Professional Documents
Culture Documents
Microsoft AZ-220
Version Demo
https://dumpsarena.com
sales@dumpsarena.com
Topic Break Down
Total 136
You have an Azure IoT Edge module named SampleModule that runs on a device named Device1.
You make changes to the code of SampleModule by using Microsoft Visual Studio Code.
You need to push the code to the container registry and then deploy the module to Device1.
Which two actions should you perform from Visual Studio Code? Each correct answer presents part of the solution.
ANSWER: B C
Explanation:
C: Configure a deployment manifest. A deployment manifest is a JSON document that describes which modules to deploy,
how data flows between the modules, and desired properties of the module twins.
B: You deploy modules to your device by applying the deployment manifest that you configured with the module information.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/how-to-deploy-modules-vscode
HOTSPOT
You create an Azure Stream Analytics job that has the following query.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Hot Area:
ANSWER:
Box 1: Yes
Box 2: No
Tumbling windows are a series of fixed-sized, non-overlapping and contiguous time intervals. Box 3: Yes
Reference: https://docs.microsoft.com/en-us/stream-analytics-query/time-management-azure-stream-analytics
DRAG DROP
You have an Azure IoT solution that includes an Azure IoT hub.
You receive a root certification authority (CA) certificate from the security department at your company.
You need to configure the IoT hub to use the root CA certificate.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the
answer area and arrange them in the correct order.
Explanation:
Reference: https://docs.microsoft.com/bs-latn-ba/azure/iot-hub/iot-hub-security-x509-get-started
QUESTION NO: 4
You have an Azure subscription that contains an Azure IoT hub and two Azure IoT Edge devices named Device1 and
Device2.
You need to ensure that the IoT hub only accepts connections from Device1 and Device2.
D. an IP filter
ANSWER: B
You can use Azure Active Directory (Azure AD) to authenticate requests to Azure IoT Hub service APIs, like create device
identity and invoke direct method. You can also use Azure role-based access control (Azure RBAC) to authorize those same
service APIs. By using these technologies together, you can grant permissions to access IoT Hub service APIs to an Azure
AD security principal. This security principal could be a user, group, or application service principal.
Note: There are three different ways for controlling access to IoT Hub:
Azure Active Directory (Azure AD) integration for service APIs. Azure provides identity-based authentication with AAD and
fine-grained authorization with Azure role-based access control (Azure RBAC). Azure AD and RBAC integration is supported
for IoT hub service APIs only.
Shared access signatures lets you group permissions and grant them to applications using access keys and signed
security tokens.
Per-device security credentials. Each IoT Hub contains an identity registry For each device in this identity registry, you can
configure security credentials that grant DeviceConnect permissions scoped to the that device's endpoints. Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-dev-guide-azure-ad-rbac
QUESTION NO: 5
You have an Azure IoT hub that uses a Device Provision Service instance.
You need to confirm the identity of the devices by using the Device Provision Service.
Which three device attestation mechanisms can you use? Each correct answer presents a complete solution.
A. X.509 certificates
D. Symmetric key
ANSWER: A B D
Explanation:
Trusted Platform Module (TPM) based on a nonce challenge, using the TPM 2.0 standard for keys to present a signed
Shared Access Signature (SAS) token. This does not require a physical TPM on the device, but the service expects to attest
using the endorsement key per the TPM spec.
Reference:
https://docs.microsoft.com/en-us/azure/iot-dps/concepts-service#attestation-mechanism
QUESTION NO: 6
You have an Azure IoT hub and 15,000 IoT devices that monitor temperature. The IoT hub has four partitions. Each IoT
device sends a 1-KB message every five seconds.
You plan to use Azure Stream Analytics to process the telemetry stream and generate an alert when temperatures exceed a
defined threshold.
You need to recommend the minimum number of streaming units to configure for Stream Analytics.
A. 1
B. 3
C. 6
D. 12
ANSWER: D
Explanation:
15000/5 = 3K/s -> 3 Streaming Units (SU). 3 SU x 4 partitions -> 12 SU For reference:
Reference:
https://docs.microsoft.com/en-us/azure/stream-analytics/stream-analytics-parallelization#calculate-the-maximum-streaming-
units-of-a-job
You have an Azure subscription that contains an Azure IoT hub and two Azure IoT Edge devices named Device1 and
Device2.
You need to ensure that the IoT hub only accepts connections from Device1 and Device2.
D. a gateway device
ANSWER: A
Explanation:
A private endpoint is a private IP address allocated inside a customer-owned VNet via which an Azure resource is reachable.
Through Azure Private Link, you can set up a private endpoint for your IoT hub to allow services inside your VNet to reach
IoT Hub without requiring traffic to be sent to IoT Hub's public endpoint. Similarly, your on-premises devices can use Virtual
Private Network (VPN) or ExpressRoute peering to gain connectivity to your VNet and your IoT Hub (via its private endpoint).
As a result, you can restrict or completely block off connectivity to your IoT hub's public endpoints by using IoT Hub IP filter
or the public network access toggle. This approach keeps connectivity to your Hub using the private endpoint for devices.
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/virtual-network-support
HOTSPOT
You need to use message enrichment to add additional device information to messages sent from the IoT gateway devices
when the reported temperature exceeds a critical threshold.
How should you configure the enrich message values? To answer, select the appropriate options in the answer area.
Hot Area:
Explanation:
Reference: https://docs.microsoft.com/bs-cyrl-ba/azure/iot-hub/iot-hub-message-enrichments-overview
QUESTION NO: 9
You have an Azure IoT Edge module named SampleModule that runs on a device named Device1.
You make changes to the code of SampleModule by using Microsoft Visual Studio Code.
Which two actions should you perform from Visual Studio Code? Each correct answer presents part of the solution.
ANSWER: B D
Explanation:
D: Once you create IoT Edge modules with your business logic, you want to deploy them to your devices to operate at the
edge.
B: Configure a deployment manifest. A deployment manifest is a JSON document that describes which modules to deploy,
how data flows between the modules, and desired properties of the module twins.
You deploy modules to your device by applying the deployment manifest that you configured with the module information.
1. In the Visual Studio Code explorer view, expand the Azure IoT Hub section, and then expand the Devices node.
2. To confirm that the device you've chosen is an IoT Edge device, select it to expand the list of modules and verify the
presence of $edgeHub and $edgeAgent. Every IoT Edge device includes these two modules.
4. Navigate to the deployment manifest JSON file that you want to use, and click Select Edge Deployment Manifest.
Reference:
https://docs.microsoft.com/en-us/azure/iot-edge/how-to-deploy-modules-vscode
DRAG DROP
You have an Azure subscription that contains an Azure IoT hub and 100 IoT devices.
The devices connect to the IoT hub by using the Advanced Message Queuing Protocol (AMQP) protocol and authenticate to
the IoT hub by using symmetric keys.
You need to configure the SASL PLAIN username for the AMQP connection.
How should you configure the username? To answer, drag the appropriate options to the correct targets. Each option may
be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
ANSWER:
Explanation:
Box 1: DeviceID
Box 2: sas
Reference:
https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-dev-guide-sas