Realistic AZ-302 Study Guides 2021

NEW QUESTION 1
You have an Azure Active Directory (Azure AD) tenant named contosodoud.onmicrosoft.com. Your company has a public DNS zone for contoso.com.
You add contoso.com as a custom domain name to Azure AD You need to ensure that Azure can verify the domain name. Which type of DNS record should you create?

• A. PTR
• B. TXT
• C. NSEC3
• D. DNSKEY

Answer: B

NEW QUESTION 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution.
Determine whether the solution meets the stated goals. You have the following resource groups:

Developers must connect to DevServer only through DevWorkstation. To maintain security, DevServer must not accept connections from the internet.
You need to create a private connection between the DevWokstation and DevServer.
Solution: Configure a public IP address on DevServer_WestCentral. Configure the Network Security Group to allow all incoming ports.
Does the solution meet the goal?

• A. Yes
• B. NO

Answer: A

NEW QUESTION 3
Members of the finance department for a company review and make changes to a Microsoft Excel workbook that is hosted on OneDrive. The workbook contains projected costs and revenue for a project.
You need to develop an Azure Function that ingests data from the modified workbook and places it into a Microsoft Word document.
Which two objects should you implement? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

• A. An Excel table output binding
• B. A group conversation subscription
• C. A group subscription
• D. An auth token input binding
• E. An Excel table input binding

Answer: BE

NEW QUESTION 4
A company has an app that records and processes videos. New videos are recorded daily. The videos are displayed on the day after they are recorded, the company runs several servers that process data and encode the
videos the processing servers use FF mpeg and proprietary software to encode and convert the videos.
The company plans to migrate the app to tare Azure Batch must in- used to process videos. Each task must run a command and output the result to a file on a destination storage account.
You create and assign values to the following variables:

You are reviewing code to create tasks in Azure Batch. (Line numbers are included for reference only.)

For each of the of the following statements, select Yes II tin- statement b Hue Otherwise, select No. NOTE: Each correct selection is worth is worth one point.

Answer:

Explanation:

NEW QUESTION 5
You are developing an Azure Function that will be triggered using a webhook from an external application. The Azure Function will receive JSON data in the body of the request.
Calling applications send an account ID as part of the URL. The number at the end of the URL is an integer. The format for the URL resembles the following: /api/account/1
The Azure Function must accept all incoming requests without requiring keys or tokens. You need to complete the attributes for the Azure Function.
How should you complete the code? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 6
You need to recommend a high-availability solution for the middle tier of the payment processing system. What should you include in the recommendation?

• A. availability zones
• B. an availability set
• C. the Premium App Service plan
• D. the Isolated App Server plan

Answer: A

Explanation: Topic 5, Case Study: 4Label Maker app
Requirements Data
You identify the following requirements for data management and manipulation:
• Order data is stored as non relational JSON and must be queried using Structured Query Language (SQL).
• Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.
Security
You have the following security requirements:
• Users of Coho Winery applications must be able to provide access to documents, resources, and applications to external partners.
• External partners must use their own credentials and authenticate with their organization's identity management solution.
• External partner logins must be audited monthly for application use by a user account administrator to maintain company compliance.
• Storage of e-commerce application settings must be maintained in Azure Key Vault.
• E-commerce application sign-ins must be secured by using Azure App Service authentication and Azure Active Directory (AAD).
• Conditional access policies must be applied at the application level to protect company content.
• The LabelMaker application must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.
Label Maker app
Azure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).
You must use Azure Container Registry to publish images that support the AKS deployment.
Architecture


Issues
Calls to the Printer API App fail periodically due to printer communication timeouts.
Printer communication timeouts occur after 10 seconds. The label printer must only receive up to 5 attempts within one minute.
The order workflow fails to run upon initial deployment to Azure.
Order.json
Relevant portions of the app fries are shown below Line numbers are induced for reference only. This JSON file contains a representation of the data for an order that includes a single item.

