AZ-305: Designing Microsoft Azure Infrastructure Solutions Part 1
Question #: 171
Topic #: 4
You have an Azure subscription.
You need to recommend a solution to provide developers with the ability to provision Azure virtual machines. The solution must meet the following requirements:
✑ Only allow the creation of the virtual machines in specific regions.
✑ Only allow the creation of specific sizes of virtual machines.
What should you include in the recommendation?
A. Attribute-based access control (ABAC)
B. Azure Policy
C. Conditional Access policies
D. role-based access control (RBAC)
Selected Answer: B
Question #: 172
Topic #: 4
You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
A. Azure Notification Hubs
B. Azure Data Lake
C. Azure Service Bus
D. Azure Blob Storage
Selected Answer: C
Question #: 173
Topic #: 1
Your company has the divisions shown in the following table.
Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1.
You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.
What should you recommend?
A. Configure Azure AD join.
B. Configure Azure AD Identity Protection.
C. Configure a Conditional Access policy.
D. Configure Supported account types in the application registration and update the sign-in endpoint.
Selected Answer: D
Question #: 174
Topic #: 4
You have 100 devices that write performance data to Azure Blob Storage.
You plan to store and analyze the performance data in an Azure SQL database.
You need to recommend a solution to continually copy the performance data to the Azure SQL database.
What should you include in the recommendation?
A. Azure Data Factory
B. Data Migration Assistant (DMA)
C. Azure Data Box
D. Azure Database Migration Service
Selected Answer: A
Question #: 175
Topic #: 1
You have an Azure AD tenant named contoso.com that has a security group named Group1. Group1 is configured for assigned memberships. Group1 has 50 members, including 20 guest users.
You need to recommend a solution for evaluating the membership of Group1. The solution must meet the following requirements:
• The evaluation must be repeated automatically every three months.
• Every member must be able to report whether they need to be in Group1.
• Users who report that they do not need to be in Group1 must be removed from Group1 automatically.
• Users who do not report whether they need to be in Group1 must be removed from Group1 automatically.
What should you include in the recommendation?
A. Implement Azure AD Identity Protection.
B. Change the Membership type of Group1 to Dynamic User.
C. Create an access review.
D. Implement Azure AD Privileged Identity Management (PIM).
Selected Answer: C
Question #: 177
Topic #: 4
You need to recommend a storage solution for the records of a mission critical application. The solution must provide a Service Level Agreement (SLA) for the latency of write operations and the throughput.
What should you include in the recommendation?
A. Azure Data Lake Storage Gen2
B. Azure Blob Storage
C. Azure SQL
D. Azure Cosmos DB
Selected Answer: D
Question #: 178
Topic #: 4
You are planning a storage solution. The solution must meet the following requirements:
✑ Support at least 500 requests per second.
✑ Support a large image, video, and audio streams.
Which type of Azure Storage account should you provision?
A. standard general-purpose v2
B. premium block blobs
C. premium page blobs
D. premium file shares
Selected Answer: A
Question #: 179
Topic #: 1
Your company has the divisions shown in the following table.
Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1.
You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.
What should you recommend?
A. Enable Azure AD pass-through authentication and update the sign-in endpoint.
B. Use Azure AD entitlement management to govern external users.
C. Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management (PIM).
D. Configure Azure AD Identity Protection.
Selected Answer: B
Question #: 180
Topic #: 4
You need to recommend a data storage solution that meets the following requirements:
✑ Ensures that applications can access the data by using a REST connection
✑ Hosts 20 independent tables of varying sizes and usage patterns
✑ Automatically replicates the data to a second Azure region
✑ Minimizes costs
What should you recommend?
A. an Azure SQL Database elastic pool that uses active geo-replication
B. tables in an Azure Storage account that use geo-redundant storage (GRS)
C. tables in an Azure Storage account that use read-access geo-redundant storage (RA-GRS)
D. an Azure SQL database that uses active geo-replication
Selected Answer: B
Question #: 181
Topic #: 1
Your company has the divisions shown in the following table.
Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1.
You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.
What should you recommend?
A. Configure the Azure AD provisioning service.
B. Enable Azure AD pass-through authentication and update the sign-in endpoint.
C. Configure Supported account types in the application registration and update the sign-in endpoint.
D. Configure Azure AD join.
Selected Answer: C
Question #: 185
Topic #: 1
Your company has the divisions shown in the following table.
Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1.
You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.
What should you recommend?
A. Configure Azure AD Identity Protection.
B. Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management (PIM).
C. Configure Supported account types in the application registration and update the sign-in endpoint.
D. Configure a Conditional Access policy.
Selected Answer: C
Question #: 187
Topic #: 1
Your company has the divisions shown in the following table.
Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1.
You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.
What should you recommend?
A. Use Azure AD entitlement management to govern external users.
B. Enable Azure AD pass-through authentication and update the sign-in endpoint.
C. Configure a Conditional Access policy.
D. Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management (PIM).
Selected Answer: A
Question #: 188
Topic #: 4
You are designing a solution that calculates 3D geometry from height-map data.
You need to recommend a solution that meets the following requirements:
✑ Performs calculations in Azure.
✑ Ensures that each node can communicate data to every other node.
✑ Maximizes the number of nodes to calculate multiple scenes as fast as possible.
Minimizes the amount of effort to implement the solution.
Which two actions should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Enable parallel file systems on Azure.
B. Create a render farm that uses virtual machines.
C. Create a render farm that uses virtual machine scale sets.
D. Create a render farm that uses Azure Batch.
E. Enable parallel task execution on compute nodes.
Selected Answer: DE
Question #: 189
Topic #: 1
You have an Azure subscription that contains 1,000 resources.
You need to generate compliance reports for the subscription. The solution must ensure that the resources can be grouped by department.
What should you use to organize the resources?
A. application groups and quotas
B. Azure Policy and tags
C. administrative units and Azure Lighthouse
D. resource groups and role assignments
Selected Answer: B
Question #: 190
Topic #: 1
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription.
What should you include in the recommendation?
A. Azure Arc
B. Azure Monitor metrics
C. Azure Advisor
D. Azure Log Analytics
Selected Answer: D
Question #: 191
Topic #: 4
You have an on-premises application that consumes data from multiple databases. The application code references database tables by using a combination of the server, database, and table name.
You need to migrate the application data to Azure.
To which two services can you migrate the application data to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. SQL Server Stretch Database
B. SQL Server on an Azure virtual machine
C. Azure SQL Database
D. Azure SQL Managed Instance
Selected Answer: BD
Question #: 193
Topic #: 1
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription.
What should you include in the recommendation?
A. Azure Monitor action groups
B. Azure Arc
C. Azure Monitor metrics
D. Azure Activity Log
Selected Answer: D
Question #: 195
Topic #: 4
You need to design a highly available Azure SQL database that meets the following requirements:
✑ Failover between replicas of the database must occur without any data loss.
✑ The database must remain available in the event of a zone outage.
✑ Costs must be minimized.
Which deployment option should you use?
A. Azure SQL Managed Instance Business Critical
B. Azure SQL Managed Instance General Purpose
C. Azure SQL Database Business Critical
D. Azure SQL Database Serverless
Selected Answer: D
Question #: 196
Topic #: 4
You have an Azure web app that uses an Azure key vault named KeyVault1 in the West US Azure region.
You are designing a disaster recovery plan for KeyVault1.
You plan to back up the keys in KeyVault1.
You need to identify to where you can restore the backup.
What should you identify?
A. any region worldwide
B. the same region only
C. KeyVault1 only
D. the same geography only
Selected Answer: D
Question #: 197
Topic #: 1
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription.
What should you include in the recommendation?
A. Azure Arc
B. Azure Log Analytics
C. Application insights
D. Azure Monitor action groups
Selected Answer: B
Question #: 199
Topic #: 4
You have an on-premises line-of-business (LOB) application that uses a Microsoft SQL Server instance as the backend.
