This page was exported from Top Exam Collection [ http://blog.topexamcollection.com ] Export date:Sun Jan 19 13:07:32 2025 / +0000 GMT ___________________________________________________ Title: Microsoft Azure Solutions Architect Expert AZ-305 Dumps Updated Jan 18, 2023 - TopExamCollection [Q82-Q104] --------------------------------------------------- Microsoft Azure Solutions Architect Expert AZ-305 Dumps | Updated Jan 18, 2023 - TopExamCollection Master 2023 Latest The Questions Microsoft Azure Solutions Architect Expert and Pass AZ-305 Real Exam! NEW QUESTION 82Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service.Contoso establishes a partnership with another company named Fabrikam. IncL Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.I Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso.You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:* Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.* The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.* The solution must NOT require changes to the logic apps.* The solution must NOT use Azure AD guest accounts.What should you include in the solution?  Azure AD business-to-business (B2B)  Azure AD Application Proxy  Azure Front Door  Azure API Management ExplanationAPI Management helps organizations publish APIs to external, partner, and internal developers to unlock the potential of their data and services.You can secure API Management using the OAuth 2.0 client credentials flow.Reference:https://docs.microsoft.com/en-us/azure/api-management/api-management-key-conceptshttps://docs.microsoft.com/en-us/azure/api-management/api-management-featureshttps://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad#enabNEW QUESTION 83You plan to import data from your on-premises environment to Azure. The data Is shown in the following table.What should you recommend using to migrate the data? To answer, drag the appropriate tools to the correct data sources-Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.NOTE: Each correct selection is worth one point. ExplanationReferences:https://docs.microsoft.com/en-us/azure/dms/tutorial-sql-server-to-azure-sqlhttps://docs.microsoft.com/en-us/azure/cosmos-db/import-dataNEW QUESTION 84You manage a database environment for a Microsoft Volume Licensing customer named Contoso, Ltd. Contoso uses License Mobility through Software Assurance.You need to deploy 50 databases. The solution must meet the following requirements:Support automatic scaling.Minimize Microsoft SQL Server licensing costs.What should you include in the solution? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/azure-sql/database/purchasing-modelsNEW QUESTION 85You have 100 servers that run Windows Server 2012 R2 and host Microsoft SQL Server 2012 R2 instances. The instances host databases that have the following characteristics:The largest database is currently 3 TB. None of the databases will ever exceed 4 TB.Stored procedures are implemented by using CLR.You plan to move all the data from SQL Server to Azure.You need to recommend an Azure service to host the databases. The solution must meet the following requirements:Whenever possible, minimize management overhead for the migrated databases.Minimize the number of database changes required to facilitate the migration.Ensure that users can authenticate by using their Active Directory credentials.What should you include in the recommendation?  Azure SQL Database single databases  Azure SQL Database Managed Instance  Azure SQL Database elastic pools  SQL Server 2016 on Azure virtual machines SQL Managed Instance allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database changes. At the same time, SQL Managed Instance preserves all PaaS capabilities (automatic patching and version updates, automated backups, high availability) that drastically reduce management overhead and TCO.https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/transact-sql-tsql-differences-sql-server#clrhttps://docs.microsoft.com/en-gb/azure/azure-sql/database/transact-sql-tsql-differences-sql-server#transact-sql-syntax-not-supported-in-azure-sql-database Reference:https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instanceNEW QUESTION 86You need to recommend a solution that meets the file storage requirements for App2.What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/storage/file-sync/file-sync-deployment-guideNEW QUESTION 87You need to recommend an Azure Storage Account configuration for two applications named Application1 and Applications. The configuration must meet the following requirements:* Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.* Storage for Application2 must provide the lowest possible storage costs per GB.* Storage for both applications must be optimized for uploads and downloads.* Storage for both applications must be available in an event of datacenter failure.What should you recommend ? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point Reference:https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overviewhttps://docs.microsoft.com/en-us/azure/storage/common/storage-redundancyNEW QUESTION 88You need to recommend a solution for the App1 maintenance task. The solution must minimize costs.What should you include in the recommendation?  