First-hand Microsoft 70-533 Exam IT Certification

The Braindumpscity Microsoft 70-533 exam sample questions enables you to solve every question, whether it is easy or difficult. Microsoft 70-533 test preparation, Microsoft 70-533 questions and answers, Microsoft 70-533 Certification test is one such Microsoft 70-533 exam examination that hands you an opportunity to exhibit your worth and market value. However, majority does not have a clue as to how should the preparation be done. Everyone wants to pass exam, but has no idea about the test questions, their pattern and the kind of approach they should adopt towards the preparation. Let Braindumpscity help you climb that ladder of success and pass your now!

You administer an Azure Web Site named contoso. You create a job named Cleanlogs.cmd that will be executed manually, twice a week.
You need to deploy the job.
To which folder location should you deploy CleanLogs.cmd?

A. ./App_Code/jobs/triggered/cleanLogs/CleanLogs.cmd
B. ./App_Data/jobs/triggered/clean Logs/CleanLogs.cmd
C. ./App_Code/jobs/continuous/cleanLogs/CleanLogs.cmd
D. ./App_Data/jobs/continuous/cleanLogs/CleanLogs.cmd Correct Answer: B

Explanation Explanation/Reference:
A WebJob is stored under the following directory in your site:
site\wwwroot\App_Data\jobs\{job type}\{job name}
Where {job type} can be either continuous for a job that is always running or triggered for a job that starts from an external trigger (on demand / scheduler).
Reference: How to deploy Azure WebJobs

Your company network includes an On-Premises Windows Active Directory (AD) that has a DNS domain named contoso.local and an email domain named You plan to migrate from On-Premises Exchange to Office 365.
You configure DirSync and set all Azure Active Directory {Azure AD) usernames as %username
You need to ensure that each user is able to log on by using the email domain as the username.
Which two actions should you perform? Each correct answer presents part of the solution.

A. Verify the email domain in Azure AD domains.
B. Run the Set-MsolUserPnncipalName -UserPnncipalName %username%@co -NewUserPrincipalName %usemame Power Shell cmdlet.
C. Edit the ProxyAddress attribute on the On-Premises Windows AD user account.
D. Verify the Windows AD DNS domain in Azure AD domains.
E. Update the On-Premises Windows AD user account UPN to match the email address. Correct Answer: CD

Explanation Explanation/Reference:
There are two main traffic flows originating from the server hosting the Azure Active Directory Sync tool:
The Azure Active Directory Sync tool queries a domain controller on the on-premises network for changes to accounts and passwords. The Azure Active Directory
Sync tool sends the changes to accounts and passwords to the Azure AD instance of your Office 365 subscription. These changes are sent through the on-
premises network’s proxy server.
Verify that your virtual machine is joined to the domain by checking your internal DNS to make sure that an Address (A) record was added for the virtual machine with the correct IP address from Azure. For the Azure Active Directory Sync tool to gain access to Internet resources, you must configure the server that runs the Azure Active Directory Sync tool to use the on-premises network’s proxy server.

Reference: Deploy Office 365 Directory Synchronization in Microsoft Azure
You develop a Windows Store application that has a web service backend. You plan to use the Azure Active Directory Authentication Library to authenticate users to Azure Active Directory (Azure AD) and access directory data on behalf of the user.
You need to ensure that users can log in to the application by using their Azure AD credentials.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Create a native client application in Azure AD.
B. Configure directory integration.
C. Create a web application in Azure AD.
D. Enable workspace join.
E. Configure an Access Control namespace.

Correct Answer: BC Explanation
B: An application that wants to outsource authentication to Azure AD must be registered in Azure AD, which registers and uniquely identifies the app in the
C (not A): NativeClient-WindowsStore
A Windows Store application that calls a web API that is secured with Azure AD.

