Az-305 0
Az-305 0
Az-305 0
https://www.2passeasy.com/dumps/AZ-305/
NEW QUESTION 1
- (Exam Topic 5)
You have an Azure subscription that contains a storage account.
An application sometimes writes duplicate files to the storage account.
You have a PowerShell script that identifies and deletes duplicate files in the storage account. Currently, the script is run manually after approval from the
operations manager.
You need to recommend a serverless solution that performs the following actions:
Runs the script once an hour to identify whether duplicate files exist
Processes an email response from the operations manager specifying whether the deletion was approved
Runs the script if the deletion was approved
What should you include in the recommendation?
Answer: A
Explanation:
You can schedule a powershell script with Azure Logic Apps.
When you want to run code that performs a specific job in your logic apps, you can create your own function by using Azure Functions. This service helps you
create Node.js, C#, and F# functions so you don't have to build a complete app or infrastructure to run code. You can also call logic apps from inside Azure
functions. Azure Functions provides serverless computing in the cloud and is useful for performing tasks such as these examples:
Reference:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-azure-functions
NEW QUESTION 2
- (Exam Topic 5)
You plan to deploy the backup policy shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/backup/backup-azure-vm-backup-faq#what-s-the-minimum-rpo-and-rto
NEW QUESTION 3
- (Exam Topic 5)
You have an Azure Data Lake Storage account that contains 1,000 10-MB CSV files and an Azure Synapse Analytics dedicated SQL pool named sql1. You need
to load the files to sql1. The solution must meet the following requirements:
Maximize data load performance.
Eliminate the need to define external tables before the data loads. What should you use?
Answer: B
NEW QUESTION 4
- (Exam Topic 5)
You have an Azure virtual machine named VM1 that runs Windows Server 2019 and contains 500 GB of data files.
You are designing a solution that will use Azure Data Factory to transform the data files, and then load the files to Azure Data Lake Storage
What should you deploy on VM1 to support the design?
Answer: A
NEW QUESTION 5
- (Exam Topic 5)
You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server 2016 and Linux.
You need to use Azure Log Analytics design an alerting strategy for security-related events.
Which Log Analytics tables should you query? To answer, drag the appropriate tables to the correct log types. Each value may be used once, more than once, or
not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, table Description automatically generated with medium confidence
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent
Windows Event logs --> Information sent to the Windows event logging system. Syslog --> Information sent to the Linux event logging system.
NEW QUESTION 6
- (Exam Topic 5)
You architect a solution that calculates 3D geometry from height-map data. You have the following requirements:
Perform calculations in Azure.
Each node must communicate data to every other node.
Maximize the number of nodes to calculate multiple scenes as fast as possible.
Require the least amount of effort to implement. You need to recommend a solution.
Which two actions should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Answer: AC
NEW QUESTION 7
- (Exam Topic 5)
Your company currently has an application that is hosted on their on-premises environment. The application currently connects to two databases in the on-
premises environment. The databases are named whizlabdb1 and whizlabdb2.
You have to move the databases onto Azure. The databases have to support server-side transactions across both of the databases.
Solution: You decide to deploy the databases to an Azure SQL database-managed instance. Would this fulfill the requirement?
A. Yes
B. No
Answer: A
NEW QUESTION 8
- (Exam Topic 5)
Your company identifies the following business continuity and disaster recovery objectives for virtual machines that host sales, finance, and reporting application in
the company's on-premises data center.
•The finance application requires that data be retained for seven years. In the event of a disaster, the application must be able to run from Azure. The recovery in
objective (RTO) is 10 minutes,
• The reporting application must be able to recover point in-time data al a daily granularity. The RTO is eight hours.
•The sales application must be able to fail over to second on-premises data center.
You need to recommend which Azure services meet the business community and disaster recovery objectives. The solution must minimize costs.
What should you recommend for each application? To answer, drag the appropriate services to the correct application. Each service may be used owe. More than
once not at an You may need to drag the spin bar between panes or scroll 10 view content.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
1) Sales: Azure Site Recovery only
2) Finance: Azure Site Recovery and Azure Backup
3) Reporting: Azure Backup only
NEW QUESTION 9
- (Exam Topic 5)
Your company has an app named App1 that uses data from the on-premises Microsoft SQL Server databases shown in the following table.
App1 and the data are used on the first day of the month only. The data is not expected to grow more than 3% each year.
The company is rewriting App1 as an Azure web app and plans to migrate all the data to Azure. You need to migrate the data to Azure SQL Database. The
solution must minimize costs. Which service tier should you use?
Answer: C
Explanation:
DTU-based Standard supports databases up to 1 TB in size. Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tiers-dtu
NEW QUESTION 10
- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements:
Support rate limiting.
Balance requests between all instances.
Ensure that users can access the app in the event of a regional outage. Solution: You use Azure Application Gateway to provide access to the app. Does this
meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 10
- (Exam Topic 5)
You plan to deploy the backup policy shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application Description automatically generated
NEW QUESTION 12
- (Exam Topic 5)
A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with Microsoft Office 365 and an Azure subscription.
Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active Directory Domain Services (AD DS), and Azure AD Connect
Contoso has a partnership with a company named Fabrikam, Inc. Fabrikam has an Active Directory forest and an Office 365 tenant. Fabrikam has the same on-
premises identity infrastructure as Contoso.
A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure subscription of Contoso. The developers must be added to
the Contributor role for a resource in the Contoso subscription.
You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam developers. The solution must ensure that the Fabrikam
developers use their existing credentials to access resources.
What should you recommend?
A. Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.
B. Configure an organization relationship between the Office 365 tenants of Fabrikam and Contoso.
C. In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers.
D. Configure an AD FS relying party trust between the fabrikam and Contoso AD FS infrastructures.
Answer: A
Explanation:
Trust configurations - Configure trust from managed forests(s) or domain(s) to the administrative forest
A one-way trust is required from production environment to the admin forest.
Selective authentication should be used to restrict accounts in the admin forest to only logging on to the appropriate production hosts.
References:
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access
NEW QUESTION 16
- (Exam Topic 5)
Your company develops a web service that is deployed to an Azure virtual machine named VM1. The web service allows an API to access real-time data from
VM1.
The current virtual machine deployment is shown in the Deployment exhibit. (Click the Deployment tab).
The chief technology officer (CTO) sends you the following email message: “Our developers have deployed the web service to a virtual machine named VM1.
Testing has shown that the API is accessible from VM1 and VM2. Our partners must be able to connect to the API over the Internet. Partners will use this data in
applications that they develop.”
You deploy an Azure API Management (APIM) service. The relevant API Management configuration is shown in the API exhibit. (Click the API tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet
NEW QUESTION 20
- (Exam Topic 5)
Your on-premises network contains a file server named Server1 that stores 500 GB of data. You need to use Azure Data Factory to copy the data from Server1 to
Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, email Description automatically generated
Box 1: Install a self-hosted integration runtime
The Integration Runtime is a customer-managed data integration infrastructure used by Azure Data Factory to provide data integration capabilities across different
network environments.
Box 2: Create a pipeline
With ADF, existing data processing services can be composed into data pipelines that are highly available and managed in the cloud. These data pipelines can be
scheduled to ingest, prepare, transform, analyze, and publish data, and ADF manages and orchestrates the complex data and processing dependencies
References:
https://docs.microsoft.com/en-us/azure/machine-learning/team-data-science-process/move-sql-azure-adf https://docs.microsoft.com/pl-pl/azure/data-factory/tutorial-
hybrid-copy-data-tool
syu31svc 3 months, 4 weeks ago
https://docs.microsoft.com/en-us/azure/data-factory/create-self-hosted-integration-runtime?tabs=data-factory "A self-hosted integration runtime can run copy
activities between a cloud data store and a data store in a
private network"
https://docs.microsoft.com/en-us/azure/data-factory/introduction
"With Data Factory, you can use the Copy Activity in a data pipeline to move data from both on-premises and cloud source data stores to a centralization data
store in the cloud for further analysis"
NEW QUESTION 21
- (Exam Topic 5)
Your on-premises network contains a server named Server1 that runs an ASP.NET application named App1. You have a hybrid deployment of Azure Active
Directory (Azure AD).
You need to recommend a solution to ensure that users sign in by using their Azure AD account and Azure Multi-Factor Authentication (MFA) when they connect
to App1 from the internet.
Which three Azure services should you recommend be deployed and configured in sequence? To answer, move the appropriate services from the list of services
to the answer area and arrange them in the correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
AD Application Proxy
AD Enterprise Application AD Conditional access policy
https://thesleepyadmins.com/2019/02/
NEW QUESTION 22
- (Exam Topic 5)
You have the resources shown in the following table.
A. Azure Data Factory with Azure Cosmos DB and Azure Synapse Analytics connectors
B. Azure Synapse Analytics with PolyBase data loading
C. Azure Cosmos DB change feed
Answer: B
NEW QUESTION 25
- (Exam Topic 5)
You have an Azure App Service web app that uses a system-assigned managed identity.
You need to recommend a solution to store their settings of the web app as secrets in an Azure key vault The solution must meet the following requirements:
• Minimize changes to the app code,
• Use the principle of least privilege.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 29
- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing an Azure solution for a company that has four departments. Each department will deploy several Azure app services and Azure SQL databases.
You need to recommend a solution to report the costs for each department to deploy the app services and the databases. The solution must provide a
consolidated view for cost reporting that displays cost broken down by department.
Solution: Create a separate resource group for each department. Place the resources for each department in its respective resource group.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Instead create a resources group for each resource type. Assign tags to each resource group.
Note: Tags enable you to retrieve related resources from different resource groups. This approach is helpful when you need to organize resources for billing or
management.
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags
NEW QUESTION 32
- (Exam Topic 5)
You have an Azure subscription that contains a Basic Azure virtual WAN named Virtual/WAN1 and the virtual hubs shown in the following table.
