0% found this document useful (0 votes)

275 views71 pages

305 DOCUMENT - Merged - Merged

Your company plans to deploy Azure Databricks to support a machine learning application. Data engineers will mount an Azure Data Lake Storage account to the Databricks file system and be granted direct permissions to folders. To meet requirements, you should recommend including access policies that ensure data engineers can only access folders they have permissions for, while minimizing development effort and costs.

Uploaded by

swathi reddy

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

275 views71 pages

305 DOCUMENT - Merged - Merged

Uploaded by

swathi reddy

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 71

Question #5Topic 1

HOTSPOT -

You plan to deploy Azure Databricks to support a machine learning application. Data engineers will
mount an Azure Data Lake Storage account to the Databricks file system. Permissions to folders are
granted directly to the data engineers.

You need to recommend a design for the planned Databrick deployment. The solution must meet the
following requirements:

✑ Ensure that the data engineers can only access folders to which they have permissions.

✑ Minimize development effort.

✑ Minimize costs.

What should you include in the recommendation? To answer, select the appropriate options in the
answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Note: This question is part of a series of questions that present the same scenario. Each question in the
series contains a unique solution that might meet the stated goals. Some question sets might have more
than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is deployed and
configured for on-premises to Azure connectivity.

Several virtual machines exhibit network connectivity issues.

You need to analyze the network traffic to identify whether packets are being allowed or denied to the
virtual machines.

Solution: Use Azure Network Watcher to run IP flow verify to analyze the network traffic.

Does this meet the goal?

A. Yes

B. No

ANSWER:A

Question #11Topic 1

You are designing a large Azure environment that will contain many subscriptions.

You plan to use Azure Policy as part of a governance solution.

To which three scopes can you assign Azure Policy definitions? Each correct answer presents a complete
solution.

NOTE: Each correct selection is worth one point.

A. Azure Active Directory (Azure AD) administrative units

B. Azure Active Directory (Azure AD) tenants

C. subscriptions

D. compute resources

E. resource groups

F. management group

Correct Answer: CEF

Question #12Topic 1

DRAG DROP -

Your on-premises network contains a server named Server1 that runs an ASP.NET application named
App1.

You have a hybrid deployment of Azure Active Directory (Azure AD).

You need to recommend a solution to ensure that users sign in by using their Azure AD account and
Azure Multi-Factor Authentication (MFA) when they connect to App1 from the internet.

Which three features should you recommend be deployed and configured in sequence? To answer,
move the appropriate features from the list of features to the answer area and arrange them in the
correct order.

Select and Place:

ANSWER:
Question #13Topic 1

You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager
(ARM) resource deployments in your Azure subscription.

What should you include in the recommendation?

A. Azure Activity Log

B. Azure Advisor

C. Azure Analysis Services

D. Azure Monitor action groups

ANSWER:

Correct Answer: A

Question #14Topic 1

Note: This question is part of a series of questions that present the same scenario. Each question in the
series contains a unique solution that might meet the stated goals. Some question sets might have more
than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is deployed and
configured for on-premises to Azure connectivity.

Several virtual machines exhibit network connectivity issues.

You need to analyze the network traffic to identify whether packets are being allowed or denied to the
virtual machines.

Solution: Install and configure the Azure Monitoring agent and the Dependency Agent on all the virtual
machines. Use VM insights in Azure Monitor to analyze the network traffic.

Does this meet the goal?

A. Yes

B. No

Correct Answer: B

Question #15Topic 1

DRAG DROP -

You need to design an architecture to capture the creation of users and the assignment of roles. The
captured data must be stored in Azure Cosmos DB.

Which services should you include in the design? To answer, drag the appropriate services to the correct
targets. Each service may be used once, more than once, or not at all. You may need to drag the split bar
between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

ANSWER:
Question #16Topic 1

Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The
logic apps provide access to an on-premises web service.

Contoso establishes a partnership with another company named Fabrikam, Inc.

Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth
2.0 identity management to authenticate its users.

Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate
with the on-premises web service of Contoso.

You need to design a solution to provide the Fabrikam developers with access to the logic apps. The
solution must meet the following requirements:

✑ Requests to the logic apps from the developers must be limited to lower rates than the requests from
the users at Contoso.

✑ The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic
apps.

✑ The solution must NOT require changes to the logic apps.

✑ The solution must NOT use Azure AD guest accounts.

What should you include in the solution?

A. Azure Front Door

B. Azure AD Application Proxy

C. Azure AD business-to-business (B2B)

D. Azure API Management

Correct Answer: D

Question #17Topic 1

HOTSPOT -

You have an Azure subscription that contains 300 virtual machines that run Windows Server 2019.

You need to centrally monitor all warning events in the System logs of the virtual machines.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

ANSWER:

Question #18Topic 1

HOTSPOT -

You have several Azure App Service web apps that use Azure Key Vault to store data encryption keys.

Several departments have the following requests to support the web app:
Which service should you recommend for each department's request? To answer, configure the
appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

ANSWER:
Question #19Topic 1

HOTSPOT -

Your company has the divisions shown in the following table.

You plan to deploy a custom application to each subscription. The application will contain the following:

✑ A resource group

✑ An Azure web app

✑ Custom role assignments

✑ An Azure Cosmos DB account

You need to use Azure Blueprints to deploy the application to each subscription.

What is the minimum number of objects required to deploy the application? To answer, select the
appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
ANSWER:

Question #20Topic 1

HOTSPOT -

You need to design an Azure policy that will implement the following functionality:

✑ For new resources, assign tags and values that match the tags and values of the resource group to
which the resources are deployed.

✑ For existing resources, identify whether the tags and values match the tags and values of the resource
group that contains the resources.

✑ For any non-compliant resources, trigger auto-generated remediation tasks to create missing tags and
values.

The solution must use the principle of least privilege.

What should you include in the design? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Hot Area:

ANSWER:

Question #21Topic 1

HOTSPOT -

You have an Azure subscription that contains the resources shown in the following table.
You create an Azure SQL database named DB1 that is hosted in the East US Azure region.

To DB1, you add a diagnostic setting named Settings1. Settings1 archive SQLInsights to storage1 and
sends SQLInsights to Workspace1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Hot Area:

ANSWER:

You plan to deploy an Azure SQL database that will store Personally Identifiable Information (PII).

You need to ensure that only privileged users can view the PII.

What should you include in the solution?

A. dynamic data masking

B. role-based access control (RBAC)

C. Data Discovery & Classification

D. Transparent Data Encryption (TDE)

ANSWER: A

Question #23Topic 1

You plan to deploy an app that will use an Azure Storage account.

You need to deploy the storage account. The storage account must meet the following requirements:

✑ Store the data for multiple users.

✑ Encrypt each user's data by using a separate key.

✑ Encrypt all the data in the storage account by using customer-managed keys.
What should you deploy?

A. files in a premium file share storage account

B. blobs in a general purpose v2 storage account

C. blobs in an Azure Data Lake Storage Gen2 account

D. files in a general purpose v2 storage account

Correct Answer: B

Question #24Topic 1

HOTSPOT -

You have an Azure App Service web app that uses a system-assigned managed identity.

You need to recommend a solution to store the settings of the web app as secrets in an Azure key vault.
The solution must meet the following requirements:

✑ Minimize changes to the app code.

✑ Use the principle of least privilege.

What should you include in the recommendation? To answer, select the appropriate options in the
answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Question #26Topic 1

You have the resources shown in the following table:

CDB1 hosts a container that stores continuously updated operational data.

You are designing a solution that will use AS1 to analyze the operational data daily.

You need to recommend a solution to analyze the data without affecting the performance of the
operational data store.

What should you include in the recommendation?

A. Azure Cosmos DB change feed

B. Azure Data Factory with Azure Cosmos DB and Azure Synapse Analytics connectors

C. Azure Synapse Link for Azure Cosmos DB

D. Azure Synapse Analytics with PolyBase data loading

Correct Answer: C

Question #27Topic 1

HOTSPOT -

You deploy several Azure SQL Database instances.

You plan to configure the Diagnostics settings on the databases as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

ANSWER:
Question #28Topic 1

You have an application that is used by 6,000 users to validate their vacation requests. The application
manages its own credential store.

Users must enter a username and password to access the application. The application does NOT support
identity providers.

You plan to upgrade the application to use single sign-on (SSO) authentication by using an Azure Active
Directory (Azure AD) application registration.

Which SSO method should you use?

A. header-based

B. SAML

C. password-based

D. OpenID Connect

ANSWER:

Correct Answer: C

Question #29Topic 1

HOTSPOT -

You have an Azure subscription that contains a virtual network named VNET1 and 10 virtual machines.
The virtual machines are connected to VNET1.

You need to design a solution to manage the virtual machines from the internet. The solution must meet
the following requirements:

✑ Incoming connections to the virtual machines must be authenticated by using Azure Multi-Factor
Authentication (MFA) before network connectivity is allowed.

✑ Incoming connections must use TLS and connect to TCP port 443.

✑ The solution must support RDP and SSH.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question #30Topic 1

You are designing an Azure governance solution.

All Azure resources must be easily identifiable based on the following operational information:
environment, owner, department and cost center.

