Microsoft az-305 exam replaces the past Microsoft Azure Architect Technologies (az-303), and Microsoft Azure Architect Design (az-304).
Microsoft az-305 exam: “Designing Microsoft Azure Infrastructure Solutions”, is a new exam item listed for 2022.
“Microsoft az-305 exam measures your ability to accomplish the following technical tasks: design identity, governance, and monitoring solutions; design data storage solutions; design business continuity solutions; and design infrastructure solutions.” Microsoft official>>
Lead4Pass, one of the providers of Microsoft az-305 certification exams, has introduced “AZ-305 Dumps” after several updates.
AZ-305 dumps: Covers all objectives of the exam in-depth so you can prepare for any question on the Microsoft az-305 exam.
To prepare for the Microsoft az-305 certification exam to help you successfully pass the exam on your first attempt, I recommend you download the AZ-305 dumps with PDF and VCE study tools: https://www.leads4pass.com/az-305.html.
You can also take our free shared online exam.
Microsoft az-305 exam practice test
Tips: The answer is announced at the end of the article
QUESTION 1:
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource deployments in your subscription.
What should you include in the recommendation?
A. Azure Activity Log
B. Azure Monitor action groups
C. Azure Advisor
D. Azure Monitor metrics
QUESTION 2:
HOTSPOT
Your company develops a web service that is deployed to an Azure virtual machine named VM1. The web service allows an API to access real-time data from VM1.
The current virtual machine deployment is shown in the Deployment exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 3:
HOTSPOT
What should you implement to meet the identity requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Requirements: Identity Requirements
Contoso identifies the following requirements for managing Fabrikam access to resources:
Every month, an account manager at Fabrikam must review which Fabrikam users have access permissions to App1.
Accounts that no longer need permissions must be removed as guests.
The solution must minimize development effort.
Box 1: The Azure AD Privileged Identity Management (PIM)
When should you use access reviews?
Too many users in privileged roles: It\’s a good idea to check how many users have administrative access, how many of them are Global Administrators, and if there are any invited guests or partners that have not been removed after being assigned to do an administrative task.
You can recertify the role assignment users in Azure AD roles such as Global Administrators, or Azure resources roles such as User Access Administrator in the Azure AD Privileged Identity Management (PIM) experience.
Box 2: Access reviews
Azure Active Directory (Azure AD) access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments. User\’s access can be reviewed on a regular basis to make sure only the right people have continued access.
QUESTION 4:
You migrate App1 to Azure.
You need to ensure that the data storage for App1 meets the security and compliance requirement
What should you do?
A. Create an access policy for the blob
B. Modify the access level of the blob service.
C. Implement Azure resource locks.
D. Create Azure RBAC assignments.
QUESTION 5:
HOTSPOT
You need to recommend an Azure Storage Account configuration for two applications named Application1 and Applications.
The configuration must meet the following requirements:
1. Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.
2. Storage for Application2 must provide the lowest possible storage costs per GB.
3. Storage for both applications must be optimized for uploads and downloads.
4. Storage for both applications must be available in an event of datacenter failure.
What should you recommend ? To answer, select the appropriate options in the answer area
NOTE: Each correct selection is worth one point
Hot Area:
Correct Answer:
Box 1: BloblBlobStorage with Premium performance and Zone-redundant storage (ZRS) replication.
BlockBlobStorage accounts: Storage accounts with premium performance characteristics for block blobs and append blobs.
Recommended for scenarios with high transactions rates, or scenarios that use smaller objects or require consistently low storage latency.
Premium: optimized for high transaction rates and single-digit consistent storage latency.
Box 2: General purpose v2 with Standard performance.. General-purpose v2 accounts: Basic storage account type for blobs, files, queues, and tables. Recommended for most scenarios using Azure Storage.
QUESTION 6:
You have .NeT web service named service1 that has the following requirements:
1. Must read and write to the local file system.
2. Must write to the Windows Application event log. You need to recommend a solution to host Service1 in Azure .
The solution must meet the following requirements:
1.Minimize maintenance overhead.
2.Minimize costs.
What should you include in the recommendation?
A. an Azure App Service web app
B. an Azure virtual machine scale set
C. an App Service Environment (ASE)
D. an Azure Functions app
QUESTION 7:
You plan provision a High Performance Computing (HPC) cluster in Azure that will use a third-party scheduler.
You need to recommend a solution to provision and manage the HPC cluster node.
What should you include in the recommendation?
A. Azure Lighthouse
B. Azure CycleCloud
C. Azure Purview
D. Azure Automation
QUESTION 8:
HOTSPOT
You have an on-premises database that you plan to migrate to Azure.
You need to design the database architecture to meet the following requirements:
1.Support scaling up and down.
2.Support geo-redundant backups.
3.Support a database of up to 75 TB.
4.Be optimized for online transaction processing (OLTP).
What should you include in the design? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: Azure SQL Database
Azure SQL Database:
Database size always depends on the underlying service tiers (e.g. Basic, Business Critical, Hyperscale).
