###BeginCaseStudy###
Case Study: 1
VanArsdel, Ltd
Overview
VanArsdel, Ltd. builds skyscrapers, subways, and bridges. VanArsdel is a leader in using
technology to do construction better.
Overview
VanArsdel employees are able to use their own mobile devices for work activities because
the company recognizes that this usage enables employee productivity. Employees also
access Software as a Service (SaaS) applications, including DocuSign, Dropbox, and Citrix.
The company continues to evaluate and adopt more SaaS applications for its business.
VanArsdel uses Azure Active Directory (AD) to authenticate its employees, as well as MultiFactor Authentication (MFA). Management enjoys the ease with which MFA can be enabled
and disabled for employees who use cloud-based services. VanArsdel’s on-premises directory
contains a single forest.
Helpdesk:
VanArsdel creates a helpdesk group to assist its employees. The company sends email
messages to all its employees about the helpdesk group and how to contact it. Configuring
employee access for SaaS applications is often a time-consuming task. It is not always
obvious to the helpdesk group which users should be given access to which SaaS
applications. The helpdesk group must respond to many phone calls and email messages to
solve this problem, which takes up valuable time. The helpdesk group is unable to meet the
needs of VanArsdel’s employees.
However, many employees do not work with the helpdesk group to solve their access
problems. Instead, these employees contact their co-workers or managers to find someone
who can help them. Also, new employees are not always told to contact the helpdesk group
for access problems. Some employees report that they cannot see all the applications in the
Access Panel that they have access to. Some employees report that they must re-enter their
passwords when they access cloud applications, even though they have already authenticated.
Bring your own device (BYOD):
VanArsdel wants to continue to support users and their mobile and personal devices, but the
company is concerned about how to protect corporate assets that are stored on these devices.
The company does not have a strategy to ensure that its data is removed from the devices
when employees leave the company.
Customer Support
VanArsdel wants a mobile app for customer profile registration and feedback. The company
would like to keep track of all its previous, current, and future customers worldwide. A
profile system using third-party authentication is required as well as feedback and support
sections for the mobile app.
Migration:
VanArsdel plans to migrate several virtual machine (VM) workloads into Azure. They also
plan to extend their on-premises Active Directory into Azure for mobile app authentication.
Business Requirements
Hybrid Solution:• A single account and credentials for both on-premises and cloud
applications
• Certain applications that are hosted both in Azure and on-site must be
accessible to both VanArsdel employees and partners
• The service level agreement (SLA) for the solution requires an uptime
of 99.9%
• The partners all use Hotmail.com email addresses
Mobile App:
VanArsdel requires a mobile app for project managers on construction job sites. The mobile
app has the following requirements:
• The app must display partner information.
• The app must alert project managers when changes to the partner
information occur.
• The app must display project information including an image gallery to
view pictures of construction projects.
• Project managers must be able to access the information remotely and
securely.
Security:
• VanArsdel must control access to its resources to ensure sensitive
services and information are accessible only by authorized users and/or
managed devices.
• Employees must be able to securely share data, based on corporate
policies, with other VanArsdel employees and with partners who are located
on construction job sites.
• VanArsdel management does NOT want to create and manage user
accounts for partners.
Technical Requirements
Architecture:
• VanArsdel requires a non-centralized stateless architecture fonts data
and services where application, data, and computing power are at the logical
extremes of the network.
• VanArsdel requires separation of CPU storage and SQL services
Data Storage:
VanArsdel needs a solution to reduce the number of operations on the contractor information
table. Currently, data transfer rates are excessive, and queue length for read/write operations
affects performance.
• A mobile service that is used to access contractor information must
have automatically scalable, structured storage
• Images must be stored in an automatically scalable, unstructured form.
Mobile Apps:
• VanArsdel mobile app must authenticate employees to the company’s
Active Directory.
• Event-triggered alerts must be pushed to mobile apps by using a
custom Node.js script.• The customer support app should use an identity provider that is
configured by using the Access Control Service for current profile registration
and authentication.
• The customer support team will adopt future identity providers that are
configured through Access Control Service.
Security:
• Active Directory Federated Server (AD FS) will be used to extend AD
into Azure.
• Helpdesk administrators must have access to only the groups of Azure
resources they are responsible for. Azure administration will be performed by
a separate group.
• IT administrative overhead must be minimized.
• Permissions must be assigned by using Role Based Access Control
(RBAC).
• Line of business applications must be accessed securely.
###EndCaseStudy###
You need to assign permissions for the Virtual Machine workloads that you migrate to Azure.