You need to ensure that you can use the operational information when you generate reports for the
Azure resources.

What should you include in the solution?

A. an Azure data catalog that uses the Azure REST API as a data source

B. an Azure management group that uses parent groups to create a hierarchy

C. an Azure policy that enforces tagging rules

D. Azure Active Directory (Azure AD) administrative units

ANSWER: C

Question #31Topic 1
A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with
Microsoft 365 and an Azure subscription.

Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active
Directory Domain Services (AD DS) and Azure AD Connect.

Contoso has a partnership with a company named Fabrikam. Inc. Fabrikam has an Active Directory forest
and a Microsoft 365 tenant. Fabrikam has the same on- premises identity infrastructure components as
Contoso.

A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure
subscription of Contoso. The developers must be added to the Contributor role for a resource group in
the Contoso subscription.

You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam
developers. The solution must ensure that the Fabrikam developers use their existing credentials to
access resources

What should you recommend?

A. In the Azure AD tenant of Contoso. create cloud-only user accounts for the Fabrikam developers.

B. Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.

C. Configure an organization relationship between the Microsoft 365 tenants of Fabrikam and Contoso.

D. In the Azure AD tenant of Contoso, create guest accounts for the Fabnkam developers.

Correct Answer: D

Question #32Topic 1

Your company has the divisions shown in the following table.

Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user
authentication. Users from contoso.com can authenticate to App1.

You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.

What should you recommend?

A. Configure the Azure AD provisioning service.

B. Enable Azure AD pass-through authentication and update the sign-in endpoint.

C. Use Azure AD entitlement management to govern external users.

D. Configure Azure AD join.

Correct Answer: A

Question #33Topic 1

HOTSPOT -

Your company has 20 web APIs that were developed in-house.

The company is developing 10 web apps that will use the web APIs. The web apps and the APIs are
registered in the company s Azure Active Directory (Azure

AD) tenant. The web APIs are published by using Azure API Management.

You need to recommend a solution to block unauthorized requests originating from the web apps from
reaching the web APIs. The solution must meet the following requirements:

✑ Use Azure AD-generated claims.

Minimize configuration and management effort.

What should you include in the recommendation? To answer, select the appropriate options in the
answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Question #34Topic 1

You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager
(ARM) resource deployments in your Azure subscription.

What should you include in the recommendation?

A. Azure Log Analytics

B. Azure Arc

C. Azure Analysis Services

D. Application Insights

ANSWER: A

Question #35Topic 1

Your company has the divisions shown in the following table.

Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user
authentication. Users from contoso.com can authenticate to App1.

You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.

What should you recommend?

A. Configure the Azure AD provisioning service.

B. Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management
(PIM).

C. Use Azure AD entitlement management to govern external users.

D. Configure Azure AD Identity Protection

ANSWER: C

Question #2Topic 2

You have an Azure subscription that contains an Azure Blob Storage account named store1.

You have an on-premises file server named Server1 that runs Windows Server 2016. Server1 stores 500
GB of company files.
You need to store a copy of the company files from Server1 in store1.

Which two possible Azure services achieve this goal? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

A. an Azure Logic Apps integration account

B. an Azure Import/Export job

C. Azure Data Factory

D. an Azure Analysis services On-premises data gateway

E. an Azure Batch account

ANSWER:BC

Question #4Topic 2

HOTSPOT -

You need to design a storage solution for an app that will store large amounts of frequently used data.
The solution must meet the following requirements:

✑ Maximize data throughput.

✑ Prevent the modification of data for one year.

✑ Minimize latency for read and write operations.

Which Azure Storage account type and storage service should you recommend? To answer, select the
appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question #5Topic 2
HOTSPOT -

You have an Azure subscription that contains the storage accounts shown in the following table.

You plan to implement two new apps that have the requirements shown in the following table.

Which storage accounts should you recommend using for each app? To answer, select the appropriate
options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question #6Topic 2

You are designing an application that will be hosted in Azure.

The application will host video files that range from 50 MB to 12 GB. The application will use
certificate-based authentication and will be available to users on the internet.
You need to recommend a storage option for the video files. The solution must provide the fastest read
performance and must minimize storage costs.

What should you recommend?

A. Azure Files

B. Azure Data Lake Storage Gen2

C. Azure Blob Storage

D. Azure SQL Database

Correct Answer: C

Question #8Topic 2

HOTSPOT -

You have an on-premises database that you plan to migrate to Azure.

You need to design the database architecture to meet the following requirements:

✑ Support scaling up and down.

✑ Support geo-redundant backups.

✑ Support a database of up to 75 TB.

✑ Be optimized for online transaction processing (OLTP).

What should you include in the design? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Question #9Topic 2

You are planning an Azure IoT Hub solution that will include 50,000 IoT devices.

Each device will stream data, including temperature, device ID, and time data. Approximately 50,000
records will be written every second. The data will be visualized in near real time.

You need to recommend a service to store and query the data.

Which two services can you recommend? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

A. Azure Table Storage

B. Azure Event Grid

C. Azure Cosmos DB SQL API

D. Azure Time Series Insights

ANSWER:CD

Question #10Topic 2

You are designing an application that will aggregate content for users.

You need to recommend a database solution for the application. The solution must meet the following
requirements:

✑ Support SQL commands.

✑ Support multi-master writes.

✑ Guarantee low latency read operations.

What should you include in the recommendation?

A. Azure Cosmos DB SQL API

B. Azure SQL Database that uses active geo-replication

C. Azure SQL Database Hyperscale

D. Azure Database for PostgreSQL

ANSWER:A

Question #11Topic 2

HOTSPOT -

You have an Azure subscription that contains the SQL servers on Azure shown in the following table.

The subscription contains the storage accounts shown in the following table.

You create the Azure SQL databases shown in the following table

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:
Question #12Topic 2

DRAG DROP -

You plan to import data from your on-premises environment to Azure. The data is shown in the following
table

What should you recommend using to migrate the data? To answer, drag the appropriate tools to the
correct data sources. Each tool may be used once, more than once, or not at all. You may need to drag
the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

ANSWER:

Question #13Topic 2

You store web access logs data in Azure Blob Storage.

You plan to generate monthly reports from the access logs.

You need to recommend an automated process to upload the data to Azure SQL Database every month.
What should you include in the recommendation?

A. Microsoft SQL Server Migration Assistant (SSMA)

B. Data Migration Assistant (DMA)

C. AzCopy

D. Azure Data Factory

Correct Answer: D

Question #14Topic 2

You have an Azure subscription.

Your on-premises network contains a file server named Server1. Server1 stores 5 ‫׀‬¢‫ ’׀‬of company files
that are accessed rarely.

You plan to copy the files to Azure Storage.

You need to implement a storage solution for the files that meets the following requirements:

✑ The files must be available within 24 hours of being requested.

✑ Storage costs must be minimized.

Which two possible storage solutions achieve this goal? Each correct answer presents a complete
solution.

NOTE: Each correct selection is worth one point.

A. Create an Azure Blob Storage account that is configured for the Cool default access tier. Create a blob
container, copy the files to the blob container, and set each file to the Archive access tier.

B. Create a general-purpose v1 storage account. Create a blob container and copy the files to the blob
container.

C. Create a general-purpose v2 storage account that is configured for the Cool default access tier. Create
a file share in the storage account and copy the files to the file share.

D. Create a general-purpose v2 storage account that is configured for the Hot default access tier. Create
a blob container, copy the files to the blob container, and set each file to the Archive access tier.

E. Create a general-purpose v1 storage account. Create a fie share in the storage account and copy the
files to the file share

ANSWER:AD

Question #15Topic 2

You have an app named App1 that uses two on-premises Microsoft SQL Server databases named DB1
and DB2.

You plan to migrate DB1 and DB2 to Azure

You need to recommend an Azure solution to host DB1 and DB2. The solution must meet the following
requirements:

✑ Support server-side transactions across DB1 and DB2.

✑ Minimize administrative effort to update the solution.

What should you recommend?

A. two Azure SQL databases in an elastic pool

B. two databases on the same Azure SQL managed instance

C. two databases on the same SQL Server instance on an Azure virtual machine

D. two Azure SQL databases on different Azure SQL Database servers

ANSWER: B

Question #16Topic 2

You need to design a highly available Azure SQL database that meets the following requirements:

✑ Failover between replicas of the database must occur without any data loss.

✑ The database must remain available in the event of a zone outage.

✑ Costs must be minimized.

Which deployment option should you use?

A. Azure SQL Database Hyperscale

B. Azure SQL Database Premium

C. Azure SQL Database Basic

D. Azure SQL Managed Instance General Purpose

ANSWER:B

HOTSPOT -

You are planning an Azure Storage solution for sensitive data. The data will be accessed daily. The
dataset is less than 10 GB.

You need to recommend a storage solution that meets the following requirements:

✑ All the data written to storage must be retained for five years.

✑ Once the data is written, the data can only be read. Modifications and deletion must be prevented.

✑ After five years, the data can be deleted, but never modified.

✑ Data access charges must be minimized.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question #18Topic 2

HOTSPOT -

You are designing a data storage solution to support reporting.