It supports databases of up to 100 TB with Hyperscale service tier model.
Active geo-replication is a feature that lets you to create a continuously synchronized readable secondary database for a primary database.
The readable secondary database may be in the same Azure region as the primary, or, more commonly, in a different region.
This kind of readable secondary databases are also known as geo-secondaries, or geo-replicas.
Azure SQL Database and SQL Managed Instance enable you to dynamically add more resources to your database with minimal downtime.
Box 2: Hyperscale
Incorrect Answers:
SQL Server on Azure VM: geo-replication not supported.
Azure Synapse Analytics is not optimized for online transaction processing (OLTP).
Azure SQL Managed Instance max database size is up to currently available instance size (depending on the number of vCores). Max instance storage size (reserved)
– 2 TB for 4 vCores
-8 TB for 8 vCores
-16 TB for other sizes
QUESTION 9:
HOTSPOT
How should the migrated databases DB1 and DB2 be implemented in Azure?
Hot Area:
Correct Answer:
Box 1: SQL Managed Instance
Scenario: Once migrated to Azure, DB1 and DB2 must meet the following requirements:
1.Maintain availability if two availability zones in the local Azure region fail.
2.Fail over automatically.
3.Minimize I/O latency.
The auto-failover groups feature allows you to manage the replication and failover of a group of databases on a server or all databases in a managed instance to another region.
It is a declarative abstraction on top of the existing active geo-replication feature, designed to simplify deployment and management of geo-replicated databases at scale.
You can initiate a geo-failover manually or you can delegate it to the Azure service based on a userdefined policy.
The latter option allows you to automatically recover multiple related databases in a secondary region after a catastrophic failure or other unplanned event that results in full or partial loss of the SQL Database or SQL Managed Instance availability in the primary region.
Box 2: Business critical
SQL Managed Instance is available in two service tiers:
General purpose: Designed for applications with typical performance and I/O latency requirements.
Business critical: Designed for applications with low I/O latency requirements and minimal impact of underlying maintenance operations on the workload.
QUESTION 10:
HOTSPOT
You have an Azure subscription that contains 300 Azure virtual machines that run Windows Server 2016.
You need to centrally monitor all warning events in the System logs of the virtual machines.
What should you include in the solutions? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 11:
You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network.
You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:
1.Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.
2.The number of incoming microservice calls must be rate-limited.
3.Costs must be minimized.
What should you include in the solution?
A. Azure API Management Premium tier with virtual network connection
B. Azure Front Door with Azure Web Application Firewall (WAF)
C. Azure API Management Standard tier with a service endpoint
D. Azure App Gateway with Azure Web Application Firewall (WAF)
QUESTION 12:
You have an Azure subscription. The subscription has a blob container that contains multiple blobs. Ten users in the finance department of your company plan to access the blobs during the month of April. You need to recommend a solution to enable access to the blobs during the month of April only.
Which security solution should you include in the recommendation?
A. shared access signatures (SAS)
B. access keys
C. conditional access policies
D. certificates
QUESTION 13:
You are designing a large Azure environment that will contain many subscriptions.
You plan to use Azure Policy as part of a governance solution.
To which three scopes can you assign Azure Policy definitions? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. management groups
B. subscriptions
C. Azure Active Directory (Azure AD) tenants
D. resource groups
E. Azure Active Directory (Azure AD) administrative units
F. compute resources
Publish the answer:
Numbers | Answers | Explain |
Q1: | A | Activity logs are kept for 90 days. You can query for any range of dates, as long as the starting date isn\’t more than 90 days in the past. Through activity logs, you can determine: 1. what operations were taken on the resources in your subscription who started the operation 2. when the operation occurred 3. the status of the operation 4. the values of other properties that might help you research the operation |
Q2: | IMAGE | |
Q3: | IMAGE | |
Q4: | C | Scenario: Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years. As an administrator, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. The lock overrides any permissions the user might have. |
Q5: | IMAGE | |
Q6: | A | |
Q7: | B | |
Q8: | IMAGE | |
Q9: | IMAGE | |
Q10: | IMAGE | |
Q11: | A | |
Q12: | A | This allows for limited-time fine grained access control to resources. So you can generate URL, specify duration (for month of April) and disseminate URL to 10 team members. On May 1, the SAS token is automatically invalidated, denying team members continued access. |
Q13: | ABD |
[Google Drive] Download the above Microsoft az-305 exam questions and answers(Explain):https://drive.google.com/file/d/1wEJgxFuaePXo5BIdG7Vto-BzKmu8t0Rv/
Get more Microsoft AZ-305 exam questions and answers: https://www.leads4pass.com/az-305.html (Total Questions: 248 Q&A)
Pass the Microsoft AZ-305 certification exam in 2022 to help you gain access to the latest opportunities. Lead4Pass updates and shares a portion of the free exam content throughout the year. Helping you get acclimated to the target exam ahead of time.
AZ-305 dumps contain complete exam questions and answers covering all objectives, so AZ-305 dumps are highly recommended.