Free AZ-305 braindumps download (AZ-305 exam dumps Free Updated Feb 25, 2023)
AZ-305 Dumps for Pass Guaranteed - Pass AZ-305 Exam 2023
Do You Have What It Takes To Pass The Microsoft AZ-305 Exam?
The Microsoft AZ-305 exam certifies that a candidate can work with the products found in Azure solutions. The purpose of the Microsoft exam AZ-305 is to test whether implementers of Microsoft Azure Infrastructure Solutions have the skills necessary to design multi-tier services in cloud computing infrastructure. Designing these services will require knowledge and understanding of building systems, management, and operations in large-scale hybrid environments. Recovery and remediation of the infrastructure will also be tested.
Obtaining this certification not only adds to your CV but can help you validate your knowledge regarding designing a modern computing environment into the cloud. Besides this, the certification is a way of validating your skills and competency in Azure technologies. AZ-305 exam dumps could be a great way to achieve this goal. The load of the Microsoft AZ-305 exam is increasing day by day, and if you are working on this technology, it is better to prepare for the Microsoft AZ-305 exam.
Get to know about the topics of the Microsoft AZ-305 Certification Exam
AZ-305 exam dumps cover the following topics of the Microsoft AZ-305 Certification Exam:
- Business continuity solutions of design: 20%
- Infrastructure solutions of design: 25%
- Data storage solutions of design: 25%
- Identity, governance, and monitoring solutions of design: 30%
NEW QUESTION 38
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity.
Several VMs are exhibiting network connectivity issues.
You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs.
Solution: Use Azure Network Watcher to run IP flow verify to analyze the network traffic Does the solution meet the goal?
- A. No
- B. Yes
Answer: B
Explanation:
The Network Watcher Network performance monitor is a cloud-based hybrid network monitoring solution that helps you monitor network performance between various points in your network infrastructure. It also helps you monitor network connectivity to service and application endpoints and monitor the performance of Azure ExpressRoute.
Note:
IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
IP flow verify looks at the rules for all Network Security Groups (NSGs) applied to the network interface, such as a subnet or virtual machine NIC. Traffic flow is then verified based on the configured settings to or from that network interface. IP flow verify is useful in confirming if a rule in a Network Security Group is blocking ingress or egress traffic to or from a virtual machine.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview
NEW QUESTION 39
You plan to store data in Azure Blob storage for many years. The stored data will be accessed rarely.
You need to ensure that the data in Blob storage is always available for immediate access. The solution must minimize storage costs.
Which storage tier should you use?
- A. Archive
- B. Cool
- C. Hot
Answer: B
Explanation:
Azure cool tier is equivalent to the Amazon S3 Infrequent Access (S3-IA) storage in AWS that provides a low cost high performance storage for infrequently access data.
Note: Azure's cool storage tier, also known as Azure cool Blob storage, is for infrequently-accessed data that needs to be stored for a minimum of 30 days. Typical use cases include backing up data before tiering to archival systems, legal data, media files, system audit information, datasets used for big data analysis and more.
The storage cost for this Azure cold storage tier is lower than that of hot storage tier. Since it is expected that the data stored in this tier will be accessed less frequently, the data access charges are high when compared to hot tier. There are no additional changes required in your applications as these tiers can be accessed using APIs in the same manner that you access Azure storage.
Reference:
https://cloud.netapp.com/blog/low-cost-storage-options-on-azure
NEW QUESTION 40
You need to design an architecture to capture the creation of users and the assignment of roles. The captured data must be stored in Azure Cosmos DB.
Which Azure services should you include in the design? To answer, drag the appropriate services to the correct targets. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 41
You plan to deploy Azure Databricks to support a machine learning application. Data engineers will mount an Azure Data Lake Storage account to the Databricks file system. Permissions to folders are granted directly to the data engineers.
You need to recommend a design for the planned Databrick deployment. The solution must meet the following requirements:
Ensure that the data engineers can only access folders to which they have permissions.
Minimize development effort.