The solution must use the principal of least privileges.
What should you do?
A.
Create all VMs in the cloud service named Groupl and then connect to the Azure subscription. Run
the following Windows PowerShell command:
New-AzureRoleAssignment -Mail [email protected] -RoleDefinitionName Contributor –
ResourceGroupName group1
B.
In the Azure portal, select an individual virtual machine and add an owner.
C.
In the Azure portal, assign read permission to the user at the subscription level.
D.
Create each VM in a separate cloud service and then connect to the Azure subscription. Run the
following Windows PowerShell command:
Get-AzureVM | New-AzureRoleAssignment -Mail [email protected] -RoleDefinitionName
Contributor
Explanation:
* Scenario: Permissions must be assigned by using Role Based Access Control (RBAC).
* Role-Based access control (RBAC) in the Azure Portal and Azure Resource Management API allows
you to manage access to your subscription at a fine-grained level. With this feature, you can grant
access for Active Directory users, groups, or service principals by assigning some roles to them at a
particular scope.
Create a role assignment
Use New-AzureRoleAssignment to create a role assignment.
Example: This will create a role assignment for a group at a resource group level.
PS C:\\> New-AzureRoleAssignment -ObjectID <group object ID> -RoleDefinitionName Reader –
ResourceGroupName group1Managing Role-Based Access Control with Windows PowerShell
https://azure.microsoft.com/en-gb/documentation/articles/role-based-access-control-powershell/
Passed 70-534 test few days ago! Scored 900/1000!!
Got 40 questions, including 24 MCQs and 3 Case Studies (total 16Qs).
Part of the Case Studies FYI:
1. Implement Media Solution
2. Implement Data, Mining Using HPC & Azure Batch
3. CDN & Batch & Networking Related & Azure Service Bus
Preparing for and 100% passing 70-534 Exam Tips (FYI):
1. The 70-534 exam is very difficult, which requires intensive study, books, videos, practice tests and other study materials.
2. The 70-534 exam covers all points described in the official study guide. There is at least one question from each chapter, so, you should learn as much as you can.
3. Azure experience is necessary.
4. Around half of the questions are currently focused on services in the Classic portal and mostly PaaS.
5. Mobile Apps, WebApps, AAD, SQL, ServiceBus and Scaling are the hottest points, you should know them deeply.
6. Experience with Powershell and understand how some creation and deployment flows work will help a lot for your passing.
7. From Nov/2016: the 70-534 exam is being updated to include NEW Objectives covering newer features and services in Microsoft Azure, like Azure Resource Manager (ARM) and others.
For the most valid 70-534 dumps, I recommend you to try it here (for I used it):
http://www.passleader.com/70-534.html
(166q VCE and PDF dumps)
All new questions are available in it, and wrong answers have been corrected.
And, you can preview part of that 166q 70-534 dumps here:
https://doc.co/2hKuTM
Good Luck!
The questions in the dumps you mentioned are also not included in the exams question set too.
Do you have anything for 70-533?
Exam questions are changed already. only 3 or 4 questions included from this question sets.
[Update]
New 70-534 Exam Questions and Answers Updated Recently (27/Dec/2016):
NEW QUESTION 143
You have an on-premises data center and an Azure subscription. The Azure subscription has services that are hosted in the East US region. You have servers that run Windows Server 2012 R2. The servers are located on-premises and in both Azure regions. You plan to deploy Microsoft System Center 2012 R2 Data Protection Manager (DPM) to protect all of the servers. The DPM deployment has the following requirements:
– Centralize the management of all backups
– Minimize the costs associated with bandwidth usage
– Protect Microsoft SharePoint and Microsoft SQL Server workloads for up to nine years
You need to recommend which components must be configured to support the planned deployment. What should you include in the recommendation? To answer, select the appropriate options in the answer area.
ANSWER AREA
Number of DPM servers: 0-3
Number of Azure backup vaults: 0-2
Answer:
Number of DPM servers: 1
Number of Azure backup vaults: 2
……
NEW QUESTION 145
You work for a company named Contoso, Ltd. The network contains an on premises Active Directory domain that has Active Directory Federation Services (AD FS). Contoso uses an internally developed claims … App1. You implement directory synchronization with Azure Active Directory (Azure AD). You need to recommend which configuration should be performed to… Single-Sign-On to App1 to…authenticated by Azure AD. Which two configuration should you include in the recommendation?
A. Azure AD as claims provided trust
B. App1 as a claims provide
C. Azure AD as relying party trust
D. App1 as relying party trust
Answer: BC
……
NEW QUESTION 149
You need to encrypt a media file. Which type of encryption should you use?
