SaasApp1 can access directory objects. What should you do?

A. Configure the Federation Metadata URL

B. Register SaasApp1 as a native client application

C. Register SaasApp1 as a web application

D. Configure the Graph API

Answer: D


The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects.


Question No: 7

You are developing a web application that connects to an existing virtual network. The web application needs to access a database that runs on a virtual machine.

In the Azure portal, you use the virtual network integration user interface to select from a list of virtual networks. The virtual network that the web application needs to connect to is not selectable.

You need to update the existing virtual network so you can connect to it. What should you do?

A. Enable ExpressRoute.

B. Enable site-to-site VPN.

C. Enable point-to-site VPN with a dynamic routing gateway.

D. Enable point-to-site VPN with a static routing gateway.

Answer: B

Question No: 8

You need to recommend a solution that allows partners to authenticate. Which solution should you recommend?

A. Configure the federation provider to trust social identity providers.

B. Configure the federation provider to use the Azure Access Control service.

C. Create a new directory in Azure Active Directory and create a user account for the partner.

D. Create an account on the VanArsdel domain for the partner and send an email message that contains the password to the partner.

Answer: B


* Scenario: The partners all use email addresses.

* In Microsoft Azure Active Directory Access Control (also known as Access Control Service or ACS), an identity provider is a service that authenticates user or client identities and issues security tokens that ACS consumes.

The ACS Management Portal provides built-in support for configuring Windows Live ID as an ACS Identity Provider.


Not C, not D: Scenario: VanArsdel management does NOT want to create and manage user accounts for partners.

Question No: 9

You are designing a Windows Azure application that will use a worker role. The worker role

will create temporary files. You need to recommend an approach for creating the temporary files that minimizes storage transactions.

What should you recommend?

A. Create the files on a Windows Azure Drive.

B. Create the files in Windows Azure local storage.

C. Create the files in Windows Azure Storage page blobs.

D. Create the files in Windows Azure Storage block blobs.

Answer: B


A local storage resource is a reserved directory in the file system of the virtual machine in which an instance of a role is running. Code running in the instance can write to the local storage resource when it needs to write to or read from to a file. For example, a local storage resource can be used to cache data that may need to be accessed again while the service is running in Windows Azure.

References: cloud-service

Question No: 10

You are designing the deployment of virtual machines (VMs) and web services that run in Azure.

You need to specify the desired state of a node and ensure that the node remains at that state.

What should you use?

A. Microsoft Azure Pack

B. Service Management Automation

C. System Center 2016 Orchestrator

D. Azure Automation

Answer: D

Question No: 11

You need to configure the distribution tracking application. What should you do?

A. Map each role to a single upgrade domain to optimize resource utilization.

B. Design all services as stateless services.

C. Configure operations to queue when a role reaches its capacity.

D. Configure multiple worker roles to run on each virtual machine.

Answer: D


* Scenario: distribution tracking application

The system is processor intensive and should be run in a multithreading environment.


Question No: 12

You administer an Azure Storage account named contoso storage. The account has queue containers with logging enabled. You need to view all log files generated during the month of July 2014. Which URL should you use to access the list?

A.$logs?restype=container&comp=list&prefix= queue/2014/07

B.$files?restype=container&comp=list&prefix= queue/2014/07

C.$files?restype=container&comp=list&prefix=bl ob/2014/07

D.$logs?restype=container&comp=list&prefix=bl ob/2014/07

Answer: D


All logs are stored in block blobs, not queues, in a container named $logs, not $files, which is automatically created when Storage Analytics is enabled for a storage account. The

$logs container is located in the blob namespace of the storage account, for example: http://<accountname>$logs.

References: Analytics-Logging?redirectedfrom=MSDN

Question No: 13

Your company is launching a public website that allows users to stream videos. You upload multiple video files to an Azure storage container.

You need to give anonymous users read access to all of the video files in the storage container. What should you do?

A. Edit each blob's metadata and set the access policy to Public Blob.

B. Edit the container metadata and set the access policy to Public Container.

C. Move the files into a container sub-directory and set the directory access level to Public Blob.

D. Edit the container metadata and set the access policy to Public Blob.

Answer: D


You can enable anonymous, public read access to a container and its blobs in Azure Blob storage. By doing so, you can grant read-only access to these resources without sharing your account key, and without requiring a shared access signature (SAS).

To set permissions to public read access for blobs only, set the PublicAccess property to


References: resources

P.S. Easily pass 70-535 Exam with Certifytools Breathing Dumps & pdf vce, Try Free: ( New Questions)