The solution will ingest high volumes of data in the JSON format by using Azure Event Hubs. As the data
arrives, Event Hubs will write the data to storage. The solution must meet the following requirements:

✑ Organize data in directories by date and time.

✑ Allow stored data to be queried directly, transformed into summarized tables, and then stored in a
data warehouse.

✑ Ensure that the data warehouse can store 50 TB of relational data and support between 200 and 300
concurrent read operations.

Which service should you recommend for each type of data store? To answer, select the appropriate
options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Question #1Topic 3

You have SQL Server on an Azure virtual machine. The databases are written to nightly as part of a batch
process.

You need to recommend a disaster recovery solution for the data. The solution must meet the following
requirements:

✑ Provide the ability to recover in the event of a regional outage.

✑ Support a recovery time objective (RTO) of 15 minutes.

✑ Support a recovery point objective (RPO) of 24 hours.

✑ Support automated recovery.

✑ Minimize costs.

What should you include in the recommendation?

A. Azure virtual machine availability sets

B. Azure Disk Backup

C. an Always On availability group

D. Azure Site Recovery

ANSWER:D

Question #2Topic 3

HOTSPOT -

You plan to deploy the backup policy shown in the following exhibit.
Question #3Topic 3

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

You need to deploy resources to host a stateless web app in an Azure subscription. The solution must
meet the following requirements:

✑ Provide access to the full .NET framework.

Provide redundancy if an Azure region fails.

✑ Grant administrators access to the operating system to install custom application dependencies.

Solution: You deploy two Azure virtual machines to two Azure regions, and you create an Azure Traffic
Manager profile.

Does this meet the goal?

A. Yes Most Voted

B. No

aANSWER:A

Question #4Topic 3

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

You need to deploy resources to host a stateless web app in an Azure subscription. The solution must
meet the following requirements:

✑ Provide access to the full .NET framework.

✑ Provide redundancy if an Azure region fails.

✑ Grant administrators access to the operating system to install custom application dependencies.

Solution: You deploy two Azure virtual machines to two Azure regions, and you deploy an Azure
Application Gateway.

Does this meet the goal?

A. Yes

B. No

ANSWER:B

Question #5Topic 3

HOTSPOT -

You plan to create an Azure Storage account that will host file shares. The shares will be accessed from
on-premises applications that are transaction intensive.

You need to recommend a solution to minimize latency when accessing the file shares. The solution must
provide the highest-level of resiliency for the selected storage tier.

What should you include in the recommendation? To answer, select the appropriate options in the
answer area.

NOTE: Each correct selection is worth one point.

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

You need to deploy resources to host a stateless web app in an Azure subscription. The solution must
meet the following requirements:

✑ Provide access to the full .NET framework.

✑ Provide redundancy if an Azure region fails.

✑ Grant administrators access to the operating system to install custom application dependencies.

Solution: You deploy an Azure virtual machine scale set that uses autoscaling.

Does this meet the goal?

A. Yes

B. No

ANSWER:B

Question #7Topic 3

HOTSPOT -
You need to recommend an Azure Storage account configuration for two applications named
Application1 and Application2. The configuration must meet the following requirements:

✑ Storage for Application1 must provide the highest possible transaction rates and the lowest possible
latency.

✑ Storage for Application2 must provide the lowest possible storage costs per GB.

✑ Storage for both applications must be available in an event of datacenter failure.

✑ Storage for both applications must be optimized for uploads and downloads.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

ANSWER:

Question #8Topic 3

HOTSPOT -

You plan to develop a new app that will store business critical data. The app must meet the following
requirements:

✑ Prevent new data from being modified for one year.

✑ Maximize data resiliency.

✑ Minimize read latency.

What storage solution should you recommend for the app? To answer, select the appropriate options in
the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question #9Topic 3

You plan to deploy 10 applications to Azure. The applications will be deployed to two Azure Kubernetes
Service (AKS) clusters. Each cluster will be deployed to a separate Azure region.

The application deployment must meet the following requirements:

✑ Ensure that the applications remain available if a single AKS cluster fails.

✑ Ensure that the connection traffic over the internet is encrypted by using SSL without having to
configure SSL on each container.

Which service should you include in the recommendation?

A. Azure Front Door

B. Azure Traffic Manager

C. AKS ingress controller

D. Azure Load Balancer

ANSWER: A

Question #10Topic 3

HOTSPOT -

You have an on-premises file server that stores 2 TB of data files.

You plan to move the data files to Azure Blob Storage in the West Europe Azure region.

You need to recommend a storage account type to store the data files and a replication solution for the
storage account. The solution must meet the following requirements:

✑ Be available if a single Azure datacenter fails.

✑ Support storage tiers.

✑ Minimize cost.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question #11Topic 3

HOTSPOT -

You have an Azure web app named App1 and an Azure key vault named KV1.

App1 stores database connection strings in KV1.

App1 performs the following types of requests to KV1:

✑ Get

✑ List

✑ Wrap

✑ Delete

Unwrap -
✑ Backup

✑ Decrypt

✑ Encrypt

You are evaluating the continuity of service for App1.

You need to identify the following if the Azure region that hosts KV1 becomes unavailable:

✑ To where will KV1 fail over?

✑ During the failover, which request type will be unavailable?

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question #12Topic 3

DRAG DROP -

Your company identifies the following business continuity and disaster recovery objectives for virtual
machines that host sales, finance, and reporting applications in the company's on-premises data center:

✑ The sales application must be able to fail over to a second on-premises data center.

✑ The reporting application must be able to recover point-in-time data at a daily granularity. The RTO is
eight hours.

✑ The finance application requires that data be retained for seven years. In the event of a disaster, the
application must be able to run from Azure. The recovery time objective (RTO) is 10 minutes.

You need to recommend which services meet the business continuity and disaster recovery objectives.
The solution must minimize costs.

What should you recommend for each application? To answer, drag the appropriate services to the
correct applications. Each service may be used once, more than once, or not at all. You may need to drag
the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

Question #13Topic 3

You need to design a highly available Azure SQL database that meets the following requirements:

✑ Failover between replicas of the database must occur without any data loss.

✑ The database must remain available in the event of a zone outage.

✑ Costs must be minimized.

Which deployment option should you use?

A. Azure SQL Managed Instance Business Critical

B. Azure SQL Database Premium

C. Azure SQL Database Basic

D. Azure SQL Managed Instance General Purpose

ANSWER:D

Question #14Topic 3
You need to design a highly available Azure SQL database that meets the following requirements:

✑ Failover between replicas of the database must occur without any data loss.

✑ The database must remain available in the event of a zone outage.

✑ Costs must be minimized.

Which deployment option should you use?

A. Azure SQL Managed Instance Business Critical

B. Azure SQL Database Premium

C. Azure SQL Database Basic

D. Azure SQL Database Hyperscale

ANSWER B

Question #15Topic 3

Note: This question is part of a series of questions that present the same scenario. Each question in the
series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

You need to deploy resources to host a stateless web app in an Azure subscription. The solution must
meet the following requirements:

✑ Provide access to the full .NET framework.

✑ Provide redundancy if an Azure region fails.

✑ Grant administrators access to the operating system to install custom application dependencies.

Solution: You deploy a web app in an Isolated App Service plan.

Does this meet the goal?

ANSWER:B

Question #16Topic 3

You need to design a highly available Azure SQL database that meets the following requirements:

✑ Failover between replicas of the database must occur without any data loss.

✑ The database must remain available in the event of a zone outage.

✑ Costs must be minimized.

Which deployment option should you use?

A. Azure SQL Database Serverless

B. Azure SQL Database Business Critical

C. Azure SQL Database Basic

D. Azure SQL Database Standard

ANSWER: A

Question #1Topic 4

You have an Azure subscription that contains a Basic Azure virtual WAN named VirtualWAN1 and the
virtual hubs shown in the following table.

You have an ExpressRoute circuit in the US East Azure region.

You need to create an ExpressRoute association to VirtualWAN1.

What should you do first?

A. Upgrade VirtualWAN1 to Standard.

B. Create a gateway on Hub1.

C. Enable the ExpressRoute premium add-on.

D. Create a hub virtual network in US East.

ANSWER:A

Question #2Topic 4

You have an Azure subscription that contains a storage account.

An application sometimes writes duplicate files to the storage account.

You have a PowerShell script that identifies and deletes duplicate files in the storage account.
Currently, the script is run manually after approval from the operations manager.

You need to recommend a serverless solution that performs the following actions:

✑ Runs the script once an hour to identify whether duplicate files exist

✑ Sends an email notification to the operations manager requesting approval to delete the duplicate
files

✑ Processes an email response from the operations manager specifying whether the deletion was
approved

✑ Runs the script if the deletion was approved

What should you include in the recommendation?

A. Azure Logic Apps and Azure Event Grid

B. Azure Logic Apps and Azure Functions Most Voted

C. Azure Pipelines and Azure Service Fabric

D. Azure Functions and Azure Batch

ANSWER:B

Question #3Topic 4

Your company has the infrastructure shown in the following table

The on-premises Active Directory domain syncs with Azure Active Directory (Azure AD).

Server1 runs an application named App1 that uses LDAP queries to verify user identities in the
on-premises Active Directory domain.

You plan to migrate Server1 to a virtual machine in Subscription1.