Answer: A
Explanation:
US East and US West are in the same geopolitical region so there is no need for enabling ExpressRoute premium add-on https://docs.microsoft.com/en-
us/azure/virtual-wan/virtual-wan-about#basicstandard
The current config of virtual WAN is only Basic as given, so it can connect to only site to site VPN, to connect to express route it needs to be upgraded from basic
to standard.
https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about
https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about
NEW QUESTION 36
- (Exam Topic 5)
You are developing a sates application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will
process customer orders, billing, payment inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
Answer: D
NEW QUESTION 38
- (Exam Topic 5)
A company needs a datastore created in Azure for an application. Below are the key requirements for the data store.
Ability to store JSON based items
Ability to use SQL like queries on the datastore Ability to provide low latency access to data items
Which of the following would you consider as the data store?
Answer: B
NEW QUESTION 40
- (Exam Topic 5)
You plan to deploy an Azure App Service web app that will have multiple instances across multiple Azure regions.
You need to recommend a load balancing service for the planned deployment. The solution must meet the following requirements:
Maintain access to the app in the event of a regional outage.
Support Azure Web Application Firewall (WAF).
Support cookie-based affinity.
Support URL routing.
What should you include in the recommendation?
Answer: B
Explanation:
Azure Traffic Manager performs the global load balancing of web traffic across Azure regions, which have a regional load balancer based on Azure Application
Gateway. This combination gets you the benefits of Traffic Manager many routing rules and Application Gateway’s capabilities such as WAF, TLS termination,
path-based routing, cookie-based session affinity among others.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/features
NEW QUESTION 45
- (Exam Topic 5)
You have an Azure subscription.
You need to deploy an Azure Kubernetes Service (AKS) solution that will use Windows Server 2019 nodes. The solution must meet the following requirements:
Minimize the time it takes to provision compute resources during scale-out operations. Support autoscaling of Windows Server containers.
Which scaling option should you recommend?
A. cluster autoscaler
B. horizontal pod autoscaler
C. Kubernetes version 1.20.2 or newer
D. Virtual nodes with Virtual Kubelet ACI
Answer: D
Explanation:
Azure Container Instances (ACI) lets you quickly deploy container instances without additional infrastructure overhead. When you connect with AKS, ACI becomes
a secured, logical extension of your AKS cluster. The virtual nodes component, which is based on Virtual Kubelet, is installed in your AKS cluster that presents ACI
as a virtual Kubernetes node. Kubernetes can then schedule pods that run as ACI instances through virtual nodes, not as pods on VM nodes directly in your AKS
cluster.
Your application requires no modification to use virtual nodes. Deployments can scale across AKS and ACI and with no delay as cluster autoscaler deploys new
nodes in your AKS cluster.
Diagram Description automatically generated
NEW QUESTION 49
- (Exam Topic 5)
Your company has two on-premises sites in New York and Los Angeles and Azure virtual networks in the East US Azure region and the West US Azure region.
Each on-premises site has Azure ExpressRoute circuits to both regions.
You need to recommend a solution that meets the following requirements:
Outbound traffic to the Internet from workloads hosted on the virtual networks must be routed through the closest available on-premises site.
If an on-premises site fails, traffic from the workloads on the virtual networks to the Internet must reroute automatically to the other site.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, email Description automatically generated
An on-premises network gateway can exchange routes with an Azure virtual network gateway using the border gateway protocol (BGP). Using BGP with an Azure
virtual network gateway is dependent on the type you selected when you created the gateway. If the type you selected were: ExpressRoute: You must use BGP to
advertise on-premises routes to the Microsoft Edge router. You cannot create user-defined routes to force traffic to the ExpressRoute virtual network gateway if
you deploy a virtual network gateway deployed as type: ExpressRoute. You can use user-defined routes for forcing traffic from the Express Route to, for example,
a Network Virtual Appliance.
https://docs.microsoft.com/ja-jp/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepe https://docs.microsoft.com/en-
us/azure/expressroute/expressroute-optimize-routing#suboptimal-routing-from-cu
NEW QUESTION 51
- (Exam Topic 5)
You store web access logs data in Azure Blob storage. You plan to generate monthly reports from the access logs.
You need to recommend an automated process to upload the data to Azure SQL Database every month. What should you include in the recommendation?
Answer: A
Explanation:
Azure Data Factory is the platform that solves such data scenarios. It is the cloud-based ETL and data integration service that allows you to create data-driven
workflows for orchestrating data movement and transforming data at scale. Using Azure Data Factory, you can create and schedule data-driven workflows (called
pipelines) that can ingest data from disparate data stores. You can build complex ETL processes that transform data visually with data flows or by using compute
services such as Azure HDInsight Hadoop, Azure Databricks, and Azure SQL Database.
Reference:
https://docs.microsoft.com/en-gb/azure/data-factory/introduction
NEW QUESTION 53
- (Exam Topic 5)
You have 100 Microsoft SQL Server integration Services (SSIS) packages that are configured to use 10 on-premises SQL Server databases as their destinations.
