ExamGecko
Login
Home / Microsoft / AZ-305 / List of questions
Ask Question

Microsoft AZ-305 Practice Test - Questions Answers, Page 12

List of questions

Question 111

Report
Export
Collapse

Your company has an Azure Web App that runs via the Premium App Service Plan. A development team will be using the Azure Web App. You have to configure the Azure Web app so that it can fulfil the below requirements. Provide the ability to switch the web app from the current version to a newer version Provide developers with the ability to test newer versions of the application before the switch to the newer version occurs Ensure that the application version can be rolled back Minimize downtime Which of the following can be used for this requirement?

Create a new App Service Plan
Create a new App Service Plan
Make use of deployment slots
Make use of deployment slots
Map a custom domain
Map a custom domain
Backup the Azure Web App
Backup the Azure Web App
Suggested answer: B
asked 02/10/2024
Orenthial Johnson
31 questions

Question 112

Report
Export
Collapse

You have to deploy an Azure SQL database named db1 for your company. The databases must meet the following security requirements When IT help desk supervisors query a database table named customers, they must be able to see the full number of each credit card When IT help desk operators query a database table named customers, they must only see the last four digits of each credit card number A column named Credit Card rating in the customers table must never appear in plain text in the database system. Only client applications must be able to decrypt the information that is stored in this column Which of the following can be implemented for the Credit Card rating column security requirement?

Always Encrypted
Always Encrypted
Azure Advanced Threat Protection
Azure Advanced Threat Protection
Transparent Data Encryption
Transparent Data Encryption
Dynamic Data Masking
Dynamic Data Masking
Suggested answer: A

Explanation:

https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypteddatabase-engine?view=sql-server-ver15

asked 02/10/2024
Karthika Aravinth
33 questions

Question 113

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain. Your company has a line-of-business (LOB) application that was developed internally.

You need to implement. SAML single sign-on (SSO) and enforce multi-factor authentication (MFA) when users attempt to access the application from an unknown location. Which two features should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Azure AD enterprise applications
Azure AD enterprise applications
Azure AD Identity Protection
Azure AD Identity Protection
Azure Application Gateway
Azure Application Gateway
Conditional Access policies
Conditional Access policies
Azure AD Privileged Identity Management (PIM)
Azure AD Privileged Identity Management (PIM)
Suggested answer: A, D
asked 02/10/2024
Trung Phan
43 questions

Question 114

Report
Export
Collapse

You ate designing an Azure governance solution.

All Azure resources must be easily identifiable based on the following operational information environment, owner, department and cost center You need 10 ensure that you can use the operational information when you generate reports for the Azure resources.

What should you include in the solution?

Azure Active Directory (Azure AD) administrative units
Azure Active Directory (Azure AD) administrative units
an Azure data catalog that uses the Azure REST API as a data source
an Azure data catalog that uses the Azure REST API as a data source
an Azure policy that enforces tagging rules
an Azure policy that enforces tagging rules
an Azure management group that uses parent groups to create a hierarchy
an Azure management group that uses parent groups to create a hierarchy
Suggested answer: C

Explanation:

You use Azure Policy to enforce tagging rules and conventions. By creating a policy, you avoid the scenario of resources being deployed to your subscription that don't have the expected tags for your organization. Instead of manually applying tags or searching for resources that aren't compliant, you create a policy that automatically applies the needed tags during deployment. Note: Organizing cloud-based resources is a crucial task for IT, unless you only have simple deployments. Use naming and tagging standards to organize your resources for these reasons:

Resource management: Your IT teams will need to quickly locate resources associated with specific workloads, environments, ownership groups, or other important information. Organizing resources is critical to assigning organizational roles and access permissions for resource management.

Reference:

https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/decision-guides/resourcetagging

https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/tag-policies

asked 02/10/2024
Kinzonji Tavares
42 questions

Question 115

Report
Export
Collapse

You plan to automate the deployment of resources to Azure subscriptions.

What is a difference between using Azure Blueprints and Azure Resource Manager (ARM) templates?

ARM templates remain connected to the deployed resources.
ARM templates remain connected to the deployed resources.
Only ARM templates can contain policy definitions.
Only ARM templates can contain policy definitions.
Blueprints remain connected to the deployed resources.
Blueprints remain connected to the deployed resources.
Only Blueprints can contain policy definitions.
Only Blueprints can contain policy definitions.
Suggested answer: C

Explanation:

With Azure Blueprints, the relationship between the blueprint definition (what should be deployed) and the blueprint assignment (what was deployed) is preserved. This connection supports improved tracking and auditing of deployments. Azure Blueprints can also upgrade several subscriptions at once that are governed by the same blueprint.

