New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Microsoft > Microsoft Certified: Azure Solutions Architect Expert > AZ-305

AZ-305 Designing Microsoft Azure Infrastructure Solutions Question and Answers

Question # 4

You migrate App1 to Azure. You need to ensure that the data storage for App1 meets the security and compliance requirement

What should you do?

A.

Create an access policy for the blob

B.

Modify the access level of the blob service.

C.

Implement Azure resource locks.

D.

Create Azure RBAC assignments.

Full Access
Question # 5

You need to configure an Azure policy to ensure that the Azure SQL databases have TDE enabled. The solution must meet the security and compliance requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Full Access
Question # 6

A company has an on-premises file server cbflserver that runs Windows Server 2019. Windows Admin Center manages this server. The company owns an Azure subscription. You need to provide an Azure solution to prevent data loss if the file server fails.

Solution: You decide to create an Azure Recovery Services vault. You then decide to install the Azure Backup agent and then schedule the backup. Would this meet the requirement?

A.

Yes

B.

No

Full Access
Question # 7

You plan to migrate App1 to Azure.

You need to estimate the compute costs for App1 in Azure. The solution must meet the security and compliance requirements.

What should you use to estimate the costs, and what should you implement to minimize the costs? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 8

You need to ensure that users managing the production environment are registered for Azure MFA and must authenticate by using Azure MFA when they sign in to the Azure portal. The solution must meet the authentication and authorization requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 9

A company has an on-premises file server cbflserver that runs Windows Server 2019. Windows Admin Center manages this server. The company owns an Azure subscription. You need to provide an Azure solution to prevent data loss if the file server fails.

Solution: You decide to register Windows Admin Center in Azure and then configure Azure Backup.

Would this meet the requirement?

A.

Yes

B.

No

Full Access
Question # 10

A company is planning on deploying an application onto Azure. The application will be based on the .Net core programming language. The application would be hosted using Azure Web apps. Below is part of the various requirements for the application

Give the ability to correlate Azure resource usage and the performance data with the actual application configuration and performance data

Give the ability to visualize the relationships between application components

Give the ability to track requests and exceptions to specific lines of code from within the application Give the ability to actually analyse how uses return to an application and see how often they only select a particular drop-down value

Which of the following service would be best suited for fulfilling the requirement of

“Give the ability to correlate Azure resource usage and the performance data with the actual application configuration and performance data”

A.

Azure Application Insights

B.

Azure Service Map

C.

Azure Log Analytics

D.

Azure Activity Log

Full Access
Question # 11

You plan to create an Azure Storage account that will host file shares. The shares will be accessed from on-premises applications that are transaction-intensive.

You need to recommend a solution to minimize latency when accessing the file shares. The solution must provide the highest-level of resiliency for the selected storage tier.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 12

Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service.

Contoso establishes a partnership with another company named Fabrikam. IncL

Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.

I Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso.

You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:

• Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.

• The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.

• The solution must NOT require changes to the logic apps.

• The solution must NOT use Azure AD guest accounts.

What should you include in the solution?

A.

Azure AD business-to-business (B2B)

B.

Azure AD Application Proxy

C.

Azure Front Door

D.

Azure API Management

Full Access
Question # 13

You have an Azure subscription that contains 1,000 resources.

You need to generate compliance reports for the subscription. The solution must ensure that the resources can be grouped by department.

What should you use to organize the resources?

A.

application groups and quotas

B.

resource groups and role assignments

C.

Azure Policy and tags

D.

administrative units and Azure Lighthouse

Full Access
Question # 14

You have an Azure subscription named Sub1 that is linked to an Azure AD tenant named contoso.com.

You plan to implement two ASP.NET Core apps named App1 and App2 that will be deployed to 100 virtual machines in Sub1. Users will sign in to App1 and App2 by using their contoso.com credentials.

App1 requires read permissions to access the calendar of the signed-m user. App2 requires write permissions to access the calendar of the signed-in user.