A. Secure token service
B. PlayReady
C. Storage
D. Envelope
Answer: B
……
NEW QUESTION 163
You have an Azure subscription named Subscription1. You create several Azure VMs in Subscription1. All of the VMs belong to the same virtual network. You have an on-premises Hyper-V server named Server1. Server1 hosts a virtual machine named VM1. You plan to replicate VM1 to Azure. You need to create additional objects in Subscription1 to support the planned deployment. Which three objects should you create? Each correct answer presents part of the solution.
A. An Azure Site Recovery vault
B. An endpoint
C. A protection group
D. A Hyper-V site
E. A storage account
F. A Traffic Manager
Answer: ADE
Explanation:
docs.microsoft.com/en-us/azure/site-recovery/site-recovery-hyper-v-site-to-azure
……
NEW QUESTION 168
You develop an ASP.NET Web API that is hosted as an Azure Web API. The API uses a WebJob to process information. The WebJob has a very long start up time. You configure the WebJob to run continuously. You observe that the WebJob is not running and processing information as expected. You need to ensure the WebJob runs continuously. What should you do?
A. Update the API to self-host by using the Open Web interface for .NET (OWIN).
Migrate the API to Azure Service Fabric.
B. Enable the Always On configuration setting for the Web App.
C. Include a settings. Job JSON file at the root of the WebJob zip file and include a valid CRON expression.
D. Schedule the WebJob by using the Azure Scheduler.
Answer: B
Explanation:
samulihaverinen.com/web-development/dotnet/2016/02/24/guide-to-azure-webjobs/
NEW QUESTION 169
You are the administrator for a company that has an Azure Premium Storage account. You receive a .vhdx from the development team. You plan to create one unique Azure virtual machine (VM) from the file. You plan to run the VM as a domain controller. You need to upload the -vhdx file to Azure. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list actions to the answer area and arrange them in the correct order.
– Register the .vhdx file as an Azure OS disk
– Run the following Azure PowerShell cmdlet: Convert-VHD
– Create a new DS series Azure VM instance
– Upload the file to an Azure Storage account
– Register the .vhdx file as an Azure VM image
– Run Sysprep
Answer:
Run the following Azure PowerShell cmdlet: Convert-VHD
Upload the file to an Azure Storage account
……
NEW QUESTION 171
You are designing an Azure application that provides online backup storage for hundrers of media files. Each file is larger than 1 GB. The data storage solution has the following requirements:
– Be capable of storing an average of 2 terabytes (TB) of data for each user
– Support sharing of data between all Microsoft Azure instances
– Provide random read/write access
You need to recommend a durable date storage solution. What should you recommend?
A. Azure Page Blob
B. Azure Block Blob
C. Local storage on the VM
D. Store data in the VHD file
Answer: A
NEW QUESTION 172
Your company has an Azure subscription. The company plans to implement an Azure Web App nameb WebApp1. You need to recommend a solution to optimize the compute resources consumed by the Web App. The solution must minimize costs and provide a separation of resources. Which service plan should you recommend?
A. Basic
B. Free
C. Premium
D. Shared
E. Standard
Answer: E
……
NEW QUESTION 174
You develop a new Azure Web App that uses multiple azure Blobs and static content. The Web App uses a large number of JavaScript files and cascading style sheets. Some old theses files contain references of the other files. Users are geographically dispersed. You need to minimize the time to load individual pages. What should you do?
A. Create a services layer by using and Azure-hosted ASP.NET web API.
B. Migrate the Web App to Azure Services Fabric.
C. Enable the Always On feature of the Web App.
D. Use an Azure Content Delivery Network (CDN).
E. Implement an Azure Redis Cache.
Answer: D
……
NEW QUESTION 177
You manage a cloud service that has one Web Role instance, and several Worker Role instances. The cloud services has multiple tiers. Different groups develop and maintain each tier. You need to ensure that the cloud service remains highly available and responsive when the worker roles are performing extensive work. What should you do?
A. Create an availability set with two or more virtual machines.
B. Create an availability set for each tier of the application.
C. Create a resource group.
D. Implement auto-scaling for the Worker Roles.
Answer: D
……
NEW QUESTION 180
You need to support the disaster recovery requirements of the web application and API. Which two actions should you perform? Each correct answer presents part of the solution.