You plan to migrate the on-premises SQL Server instance to Azure virtual machines.
You need to recommend a highly available SQL Server deployment that meets the following requirements:
✑ Minimizes costs
Minimizes failover time if a single server fails
What should you include in the recommendation?
A. an Always On availability group that has premium storage disks and a virtual network name (VNN)
B. an Always On Failover Cluster Instance that has a virtual network name (VNN) and a standard file share
C. an Always On availability group that has premium storage disks and a distributed network name (DNN)
D. an Always On Failover Cluster Instance that has a virtual network name (VNN) and a premium file share
Selected Answer: B
Question #: 201
Topic #: 4
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend creating resource groups based on locations and implementing resource locks on the resource groups.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 202
Topic #: 1
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription.
What should you include in the recommendation?
A. Application Insights
B. Azure Arc
C. Azure Log Analytics
D. Azure Monitor metrics
Selected Answer: C
Question #: 203
Topic #: 4
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using the Regulatory compliance dashboard in Microsoft Defender for Cloud.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 204
Topic #: 1
You have an Azure subscription.
You plan to deploy a monitoring solution that will include the following:
• Azure Monitor Network Insights
• Application Insights
• Microsoft Sentinel
• VM insights
The monitoring solution will be managed by a single team.
What is the minimum number of Azure Monitor workspaces required?
A. 1
B. 2
C. 3
D. 4
Selected Answer: A
Question #: 205
Topic #: 4
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using an Azure Policy initiative to enforce the location.
Does this meet the goal?
A. Yes
B. No
Selected Answer: A
Question #: 206
Topic #: 1
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription.
What should you include in the recommendation?
A. Application Insights
B. Azure Analysis Services
C. Azure Advisor
D. Azure Activity Log
Selected Answer: C
Question #: 207
Topic #: 4
You plan to move a web app named App1 from an on-premises datacenter to Azure.
App1 depends on a custom COM component that is installed on the host server.
You need to recommend a solution to host App1 in Azure. The solution must meet the following requirements:
✑ App1 must be available to users if an Azure datacenter becomes unavailable.
✑ Costs must be minimized.
What should you include in the recommendation?
A. In two Azure regions, deploy a load balancer and a web app.
B. In two Azure regions, deploy a load balancer and a virtual machine scale set.
C. Deploy a load balancer and a virtual machine scale set across two availability zones.
D. In two Azure regions, deploy an Azure Traffic Manager profile and a web app.
Selected Answer: C
Question #: 209
Topic #: 4
You plan to deploy an application named App1 that will run in containers on Azure Kubernetes Service (AKS) clusters. The AKS clusters will be distributed across four Azure regions.
You need to recommend a storage solution to ensure that updated container images are replicated automatically to all the Azure regions hosting the AKS clusters.
Which storage solution should you recommend?
A. geo-redundant storage (GRS) accounts
B. Premium SKU Azure Container Registry
C. Azure Content Delivery Network (CDN)
D. Azure Cache for Redis
Selected Answer: B
Question #: 210
Topic #: 1
You have an Azure subscription that contains 10 web apps. The apps are integrated with Azure AD and are accessed by users on different project teams.
The users frequently move between projects.
You need to recommend an access management solution for the web apps. The solution must meet the following requirements:
• The users must only have access to the app of the project to which they are assigned currently.
• Project managers must verify which users have access to their project’s app and remove users that are no longer assigned to their project.
• Once every 30 days, the project managers must be prompted automatically to verify which users are assigned to their projects.
What should you include in the recommendation?
A. Azure AD Identity Protection
B. Microsoft Defender for Identity
C. Microsoft Entra Permissions Management
D. Azure AD Identity Governance
Selected Answer: D
Question #: 211
Topic #: 4
You have an Azure Active Directory (Azure AD) tenant.
