ExamGecko
Search Search Login
Home Home / Microsoft / AZ-305

Microsoft AZ-305 Practice Test - Questions Answers, Page 27

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases. The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region. You need to recommend a solution to meet the regulatory requirement. Solution: You recommend using an Azure policy initiative to enforce the location. Does this meet the goal?
Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service. Contoso establishes a partnership with another company named Fabrikam. IncL Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users. I Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso. You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements: • Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso. • The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps. • The solution must NOT require changes to the logic apps. • The solution must NOT use Azure AD guest accounts. What should you include in the solution?
You have an Azure subscription. You need to recommend an Azure Kubernetes service (AKS) solution that will use Linux nodes. The solution must meet the following requirements: • Minimize the time it takes to provision compute resources during scale-out operations. • Support autoscaling of Linux containers. • Minimize administrative effort. Which scaling option should you recommend?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity. Several VMs are exhibiting network connectivity issues. You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs. Solution: Use Azure Network Watcher to run IP flow verify to analyze the network traffic Does the solution meet the goal?
You have 100 servers that run Windows Server 2012 R2 and host Microsoft SQL Server 2012 R2 instances. The instances host databases that have the following characteristics: The largest database is currently 3 TB. None of the databases will ever exceed 4 TB. Stored procedures are implemented by using CLR. You plan to move all the data from SQL Server to Azure. You need to recommend an Azure service to host the databases. The solution must meet the following requirements: Whenever possible, minimize management overhead for the migrated databases. Minimize the number of database changes required to facilitate the migration. Ensure that users can authenticate by using their Active Directory credentials. What should you include in the recommendation?
You are designing an order processing system in Azure that will contain the Azure resources shown in the following table. The order processing system will have the following transaction flow: A customer will place an order by using App1. When the order is received, App1 will generate a message to check for product availability at vendor 1 and vendor 2. An integration component will process the message, and then trigger either Function1 or Function2 depending on the type of order. Once a vendor confirms the product availability, a status message for App1 will be generated by Function1 or Function2. All the steps of the transaction will be logged to storage1. Which type of resource should you recommend for the integration component?
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource deployment in your subscription. What should you include in the recommendation?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is being deployed and configured for on-premises to Azure connectivity. Several virtual machines exhibit network connectivity issues. You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines. Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic. Does this meet the goal?
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group'. Group i is configured Tor assigned membership. Group I has 50 members. including 20 guest users. You need To recommend a solution for evaluating the member ship of Group1. The solution must meet the following requirements: • The evaluation must be repeated automatically every three months • Every member must be able to report whether they need to be in Group1 • Users who report that they do not need to be in Group 1 must be removed from Group1 automatically • Users who do not report whether they need to be m Group1 must be removed from Group1 automatically. What should you include in me recommendation?
You have an Azure subscription. The subscription has a blob container that contains multiple blobs. Ten users in the finance department of your company plan to access the blobs during the month of April. You need to recommend a solution to enable access to the blobs during the month of April only. Which security solution should you include in the recommendation?

Question 261

Report
Export
Collapse

Your company has IT, security, and finance departments.

You need to implement a new Azure deployment that will include multiple Azure subscriptions and management groups. The solution must meet the following requirements:

* Ensure that all policies are assigned at the management group level.

* Ensure that all the finance department resources have specific encryption policies applied.

* Ensure that only users in the IT department can create virtual machines in any Azure region.

* Ensure that users in the finance department can create virtual machines in only the East US Azure region.

What is the minimum number of management groups you can create for the planned deployment?

A.

1

A.

1

Answers
B.

2

B.

2

Answers
C.

3

C.

3

Answers
D.

4

D.

4

Answers
Suggested answer: B

Question 262

Report
Export
Collapse

You have multiple on-premises locations. The locations host loT endpoints that generate real-time telemetry data.

You have an Azure subscription.

You need to process the telemetry data and provide real-time insights. The solution must minimize development effort.

What should you use?

A.

Azure Data Factory

A.

Azure Data Factory

Answers
B.

Azure Data Lake Analytics

B.

Azure Data Lake Analytics

Answers
C.

Log Analytics

C.

Log Analytics

Answers
D.

Azure Stream Analytics

D.

Azure Stream Analytics

Answers
Suggested answer: D

Question 263

Report
Export
Collapse

You have an Azure subscription.

You need to implement a policy to ensure that all new resource groups include a value for a tag named Department.

The solution must ensure that if a value is NOT entered for the Department tag, a resource group is created.

Which effect should you use?

A.

deny

A.

deny

Answers
B.

modify

B.

modify

Answers
C.

manual

C.

manual

Answers
D.

deploylfNotExists

D.

deploylfNotExists

Answers
Suggested answer: B

Question 264

Report
Export
Collapse

HOTSPOT

You have the Azure management groups shown in the following table.

You have the Azure subscriptions shown in the following table.

You have the virtual machines shown in the following table.

You have the resource groups shown in the following table.

You have the Azure policies shown in the following table.

You perform the following actions:

* Assign PA1 to MG1.

* Modify PA2 and configure the resource selector to include only Microsoft.Compute/virtualMachines in the East US Azure region.

* Modify PA3 and add an exclusion for Sub1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 264
Correct answer: Question 264

Question 265

Report
Export
Collapse

You plan to deploy an Azure BareMetal Infrastructure instance that will host the data tier of a business-critical workload. The application tier of the workload will be hosted on Azure virtual machines.

You need to configure the virtual machines to minimize network latency between the application tier and the data tier.

What should you use?

A.

an availability zone

A.

an availability zone

Answers
B.

ExpressRoute FastPath

B.

ExpressRoute FastPath

Answers
C.

an availability set

C.

an availability set

Answers
D.

a proximity placement group

D.

a proximity placement group

Answers
Suggested answer: D

Question 266

Report
Export
Collapse

HOTSPOT

You have the Azure resources shown in the following table.

You need to recommend a virtual network management solution that uses Azure Virtual Network Manager. The solution must meet the following requirements:

* Minimize the number of network managers.

* Minimize administrative effort when assigning the network group membership.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 266
Correct answer: Question 266

Question 267

Report
Export
Collapse

HOTSPOT

You need to recommend a solution to integrate Azure Cosmos DB and Azure Synapse. The solution must meet the following requirements:

* Traffic from an Azure Synapse workspace to the Azure Cosmos D8 account must be sent via the Microsoft backbone network.

* Traffic from the Azure Synapse workspace to the Azure Cosmos DB account must NOT be routed over the internet.

* Implementation effort must be minimized.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 267
Correct answer: Question 267

Question 268

Report
Export
Collapse

You plan to migrate App1 to Azure.

You need to recommend a network connectivity solution for the Azure Storage account that will host the App1 dat a. The solution must meet the security and compliance requirements. What should you include in the recommendation?

A.
a private endpoint
A.
a private endpoint
Answers
B.
a service endpoint that has a service endpoint policy
B.
a service endpoint that has a service endpoint policy
Answers
C.
Azure public peering for an ExpressRoute circuit
C.
Azure public peering for an ExpressRoute circuit
Answers
D.
Microsoft peering for an ExpressRoute circuit
D.
Microsoft peering for an ExpressRoute circuit
Answers
Suggested answer: A

Explanation:

Private Endpoint securely connect to storage accounts from on-premises networks that connect to the VNet using VPN or ExpressRoutes with private-peering. Private Endpoint also secure your storage account by configuring the storage firewall to block all connections on the public endpoint for the storage service. https://docs.microsoft.com/en-us/azure/expressroute/expressroute-faqs#microsoft-peering

Question 269

Report
Export
Collapse

You plan to migrate App1 to Azure. The solution must meet the authentication and authorization requirements. Which type of endpoint should App1 use to obtain an access token?

A.
Azure Instance Metadata Service (IMDS)
A.
Azure Instance Metadata Service (IMDS)
Answers
B.
Azure AD
B.
Azure AD
Answers
C.
Azure Service Management
C.
Azure Service Management
Answers
D.
Microsoft identity platform
D.
Microsoft identity platform
Answers
Suggested answer: D

Explanation:

Scenario: To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app. Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication. Applications may use the managed identity to obtain Azure AD tokens.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azureresources/overview

Question 270

Report
Export
Collapse

You migrate App1 to Azure. You need to ensure that the data storage for App1 meets the security and compliance requirement What should you do?

A.
Create an access policy for the blob
A.
Create an access policy for the blob
Answers
B.
Modify the access level of the blob service.
B.
Modify the access level of the blob service.
Answers
C.
Implement Azure resource locks.
C.
Implement Azure resource locks.
Answers
D.
Create Azure RBAC assignments.
D.
Create Azure RBAC assignments.
Answers
Suggested answer: A

Explanation:

Scenario: Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years. As an administrator, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. The lock overrides any permissions the user might have.

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources

Total 299 questions
Go to page: of 30
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms