Connect to and consume Azure services and third-party services

A retail system uses Azure Service Bus to process orders. Each order has multiple messages (e.g., payment, shipping, confirmation) that must be processed in sequence. You need to guarantee that all messages belonging to the same order are handled by the same consumer in order. Which Service Bus feature should you use?

You manage an API in Azure API Management. You need to cache API responses such that different responses are returned based on the product subscription key used by the caller. Which set of policies should you implement?

A company uses Azure Logic Apps to integrate with a third-party REST API. The API has a rate limit of 100 requests per minute. You need to ensure that the Logic App respects this limit. Which connector feature should you configure?

You are building an API that needs to send notifications to multiple subscribers. Each subscriber has a different callback URL, and you need to ensure each notification is sent exactly once and retried on failure. Which Azure service should you use?

You manage an API in Azure API Management. The API response varies depending on the caller's subscription key. You need to cache responses per subscription key to reduce backend load. Which policy configuration should you use?

You have an order processing system using Azure Service Bus. Each order generates multiple messages that must be processed in order and by the same consumer. Which Service Bus feature ensures this?

A company uses Azure Service Bus to receive order messages. Each order message must be processed exactly once, and duplicate messages are not tolerated due to financial transactions. However, the order processing system sometimes fails and retries, leading to potential duplicates. What Service Bus feature should be enabled on the message to support idempotent processing?

A company exposes an internal REST API to external partners using Azure API Management. They need to enforce a rate limit of 100 requests per minute per subscription. Which policy should they add?

You manage an API in Azure API Management. You need to enforce a rate limit of 200 requests per minute for each subscription key. Which policy should you include in the inbound policy section?

You are building a serverless workflow using Azure Logic Apps. The workflow must start when a new blob is uploaded to a specific container in Azure Blob Storage. Which trigger should you configure?

You are building an Azure Logic App that must send a confirmation email to users after a purchase. Your company uses Office 365 for email and you want to use the corporate email address. Which connector should you use?

A company uses Azure Logic Apps to automate business processes. They need to call an external REST API that requires OAuth 2.0 client credentials grant. Which connector should they use with minimal configuration?

A company uses Azure Service Bus to decouple microservices. They need to ensure that messages are processed in the order they are received, and that each message is handled by exactly one consumer instance even when the system scales out. Which feature should they enable?

You are building an Azure Logic App that must send an email notification when a new file is added to a SharePoint Online document library. Which connector and trigger should you use?

You are building a mobile app backend using Azure Functions. The function must send push notifications to devices using the Notification Hubs service. You need to authenticate the function to Notification Hubs using the principle of least privilege. What should you use?

You are building an Azure Logic App that must connect to a third-party CRM system using a custom API. The API requires an API key in the header of every request. You need to securely store the API key and reference it in the Logic App. Which approach should you use?

You are building an integration solution that connects an on-premises SQL Server database to Azure Data Factory. The on-premises network does not allow direct inbound connections from Azure. You need to securely transfer data from the database to Azure Blob Storage. Which data factory component should you use?

Your company uses Azure Logic Apps to automate a business process. The process needs to call an external REST API that requires an API key passed in the Authorization header. You need to store the API key securely and reference it in the Logic App. Which approach should you use?

You are building an Azure Logic App that must consume messages from an Azure Service Bus queue. The queue messages are JSON payloads containing order information. The Logic App must process each message exactly once and in the order they are received. You need to configure the trigger in the Logic App. Which trigger type and property should you choose?

You are building an Azure Logic App that must send email notifications via Office 365 when a new order is placed. You need to securely store the Office 365 credentials and reference them in the Logic App. Which approach should you use?

You are building an Azure Logic App that must call a third-party REST API. The API requires an API key passed as a query parameter. You need to store the API key securely and automatically add it to each request. Which approach should you use?

You are building an Azure Logic App that must call an external API secured with OAuth 2.0 Client Credentials flow. The external API is registered in a different Microsoft Entra ID tenant. You need to obtain an access token and add it to the request headers. Which action and authentication configuration should you use?

