[2024] AZ-305 by Microsoft Azure Solutions Architect Expert Actual Free Exam Practice Test
Free Microsoft Azure Solutions Architect Expert AZ-305 Exam Question
Microsoft AZ-305 (Designing Microsoft Azure Infrastructure Solutions) Exam is a certification that validates the skills and knowledge required to design and implement solutions on Microsoft Azure. It is designed for professionals who are responsible for designing and implementing Azure solutions, such as architects, developers, and DevOps engineers. Passing AZ-305 exam demonstrates expertise in designing Azure infrastructure solutions that meet the unique requirements of an organization.
NEW QUESTION # 169
Your company has the divisions shown in the following table.
You plan to deploy a custom application to each subscription. The application will contain the following:
A resource group
An Azure web app
Custom role assignments
An Azure Cosmos DB account
You need to use Azure Blueprints to deploy the application to each subscription.
What is the minimum number of objects required to deploy the application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 170
You are designing a solution that will include containerized applications running in an Azure Kubernetes Service (AKS) cluster.
You need to recommend a load balancing solution for HTTPS traffic. The solution must meet the following requirements:
* Automatically configure load balancing rules as the applications are deployed to the cluster.
* Support Azure Web Application Firewall (WAF).
* Support cookie-based affinity.
* Support URL routing.
What should you include the recommendation?
- A. Application Gateway Ingress Controller (AGIC)
- B. an HTTP application routing ingress controller
- C. an NGINX ingress controller
- D. the Kubernetes load balancer service
Answer: A
Explanation:
Explanation
Much like the most popular Kubernetes Ingress Controllers, the Application Gateway Ingress Controller provides several features, leveraging Azure's native Application Gateway L7 load balancer. To name a few:
* URL routing
* Cookie-based affinity
* Secure Sockets Layer (SSL) termination
* End-to-end SSL
* Support for public, private, and hybrid web sites
* Integrated support of Azure web application firewall
Application Gateway redirection support isn't limited to HTTP to HTTPS redirection alone. This is a generic redirection mechanism, so you can redirect from and to any port you define using rules. It also supports redirection to an external site as well.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/features
NEW QUESTION # 171
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group'. Group i is configured Tor assigned membership. Group I has 50 members. including 20 guest users.
You need To recommend a solution for evaluating the member ship of Group1. The solution must meet the following requirements:
* The evaluation must be repeated automatically every three months
* Every member must be able to report whether they need to be in Group1
* Users who report that they do not need to be in Group 1 must be removed from Group1 automatically
* Users who do not report whether they need to be m Group1 must be removed from Group1 automatically.
What should you include in me recommendation?
- A. Change the Membership type of Group1 to Dynamic User.
- B. Implement Azure AD Privileged Identity Management.
- C. implement Azure AU Identity Protection.
- D. Create an access review.
Answer: A
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#learn-about-access Have reviews recur periodically: You can set up recurring access reviews of users at set frequencies such as weekly, monthly, quarterly or annually, and the reviewers will be notified at the start of each review.
Reviewers can approve or deny access with a friendly interface and with the help of smart recommendations.
An administrator creates an access review of Group C with 50 member users and 25 guest users. Makes it a self-review. 50 licenses for each user as self-reviewers.*
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#example-license-s There are 4 requirements and every single one is only met by access reviews.
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#when-should-you- Dynamic User is needed if a user must be automatically granted access on base of its attributes (department, jobtitle, location, etc.)
https://techcommunity.microsoft.com/t5/itops-talk-blog/dynamic-groups-in-azure-ad-and-microsoft-365/ba-p/22 Implementing Azure AD PIM is no solution and absolutely not necessary for access reviews.
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#where-do-you-cre
NEW QUESTION # 172
You have five .NET Core applications that run on 10 Azure virtual machines in the same subscription.
You need to recommend a solution to ensure that the applications can authenticate by using the same Azure Active Directory (Azure AD) identity. The solution must meet the following requirements:
Ensure that the applications can authenticate only when running on the 10 virtual machines.
Minimize administrative effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 173
You have 100 devices that write performance data to Azure Blob Storage.
You plan to store and analyze the performance data in an Azure SQL database.
You need to recommend a solution to continually copy the performance data to the Azure SQL database.
What should you include in the recommendation?
