Instant Download AZ-305 Dumps Q&As Provide PDF&Test Engine
Fast Exam Updates AZ-305 dumps with PDF Test Engine Practice
Microsoft AZ-305 Exam Syllabus Topics:
| Topic | Details |
|---|---|
Design Identity, Governance, and Monitoring Solutions (25-30%) | |
| Design a solution for logging and monitoring | - design a log routing solution - recommend an appropriate level of logging - recommend monitoring tools for a solution |
| Design authentication and authorization solutions | - recommend a solution for securing resources with role-based access control - recommend an identity management solution - recommend a solution for securing identities |
| Design governance | - recommend an organizational and hierarchical structure for Azure resources - recommend a solution for enforcing and auditing compliance |
| Design identities and access for applications | - recommend solutions to allow applications to access Azure resources - recommend a solution that securely stores passwords and secrets - recommend a solution for integrating applications into Azure Active Directory (Azure AD) - recommend a user consent solution for applications |
Design Data Storage Solutions (25-30%) | |
| Design a data storage solution for relational data | - recommend database service tier sizing - recommend a solution for database scalability - recommend a solution for encrypting data at rest, data in transmission, and data in use |
| Design data integration | - recommend a solution for data integration - recommend a solution for data analysis |
| Recommend a data storage solution | - recommend a solution for storing relational data - recommend a solution for storing semi-structured data - recommend a solution for storing non-relational data |
| Design a data storage solution for non-relational data | - recommend access control solutions to data storage - recommend a data storage solution to balance features, performance, and cost - design a data solution for protection and durability |
Design Business Continuity Solutions (10-15%) | |
| Design a solution for backup and disaster recovery | - recommend a recovery solution for Azure, hybrid, and on-premises workloads that meets recovery objectives (Recovery Time Objective [RTO], Recovery Level Objective [RLO], Recovery Point Objective [RPO]) - understand the recovery solutions for containers - recommend a backup and recovery solution for compute - recommend a backup and recovery solution for databases - recommend a backup and recovery solution for unstructured data |
| Design for high availability | - identify the availability requirements of Azure resources - recommend a high availability solution for compute - recommend a high availability solution for non-relational data storage - recommend a high availability solution for relational data storage |
Design Infrastructure Solutions (25-30%) | |
| Design a compute solution | - recommend a virtual machine-based compute solution - recommend an appropriately sized compute solution based on workload requirements - recommend a container-based compute solution - recommend a serverless-based compute solution |
| Design an application architecture | - recommend a caching solution for applications - recommend a messaging architecture - recommend an event-driven architecture - recommend an automated deployment solution for your applications - recommend an application configuration management solution - recommend a solution for API integration |
| Design migrations | - evaluate a migration solution that leverages the Cloud Adoption Framework for Azure - assess and interpret on-premises servers, data, and applications for migration - recommend a solution for migrating applications and virtual machines - recommend a solution for migrating databases - recommend a solution for migrating unstructured data |
Click on the link below for getting more info about the Microsoft AZ-305 Certification Exam:
Official link to the Microsoft AZ-305 Certification Exam
NEW QUESTION 129
You have an Azure subscription that contains the storage accounts shown in the following table.
You plan to implement two new apps that have the requirements shown in the following table.
Which storage accounts should you recommend using for each app? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 130
You have an Azure web app named App1 and an Azure key vault named KV1.
App1 stores database connection strings in KV1.
App1 performs the following types of requests to KV1:
Get
List
Wrap
Delete
Unwrap
Backup
Decrypt
Encrypt
You are evaluating the continuity of service for App1.
You need to identify the following if the Azure region that hosts KV1 becomes unavailable:
To where will KV1 fail over?
During the failover, which request type will be unavailable?
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidance
NEW QUESTION 131
You need to ensure that users managing the production environment are registered for Azure MFA and must authenticate by using Azure MFA when they sign in to the Azure portal. The solution must meet the authentication and authorization requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-risk-policies
Topic 1, Litware, Inc
General Overview
Litware, Inc. is a medium-sized finance company.
Overview
Physical Locations
Litware has a main office in Boston.
Existing Environment
Identity Environment
The network contains an Active Directory forest named Litware.com that is linked to an Azure Active Directory (Azure AD) tenant named Litware.com. All users have Azure Active Directory Premium P2 licenses.
