High Quality Microsoft AZ-305 Study Guide Online

NEW QUESTION 1

You use Azure virtual machines to run a custom application that uses an Azure SQL database on the back end. The IT apartment at your company recently enabled forced tunneling,
Since the configuration change, developers have noticed degraded performance when they access the database
You need to recommend a solution to minimize latency when accessing the database. The solution must minimize costs
What should you include in the recommendation?

• A. Azure SQL Database Managed instance
• B. Azure virtual machines that run Microsoft SQL Server servers
• C. Always On availability groups
• D. virtual network (VNET) service endpoint

Answer: D

Explanation:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview

NEW QUESTION 2

You have an Azure subscription that contains a custom application named Application was developed by an external company named fabric, Ltd. Developers at Fabrikam were assigned role-based access control (RBAV) permissions to the Application components. All users are licensed for the Microsoft 365 E5 plan.
You need to recommends a solution to verify whether the Faricak developers still require permissions to Application1. The solution must the following requirements.
* To the manager of the developers, send a monthly email message that lists the access permissions to Application1.
* If the manager does not verify access permission, automatically revoke that permission.
* Minimize development effort. What should you recommend?

• A. In Azure Active Directory (AD) Privileged Identity Management, create a custom role assignment for the Application1 resources
• B. Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet
• C. Create an Azure Automation runbook that runs the Get-AzureRmRoleAssignment cmdlet
• D. In Azure Active Directory (Azure AD), create an access review of Application1

Answer: D

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-user-access-with-access-reviews Azure Active Directory (Azure AD) access reviews enable organizations to efficiently manage group
memberships, access to enterprise applications, and role assignments. User's access can be reviewed on a regular basis to make sure only the right people have continued access. Have reviews recur periodically: You can set up recurring access reviews of users at set frequencies such as weekly, monthly, quarterly or annually, and the reviewers will be notified at the start of each review. Reviewers can approve or deny access with a friendly interface and with the help of smart recommendations.
Why are access reviews important?
"Azure AD enables you to collaborate with users from inside your organization and with external users. Users can join groups, invite guests, connect to cloud apps, and work remotely from their work or personal devices. The convenience of using self-service has led to a need for better access management capabilities."

NEW QUESTION 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
Provide access to the full .NET framework.
Provide redundancy if an Azure region fails.
Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy two Azure virtual machines to two Azure regions, and you create a Traffic Manager profile.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

Explanation:
Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions, while providing high availability and responsiveness.
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview

NEW QUESTION 4

You need to design a solution that will execute custom C# code in response to an event routed to Azure Event Grid. The solution must meet the following requirements:
The executed code must be able to access the private IP address of a Microsoft SQL Server instance that runs on an Azure virtual machine.
Costs must be minimized.
What should you include in the solution?

• A. Azure Logic Apps in the integrated service environment
• B. Azure Functions in the Dedicated plan and the Basic Azure App Service plan
• C. Azure Logic Apps in the Consumption plan
• D. Azure Functions in the Consumption plan

Answer: D

Explanation:
When you create a function app in Azure, you must choose a hosting plan for your app. There are three basic hosting plans available for Azure Functions: Consumption plan, Premium plan, and Dedicated (App Service) plan.
For the Consumption plan, you don't have to pay for idle VMs or reserve capacity in advance. Connect to private endpoints with Azure Functions
As enterprises continue to adopt serverless (and Platform-as-a-Service, or PaaS) solutions, they often need a way to integrate with existing resources on a virtual network. These existing resources could be databases, file storage, message queues or event streams, or REST APIs.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale https://techcommunity.microsoft.com/t5/azure-functions/connect-to-private-endpoints-with-azure-functions/ba-p Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale#hosting-plans-comparison

NEW QUESTION 5

You plan to move a web application named App1 from an on-premises data center to Azure. App1 depends on a custom COM component that is installed on the host server.
You need to recommend a solution to host App1 in Azure. The solution must meet the following requirements:
App1 must be available to users if an Azure data center becomes unavailable.
Costs must be minimized.
What should you include in the recommendation?

• A. In two Azure regions, deploy a load balancer and a virtual machine scale set.
• B. In two Azure regions, deploy a Traffic Manager profile and a web app.
• C. In two Azure regions, deploy a load balancer and a web app.
• D. Deploy a load balancer and a virtual machine scale set across two availability zones.

Answer: D

Explanation:
(https://docs.microsoft.com/en-us/dotnet/azure/migration/app-service#com-and-com-components)
Azure App Service does not allow the registration of COM components on the platform. If your app makes use of any COM components, these need to be rewritten in managed code and deployed with the site or application. https://docs.microsoft.com/en-us/dotnet/azure/migration/app-service
"Azure App Service with Windows Containers If your app cannot be migrated directly to App Service, consider App Service using Windows Containers, which enables usage of the GAC, COM components, MSIs, full access to .NET FX APIs, DirectX, and more."

NEW QUESTION 6

You design a solution for the web tier of WebApp1 as shown in the exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 7

You have an Azure Active Directory (Azure AD) tenant.
You plan to use Azure Monitor to monitor user sign-ins and generate alerts based on specific user sign-in events.
You need to recommend a solution to trigger the alerts based on the events.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 8

You have an Azure subscription that is linked to an Azure Active Directory Premium Plan 2 tenant The tenant has multi-factor authentication (MFA) enabled for all users.
You have the named locations shown in the following table.

You have the users shown in the following table.