- A. Azure Data Box
- B. Azure Data Factory
- C. Data Migration Assistant (DMA)
- D. Azure Database Migration Service
Answer: B
NEW QUESTION # 174
You need to recommend a solution to deploy containers that run an application. The application has two tiers.
Each tier is implemented as a separate Docker Linux-based image. The solution must meet the following requirements:
The front-end tier must be accessible by using a public IP address on port 80.
The backend tier must be accessible by using port 8080 from the front-end tier only.
Both containers must be able to access the same Azure file share.
If a container fails, the application must restart automatically.
Costs must be minimized.
What should you recommend using to host the application?
- A. Azure Kubernetes Service (AKS)
- B. Azure Service Fabric
- C. Azure Container instances
- D. Azure Container registries
Answer: C
Explanation:
Azure Container Instances enables a layered approach to orchestration, providing all of the scheduling and management capabilities required to run a single container, while allowing orchestrator platforms to manage multi-container tasks on top of it.
Because the underlying infrastructure for container instances is managed by Azure, an orchestrator platform does not need to concern itself with finding an appropriate host machine on which to run a single container.
Azure Container Instances can schedule both Windows and Linux containers with the same API.
Orchestration of container instances exclusively
Because they start quickly and bill by the second, an environment based exclusively on Azure Container Instances offers the fastest way to get started and to deal with highly variable workloads.
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-overview
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-orchestrator-relationship
NEW QUESTION # 175
You have an Azure subscription that contains an Azure Blob storage account named store1.
You have an on-premises file server named Setver1 that runs Windows Sewer 2016. Server1 stores 500 GB of company files.
You need to store a copy of the company files from Server 1 in store1.
Which two possible Azure services achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point
- A. an integration account
- B. Azure Data factory
- C. an Azure Batch account
- D. an On-premises data gateway
- E. an Azure Import/Export job
Answer: B,E
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-data-from-blobs
https://docs.microsoft.com/en-us/answers/questions/31113/fastest-method-to-copy-500gb-table-from-on-premise
NEW QUESTION # 176
You need to recommend an Azure Storage Account configuration for two applications named Application1 and Applications. The configuration must meet the following requirements:
* Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.
* Storage for Application2 must provide the lowest possible storage costs per GB.
* Storage for both applications must be optimized for uploads and downloads.
* Storage for both applications must be available in an event of datacenter failure.
What should you recommend ? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview
https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
NEW QUESTION # 177
You need to design a storage solution for an app that will store large amounts of frequently used dat a. The solution must meet the following requirements:
Maximize data throughput.
Prevent the modification of data for one year.
Minimize latency for read and write operations.
Which Azure Storage account type and storage service should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/archive-blob
NEW QUESTION # 178
Your company has the divisions shown in the following table.
You plan to deploy a custom application to each subscription. The application will contain the following:
A resource group
An Azure web app
Custom role assignments
An Azure Cosmos DB account
You need to use Azure Blueprints to deploy the application to each subscription.
What is the minimum number of objects required to deploy the application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 179
Your on-premises network contains a file server named Server1 that stores 500 GB of data.
You need to use Azure Data Factory to copy the data from Server1 to Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, text, application, email Description automatically generated
Box 1: Install a self-hosted integration runtime
The Integration Runtime is a customer-managed data integration infrastructure used by Azure Data Factory to provide data integration capabilities across different network environments.
Box 2: Create a pipeline
With ADF, existing data processing services can be composed into data pipelines that are highly available and managed in the cloud. These data pipelines can be scheduled to ingest, prepare, transform, analyze, and publish data, and ADF manages and orchestrates the complex data and processing dependencies References:
https://docs.microsoft.com/en-us/azure/machine-learning/team-data-science-process/move-sql-azure-adf
https://docs.microsoft.com/pl-pl/azure/data-factory/tutorial-hybrid-copy-data-tool syu31svc 3 months, 4 weeks ago
https://docs.microsoft.com/en-us/azure/data-factory/create-self-hosted-integration-runtime?tabs=data-factory
"A self-hosted integration runtime can run copy activities between a cloud data store and a data store in a private network"
https://docs.microsoft.com/en-us/azure/data-factory/introduction
"With Data Factory, you can use the Copy Activity in a data pipeline to move data from both on-premises and cloud source data stores to a centralization data store in the cloud for further analysis"
NEW QUESTION # 180
You need to design an Azure policy that will implement the following functionality:
* For new resources, assign tags and values that match the tags and values of the resource group to which the resources are deployed.