Litware has a second Azure AD tenant named dev.Litware.com that is used as a development environment.
The Litware.com tenant has a conditional access policy named capolicy1. Capolicy1 requires that when users manage the Azure subscription for a production environment by using the Azure portal, they must connect from a hybrid Azure AD-joined device.
Existing Environment. Azure Environment
Litware has 10 Azure subscriptions that are linked to the Litware.com tenant and five Azure subscriptions that are linked to the dev.Litware.com tenant. All the subscriptions are in an Enterprise Agreement (EA).
The Litware.com tenant contains a custom Azure role-based access control (Azure RBAC) role named Role1 that grants the DataActions read permission to the blobs and files in Azure Storage.
Existing Environment. On-premises Environment
The on-premises network of Litware contains the resources shown in the following table.
Existing Environment. Network Environment
Litware has ExpressRoute connectivity to Azure.
Planned Changes and Requirements. Planned Changes
Litware plans to implement the following changes:
Migrate DB1 and DB2 to Azure.
Migrate App1 to Azure virtual machines.
Deploy the Azure virtual machines that will host App1 to Azure dedicated hosts.
Planned Changes and Requirements.
Authentication and Authorization Requirements
Litware identifies the following authentication and authorization requirements:
Users that manage the production environment by using the Azure portal must connect from a hybrid Azure AD-joined device and authenticate by using Azure Multi-Factor Authentication (MFA).
The Network Contributor built-in RBAC role must be used to grant permission to all the virtual networks in all the Azure subscriptions.
To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app.
Role1 must be used to assign permissions to the storage accounts of all the Azure subscriptions.
RBAC roles must be applied at the highest level possible.
Planned Changes and Requirements. Resiliency Requirements
Litware identifies the following resiliency requirements:
Once migrated to Azure, DB1 and DB2 must meet the following requirements:
- Maintain availability if two availability zones in the local Azure region fail.
- Fail over automatically.
- Minimize I/O latency.
App1 must meet the following requirements:
- Be hosted in an Azure region that supports availability zones.
- Be hosted on Azure virtual machines that support automatic scaling.
- Maintain availability if two availability zones in the local Azure region fail.
Planned Changes and Requirements. Security and Compliance Requirements
Litware identifies the following security and compliance requirements:
Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years.
On-premises users and services must be able to access the Azure Storage account that will host the data in App1.
Access to the public endpoint of the Azure Storage account that will host the App1 data must be prevented.
All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE) enabled.
App1 must not share physical hardware with other workloads.
Planned Changes and Requirements. Business Requirements
Litware identifies the following business requirements:
Minimize administrative effort.
Minimize costs.
NEW QUESTION 132
You plan to migrate DB1 and DB2 to Azure.
You need to ensure that the Azure database and the service tier meet the resiliency and business requirements.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 133
You have an Azure subscription named Subscription1 that is linked to a hybrid Azure Active Directory (Azure AD) tenant.
You have an on-premises datacenter that does NOT have a VPN connection to Subscription1. The datacenter contains a computer named Server1 that has Microsoft SQL Server 2016 installed. Server1 is prevented from accessing the internet.
An Azure logic app named LogicApp1 requires write access to a database on Server1.
You need to recommend a solution to provide LogicApp1 with the ability to access Server1.
What should you recommend deploying on-premises and in Azure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/connectors/connectors-create-api-sqlazure
NEW QUESTION 134
You plan to deploy a network-intensive application to several Azure virtual machines.
You need to recommend a solution that meets the following requirements:
Minimizes the use of the virtual machine processors to transfer data
Minimizes network latency
Which virtual machine size and feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-hpc#h-series
NEW QUESTION 135
You plan to automate the deployment of resources to Azure subscriptions.
What is a difference between using Azure Blueprints and Azure Resource Manager (ARM) templates?
- A. ARM templates remain connected to the deployed resources.
- B. Blueprints remain connected to the deployed resources.
- C. Only Blueprints can contain policy definitions.
- D. Only ARM templates can contain policy definitions.