You plan to migrate the 10 on-premises databases to Azure SQL Database
You need to recommend a solution to host the SSlS packages in Azure. The solution must ensure that the
packages can target the SQL Database instances as their destinations. What should you include in the recommendation?
Answer: D
Explanation:
https://docs.microsoft.com/bs-cyrl-ba/azure/sql-database/sql-database-managed-instance-migrate
Quote from that page "Azure SQL Database and SQL Server databases in an Azure Virtual Machine. DMS is the recommended method of migration for your
enterprise workloads.
If you use SQL Server Integration Services (SSIS) on your SQL Server on premises, DMS does not yet support migrating SSIS catalog (SSISDB) that stores SSIS
packages, but you can provision Azure-SSIS Integration Runtime (IR) in Azure Data Factory (ADF) that will create a new SSISDB in a managed instance and then
you can redeploy your packages to it, see Create Azure-SSIS IR in ADF.
To learn more about this scenario and configuration steps for DMS, see Migrate your on-premises database to managed instance using DMS."
https://docs.microsoft.com/en-us/azure/data-factory/how-to-migrate-ssis-job-ssms
NEW QUESTION 57
- (Exam Topic 5)
You have an on-premises network that uses on IP address space of 172.16.0.0/16 You plan to deploy 25 virtual machines to a new azure subscription.
You identity the following technical requirements.
All Azure virtual machines must be placed on the same subnet subnet1.
All the Azure virtual machines must be able to communicate with all on premises severs.
The servers must be able to communicate between the on-premises network and Azure by using a site to site VPN.
You need to recommend a subnet design that meets the technical requirements.
What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnet. Each network address may be used
once, more than once or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, application Description automatically generated
NEW QUESTION 62
- (Exam Topic 5)
You are designing an Azure Cosmos DB solution that will host multiple writable replicas in multiple Azure regions.
You need to recommend the strongest database consistency level for the design. The solution must meet the following requirements:
Provide a latency-based Service Level Agreement (SLA) for writes.
Support multiple regions.
Which consistency level should you recommend?
A. bounded staleness
B. strong
C. session
D. consistent prefix
Answer: A
Explanation:
Each level provides availability and performance tradeoffs. The following image shows the different consistency levels as a spectrum.
Timeline Description automatically generated
Note: The service offers comprehensive 99.99% SLAs which covers the guarantees for throughput, consistency, availability and latency for the Azure Cosmos DB
Database Accounts scoped to a single Azure region configured with any of the five Consistency Levels or Database Accounts spanning multiple Azure regions,
configured with any of the four relaxed Consistency Levels.
Reference:
https://azure.microsoft.com/en-us/support/legal/sla/cosmos-db/v1_3/
https://docs.microsoft.com/en-us/azure/cosmos-db/consistency-levels#consistency-levels-and-latency
NEW QUESTION 66
- (Exam Topic 5)
You plan to store data in Azure Blob storage for many years. The stored data will be accessed rarely.
You need to ensure that the data in Blob storage is always available for immediate access. The solution must minimize storage costs.
Which storage tier should you use?
A. Cool
B. Archive
C. Hot
Answer: A
Explanation:
Azure cool tier is equivalent to the Amazon S3 Infrequent Access (S3-IA) storage in AWS that provides a low cost high performance storage for infrequently
access data.
Note: Azure’s cool storage tier, also known as Azure cool Blob storage, is for infrequently-accessed data that needs to be stored for a minimum of 30 days.
Typical use cases include backing up data before tiering to archival systems, legal data, media files, system audit information, datasets used for big data analysis
and more.
The storage cost for this Azure cold storage tier is lower than that of hot storage tier. Since it is expected that the data stored in this tier will be accessed less
frequently, the data access charges are high when compared to hot tier. There are no additional changes required in your applications as these tiers can be
accessed using APIs in the same manner that you access Azure storage.
References:
https://cloud.netapp.com/blog/low-cost-storage-options-on-azure
NEW QUESTION 70
- (Exam Topic 5)
You are designing an Azure web app.
You plan to deploy the web app to the North Europe Azure region and the West Europe Azure region. You need to recommend a solution for the web app. The
solution must meet the following requirements:
Users must always access the web app from the North Europe region, unless the region fails.
The web app must be available to users if an Azure region is unavailable.
Deployment costs must be minimized.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, chat or text message Description automatically generated
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods#priority-traffic-routing
NEW QUESTION 75
- (Exam Topic 5)
You have an Azure subscription that contains the storage accounts shown in the following table.
You plan to implement two new apps that have the requirements shown in the following table.
Which storage accounts should you recommend using for each app? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview https://www.edureka.co/community/40011/different-storage-accounts-there-
major-difference-between https://insidemstech.com/tag/general-purpose-v2/
In conclusion the correct answers are: Box1 --> Storage1 and Storage3 only Box2 --> Storage1 and Storage4 only
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-create-file-share?tabs=azure-portal#basics
NEW QUESTION 76
- (Exam Topic 5)
Your company plans to publish APIs for its services by using Azure API Management. You discover that service responses include the AspNet-Version header.
