Want to Pass 70-535 Exam In Next HOURS? Download Now →
September 25, 2018

[Precise] 70-535 Microsoft testing engine 4-13 (Sep 2018)

Free Instant Download NEW 70-535 Exam Dumps (PDF & VCE):
Available on: https://www.certshared.com/exam/70-535/

P.S. Guaranteed 70-535 tutorials are available on Google Drive, GET MORE: https://drive.google.com/open?id=11IrtCXVV494R2dF_paASZSmu6w0iNVkq

New Microsoft 70-535 Exam Dumps Collection (Question 4 - Question 13)

Q4. Contoso, Ltd., uses Azure websites for public-facing customer websites. The company has a mobile app that requires customers sign in by using a Contoso customer account.

Customers must be able to sign on to the websites and mobile app by using a Microsoft, Facebook, or Google account. All transactions must be secured in-transit regardless of device.

You need to configure the websites and mobile app to work with external identity providers. Which three actions should you perform? Each correct answer presents part of the


A. Request a certificate from a domain registrar for the website URL, and enable TLS/SSL.

B. Configure IPsec for the websites and the mobile app.

C. Configure the KerberosTokenProfile 1.1 protocol.

D. Configure OAuth2 to connect to an external authentication provider.

E. Build an app by using MVC 5 that is hosted in Azure to provide a framework for the underlying authentication.

Answer: A,D,E


DE: This tutorial shows you how to build an ASP.NET MVC 5 web application that enables users to log in using OAuth 2.0 with credentials from an external authentication provider, such as Facebook, Twitter, LinkedIn, Microsoft, or Google.


* You will now be redirected back to the Register page of the MvcAuth application where you can register your Google account. You have the option of changing the local email registration name used for your Gmail account, but you generally want to keep the default email alias (that is, the one you used for authentication). Click Register.

* To connect to authentication providers like Google and Facebook, you will need to set up IIS-Express to use SSL.

References: http://www.asp.net/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on

Q5. Your company has an Azure subscription.

The company plans to implement an Azure Web App named WebApp1.

You need to recommend a solution to optimize the compute resources consumed by the Web App. The solution must minimize costs and provide a separation of resources.

Which service should you recommend?

A. Basic

B. Free

C. Shared

D. Premium

E. Standard

Answer: D


Only the Premium service provides App Service Environments which provide the required isolation (separation of resources).

Q6. You need to implement the loan aggregation process for the WGBLoanMaster app. Which technology should you use?

A. Azure virtual machine

B. Azure Cloud Service worker role

C. Azure Batch

D. Azure WebJob

Answer: C

Q7. You are designing a Windows Azure application. The application includes processes that communicate by using Windows Communications Foundation (WCF) services. The WCF services must support streaming.

You need to recommend a host for the processes and a WCF binding. Which two actions should you recommend? (Each correct answer presents part of the solution. Choose two.)

A. Host the processes in web roles.

B. Host the processes in worker roles.

C. Use NetTcpBinding for the WCF services.

D. Use WSHttpBinding for the WCF services.

Answer: B,C


References: http://www.biztalkgurus.com/blogs/msft-biztalk-community/wcf-nettcprelaybinding-streaming-gotcha

Q8. A company hosts a website and exposes web services on the company intranet.

The intranet is secured by using a firewall. Company policies prohibit changes to firewall rules.

Devices outside the firewall must be able to access the web services. You need to recommend an approach to enable inbound communication.

What should you recommend?

A. The Azure Access Control Service

B. Windows Azure Pack

C. The Azure Service Bus

D. A web service in an Azure role that relays data to the internal web services

Answer: C


The Service Bus Relay is designed for the use-case of taking existing Windows Communication Foundation (WCF) web services and making those services securely accessible to solutions that reside outside the corporate perimeter without requiring intrusive changes to the corporate network infrastructure. Such Service Bus relay services are still hosted inside their existing environment, but they delegate listening for incoming sessions and requests to the cloud-hosted Service Bus.

References: http://azure.microsoft.com/en-gb/documentation/articles/cloud-services-dotnet-hybrid-app-using-service-bus-relay/

Q9. Case Study

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next sections of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Background Overview

Woodgrove Bank has 20 regional offices and operates 1,500 branch office locations. Each regional office hosts the servers, infrastructure, and applications that support that region.

Woodgrove Bank plans to move all of their on-premises resources to Azure, including virtual machine (VM)-based, line-of-business workloads, and SQL databases. You are the owner of the Azure subscription that Woodgrove Bank is using. Your team is using Git repositories hosted on GitHub for source control.


