###BeginCaseStudy###
Testlet 1
Background
Overview
Trey Research conducts agricultural research and sells the results to the agriculture and food industries. The
company uses a combination of on-premises and third-party server clusters to meet its storage needs. Trey
Research has seasonal demands on its services, with up to 50 percent drops in data capacity and bandwidth
demand during low-demand periods. They plan to host their websites in an agile, cloud environment where the
company can deploy and remove its websites based on its business requirements rather than the requirements
of the hosting company.
A recent fire near the datacenter that Trey Research uses raises the management team’s awareness of the
vulnerability of hosting all of the company’s websites and data at any single location. The management team is
concerned about protecting its data from loss as a result of a disaster.
Websites
Trey Research has a portfolio of 300 websites and associated background processes that are currently hosted
in a third-party datacenter. All of the websites are written in ASP.NET, and the background processes use
Windows Services. The hosting environment costs Trey Research approximately S25 million in hosting and
maintenance fees.
Infrastructure
Trey Research also has on-premises servers that run VMs to support line-of-business applications. The
company wants to migrate the line-of-business applications to the cloud, one application at a time. The
company is migrating most of its production VMs from an aging VMWare ESXi farm to a Hyper-V cluster that
runs on Windows Server 2012.
Applications
DistributionTracking
Trey Research has a web application named Distributiontracking. This application constantly collects realtime
data that tracks worldwide distribution points to customer retail sites. This data is available to customers at all
times.
The company wants to ensure that the distribution tracking data is stored at a location that is geographically
close to the customers who will be using the information. The system must continue running in the event of VM
failures without corrupting data. The system is processor intensive and should be run in a multithreading
environment.
HRApp
The company has a human resources (HR) application named HRApp that stores data in an on-premises SQL
Server database. The database must have at least two copies, but data to support backups and business
continuity must stay in Trey Research locations only. The data must remain on-premises and cannot be stored
in the cloud.
HRApp was written by a third party, and the code cannot be modified. The human resources data is used by all
business offices, and each office requires access to the entire database. Users report that HRApp takes all
night to generate the required payroll reports, and they would like to reduce this time.
MetricsTracking
Trey Research has an application named MetricsTracking that is used to track analytics for the
DistributionTracking web application. The data MetricsTracking collects is not customer-facing. Data is stored
on an on-premises SQL Server database, but this data should be moved to the cloud. Employees at other
locations access this data by using a remote desktop connection to connect to the application, but latency
issues degrade the functionality.
Trey Research wants a solution that allows remote employees to access metrics data without using a remote
desktop connection. MetricsTracking was written in-house, and the development team is available to make
modifications to the application if necessary. However, the company wants to continue to use SQL Server for
MetricsTracking.
Business RequirementsBusiness Continuity
You have the following requirements:
Move all customer-facing data to the cloud.
Web servers should be backed up to geographically separate locations,
If one website becomes unavailable, customers should automatically be routed to websites that are still
operational.
Data must be available regardless of the operational status of any particular website.
The HRApp system must remain on-premises and must be backed up.
The MetricsTracking data must be replicated so that it is locally available to all Trey Research offices.
Auditing and Security
You have the following requirements:
Both internal and external consumers should be able to access research results.
Internal users should be able to access data by using their existing company credentials without requiring
multiple logins.
Consumers should be able to access the service by using their Microsoft credentials.
Applications written to access the data must be authenticated.
Access and activity must be monitored and audited.
Ensure the security and integrity of the data collected from the worldwide distribution points for the
distribution tracking application.
Storage and Processing
You have the following requirements:
Provide real-time analysis of distribution tracking data by geographic location.
Collect and store large datasets in real-time data for customer use.
Locate the distribution tracking data as close to the central office as possible to improve bandwidth.
Co-locate the distribution tracking data as close to the customer as possible based on the customer’s
location.
Distribution tracking data must be stored in the JSON format and indexed by metadata that is stored in a
SQL Server database.
Data in the cloud must be stored in geographically separate locations, but kept with the same political
boundaries.
Technical Requirements
Migration
You have the following requirements:
Deploy all websites to Azure.
Replace on-premises and third-party physical server clusters with cloud-based solutions.
Optimize the speed for retrieving exiting JSON objects that contain the distribution tracking data.
Recommend strategies for partitioning data for load balancing.
Auditing and Security
You have the following requirements:
Use Active Directory for internal and external authentication.
Use OAuth for application authentication.
Business Continuity
You have the following requirements:
Data must be backed up to separate geographic locations.
Web servers must run concurrent versions of all websites in distinct geographic locations.
Use Azure to back up the on-premises MetricsTracking data.
Use Azure virtual machines as a recovery platform for MetricsTracking and HRApp.
Ensure that there is at least one additional on-premises recovery environment for the HRApp.
###EndCaseStudy###
DRAG DROP
You need to ensure that customer data is secured both in transit and at rest.Which technologies should you recommend? To answer, drag the appropriate technology to the correct security
requirement. Each technology may be used once, more than once, or not at all. You may need to drag the split
bar between panes or scroll to view content.
