100% Free Lead2pass 70-533 New Questions Download:
https://www.lead2pass.com/70-533.html
QUESTION 41
You manage a software-as-a-service application named SaasApp1 that provides user management features in a multi-directory environment.
You plan to offer SaasApp1 to other organizations that use Azure Active Directory.
You need to ensure that SaasApp1 can access directory objects.
What should you do?
A. Configure the Federation Metadata URL
B. Register SaasApp1 as a native client application.
C. Register SaasApp1 as a web application.
D. Configure the Graph API.
Answer: D
Explanation:
The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For example, the Graph API supports the following common operations for a user object:
/ Create a new user in a directory
/ Get a user’s detailed properties, such as their groups / Update a user’s properties, such as their location and phone number, or change their password
/ Check a user’s group membership for role-based access / Disable a user’s account or delete it entirely
http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx
QUESTION 42
You administer an Azure Active Directory (Azure AD) tenant where Box is configured for:
– Application Access
– Password Single Sign-on
An employee moves to an organizational unit that does not require access to Box through the Access Panel.
You need to remove only Box from the list of applications only for this user.
What should you do?
A. Delete the user from the Azure AD tenant.
B. Delete the Box Application definition from the Azure AD tenant.
C. From the Management Portal, remove the user’s assignment to the application.
D. Disable the user’s account in Windows AD.
Answer: C
Explanation:
Note: Use Azure AD to manage user access, provision user accounts, and enable single sign-on with Box. Requires an existing Box subscription
QUESTION 43
You administer an Azure Active Directory (Azure AD) tenant that has a SharePoint web application named TeamSite1. TeamSite1 accesses your Azure AD tenant for user information.
The application access key for TeamSite1 has been compromised.
You need to ensure that users can continue to use TeamSite1 and that the compromised key does not allow access to the data in your Azure AD tenant.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Remove the compromised key from the application definition for TeamSite1.
B. Delete the application definition for TeamSite1.
C. Generate a new application key for TeamSite1.
D. Generate a new application definition for TeamSite1.
E. Update the existing application key.
Answer: AC
Explanation:
One of the security aspects of Windows Azure storage is that all access is protected by access keys.
It is possible to change the access keys (e.g. if the keys become compromised), and if changed, we’d need to update the application to have the new key.
QUESTION 44
You administer a DirSync server configured with Azure Active Directory (Azure AD).
You need to provision a user in Azure AD without waiting for the default DirSync synchronization interval.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Restart the DirSync server.
B. Run the Start-OnlineCoexistenceSync PowerShell cmdlet.
C. Run the Enable-SyncShare PowerShell cmdlet.
D. Run the Azure AD Sync tool Configuration Wizard.
E. Replicate the Directory in Active Directory Sites and Services.
Answer: BD
Explanation:
If you don’t want to wait for the recurring synchronizations that occur every three hours, you can force directory synchronization at any time.
B: Force directory synchronization using Windows PowerShell
You can use the directory synchronization Windows PowerShell cmdlet to force synchronization. The cmdlet is installed when you install the Directory Sync tool. On the computer that is running the Directory Sync tool, start PowerShell, type Import- Module DirSync, and then press ENTER.
Type Start-OnlineCoexistenceSync, and then press ENTER.
D: Azure Active Directory Sync Services (AAD Sync) In September 2014 the Microsoft Azure AD Sync tool was released. This changed how manual sync requests are issued.
To perform a manual update we now use the DirectorySyncClientCmd.exe tool. The Delta and Initial parameters are added to the command to specify the relevant task.
This tool is located in:
C:\Program Files\Microsoft Azure AD Sync\Bin
You can use the directory synchronization Windows PowerShell cmdlet to force synchronization. The cmdlet is installed when you install the Directory Sync tool. On the computer that is running the Directory Sync tool, start PowerShell, type Import- Module DirSync, and then press ENTER.
Type Start-OnlineCoexistenceSync, and then press ENTER.
QUESTION 45
Hotspot Question
You manage an Internet Information Services (IIS) 6 website named contososite1. Contososite1 runs a legacy ASP.NET 1.1 application named LegacyApp1. LegacyApp1 does not contain any integration with any other systems or programming languages.
You deploy contososite1 to Azure Web Sites.
You need to configure Azure Web Sites.
You have the following requirements:
– LegacyApp1 runs correctly.
– The application pool does not recycle.
Which settings should you configure to meet the requirements? To answer, select the appropriate settings in the answer area.
Answer:
Explanatio:
http://msdn.microsoft.com/en-us/library/k6h9cz8h%28v=vs.140%29.aspx
QUESTION 46
Drag and Drop Question
Your company manages several Azure Web Sites that are running in an existing web- hosting plan named plan1.
You need to move one of the websites, named contoso, to a new web-hosting plan named plan2.
Which Azure PowerShell cmdlet should you use with each PowerShell command line?
To answer, drag the appropriate Azure PowerShell cmdlet to the correct location in the PowerShell code. Each PowerShell cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
70-533 dumps full version (PDF&VCE): https://www.lead2pass.com/70-533.html
Large amount of free 70-533 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDclh4YVRORS1vaHc
You may also need:
70-532 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDbm1XNUxwQUYwaWM
70-534 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDaTBTRVp4SktqMXM