Your company plans to migrate from On-Premises Exchange to Office 365.
The existing directory has numerous service accounts in your On-Premises Windows Active Directory (AD), stored in separate AD Organizational Units (OU) for user accounts.
You need to prevent the service accounts in Windows AD from syncing with Azure AD. What should you do?
A. Create an OU filter in the Azure AD Module for Windows PowerShell.
B. Configure directory partitions in miisclient.exe.
C. Set Active Directory ACLs to deny the DirSync Windows AD service account MSOL_AD_SYNC access to the service account OUs.
D. Create an OU filter in the Azure Management Portal. Correct Answer: B

Explanation Explanation/Reference:
One customer, who was looking for OU level filtering to import selected users from On- Premises active directory to Office365. Configure OU level filtering for Office365 directory synchronization.
Logged in to your Domain controller

Created an OU (Organisational Unit) from your AD (Active Directory)
a. In my case I named it “DirSync”
Move all those users you want to sync, to that DirSync OU.

From your DirSync Server navigate to <Drive>\Program Files\Microsoft Online Directory Sync\SYNCBUS\Synchronization Service\UIShell

Double click on miisclient.exe

This opens a console something similar to the below screen capture

Identity Manager, click Management Agents, and then double-click SourceAD.
8. Click Configure Directory Partitions, and then click Containers, as shown in the below screen capture.

Click OK on the SourceAD Properties page.

Perform a full sync: on the Management Agent tab, right-click SourceAD, click Run, click Full Import Full Sync, and then click OK. Etc.

You manage an Azure Active Directory (AD) tenant
You plan to allow users to log in to a third-party application by using their Azure AD credentials.
To access the application, users will be prompted for their existing third-party user names and passwords.
You need to add the application to Azure AD. Which type of application should you add?
A. Existing Single Sign-On with identity provisioning
B. Password Single Sign-On with identity provisioning
C. Existing Single Sign-On without identity provisioning
D. Password Single Sign-On without identity provisioning

Correct Answer: A Explanation
Explanation/Reference: 2v0-641 exam
Azure AD supports two different modes for single sign-on: / Federation using standard protocols Configuring Federation-based single sign-on enables the users in your organization to be automatically signed in to a third-party SaaS application by Azure AD using the user account information from Azure AD. / Password-based single sign-on

Support for user provisioning
User provisioning enables automated user provisioning and deprovisioning of accounts in third- party SaaS applications from within the Azure Management Portal, using your Windows Server Active Directory or Azure AD identity information. When a user is given permissions in Azure AD for one of these applications, an account can be automatically created (provisioned) in the target SaaS application.
Reference: Application access enhancements for Azure AD URL:
You plan to use Password Sync on your DirSync Server with Azure Active Directory {Azure AD) on your company network. You configure the DirSync server and
complete an initial synchronization of the users.
Several remote users are unable to log in to Office 365. You discover multiple event log entries for “Event ID 611 Password synchronization failed for domain.”
You need to resolve the password synchronization issue.
Which two actions should you perform? Each correct answer presents part of the solution.

A. Restart Azure AD Sync Service.
B. Run the Set-FullPasswordSync Power Shell cmdlet.
C. Force a manual synchronization on the DirSync server.
D. Add the DirSync service account to the Schema Admins domain group. Correct Answer: ABOn the computer that has the Azure Active Directory Sync tool installed, follow these steps:
1. Perform a full password sync for all users who are synced through directory synchroniza- tion. To do this, follow these steps:
Open Windows PowerShell, type Import-Module DirSync, and then press Enter.

After the Windows PowerShell session starts, run the following cmdlet: Set-FullPasswordSync
2. Restart the Forefront Identity Manager Synchronization Service. To do this, follow these steps:
Click Start, click Run, type services.msc, and then click OK.

In the list of services, right-click Forefront Identity Manager Syn- chronization Service, and then click Restart. Reference: User passwords don’t sync if your organization is using Azure Active Directory synchronization
You administer an Access Control Service namespace named contosoACS that is used by a web application. ContosoACS currently utilizes Microsoft and Yahoo
Several users in your organization have Google accounts and would like to access the web application through ContosoACS.
You need to allow users to access the application by using their Google accounts.
What should you do?