A company security policy states that the virtual machines and services deployed to Subscription1 must
be prevented from accessing the on-premises network.

You need to recommend a solution to ensure that App1 continues to function after the migration. The
solution must meet the security policy.

What should you include in the recommendation?

A. Azure AD Application Proxy

B. the Active Directory Domain Services role on a virtual machine

C. an Azure VPN gateway

D. Azure AD Domain Services (Azure AD DS)

ANSWER:D
Question #5Topic 4

You have an on-premises network and an Azure subscription. The on-premises network has several
branch offices.

A branch office in Toronto contains a virtual machine named VM1 that is configured as a file server.
Users access the shared files on VM1 from all the offices.

You need to recommend a solution to ensure that the users can access the shared files as quickly as
possible if the Toronto branch office is inaccessible.

What should you include in the recommendation?

A. a Recovery Services vault and Windows Server Backup

B. Azure blob containers and Azure File Sync

C. a Recovery Services vault and Azure Backup

D. an Azure file share and Azure File Sync

ANSWER:D

Question #6Topic 4

HOTSPOT -

You have an Azure subscription named Subscription1 that is linked to a hybrid Azure Active Directory
(Azure AD) tenant.

You have an on-premises datacenter that does NOT have a VPN connection to Subscription1. The
datacenter contains a computer named Server1 that has

Microsoft SQL Server 2016 installed. Server is prevented from accessing the internet.

An Azure logic app resource named LogicApp1 requires write access to a database on Server1.

You need to recommend a solution to provide LogicApp1 with the ability to access Server1.

What should you recommend deploying on-premises and in Azure? To answer, select the appropriate
options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Question #7Topic 4

HOTSPOT -

Your company develops a web service that is deployed to an Azure virtual machine named VM1. The
web service allows an API to access real-time data from

VM1.

The current virtual machine deployment is shown in the Deployment exhibit.

The chief technology officer (CTO) sends you the following email message: "Our developers have
deployed the web service to a virtual machine named VM1.

Testing has shown that the API is accessible from VM1 and VM2. Our partners must be able to connect
to the API over the Internet. Partners will use this data in applications that they develop."

You deploy an Azure API Management (APIM) service. The relevant API Management configuration is
shown in the API exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:
Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

Microsoft
Exam Questions AZ-305
Designing Microsoft Azure Infrastructure Solutions

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

NEW QUESTION 1
- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to
Azure connectivity.
Several VMs are exhibiting network connectivity issues.
You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs. Solution: Use the Azure Advisor to analyze the
network traffic.
Does the solution meet the goal?

A. Yes
B. No

Answer: B

Explanation:
Instead use Azure Network Watcher to run IP flow verify to analyze the network traffic.
Note: Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration
and usage telemetry and then recommends solutions that can help you improve the cost effectiveness, performance, high availability, and security of your Azure
resources.
With Advisor, you can:
Get proactive, actionable, and personalized best practices recommendations.
Improve the performance, security, and high availability of your resources, as you identify opportunities to reduce your overall Azure spend.
Get recommendations with proposed actions inline. Reference:
https://docs.microsoft.com/en-us/azure/advisor/advisor-overview

NEW QUESTION 2
- (Exam Topic 4)
You have an Azure subscription. The subscription has a blob container that contains multiple blobs. Ten users in the finance department of your company plan to
access the blobs during the month of April. You need to recommend a solution to enable access to the blobs during the month of April only. Which security solution
should you include in the recommendation?

A. shared access signatures (SAS)

B. access keys
C. conditional access policies
D. certificates

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
This allows for limited-time fine grained access control to resources. So you can generate URL, specify duration (for month of April) and disseminate URL to 10
team members. On May 1, the SAS token is automatically invalidated, denying team members continued access.

NEW QUESTION 3
- (Exam Topic 4)
You store web access logs data in Azure Blob storage. You plan to generate monthly reports from the access logs.
You need to recommend an automated process to upload the data to Azure SQL Database every month. What should you include in the recommendation?

A. Azure Data Factory

B. Data Migration Assistant
C. Microsoft SQL Server Migration Assistant (SSMA)
D. AzCopy

Answer: A

Explanation:
Azure Data Factory is the platform that solves such data scenarios. It is the cloud-based ETL and data integration service that allows you to create data-driven
workflows for orchestrating data movement and transforming data at scale. Using Azure Data Factory, you can create and schedule data-driven workflows (called
pipelines) that can ingest data from disparate data stores. You can build complex ETL processes that transform data visually with data flows or by using compute
services such as Azure HDInsight Hadoop, Azure Databricks, and Azure SQL Database.
Reference:
https://docs.microsoft.com/en-gb/azure/data-factory/introduction

NEW QUESTION 4
- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same
time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must
reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using an Azure policy to enforce the resource group location. Does this meet the goal?

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

A. Yes
B. No

Answer: A

Explanation:
Azure Resource Policy Definitions can be used which can be applied to a specific Resource Group with the App Service instances.
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/overview

NEW QUESTION 5
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group'. Group i is configured Tor assigned
membership. Group I has 50 members. including 20 guest users.
You need To recommend a solution for evaluating the member ship of Group1. The solution must meet the following requirements:
• The evaluation must be repeated automatically every three months
• Every member must be able to report whether they need to be in Group1
• Users who report that they do not need to be in Group 1 must be removed from Group1 automatically
• Users who do not report whether they need to be m Group1 must be removed from Group1 automatically. What should you include in me recommendation?

A. implement Azure AU Identity Protection.

B. Change the Membership type of Group1 to Dynamic User.
C. Implement Azure AD Privileged Identity Management.
D. Create an access review.

Answer: D

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#learn-about-acces Have reviews recur periodically: You can set up
recurring access reviews of users at set frequencies such as
weekly, monthly, quarterly or annually, and the reviewers will be notified at the start of each review. Reviewers can approve or deny access with a friendly interface
and with the help of smart recommendations.
An administrator creates an access review of Group C with 50 member users and 25 guest users. Makes it a self-review. 50 licenses for each user as self-
reviewers.*
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#example-license-s
There are 4 requirements and every single one is only met by access reviews.
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview#when-should-you
Dynamic User is needed if a user must be automatically granted access on base of its attributes (department, jobtitle, location, etc.)
https://techcommunity.microsoft.com/t5/itops-talk-blog/dynamic-groups-in-azure-ad-and-microsoft-365/ba-p/22
Implementing Azure AD PIM is no solution and absolutely not necessary for access reviews. https://docs.microsoft.com/en-us/azure/active-
directory/governance/access-reviews-overview#where-do-you-cre

NEW QUESTION 6
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.
You have an internal web app named WebApp1 that is hosted on-premises. WebApp1 uses Integrated Windows authentication.
Some users work remotely and do NOT have VPN access to the on-premises network.
You need to provide the remote users with single sign-on (SSO) access to WebApp1.
Which two features should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Azure AD Application Proxy

B. Azure AD Privileged Identity Management (PIM)
C. Conditional Access policies
D. Azure Arc
E. Azure AD enterprise applications
F. Azure Application Gateway

Answer: AC

Explanation:
A: Application Proxy is a feature of Azure AD that enables users to access on-premises web applications from a remote client. Application Proxy includes both the
Application Proxy service which runs in the cloud, and the Application Proxy connector which runs on an on-premises server.
You can configure single sign-on to an Application Proxy application.
C: Microsoft recommends using Application Proxy with pre-authentication and Conditional Access policies for remote access from the internet. An approach to
provide Conditional Access for intranet use is to modernize applications so they can directly authenticate with AAD.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-config-sso-how-to https://docs.microsoft.com/en-us/azure/active-directory/app-
proxy/application-proxy-deployment-plan

NEW QUESTION 7
- (Exam Topic 4)
You have an Azure subscription that contains two applications named App1 and App2. App1 is a sales processing application. When a transaction in App1
requires shipping, a message is added to an Azure Storage account queue, and then App2 listens to the queue for relevant transactions.
In the future, additional applications will be added that will process some of the shipping requests based on the specific details of the transactions.
You need to recommend a replacement for the storage account queue to ensure that each additional application will be able to read the relevant transactions.
What should you recommend?

