DRAG DROP
Case Study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next sections of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Background
Overview
Woodgrove Bank has 20 regional offices and operates 1,500 branch office locations. Each regional office hosts the servers, infrastructure, and applications that support that region.
Woodgrove Bank plans to move all of their on-premises resources to Azure, including virtual machine (VM)-based, line-of-business workloads, and SQL databases. You are the owner of the Azure subscription that Woodgrove Bank is using. Your team is using Git repositories hosted on GitHub for source control.
Security
Currently, Woodgrove Bank's Computer Security Incident Response Team (CSIRT) has a problem investigating security issues due to the lack of security intelligence integrated with their current incident response tools. This lack of integration introduces a problem during the detection (too many false positives), assessment, and diagnose stages. You decide to use Azure Security Center to help address this problem.
Woodgrove Bank has several apps with regulates data such as Personally Identifiable Information (PII) that require a higher level of security. All apps are currently secured by using an on-premises Active Directory Domain Services (ADDS). The company depends on following mission-critical apps: WGBLoanMaster, WGBLeaseLeader, and WGBCreditCruncher apps. You plan to move each of these apps to Azure as part of an app migration project.
Apps
The WGBLoanMaster app has been audited for transaction loss. Many transactions have been lost is processing and monetary write-offs have cost the bank. The app runs on two VMs that include several public endpoints.
The WGBLeaseLeader app has been audited for several data breaches. The app includes a SQL Server database and a web-based portal. The portal uses an ASP.NET Web API function to generate a monthly aggregate report from the database.
The WGBCreditCruncher app runs on a VM and is load balanced at the network level. The app includes several stateless components and must accommodate scaling of increased credit processing. The app runs on a nightly basis to process credit transactions that are batched during the day. The app includes a web-based portal where customers can check their credit information. A mobile version of the app allows users to upload check images.
Business Requirements
WGBLoanMaster app
The app audit revealed a need for zero transaction loss. The business is losing money due to the app losing and not processing loan information. In addition, transactions fail to process after running for a long time. The business has requested the aggregation processing to be scheduled for 01:00 to prevent system slowdown.
WGBLeaseLeader app
The app should be secured to stop data breaches. If the data is breached, it must not be readable.
The app is continuing to see increased volume and the business does not want the issues presented in the WGBLoanMaster app. Transaction loss is unacceptable, and although the lease monetary amounts are smaller than loans, they are still an important profit center for Woodgrove Bank. The business would also like the monthly report to be automatically generated on the first of the month. Currently, a user must log in to the portal and click a button to generate the report.
WGBCreditCruncher app
The web-based portal area of the app must allow users to sign in with their Facebook credentials.
The bank would like to allow this feature to enable more users to check their credit within the app.
Woodgrove Bank needs to develop a new financial risk modeling feature that they can include in the WGBCreditCruncher app. The financial risk modeling feature has not been developed due to costs associated with processing, transforming, and analyzing the large volumes of data that are collected. You need to find a way to implement parallel processing to ensure that the features run efficiently, reliably, and quickly. The feature must scale based on computing demand to process the large volumes of data and output several financial risk models.
Technical Requirements
WGBLoanMaster app
The app uses several compute-intensive tasks that create long-running requests to the system.
The app is critical to the business and must be scalable to increased loan processing demands.
The VMs that run the app include a Windows Task Scheduler task that aggregates loan information from the app to send to a third party. This task runs a console app on the VM.
The app requires a messaging system to handle transaction processing. The messaging system must meet the following requirements:
*Require server-side logs of all of the transactions run against your queues.
*Track progress of a message within the queue.
*Process the messages within 7 days.
*Provide a differing timeout value per message.
WGBCreditCruncher app
The app must:
*Secure inbound and outbound traffic.
*Analyze inbound network traffic for vulnerabilities.
*Use an instance-level public IP and allow web traffic on port 443 only.
*Upgrade the portal to a Single Page Application (SPA) that uses JavaScript, Azure Active Directory (Azure AD), and the OAuth 2.0 implicit authorization grant to secure the Web API back end.
*Cache authentication and host the Web API back end using the Open Web Interface for .NET (OWIN) middleware.
*Immediately compress check images received from the mobile web app.
*Schedule processing of the batched credit transactions on a nightly basis.
*Provide parallel processing and scalable computing resources to output financial risk models.
*Use simultaneous computer nodes to enable high performance computing and updating of the financial risk models.
Key security area
You are evaluating the architecture for the WGBCreditCruncher app.
You need to implement an Azure service to process each portion of the app data.
For each type of app data, what should you implement? To answer, drag the appropriate Azure services to the correct app data types. Each Azure service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Explanation:
