ExamGecko
Login
Home / Microsoft / DP-300 / List of questions
Ask Question

Microsoft DP-300 Practice Test - Questions Answers, Page 7

List of questions

Question 61

Report
Export
Collapse

DRAG DROP

You have an Azure SQL Database instance named DatabaseA on a server named Server1.

You plan to add a new user named App1 to DatabaseA and grant App1 db_datacenter permissions. App1 will use SQL Server Authentication.

You need to create App1. The solution must ensure that App1 can be given access to other databases by using the same credentials.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Microsoft DP-300 image Question 61 89840 10022024015907000
Correct answer: Microsoft DP-300 image answer Question 61 89840 10022024015907000

Explanation:

Step 1: On the master database, run CREATE LOGIN [App1] WITH PASSWORD = 'p@aaW0rd!'

Logins are server wide login and password pairs, where the login has the same password across all databases. Here is some sample Transact-SQL that creates a login:

CREATE LOGIN readonlylogin WITH password='1231!#ASDF!a';

You must be connected to the master database on SQL Azure with the administrative login (which you get from the SQL Azure portal) to execute the CREATE LOGIN command. Step 2: On DatabaseA, run CREATE USER [App1] FROM LOGIN [App1]

Users are created per database and are associated with logins. You must be connected to the database in where you want to create the user. In most cases, this is not the master database. Here is some sample Transact-SQL that creates a user:

CREATE USER readonlyuser FROM LOGIN readonlylogin;

Step 3: On DatabaseA run ALTER ROLE db_datareader ADD Member [App1]

Just creating the user does not give them permissions to the database. You have to grant them access. In the Transact-SQL example below the readonlyuser is given read only permissions to the database via the db_datareader role.

EXEC sp_addrolemember 'db_datareader', 'readonlyuser';

Reference:

https://azure.microsoft.com/en-us/blog/adding-users-to-your-sql-azure-database/

asked 02/10/2024
Keshava Channabyraiah
33 questions

Question 62

Report
Export
Collapse

You are developing an application that uses Azure Data Lake Storage Gen 2.

You need to recommend a solution to grant permissions to a specific application for a limited time period. What should you include in the recommendation?

role assignments
role assignments
account keys
account keys
shared access signatures (SAS)
shared access signatures (SAS)
Azure Active Directory (Azure AD) identities
Azure Active Directory (Azure AD) identities
Suggested answer: C

Explanation:

A shared access signature (SAS) provides secure delegated access to resources in your storage account. With a SAS, you have granular control over how a client can access your data. For example:

What resources the client may access.

What permissions they have to those resources.

How long the SAS is valid.

Note: Data Lake Storage Gen2 supports the following authorization mechanisms:

Shared Key authorization

Shared access signature (SAS) authorization

Role-based access control (Azure RBAC)

Access control lists (ACL) Data Lake Storage Gen2 supports the following authorization mechanisms:

Shared Key authorization

Shared access signature (SAS) authorization

Role-based access control (Azure RBAC)

Access control lists (ACL)

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview

asked 02/10/2024
Ajay Vijayan
34 questions

Question 63

Report
Export
Collapse

You are designing an enterprise data warehouse in Azure Synapse Analytics that will contain a table named Customers. Customers will contain credit card information. You need to recommend a solution to provide salespeople with the ability to view all the entries in Customers. The solution must prevent all the salespeople from viewing or inferring the credit card information. What should you include in the recommendation?

row-level security
row-level security
data masking
data masking
Always Encrypted
Always Encrypted
column-level security
column-level security
Suggested answer: B

Explanation:

Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics support dynamic data masking. Dynamic data masking limits sensitive data exposure by masking it to non-privileged users. The Credit card masking method exposes the last four digits of the designated fields and adds a constant string as a prefix in the form of a credit card. Example:

XXXX-XXXX-XXXX-1234

asked 02/10/2024
Dennis Spring
45 questions

Question 64

Report
Export
Collapse

You have a data warehouse in Azure Synapse Analytics.

You need to ensure that the data in the data warehouse is encrypted at rest.

What should you enable?

Transparent Data Encryption (TDE)
Transparent Data Encryption (TDE)
Advanced Data Security for this database
Advanced Data Security for this database
Always Encrypted for all columns
Always Encrypted for all columns
Secure transfer required
Secure transfer required
Suggested answer: A

Explanation:

Transparent data encryption (TDE) helps protect Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics against the threat of malicious offline activity by encrypting data at rest.