A. one Azure Service Bus queue

B. one Azure Service Bus topic

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

C. one Azure Data Factory pipeline

D. multiple storage account queues

Answer: B

Explanation:
A queue allows processing of a message by a single consumer. In contrast to queues, topics and subscriptions provide a one-to-many form of communication in a
publish and subscribe pattern. It's useful for scaling to large numbers of recipients. Each published message is made available to each subscription registered with
the topic. Publisher sends a message to a topic and one or more subscribers receive a copy of the message, depending on filter rules set on these subscriptions.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-queues-topics-subscriptions

NEW QUESTION 8
- (Exam Topic 4)
You plan to deploy the backup policy shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

Solution:
https://docs.microsoft.com/en-us/azure/backup/backup-azure-vm-backup-faq#what-s-the-minimum-rpo-and-rto

Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 9
- (Exam Topic 4)
You plan to deploy an Azure web app named Appl that will use Azure Active Directory (Azure AD) authentication.
App1 will be accessed from the internet by the users at your company. All the users have computers that run Windows 10 and are joined to Azure AD.
You need to recommend a solution to ensure that the users can connect to App1 without being prompted for authentication and can access App1 only from
company-owned computers.
What should you recommend for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Solution:
Graphical user interface, text, application, chat or text message Description automatically generated
Box 1: An Azure AD app registration
Azure active directory (AD) provides cloud based directory and identity management services.You can use azure AD to manage users of your application and
authenticate access to your applications using azure active directory.
You register your application with Azure active directory tenant. Box 2: A conditional access policy
Conditional Access policies at their simplest are if-then statements, if a user wants to access a resource, then they must complete an action.
By using Conditional Access policies, you can apply the right access controls when needed to keep your organization secure and stay out of your user's way when
not needed.
Timeline Description automatically generated

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

Reference:
https://codingcanvas.com/using-azure-active-directory-authentication-in-your-web-application/ https://docs.microsoft.com/en-us/azure/active-directory/conditional-
access/overview https://docs.microsoft.com/en-us/powerapps/developer/data-platform/walkthrough-register-app-azure-active-dire "After consenting to use their
Dataverse account with the ISV's application, end users can connect to
Dataverse environment from external application. The consent form is not displayed again to other users after
the first user who has already consented to use the ISV's app. Apps registered in Azure Active Directory are multi-tenant, which implies that other Dataverse users
from other tenant can connect to their environment using the ISV's app."

Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 10
- (Exam Topic 4)
You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1.
You need to recommend a solution to meet the following requirements for the virtual machines that will run
App1:
Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to
an Azure key vault, Azure Logic Apps instances, and an Azure SQL database.
Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines.
Avoid storing secrets and certificates on the virtual machines. Which type of identity should you include in the recommendation?

A. a service principal that is configured to use a certificate

B. a system-assigned managed identity
C. a service principal that is configured to use a client secret
D. a user-assigned managed identity

Answer: D

Explanation:
Managed identities for Azure resources is a feature of Azure Active Directory.
User-assigned managed identity can be shared. The same user-assigned managed identity can be associated with more than one Azure resource.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

NEW QUESTION 11
- (Exam Topic 4)
Your company has 300 virtual machines hosted in a VMware environment. The virtual machines vary in size and have various utilization levels.
You plan to move all the virtual machines to Azure.
You need to recommend how many and what size Azure virtual machines will be required to move the current workloads to Azure. The solution must minimize
administrative effort.
What should you use to make the recommendation?

A. Azure Cost Management

B. Azure Pricing calculator
C. Azure Migrate
D. Azure Advisor

Answer: C

Explanation:
https://docs.microsoft.com/en-us/azure/migrate/migrate-appliance#collected-data---vmware
"Metadata discovered by the Azure Migrate appliance helps you to figure out whether servers are ready for migration to Azure, right-size servers, plans costs, and
analyze application dependencies".
https://docs.microsoft.com/en-us/learn/modules/design-your-migration-to-azure/2-plan-your-azure-migration

NEW QUESTION 12
- (Exam Topic 4)

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

You have an Azure subscription that contains a custom application named Application was developed by an external company named fabric, Ltd. Developers at
Fabrikam were assigned role-based access control (RBAV) permissions to the Application components. All users are licensed for the Microsoft 365 E5 plan.
You need to recommends a solution to verify whether the Faricak developers still require permissions to Application1. The solution must the following
requirements.
* To the manager of the developers, send a monthly email message that lists the access permissions to Application1.
* If the manager does not verify access permission, automatically revoke that permission.
* Minimize development effort. What should you recommend?

A. In Azure Active Directory (AD) Privileged Identity Management, create a custom role assignment for the Application1 resources
B. Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet
C. Create an Azure Automation runbook that runs the Get-AzureRmRoleAssignment cmdlet
D. In Azure Active Directory (Azure AD), create an access review of Application1

Answer: D

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-user-access-with-access-reviews Azure Active Directory (Azure AD) access reviews
enable organizations to efficiently manage group
memberships, access to enterprise applications, and role assignments. User's access can be reviewed on a regular basis to make sure only the right people have
continued access. Have reviews recur periodically: You can set up recurring access reviews of users at set frequencies such as weekly, monthly, quarterly or
annually, and the reviewers will be notified at the start of each review. Reviewers can approve or deny access with a friendly interface and with the help of smart
recommendations.
Why are access reviews important?
"Azure AD enables you to collaborate with users from inside your organization and with external users. Users can join groups, invite guests, connect to cloud apps,
and work remotely from their work or personal devices. The convenience of using self-service has led to a need for better access management capabilities."

NEW QUESTION 13
- (Exam Topic 4)
You need to design a solution that will execute custom C# code in response to an event routed to Azure Event Grid. The solution must meet the following
requirements:
The executed code must be able to access the private IP address of a Microsoft SQL Server instance that runs on an Azure virtual machine.
Costs must be minimized.
What should you include in the solution?

A. Azure Logic Apps in the integrated service environment

B. Azure Functions in the Dedicated plan and the Basic Azure App Service plan
C. Azure Logic Apps in the Consumption plan
D. Azure Functions in the Consumption plan

Answer: D

Explanation:
When you create a function app in Azure, you must choose a hosting plan for your app. There are three basic hosting plans available for Azure Functions:
Consumption plan, Premium plan, and Dedicated (App Service) plan.
For the Consumption plan, you don't have to pay for idle VMs or reserve capacity in advance. Connect to private endpoints with Azure Functions
As enterprises continue to adopt serverless (and Platform-as-a-Service, or PaaS) solutions, they often need a way to integrate with existing resources on a virtual
network. These existing resources could be databases, file storage, message queues or event streams, or REST APIs.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale https://techcommunity.microsoft.com/t5/azure-functions/connect-to-private-endpoints-with-
azure-functions/ba-p Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale#hosting-plans-comparison

NEW QUESTION 14
- (Exam Topic 4)
Your on-premises network contains a file server named Server1 that stores 500 GB of data. You need to use Azure Data Factory to copy the data from Server1 to
Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Solution:
Graphical user interface, text, application, email Description automatically generated
Box 1: Install a self-hosted integration runtime
The Integration Runtime is a customer-managed data integration infrastructure used by Azure Data Factory to provide data integration capabilities across different
network environments.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

Box 2: Create a pipeline

With ADF, existing data processing services can be composed into data pipelines that are highly available and managed in the cloud. These data pipelines can be
scheduled to ingest, prepare, transform, analyze, and publish data, and ADF manages and orchestrates the complex data and processing dependencies
References:
https://docs.microsoft.com/en-us/azure/machine-learning/team-data-science-process/move-sql-azure-adf https://docs.microsoft.com/pl-pl/azure/data-factory/tutorial-
hybrid-copy-data-tool
syu31svc 3 months, 4 weeks ago
https://docs.microsoft.com/en-us/azure/data-factory/create-self-hosted-integration-runtime?tabs=data-factory "A self-hosted integration runtime can run copy
activities between a cloud data store and a data store in a
private network"
https://docs.microsoft.com/en-us/azure/data-factory/introduction
"With Data Factory, you can use the Copy Activity in a data pipeline to move data from both on-premises and cloud source data stores to a centralization data
store in the cloud for further analysis"

Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 15
- (Exam Topic 4)
You have an on-premises network that uses an IP address space of 172.16.0.0/16. You plan to deploy 25 virtual machines to a new Azure subscription. You
identify the following technical requirements:
• All Azure virtual machines must be placed on the same subnet named Subnet1.
• All the Azure virtual machines must be able to communicate with all on-premises servers.
• The servers must be able to communicate between the on-premises network and Azure by using a site-to-site VPN.
You need to recommend a subnet design that meets the technical requirements.
What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnets. Each network address may be used
once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
NOTE: Each correct selection is worth one point.

Solution:

Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 16
- (Exam Topic 4)
You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server 2016 and Linux.
You need to use Azure Log Analytics design an alerting strategy for security-related events.
Which Log Analytics tables should you query? To answer, drag the appropriate tables to the correct log types. Each value may be used once, more than once, or
not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

Solution:
Graphical user interface, table Description automatically generated with medium confidence
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent
Windows Event logs --> Information sent to the Windows event logging system. Syslog --> Information sent to the Linux event logging system.

Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 17
- (Exam Topic 4)
You ate designing a SQL database solution. The solution will include 20 databases that will be 20 GB each and have varying usage patterns. You need to
recommend a database platform to host the databases. The solution must meet the following requirements:
• The compute resources allocated to the databases must scale dynamically.
• The solution must meet an SLA of 99.99% uptime.
• The solution must have reserved capacity.
• Compute charges must be minimized.
What should you include in the recommendation?

