Exam AZ-204 topic 4 question 70 discussion

Case study -

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.


To start the case study -
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.


Background -

Munson’s Pickles and Preserves Farm is an agricultural cooperative corporation based in Washington, US, with farms located across the United States. The company supports agricultural production resources by distributing seeds fertilizers, chemicals, fuel, and farm machinery to the farms.


Current Environment -

The company is migrating all applications from an on-premises datacenter to Microsoft Azure. Applications support distributors, farmers, and internal company staff.


Corporate website -
• The company hosts a public website located at http://www.munsonspicklesandpreservesfarm.com. The site supports farmers and distributors who request agricultural production resources.


Farms -
• The company created a new customer tenant in the Microsoft Entra admin center to support authentication and authorization for applications.


Distributors -
• Distributors integrate their applications with data that is accessible by using APIs hosted at http://www.munsonspicklesandpreservesfarm.com/api to receive and update resource data.


Requirements -

The application components must meet the following requirements:


Corporate website -
• The site must be migrated to Azure App Service.
• Costs must be minimized when hosting in Azure.
• Applications must automatically scale independent of the compute resources.
• All code changes must be validated by internal staff before release to production.
• File transfer speeds must improve, and webpage-load performance must increase.
• All site settings must be centrally stored, secured without using secrets, and encrypted at rest and in transit.
• A queue-based load leveling pattern must be implemented by using Azure Service Bus queues to support high volumes of website agricultural production resource requests.


Farms -
• Farmers must authenticate to applications by using Microsoft Entra ID.


Distributors -
• The company must track a custom telemetry value with each API call and monitor performance of all APIs.
• API telemetry values must be charted to evaluate variations and trends for resource data.


Internal staff -
• App and API updates must be validated before release to production.
• Staff must be able to select a link to direct them back to the production app when validating an app or API update.
• Staff profile photos and email must be displayed on the website once they authenticate to applications by using their Microsoft Entra ID.


Security -
• All web communications must be secured by using TLS/HTTPS.
• Web content must be restricted by country/region to support corporate compliance standards.
• The principle of least privilege must be applied when providing any user rights or process access rights.
• Managed identities for Azure resources must be used to authenticate services that support Microsoft Entra ID authentication.


Issues -


Corporate website -
• Farmers report HTTP 503 errors at the same time as internal staff report that CPU and memory usage are high.
• Distributors report HTTP 502 errors at the same time as internal staff report that average response times and networking traffic are high.
• Internal staff report webpage load sizes are large and take a long time to load.
• Developers receive authentication errors to Service Bus when they debug locally.


Distributors -
• Many API telemetry values are sent in a short period of time. Telemetry traffic, data costs, and storage costs must be reduced while preserving a statistically correct analysis of the data points sent by the APIs.


You need to secure the corporate website to meet the security requirements.

What should you do?