NEW QUESTION 7
You are developing an internal website for employee to view sensitive data. The website uses Azure Directory (AAD) for authentication.
You need to implement multifactor authentication for the website. What should you do? Each correct answer presents part of the solution. NOTE: Each connect selection is worth one point.

• A. Upgrade to Azure AD premium.
• B. In Azure ACL enable application pages.
• C. Configuration the website to user Azure AD BDC.
• D. In Azure AD conditional access enable the baseline policy.
• E. In Azure AD create a new conditional access policy.

Answer: CE

NEW QUESTION 8
Your network contains an Active Directory domain named adatum.com and an Azure Active Directory (Azure AD) tenant named adatum.onmicrosoft.com Adatum.com contains the user accounts in the following table.

Adatum.onmiaosoft.com contains the user accounts in the following table.

You need to implement Azure AD Connect. The solution must follow the principle of least privilege. Which user accounts should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 9
You maintain an existing Azure SQL database instance. Management of the database is performed by an external party. All cryptographic keys are stored in an Azure Key Vault.
You must ensure that the external party cannot access the data in the SSN column of the Person table.
Will each protection method meet the requirement? To answer, drag the appropriate responses to the correct protection methods. Each response may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation: References:
https://docs.microsoft.com/en-us/azure/security/azure-database-security-overview

NEW QUESTION 10
You are configuring serverless computing in Azure.
You need to receive an email message whenever a resource is created in or deleted from a resource group. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation: References:
https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event-grid-logic-app

NEW QUESTION 11
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
• Provide access to the full .NET framework.
• Provide redundancy if an Azure region fails.
• Grant administrators access to the operating system to install custom application dependencies. Solution: You deploy a virtual machine scale set that uses autoscaling.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 12
You have implemented code that uses elastic transactions spanning across three different Azure SQL Database logical servers.
Database administrators report that some transactions take longer to complete than expected.
You need to use the correct tool to monitor all the transactions originating from the elastic transaction implementation.
Which tool should you use?

• A. Run the sys.dm_tran_active_transactions dynamic management view.
• B. Use the dependencies section of Azure Applications Insights.
• C. Run the sys.dm_tran_current_snapshot dynamic view.
• D. Run the sys.dm_tran_active_snapshot_database_transactions dynamic management view.

Answer: A

Explanation: References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-elastic-transactions-overview

NEW QUESTION 13
You need to recommend a strategy for migrating the database content of WebApp1 to Azure. What should you include in the recommendation?

• A. Use Azure Site Recovery to replicate the SQL servers to Azure.
• B. Use SQLServer transactional replication.
• C. Copy the BACPAC file that contains the Azure SQL database file to Azure Blob storage.
• D. Copy the VHD that contains the Azure SQL database files to Azure Blob storage