Minimize costs.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/databricks/security/credential-passthrough/adls-passthrough
NEW QUESTION 42
To meet the authentication requirements of Fabrikam, what should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 43
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements;
* Support rate limiting.
* Balance requests between all instances.
* Ensure that users can access the app in the event of a regional outage.
Solution: You use Azure Traffic Manager to provide access to the app Does this meet the goal?
- A. No
- B. Yes
Answer: B
NEW QUESTION 44
You plan to deploy the backup policy shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 45
Your company deploys an Azure App Service Web App.
During testing the application fails under load. The application cannot handle more than 100 concurrent user sessions. You enable the Always On feature. You also configure auto-scaling to increase counts from two to 10 based on HTTP queue length.
You need to improve the performance of the application.
Which solution should you use for each application scenario? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/azure-cache-for-redis/cache-overview
NEW QUESTION 46
Your on-premises network contains a server named Server1 that runs an ASP.NET application named App1.
You have a hybrid deployment of Azure Active Directory (Azure AD).
You need to recommend a solution to ensure that users sign in by using their Azure AD account and Azure Multi-Factor Authentication (MFA) when they connect to App1 from the internet.
Which three Azure services should you recommend be deployed and configured in sequence? To answer, move the appropriate services from the list of services to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation
AD Application Proxy
AD Enterprise Application
AD Conditional access policy
https://thesleepyadmins.com/2019/02/
NEW QUESTION 47
You need to recommend a solution that meets the data requirements for App1.
What should you recommend deploying to each availability zone that contains an instance of App1?
- A. an Azure Cosmos DB that uses multi-region writes
- B. an Azure SQL database that uses active geo-replication
- C. an Azure Storage account that uses geo-zone-redundant storage (GZRS)
- D. an Azure Data Lake store that uses geo-zone-redundant storage (GZRS)
Answer: A
NEW QUESTION 48
You have an Azure subscription. The subscription has a blob container that contains multiple blobs. Ten users in the finance department of your company plan to access the blobs during the month of April. You need to recommend a solution to enable access to the blobs during the month of April only. Which security solution should you include in the recommendation?
- A. certificates
- B. access keys
- C. conditional access policies
- D. shared access signatures (SAS)
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview This allows for limited-time fine grained access control to resources. So you can generate URL, specify duration (for month of April) and disseminate URL to 10 team members. On May 1, the SAS token is automatically invalidated, denying team members continued access.
NEW QUESTION 49
You have an Azure subscription.
Your on-premises network contains a file server named Server1. Server 1 stores 5 TB of company files that are accessed rarely.
You plan to copy the files to Azure Storage.
You need to implement a storage solution for the files that meets the following requirements:
* The files must be available within 24 hours of being requested.
* Storage costs must be minimized.
Which two possible storage solutions achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
- A. Create a general-purpose v1 storage account. Create a file share in the storage account and copy the files to the file share.
- B. Create a general-purpose v1 storage account. Create a blob container and copy the files to the blob container.
- C. Create a general-purpose v2 storage account that is configured for the Hot default access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
- D. Create an Azure Blob storage account that is configured for the Cool default access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
- E. Create a general-purpose v2 storage account that is configured for the Cool default access tier. Create a file share in the storage account and copy the files to the file share.
Answer: C,D
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/storage/blobs/manage-access-tier?tabs=portal
NEW QUESTION 50
You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network.
You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:
* Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.
* The number of incoming microservice calls must be rate-limited.
* Costs must be minimized.
What should you include in the solution?
- A. Azure API Management Premium tier with virtual network connection
- B. Azure App Gateway with Azure Web Application Firewall (WAF)
- C. Azure Front Door with Azure Web Application Firewall (WAF)
- D. Azure API Management Standard tier with a service endpoint
Answer: A
Explanation:
Explanation
One option is to deploy APIM (API Management) inside the cluster VNet.
