Exam Code | AZ-305 |
Exam Name | Designing Microsoft Azure Infrastructure Solutions |
Questions | 311 Questions Answers With Explanation |
Update Date | July 11,2024 |
Price |
Was : |
You have an Azure web app named App1 and an Azure key vault named KV1.App1 stores database connection strings in KV1.App1 performs the following types of requests to KV1:GetListWrapDeleteUnwrapBackupDecryptEncryptYou are evaluating the continuity of service for App1.You need to identify the following if the Azure region that hosts KV1 becomes unavailable:To where will KV1 failover?During the failover, which request type will be unavailable?What should you identify? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.
You plan to develop a new app that will store business critical data. The app must meet thefollowing requirements:• Prevent new data from being modified for one year.• Maximize data resiliency.• Minimize read latency.What storage solution should you recommend for the app? To answer, select theappropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to deploy resources to host a stateless web app in an Azure subscription. Thesolution must meet the following requirements:• Provide access to the full .NET framework.• Provide redundancy if an Azure region fails.• Grant administrators access to the operating system to install custom applicationdependencies.Solution: You deploy a Azure virtual machine scale set that uses autoscaling.Does this meet the goal?
A. Yes
B. No
You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premisesActive Directory domain.You have an internal web app named WebApp1 that is hosted on-premises. WebApp1uses Integrated Windows authentication.Some users work remotely and do NOT have VPN access to the on-premises network.You need to provide the remote users with single sign-on (SSO) access to WebApp1.Which two features should you include in the solution? Each correct answer presents partof the solution.NOTE: Each correct selection is worth one point.
A. Azure AD Application Proxy
B. Azure AD Privileged Identity Management (PIM)
C. Conditional Access policies
D. Azure Arc
E. Azure AD enterprise applications
F. Azure Application Gateway
You deploy several Azure SQL Database instances.You plan to configure the Diagnostics settings on the databases as shown in the followingexhibit. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
You need to deploy resources to host a stateless web app in an Azure subscription. Thesolution must meet the following requirements:• Provide access to the full .NET framework.• Provide redundancy if an Azure region fails.• Grant administrators access to the operating system to install custom applicationdependencies.Solution: You deploy an Azure virtual machine to two Azure regions, and you deploy anAzure Application Gateway.Does this meet the goal?
A. Yes
B. No
You have the Azure resources shown in the following table. You need to deploy a new Azure Firewall policy that will contain mandatory rules for allAzure Firewall deployments. The new policy will be configured as a parent policy for theexisting policies.What is the minimum number of additional Azure Firewall policies you should create?
A. 0
B. 1
C. 2
D. 3
You plan to deploy an application named App1 that will run on five Azure virtual machines.Additional virtual machines will be deployed later to run App1.You need to recommend a solution to meet the following requirements for the virtualmachines that will run App1:Ensure that the virtual machines can authenticate to Azure Active Directory (AzureAD) to gain access toan Azure key vault, Azure Logic Apps instances, and an Azure SQL database.Avoid assigning new roles and permissions for Azure services when you deployadditional virtual machines.Avoid storing secrets and certificates on the virtual machines.Which type of identity should you include in the recommendation?
A. a service principal that is configured to use a certificate
B. a system-assigned managed identity
C. a service principal that is configured to use a client secret
D. a user-assigned managed identity
You have an Azure subscription.You need to recommend an Azure Kubernetes service (AKS) solution that will use Linuxnodes. The solution must meet the following requirements:• Minimize the time it takes to provision compute resources during scale-out operations.• Support autoscaling of Linux containers.• Minimize administrative effort.Which scaling option should you recommend?
A. Virtual Kubetet
B. cluster autoscaler
C. virtual nodes
D. horizontal pod autoscaler
You plan to deploy an app that will use an Azure Storage account.You need to deploy the storage account. The solution must meet the followingrequirements:• Store the data of multiple users.• Encrypt each user's data by using a separate key.• Encrypt all the data in the storage account by using Microsoft keys or customer-managedkeys.What should you deploy?
A. files in a general purpose v2 storage account.
B. blobs in an Azure Data Lake Storage Gen2 account.
C. files in a premium file share storage account.
D. blobs in a general purpose v2 storage account