| Question.71 DRAG DROP Contoso, Ltd. provides an API to customers by using Azure API Management (APIM). The API authorizes users with a JWT token. You must implement response caching for the APIM gateway. The caching mechanism must detect the user ID of the client that accesses data for a given location and cache the response for that user ID. You need to add the following policies to the policies file: a set-variable policy to store the detected user identity  a cache-lookup-value policy a cache-store-value policy a find-and-replace policy to update the response body with the    user profile information To which policy section should you add the policies? To answer, drag the appropriate sections to the correct policies. Each section may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Select and Place:  |
71. Click here to View Answer
Answer:
Explanation:
Box 1: Inbound.
A set-variable policy to store the detected user identity. Example:
Box 2: Inbound
A cache-lookup-value policy Example:
parameter name
Box 3: Outbound A cache-store-value policy.
Example:
Box 4: Outbound
A find-and-replace policy to update the response body with the user profile information. Example:
to=”@((string)context.Variables[“userprofile”])” />
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-caching-policies
https://docs.microsoft.com/en-us/azure/api-management/api-management-sample-cache-by-key
| Question.72 You are a developer for a SaaS company that offers many web services. All web services for the company must meet the following requirements: Use API Management to access the services  Use OpenID Connect for authentication Prevent anonymous usage   A recent security audit found that several web services can be called without any authentication. Which API Management policy should you implement? (A) jsonp (B) authentication-certificate (C) check-header (D) validate-jwt |
72. Click here to View Answer
Answer: D
Explanation:
Add the validate-jwt policy to validate the OAuth token for every incoming request.
Incorrect Answers:
A: The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from
JavaScript browser-based clients. JSONP is a method used in JavaScript programs to request data from a server in a
different domain. JSONP bypasses the limitation enforced by most web browsers where access to web pages must be in the
same domain.
JSONP – Adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript
browser-based clients. Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
| Question.73 Your company is developing an Azure API. You need to implement authentication for the Azure API. You have the following requirements: All API calls must be secure.  Callers to the API must not send credentials to the API.  Which authentication mechanism should you use? (A) Basic (B) Anonymous (C) Managed identity (D) Client certificate |
73. Click here to View Answer
Answer: C
Explanation:
Use the authentication-managed-identity policy to authenticate with a backend service using the managed identity of the API
Management service. This policy essentially uses the managed identity to obtain an access token from Azure Active
Directory for accessing the specified resource. After successfully obtaining the token, the policy will set the value of the token
in the Authorization header using the Bearer scheme. Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure/api-management/api-management-authentication-policies
| Question.74 You are developing an ASP.NET Core website that uses Azure FrontDoor. The website is used to build custom weather data sets for researchers. Data sets are downloaded by users as Comma Separated Value (CSV) files. The data is refreshed every 10 hours. Specific files must be purged from the FrontDoor cache based upon Response Header values. You need to purge individual assets from the Front Door cache. Which type of cache purge should you use? (A) single path (B) wildcard (C) root domain |
74. Click here to View Answer
Answer: A
Explanation:
These formats are supported in the lists of paths to purge:
Single path purge: Purge individual assets by specifying the full path of the asset (without the protocol and domain), with
the file extension, for example, /pictures/strasbourg.png;
Wildcard purge: Asterisk (*) may be used as a wildcard. Purge all folders, subfolders, and files under an endpoint with /* in
the path or purge all subfolders and files under a specific folder by specifying the folder followed by /*, for example,
/pictures/*.
Root domain purge: Purge the root of the endpoint with “/” in the path. Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-caching
| Question.75 You develop an app that allows users to upload photos and videos to Azure storage. The app uses a storage REST API call to upload the media to a blob storage account named Account1. You have blob storage containers named Container1 and Container2. Uploading of videos occurs on an irregular basis. You need to copy specific blobs from Container1 to Container2 when a new video is uploaded. What should you do? (A) Copy blobs to Container2 by using the Put Blob operation of the Blob Service REST API (B) Create an Event Grid topic that uses the Start-AzureStorageBlobCopy cmdlet (C) Use AzCopy with the Snapshot switch to copy blobs to Container2 (D) Download the blob to a virtual machine and then upload the blob to Container2 |
75. Click here to View Answer
Answer: B
Explanation:
The Start-AzureStorageBlobCopy cmdlet starts to copy a blob. Example 1: Copy a named blob
C:\PS>Start-AzureStorageBlobCopy -SrcBlob “ContosoPlanning2015” -DestContainer “ContosoArchives” -SrcContainer
“ContosoUploads”
This command starts the copy operation of the blob named ContosoPlanning2015 from the container named
ContosoUploads to the container named ContosoArchives. Reference:
https://docs.microsoft.com/en-us/powershell/module/azure.storage/start-azurestorageblobcopy?view=azurermps-6.13.0