You need to recommend a solution to remove AspNet-Version from the response of the published APIs. What should you include in the recommendation?
A. a new product
B. a modification to the URL scheme
C. a new policy
D. a new revision
Answer: C
Explanation:
References:
https://docs.microsoft.com/en-us/azure/api-management/transform-api
NEW QUESTION 81
- (Exam Topic 5)
You have to design a Data Engineering solution for your company. The company currently has an Azure subscription. They also have application data hosted in a
database on a Microsoft SQL Server hosted in their on-premises data center server. They want to implement the following requirements Transfer transactional
data from the on-premises SQL server onto a data warehouse in Azure. Data needs to be transferred every day in the night as a scheduled job
A managed Spark cluster needs to be in place for data engineers to perform analysis on the data stored in the SQL data warehouse. Here the data engineers
should have the ability to develop notebooks in Scale, R and Python.
They also need to have a data lake store in place for the ingestion of data from multiple data sources Which of the following would the use for hosting the data
warehouse in Azure?
Answer: D
NEW QUESTION 83
- (Exam Topic 5)
You are designing a message application that will run on an on-premises Ubuntu virtual machine. The application will use Azure Storage queues.
You need to recommend a processing solution for the application to interact with the storage queues. The solution must meet the following requirements:
Create and delete queues daily.
Be scheduled by using a CRON job.
Upload messages every five minutes.
What should developers use to interact with the queues?
A. Azure CLI
B. AzCopy
C. Azure Data Factory
D. .NET Core
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/queues/storage-tutorial-queues
NEW QUESTION 87
- (Exam Topic 5)
You have .NeT web service named service1 that has the following requirements.
Must read and write to the local file system.
Must write to the Windows Application event log.
You need to recommend a solution to host Service1 in Azure . The solution must meet the following requirements:
Minimize maintenance overhead.
Minimize costs.
What should you include in the recommendation?
Answer: A
Explanation:
https://social.msdn.microsoft.com/Forums/vstudio/en-US/294b9e3e-e89c-4095-b8d0-ee1646e77268/writing-to-l
NEW QUESTION 89
- (Exam Topic 5)
Your company has the divisions shown in the following table.
You plan to deploy a custom application to each subscription. The application will contain the following:
A resource group
An Azure web app
Custom role assignments
An Azure Cosmos DB account
You need to use Azure Blueprints to deploy the application to each subscription.
What is the minimum number of objects required to deploy the application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: 2
One management group for East, and one for West.
When creating a blueprint definition, you'll define where the blueprint is saved. Blueprints can be saved to a management group or subscription that you have
Contributor access to. If the location is a management group, the blueprint is available to assign to any child subscription of that management group.
Box 2: 2
Box 3: 4
One assignment for each subscription.
"Assigning a blueprint definition to a management group means the assignment object exists at the management group. The deployment of artifacts still targets a
subscription. To perform a management group assignment, the Create Or Update REST API must be used and the request body must include a value for
properties.scope to define the target subscription."
https://docs.microsoft.com/en-us/azure/governance/blueprints/overview#blueprint-assignment
NEW QUESTION 90
- (Exam Topic 5)
You plan to deploy an Azure App Service web app that will have multiple instances across multiple Azure regions.
You need to recommend a load balancing service for the planned deployment. The solution must meet the following requirements:
Maintain access to the app in the event of a regional outage.
Support Azure Web Application Firewall (WAF).
Support cookie-based affinity.
Support URL routing.
What should you include in the recommendation?
Answer: A
Explanation:
Azure Traffic Manager performs the global load balancing of web traffic across Azure regions, which have a regional load balancer based on Azure Application
Gateway. This combination gets you the benefits of Traffic Manager many routing rules and Application Gateway’s capabilities such as WAF, TLS termination,
path-based routing, cookie-based session affinity among others.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/features
NEW QUESTION 94
- (Exam Topic 5)
You have an app that generates 50,000 events daily.
You plan to Stream the events to an Azure event hub and use Event Hubs Capture to implement cold path processing Of the events Output Of Event Hubs
Capture will be
consumed by a reporting system.
You reed to identify which type of Azure storage must be provisioned to support Event Hubs Capture, and which inbound data format the reporting system must
support.
What should you identity? To answer. select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 95
- (Exam Topic 5)
You have an Azure subscription that contains a virtual network named VNET1 and 10 virtual machines. The virtual machines are connected to VNET1.
You need to design a solution to manage the virtual machines from the internet. The solution must meet the following requirements:
• Incoming connections to the virtual machines must be authenticated by using Azure Multi-Factor Authentication (MFA) before network connectivity is allowed.
• Incoming connections must use TLS and connect to TCP port 443.
• The solution must support RDP and SSH.
What should you Include In the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same
time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must
reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using an Azure policy initiative to enforce the location. Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation:
Azure Resource Policy Definitions can be used which can be applied to a specific Resource Group with the App Service instances.
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/overview
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, chat or text message Description automatically generated
Box 1: An Azure SQL Database single database.