Select and Place:
Explanation:
* Azure Rights Management service
Azure Rights Management service uses encryption, identity, and authorization policies to help secure your files
and email, and it works across multiple devices—phones, tablets, and PCs. Information can be protected both
within your organization and outside your organization because that protection remains with the data, even
when it leaves your organization’s boundaries.
* Transparent Data Encryption
Transparent Data Encryption (often abbreviated to TDE) is a technology employed by both Microsoft and
Oracle to encrypt database files. TDE offers encryption at file level. TDE solves the problem of protecting dataat rest, encrypting databases both on the hard drive and consequently on backup media.
* TLS/SSL
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols
designed to provide communications security over a computer network. They use X.509 certificates and hence
asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to negotiate
a symmetric key.
https://technet.microsoft.com/en-us/library/jj585004.aspx
http://en.wikipedia.org/wiki/Transparent_Data_Encryption
http://en.wikipedia.org/wiki/Transport_Layer_Security


The answer is wrong.
a) SSL/TLS or Azure RMS if we consider encrypt at REST.
b) Import/Export
c) TDE
correct
I agree
a) SSL/TLS
b) Import/Export
c) Service Bus (Key exchanges between servers)
I suppose arguably (c) could be SSL/TLS as well as (a). I can’t find anything about Service Bus managing key exchanges as Jour suggested? It’s definitely not TDE as this is SQL encryption at rest.
For example, just for Azure DB – https://docs.microsoft.com/en-us/azure/security/azure-database-security-overview – “All connections to Azure SQL Database require encryption (SSL/TLS) at all times while data is “in transit” to and from the database. SQL Azure uses TLS/SSL to authenticate servers and clients and then use it to encrypt messages between the authenticated parties.”
My answer
Azure RMS
Import / export
Tls/SSL
New 70-535 Exam Questions and Answers (2/Jan/2018 Updated):
NEW QUESTION 231
You create an Ubuntu Linux virtual machine (VM) by using the Azure Portal. You do not specify a password when you create the VM. You need to connect to the terminal of the VM.
Solution: You connect to the public IP address of the VM by using Secure Shell (SSH) and specify your private key.
Does the solution meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 232
You create an Ubuntu Linux virtual machine (VM) by using the Azure Portal. You do not specify a password when you create the VM. You need to connect to the terminal of the VM.
Solution: You use the Connect button on the Overview blade for the VM.
Does the solution meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 233
You use Azure Resource Manager (ARM) templates to deploy resources. You need to ensure that storage resources defined in templates cannot be deleted.
Solution: You define the following JSON in the temp:
“resource”: [
{
“name”: “[concat(parameters(‘lockedResource’), ‘/Microsoft.Authorization/myLock’)]”,
“type”: “Microsoft.Authorzation/locks”,
“apiVersion”: “2015-01-01”,
“properties”: {
“level”: “ReadOnly”
}
}
]
Does the solution meet the goal?
A. Yes
B. No
Answer: A
NEW QUESTION 234
Note: This question is part of a series of questions that present the same scenario. Each questions in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You create an Ubuntu Linux virtual machine (VM) by using the Azure Portal. You do not specify a password when you create the VM. You need to connect to the terminal of the VM.
Solution: You connect to the public IP address of the VM by using Secure Shell (SSH) and specify your public key.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
NEW QUESTION 235
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage an Azure SQL Database. The database has weekly backups that are stored in an Azure Recovery Services vault. You create an Azure Recovery Services vault and download the backup agent installation file. You need to complete the installation of the backup agent. What should you do first?
A. Configure network throttling.
B. Set the storage replication option.
C. Download the vault credentials file.
D. Select the data to back up.
Answer: C
NEW QUESTION 236
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage an Azure SQL Database. The database has weekly backups that are stored in an Azure Recovery Services vault. A company deploys Microsoft SQL Server on an Azure Standard_DS3 virtual machine (VM). You need to modify the disk caching policy. Which Azure PowerShell cmdlet should you run?
A. Set-AzureRmVmOperatingSystem
B. Set-AzureRmVmDataDisk
C. Update-Disk
D. Update-AzureDisk
Answer: B
NEW QUESTION 237
A company uses Azure to host virtual machines (VMS) and web apps. You have an app service named App1 that uses the Basic app service tier. You need to ensure that diagnostic data for App1 is permanently stored.
Solution: You specify a storage account in the Diagnostics.xml file.
Does the solution meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 238
You specify the storage account that you want to use in the ServiceConfiguration.cscfg. You use Azure to virtual machines (VMS) and web apps. You have an app service named App1 that uses the Basic app service tier. You need to ensure that diagnostic data for App1 is permanently stored.
Solution: You scale the app service to the Standard tier.
Does the solution meet the goal?
A. Yes
B. No
Answer: ……
P.S. These New 70-535 Exam Questions Were Just Updated From The Real 70-535 Exam, You Can Get The Newest 70-535 Dumps In PDF And VCE From — https://www.passleader.com/70-535.html (243q VCE and PDF)
Good Luck!
By the way, part of the new 243Q 70-535 dumps are available here:
https://drive.google.com/open?id=1Tqc3nKkqLq3RuEdZ4qV-ddYyN5SwbSNB
Best Regards!