A. Configure automated backups of the API and web application.
B. Create a new Azure SQL Data Warehouse and connect it to the web application and API.
C. Deploy the API and web application to multiple locations.
D. Enable Application Insights for the web application and API.
E. Create an Azure Redis Cache for the web application and API.
Answer: AC
NEW QUESTION 181
……
P.S. These New 70-534 Exam Questions Were Just Updated From The Real 70-534 Exam, You Can Get The Newest 70-534 Dumps In PDF And VCE From — http://www.passleader.com/70-534.html (190q VCE and PDF)
Good Luck! Merry X’mas!! Happy New Year!!!
BTW, that new 190Q 70-534 Dumps are Available HERE for Free:
https://doc.co/2hKuTM
Best Regards!
Hi All,
Can anyone share the full question & answer. I am preparing for the exam next week.
Did you found the full set?
ATTENTION PLEASE
New 70-534 Exam Questions Updated Recently (20/Feb/2017):
NEW QUESTION 193
You need to generate the report for the WGBLeaseLeader app. Which Azure service should you use?
A. Azure Scheduler
B. Azure Data Lake Store
C. Azure Storage Queue
D. Azure Stream Analytics
Answer: A
NEW QUESTION 194
Drag and Drop Question
You need to configure Azure Security Center to assist the CSIRT team. Which services should you implement? To answer, drag the appropriate Azure Security Center services to the correct key security areas. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Image URL: examgod.com/plimages/ac5dd0ff4c58_B151/passleader-70-534-dumps-1941.png
Answer:
Image URL: examgod.com/plimages/ac5dd0ff4c58_B151/passleader-70-534-dumps-1942.png
NEW QUESTION 195
You need to support loan processing for the WGBLoanMaster app. Which technology should you use?
A. Azure Storage Queues
B. Azure Service Fabric
C. Azure Service Bus Queues
D. Azure Event Hubs
Answer: D
NEW QUESTION 196
You need to implement the loan aggregation process for the WGBLoanMaster app. Which technology should you use?
A. Azure virtual machine
B. Azure Cloud Service worker role
C. Azure Batch
D. Azure WebJob
Answer: C
NEW QUESTION 197
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You are designing the deployment of resources in Azure. You plan to use templates to customize deployment options. You need to ensure that Azure services are deployed and updated identically. Solution: You customize the $schema element of the template. Does the solution meet the goal?
A. Yes
B. No
Answer: A
NEW QUESTION 198
You are designing a web app deployment in Azure. You need to ensure that inbound requests to the web app are routed based on the endpoint that has the lowest latency. What should you use?
A. Azure health probes
B. Azure Fabric Controller
C. Azure Load Balancer
D. Azure Traffic Manager
Answer: D
NEW QUESTION 199
……
NEW QUESTION 200
You are designing the deployment of virtual machines (VMs) and web services that run in Azure. You need to specify the desired state of a node and ensure that the node remains at that state. What should you use?
A. Microsoft Azure Pack
B. Service Management Automation
C. System Center 2016 Orchestrator
D. Azure Automation
Answer: A
NEW QUESTION 201
You need to recommend an authentication solution for the DistributionTracking application. What should you include in the recommendation?
A. a certificate
B. a Graph API endpoint
C. a security principal in Azure Active Directory
D. a managed service account in Azure Active Directory
Answer: C
NEW QUESTION 202
Note: This question is part of a series of questions that present the same sc Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You are designing a storage solution to support on-premises resources and Azure-hosted resources. You need to provide on-premises storage that has built-in replication to Azure. Solution: You include Azure File Storage in the design. Does this solution meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 203
……
By the way, those new 70-534 exam questions were just updated from the actual 70-534 test, you can get the newest 70-534 dumps with PDF and VCE from — http://www.passleader.com/70-534.html (231q VCE and PDF)
Good Luck!
Besides, that new 231Q 70-534 Dumps Collection are Available here for Free:
https://drive.google.com/open?id=0B-ob6L_QjGLpUUNnSVA5SFdpZ2c
Best Regards!
Cleared the 70-534 test few days ago by training the VALID PassLeader 70-534 dumps!
Got 65 questions! First Woodgrove Bank Case Study with 7-8 questions, the last Case Study was Fourth Coffee with 4 questions. (Around 5 Case Studies in total!)
There were about 3 questions about: which category of VM you recommend.
BTW, got new questions on Azure B2B & B2C and Security Center.
I learned all questions from PassLeader 70-534 dumps, which is the most valid for 100% passing now!
Here you can get part of PassLeader 70-534 dumps for free:
https://drive.google.com/open?id=0B-ob6L_QjGLpUUNnSVA5SFdpZ2c
Best Regards!!!
Got anything for 70-533?