You plan to deploy Azure Cosmos DB databases that will use the SQL API.
You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.
What should you include in the recommendation?
A. shared access signatures (SAS) and Conditional Access policies
B. certificates and Azure Key Vault
C. master keys and Azure Information Protection policies
D. a resource token and an Access control (IAM) role assignment
Selected Answer: D
Question #: 213
Topic #: 4
You need to recommend an Azure Storage solution that meets the following requirements:
✑ The storage must support 1 PB of data.
✑ The data must be stored in blob storage.
✑ The storage must support three levels of subfolders.
✑ The storage must support access control lists (ACLs).
What should you include in the recommendation?
A. a premium storage account that is configured for block blobs
B. a general purpose v2 storage account that has hierarchical namespace enabled
C. a premium storage account that is configured for page blobs
D. a premium storage account that is configured for file shares and supports large file shares
Selected Answer: B
Question #: 215
Topic #: 1
You have an Azure subscription. The subscription contains a tiered app named App1 that is distributed across multiple containers hosted in Azure Container Instances.
You need to deploy an Azure Monitor monitoring solution for App. The solution must meet the following requirements:
• Support using synthetic transaction monitoring to monitor traffic between the App1 components.
• Minimize development effort.
What should you include in the solution?
A. Network insights
B. Application Insights
C. Container insights
D. Log Analytics Workspace insights
Selected Answer: B
Question #: 217
Topic #: 4
You have an on-premises application named App1 that uses an Oracle database.
You plan to use Azure Databricks to transform and load data from App1 to an Azure Synapse Analytics instance.
You need to ensure that the App1 data is available to Databricks.
Which two Azure services should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Azure Data Box Gateway
B. Azure Import/Export service
C. Azure Data Lake Storage
D. Azure Data Box Edge
E. Azure Data Factory
Selected Answer: CE
Question #: 219
Topic #: 1
You have 12 Azure subscriptions and three projects. Each project uses resources across multiple subscriptions.
You need to use Microsoft Cost Management to monitor costs on a per project basis. The solution must minimize administrative effort.
Which two components should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. budgets
B. resource tags
C. custom role-based access control (RBAC) roles
D. management groups
E. Azure boards
Selected Answer: AB
Question #: 221
Topic #: 4
You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
A. Azure Notification Hubs
B. Azure Service Fabric
C. Azure Queue Storage
D. Azure Data Lake
Selected Answer: C
Question #: 223
Topic #: 4
You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
A. Azure Notification Hubs
B. Azure Service Fabric
C. Azure Queue Storage
D. Azure Application Gateway
Selected Answer: C
Question #: 225
Topic #: 4
You need to design a highly available Azure SQL database that meets the following requirements:
• Failover between replicas of the database must occur without any data loss.
• The database must remain available in the event of a zone outage.
• Costs must be minimized.
Which deployment option should you use?
A. Azure SQL Database Hyperscale
B. Azure SQL Database Premium
C. Azure SQL Database Basic
D. Azure SQL Database Standard
Selected Answer: B
Question #: 227
Topic #: 4
You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
A. Azure Service Bus
B. Azure Data Lake
C. Azure Traffic Manager
D. Azure Blob Storage
Selected Answer: A
Question #: 228
Topic #: 4
You need to design a highly available Azure SQL database that meets the following requirements:
• Failover between replicas of the database must occur without any data loss.
• The database must remain available in the event of a zone outage.
• Costs must be minimized.
Which deployment option should you use?
A. Azure SQL Database Basic
B. Azure SQL Managed Instance General Purpose
C. Azure SQL Database Business Critical
D. Azure SQL Managed Instance Business Critical
Selected Answer: C
Question #: 229
Topic #: 4
You have an Azure subscription.
You need to deploy an Azure Kubernetes Service (AKS) solution that will use Windows Server 2019 nodes. The solution must meet the following requirements:
• Minimize the time it takes to provision compute resources during scale-out operations.
• Support autoscaling of Windows Server containers.