Answer: B
Explanation:
With Azure Blueprints, the relationship between the blueprint definition (what should be deployed) and the blueprint assignment (what was deployed) is preserved. This connection supports improved tracking and auditing of deployments. Azure Blueprints can also upgrade several subscriptions at once that are governed by the same blueprint.
Reference:
https://docs.microsoft.com/en-us/answers/questions/26851/how-is-azure-blue-prints-different-from-resource-m.html
NEW QUESTION 136
You have an Azure subscription.
You need to recommend a solution to provide developers with the ability to provision Azure virtual machines. The solution must meet the following requirements:
* Only allow the creation of the virtual machines in specific regions.
* Only allow the creation of specific sizes of virtual machines.
What should you include in the recommendation?
- A. Azure Resource Manager (ARM) templates
- B. Azure Policy
- C. role-based access control (RBAC)
- D. Conditional Access policies
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manage
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/manage/azure-server-management/common-policies#restrict-vm-size
NEW QUESTION 137
You are designing an Azure web app.
You plan to deploy the web app to the North Europe Azure region and the West Europe Azure region.
You need to recommend a solution for the web app. The solution must meet the following requirements:
Users must always access the web app from the North Europe region, unless the region fails.
The web app must be available to users if an Azure region is unavailable.
Deployment costs must be minimized.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 138
You plan to deploy the backup policy shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 139
You have an Azure subscription that contains an Azure SQL database.
You plan to use Azure reservations on the Azure SQL database.
To which resource type will the reservation discount be applied?
- A. DTU compute
- B. License
- C. vCore compute
- D. Storage
Answer: C
Explanation:
Explanation
Quantity: The amount of compute resources being purchased within the capacity reservation. The quantity is a number of vCores in the selected Azure region and Performance tier that are being reserved and will get the billing discount. For example, if you run or plan to run multiple databases with the total compute capacity of Gen5 16 vCores in the East US region, then you would specify the quantity as 16 to maximize the benefit for all the databases.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/reserved-capacity-overview
NEW QUESTION 140
You have an Azure subscription.
You need to recommend an Azure Kubernetes service (AKS) solution that will use Linux nodes. The solution must meet the following requirements:
* Minimize the time it takes to provision compute resources during scale-out operations.
* Support autoscaling of Linux containers.
* Minimize administrative effort.
Which scaling option should you recommend?
- A. cluster autoscaler
- B. horizontal pod autoscaler
- C. virtual nodes
- D. Virtual Kubetet
Answer: C
Explanation:
https://docs.microsoft.com/en-us/azure/aks/virtual-nodes
NEW QUESTION 141
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group'. Group i is configured Tor assigned membership. Group I has 50 members. including 20 guest users.
You need To recommend a solution for evaluating the member ship of Group1. The solution must meet the following requirements:
* The evaluation must be repeated automatically every three months
* Every member must be able to report whether they need to be in Group1
* Users who report that they do not need to be in Group 1 must be removed from Group1 automatically
* Users who do not report whether they need to be m Group1 must be removed from Group1 automatically.
What should you include in me recommendation?
- A. Change the Membership type of Group1 to Dynamic User.
- B. Create an access review.
- C. Implement Azure AD Privileged Identity Management.
- D. implement Azure AU Identity Protection.
Answer: A
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#learn-about-access Have reviews recur periodically: You can set up recurring access reviews of users at set frequencies such as weekly, monthly, quarterly or annually, and the reviewers will be notified at the start of each review.
Reviewers can approve or deny access with a friendly interface and with the help of smart recommendations.
An administrator creates an access review of Group C with 50 member users and 25 guest users. Makes it a self-review. 50 licenses for each user as self-reviewers.*
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#example-license-s There are 4 requirements and every single one is only met by access reviews.
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#when-should-you- Dynamic User is needed if a user must be automatically granted access on base of its attributes (department, jobtitle, location, etc.)
https://techcommunity.microsoft.com/t5/itops-talk-blog/dynamic-groups-in-azure-ad-and-microsoft-365/ba-p/22 Implementing Azure AD PIM is no solution and absolutely not necessary for access reviews.
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#where-do-you-cre
NEW QUESTION 142
You need to design a storage solution for an app that will store large amounts of frequently used dat a. The solution must meet the following requirements:
Maximize data throughput.
Prevent the modification of data for one year.
Minimize latency for read and write operations.