Reference:

https://docs.microsoft.com/en-us/answers/questions/26851/how-is-azure-blue-prints-differentfrom-resource-m.html

asked 02/10/2024
Yenziwe Yengwa
43 questions

Question 116

Report
Export
Collapse

A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with Microsoft Office 365 and an Azure subscription. Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active Directory Domain Services (AD DS), and Azure AD Connect Contoso has a partnership with a company named Fabrikam, Inc. Fabrikam has an Active Directory forest and an Office 365 tenant. Fabrikam has the same on-premises identity infrastructure as Contoso. A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure subscription of Contoso. The developers must be added to the Contributor role for a resource in the Contoso subscription. You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam developers. The solution must ensure that the Fabrikam developers use their existing credentials to access resources. What should you recommend?

Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.
Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.
Configure an organization relationship between the Office 365 tenants of Fabrikam and Contoso.
Configure an organization relationship between the Office 365 tenants of Fabrikam and Contoso.
In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers.
In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers.
Configure an AD FS relying party trust between the fabrikam and Contoso AD FS infrastructures.
Configure an AD FS relying party trust between the fabrikam and Contoso AD FS infrastructures.
Suggested answer: A

Explanation:

Trust configurations - Configure trust from managed forests(s) or domain(s) to the administrative forest A one-way trust is required from production environment to the admin forest. Selective authentication should be used to restrict accounts in the admin forest to only logging on to the appropriate production hosts.

Reference:

https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securingprivileged-access-reference-material

asked 02/10/2024
Jennifer Leon
41 questions

Question 117

Report
Export
Collapse

You are designing a microservices architecture that will support a web application.

The solution must meet the following requirements:

Allow independent upgrades to each microservice

Deploy the solution on-premises and to Azure

Set policies for performing automatic repairs to the microservices

Support low-latency and hyper-scale operations

You need to recommend a technology.

What should you recommend?

Azure Service Fabric
Azure Service Fabric
Azure Container Service
Azure Container Service
Azure Container Instance
Azure Container Instance
Azure Virtual Machine Scale Set
Azure Virtual Machine Scale Set
Suggested answer: A

Explanation:

https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-overview

asked 02/10/2024
justen layne
37 questions

Question 118

Report
Export
Collapse

You plan to deploy an Azure App Service web app that will have multiple instances across multiple Azure regions. You need to recommend a load balancing service for the planned deployment. The solution must meet the following requirements:

Maintain access to the app in the event of a regional outage.

Support Azure Web Application Firewall (WAF).

Support cookie-based affinity.

Support URL routing.

What should you include in the recommendation?

Azure Front Door
Azure Front Door
Azure Load Balancer
Azure Load Balancer
Azure Traffic Manager
Azure Traffic Manager
Azure Application Gateway
Azure Application Gateway
Suggested answer: A

Explanation:

Azure Traffic Manager performs the global load balancing of web traffic across Azure regions, which have a regional load balancer based on Azure Application Gateway. This combination gets you the benefits of Traffic Manager many routing rules and Application Gateway’s capabilities such as WAF, TLS termination, path-based routing, cookie-based session affinity among others.

Reference:

https://docs.microsoft.com/en-us/azure/application-gateway/features

asked 02/10/2024
Miguel Seron Blasco
30 questions

Question 119

Report
Export
Collapse

You have an Azure subscription.

Your on-premises network contains a file server named Server1. Server 1 stores 5 TB of company files that are accessed rarely. You plan to copy the files to Azure Storage.

You need to implement a storage solution for the files that meets the following requirements:

• The files must be available within 24 hours of being requested.

• Storage costs must be minimized.

Which two possible storage solutions achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Create a general-purpose v1 storage account. Create a blob container and copy the files to the blob container.
Create a general-purpose v1 storage account. Create a blob container and copy the files to the blob container.
Create a general-purpose v2 storage account that is configured for the Hot default access tier.Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
Create a general-purpose v2 storage account that is configured for the Hot default access tier.Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
Create a general-purpose v1 storage account. Create a file share in the storage account and copy the files to the file share.
Create a general-purpose v1 storage account. Create a file share in the storage account and copy the files to the file share.
Create a general-purpose v2 storage account that is configured for the Cool default access tier. Create a file share in the storage account and copy the files to the file share.
Create a general-purpose v2 storage account that is configured for the Cool default access tier. Create a file share in the storage account and copy the files to the file share.
Create an Azure Blob storage account that is configured for the Cool default access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
Create an Azure Blob storage account that is configured for the Cool default access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
Suggested answer: B, E

Explanation:

https://docs.microsoft.com/en-us/azure/storage/blobs/manage-access-tier?tabs=portal

asked 02/10/2024
ALOUAT EKRAM
45 questions

Question 120

Report
Export
Collapse

You have 100 Microsoft SQL Server integration Services (SSIS) packages that are configured to use 10 on-premises SQL Server databases as their destinations. You plan to migrate the 10 on-premises databases to Azure SQL Database You need to recommend a solution to host the SSlS packages in Azure. The solution must ensure that the packages can target the SQL Database instances as their destinations.

What should you include in the recommendation?

SQL Server Migration Assistant (SSMA)
SQL Server Migration Assistant (SSMA)
Azure Data Catalog
Azure Data Catalog
Data Migration Assistant
Data Migration Assistant
Azure Data Factory
Azure Data Factory
Suggested answer: C

Explanation:


asked 02/10/2024
GBEMISOLA OSILALU
25 questions
Total 304 questions
Go to page: of 31
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have 100 servers that run Windows Server 2012 R2 and host Microsoft SQL Server 2012 R2 instances. The instances host databases that have the following characteristics: The largest database is currently 3 TB. None of the databases will ever exceed 4 TB. Stored procedures are implemented by using CLR. You plan to move all the data from SQL Server to Azure. You need to recommend an Azure service to host the databases. The solution must meet the following requirements: Whenever possible, minimize management overhead for the migrated databases. Minimize the number of database changes required to facilitate the migration. Ensure that users can authenticate by using their Active Directory credentials. What should you include in the recommendation?
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group'. Group i is configured Tor assigned membership. Group I has 50 members. including 20 guest users. You need To recommend a solution for evaluating the member ship of Group1. The solution must meet the following requirements: • The evaluation must be repeated automatically every three months • Every member must be able to report whether they need to be in Group1 • Users who report that they do not need to be in Group 1 must be removed from Group1 automatically • Users who do not report whether they need to be m Group1 must be removed from Group1 automatically. What should you include in me recommendation?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity. Several VMs are exhibiting network connectivity issues. You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs. Solution: Use Azure Network Watcher to run IP flow verify to analyze the network traffic Does the solution meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is being deployed and configured for on-premises to Azure connectivity. Several virtual machines exhibit network connectivity issues. You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines. Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic. Does this meet the goal?
You have an on-premises network and an Azure subscription. The on-premises network has several branch offices. A branch office in Toronto contains a virtual machine named VM1 that is configured as a file server. Users access the shared files on VM1 from all the offices. You need to recommend a solution to ensure that the users can access the shares files as quickly as possible if the Toronto branch office is inaccessible. What should you include in the recommendation?
You are designing an Azure Cosmos DB solution that will host multiple writable replicas in multiple Azure regions. You need to recommend the strongest database consistency level for the design. The solution must meet the following requirements: Provide a latency-based Service Level Agreement (SLA) for writes. Support multiple regions. Which consistency level should you recommend?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases. The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region. You need to recommend a solution to meet the regulatory requirement. Solution: You recommend using the Regulatory compliance dashboard in Azure Security Center. Does this meet the goal?
You have an Azure subscription that contains a custom application named Application was developed by an external company named fabric, Ltd. Developers at Fabrikam were assigned role-based access control (RBAV) permissions to the Application components. All users are licensed for the Microsoft 365 E5 plan. You need to recommends a solution to verify whether the Faricak developers still require permissions to Application1. The solution must the following requirements. * To the manager of the developers, send a monthly email message that lists the access permissions to Application1. * If the manager does not verify access permission, automatically revoke that permission. * Minimize development effort. What should you recommend?
You are designing an order processing system in Azure that will contain the Azure resources shown in the following table. The order processing system will have the following transaction flow: A customer will place an order by using App1. When the order is received, App1 will generate a message to check for product availability at vendor 1 and vendor 2. An integration component will process the message, and then trigger either Function1 or Function2 depending on the type of order. Once a vendor confirms the product availability, a status message for App1 will be generated by Function1 or Function2. All the steps of the transaction will be logged to storage1. Which type of resource should you recommend for the integration component?
You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain. You have an internal web app named WebApp1 that is hosted on-premises. WebApp1 uses Integrated Windows authentication. Some users work remotely and do NOT have VPN access to the on-premises network. You need to provide the remote users with single sign-on (SSO) access to WebApp1. Which two features should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.