Reference:

https://docs.microsoft.com/en-us/azure/azure-sql/database/transparent-data-encryption-tde-overview

asked 02/10/2024
Mike van den Berg
37 questions

Question 65

Report
Export
Collapse

You are designing a security model for an Azure Synapse Analytics dedicated SQL pool that will support multiple companies. You need to ensure that users from each company can view only the data of their respective company.

Which two objects should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

a column encryption key
a column encryption key
asymmetric keys
asymmetric keys
a function
a function
a custom role-based access control (RBAC) role
a custom role-based access control (RBAC) role
a security policy
a security policy
Suggested answer: D, E

Explanation:

Azure RBAC is used to manage who can create, update, or delete the Synapse workspace and its SQL pools, Apache Spark pools, and Integration runtimes. Define and implement network security configurations for resources related to your dedicated SQL pool with Azure Policy.

Reference: https://docs.microsoft.com/en-us/azure/synapse-analytics/security/synapse-workspace-synapse-rbac https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/synapse-analytics-security-baseline

asked 02/10/2024
Angel Luis Cuenca Garcia
33 questions

Question 66

Report
Export
Collapse

You have an Azure subscription that contains an Azure Data Factory version 2 (V2) data factory named df1. DF1 contains a linked service. You have an Azure Key vault named vault1 that contains an encryption kay named key1.

You need to encrypt df1 by using key1.

What should you do first?

Disable purge protection on vault1.
Disable purge protection on vault1.
Remove the linked service from df1.
Remove the linked service from df1.
Create a self-hosted integration runtime.
Create a self-hosted integration runtime.
Disable soft delete on vault1.
Disable soft delete on vault1.
Suggested answer: B

Explanation:

A customer-managed key can only be configured on an empty data Factory. The data factory can't contain any resources such as linked services, pipelines and data flows. It is recommended to enable customer-managed key right after factory creation.

Note: Azure Data Factory encrypts data at rest, including entity definitions and any data cached while runs are in progress. By default, data is encrypted with a randomly generated Microsoft-managed key that is uniquely assigned to your data factory.

Incorrect Answers:

A, D: Should enable Soft Delete and Do Not Purge on Azure Key Vault.

Using customer-managed keys with Data Factory requires two properties to be set on the Key Vault, Soft Delete and Do Not Purge. These properties can be enabled using either PowerShell or Azure CLI on a new or existing key vault.

Reference:

https://docs.microsoft.com/en-us/azure/data-factory/enable-customer-managed-key

asked 02/10/2024
Trung Phan
43 questions

Question 67

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that is linked to a hybrid Azure Active Directory (Azure AD) tenant. The subscription contains an Azure Synapse Analytics SQL pool named Pool1.

You need to recommend an authentication solution for Pool1. The solution must support multi-factor authentication (MFA) and database-level authentication.

Which authentication solution or solutions should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft DP-300 image Question 67 89846 10022024015907000
Correct answer: Microsoft DP-300 image answer Question 67 89846 10022024015907000

Explanation:

Box 1: Azure AD authentication

Azure Active Directory authentication supports Multi-Factor authentication through Active Directory Universal Authentication.

Box 2: Contained database users

Azure Active Directory Uses contained database users to authenticate identities at the database level.

Incorrect:

SQL authentication: To connect to dedicated SQL pool (formerly SQL DW), you must provide the following information:

Fully qualified servername

Specify SQL authentication

Username

Password

Default database (optional)

Reference:

https://docs.microsoft.com/en-us/azure/synapse-analytics/sql-data-warehouse/sql-data-warehouse-authentication

asked 02/10/2024
Kris Dayananda
36 questions

Question 68

Report
Export
Collapse

You have an Azure subscription that contains a server named Server1. Server1 hosts two Azure SQL databases named DB1 and DB2.

You plan to deploy a Windows app named App1 that will authenticate to DB2 by using SQL authentication.

You need to ensure that App1 can access DB2. The solution must meet the following requirements:

App1 must be able to view only DB2.

Administrative effort must be minimized.