Currently, Woodgrove Banku2019s Computer Security Incident Response Team (CSIRT) has a problem investigating security issues due to the lack of security intelligence integrated with their current incident response tools. This lack of integration introduces a problem during the detection (too many false positives), assessment, and diagnose stages. You decide to use Azure Security Center to help address this problem.

Woodgrove Bank has several apps with regulates data such as Personally Identifiable Information (PII) that require a higher level of security. All apps are currently secured by using an on-premises Active Directory Domain Services (ADDS). The company depends on following mission-critical apps: WGBLoanMaster, WGBLeaseLeader, and WGBCreditCruncher apps. You plan to move each of these apps to Azure as part of an app migration project.


The WGBLoanMaster app has been audited for transaction loss. Many transactions have been lost is processing and monetary write-offs have cost the bank. The app runs on two VMs that include several public endpoints.

The WGBLeaseLeader app has been audited for several data breaches. The app includes a SQL Server database and a web-based portal. The portal uses an ASP.NET Web API

function to generate a monthly aggregate report from the database.

The WGBCreditCruncher app runs on a VM and is load balanced at the network level. The app includes several stateless components and must accommodate scaling of increased credit processing. The app runs on a nightly basis to process credit transactions that are batched during the day. The app includes a web-based portal where customers can check their credit information. A mobile version of the app allows users to upload check images.

Business Requirements WGBLoanMaster app

The app audit revealed a need for zero transaction loss. The business is losing money due to the app losing and not processing loan information. In addition, transactions fail to process after running for a long time. The business has requested the aggregation processing to be scheduled for 01:00 to prevent system slowdown.

WGBLeaseLeader app

The app should be secured to stop data breaches. If the data is breached, it must not be readable. The app is continuing to see increased volume and the business does not want the issues presented in the WGBLoanMaster app. Transaction loss is unacceptable, and although the lease monetary amounts are smaller than loans, they are still an important profit center for Woodgrove Bank. The business would also like the monthly report to be automatically generated on the first of the month. Currently, a user must log in to the portal and click a button to generate the report.

WGBCreditCruncher app

The web-based portal area of the app must allow users to sign in with their Facebook credentials. The bank would like to allow this feature to enable more users to check their credit within the app.

Woodgrove Bank needs to develop a new financial risk modeling feature that they can include in the WGBCreditCruncher app. The financial risk modeling feature has not been developed due to costs associated with processing, transforming, and analyzing the large volumes of data that are collected. You need to find a way to implement parallel processing to ensure that the features run efficiently, reliably, and quickly. The feature must scale based on computing demand to process the large volumes of data and output several financial risk models.

Technical Requirements

WGBLoanMaster app

The app uses several compute-intensive tasks that create long-running requests to the system. The app is critical to the business and must be scalable to increased loan processing demands. The VMs that run the app include a Windows Task Scheduler task that aggregates loan information from the app to send to a third party. This task runs a console app on the VM.

The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:

Allow messages to reside in the queue for up to a month. Be able to publish and consume batches of messages.

Allow full integration with the Windows Communication Foundation (WCF) communication stack.

Provide a role-based access model to the queues, including different permissions for senders and receivers.

You develop an Azure Resource Manager (ARM) template to deploy the VMs used to support the app. The template must be deployed to a new resource group and you must validate your deployment settings before creating actual resources.

WGBLeaseLeader app

The app must use Azure SQL Databases as a replacement to the current Microsoft SQL Server environment. The monthly report must be automatically generated.

The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:

Require server-side logs of all of the transactions run against your queues. Track progress of a message within the queue.

Process the messages within 7 days.

Provide a differing timeout value per message.

WGBCreditCruncher app

The app must:

Secure inbound and outbound traffic.

Analyze inbound network traffic for vulnerabilities.

Use an instance-level public IP and allow web traffic on port 443 only.

Upgrade the portal to a Single Page Application (SPA) that uses JavaScript, Azure Active Directory (Azure AD), and the OAuth 2.0 implicit authorization grant to secure the Web API back end.

Cache authentication and host the Web API back end using the Open Web Interface for

.NET (OWIN) middleware.

Immediately compress check images received from the mobile web app. Schedule processing of the batched credit transactions on a nightly basis.

Provide parallel processing and scalable computing resources to output financial risk models.

Use simultaneous computer nodes to enable high performance computing and updating of the financial risk models.

