Quick Guide: 70-533 study guide

Act now and download your Microsoft 70-533 test today! Do not waste time for the worthless Microsoft 70-533 tutorials. Download Abreast of the times Microsoft Implementing Microsoft Azure Infrastructure Solutions exam with real questions and answers and begin to learn Microsoft 70-533 with a classic professional.

2021 Oct cbt 70-533:

Q11. Your company network includes two branch offices. Users at the company access internal virtual machines (VMs). 

You want to ensure secure communications between the branch offices and the internal VMs and network. 

You need to create a site-to-site VPN connection. 

What are two possible ways to achieve this goal? Each correct answer presents a complete solution. 

A. a private IPv4 IP address and a compatible VPN device 

B. a private IPv4 IP address and a RRAS running on Windows Server 2012 

C. a public-facing IPv4 IP address and a compatible VPN device 

D. a public-facing IPv4 IP address and a RRAS running on Windows Server 2012 

Answer: C,D 

Explanation: C (not A): VPN Device IP Address.- This is public facing IPv4 address of your on-premises VPN device that you’ll use to connect to Azure. The VPN device cannot be located behind a NAT. D (Not B): At least one or preferably two publicly visible IP addresses: One of the IP addresses is used on the Windows Server 2012 machine that acts as the VPN device by using RRAS. The other optional IP address is to be used as the Default gateway for out-bound traffic from the on-premises network. If the second IP address is not available, it is possible to configure network address translation (NAT) on the RRAS machine itself, to be discussed in the following sections. It is important to note that the IP addresses must be public. They cannot be behind NAT and/or a firewall. 

Reference: Configure a Site-to-Site VPN in the Management Portal 

Site-to-Site VPN in Azure Virtual Network using Windows Server 2012 Routing and Remote Access Service (RRAS) 

Q12. Click Configure Directory Partitions, and then click Containers, as shown in the below screen capture. 

Q13. Your company network includes users in multiple directories. 

You plan to publish a software-as-a-service application named SaasApp1 to Azure Active 


You need to ensure that all users can access SaasApp1. 

What should you do? 

A. Configure the Federation Metadata URL 

B. Register the application as a web application. 

C. Configure the application as a multi-tenant. 

D. Register the application as a native client application. 

Answer: C 

Explanation: * When you get deeper into using Windows Azure Active Directory, you’ll run into new terminology. For instance, is called "directory" is also referred to as a Windows Azure AD Tenant or simply as "tenant." This stems from the fact that WAAD ()Windows Azure Active Directory.is a shared service for many clients. In this service, every client gets its own separate space for which the client is the tenant. In the case of WAAD this space is a directory. This might be a little confusing, because you can create multiple directories, in WAAD terminology multiple tenants, even though you are a single client. 

* Multitenant Applications in Azure A multitenant application is a shared resource that allows separate users, or "tenants," to view the application as though it was their own. A typical scenario that lends itself to a multitenant application is one in which all users of the application may wish to customize the user experience but otherwise have the same basic business requirements. Examples of large multitenant applications are Office 365, Outlook.com, and visualstudio.com. 

Reference: Multitenant Applications in Azure 



You plan to deploy a cloud service named contosoapp that has a web role named contosoweb and a worker role named contosoimagepurge. 

You need to ensure the service meets the following requirements: 

. Contosoweb can be accessed over the Internet by using http. 

. Contosoimagepurge can only be accessed through tcp port 5001 from 


. Contosoimagepurge cannot be accessed directly over the Internet. 

Which configuration should you use? To answer, drag the appropriate configuration setting to the correct location in the service configuration file. Each configuration setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 



You manage two solutions in separate Azure subscriptions. 

You need to ensure that the two solutions can communicate on a private network. 

Which three actions should you perform in sequence? To answer, move the appropriate 

actions from the list of actions to the answer area and arrange them in the correct order. 


70-533 sample question

Improve 70-533 vce:

Q16. You administer an Azure Active Directory (Azure AD) tenant that has a SharePoint web application named TeamSite1. TeamSite1 accesses your Azure AD tenant for user information. 