an Azure logic app  an Azure function  an Azure virtual machine  an App Service WebJob Explanationhttps://learn.microsoft.com/en-us/azure/azure-functions/functions-reference-powershell?tabs=portalhttps://learn.microsoft.com/en-us/azure/azure-functions/functions-create-scheduled-function#create-a-timer-triggNEW QUESTION 89You are evaluating whether to use Azure Traffic Manager and Azure Application Gateway to meet the connection requirements for App1.What is the minimum numbers of instances required for each service? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Topic 4, HABInsuranceCurrent environmentGeneralAn insurance company, HABInsurance, operates in three states and provides home, auto, and boat insurance. Besides the head office, HABInsurance has three regional offices.Technology assessmentThe company has two Active Directory forests: main.habinsurance.com and region.habinsurance.com. HABInsurance’s primary internal system is Insurance Processing System (IPS). It is an ASP.Net/C# application running on IIS/Windows Servers hosted in a data center. IPS has three tiers: web, business logic API, and a datastore on a back end. The company uses Microsoft SQL Server and MongoDB for the backend. The system has two parts: Customer data and Insurance forms and documents. Customer data is stored in Microsoft SQL Server and Insurance forms and documents – in MongoDB. The company also has 10 TB of Human Resources (HR) data stored on NAS at the head office location. Requirements General HABInsurance plans to migrate its workloads to Azure. They purchased an Azure subscription. Changes During a transition period, HABInsurance wants to create a hybrid identity model along with a Microsoft Office 365 deployment. The company intends to sync its AD forests to Azure AD and benefit from Azure AD administrative units functionality.HABInsurance needs to migrate the current IPSCustomers SQL database to a new fully managed SQL database in Azure that would be budget-oriented, balanced with scalable compute and storage options. The management team expects the Azure database service to scale the database resources dynamically with minimal downtime. The technical team proposes implementing a DTU-based purchasing model for the new database.HABInsurance wants to migrate Insurance forms and documents to Azure database service. HABInsurance plans to move IPS first two tiers to Azure without any modifications. The technology team discusses the possibility of running IPS tiers on a set of virtual machines instances. The number of instances should be adjusted automatically based on the CPU utilization. An SLA of 99.95% must be guaranteed for the compute infrastructure.The company needs to move HR data to Azure File shares.In their new Azure ecosystem, HABInsurance plans to use internal and third-party applications. The company considers adding user consent for data access to the registered applications Later, the technology team contemplates adding a customer self-service portal to IPS and deploying a new IPS to multi-region ASK. But the management team is worried about performance and availability of the multi-region AKS deployments during regional outages.NEW QUESTION 90The accounting department at your company migrates to a new financial accounting software. The accounting department must keep file-based database backups for seven years for compliance purposes. It is unlikely that the backups will be used to recover data.You need to move the backups to Azure. The solution must minimize costs.Where should you store the backups?  Azure Blob storage that uses the Archive tier  Azure SQL Database  Azure Blob storage that uses the Cool tier  a Recovery Services vault Azure Front Door enables you to define, manage, and monitor the global routing for your web traffic by optimizing for best performance and instant global failover for high availability. With Front Door, you can transform your global (multi-region) consumer and enterprise applications into robust, high-performance personalized modern applications, APIs, and content that reaches a global audience with Azure.Front Door works at Layer 7 or HTTP/HTTPS layer and uses anycast protocol with split TCP and Microsoft’s global network for improving global connectivity.Reference:https://docs.microsoft.com/en-us/azure/frontdoor/front-door-overviewNEW QUESTION 91You plan to develop a new app that will store business critical data. The app must meet the following requirements:* Prevent new data from being modified for one year.* Maximize data resiliency.* Minimize read latency.What storage solution should you recommend for the app? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. NEW QUESTION 92You have an Azure subscription that is linked to an Azure Active Directory Premium Plan 2 tenant The tenant has multi-factor authentication (MFA) enabled for all users.You have the named locations shown in the following table.You have the users shown in the following table.You plan to deploy the Conditional Access policies shown in the following table.