Which Azure Storage account type and storage service should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/archive-blob
NEW QUESTION 143
You have an Azure subscription that contains a custom application named Application was developed by an external company named fabric, Ltd. Developers at Fabrikam were assigned role-based access control (RBAV) permissions to the Application components. All users are licensed for the Microsoft 365 E5 plan.
You need to recommends a solution to verify whether the Faricak developers still require permissions to Application1. The solution must the following requirements.
* To the manager of the developers, send a monthly email message that lists the access permissions to Application1.
* If the manager does not verify access permission, automatically revoke that permission.
* Minimize development effort.
What should you recommend?
- A. In Azure Active Directory (Azure AD), create an access review of Application1
- B. Create an Azure Automation runbook that runs the Get-AzureRmRoleAssignment cmdlet
- C. In Azure Active Directory (AD) Privileged Identity Management, create a custom role assignment for the Application1 resources
- D. Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-user-access-with-access-reviews Azure Active Directory (Azure AD) access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments. User's access can be reviewed on a regular basis to make sure only the right people have continued access. Have reviews recur periodically: You can set up recurring access reviews of users at set frequencies such as weekly, monthly, quarterly or annually, and the reviewers will be notified at the start of each review. Reviewers can approve or deny access with a friendly interface and with the help of smart recommendations.
Why are access reviews important?
"Azure AD enables you to collaborate with users from inside your organization and with external users. Users can join groups, invite guests, connect to cloud apps, and work remotely from their work or personal devices. The convenience of using self-service has led to a need for better access management capabilities."
NEW QUESTION 144
You are designing an application that will use Azure Linux virtual machines to analyze video files. The files will be uploaded from corporate offices that connect to Azure by using ExpressRoute.
You plan to provision an Azure Storage account to host the files.
You need to ensure that the storage account meets the following requirements:
* Supports video files of up to 7 TB
* Provides the highest availability possible
* Ensures that storage is optimized for the large video files
* Ensures that files from the on-premises network are uploaded by using ExpressRoute How should you configure the storage account? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 145
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements:
* Support rate limiting
* Balance requests between all instances.
* Ensure that users can access the app in the event of a regional outage Solution: You use Azure Load Balancer to provide access to the app.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
NEW QUESTION 146
You plan to move a web application named App1 from an on-premises data center to Azure.
App1 depends on a custom COM component that is installed on the host server.
You need to recommend a solution to host App1 in Azure. The solution must meet the following requirements:
App1 must be available to users if an Azure data center becomes unavailable.
Costs must be minimized.
What should you include in the recommendation?
- A. In two Azure regions, deploy a load balancer and a web app.
- B. Deploy a load balancer and a virtual machine scale set across two availability zones.
- C. In two Azure regions, deploy a load balancer and a virtual machine scale set.
- D. In two Azure regions, deploy a Traffic Manager profile and a web app.
Answer: B
Explanation:
(https://docs.microsoft.com/en-us/dotnet/azure/migration/app-service#com-and-com-components) Azure App Service does not allow the registration of COM components on the platform. If your app makes use of any COM components, these need to be rewritten in managed code and deployed with the site or application. https://docs.microsoft.com/en-us/dotnet/azure/migration/app-service
"Azure App Service with Windows Containers If your app cannot be migrated directly to App Service, consider App Service using Windows Containers, which enables usage of the GAC, COM components, MSIs, full access to .NET FX APIs, DirectX, and more."
NEW QUESTION 147
You are designing an Azure web app.
You plan to deploy the web app to the North Europe Azure region and the West Europe Azure region.
You need to recommend a solution for the web app. The solution must meet the following requirements:
Users must always access the web app from the North Europe region, unless the region fails.
The web app must be available to users if an Azure region is unavailable.
Deployment costs must be minimized.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods#priority-traffic-routing-method
NEW QUESTION 148
You have an Azure subscription.
You need to recommend an Azure Kubernetes service (AKS) solution that will use Linux nodes. The solution must meet the following requirements:
* Minimize the time it takes to provision compute resources during scale-out operations.
* Support autoscaling of Linux containers.
* Minimize administrative effort.
Which scaling option should you recommend?