SQL Server Managed instance versus SQL Server Virtual Machines Active geo-replication is not supported by Azure SQL Managed Instance. Box 2: Active geo-
replication
Active geo-replication is a feature that lets you to create a continuously synchronized readable secondary database for a primary database. The readable
secondary database may be in the same Azure region as the primary, or, more commonly, in a different region. This kind of readable secondary databases are
also known as geo-secondaries, or geo-replicas.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/active-geo-replication-overview
Answer: D
Explanation:
If you are looking for Transport Layer Security (TLS) protocol termination ("SSL offload") or per-HTTP/HTTPS
request, application-layer processing, review Application Gateway.
Application Gateway is a layer 7 load balancer, which means it works only with web traffic (HTTP, HTTPS, WebSocket, and HTTP/2). It supports capabilities such
as SSL termination, cookie-based session affinity, and round robin for load-balancing traffic. Load Balancer load-balances traffic at layer 4 (TCP or UDP).
References:
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq
A. Yes
B. No
Answer: B
Explanation:
Instead use Azure Network Watcher to run IP flow verify to analyze the network traffic.
Note: Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration
and usage telemetry and then recommends solutions that can help you improve the cost effectiveness, performance, high availability, and security of your Azure
resources.
With Advisor, you can:
Get proactive, actionable, and personalized best practices recommendations.
Improve the performance, security, and high availability of your resources, as you identify opportunities to reduce your overall Azure spend.
Get recommendations with proposed actions inline. Reference:
https://docs.microsoft.com/en-us/azure/advisor/advisor-overview
Answer: C
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Answer: A
Explanation:
Buy reserved capacity
Sign in to the Azure portal.
Select All services > Reservations.
Select Add and then in the Purchase Reservations pane, select SQL Database to purchase a new reservation for SQL Database.
Fill in the required fields. Existing databases in SQL Database and SQL Managed Instance that match the attributes you select qualify to get the reserved
capacity discount. The actual number of databases or managed instances that get the discount depends on the scope and quantity selected.
Graphical user interface, text Description automatically generated
Review the cost of the capacity reservation in the Costs section. Select Purchase.
Select View this Reservation to see the status of your purchase.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/reserved-capacity-overview
Answer: C
Explanation:
With Azure Blueprints, the relationship between the blueprint definition (what should be deployed) and the blueprint assignment (what was deployed) is preserved.
This connection supports improved tracking and auditing of deployments. Azure Blueprints can also upgrade several subscriptions at once that are governed by
the same blueprint.
Reference:
https://docs.microsoft.com/en-us/answers/questions/26851/how-is-azure-blue-prints-different-from-resource-m.h
Answer: B
Explanation:
A queue allows processing of a message by a single consumer. In contrast to queues, topics and subscriptions provide a one-to-many form of communication in a
publish and subscribe pattern. It's useful for scaling to large numbers of recipients. Each published message is made available to each subscription registered with
the topic. Publisher sends a message to a topic and one or more subscribers receive a copy of the message, depending on filter rules set on these subscriptions.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-queues-topics-subscriptions
Answer: C
A. Yes
B. No
Answer: B
Explanation:
Instead use Azure Network Watcher IP Flow Verify, which allows you to detect traffic filtering issues at a VM level.
Note: IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local
port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be
chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview https://docs.microsoft.com/en-us/azure/network-watcher/traffic-
analytics
Answer: D
Explanation:
This Azure service supports migration in the offline mode for applications that can afford downtime during the migration process. Unlike the continuous migration in
online mode, offline mode migration runs a one-time restore of a full database backup from the source to the target
https://learn.microsoft.com/en-us/azure/azure-sql/migration-guides/managed-instance/sql-server-to-managed-ins
A. Yes
B. No
Answer: B
Explanation:
Instead use Azure Network Watcher to run IP flow verify to analyze the network traffic. Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview https://docs.microsoft.com/en-us/azure/network-watcher/network-
watcher-ip-flow-verify-overview
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Account Type: StorageV2
Replication solution: Zone-redundant storage (ZRS) https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy#supported-azure-storage-services https://docs.microsoft.com/en-
us/azure/storage/common/storage-account-overview#types-of-storage-accounts Data must be available if a single Azure datacenter fails. It means the storage
account must support ZRS replication. Also, solution should support storage tiers. Only General-purpose V2 supports ZRS and storage tiers.
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, email Description automatically generated
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-windows-events https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agent-
windows
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: BlockBlobStorage
Block Blob is a premium storage account type for block blobs and append blobs. Recommended for scenarios with high transactions rates, or scenarios that use
smaller objects or require consistently low storage latency.
Box 2: Blob
The Archive tier is an offline tier for storing blob data that is rarely accessed. The Archive tier offers the lowest storage costs, but higher data retrieval costs and
latency compared to the online tiers (Hot and Cool). Data must remain in the Archive tier for at least 180 days or be subject to an early deletion charge.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/archive-blob
• Only allow the creation of specific sizes of virtual machines. What should you include in the recommendation?
Answer: D
Explanation:
https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manage https://docs.microsoft.com/en-us/azure/cloud-adoption-
framework/manage/azure-server-management/common
Which storage type should you recommend for each data type? To answer, drag the appropriate storage types to the correct data types. Each storage type may be
used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, email Description automatically generated
Answer: C
Explanation:
Azure Container Instances enables a layered approach to orchestration, providing all of the scheduling and management capabilities required to run a single
container, while allowing orchestrator platforms to manage multi-container tasks on top of it.
Because the underlying infrastructure for container instances is managed by Azure, an orchestrator platform does not need to concern itself with finding an
appropriate host machine on which to run a single container.
Azure Container Instances can schedule both Windows and Linux containers with the same API. Orchestration of container instances exclusively
Because they start quickly and bill by the second, an environment based exclusively on Azure Container Instances offers the fastest way to get started and to deal
Answer: C
Explanation:
"Azure Front Door, which focuses on global load-balancing and site acceleration, and Azure CDN Standard, which offers static content caching and acceleration.
The new Azure Front Door brings together security with CDN technology for a cloud-based CDN with threat protection and additional capabilities. "
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application Description automatically generated
Box 1: BloblBlobStorage with Premium performance and Zone-redundant storage (ZRS) replication.
BlockBlobStorage accounts: Storage accounts with premium performance characteristics for block blobs and append blobs. Recommended for scenarios with high
transactions rates, or scenarios that use smaller objects or require consistently low storage latency.
Premium: optimized for high transaction rates and single-digit consistent storage latency. Box 2: General purpose v2 with Standard performance..
General-purpose v2 accounts: Basic storage account type for blobs, files, queues, and tables. Recommended for most scenarios using Azure Storage.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview
https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
App1 and the data are used on the first day of the month only. The data is not expected to grow more than 3% each year.
The company is rewriting App1 as an Azure web app and plans to migrate all the data to Azure. You need to migrate the data to Azure SQL Database. The
solution must minimize costs. Which service tier should you use?
Answer: C
Explanation:
DTU-based Standard supports databases up to 1 TB in size. Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tiers-dtu
You need to deploy a new Azure Firewall policy that will contain mandatory rules for all Azure Firewall deployments. The new policy will be configured as a parent
policy for the existing policies.
What is the minimum number of additional Azure Firewall policies you should create?
A. 1
B. 2
C. 3
Answer: B
Explanation:
Firewall policies work across regions and subscriptions. Place all your global configurations in the parent policy.
Note: Policies can be created in a hierarchy. You can create a parent/global policy that will contain configurations and rules that will apply to all/a number of firewall
instances. Then you create a child policy that inherits from the parent; note that rules changes in the parent instantly appear in the child. The child is associated
with a firewall and applies configurations/rules from the parent policy and the child policy instantly to the firewall.
Reference: https://aidanfinn.com/?p=22006
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, email Description automatically generated
Box 1: Azure Network Watcher
Traffic Analytics is a cloud-based solution that provides visibility into user and application activity in cloud networks. Traffic analytics analyzes Network Watcher
network security group (NSG) flow logs to provide
insights into traffic flow in your Azure cloud. With traffic analytics, you can:
Identify security threats to, and secure your network, with information such as open-ports, applications attempting internet access, and virtual machines (VM)
connecting to rogue networks.
Visualize network activity across your Azure subscriptions and identify hot spots.
Understand traffic flow patterns across Azure regions and the internet to optimize your network deployment for performance and capacity.
Pinpoint network misconfigurations leading to failed connections in your network. Box 2: Azure Service Map
Service Map automatically discovers application components on Windows and Linux systems and maps the communication between services. With Service Map,
you can view your servers in the way that you think of them: as interconnected systems that deliver critical services. Service Map shows connections between
servers, processes, inbound and outbound connection latency, and ports across any TCP-connected architecture, with no configuration required other than the
installation of an agent.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics https://docs.microsoft.com/en-us/azure/azure-monitor/insights/service-map
A. Always Encrypted
B. Azure Advanced Threat Protection
C. Transparent Data Encryption
D. Dynamic Data Masking
Answer: A
Explanation:
https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine
A. Yes
B. No
Answer: B
Explanation:
Instead use Azure Network Watcher to run IP flow verify to analyze the network traffic.
Note: Wire Data looks at network data at the application level, not down at the TCP transport layer. The solution doesn't look at individual ACKs and SYNs.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview https://docs.microsoft.com/en-us/azure/network-watcher/network-
watcher-ip-flow-verify-overview
Answer: A
Answer: B
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/azure-sql/database/long-term-retention-overview
In Azure SQL Database, you can configure a database with a long-term backup retention policy (LTR) to automatically retain the database backups in separate
Azure Blob storage containers for up to 10 years
A. Move all the domain controllers from corp.fabrikam.com to virtual networks in Azure.
B. Deploy domain controllers for corp.fabrikam.com to virtual networks in Azure.
C. Deploy a new Azure AD tenant for the authentication of new R&D projects.
D. Deploy domain controllers for the rd.fabrikam.com forest to virtual networks in Azure.
Answer: B
Explanation:
Directory synchronization between Azure Active Directory (Azure AD) and corp.fabrikam.com must not be affected by a link failure between Azure and the on-
premises network. (This requires domain controllers in Azure)
Users on the on-premises network must be able to authenticate to corp.fabrikam.com if an Internet link fails. (This requires domain controllers on-premises)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
A picture containing text Description automatically generated
Scenario: All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE) enabled.