Answer: C

Explanation: Topic 4, Case Study 3Overview
Contoso,Ltd is a US-base finance service company that has a main office New Yor and a office in San Francisco.
Payment Processing Query System
Contoso hosts a business critical payment processing system in its New York data center. The system has three tiers a front-end web app a middle -tier API and a back end data store implemented as a Microsoft SQL Server 2014 database All servers run Windows Server 2012 R2.
The front -end and middle net components are hosted by using Microsoft Internet Inform-non Services (IK) The application rode is written in C# and middle- tier API uses the Entity framework to communicate the SQL Server database. Maintenance of the database e performed by using SQL Server Ago-
The database is currently J IB and is not expected to grow beyond 3 TB.
The payment processing system has the following compliance related requirement
• Encrypt data in transit and at test. Only the front-end and middle-tier components must be able to access the encryption keys that protect the date store.
• Keep backups of the two separate physical locations that are at last 200 miles apart and can be restored for op to seven years.
• Support blocking inbound and outbound traffic based on the source IP address, the description IP address, and the port number
• Collect Windows security logs from all the middle-tier servers and retain the log for a period of seven years,
• Inspect inbound and outbound traffic from the from-end tier by using highly available network appliances.
• Only allow all access to all the tiers from the internal network of Contoso.
Tape backups ate configured by using an on-premises deployment or Microsoft System Center Data protection Manager (DPMX and then shaped ofsite for long term storage
Historical Transaction Query System
Contoso recently migrate a business-Critical workload to Azure. The workload contains a NET web server for querying the historical transaction data residing in azure Table Storage. The NET service is accessible from a client app that was developed in-house and on the client computer in the New Your office. The data in the storage is 50 GB and is not except to increase.
Information Security Requirement
The IT security team wants to ensure that identity management n performed by using Active Directory. Password hashes must be stored on premises only.
Access to all business-critical systems must rely on Active Directory credentials. Any suspicious authentication attempts must trigger multi-factor authentication prompt automatically Legitimate users must be able to authenticate successfully by using multi-factor authentication.
Planned Changes
Contoso plans to implement the following changes:
* Migrate the payment processing system to Azure.
* Migrate the historical transaction data to Azure Cosmos DB to address the performance issues.
Migration Requirements
Contoso identifies the following general migration requirements:
Infrastructure services must remain available if a region or a data center fails. Failover must occur without any administrative intervention
• Whenever possible. Azure managed serves must be used to management overhead
• Whenever possible, costs must be minimized.
Contoso identifies the following requirements for the payment processing system:
• If a data center fails, ensure that the payment processing system remains available without any administrative intervention. The middle-tier and the web front end must continue to operate without any additional configurations-
• If that the number of compute nodes of the from -end and the middle tiers of the payment processing system can increase or decrease automatically based on CPU utilization.
• Ensure that each tier of the payment processing system is subject to a Service level Agreement (SLA) of 9959 percent availability
• Minimize the effort required to modify the middle tier API and the back-end tier of the payment processing system.
• Generate alerts when unauthorized login attempts occur on the middle-tier virtual machines.
• Insure that the payment processing system preserves its current compliance status.
• Host the middle tier of the payment processing system on a virtual machine.
Contoso identifies the following requirements for the historical transaction query system:
• Minimize the use of on-premises infrastructure service.
• Minimize the effort required to modify the .NET web service querying Azure Cosmos DB.
• If a region fails, ensure that the historical transaction query system remains available without any
administrative intervention.
Current Issue
The Contoso IT team discovers poor performance of the historical transaction query as the queries frequently cause table scans.

NEW QUESTION 14
You are developing an ASP.NET web application that you will deploy to Azure. The solution must meet the following requirements:
• Store user session state by using only serializable data types.
• Provide customizable caching of session data.
• Support scaling out the number of web hosts-
• Maximize performance.
Which solution meets these requirements?

• A. Clustered Azure Redis Cache
• B. ASP.NET Output Cache provider for Azure Redis Cache
• C. in-memory session state provider
• D. SQL Server session state provider

Answer: C

NEW QUESTION 15
You are designing an Azure solution for a company that wants to move a .NET Core web application an on-premises data center to Azure. The web application relies on a Microsoft SQL Server 2021 database on Windows Server 2021. The database server will not move to Azure.
A separate networking team is responsible for configuring network permissions.
The company uses Azure ExpressRoute and has an ExpressRoute gateway connected to an Azure virtual network named VNET1.
You need to recommend a solution for deploying the web application.
Solution: Deploy the web application to a web app hosted in a Premium App Service plan. Does this meet the goal?

• A. Yes
• B. No

Answer: A

NEW QUESTION 16
Your company has three branch offices and an Azure subscription. Each branch office contains a Hyper V host that hosts application servers.
You need to recommend a storage solution for the branch offices. The solution must ensure that the application servers can connect to a central storage device by unrig 6C9 connections. Data saved to the iSCSl slot age device (torn the application servers must be uploaded to Azure automatically.
Which components should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE : Each correct selection is worth one point

Answer:

Explanation:

NEW QUESTION 17
You plan to deploy an API by using Azure API Management.
You need to recommend a solution to protect the API from a distribute derail of service (DDoS) attack. What should you recommend/

• A. Create network security groups (NSG)
• B. Enable rate limiting
• C. Strip the Power-By response header
• D. Enable quotas.

Answer: A