A. 20 databases on a Microsoft SQL server that runs on an Azure virtual machine

B. 20 instances of Azure SQL Database serverless
C. 20 databases on a Microsoft SQL server that runs on an Azure virtual machine in an availability set
D. an elastic pool that contains 20 Azure SQL databases

Answer: D

Explanation:
Azure SQL Database elastic pools are a simple, cost-effective solution for managing and scaling multiple databases that have varying and unpredictable usage
demands. The databases in an elastic pool are on a single server and share a set number of resources at a set price. Elastic pools in Azure SQL Database enable
SaaS developers to optimize the price performance for a group of databases within a prescribed budget while delivering performance elasticity for each database.
Guaranteed 99.995 percent uptime for SQL Database Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/elastic-pool-overview https://azure.microsoft.com/en-us/pricing/details/sql-database/elastic/
https://www.azure.cn/en-us/support/sla/virtual-machines/
https://techcommunity.microsoft.com/t5/azure-sql/optimize-price-performance-with-compute-auto-scaling-in-az

NEW QUESTION 18
- (Exam Topic 4)
You have 100 servers that run Windows Server 2012 R2 and host Microsoft SQL Server 2012 R2 instances. The instances host databases that have the following
characteristics:
The largest database is currently 3 TB. None of the databases will ever exceed 4 TB.
Stored procedures are implemented by using CLR.
You plan to move all the data from SQL Server to Azure.
You need to recommend an Azure service to host the databases. The solution must meet the following requirements:
Whenever possible, minimize management overhead for the migrated databases.
Minimize the number of database changes required to facilitate the migration.
Ensure that users can authenticate by using their Active Directory credentials.
What should you include in the recommendation?

A. Azure SQL Database single databases

B. Azure SQL Database Managed Instance
C. Azure SQL Database elastic pools
D. SQL Server 2016 on Azure virtual machines

Answer: B

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

Explanation:
References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instance
SQL Managed Instance allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database
changes. At the same time, SQL Managed Instance preserves all PaaS capabilities (automatic patching and version updates, automated backups, high availability)
that drastically reduce management overhead and TCO.
https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/transact-sql-tsql-differences-sql-server#clr https://docs.microsoft.com/en-gb/azure/azure-
sql/database/transact-sql-tsql-differences-sql-server#transact-sql-s

NEW QUESTION 19
- (Exam Topic 2)
You need to recommend a solution to meet the database retention requirement. What should you recommend?

A. Configure a long-term retention policy for the database.

B. Configure Azure Site Recovery.
C. Configure geo replication of the database.
D. Use automatic Azure SQL Database backups.

Answer: A

Explanation:
https://docs.microsoft.com/en-us/azure/azure-sql/database/long-term-retention-overview
In Azure SQL Database, you can configure a database with a long-term backup retention policy (LTR) to automatically retain the database backups in separate
Azure Blob storage containers for up to 10 years

NEW QUESTION 20
- (Exam Topic 1)
You migrate App1 to Azure. You need to ensure that the data storage for App1 meets the security and compliance requirement
What should you do?

A. Create an access policy for the blob

B. Modify the access level of the blob service.
C. Implement Azure resource locks.
D. Create Azure RBAC assignments.

Answer: A

Explanation:
Scenario: Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for
a period of three years.
As an administrator, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying
critical resources. The lock overrides any permissions the user might have.
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources

NEW QUESTION 21
......

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-305 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-305-exam-dumps.html (114 New Questions)

Thank You for Trying Our Product

We offer two products:

1st - We have Practice Tests Software with Actual Exam Questions

2nd - Questons and Answers in PDF Format

AZ-305 Practice Exam Features:

* AZ-305 Questions and Answers Updated Frequently

* AZ-305 Practice Questions Verified by Expert Senior Certified Staff

* AZ-305 Most Realistic Questions that Guarantee you a Pass on Your FirstTry

* AZ-305 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year

100% Actual & Verified — Instant Download, Please Click

Order The AZ-305 Practice Test Here

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Case Study -

This is a case study. Case studies are not timed separately. You can use as much exam time as you would
like to complete each case. However, there may be additional case studies and sections on this exam.
You must manage your time to ensure that you are able to complete all questions included on this exam
in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided
in the case study. Case studies might contain exhibits and other resources that provide more information
about the scenario that is described in the case study. Each question is independent of the other
questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers
and to make changes before you move to the next section of the exam. After you begin a new section,
you cannot return to this section.

To start the case study -

To display the first question in this case study, click the Next button. Use the buttons in the left pane to
explore the content of the case study before you answer the questions. Clicking these buttons displays
information such as business requirements, existing environment, and problem statements. If the case
study has an All Information tab, note that the information displayed is identical to the information
displayed on the subsequent tabs When you are ready to answer a question, click the Question button to
return to the question.

Overview -

Litware, Inc. is a medium-sized finance company that has a main office in Boston.

Existing Environment -

Identity Environment -

The network contains an Active Directory forest named litware.com that is linked to an Azure Active
Directory (Azure AD) tenant named litware.com. All users have Azure Active Directory Premium P2
licenses.

Litware has a second Azure AD tenant named dev.litware.com that is used as a development
environment.

The litware.com tenant has a Conditional Access policy named Capolicy1. Capolicy1 requires that when
users manage the Azure subscription for a production environment by using the Azure portal, they must
connect from a hybrid Azure AD-joined device.

Azure Environment -

Litware has 10 Azure subscriptions that are linked to the Litware.com tenant and five Azure subscriptions
that are linked to the dev.litware.com tenant. All the subscriptions are in an Enterprise Agreement (EA).

The litware.com tenant contains a custom Azure role-based access control (Azure RBAC) role named
Role1 that grants the DataActions read permission to the blobs and files in Azure Storage.

On-Premises Environment -

The on-premises network of Litware contains the resources shown in the following table.

Network Environment -

Litware has ExpressRoute connectivity to Azure.

Planned Changes and Requirements

Planned Changes -

Litware plans to implement the following changes:

Migrate DB1 and DB2 to Azure.

Migrate App1 to Azure virtual machines.

Migrate the external storage used by App1 to Azure Storage.

Deploy the Azure virtual machines that will host App1 to Azure dedicated hosts.

Authentication and Authorization Requirements

Litware identifies the following authentication and authorization requirements:

Only users that manage the production environment by using the Azure portal must connect from a
hybrid Azure AD-joined device and authenticate by using

Azure Multi-Factor Authentication (MFA).

The Network Contributor built-in RBAC role must be used to grant permissions to the network
administrators for all the virtual networks in all the Azure subscriptions.

To access the resources in Azure, App1 must use the managed identity of the virtual machines that will
host the app.

RBAC roles must be applied to management groups.

Resiliency Requirements -

Litware identifies the following resiliency requirements:

Once migrated to Azure, DB1 and DB2 must meet the following requirements:

- Maintain availability if two availability zones in the local Azure region fail.

- Fail over automatically.

- Minimize I/O latency.

App1 must meet the following requirements:

- Be hosted in an Azure region that supports availability zones.

- Be hosted on Azure virtual machines that support automatic scaling.

- Maintain availability if two availability zones in the local Azure region fail.

Security and Compliance Requirements

Litware identifies the following security and compliance requirements:

Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the
modification of new and existing data is prevented for a period of three years.
On-premises users and services must be able to access the Azure Storage account that will host the data
in App1.

Access to the public endpoint of the Azure Storage account that will host the App1 data must be
prevented.

All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE)
enabled.

App1 must NOT share physical hardware with other workloads.

Business Requirements -

Litware identifies the following business requirements:

Minimize administrative effort.

Minimize costs.

HOTSPOT -

You need to ensure that users managing the production environment are registered for Azure MFA and
must authenticate by using Azure MFA when they sign in to the Azure portal. The solution must meet the
authentication and authorization requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question 3 ( Testlet 2 )

Case Study -

To start the case study -

To display the first question in this case study, click the Next button. Use the buttons in the left pane to
explore the content of the case study before you answer the questions. Clicking these buttons displays
information such as business requirements, existing environment, and problem statements. If the case
study has an All Information tab, note that the information displayed is identical to the information
displayed on the subsequent tabs. When you are ready to answer a question, click the Question button
to return to the question.

Overview -

Fabrikam, Inc. is an engineering company that has offices throughout Europe. The company has a main
office in London and three branch offices in Amsterdam,

Berlin, and Rome.

Existing Environment: Active Directory Environment

The network contains two Active Directory forests named corp.fabrikam.com and rd.fabrikam.com.
There are no trust relationships between the forests.

Corp.fabrikam.com is a production forest that contains identities used for internal user and computer
authentication.

Rd.fabrikam.com is used by the research and development (R&D) department only. The R&D department
is restricted to using on-premises resources only.

Existing Environment: Network Infrastructure

Each office contains at least one domain controller from the corp.fabrikam.com domain. The main office
contains all the domain controllers for the rd.fabrikam.com forest.

All the offices have a high-speed connection to the internet.

An existing application named WebApp1 is hosted in the data center of the London office. WebApp1 is
used by customers to place and track orders. WebApp1 has a web tier that uses Microsoft Internet
Information Services (IIS) and a database tier that runs Microsoft SQL Server 2016. The web tier and the
database tier are deployed to virtual machines that run on Hyper-V.

The IT department currently uses a separate Hyper-V environment to test updates to WebApp1.

Fabrikam purchases all Microsoft licenses through a Microsoft Enterprise Agreement that includes
Software Assurance.

Existing Environment: Problem Statements

The use of WebApp1 is unpredictable. At peak times, users often report delays. At other times, many
resources for WebApp1 are underutilized.

Requirements: Planned Changes -

Fabrikam plans to move most of its production workloads to Azure during the next few years, including
virtual machines that rely on Active Directory for authentication.