Step 1: Create an Azure policy definition that uses the deployIfNotExists identity.
The first step is to define the roles that deployIfNotExists and modify needs in the policy definition to successfully deploy the content of your included template.
Step 2: Create an Azure policy assignment
When creating an assignment using the portal, Azure Policy both generates the managed identity and grants it the roles defined in roleDefinitionIds.
Step 3: Invoke a remediation task
Resources that are non-compliant to a deployIfNotExists or modify policy can be put into a compliant state through Remediation. Remediation is accomplished by
instructing Azure Policy to run the deployIfNotExists effect or the modify operations of the assigned policy on your existing resources and subscriptions, whether
that assignment is to a management group, a subscription, a resource group, or an individual resource.
During evaluation, the policy assignment with deployIfNotExists or modify effects determines if there are non-compliant resources or subscriptions. When non-
compliant resources or subscriptions are found, the details are provided on the Remediation page.
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, email Description automatically generated
Box 1: 3
Scenario: App1 must meet the following requirements:
Be hosted in an Azure region that supports availability zones.
Maintain availability if two availability zones in the local Azure region fail.
A host group is a resource that represents a collection of dedicated hosts. You create a host group in a region and an availability zone, and add hosts to it.
Use Availability Zones for fault isolation
Availability zones are unique physical locations within an Azure region. Each zone is made up of one or more datacenters equipped with independent power,
cooling, and networking. A host group is created in a single availability zone. Once created, all hosts will be placed within that zone. To achieve high availability
across zones, you need to create multiple host groups (one per zone) and spread your hosts accordingly.
Box 2: 1
Scenario: App1 must meet the following requirements:
Be hosted on Azure virtual machines that support automatic scaling.
An Azure virtual machine scale set can automatically increase or decrease the number of VM instances that run your application. This automated and elastic
behavior reduces the management overhead to monitor and optimize the performance of your application.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/dedicated-hosts
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-autoscale-overview
Answer: D
Explanation:
Before you upload a Windows virtual machine (VM) from on-premises to Azure, you must prepare the virtual hard disk (VHD or VHDX).
Scenario: WebApp1 has a web tier that uses Microsoft Internet Information Services (IIS) and a database tier that runs Microsoft SQL Server 2016. The web tier
and the database tier are deployed to virtual machines that run on Hyper-V.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepare-for-upload-vhd-image
A. Create a runbook that resizes virtual machines automatically to a smaller size outside of business hours.
B. Configure the Scale Up settings for a web app.
C. Deploy a virtual machine scale set that scales out on a 75 percent CPU threshold.
D. Configure the Scale Out settings for a web app.
Answer: A
A. 1
B. 2
C. 5
D. 10
E. 15
Answer: A
Explanation:
Scenario: The Network Contributor built-in RBAC role must be used to grant permissions to the network administrators for all the virtual networks in all the Azure
subscriptions.
RBAC roles must be applied at the highest level possible.
Answer: D
Explanation:
Scenario: To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app.
Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication.
Applications may use the managed identity to obtain Azure AD tokens.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Table Description automatically generated
Box 1: SQL Managed Instance
Scenario: Once migrated to Azure, DB1 and DB2 must meet the following requirements:
Maintain availability if two availability zones in the local Azure region fail.
Fail over automatically.
Minimize I/O latency.
The auto-failover groups feature allows you to manage the replication and failover of a group of databases on a server or all databases in a managed instance to
another region. It is a declarative abstraction on top of the existing active geo-replication feature, designed to simplify deployment and management of geo-
replicated databases at scale. You can initiate a geo-failover manually or you can delegate it to the Azure service based on a user-defined policy. The latter option
allows you to automatically recover multiple related databases in a secondary region after a catastrophic failure or other unplanned event that results in full or
partial loss of the SQL Database or SQL Managed Instance availability in the primary region.
Box 2: Business critical
SQL Managed Instance is available in two service tiers:
General purpose: Designed for applications with typical performance and I/O latency requirements. Business critical: Designed for applications with low I/O latency
requirements and minimal impact of
underlying maintenance operations on the workload.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/auto-failover-group-overview https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/sql-
managed-instance-paas-overview
Visit Our Site to Purchase the Full Set of Actual AZ-305 Exam Questions With Answers.
We Also Provide Practice Exam Software That Simulates Real Exam Environment And Has Many Self-Assessment Features. Order the
AZ-305 Product From:
https://www.2passeasy.com/dumps/AZ-305/
* AZ-305 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* AZ-305 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year