Topic 1, Litware Office
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Existing Environment
Network Environment
The Litware offices and the Fabrikam office connect by using a private circuit. Each office connects directly to the Internet.
Identity Environment
The Litware network contains an Active Directory forest named litwareinc.com. The forest and an Azure Active Directory (Azure AD) tenant named litwareinc.com are integrated by using Active Directory Federation Services (AD FS). Litware has an enterprise certification authority (CA).
The Azure subscriptions of Litware are associated to the litwareic.com Azure AD tenant.
Fabrikam also has an Azure AD tenant.
Azure Stack Hub Environment
Litware has the following two Azure Stack Hub integrated systems:
✑ A fully operational integrated system in Boston that connects to the Internet and has the following configurations:
– Is managed by using an administrator management endpoint of: https://adminportal.eastus.litwareinc.com
– Has an Azure App Service deployment that has two dedicated, large web workers
– Currently uses version 2005 of Azure Stack Hub
✑ A newly delivered integrated system in Chicago that is disconnected from the Internet and will be managed by using an administrator management endpoint of: https://adminportal.northcentralus.litwareinc.com
Datacenter Environment
The Chicago datacenter of Litware contains the infrastructure shown in the following table.
Current Problems
During heavy usage, requests to App Service in Boston fail despite low utilization of the web workers.
Requirements
Planned Changes
Litware plans to implement the following changes:
✑ Deploy an Event Hubs resource provider to the integrated system in Boston.
✑ Make Azure Functions available to Azure Stack Hub users in Boston.
✑ Prepare the integrated system in Chicago to be production-ready.
Technical Requirements
Litware identifies the following technical requirements:
✑ Implement an infrastructure to support Azure Functions on the integrated system in Boston.
✑ Provision the certificates required to deploy the Event Hubs resource provider to the integrated system in Boston.
✑ Configure an identity provider for the integrated system in Chicago.
✑ Locate the IP address of the privileged endpoint (PEP) of the integrated system in Chicago.
✑ Ensure that only operators have control over the creation of subscriptions on the integrated system in Chicago.
✑ Provision a certificate to provide access to the Azure Resource Manager endpoint of the integrated system in Chicago.
✑ Identify which PowerShell setting on CLIENT1 and CLIENT2 must be modified to register the integrated system in Chicago.
✑ Implement a management app that will use Azure Resource Manager to inventory the resources of the integrated system in Chicago.
Security and Compliance Requirements
Litware has the following security and compliance requirements:
✑ All infrastructure software must run the latest version, including hotfixes.
✑ Litware must have control over certificate revocations.
Business Requirements
Litware wants to ensure that the users at Fabrikam have secure access to the workloads on the integrated system in Boston.
Updates and Hotfixes
The current hotfixes and updates available for Azure Stack Hub are:
✑ 2005
✑ 2005 hotfix 1
✑ 2005 hotfix 2
✑ 2005 hotfix 3
✑ 2008
✑ 2008 hotfix 1
✑ 2008 hotfix 2
✑ 2011 (latest version)
HOTSPOT
You need to identify the certificate for the integrated system in Chicago. The solution must meet the technical requirements.
What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
When deploying Azure Stack Hub in disconnected mode it is recommended to use certificates issued by an enterprise certificate authority. This is important because clients accessing Azure Stack Hub endpoints must be able to contact the certificate revocation list (CRL).
Leave a Reply