- A. cluster autoscaler
- B. horizontal pod autoscaler
- C. virtual nodes
- D. Virtual Kubetet
Answer: C
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/aks/virtual-nodes
NEW QUESTION 149
You ate designing a SQL database solution. The solution will include 20 databases that will be 20 GB each and have varying usage patterns. You need to recommend a database platform to host the databases. The solution must meet the following requirements:
* The compute resources allocated to the databases must scale dynamically.
* The solution must meet an SLA of 99.99% uptime.
* The solution must have reserved capacity.
* Compute charges must be minimized.
What should you include in the recommendation?
- A. an elastic pool that contains 20 Azure SQL databases
- B. 20 databases on a Microsoft SQL server that runs on an Azure virtual machine in an availability set
- C. 20 instances of Azure SQL Database serverless
- D. 20 databases on a Microsoft SQL server that runs on an Azure virtual machine
Answer: A
Explanation:
Azure SQL Database elastic pools are a simple, cost-effective solution for managing and scaling multiple databases that have varying and unpredictable usage demands. The databases in an elastic pool are on a single server and share a set number of resources at a set price. Elastic pools in Azure SQL Database enable SaaS developers to optimize the price performance for a group of databases within a prescribed budget while delivering performance elasticity for each database.
Guaranteed 99.995 percent uptime for SQL Database
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/elastic-pool-overview
https://azure.microsoft.com/en-us/pricing/details/sql-database/elastic/
https://www.azure.cn/en-us/support/sla/virtual-machines/
https://techcommunity.microsoft.com/t5/azure-sql/optimize-price-performance-with-compute-auto-scaling-in-azure/ba-p/966149
NEW QUESTION 150
The accounting department at your company migrates to a new financial accounting software. The accounting department must keep file-based database backups for seven years for compliance purposes. It is unlikely that the backups will be used to recover data.
You need to move the backups to Azure. The solution must minimize costs.
Where should you store the backups?
- A. Azure Blob storage that uses the Cool tier
- B. Azure SQL Database
- C. Azure Blob storage that uses the Archive tier
- D. a Recovery Services vault
Answer: C
Explanation:
Explanation
Azure Front Door enables you to define, manage, and monitor the global routing for your web traffic by optimizing for best performance and instant global failover for high availability. With Front Door, you can transform your global (multi-region) consumer and enterprise applications into robust, high-performance personalized modern applications, APIs, and content that reaches a global audience with Azure.
Front Door works at Layer 7 or HTTP/HTTPS layer and uses anycast protocol with split TCP and Microsoft's global network for improving global connectivity.
Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-overview
NEW QUESTION 151
You manage a database environment for a Microsoft Volume Licensing customer named Contoso, Ltd. Contoso uses License Mobility through Software Assurance.
You need to deploy 50 databases. The solution must meet the following requirements:
Support automatic scaling.
Minimize Microsoft SQL Server licensing costs.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/purchasing-models
NEW QUESTION 152
Your company identifies the following business continuity and disaster recovery objectives for virtual machines that host sales, finance, and reporting application in the company's on-premises data center.
* The finance application requires that data be retained for seven years. In the event of a disaster, the application must be able to run from Azure. The recovery in objective (RTO) is 10 minutes,
* The reporting application must be able to recover point in-time data al a daily granularity. The RTO is eight hours.
* The sales application must be able to fail over to second on-premises data center.
You need to recommend which Azure services meet the business community and disaster recovery objectives. The solution must minimize costs.
What should you recommend for each application? To answer, drag the appropriate services to the correct application. Each service may be used owe. More than once not at an You may need to drag the spin bar between panes or scroll 10 view content.
Answer:
Explanation:
1 - Azure Site Recovery only
2 - Azure Site Recovery and Azure Backup
3 - Azure Backup only
NEW QUESTION 153
You plan to deploy a custom database solution that will have multiple instances as shown in the following table.
Client applications will access database servers by using db.contoso.com.
You need to recommend load balancing services for the planned deployment. The solution must meet the following requirements:
Access to at least one database server must be maintained in the event of a regional outage.
The virtual machines must not connect to the internet directly.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/architecture/guide/technology-choices/load-balancing-overview
NEW QUESTION 154
......
Exam Valid Dumps with Instant Download Free Updates: https://freedownload.prep4sures.top/AZ-305-real-sheets.html