You plan to deploy the Conditional Access policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 9

You are designing a storage solution that will ingest, store, and analyze petabytes (PBs) of structured,
semi-structured and unstructured text data. The analyzed data will be offloaded to Azure Data Lake Storage Gen2 for long-term retention.
You need to recommend a storage and analytics solution that meets the following requirements:
• Stores the processed data
• Provides interactive analytics
• Supports manual scaling, built-in autoscaling. and custom autoscaling
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 10

You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1.
You need to recommend a solution to meet the following requirements for the virtual machines that will run App1:
Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to
an Azure key vault, Azure Logic Apps instances, and an Azure SQL database.
Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines.
Avoid storing secrets and certificates on the virtual machines. Which type of identity should you include in the recommendation?

• A. a service principal that is configured to use a certificate
• B. a system-assigned managed identity
• C. a service principal that is configured to use a client secret
• D. a user-assigned managed identity

Answer: D

Explanation:
Managed identities for Azure resources is a feature of Azure Active Directory.
User-assigned managed identity can be shared. The same user-assigned managed identity can be associated with more than one Azure resource.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

NEW QUESTION 11

You are planning an Azure IoT Hub solution that will include 50,000 IoT devices.
Each device will stream data, including temperature, device ID, and time data. Approximately 50,000 records will be written every second. The data will be visualized in near real time.
You need to recommend a service to store and query the data.
Which two services can you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A. Azure Table Storage
• B. Azure Event Grid
• C. Azure Cosmos DB SQL API
• D. Azure Time Series Insights

Answer: CD

Explanation:
D: Time Series Insights is a fully managed service for time series data. In this architecture, Time Series Insights performs the roles of stream processing, data store, and analytics and reporting. It accepts streaming data from either IoT Hub or Event Hubs and stores, processes, analyzes, and displays the data in near real time.
C: The processed data is stored in an analytical data store, such as Azure Data Explorer, HBase, Azure Cosmos DB, Azure Data Lake, or Blob Storage.
Reference:
https://docs.microsoft.com/en-us/azure/architecture/data-guide/scenarios/time-series

NEW QUESTION 12

You have an Azure subscription that contains multiple storage accounts. You assign Azure Policy definitions to the storage accounts.
You need to recommend a solution to meet the following requirements:
• Trigger on-demand Azure Policy compliance scans.
• Raise Azure Monitor non-compliance alerts by querying logs collected by Log Analytics.
What should you recommend for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 13

You are designing an order processing system in Azure that will contain the Azure resources shown in the following table.

The order processing system will have the following transaction flow:
A customer will place an order by using App1.
When the order is received, App1 will generate a message to check for product availability at vendor 1 and vendor 2.
An integration component will process the message, and then trigger either Function1 or Function2 depending on the type of order.
Once a vendor confirms the product availability, a status message for App1 will be generated by Function1 or Function2.
All the steps of the transaction will be logged to storage1.
Which type of resource should you recommend for the integration component? D18912E1457D5D1DDCBD40AB3BF70D5D
Which type of resource should you recommend for the integration component?

• A. an Azure Data Factory pipeline
• B. an Azure Service Bus queue
• C. an Azure Event Grid domain
• D. an Azure Event Hubs capture

Answer: A

Explanation:
A data factory can have one or more pipelines. A pipeline is a logical grouping of activities that together perform a task.
The activities in a pipeline define actions to perform on your data.
Data Factory has three groupings of activities: data movement activities, data transformation activities, and control activities.
Azure Functions is now integrated with Azure Data Factory, allowing you to run an Azure function as a step in your data factory pipelines.
Reference:
https://docs.microsoft.com/en-us/azure/data-factory/concepts-pipelines-activities

NEW QUESTION 14

You have .NeT web service named service1 that has the following requirements.
Must read and write to the local file system.
Must write to the Windows Application event log.
You need to recommend a solution to host Service1 in Azure.
The solution must meet the following requirements:
Minimize maintenance overhead.
Minimize costs.
What should you include in the recommendation?

• A. an Azure App Service web app
• B. an Azure virtual machine scale set
• C. an App Service Environment (ASE)
• D. an Azure Functions app

Answer: A

Explanation:
https://social.msdn.microsoft.com/Forums/vstudio/en-US/294b9e3e-e89c-4095-b8d0-ee1646e77268/writing-to-l

NEW QUESTION 15

You plan provision a High Performance Computing (HPC) cluster in Azure that will use a third-party scheduler.
You need to recommend a solution to provision and manage the HPC cluster node. What should you include in the recommendation?

• A. Azure Lighthouse
• B. Azure CycleCloud
• C. Azure Purview
• D. Azure Automation

Answer: B

Explanation:
You can dynamically provision Azure HPC clusters with Azure CycleCloud. Azure CycleCloud is the simplest way to manage HPC workloads.
Note: Azure CycleCloud is an enterprise-friendly tool for orchestrating and managing High Performance Computing (HPC) environments on Azure. With CycleCloud, users can provision infrastructure for HPC systems, deploy familiar HPC schedulers, and automatically scale the infrastructure to run jobs efficiently at any scale. Through CycleCloud, users can create different types of file systems and mount them to the compute cluster nodes to support HPC workloads.
Reference:
https://docs.microsoft.com/en-us/azure/cyclecloud/overview

NEW QUESTION 16

What two parameters would you recommend set up to ensure that the new IPSCustomers database will scale to meet the workload demands?

• A. Define the maximum of CPU cores
• B. Define the maximum resource limit per group of databases
• C. Define the maximum of Database Transaction Units
• D. Define the maximum of the allocated storage
• E. Define the maximum size for a database

Answer: CE

NEW QUESTION 17

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity.
Several VMs are exhibiting network connectivity issues.
You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs. Solution: Use the Azure Traffic Analytics solution in Azure Log Analytics to analyze the network traffic. Does the solution meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
Instead use Azure Network Watcher to run IP flow verify to analyze the network traffic. Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview

NEW QUESTION 18

Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using the Regulatory compliance dashboard in Microsoft Defender for Cloud. Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 19
......