The AKS cluster and the applications that consume the microservices might reside within the same VNet, hence there is no reason to expose the cluster publicly as all API traffic will remain within the VNet. For these scenarios, you can deploy API Management into the cluster VNet. API Management Premium tier supports VNet deployment.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-kubernetes
NEW QUESTION 51
You need to recommend a solution to deploy containers that run an application. The application has two tiers.
Each tier is implemented as a separate Docker Linux-based image. The solution must meet the following requirements:
* The front-end tier must be accessible by using a public IP address on port 80.
* The backend tier must be accessible by using port 8080 from the front-end tier only.
* Both containers must be able to access the same Azure file share.
* If a container fails, the application must restart automatically.
* Costs must be minimized.
What should you recommend using to host the application?
- A. Azure Container registries
- B. Azure Container instances
- C. Azure Service Fabric
- D. Azure Kubernetes Service (AKS)
Answer: B
Explanation:
Explanation
Azure Container Instances enables a layered approach to orchestration, providing all of the scheduling and management capabilities required to run a single container, while allowing orchestrator platforms to manage multi-container tasks on top of it.
Because the underlying infrastructure for container instances is managed by Azure, an orchestrator platform does not need to concern itself with finding an appropriate host machine on which to run a single container.
Azure Container Instances can schedule both Windows and Linux containers with the same API.
Orchestration of container instances exclusively
Because they start quickly and bill by the second, an environment based exclusively on Azure Container Instances offers the fastest way to get started and to deal with highly variable workloads.
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-overview
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-orchestrator-relationship
NEW QUESTION 52
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/file-sync/file-sync-deployment-guide
NEW QUESTION 53
You design a solution for the web tier of WebApp1 as shown in the exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
https://blogs.msdn.microsoft.com/hsirtl/2017/07/03/autoscaling-azure-web-apps/
NEW QUESTION 54
......
Microsoft AZ-305 Exam Syllabus Topics:
| Topic | Details |
|---|---|
Design Identity, Governance, and Monitoring Solutions (25-30%) | |
| Design a solution for logging and monitoring | - design a log routing solution - recommend an appropriate level of logging - recommend monitoring tools for a solution |
| Design authentication and authorization solutions | - recommend a solution for securing resources with role-based access control - recommend an identity management solution - recommend a solution for securing identities |
| Design governance | - recommend an organizational and hierarchical structure for Azure resources - recommend a solution for enforcing and auditing compliance |
| Design identities and access for applications | - recommend solutions to allow applications to access Azure resources - recommend a solution that securely stores passwords and secrets - recommend a solution for integrating applications into Azure Active Directory (Azure AD) - recommend a user consent solution for applications |
Design Data Storage Solutions (25-30%) | |
| Design a data storage solution for relational data | - recommend database service tier sizing - recommend a solution for database scalability - recommend a solution for encrypting data at rest, data in transmission, and data in use |
| Design data integration | - recommend a solution for data integration - recommend a solution for data analysis |
| Recommend a data storage solution | - recommend a solution for storing relational data - recommend a solution for storing semi-structured data - recommend a solution for storing non-relational data |
| Design a data storage solution for non-relational data | - recommend access control solutions to data storage - recommend a data storage solution to balance features, performance, and cost - design a data solution for protection and durability |
Design Business Continuity Solutions (10-15%) | |
| Design a solution for backup and disaster recovery | - recommend a recovery solution for Azure, hybrid, and on-premises workloads that meets recovery objectives (Recovery Time Objective [RTO], Recovery Level Objective [RLO], Recovery Point Objective [RPO]) - understand the recovery solutions for containers - recommend a backup and recovery solution for compute - recommend a backup and recovery solution for databases - recommend a backup and recovery solution for unstructured data |
| Design for high availability | - identify the availability requirements of Azure resources - recommend a high availability solution for compute - recommend a high availability solution for non-relational data storage - recommend a high availability solution for relational data storage |
Verified AZ-305 dumps Q&As - Pass Guarantee Exam Dumps Test Engine: https://torrentpdf.guidetorrent.com/AZ-305-dumps-questions.html