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. ExplanationA screenshot of a computer Description automatically generated with medium confidenceNEW QUESTION 93You have an Azure subscription that contains a Windows Virtual Desktop tenant.You need to recommend a solution to meet the following requirements:Start and stop Windows Virtual Desktop session hosts based on business hours.Scale out Windows Virtual Desktop session hosts when required.Minimize compute costs.What should you include in the recommendation?  Microsoft Intune  a Windows Virtual Desktop automation task  Azure Automation  Azure Service Health Reference:https://www.ciraltos.com/automatically-start-and-stop-wvd-vms-with-azure-automation/https://wvdlogix.net/windows-virtual-desktop-host-pool-automation-2https://getnerdio.com/academy/how-to-optimize-windows-virtual-desktop-wvd-azure-costs-with-event-based-autoscaling-and-azure-vm-scale-sets/NEW QUESTION 94You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.You have an internal web app named WebApp1 that is hosted on-premises. WebApp1 uses Integrated Windows authentication.Some users work remotely and do have VPN access to the on-premises network.You need to provide the remote users with single sign-on (SSO) access to WebApp1.Which two features should you include in the solution? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.  Azure AD Application Proxy  Azure AD Privileged Identity Management (PIM)  Conditional Access policies  Azure Arc  Azure AD enterprise applications  Azure Application Gateway ExplanationA: Application Proxy is a feature of Azure AD that enables users to access on-premises web applications from a remote client. Application Proxy includes both the Application Proxy service which runs in the cloud, and the Application Proxy connector which runs on an on-premises server.You can configure single sign-on to an Application Proxy application.C: Microsoft recommends using Application Proxy with pre-authentication and Conditional Access policies for remote access from the internet. An approach to provide Conditional Access for intranet use is to modernize applications so they can directly authenticate with AAD.Reference:https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-config-sso-how-tohttps://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-deployment-planNEW QUESTION 95You have an on-premises Microsoft SQL server named SQLI that hosts 50 databases.You plan to migrate SQL 1 to Azure SQL Managed Instance.You need to perform an offline migration of SQL 1. The solution must minimize administrative effort.What should you include in the solution?  SQL Server Migration Assistant (SSMA)  Azure Migrate  Data Migration Assistant (DMA)  Azure Database Migration Service This Azure service supports migration in the offline mode for applications that can afford downtime during the migration process. Unlike the continuous migration in online mode, offline mode migration runs a one-time restore of a full database backup from the source to the targethttps://learn.microsoft.com/en-us/azure/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-overview?view=azuresql#compare-migration-optionsNEW QUESTION 96You plan to deploy an app that will use an Azure Storage account.You need to deploy the storage account. The solution must meet the following requirements:* Store the data of multiple users.* Encrypt each user’s data by using a separate key.* Encrypt all the data in the storage account by using Microsoft keys or customer-managed keys.What should you deploy?  files in a general purpose v2 storage account.  blobs in an Azure Data Lake Storage Gen2 account.  files in a premium file share storage account.  blobs in a general purpose v2 storage account NEW QUESTION 97You have an Azure Load Balancer named LB1 that balances requests to five Azure virtual machines.You need to develop a monitoring solution for LB1. The solution must generate an alert when any of the following conditions are met:* A virtual machine is unavailable.* Connection attempts exceed 50,000 per minute.Which signal should you include in the solution for each condition? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationGraphical user interface, text, application Description automatically generatedBox 1: Data path availabilityStandard Load Balancer continuously exercises the data path from within a region to the load balancer front end, all the way to the SDN stack that supports your VM. As long as healthy instances remain, the measurement follows the same path as your application’s load-balanced traffic. The data path that your customers use is also validated. The measurement is invisible to your application and does not interfere with other operations.Note: Load balancer distributes inbound flows that arrive at the load balancer’s front end to backend pool instances. These flows are according to configured load-balancing rules and health probes. The backend pool instances can be Azure Virtual Machines or instances in a virtual machine scale set.Box 2: SYN countSYN (synchronize) count: Standard Load Balancer does not terminate Transmission Control Protocol (TCP) connections or interact with TCP or UDP packet flows. Flows and their handshakes are always between the source and the VM instance. To better troubleshoot your TCP protocol scenarios, you can make use of SYN packets counters to understand how many TCP connection attempts are made. The metric reports the number of TCP SYN packets that were received.Reference:https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnosticsNEW QUESTION 98Your company has an on-premises Hyper-V cluster that contains 20 virtual machines. Some of the virtual machines are based on Windows and some in Linux. You have to migrate the virtual machines onto Azure.You have to recommend a solution that would be used to replicate the disks of the virtual machines to Azure. The solution needs to ensure that the virtual machines remain available when the migration of the disks is in progress.You decide to create an Azure storage account and then run AzCopyWould this fulfill the requirement?  