Key security area

You need to recommend a business continuity and disaster recovery solution for all of the existing line of business applications.

What are two ways to achieve the goal? Each correct answer presents a complete solution.

A. Create new virtual machines (VMs) in Azure and migrate the line of business applications to the VMs. Migrate any backend databases to SQL Database.

B. Migrate the virtual machines to the Hyper-V cluster and enable Hyper-V replica.

C. Configure ExpressRoute to enable migration to Azure.

D. Install the Azure Backup agent on the virtual machines.

Answer: A,B




Q10. A company has 10 on-premises SQL databases. The company plans to move the databases to SQL Server 2012 that runs in Azure Infrastructure-as-a-Service (IaaS). After migration, the databases will support a limited number of Azure websites in the same Azure Virtual Network.

You have the following requirements:

* You must restore copies of existing on-premises SQL databases to the SQL servers that

run in Azure IaaS.

* You must be able to manage the SQL databases remotely.

* You must not open a direct connection from all of the machines on the on-premises network to Azure.

* Connections to the databases must originate from only five Windows computers.

You need to configure remote connectivity to the databases. Which technology solution should you implement?

A. Azure Virtual Network site-to-site VPN

B. Azure Virtual Network multi-point VPN

C. Azure Virtual Network point-to-site VPN

D. Azure ExpressRoute

Answer: C


A point-to-site VPN would meet the requirements.

References: https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-point- to-site-create/

Q11. You have several virtual machines (VMs) that run in Azure. You also have a single System Center 2012 R2 Configuration Manager (SCCM) primary site on-premises.

You have the following requirements:

* All VMs must run on the same virtual network.

* Network traffic must be minimized between the on-premises datacenter and Azure.

* The solution minimize complexity.

You need to use SCCM to collect inventory and deploy software to Azure VMs. What should you do first?

A. Configure client push for the Azure virtual network.

B. Enable and configure Operations Insights in Azure.

C. Install a cloud distribution point on an Azure VM.

D. Install a secondary site underneath the primary site onto an Azure VM.

Answer: C


Cloud-based distribution Point, a Configuration Manager Site System Role in the Cloud

Much of the Configuration Manager topology is made up of distribution points, they are very helpful in many situations where bandwidth and geographical separation are the facts of life, but also hard to manage if you have hundreds or even thousands of them.

This feature started with the vision that it makes perfect sense to have big distribution points in the Windows Azure cloud where one should not worry about things like (but not limited to) size, performance, reliability, security, access from all around the world, hardware/software update issues etc.

Note: Content management in System Center 2012 Configuration Manager provides the tools for you to manage content files for applications, packages, software updates, and operating system deployment. Configuration Manager uses distribution points to store files that are required for software to run on client computers. These distribution points function as distribution centers for the content files and let users download and run the software. Clients must have access to at least one distribution point from which they can download the files.

References: http://blogs.technet.com/b/configmgrteam/archive/2013/01/31/new-distribution-points-in-configuration-manager-sp1.aspx

Q12. You are building an Azure Web App that uses Azure Active Directory B2C for identity. The app will use social providers such as Facebook, Microsoft Account, and LinkedIn. The Web App has a customized home page that is based on the useru2019s name. The Web App does not function if the useru2019s name cannot be retrieved.

You need to retrieve the useru2019s name and email address when they authenticate with one of the supported identity providers.

What should you do?

A. Perform a Graph API query of the identity provider.

B. Query the underlying Active Directory provided by Azure Active Directory.

C. Retrieve the values from the Scope of the authentication request.

D. Inspect the Claims in the authorization token.

Answer: D

Q13. You are evaluating an Azure application. The application includes the following elements:

*A web role that provides the ASP.NET user interface and business logic

*A single SQL database that contains all application data

Each webpage must receive data from the business logic layer before returning results to the client. Traffic has increased significantly. The business logic is causing high CPU usage.

You need to recommend an approach for scaling the application.

What should you recommend?

A. Store the business logic results in Azure Table storage.

B. Vertically partition the SQL database.

C. Move the business logic to a worker role.

D. Store the business logic results in Azure local storage.

Answer: C


For Cloud Services in Azure applications need both web and worker roles to scale well. References: https://msdn.microsoft.com/en-us/library/azure/dn574746.aspx

100% Most recent Microsoft 70-535 Questions & Answers shared by Certleader, Get HERE: https://www.certleader.com/70-535-dumps.html (New Q&As)