Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > Microsoft > Microsoft Certifications > AZ-305 > AZ-305 Online Practice Questions and Answers

AZ-305 Online Practice Questions and Answers

Questions 4

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.

The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.

You need to recommend a solution to meet the regulatory requirement.

Solution: You recommend using an Azure policy to enforce the resource group location. Does this meet the goal?

A. Yes

B. No

Buy Now

Correct Answer: A

Azure Resource Policy Definitions can be used which can be applied to a specific Resource Group with the App Service instances.

Reference: https://docs.microsoft.com/en-us/azure/governance/policy/overview

Questions 5

You have a hybrid deployment of Azure Active Directory (Azure AD).

You need to recommend a solution to ensure that the Azure AD tenant can be managed only from the computers on your on-premises network.

What should you include in the recommendation?

A. a conditional access policy

B. Azure AD roles and administrators

C. Azure AD Application Proxy

D. Azure AD Privileged Identity Management

Buy Now

Correct Answer: A

Questions 6

A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with Microsoft Office 365 and an Azure subscription.

Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active Directory Domain Services (AD DS), and Azure AD Connect

Contoso has a partnership with a company named Fabrikam, Inc. Fabrikam has an Active Directory forest and an Office 365 tenant. Fabrikam has the same on-premises identity infrastructure as Contoso.

A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure subscription of Contoso. The developers must be added to the Contributor role for a resource in the Contoso subscription.

You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam developers. The solution must ensure that the Fabrikam developers use their existing credentials to access resources.

What should you recommend?

A. Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.

B. Configure an organization relationship between the Office 365 tenants of Fabrikam and Contoso.

C. In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers.

D. Configure an AD FS relying party trust between the fabrikam and Contoso AD FS infrastructures.

Buy Now

Correct Answer: A

Trust configurations - Configure trust from managed forests(s) or domain(s) to the administrative forest. A one-way trust is required from production environment to the admin forest. Selective authentication should be used to restrict accounts in the admin forest to only logging on to the appropriate production hosts.

References:

https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged- access-reference-material

Questions 7

You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:

1.

Provide access to the full .NET framework.

2.

Provide redundancy if an Azure region fails.

3.

Grant administrators access to the operating system to install custom application dependencies.

Solution: You deploy an Azure virtual machine scale set that uses autoscaling.

Does this meet the goal?

A. Yes

B. No

Buy Now

Correct Answer: B

Instead, you should deploy two Azure virtual machines to two Azure regions, and you create a Traffic Manager profile

Questions 8

You plan to migrate App1 to Azure. The solution must meet the authentication and authorization requirements. Which type of endpoint should App1 use to obtain an access token?

A. Azure Instance Metadata Service (IMDS)

B. Azure AD

C. Azure Service Management

D. Microsoft identity platform

Buy Now

Correct Answer: A

https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token

Questions 9

HOTSPOT

You have a resource group named RG1 that contains the objects shown in the following table.

You need to configure permissions so that App1 can copy all the secrets from KV1 to KV2. App1 currently has the Get permission for the secrets in KV1.

Which additional permissions should you assign to App1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Buy Now

Correct Answer:

Box 1: List

Get: Gets the specified Azure key vault.

List: The List operation gets information about the vaults associated with the subscription.

Box 2: Create

Create Or Update: Create or update a key vault in the specified subscription.

Questions 10

HOTSPOT

Your company has 20 web APIs that were developed in-house.

The company is developing 10 web apps that will use the web APIs. The web apps and the APIs are registered in the company s Azure AD tenant. The web APIs are published by using Azure API Management.

You need to recommend a solution to block unauthorized requests originating from the web apps from reaching the web APIs. The solution must meet the following requirements:

1.

Use Azure AD-generated claims.

2.

Minimize configuration and management effort

What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

NOTE: Each correct selection is worth one point.

Hot Area:

Buy Now

Correct Answer:

Questions 11

HOTSPOT

You plan to deploy a containerized web-app that will be hosted in five Azure Kubernetes Service (AKS) clusters. Each cluster will be hosted in a different Azure region.

You need to provide access to the app from the internet. The solution must meet the following requirements:

1.

Incoming HTTPS requests must be routed to the cluster that has the lowest network latency.

2.

HTTPS traffic to individual pods must be routed via an ingress controller.

3.

In the event of an AKS cluster outage, failover time must be minimized.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Buy Now

Correct Answer:

Reference: https://learn.microsoft.com/en-us/azure/architecture/guide/technology-choices/load-balancing-overview https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview

https://learn.microsoft.com/en-us/azure/frontdoor/front-door-faq

Questions 12

DRAG DROP

You plan to deploy Azure virtual machines (VMs) that run a mission-critical application.

You need to minimize the possibility that the application will experience down time.

What should you recommend? To answer, drag the appropriate solutions to the correct scenarios. Each solution may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

Buy Now

Correct Answer:

Box 1: Scale set

A virtual machine scale set allows you to deploy and manage a set of identical, autoscaling virtual machines.

Box 2: Availability Set

An Availability Set is a logical grouping capability for isolating VM resources from each other when they're deployed. Azure makes sure that the VMs you place within an Availability Set run across multiple physical servers, compute racks,

storage units, and network switches. If a hardware or software failure happens, only a subset of your VMs are impacted and your overall solution stays operational. Availability Sets are essential for building reliable cloud solutions.

Incorrect Answers:

An update domain is a group of VMs and underlying physical hardware that can be rebooted at the same time.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-create-vmss

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets

Questions 13

DRAG DROP

You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server 2016 and Linux.

You need to use Azure Monitor to design an alerting strategy for security-related events.

Which Azure Monitor Logs tables should you query? To answer, drag the appropriate tables to the correct log types. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to

view content.

NOTE: Each correct selection is worth one point.

Select and Place:

Buy Now

Correct Answer:

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent

Windows Event logs --> Information sent to the Windows event logging system. Syslog -->Information sent to the Linux event logging system.

Exam Code: AZ-305
Exam Name: Designing Microsoft Azure Infrastructure Solutions
Last Update: Jan 27, 2025
Questions: 363

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2025 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.