Case Study 8 - VanArsdel, Ltd Background VanArsdel, Ltd. is a global office supply company. The company is based in Canada and has retail store locations across the world. The company is developing several cloud-based solutions to support their stores, distributors, suppliers, and delivery services. Current environment Corporate website consists of a React JavaScript user interface, HTML, CSS, image assets, and several APIs hosted in Azure Functions. Retail Store Locations The company supports thousands of store locations globally. Store locations send data every hour to an Azure Blob storage account to support inventory, purchasing and delivery services. Each record includes a location identifier and sales transaction information. Requirements The application components must meet the following requirements: Corporate website - Secure the website by using SSL. - Minimize costs for data storage and hosting. - Implement native GitHub workflows for continuous integration and continuous deployment (CI/CD). - Distribute the website content globally for local use. - Implement monitoring by using Application Insights and availability web tests including SSL certificate validity and custom header value verification. - The website must have 99.95 percent uptime. Retail store locations - Azure Functions must process data immediately when data is uploaded to Blob storage. Azure Functions must update Azure Cosmos DB by using native SQL language queries. - Audit store sale transaction information nightly to validate data, process sales financials, and reconcile inventory. Delivery services - Store service telemetry data in Azure Cosmos DB by using an Azure Function. Data must include an item id, the delivery vehicle license plate, vehicle package capacity, and current vehicle location coordinates. - Store delivery driver profile information in Azure Active Directory (Azure AD) by using an Azure Function called from the corporate website. Inventory services The company has contracted a third-party to develop an API for inventory processing that requires access to a specific blob within the retail store storage account for three months to include read-only access to the data. Security - All Azure Functions must centralize management and distribution of configuration data for different environments and geographies, encrypted by using a company-provided RSA-HSM key. - Authentication and authorization must use Azure AD and services must use managed identities where possible. Issues Retail Store Locations - You must perform a point-in-time restoration of the retail store location data due to an unexpected and accidental deletion of data. - Azure Cosmos DB queries from the Azure Function exhibit high Request Unit (RU) usage and contain multiple, complex queries that exhibit high point read latency for large items as the function app is scaling. Question You need to secure the Azure Functions to meet the security requirements. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Question

Accepted Answer

A. Store the RSA-HSM key in Azure Key Vault with soft-delete and purge-protection features D. Create a standard tier Azure App Configuration instance with an assigned Azure AD managed

Answer

B. Store the RSA-HSM key in Azure Blob storage with an immutability policy applied to the

Answer

C. Create a free tier Azure App Configuration instance with a new Azure AD service principal.

Answer

E. Store the RSA-HSM key in Azure Cosmos DB. Apply the built-in policies for customer-managed

AZ-204 Question #434: Real Exam Question with Answer & Explanation

Question

Options

Explanation

Community Discussion