A. Register the application directly with Google.
B. Edit the existing Microsoft Account identity provider and update the realm to include Google.
C. Add a new Google identity provider.
D. Add a new WS-Federation identity provider and configure the WS-Federation metadata to point to the Google sign-in URL.

Correct Answer: C Explanation Explanation/Reference:
Configuring Google as an identity provider eliminates the need to create and manage authentication and identity management mechanism. It helps the end user experience if there are familiar authentication procedures.
Reference: Microsoft Azure, How to: Configure Google as an Identity Provider URL:
You publish an application named MyApp to Azure Active Directory (Azure AD). You grant access to the web APIs through OAuth 2.0.
MyApp is generating numerous user consent prompts.
You need to reduce the amount of user consent prompts.
What should you do?

A. Enable Multi-resource refresh tokens.
B. Enable WS-federation access tokens.
C. Configure the Open Web Interface for .NET.
D. Configure SAML 2.0. Correct Answer: A

Explanation Explanation/Reference:
When using the Authorization Code Grant Flow, you can configure the client to call multiple resources. Typically, this would require a call to the authorization endpoint for each target service. To avoid multiple calls and multiple user consent prompts, and reduce the number of refresh tokens the client needs to cache, Azure Active Directory (Azure AD) has implemented multi-resource refresh tokens. This feature allows you to use a single refresh token to request access tokens for multiple resources.
Reference:Azure, OAuth 2.0, Refresh Tokens for Multiple Resources
Your company network includes users in multiple directories. You plan to publish a software-as-a-service application named SaasApp1 to Azure Active Directory. You need to ensure that all users can access SaasApp1.
What should you do?
A. Configure the Federation Metadata URL
B. Register the application as a web application.
C. Configure the application as a multi-tenant.
D. Register the application as a native client application.

Correct Answer: C Explanation
When you get deeper into using Windows Azure Active Directory, you’ll run into new terminology. For instance, is called “directory” is also referred to as a Windows Azure AD Tenant or simply as “tenant.” This stems from the fact that WAAD ()Windows Azure Active Directory is a shared service for many clients. In this service, every client gets its own separate space for which the client is the tenant. In the case of WAAD this space is a directory. This might be a little confusing, because you can create multiple directories, in WAAD terminology multiple tenants, even though you are a single client.

Multitenant Applications in Azure A multitenant application is a shared resource that allows separate users, or “tenants,” to view the application as though it was their own. A typical scenario that lends itself to a multitenant application is one in which all users of the application may wish to customize the user experience but otherwise have the same basic business requirements. Examples of large multitenant applications are Office 365,, and
Reference: Multitenant Applications in Azure
You are migrating a local virtual machine (VM) to an Azure VM. You upload the virtual hard disk (VHD) file to Azure Blob storage as a Block Blob.
You need to change the Block blob to a page blob.
What should you do?
A. Delete the Block Blob and re-upload the VHD as a page blob.
B. Update the type of the blob programmatically by using the Azure Storage .NET SDK.
C. Update the metadata of the current blob and set the Blob-Type key to Page.
D. Create a new empty page blob and use the Azure Blob Copy Power Shell cmdlet to copy the current data to the new blob.

Correct Answer: A Explanation
To copy the data files to Windows Azure Storage by using one of the following methods:
AzCopy Tool, Put Blob (REST API) and Put Page (REST API), or Windows Azure Storage Client Library for .NET or a third-party storage explorer tool. Important:
When using this new enhancement, always make sure that you create a page blob not a block blob.
Azure has two main files storage format:
Page blob : mainly used for vhd’s (CloudPageBlob)
Block Blob : for other files (CloudBlockBlob)

Reference: Move your data files to Windows Azure Storage  Microsoft 70-533 exam tests are composed of latest exam questions formulate an actual exam scenario with an intent to expose your potentials and latent skills. Our Apple practice tests encompass all the fundamental of Microsoft 70-533 exam formats, orients your efforts towards guaranteed success for Microsoft 70-533 exams. You can hit your target with assurance if you have opted for our practice test training.

Comments are closed.