Which scaling option should you recommend?
A. horizontal pod autoscaler
B. Virtual nodes
C. Kubernetes version 1.20.2 or newer
D. cluster autoscaler
Selected Answer: D
Question #: 230
Topic #: 4
You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
A. Azure Service Fabric
B. Azure Data Lake
C. Azure Service Bus
D. Azure Application Gateway
Selected Answer: C
Question #: 231
Topic #: 4
Your company has offices in North America and Europe.
You plan to migrate to Azure.
You need to recommend a networking solution for the new Azure infrastructure. The solution must meet the following requirements:
• The Point-to-Site (P2S) VPN connections of mobile users must connect automatically to the closest Azure region.
• The offices in each region must connect to their local Azure region by using an ExpressRoute circuit.
• Transitive routing between virtual networks and on-premises networks must be supported.
• The network traffic between virtual networks must be filtered by using FQDNs.
What should you include in the recommendation?
A. Azure Virtual WAN with a secured virtual hub
B. virtual network peering and application security groups
C. virtual network gateways and network security groups (NSGs)
D. Azure Route Server and Azure Network Function Manager
Selected Answer: A
Question #: 232
Topic #: 4
You need to design a highly available Azure SQL database that meets the following requirements:
• Failover between replicas of the database must occur without any data loss.
• The database must remain available in the event of a zone outage.
• Costs must be minimized.
Which deployment option should you use?
A. Azure SQL Database Business Critical
B. Azure SQL Managed Instance Business Critical
C. Azure SQL Database Standard
D. Azure SQL Managed Instance General Purpose
Selected Answer: A
Question #: 233
Topic #: 4
You are designing a point of sale (POS) solution that will be deployed across multiple locations and will use an Azure Databricks workspace in the Standard tier. The solution will include multiple apps deployed to the on-premises network of each location.
You need to configure the authentication method that will be used by the app to access the workspace. The solution must minimize the administrative effort associated with staff turnover and credential management.
What should you configure?
A. a managed identity
B. a service principal
C. a personal access token
Selected Answer: B
Question #: 235
Topic #: 4
Your company has the divisions shown in the following table.
Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1.
You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.
What should you recommend?
A. Configure a Conditional Access policy.
B. Use Azure AD entitlement management to govern external users.
C. Configure the Azure AD provisioning service.
D. Configure Azure AD Identity Protection.
Selected Answer: B
Question #: 236
Topic #: 4
You have a multi-tier app named App1 and an Azure SQL database named SQL1. The backend service of App1 writes data to SQL1. Users use the App1 client to read the data from SQL1.
During periods of high utilization, the users experience delays retrieving the data.
You need to minimize how long it takes for data requests.
What should you include in the solution?
A. Azure Cache for Redis
B. Azure Content Delivery Network (CDN)
C. Azure Data Factory
D. Azure Synapse Analytics
Selected Answer: A
Question #: 237
Topic #: 4
You have an Azure subscription that contains the resources shown in the following table.
You create peering between VNet1 and VNet2 and between VNet1 and VNet3.
The virtual machines host an HTTPS-based client/server application and are accessible only via the private IP address of each virtual machine.
You need to implement a load balancing solution for VM2 and VM3. The solution must ensure that if VM2 fails, requests will be routed automatically to VM3, and if VM3 fails, requests will be routed automatically to VM2.
What should you include in the solution?
A. Azure Firewall Premium
B. Azure Application Gateway v2
C. a cross-region load balancer
D. Azure Front Door Premium
Selected Answer: D
Question #: 238
Topic #: 4
You are designing an app that will include two components. The components will communicate by sending messages via a queue.
You need to recommend a solution to process the messages by using a First in, First out (FIFO) pattern.
What should you include in the recommendation?
A. storage queues with a custom metadata setting
B. Azure Service Bus queues with partitioning enabled
C. Azure Service Bus queues with sessions enabled
D. storage queues with a stored access policy
Selected Answer: C
