AZ-305 DESIGNING MICROSOFT AZURE INFRASTRUCTURE SOLUTIONS POPULAR 2 LATEST VERSIONS COMPLETE 200 QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY GRADED A+
1 | P a g e
AZ-305 DESIGNING MICROSOFT AZURE
INFRASTRUCTURE SOLUTIONS POPULAR 2 LATEST
VERSIONS COMPLETE 200 QUESTIONS AND
CORRECT DETAILED ANSWERS (VERIFIED
ANSWERS) |ALREADY GRADED A+
AZ-305 DESIGNING MICROSOFT AZURE INFRASTRUCTURE VERSION A
You plan to deploy an app that will use an Azure Storage account.You
need to deploy the storage account. The storage account must meet the
following requirements:✑ Store the data for multiple users.✑ Encrypt
each user's data by using a separate key.✑ Encrypt all the data in the
storage account by using customer-managed keys.What should you
deploy?
A. files in a premium file share storage account
B. blobs in a general purpose v2 storage account
C. blobs in an Azure Data Lake Storage Gen2 account
D. files in a general purpose v2 storage account - ANSWER- B. blobs in
a general purpose v2 storage account
HOTSPOT -You have an Azure App Service web app that uses a
system-assigned managed identity.You need to recommend a solution to
store the settings of the web app as secrets in an Azure key vault. The
solution must meet the following requirements:✑ Minimize changes to
the app code.✑ Use the principle of least privilege.What should you
include in the recommendation? To answer, select the appropriate
2 | P a g e
options in the answer area.NOTE: Each correct selection is worth one
point.
Hot Area: - ANSWER- Key Vault references in Application settings
Secrets: Get
You plan to deploy an application named App1 that will run on five
Azure virtual machines. Additional virtual machines will be deployed
later to run App1.You need to recommend a solution to meet the
following requirements for the virtual machines that will run App1:✑
Ensure that the virtual machines can authenticate to Azure Active
Directory (Azure AD) to gain access to an Azure key vault, Azure Logic
Apps instances, and an Azure SQL database.✑ Avoid assigning new
roles and permissions for Azure services when you deploy additional
virtual machines.✑ Avoid storing secrets and certificates on the virtual
machines.✑ Minimize administrative effort for managing
identities.Which type of identity should you include in the
recommendation?
A. a system-assigned managed identity
B. a service principal that is configured to use a certificate
C. a service principal that is configured to use a client secret
D. a user-assig - ANSWER- D. a user-assigned managed identity
You have the resources shown in the following table:
CDB1 hosts a container that stores continuously updated operational
data.You are designing a solution that will use AS1 to analyze the
operational data daily.You need to recommend a solution to analyze the
3 | P a g e
data without affecting the performance of the operational data
store.What should you include in the recommendation?
A. Azure Cosmos DB change feed
B. Azure Data Factory with Azure Cosmos DB and Azure Synapse
Analytics connectors
C. Azure Synapse Link for Azure Cosmos DB
D. Azure Synapse Analytics with PolyBase data loading - ANSWER- C.
Azure Synapse Link for Azure Cosmos DB
HOTSPOT -
You deploy several Azure SQL Database instances.
You plan to configure the Diagnostics settings on the databases as
shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes
each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area: - ANSWER- 90 days
730 days
You have an application that is used by 6,000 users to validate their
vacation requests. The application manages its own credential
store.Users must enter a username and password to access the
application. The application does NOT support identity providers.You
plan to upgrade the application to use single sign-on (SSO)
4 | P a g e
authentication by using an Azure Active Directory (Azure AD)
application registration.Which SSO method should you use?
A. header-based
B. SAML
C. password-based
D. OpenID Connect - ANSWER- C. password-based
HOTSPOT -
You have an Azure subscription that contains a virtual network named
VNET1 and 10 virtual machines. The virtual machines are connected to
VNET1.
You need to design a solution to manage the virtual machines from the
internet. The solution must meet the following requirements:
✑ Incoming connections to the virtual machines must be authenticated
by using Azure Multi-Factor Authentication (MFA) before network
connectivity is allowed.
✑ Incoming connections must use TLS and connect to TCP port 443.
✑ The solution must support RDP and SSH.
What should you include in the solution? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area: - ANSWER- Just-in-time (JIT) VN access
A conditional Access policy that has Cloud Apps assignment set to
Azure Windows VM Sign-In
Category | Exams and Certifications |
Comments | 0 |
Rating | |
Sales | 0 |