* For existing resources, identify whether the tags and values match the tags and values of the resource group that contains the resources.
* For any non-compliant resources, trigger auto-generated remediation tasks to create missing tags and values.
The solution must use the principle of least privilege.
What should you include in the design? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects
https://docs.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#modify
NEW QUESTION # 181
You plan to migrate DB1 and DB2 to Azure.
You need to ensure that the Azure database and the service tier meet the resiliency and business requirements.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 182
You need to recommend an App Service architecture that meets the requirements for Appl. The solution must minimize costs.
What should few recommend?
- A. one App Service plan per region
- B. one App Service Environment (ASE) per region
- C. one App Service Environment (ASE) per availability zone
- D. one App Service plan per availability zone
Answer: C
Explanation:
Topic 4, HABInsurance
Current environment
General
An insurance company, HABInsurance, operates in three states and provides home, auto, and boat insurance. Besides the head office, HABInsurance has three regional offices.
Technology assessment
The company has two Active Directory forests: main.habinsurance.com and region.habinsurance.com. HABInsurance's primary internal system is Insurance Processing System (IPS). It is an ASP.Net/C# application running on IIS/Windows Servers hosted in a data center. IPS has three tiers: web, business logic API, and a datastore on a back end. The company uses Microsoft SQL Server and MongoDB for the backend. The system has two parts: Customer data and Insurance forms and documents. Customer data is stored in Microsoft SQL Server and Insurance forms and documents - in MongoDB. The company also has 10 TB of Human Resources (HR) data stored on NAS at the head office location. Requirements General HABInsurance plans to migrate its workloads to Azure. They purchased an Azure subscription. Changes During a transition period, HABInsurance wants to create a hybrid identity model along with a Microsoft Office 365 deployment. The company intends to sync its AD forests to Azure AD and benefit from Azure AD administrative units functionality.
HABInsurance needs to migrate the current IPSCustomers SQL database to a new fully managed SQL database in Azure that would be budget-oriented, balanced with scalable compute and storage options. The management team expects the Azure database service to scale the database resources dynamically with minimal downtime. The technical team proposes implementing a DTU-based purchasing model for the new database.
HABInsurance wants to migrate Insurance forms and documents to Azure database service. HABInsurance plans to move IPS first two tiers to Azure without any modifications. The technology team discusses the possibility of running IPS tiers on a set of virtual machines instances. The number of instances should be adjusted automatically based on the CPU utilization. An SLA of 99.95% must be guaranteed for the compute infrastructure.
The company needs to move HR data to Azure File shares.
In their new Azure ecosystem, HABInsurance plans to use internal and third-party applications. The company considers adding user consent for data access to the registered applications Later, the technology team contemplates adding a customer self-service portal to IPS and deploying a new IPS to multi-region ASK. But the management team is worried about performance and availability of the multi-region AKS deployments during regional outages.
NEW QUESTION # 183
You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network.
You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:
* Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.
* The number of incoming microservice calls must be rate-limited.
* Costs must be minimized.
What should you include in the solution?
- A. Azure API Management Premium tier with virtual network connection
- B. Azure API Management Standard tier with a service endpoint
- C. Azure App Gateway with Azure Web Application Firewall (WAF)
- D. Azure Front Door with Azure Web Application Firewall (WAF)
Answer: A
Explanation:
Explanation
One option is to deploy APIM (API Management) inside the cluster VNet.
The AKS cluster and the applications that consume the microservices might reside within the same VNet, hence there is no reason to expose the cluster publicly as all API traffic will remain within the VNet. For these scenarios, you can deploy API Management into the cluster VNet. API Management Premium tier supports VNet deployment.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-kubernetes
NEW QUESTION # 184
......
Microsoft AZ-305 Actual Questions and Braindumps: https://www.prepawaypdf.com/Microsoft/AZ-305-practice-exam-dumps.html
AZ-305 dumps & Microsoft Azure Solutions Architect Expert sure practice dumps: https://drive.google.com/open?id=1BXQBC0EwNafzw6kuMqzByELxgNuOP8vr