As one of its first projects, the company plans to establish a hybrid identity model, facilitating an
upcoming Microsoft 365 deployment.

All R&D operations will remain on-premises.

Fabrikam plans to migrate the production and test instances of WebApp1 to Azure.

Requirements: Technical Requirements

Fabrikam identifies the following technical requirements:

Website content must be easily updated from a single point.

User input must be minimized when provisioning new web app instances.

Whenever possible, existing on-premises licenses must be used to reduce cost.

Users must always authenticate by using their corp.fabrikam.com UPN identity.

Any new deployments to Azure must be redundant in case an Azure region fails.

Whenever possible, solutions must be deployed to Azure by using the Standard pricing tier of Azure App
Service.

An email distribution group named IT Support must be notified of any issues relating to the directory
synchronization services.

In the event that a link fails between Azure and the on-premises network, ensure that the virtual
machines hosted in Azure can authenticate to Active Directory.

Directory synchronization between Azure Active Directory (Azure AD) and corp.fabrikam.com must not
be affected by a link failure between Azure and the on- premises network.

Requirements: Database Requirements

Fabrikam identifies the following database requirements:

Database metrics for the production instance of WebApp1 must be available for analysis so that
database administrators can optimize the performance settings.

To avoid disrupting customer access, database downtime must be minimized when databases are
migrated.

Database backups must be retained for a minimum of seven years to meet compliance requirements.

Requirements: Security Requirements

Fabrikam identifies the following security requirements:

Company information including policies, templates, and data must be inaccessible to anyone outside the
company.

Users on the on-premises network must be able to authenticate to corp.fabrikam.com if an internet link
fails.

Administrators must be able authenticate to the Azure portal by using their corp.fabrikam.com
credentials.

All administrative access to the Azure portal must be secured by using multi-factor authentication (MFA).

The testing of WebApp1 updates must not be visible to anyone outside the company.

HOTSPOT -

To meet the authentication requirements of Fabrikam, what should you include in the solution? To
answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Question 4 ( Testlet 2 )

Case Study -

To start the case study -

To display the first question in this case study, click the Next button. Use the buttons in the left pane to
explore the content of the case study before you answer the questions. Clicking these buttons displays
information such as business requirements, existing environment, and problem statements. If the case
study has an All Information tab, note that the information displayed is identical to the information
displayed on the subsequent tabs. When you are ready to answer a question, click the Question button
to return to the question.
Overview -

Fabrikam, Inc. is an engineering company that has offices throughout Europe. The company has a main
office in London and three branch offices in Amsterdam,

Berlin, and Rome.

Existing Environment: Active Directory Environment

The network contains two Active Directory forests named corp.fabrikam.com and rd.fabrikam.com.
There are no trust relationships between the forests.

Corp.fabrikam.com is a production forest that contains identities used for internal user and computer
authentication.

Rd.fabrikam.com is used by the research and development (R&D) department only. The R&D department
is restricted to using on-premises resources only.

Existing Environment: Network Infrastructure

Each office contains at least one domain controller from the corp.fabrikam.com domain. The main office
contains all the domain controllers for the rd.fabrikam.com forest.

All the offices have a high-speed connection to the internet.

The IT department currently uses a separate Hyper-V environment to test updates to WebApp1.

Fabrikam purchases all Microsoft licenses through a Microsoft Enterprise Agreement that includes
Software Assurance.

Existing Environment: Problem Statements

The use of WebApp1 is unpredictable. At peak times, users often report delays. At other times, many
resources for WebApp1 are underutilized.

Requirements: Planned Changes -

Fabrikam plans to move most of its production workloads to Azure during the next few years, including
virtual machines that rely on Active Directory for authentication.

As one of its first projects, the company plans to establish a hybrid identity model, facilitating an
upcoming Microsoft 365 deployment.

All R&D operations will remain on-premises.

Fabrikam plans to migrate the production and test instances of WebApp1 to Azure.

Requirements: Technical Requirements

Fabrikam identifies the following technical requirements:

Website content must be easily updated from a single point.

User input must be minimized when provisioning new web app instances.

Whenever possible, existing on-premises licenses must be used to reduce cost.

Users must always authenticate by using their corp.fabrikam.com UPN identity.

Any new deployments to Azure must be redundant in case an Azure region fails.

Whenever possible, solutions must be deployed to Azure by using the Standard pricing tier of Azure App
Service.

An email distribution group named IT Support must be notified of any issues relating to the directory
synchronization services.

In the event that a link fails between Azure and the on-premises network, ensure that the virtual
machines hosted in Azure can authenticate to Active Directory.

Directory synchronization between Azure Active Directory (Azure AD) and corp.fabrikam.com must not
be affected by a link failure between Azure and the on- premises network.

Requirements: Database Requirements

Fabrikam identifies the following database requirements:

Database metrics for the production instance of WebApp1 must be available for analysis so that
database administrators can optimize the performance settings.

To avoid disrupting customer access, database downtime must be minimized when databases are
migrated.

Database backups must be retained for a minimum of seven years to meet compliance requirements.

Requirements: Security Requirements

Fabrikam identifies the following security requirements:

Company information including policies, templates, and data must be inaccessible to anyone outside the
company.

Users on the on-premises network must be able to authenticate to corp.fabrikam.com if an internet link
fails.

Administrators must be able authenticate to the Azure portal by using their corp.fabrikam.com
credentials.

All administrative access to the Azure portal must be secured by using multi-factor authentication (MFA).
The testing of WebApp1 updates must not be visible to anyone outside the company.

You need to recommend a notification solution for the IT Support distribution group.

What should you include in the recommendation?

A. a SendGrid account with advanced reporting

B. an action group

C. Azure Network Watcher

D. Azure AD Connect Health

answer:D

Identity Requirements -

Contoso identifies the following requirements for managing Fabrikam access to resources:

Every month, an account manager at Fabrikam must review which Fabrikam users have access
permissions to App1. Accounts that no longer need permissions must be removed as guests.

The solution must minimize development effort.

Security Requirement -

All secrets used by Azure services must be stored in Azure Key Vault.

Services that require credentials must have the credentials tied to the service instance. The credentials
must NOT be shared between services.

HOTSPOT -

What should you implement to meet the identity requirements? To answer, select the appropriate
options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:
Security Requirement -

All secrets used by Azure services must be stored in Azure Key Vault.

Services that require credentials must have the credentials tied to the service instance. The credentials
must NOT be shared between services.

What should you recommend to meet the monitoring requirements for App2?

A. VM insights

B. Azure Application Insights

C. Microsoft Sentinel

D. Container insights

ANSWER: B

Question 8 ( Question Set 1 )

You have an Azure subscription that contains a custom application named Application1. Application1 was
developed by an external company named Fabrikam,

Ltd. Developers at Fabrikam were assigned role-based access control (RBAC) permissions to the
Application1 components. All users are licensed for the

Microsoft 365 E5 plan.

You need to recommend a solution to verify whether the Fabrikam developers still require permissions
to Application1. The solution must meet the following requirements:

✑ To the manager of the developers, send a monthly email message that lists the access permissions to
Application1.

✑ If the manager does not verify an access permission, automatically revoke that permission.

✑ Minimize development effort.

What should you recommend?

A. In Azure Active Directory (Azure AD), create an access review of Application1.

B. Create an Azure Automation runbook that runs the Get-AzRoleAssignment cmdlet.

C. In Azure Active Directory (Azure AD) Privileged Identity Management, create a custom role assignment
for the Application1 resources.

D. Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet.

ANSWER:A

Question 14 ( Question Set 1 )

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is deployed and
configured for on-premises to Azure connectivity.

Several virtual machines exhibit network connectivity issues.

You need to analyze the network traffic to identify whether packets are being allowed or denied to the
virtual machines.

Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic.

Does this meet the goal?

A. Yes

B. No

ANSWER:B

Question 15 ( Question Set 1 )

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is deployed and
configured for on-premises to Azure connectivity.

Several virtual machines exhibit network connectivity issues.

You need to analyze the network traffic to identify whether packets are being allowed or denied to the
virtual machines.

Solution: Use Azure Advisor to analyze the network traffic.

Does this meet the goal?