Yes  No NEW QUESTION 99Your company develops a web service that is deployed to an Azure virtual machine named VM1. The web service allows an API to access real-time data from VM1.The current virtual machine deployment is shown in the Deployment exhibit. (Click the Deployment tab).The chief technology officer (CTO) sends you the following email message: “Our developers have deployed the web service to a virtual machine named VM1. Testing has shown that the API is accessible from VM1 and VM2. Our partners must be able to connect to the API over the Internet. Partners will use this data in applications that they develop.” You deploy an Azure API Management (APIM) service. The relevant API Management configuration is shown in the API exhibit. (Click the API tab.)For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/api-management/api-management-using-with-vnetNEW QUESTION 100You need to recommend a solution to ensure that App1 can access the third-party credentials and access strings. The solution must meet the security requirements.What should you include in the recommendation? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/key-vault/general/authenticationNEW QUESTION 101What two parameters would you recommend set up to ensure that the new IPSCustomers database will scale to meet the workload demands?  Define the maximum of CPU cores  Define the maximum resource limit per group of databases  Define the maximum of Database Transaction Units  Define the maximum of the allocated storage  Define the maximum size for a database NEW QUESTION 102You have an Azure web app named App1 and an Azure key vault named KV1.App1 stores database connection strings in KV1.App1 performs the following types of requests to KV1:* Get* List* Wrap* Delete* Unwrap* Backup* Decrypt* EncryptYou are evaluating the continuity of service for App1.You need to identify the following if the Azure region that hosts KV1 becomes unavailable:* To where will KV1 fail over?* During the failover, which request type will be unavailable?What should you identify? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationTable Description automatically generatedBox 1: A server in the same paired regionThe contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets.Box 2: DeleteDuring failover, your key vault is in read-only mode. Requests that are supported in this mode are:* List certificates* Get certificates* List secrets* Get secrets* List keys* Get (properties of) keys* Encrypt* Decrypt* Wrap* Unwrap* Verify* Sign* BackupReference:https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidanceNEW QUESTION 103You have an Azure subscription that contains a virtual network named VNET1 and 10 virtual machines. The virtual machines are connected to VNET1.You need to design a solution to manage the virtual machines from the internet. The solution must meet the following requirements:* Incoming connections to the virtual machines must be authenticated by using Azure Multi-Factor Authentication (MFA) before network connectivity is allowed.* Incoming connections must use TLS and connect to TCP port 443.* The solution must support RDP and SSH.What should you Include In the solution? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. NEW QUESTION 104A company plans to implement an HTTP-based API to support a web app. The web app allows customers to check the status of their orders.The API must meet the following requirements:* Implement Azure Functions* Provide public read-only operations* Do not allow write operationsYou need to recommend configuration options.What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area.NOTE: Each correct selection is worth one point. ExplanationGraphical user interface, table Description automatically generatedAllowed authentication methods: GET onlyAuthorization level: AnonymousThe option is Allow Anonymous requests. This option turns on authentication and authorization in App Service, but defers authorization decisions to your application code. For authenticated requests, App Service also passes along authentication information in the HTTP headers.This option provides more flexibility in handling anonymous requests.References:https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization Loading … A fully updated 2023 AZ-305 Exam Dumps exam guide from training expert TopExamCollection: https://www.topexamcollection.com/AZ-305-vce-collection.html --------------------------------------------------- Images: https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-01-18 09:46:23 Post date GMT: 2023-01-18 09:46:23 Post modified date: 2023-01-18 09:46:23 Post modified date GMT: 2023-01-18 09:46:23