The application access key for TeamSite1 has been compromised. 

You need to ensure that users can continue to use TeamSite1 and that the compromised key does not allow access to the data in your Azure AD tenant. 

Which two actions should you perform? Each correct answer presents part of the solution. 

A. Remove the compromised key from the application definition for TeamSite1. 

B. Delete the application definition for TeamSite1. 

C. Generate a new application key for TeamSite1. 

D. Generate a new application definition for TeamSite1. 

E. Update the existing application key. 

Answer: A,C 

Explanation: One of the security aspects of Windows Azure storage is that all access is protected by access keys. 

It is possible to change the access keys (e.g. if the keys become compromised), and if changed, we’d need to update the application to have the new key. 


You manage an Azure Web Site named salessite1. You notice some performance issues with salessite1. You create a new database for salessite1. 

You need to update salessite1 with the following changes, in the order shown: 

1. Display the list of current connection strings. 

2. Create a new connection string named conn1 with a value of: Server=tcp:samplel.database.windows.net,1433;Database=NewDB;User 

ID=User@samplel;Password=Passwordl;Trusted_Connection=False;Encrypt=True;Connec tion Timeout=30;. 

3. Download the application logs for analysis. 

Which three xplat-cli commands should you perform in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order. 


Q18. Your company is launching a public website that allows users to stream videos. 

You upload multiple video files to an Azure storage container. 

You need to give anonymous users read access to all of the video files in the storage container. 

What should you do? 

A. Edit each blob's metadata and set the access policy to Public Blob. 

B. Edit the container metadata and set the access policy to Public Container. 

C. Move the files into a container sub-directory and set the directory access level to Public Blob. 

D. Edit the container metadata and set the access policy to Public Blob. 

Answer: C 


By default, the container is private and can be accessed only by the account owner. To allow public read access to the blobs in the container, but not the container properties and metadata, use the "Public Blob" option. To allow full public read access for the container and blobs, use the "Public Container" option. 

Q19. You manage an Azure Web Site that is running in Shared mode. 

You discover that the website is experiencing increased average response time during periods of heavy user activity. 

You need to update the website configuration to address the performance issues as they occur. 

What should you do? 

A. Set the website to Standard mode and configure automatic scaling based on CPU utilization. 

B. Configure automatic seating during specific dates. 

C. Modify the website instance size. 

D. Configure automatic scaling based on memory utilization. 

E. Set the website to Basic mode and configure automatic scaling based on CPU utilization. 

Answer: A 

Explanation: Scaling to Standard Plan Mode Selecting Standard expands the Capacity section to reveal the Instance Size and Instance Count options, which are also available in Basic mode. The Edit Scale Settings for Schedule and Scale by Metric options are available only in Standard mode. 


* For increased performance and throughput for your websites on Microsoft Azure, you can use the Azure Management Portal to scale your Web Hosting Plan mode from Free to Shared, Basic, or Standard. 

* There are 2 options for scaling: 

Based on a Schedule Based on CPU usage 

Reference: Azure, How to Scale Websites 

Q20. You administer an Access Control Service namespace named contosoACS that is used by a web application. ContosoACS currently utilizes Microsoft and Yahoo accounts. 

Several users in your organization have Google accounts and would like to access the web application through ContosoACS. 

You need to allow users to access the application by using their Google accounts. 

What should you do? 

A. Register the application directly with Google. 

B. Edit the existing Microsoft Account identity provider and update the realm to include Google. 

C. Add a new Google identity provider. 

D. Add a new WS-Federation identity provider and configure the WS-Federation metadata to point to the Google sign-in URL. 

Answer: C 

Explanation: Configuring Google as an identity provider eliminates the need to create and manage authentication and identity management mechanism. It helps the end user experience if there are familiar authentication procedures. 

Reference: Microsoft Azure, How to: Configure Google as an Identity Provider 

URL: http://msdn.microsoft.com/en-us/library/azure/gg185976.aspx 

see more 70-533 dumps