A. Yes

B. No

ANSWER:B

AZ-303 PrepAway
100% (1)
AZ-303 PrepAway
69 pages
Aindumps 2023-Jul-05 by Gabriel 107q Vce
No ratings yet
Aindumps 2023-Jul-05 by Gabriel 107q Vce
24 pages
Examtopics Microsoft's AZ-500 Topic4
No ratings yet
Examtopics Microsoft's AZ-500 Topic4
76 pages
SC100 - Copy1
No ratings yet
SC100 - Copy1
63 pages
Full Prep AZ900
No ratings yet
Full Prep AZ900
418 pages
Az 104 Ppses01b
No ratings yet
Az 104 Ppses01b
42 pages
AZ 104 Study Guide
No ratings yet
AZ 104 Study Guide
1,139 pages
Ai-102 8
No ratings yet
Ai-102 8
28 pages
Az-305 00
0% (1)
Az-305 00
10 pages
Ai-102 2
No ratings yet
Ai-102 2
24 pages
Azure Administrator Exam Guide
No ratings yet
Azure Administrator Exam Guide
6 pages
Az 305
No ratings yet
Az 305
76 pages
Exam AZ 305 1
No ratings yet
Exam AZ 305 1
8 pages
Microsoft Azure AI-102 Practice Tests PDF
No ratings yet
Microsoft Azure AI-102 Practice Tests PDF
177 pages
Ai-102 6
No ratings yet
Ai-102 6
34 pages
AZ900 Question Bank
No ratings yet
AZ900 Question Bank
134 pages
Dynamics & Azure Certification Guide
No ratings yet
Dynamics & Azure Certification Guide
1 page
Microsoft Certified Azure Ai Engineer Associate Skills Measured
No ratings yet
Microsoft Certified Azure Ai Engineer Associate Skills Measured
3 pages
Ai 900
No ratings yet
Ai 900
168 pages
04 Microsoft - Passguide.az-305.pdf - Exam.2023-Jun-18.by - Perry.151q.vce
No ratings yet
04 Microsoft - Passguide.az-305.pdf - Exam.2023-Jun-18.by - Perry.151q.vce
35 pages
How CMOs Are Using AI To Transform Their Strategies EMARKETER
No ratings yet
How CMOs Are Using AI To Transform Their Strategies EMARKETER
9 pages
AZ-104 Exam Part 2 Edited
No ratings yet
AZ-104 Exam Part 2 Edited
806 pages
Microsoft - Az 400.VJul 2024.by .Yan .197q
No ratings yet
Microsoft - Az 400.VJul 2024.by .Yan .197q
154 pages
AZ-104T00A-ENU-11 - Administer Monitoring
No ratings yet
AZ-104T00A-ENU-11 - Administer Monitoring
30 pages
AI-102 Exam Prep for Developers
No ratings yet
AI-102 Exam Prep for Developers
13 pages
Az-104 2
No ratings yet
Az-104 2
57 pages
Microsoft - Az 400.LAB .VMay 2024.by .Ancher.126q
No ratings yet
Microsoft - Az 400.LAB .VMay 2024.by .Ancher.126q
116 pages
AZ-305 Exam: Azure Infrastructure Solutions
No ratings yet
AZ-305 Exam: Azure Infrastructure Solutions
45 pages
Az 120 Full
No ratings yet
Az 120 Full
258 pages
SC 200
No ratings yet
SC 200
68 pages
Pass Microsoft AZ-104 Exam With 100% Guarantee
No ratings yet
Pass Microsoft AZ-104 Exam With 100% Guarantee
8 pages
Azure Exam Prep for IT Professionals
No ratings yet
Azure Exam Prep for IT Professionals
47 pages
Sample AZ-104
No ratings yet
Sample AZ-104
7 pages
07 - Ai-900 71-90
No ratings yet
07 - Ai-900 71-90
6 pages
005 Administer Governance and Compliance
No ratings yet
005 Administer Governance and Compliance
36 pages
AZ-104T00A-02-Governance and Compliance
No ratings yet
AZ-104T00A-02-Governance and Compliance
34 pages
Azure Certification Exam Prep
No ratings yet
Azure Certification Exam Prep
28 pages
Azure Architect Exam Prep Guide
No ratings yet
Azure Architect Exam Prep Guide
50 pages
Azure DevOps Exam Guide
No ratings yet
Azure DevOps Exam Guide
18 pages
Microsoft AZ-304 Exam Prep Guide
No ratings yet
Microsoft AZ-304 Exam Prep Guide
197 pages
AZ-305 Exam - Free Actual Q&As
No ratings yet
AZ-305 Exam - Free Actual Q&As
6 pages
AZ-104 - Ans
No ratings yet
AZ-104 - Ans
112 pages
Up To Date 70-532 PDF Exam Demo
100% (4)
Up To Date 70-532 PDF Exam Demo
14 pages
Latest Microsoft AZ-103 Dumps Questions
100% (3)
Latest Microsoft AZ-103 Dumps Questions
28 pages
Microsoft Azure AI Fundamentals: AI-900
No ratings yet
Microsoft Azure AI Fundamentals: AI-900
2 pages
Case Study Questions - Yes&No
No ratings yet
Case Study Questions - Yes&No
39 pages
Azure AD for IT Professionals
No ratings yet
Azure AD for IT Professionals
25 pages
Az 104 May
No ratings yet
Az 104 May
222 pages
Azure AI-102 Exam Success Guide
No ratings yet
Azure AI-102 Exam Success Guide
16 pages
Azure IOT Security PDF
No ratings yet
Azure IOT Security PDF
101 pages
Microsoft Az 801 Practice Test - Examgo
No ratings yet
Microsoft Az 801 Practice Test - Examgo
10 pages
AZ Question
No ratings yet
AZ Question
281 pages
AI 102T00A ENU PowerPoint - 03
No ratings yet
AI 102T00A ENU PowerPoint - 03
9 pages
Microsoft AZ-303 Exam Actual Questions: Topic 1 - Question Set 1
No ratings yet
Microsoft AZ-303 Exam Actual Questions: Topic 1 - Question Set 1
551 pages
Questions For Microsoft Az 140 Exam
No ratings yet
Questions For Microsoft Az 140 Exam
13 pages
Disable ARR Instance Affinity in Azure
100% (1)
Disable ARR Instance Affinity in Azure
560 pages
Az Ai 102
100% (1)
Az Ai 102
6 pages
"AZ-900 Dumps: VCE & PDF from SurePassExam"
No ratings yet
"AZ-900 Dumps: VCE & PDF from SurePassExam"
9 pages
305 Document
No ratings yet
305 Document
46 pages
Az 304
No ratings yet
Az 304
15 pages
Minimalism For Living, Family & Budgeting (PDFDrive)
100% (1)
Minimalism For Living, Family & Budgeting (PDFDrive)
154 pages
Lopifit Manual
100% (1)
Lopifit Manual
18 pages
Yuken India Limited: 2024 Research Report
No ratings yet
Yuken India Limited: 2024 Research Report
9 pages
AS350 B2 - Intro
100% (1)
AS350 B2 - Intro
25 pages
Brick Architecture of Lauri Baker
No ratings yet
Brick Architecture of Lauri Baker
25 pages
Calculus in Basketball 1
100% (1)
Calculus in Basketball 1
3 pages
Whistleblower Solutions for Firms
No ratings yet
Whistleblower Solutions for Firms
4 pages
Mechanical Reliability
No ratings yet
Mechanical Reliability
3 pages
Biogas: Rural India's Energy Solution
67% (3)
Biogas: Rural India's Energy Solution
37 pages
Lasam Revenue Strategy 2022-2024
No ratings yet
Lasam Revenue Strategy 2022-2024
2 pages
Cloud Security Engineer Course Outline
No ratings yet
Cloud Security Engineer Course Outline
4 pages
The Medical Science Liaison Career Guide How To Break Into Your First Role A Hiring Manager Reveals The Secrets For Success Official Test Bank
No ratings yet
The Medical Science Liaison Career Guide How To Break Into Your First Role A Hiring Manager Reveals The Secrets For Success Official Test Bank
402 pages
Pedagogy of The Oppressed - Quotes and Reflection
No ratings yet
Pedagogy of The Oppressed - Quotes and Reflection
2 pages
Differences Between Face Up Blackjack and Regular Blackjack
No ratings yet
Differences Between Face Up Blackjack and Regular Blackjack
2 pages
English and Chinese Reader
No ratings yet
English and Chinese Reader
299 pages
Tests ICT 2024-2025 1 Семестр (Common)
No ratings yet
Tests ICT 2024-2025 1 Семестр (Common)
307 pages
Aqa 2011 Past Paper
No ratings yet
Aqa 2011 Past Paper
14 pages
WWG - Maiden of The High Seas - Props - Instructions
No ratings yet
WWG - Maiden of The High Seas - Props - Instructions
22 pages
Mineral Resources of West Bengal
No ratings yet
Mineral Resources of West Bengal
22 pages
Applied Mechanics (Dynamics)
No ratings yet
Applied Mechanics (Dynamics)
2 pages
Orrifice
No ratings yet
Orrifice
5 pages
Comments/Remarks:: Name: Tupas, Re Charles
No ratings yet
Comments/Remarks:: Name: Tupas, Re Charles
3 pages
5 Amazing Tech Projects To DO
No ratings yet
5 Amazing Tech Projects To DO
1 page
Product Data Sheet: Circuit Breaker Masterpact NW12H1 - 1250 A - 3 Poles - Drawout - W/o Trip Unit
No ratings yet
Product Data Sheet: Circuit Breaker Masterpact NW12H1 - 1250 A - 3 Poles - Drawout - W/o Trip Unit
2 pages
Fortinet
0% (1)
Fortinet
8 pages
Sony Soundbar Manual
No ratings yet
Sony Soundbar Manual
2 pages
Action Plan School Based Reading Edited
100% (1)
Action Plan School Based Reading Edited
6 pages
S22 Winning - Motorrad Article
No ratings yet
S22 Winning - Motorrad Article
5 pages
Fe 5020 Manual
No ratings yet
Fe 5020 Manual
63 pages