Your company uses Azure Logic Apps to automate workflows. A workflow must call an external REST API that requires an API key in the header. You need to securely store the API key and reference it in the Logic App without exposing it in the workflow definition. What should you do?

You are building an Azure Logic App that must call a third-party REST API secured with OAuth 2.0 Client Credentials flow. The client ID and client secret are stored in Azure Key Vault. You need to securely obtain an access token and include it in requests to the API. Which approach should you use in the Logic App?

You are building an Azure Logic App that must call an external REST API. The API requires an API key passed in the Authorization header. You need to store the API key securely and reference it in the Logic App without exposing it in the workflow definition. What should you do?

Your company uses Azure API Management (APIM) to expose several APIs. One of the backend APIs requires an API key that is stored in Azure Key Vault. You need to configure APIM to retrieve the API key from Key Vault and pass it to the backend in a header without exposing the key in policy definitions. Which APIM feature should you use?

You are building an Azure Logic App that must call an external API that uses the OAuth 2.0 authorization code grant. The API requires the user to sign in interactively to grant consent. You want to minimize development effort and securely manage the token lifecycle. Which built-in action and authentication method should you use?

Your company has an on-premises Windows service that exposes a custom TCP endpoint. You are building an Azure Logic App that needs to send data to this endpoint. Due to network security policies, you cannot open inbound ports in the firewall. You need to establish a secure bidirectional connection without configuring a VPN. Which Azure service should you use?

You are developing an ASP.NET Core application that needs to access Azure Key Vault to retrieve secrets. You have enabled a managed identity for the App Service. Which Azure SDK class should you use to authenticate to Key Vault?

You are building an Azure Logic App that needs to call an external HTTP API secured with OAuth 2.0 Client Credentials flow. The client ID and client secret are stored in Azure Key Vault. You need to obtain an access token and include it in the Authorization header of each request. Which combination of actions should you use within the Logic App?

You are building an Azure Logic App that needs to call a third-party REST API. The API requires an API key to be passed in the 'X-API-Key' header. You have stored the API key as a secret in Azure Key Vault. The Logic App uses a managed identity that has read access to the Key Vault secret. You want to retrieve the API key securely at runtime and include it in the HTTP request. Which approach should you use?

You are building an Azure Logic App that needs to call an external REST API. The API requires an API key to be passed in the 'X-API-Key' header. You have stored the API key as a secret in Azure Key Vault. The Logic App uses a managed identity that has read access to the Key Vault secret. You want to retrieve the API key securely at runtime and include it in the HTTP request. Which approach should you use?

You are building an application that subscribes to an Azure Event Grid topic using a custom webhook endpoint. The endpoint is a web API hosted on Azure App Service. You need to ensure that only Event Grid can invoke your webhook endpoint, preventing unauthorized requests. What should you implement in your webhook endpoint?

Your company has a set of REST APIs that are exposed through Azure API Management (APIM). One of the backend APIs is secured and requires an OAuth 2.0 access token from Microsoft Entra ID. The APIM instance has a system-assigned managed identity with permissions to request tokens for the backend API's scope. You need to configure APIM to automatically obtain a token and pass it to the backend API when requests come in. What should you do?

You are developing a worker role that processes events from an Azure Event Hub. The worker runs on multiple virtual machines to ensure high availability. Each partition of the Event Hub should be processed by only one instance at a time, and events from the same partition must be processed in order. You need to manage partition leasing and checkpointing efficiently. Which Azure SDK class should you use?

You are building an event-driven application that needs to publish messages to multiple independent subscribers. Each subscriber must be able to filter messages based on custom properties, and each subscriber must receive all messages that match its filter, even if other subscribers have different filters. The solution must guarantee message delivery. Which Azure messaging service should you use?

You are developing a web application that relies on a third-party weather API. The API has a rate limit of 10 requests per second per API key. You need to ensure your application never exceeds this limit and also caches responses for 10 minutes to reduce call frequency. Which combination of Azure services should you implement?

You are using Azure Event Grid to respond to blob storage events (blob created). You need to ensure that only JPEG image files trigger a function for processing, while other files are ignored. The number of files is high, and you want to minimize cost and latency. How should you filter events?

You manage a set of APIs using Azure API Management (APIM). One backend API requires an API key passed in the 'X-API-Key' header. The API key is stored securely in a named value in APIM. You need to configure APIM to add this header to all requests to that backend without exposing the key to API consumers. Which policy should you add to the inbound processing for that API?

You are building an Azure Logic App that needs to call an external API secured with OAuth 2.0 client credentials flow. You have registered an application in Microsoft Entra ID with client ID 'myClientId' and client secret stored in Key Vault. Which action should you use to authenticate?

You have an Azure Event Grid topic that receives storage blob created events. You only want to process events for files with a '.jpg' extension. You need to minimize cost and latency. How should you filter the events?

You are building an Azure Logic App that calls an external REST API secured with the OAuth 2.0 client credentials flow. You have registered an app in Microsoft Entra ID with client ID and client secret stored in Azure Key Vault. The Logic App uses a system-assigned managed identity with Get permission on the secret. Which action should you use in the Logic App designer to authenticate to the API?

You are building an Azure Logic App that processes orders. When an order is placed, the Logic App must send a message to an Azure Service Bus queue. The queue is secured using managed identity. Which connector action should you use?

You are building a solution that processes events from multiple Azure Event Hubs. Events must be dispatched to different downstream services based on the event type. You need a serverless solution that can handle high throughput and uses managed identity to authenticate to Event Hubs. Which Azure service should you use?

An application publishes order events that multiple independent subscribers must process. Subscribers may be added later without changing the publisher. Which Azure messaging service should be used?

A system receives high-volume event notifications from Azure resources and routes them to serverless handlers. Events are lightweight and should use native event routing. Which service should be used?

A developer exposes several backend APIs through Azure API Management. Clients must be throttled by subscription to protect the backend. What should be configured?

A function consumes messages from Azure Service Bus. Which two settings help handle transient failures safely?

An application calls a third-party shipping API through HTTP. The developer must implement retries without overwhelming the remote system during partial outages. Which retry pattern is best?

An application publishes order events that multiple independent subscribers must process. Subscribers may be added later without changing the publisher. Which Azure messaging service should be used? The design must avoid adding custom operational scripts.

A system receives high-volume event notifications from Azure resources and routes them to serverless handlers. Events are lightweight and should use native event routing. Which service should be used? The design must avoid adding custom operational scripts.

A developer exposes several backend APIs through Azure API Management. Clients must be throttled by subscription to protect the backend. What should be configured? The design must avoid adding custom operational scripts.

A function consumes messages from Azure Service Bus. Which two settings help handle transient failures safely? The design must avoid adding custom operational scripts.

An application calls a Event Grid event stream through HTTP. The developer must implement retries without overwhelming the remote system during partial outages. Which retry pattern is best?

An application publishes order events that multiple independent subscribers must process. Subscribers may be added later without changing the publisher. Which Azure messaging service should be used? The architecture review board prefers a managed AWS-native control.

A system receives high-volume event notifications from Azure resources and routes them to serverless handlers. Events are lightweight and should use native event routing. Which service should be used? The architecture review board prefers a managed AWS-native control.

A developer exposes several backend APIs through Azure API Management. Clients must be throttled by subscription to protect the backend. What should be configured? The architecture review board prefers a managed AWS-native control.

A function consumes messages from Azure Service Bus. Which two settings help handle transient failures safely? The architecture review board prefers a managed AWS-native control.

An application calls a Service Bus topic through HTTP. The developer must implement retries without overwhelming the remote system during partial outages. Which retry pattern is best?

An application publishes order events that multiple independent subscribers must process. Subscribers may be added later without changing the publisher. Which Azure messaging service should be used? The team wants the control to be enforceable during normal operations.