You need to recommend an authentication and authorization solution for the apps. The solution must meet the following requirements:

• Use the principle of least privilege.

• Minimize administrative effort

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one pent.

Full Access
Question # 15

You have an on-premises datacenter named Site1. Site1 contains a VMware vSphere cluster named Cluster1 that hosts 100 virtual machines. Cluster1 is managed by using VMware vCenter.

You have an Azure subscription named Sub1.

You plan to migrate the virtual machines from Cluster1 to Sub1.

You need to identify which resources are required to run the virtual machines in Azure. The solution must minimize administrative effort.

What should you configure? To answer, drag the appropriate resources to the correct targets. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Full Access
Question # 16

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You plan to deploy multiple instances of an Azure web app across several Azure regions.

You need to design an access solution for the app. The solution must meet the following replication requirements:

    Support rate limiting.

    Balance requests between all instances.

    Ensure that users can access the app in the event of a regional outage.

Solution: You use Azure Application Gateway to provide access to the app.

Does this meet the goal?

A.

Yes

B.

No

Full Access
Question # 17

You have an Azure subscription. The subscription contains 100 virtual machine that am Windows Server.

You need to recommend a solution that will provide monitoring and an audit trail of the following modifications:

• Changes to the Windows registry on the virtual machines

• Changes to the DNS settings of the virtual machines

The solution must minimize administrative effort.

What should you recommend using for each change? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 18

You plan to deploy Azure Databricks to support a machine learning application. Data engineers will mount an Azure Data Lake Storage account to the Databricks file system. Permissions to folders are granted directly to the data engineers.

You need to recommend a design for the planned Databrick deployment. The solution must meet the following requirements:

    Ensure that the data engineers can only access folders to which they have permissions.

    Minimize development effort.

    Minimize costs.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 19

You plan to deploy an application named App1 that will run in containers on Azure Kubernetes Service (AKS) clusters. The AKS clusters will be distributed across four Azure regions.

You need to recommend a storage solution to ensure that updated container images are replicated automatically to all the Azure regions hosting the AKS clusters.

Which storage solution should you recommend?

A.

Azure Cache for Redis

B.

Premium SKU Azure Container Registry

C.

Azure Content Delivery Network (CON)

D.

geo-redundant storage (GRS) accounts

Full Access
Question # 20

You have an Azure AD tenant that contains a management group named MG1. You have the Azure subscriptions shown in the following table.

The subscriptions contain the resource groups shown in the following table.

The subscription contains the Azure AD security groups shown in the following table.

The subscription contains the user accounts shown in the following table.

You perform the following actions:

• Assign User3 the Contributor role for Sub1.

• Assign Group1 the Virtual Machine Contributor role for MG1.

• Assign Group3 the Contributor role for the Tenant Root Group.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 21

You have an application named App1. App1 generates log files that must be archived for five years. The log files must be readable by App1 but must not be modified.

Which storage solution should you recommend for archiving?

A.

Ingest the log files into an Azure Log Analytics workspace

B.

Use an Azure Blob storage account and a time-based retention policy

C.

Use an Azure Blob storage account configured to use the Archive access tier

D.

Use an Azure file share that has access control enabled

Full Access
Question # 22

You are designing a solution that will include containerized applications running in an Azure Kubernetes Service (AKS) cluster.

You need to recommend a load balancing solution for HTTPS traffic. The solution must meet the following requirements:

    Automatically configure load balancing rules as the applications are deployed to the cluster.

    Support Azure Web Application Firewall (WAF).

    Support cookie-based affinity.

    Support URL routing.

What should you include the recommendation?

A.

an NGINX ingress controller

B.

Application Gateway Ingress Controller (AGIC)

C.

an HTTP application routing ingress controller

D.

the Kubernetes load balancer service

Full Access
Question # 23

You have an Azure subscription. The subscription contains a tiered app named App1 that is distributed across multiple containers hosted in Azure Container Instances.