What should you create?

a contained database user for App1 on DB2
a contained database user for App1 on DB2
a login for App1 on Server1
a login for App1 on Server1
a contained database user from an external provider for App1 on DB2
a contained database user from an external provider for App1 on DB2
a contained database user from a Windows login for App1 on DB2
a contained database user from a Windows login for App1 on DB2
Suggested answer: D

Explanation:

Reference:

https://docs.microsoft.com/en-us/sql/relational-databases/security/contained-database-users-making-your-database-portable?view=sql-server-ver15

asked 02/10/2024
Ana Roque
36 questions

Question 69

Report
Export
Collapse

You create five Azure SQL Database instances on the same logical server.

In each database, you create a user for an Azure Active Directory (Azure AD) user named User1.

User1 attempts to connect to the logical server by using Azure Data Studio and receives a login error.

You need to ensure that when User1 connects to the logical server by using Azure Data Studio, User1 can see all the databases.

What should you do?

Create User1 in the master database.
Create User1 in the master database.
Assign User1 the db_datareader role for the master database.
Assign User1 the db_datareader role for the master database.
Assign User1 the db_datareader role for the databases that User1 creates.
Assign User1 the db_datareader role for the databases that User1 creates.
Grant SELECT on sys.databases to public in the master database.
Grant SELECT on sys.databases to public in the master database.
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/azure-sql/database/logins-create-manage

asked 02/10/2024
Godavari, Rakesh
43 questions

Question 70

Report
Export
Collapse

Which windowing function should you use to perform the streaming aggregation of the sales data?

Sliding
Sliding
Hopping
Hopping
Session
Session
Tumbling
Tumbling
Suggested answer: D

Explanation:

Scenario: The sales data, including the documents in JSON format, must be gathered as it arrives and analyzed online by using Azure Stream Analytics. The analytics process will perform aggregations that must be done continuously, without gaps, and without overlapping.

Tumbling window functions are used to segment a data stream into distinct time segments and perform a function against them, such as the example below. The key differentiators of a Tumbling window are that they repeat, do not overlap, and an event cannot belong to more than one tumbling window.

Microsoft DP-300 image Question 1 explanation 89852 10022024015907000000

Reference:

https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/stream-analytics/stream-analytics-window-functions.md

asked 02/10/2024
Michael Costello
36 questions
Total 342 questions
Go to page: of 35
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have an Azure SQL Database managed instance named SQLMI1. A Microsoft SQL Server Agent job runs on SQLMI1. You need to ensure that an automatic email notification is sent once the job completes. What should you include in the solution?
You have an Azure subscription. You create a logical SQL server that hosts four databases Each database will be used by a separate customer. You need to ensure that each customer can access only its own database. The solution must minimize administrative effort Which two actions should you perform? Each correct answer presents part of the solution NOTE: Each correct selection is worth one point.
Task 5 You need to configure a disaster recovery solution for db1. When a failover occurs, the connection strings to the database must remain the same. The secondary server must be in the West US 3 Azure region.
Task 10 You need to protect all the databases on sql37006S95 from SQL injection attacks.
DRAG DROP You have an Azure SQL database that contains a table named Employees. Employees contains a column named Salary. You need to encrypt the Salary column. The solution must prevent database administrators from reading the data in the Salary column and must provide the most secure encryption. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
HOTSPOT You have an Azure SQL database named DB1 that contains two tables named Table1 and Table2. Both tables contain a column named a Column1. Column1 is used for joins by an application named App1. You need to protect the contents of Column1 at rest, in transit, and in use. How should you protect the contents of Column1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You are planning disaster recovery for the failover group of an Azure SQL Database managed instance. Your company's SLA requires that the database in the failover group become available as quickly as possible if a major outage occurs. You set the Read/Write failover policy to Automatic. What are two results of the configuration? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
You are designing an enterprise data warehouse in Azure Synapse Analytics that will contain a table named Customers. Customers will contain credit card information. You need to recommend a solution to provide salespeople with the ability to view all the entries in Customers. The solution must prevent all the salespeople from viewing or inferring the credit card information. What should you include in the recommendation?
You have two on-premises Microsoft SQL Server 2019 instances named SQL1 and SQL2. You need to migrate the databases hosted on SQL 1 to Azure. The solution must meet the following requirements: The service that hosts the migrated databases must be able to communicate with SQL2 by using linked server connections. Administrative effort must be minimized. What should you use to host the databases?
You need to recommend a solution to meet the security requirements and the business requirements for DB3. What should you recommend as the first step of the solution?