ExamGecko
Search Search Login
Home Home / Microsoft / AZ-305

Microsoft AZ-305 Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases. The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region. You need to recommend a solution to meet the regulatory requirement. Solution: You recommend using an Azure policy initiative to enforce the location. Does this meet the goal?
You have an Azure subscription. You need to recommend an Azure Kubernetes service (AKS) solution that will use Linux nodes. The solution must meet the following requirements: • Minimize the time it takes to provision compute resources during scale-out operations. • Support autoscaling of Linux containers. • Minimize administrative effort. Which scaling option should you recommend?
Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service. Contoso establishes a partnership with another company named Fabrikam. IncL Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users. I Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso. You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements: • Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso. • The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps. • The solution must NOT require changes to the logic apps. • The solution must NOT use Azure AD guest accounts. What should you include in the solution?
You have 100 servers that run Windows Server 2012 R2 and host Microsoft SQL Server 2012 R2 instances. The instances host databases that have the following characteristics: The largest database is currently 3 TB. None of the databases will ever exceed 4 TB. Stored procedures are implemented by using CLR. You plan to move all the data from SQL Server to Azure. You need to recommend an Azure service to host the databases. The solution must meet the following requirements: Whenever possible, minimize management overhead for the migrated databases. Minimize the number of database changes required to facilitate the migration. Ensure that users can authenticate by using their Active Directory credentials. What should you include in the recommendation?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity. Several VMs are exhibiting network connectivity issues. You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs. Solution: Use Azure Network Watcher to run IP flow verify to analyze the network traffic Does the solution meet the goal?
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource deployment in your subscription. What should you include in the recommendation?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is being deployed and configured for on-premises to Azure connectivity. Several virtual machines exhibit network connectivity issues. You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines. Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic. Does this meet the goal?
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group'. Group i is configured Tor assigned membership. Group I has 50 members. including 20 guest users. You need To recommend a solution for evaluating the member ship of Group1. The solution must meet the following requirements: • The evaluation must be repeated automatically every three months • Every member must be able to report whether they need to be in Group1 • Users who report that they do not need to be in Group 1 must be removed from Group1 automatically • Users who do not report whether they need to be m Group1 must be removed from Group1 automatically. What should you include in me recommendation?
You have an Azure subscription. The subscription has a blob container that contains multiple blobs. Ten users in the finance department of your company plan to access the blobs during the month of April. You need to recommend a solution to enable access to the blobs during the month of April only. Which security solution should you include in the recommendation?
You are designing an order processing system in Azure that will contain the Azure resources shown in the following table. The order processing system will have the following transaction flow: A customer will place an order by using App1. When the order is received, App1 will generate a message to check for product availability at vendor 1 and vendor 2. An integration component will process the message, and then trigger either Function1 or Function2 depending on the type of order. Once a vendor confirms the product availability, a status message for App1 will be generated by Function1 or Function2. All the steps of the transaction will be logged to storage1. Which type of resource should you recommend for the integration component?

Question 21

Report
Export
Collapse

You plan to move a web application named App1 from an on-premises data center to Azure.

App1 depends on a custom COM component that is installed on the host server.

You need to recommend a solution to host App1 in Azure. The solution must meet the following requirements:

App1 must be available to users if an Azure data center becomes unavailable.

Costs must be minimized.

What should you include in the recommendation?

A.
In two Azure regions, deploy a load balancer and a virtual machine scale set.
A.
In two Azure regions, deploy a load balancer and a virtual machine scale set.
Answers
B.
In two Azure regions, deploy a Traffic Manager profile and a web app.
B.
In two Azure regions, deploy a Traffic Manager profile and a web app.
Answers
C.
In two Azure regions, deploy a load balancer and a web app.
C.
In two Azure regions, deploy a load balancer and a web app.
Answers
D.
Deploy a load balancer and a virtual machine scale set across two availability zones.
D.
Deploy a load balancer and a virtual machine scale set across two availability zones.
Answers
Suggested answer: D

Explanation:

(https://docs.microsoft.com/en-us/dotnet/azure/migration/app-service#com-and-com-components)Azure App Service does not allow the registration of COM components on the platform. If your appmakes use of any COM components, these need to be rewritten in managed code and deployed withthe site or application. https://docs.microsoft.com/en-us/dotnet/azure/migration/app-service"Azure App Service with Windows Containers If your app cannot be migrated directly to App Service,consider App Service using Windows Containers, which enables usage of the GAC, COM components,MSIs, full access to .NET FX APIs, DirectX, and more."

Question 22

Report
Export
Collapse

You have an Azure subscription that contains a Basic Azure virtual WAN named Virtual/WAN1 and the virtual hubs shown in the following table.

You have an ExpressRoute circuit in the US East region.

You need to create an ExpressRoute association to VirtualWAN1.

What should you do first?