You need to deploy an Azure Monitor monitoring solution for App1. The solution must meet the following requirements:

• Support using synthetic transaction monitoring to monitor traffic between the App1 components.

• Minimize development effort.

What should you include in the solution?

A.

Network Insights

B.

Application Insights

C.

Container insights

D.

Log Analytics Workspace Insights

Full Access
Question # 24

You need to design a highly available Azure SQL database that meets the following requirements:

    Failover between replicas of the database must occur without any data loss.

    The database must remain available in the event of a zone outage.

    Costs must be minimized

Which deployment option should you use?

A.

Azure SQL Database Standard

B.

Azure SQL Database Serverless

C.

Azure SQL Managed Instance General Purpose

D.

Azure SQL Database Premium

Full Access
Question # 25

You have an Azure subscription that contains a storage account.

An application sometimes writes duplicate files to the storage account.

You have a PowerShell script that identifies and deletes duplicate files in the storage account. Currently, the script is run manually after approval from the operations manager.

You need to recommend a serverless solution that performs the following actions:

    Runs the script once an hour to identify whether duplicate files exist

    Sends an email notification to the operations manager requesting approval to delete the duplicate files

    Processes an email response from the operations manager specifying whether the deletion was approved

    Runs the script if the deletion was approved

What should you include in the recommendation?

A.

Azure Logic Apps and Azure Functions

B.

Azure Pipelines and Azure Service Fabric

C.

Azure Logic Apps and Azure Event Grid

D.

Azure Functions and Azure Batch

Full Access
Question # 26

You have an app that generates 50,000 events daily.

You plan to Stream the events to an Azure event hub and use Event Hubs Capture to implement cold path processing Of the events Output Of Event Hubs Capture will be consumed by a reporting system.

You reed to identify which type of Azure storage must be provisioned to support Event Hubs Capture, and which inbound data format the reporting system must support.

What should you identity? To answer. select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 27

You have an on-premises storage solution.

You need to migrate the solution to Azure. The solution must support Hadoop Distributed File System (HDFS).

What should you use?

A.

Azure Data Lake Storage Gen2

B.

Azure NetApp Files

C.

Azure Data Share

D.

Azure Table storage

Full Access
Question # 28

You have an on-premises application named App1 that uses an Oracle database.

You plan to use Azure Databricks to transform and load data from App1 to an Azure Synapse Analytics instance.

You need to ensure that the App1 data is available to Databricks.

Which two Azure services should you include in the solution? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.

Azure Data Box Edge

B.

Azure Data Lake Storage

C.

Azure Data Factory

D.

Azure Data Box Gateway

E.

Azure Import/Export service

Full Access
Question # 29

You are designing a data pipeline that will integrate large amounts of data from multiple on-premises Microsoft SQL Server databases into an analytics platform in Azure. The pipeline will include the following actions:

• Database updates will be exported periodically into a staging area in Azure Blob storage.

• Data from the blob storage will be cleansed and transformed by using a highly parallelized load process.

• The transformed data will be loaded to a data warehouse.

• Each batch of updates will be used to refresh an online analytical processing (OLAP) model in a managed serving layer.

• The managed serving layer will be used by thousands of end users.

You need to implement the data warehouse and serving layers.

What should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 30

How should the migrated databases DB1 and DB2 be implemented in Azure?

Full Access
Question # 31

You plan to migrate App1 to Azure.

You need to recommend a network connectivity solution for the Azure Storage account that will host the App1 data. The solution must meet the security and compliance requirements.

What should you include in the recommendation?

A.

a private endpoint

B.

a service endpoint that has a service endpoint policy

C.

Azure public peering for an ExpressRoute circuit

D.

Microsoft peering for an ExpressRoute circuit

Full Access
Question # 32

You plan to migrate App1 to Azure.

You need to recommend a storage solution for App1 that meets the security and compliance requirements.

Which type of storage should you recommend, and how should you recommend configuring the storage? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 33

You plan to migrate App1 to Azure. The solution must meet the authentication and authorization requirements.

Which type of endpoint should App1 use to obtain an access token?

A.

Azure Instance Metadata Service (IMDS)

B.

Azure AD

C.

Azure Service Management

D.

Microsoft identity platform

Full Access
Question # 34

To meet the authentication requirements of Fabrikam, what should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 35

You need to recommend a notification solution for the IT Support distribution group.

What should you include in the recommendation?

A.

Azure Network Watcher

B.

an action group

C.

a SendGrid account with advanced reporting

D.

Azure AD Connect Health

Full Access
Question # 36

You are evaluating the components of the migration to Azure that require you to provision an Azure Storage account.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 37

You need to recommend a strategy for migrating the database content of WebApp1 to Azure. What should you include in the recommendation?

A.

Use Azure Site Recovery to replicate the SQL servers to Azure.

B.

Use SQL Server transactional replication.

C.

Copy the BACPAC file that contains the Azure SQL database file to Azure Blob storage.

D.

Copy the VHD that contains the Azure SQL database files to Azure Blob storage

Full Access
Question # 38

You need to recommend a data storage strategy for WebApp1.

What should you include in in the recommendation?

A.

an Azure SQL Database elastic pool

B.

a vCore-based Azure SQL database

C.

an Azure virtual machine that runs SQL Server

D.

a fixed-size DTU AzureSQL database.

Full Access
Question # 39

You need to recommend an App Service architecture that meets the requirements for Appl. The solution must minimize costs.

What should few recommend?

A.

one App Service Environment (ASE) per availability zone

B.

one App Service plan per availability zone

C.

one App Service plan per region

D.

one App Service Environment (ASE) per region

Full Access
Question # 40

What should you recommend lo meet the monitoring requirements for App2?

A.

Azure Application Insights

B.

Container insights

C.

Microsoft Sentinel

D.

VM insights

Full Access
Question # 41

You need to recommend a solution that meets the file storage requirements for App2.

What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Full Access
Question # 42

What should you recommend to meet the monitoring requirements for App2?

A.

Microsoft Sentinel

B.

Azure Application Insights

C.

Container insights

D.

VM insights

Full Access
Question # 43

You need to recommend a solution that meets the application development requirements.

What should you include in the recommendation?

A.

the Azure App Configuration service

B.

Continuous Integration/Continuous Deployment (CI/CD) sources

C.

deployment slots

D.

an Azure Container Registry instance

Full Access
Question # 44

You need to recommend a solution that meets the data requirements for App1.

What should you recommend deploying to each availability zone that contains an instance of App1?

A.

an Azure Cosmos DB that uses multi-region writes

B.

an Azure Storage account that uses geo-zone-redundant storage (GZRS)

C.

an Azure Data Lake store that uses geo-zone-redundant storage (GZRS)

D.

an Azure SQL database that uses active geo-replication

Full Access
Question # 45

What should you implement to meet the identity requirements? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 46

You are evaluating whether to use Azure Traffic Manager and Azure Application Gateway to meet the connection requirements for App1.

What is the minimum numbers of instances required for each service? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 47

You need to recommend a solution to ensure that App1 can access the third-party credentials and access strings. The solution must meet the security requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 48

You need to recommend a solution that meets the application development requirements.

What should you include in the recommendation?

A.

an Azure Container Registry instance

B.

deployment slots

C.

Continuous Integration/Continuous Deployment (CI/CD) sources

D.

the Azure App Configuration service

Full Access
Question # 49

You need to recommend a solution that meets the data requirements for App1.

What should you recommend deploying to each availability zone that contains an instance of App1?

A.

an Azure Cosmos DB that uses multi-region writes

B.

an Azure Data Lake store that uses geo-zone-redundant storage (GZRS)

C.

an Azure SQL database that uses active geo-replication

D.

an Azure Storage account that uses geo-zone-redundant storage (GZRS)

Full Access