A.
Upgrade VirtualWAN1 to Standard.
A.
Upgrade VirtualWAN1 to Standard.
Answers
B.
Create a gateway on Hub1.
B.
Create a gateway on Hub1.
Answers
C.
Create a hub virtual network in US East.
C.
Create a hub virtual network in US East.
Answers
D.
Enable the ExpressRoute premium add-on.
D.
Enable the ExpressRoute premium add-on.
Answers
Suggested answer: A

Explanation:

US East and US West are in the same geopolitical region so there is no need for enabling ExpressRoute premium add-on https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wanabout# basicstandard The current config of virtual WAN is only Basic as given, so it can connect to only site to site VPN, to connect to express route it needs to be upgraded from basic to standard. https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about

https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about

Question 23

Report
Export
Collapse

You have an Azure subscription that contains a storage account.

An application sometimes writes duplicate files to the storage account.

You have a PowerShell script that identifies and deletes duplicate files in the storage account.

Currently, the script is run manually after approval from the operations manager.

You need to recommend a serverless solution that performs the following actions:

Runs the script once an hour to identify whether duplicate files exist Sends an email notification to the operations manager requesting approval to delete the duplicate files Processes an email response from the operations manager specifying whether the deletion was approved Runs the script if the deletion was approved What should you include in the recommendation?

A.
Azure Logic Apps and Azure Functions
A.
Azure Logic Apps and Azure Functions
Answers
B.
Azure Pipelines and Azure Service Fabric
B.
Azure Pipelines and Azure Service Fabric
Answers
C.
Azure Logic Apps and Azure Event Grid
C.
Azure Logic Apps and Azure Event Grid
Answers
D.
Azure Functions and Azure Batch
D.
Azure Functions and Azure Batch
Answers
Suggested answer: A

Explanation:

You can schedule a powershell script with Azure Logic Apps.

When you want to run code that performs a specific job in your logic apps, you can create your own function by using Azure Functions. This service helps you create Node.js, C#, and F# functions so you don't have to build a complete app or infrastructure to run code. You can also call logic apps from inside Azure functions. Azure Functions provides serverless computing in the cloud and is useful for performing tasks such as these examples:

Reference:

https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-azure-functions

Question 24

Report
Export
Collapse

Your company has the infrastructure shown in the following table.

The on-premises Active Directory domain syncs to Azure Active Directory (Azure AD).

Server1 runs an application named Appl that uses LDAP queries to verify user identities in the onpremises Active Directory domain. You plan to migrate Server1 to a virtual machine in Subscription1.

A company security policy states that the virtual machines and services deployed to Subscription1 must be prevented from accessing the on-premises network. You need to recommend a solution to ensure that Appl continues to function after the migration. The solution must meet the security policy. What should you include in the recommendation?

A.
Azure AD Domain Services (Azure AD DS)
A.
Azure AD Domain Services (Azure AD DS)
Answers
B.
an Azure VPN gateway
B.
an Azure VPN gateway
Answers
C.
the Active Directory Domain Services role on a virtual machine
C.
the Active Directory Domain Services role on a virtual machine
Answers
D.
Azure AD Application Proxy
D.
Azure AD Application Proxy
Answers
Suggested answer: A

Explanation:

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/overviewAzure Active Directory Domain Services (Azure AD DS) provides managed domain services such asdomain join, group policy, lightweight directory access protocol (LDAP), and Kerberos/NTLMauthenticationAzure AD Domain Services (Azure AD DS) - This one could work since AAD DS will bring in the existingaccounts from Azure AD which in turn are synchronised from on-premise AD over AD connect.

However, you would probably need to reconfigure the app and update the LDAP connection Azure Active Directory (Azure AD) supports LDAP Authentication via Azure AD Domain Services (AD DS). https://docs.microsoft.com/en-us/azure/ active-directory/fundamentals/auth-ldap

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/synchronization

Question 25

Report
Export
Collapse

You need to design a solution that will execute custom C# code in response to an event routed to Azure Event Grid. The solution must meet the following requirements:

The executed code must be able to access the private IP address of a Microsoft SQL Server instance that runs on an Azure virtual machine. Costs must be minimized.

What should you include in the solution?

A.
Azure Logic Apps in the integrated service environment
A.
Azure Logic Apps in the integrated service environment
Answers
B.
Azure Functions in the Dedicated plan and the Basic Azure App Service plan
B.
Azure Functions in the Dedicated plan and the Basic Azure App Service plan
Answers
C.
Azure Logic Apps in the Consumption plan
C.
Azure Logic Apps in the Consumption plan
Answers
D.
Azure Functions in the Consumption plan
D.
Azure Functions in the Consumption plan
Answers
Suggested answer: D

Explanation:

When you create a function app in Azure, you must choose a hosting plan for your app. There are three basic hosting plans available for Azure Functions: Consumption plan, Premium plan, and Dedicated (App Service) plan. For the Consumption plan, you don't have to pay for idle VMs or reserve capacity in advance.

Connect to private endpoints with Azure Functions

As enterprises continue to adopt serverless (and Platform-as-a-Service, or PaaS) solutions, they often need a way to integrate with existing resources on a virtual network. These existing resources could be databases, file storage, message queues or event streams, or REST APIs.

Reference:

https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale

https://techcommunity.microsoft.com/t5/azure-functions/connect-to-private-endpoints-with-azurefunctions/ba-p/1426615

Reference:

https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale#hosting-plans-comparison

Question 26

Report
Export
Collapse

You have an on-premises network and an Azure subscription. The on-premises network has several branch offices. A branch office in Toronto contains a virtual machine named VM1 that is configured as a file server.

Users access the shared files on VM1 from all the offices.

You need to recommend a solution to ensure that the users can access the shares files as quickly as possible if the Toronto branch office is inaccessible. What should you include in the recommendation?

A.
a Recovery Services vault and Azure Backup
A.
a Recovery Services vault and Azure Backup
Answers
B.
an Azure file share and Azure File Sync
B.
an Azure file share and Azure File Sync
Answers
C.
Azure blob containers and Azure File Sync
C.
Azure blob containers and Azure File Sync
Answers
D.
a Recovery Services vault and Windows Server Backup
D.
a Recovery Services vault and Windows Server Backup
Answers
Suggested answer: B

Explanation:

Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share.

You need an Azure file share in the same region that you want to deploy Azure File Sync.

Reference:

https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide

Question 27

Report
Export
Collapse

You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service

(AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network. You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:

• Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.

• The number of incoming microservice calls must be rate-limited.

• Costs must be minimized.

What should you include in the solution?

A.
Azure API Management Premium tier with virtual network connection
A.
Azure API Management Premium tier with virtual network connection
Answers
B.
Azure Front Door with Azure Web Application Firewall (WAF)
B.
Azure Front Door with Azure Web Application Firewall (WAF)
Answers
C.
Azure API Management Standard tier with a service endpoint
C.
Azure API Management Standard tier with a service endpoint
Answers
D.
Azure App Gateway with Azure Web Application Firewall (WAF)
D.
Azure App Gateway with Azure Web Application Firewall (WAF)
Answers
Suggested answer: A

Explanation:

One option is to deploy APIM (API Management) inside the cluster VNet.

The AKS cluster and the applications that consume the microservices might reside within the same VNet, hence there is no reason to expose the cluster publicly as all API traffic will remain within the VNet. For these scenarios, you can deploy API Management into the cluster VNet. API Management Premium tier supports VNet deployment.

Reference:

https://docs.microsoft.com/en-us/azure/api-management/api-management-kubernetes

Question 28

Report
Export
Collapse

You have .NeT web service named service1 that has the following requirements.

Must read and write to the local file system.

Must write to the Windows Application event log.

You need to recommend a solution to host Service1 in Azure . The solution must meet the following requirements:

Minimize maintenance overhead.

Minimize costs.

What should you include in the recommendation?

A.
an Azure App Service web app
A.
an Azure App Service web app
Answers
B.
an Azure virtual machine scale set
B.
an Azure virtual machine scale set
Answers
C.
an App Service Environment (ASE)
C.
an App Service Environment (ASE)
Answers
D.
an Azure Functions app
D.
an Azure Functions app
Answers
Suggested answer: A

Explanation:

https://social.msdn.microsoft.com/Forums/vstudio/en-US/294b9e3e-e89c-4095-b8d0-ee1646e77268/writing-to-local-file-system-from-web-app-inazure?forum=windowsazurewebsitespreview

Question 29

Report
Export
Collapse

You have the Azure resources shown in the following table.

You need to deploy a new Azure Firewall policy that will contain mandatory rules for all Azure Firewall deployments. The new policy will be configured as a parent policy for the existing policies. What is the minimum number of additional Azure Firewall policies you should create?

A.
0
A.
0
Answers
B.
1
B.
1
Answers
C.
2
C.
2
Answers
D.
3
D.
3
Answers
Suggested answer: B

Explanation:

Firewall policies work across regions and subscriptions.

Place all your global configurations in the parent policy.

Note: Policies can be created in a hierarchy. You can create a parent/global policy that will contain configurations and rules that will apply to all/a number of firewall instances. Then you create a child policy that inherits from the parent; note that rules changes in the parent instantly appear in the child. The child is associated with a firewall and applies configurations/rules from the parent policy and the child policy instantly to the firewall.

Reference:

https://aidanfinn.com/?p=22006

Question 30

Report
Export
Collapse

Your company has an app named App1 that uses data from the on-premises Microsoft SQL Server databases shown in the following table.

App1 and the data are used on the first day of the month only. The data is not expected to grow more than 3% each year. The company is rewriting App1 as an Azure web app and plans to migrate all the data to Azure.

You need to migrate the data to Azure SQL Database. The solution must minimize costs.

Which service tier should you use?

A.
vCore-based Business Critical
A.
vCore-based Business Critical
Answers
B.
vCore-based General Purpose
B.
vCore-based General Purpose
Answers
C.
DTU-based Standard
C.
DTU-based Standard
Answers
D.
DTU-based Basic
D.
DTU-based Basic
Answers
Suggested answer: B

Explanation:

DTU-based Standard supports databases up to 1 TB in size.

Reference:

https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tiers-dtu

Total 299 questions
Go to page: of 30
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms