• Home
  • Articles
  • [2023] Practice with these AZ-305 dumps Certification Sample Questions [Q47-Q70]

[2023] Practice with these AZ-305 dumps Certification Sample Questions [Q47-Q70]

Share

[2023] Practice with these AZ-305 dumps Certification Sample Questions

Get Instant Access of 100% REAL AZ-305 DUMP Pass Your Exam Easily


Here are the resources that you can use for getting prepared for the Microsoft AZ-305 Certification Exam:

You can use the following resources while preparing for the Microsoft AZ-305 Certification Exam:

You can join the online forums to get prepared for the Microsoft AZ-305 Certification Exam. You can ask your questions in the online forums. The candidates can get prepared for the Microsoft AZ-305 Certification Exam by reading the answers given by the other candidates in the online forums. You can also start learning with the help of video sites like YouTube. You can watch videos related to different topics of the Microsoft AZ-305 Certification Exam on your desktop or mobile phone. You can get training courses or videos related to topics like network throughput, structured & unstructured data, guides to domain controllers, solutions for storing, routing, configuration, migrating, etc.

The candidates can buy some books to get prepared for the Microsoft AZ-305 Certification Exam. The applicants can read the books to get prepared for the Microsoft AZ-305 Certification Exam. You can buy some of these to get prepared for the Microsoft AZ-305 Certification Exam. Solution-based PDF files, question-based PDF files, VCE files, and exam-based PDF files. AZ-305 exam dumps of the ExamTorrent provide you with a lot of study material to get prepared for the Microsoft AZ-305 Certification Exam. You can prepare yourself for the Microsoft AZ-305 Certification Exam by using the above-mentioned Microsoft AZ-305 Certification Exam prep tools. You can also buy some online courses to get prepared for the AZ-305 Certification Exam. The candidates can use the online courses to get prepared for the Microsoft AZ-305 Exam. Many free online courses are also available on the internet. A virtual machine to control the Microsoft AZ-305 Certification Exam is very useful for the candidates.


Microsoft AZ-305 Exam Syllabus Topics:

TopicDetails

Design Identity, Governance, and Monitoring Solutions (25-30%)

Design a solution for logging and monitoring- design a log routing solution
- recommend an appropriate level of logging
- recommend monitoring tools for a solution
Design authentication and authorization solutions- recommend a solution for securing resources with role-based access control
- recommend an identity management solution
- recommend a solution for securing identities
Design governance- recommend an organizational and hierarchical structure for Azure resources
- recommend a solution for enforcing and auditing compliance
Design identities and access for applications- recommend solutions to allow applications to access Azure resources
- recommend a solution that securely stores passwords and secrets
- recommend a solution for integrating applications into Azure Active Directory (Azure AD)
- recommend a user consent solution for applications

Design Data Storage Solutions (25-30%)

Design a data storage solution for relational data- recommend database service tier sizing
- recommend a solution for database scalability
- recommend a solution for encrypting data at rest, data in transmission, and data in use
Design data integration- recommend a solution for data integration
- recommend a solution for data analysis
Recommend a data storage solution- recommend a solution for storing relational data
- recommend a solution for storing semi-structured data
- recommend a solution for storing non-relational data
Design a data storage solution for non-relational data- recommend access control solutions to data storage
- recommend a data storage solution to balance features, performance, and cost
- design a data solution for protection and durability

Design Business Continuity Solutions (10-15%)

Design a solution for backup and disaster recovery- recommend a recovery solution for Azure, hybrid, and on-premises workloads that meets recovery objectives (Recovery Time Objective [RTO], Recovery Level Objective [RLO], Recovery Point Objective [RPO])
- understand the recovery solutions for containers
- recommend a backup and recovery solution for compute
- recommend a backup and recovery solution for databases
- recommend a backup and recovery solution for unstructured data

 

NEW QUESTION 47
You need to ensure that users managing the production environment are registered for Azure MFA and must authenticate by using Azure MFA when they sign in to the Azure portal. The solution must meet the authentication and authorization requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-risk-policies
Topic 1, Litware, Inc
General Overview
Litware, Inc. is a medium-sized finance company.
Overview
Physical Locations
Litware has a main office in Boston.
Existing Environment
Identity Environment
The network contains an Active Directory forest named Litware.com that is linked to an Azure Active Directory (Azure AD) tenant named Litware.com. All users have Azure Active Directory Premium P2 licenses.
Litware has a second Azure AD tenant named dev.Litware.com that is used as a development environment.
The Litware.com tenant has a conditional access policy named capolicy1. Capolicy1 requires that when users manage the Azure subscription for a production environment by using the Azure portal, they must connect from a hybrid Azure AD-joined device.
Existing Environment. Azure Environment
Litware has 10 Azure subscriptions that are linked to the Litware.com tenant and five Azure subscriptions that are linked to the dev.Litware.com tenant. All the subscriptions are in an Enterprise Agreement (EA).
The Litware.com tenant contains a custom Azure role-based access control (Azure RBAC) role named Role1 that grants the DataActions read permission to the blobs and files in Azure Storage.
Existing Environment. On-premises Environment
The on-premises network of Litware contains the resources shown in the following table.

Existing Environment. Network Environment
Litware has ExpressRoute connectivity to Azure.
Planned Changes and Requirements. Planned Changes
Litware plans to implement the following changes:
Migrate DB1 and DB2 to Azure.
Migrate App1 to Azure virtual machines.
Deploy the Azure virtual machines that will host App1 to Azure dedicated hosts.
Planned Changes and Requirements.
Authentication and Authorization Requirements
Litware identifies the following authentication and authorization requirements:
Users that manage the production environment by using the Azure portal must connect from a hybrid Azure AD-joined device and authenticate by using Azure Multi-Factor Authentication (MFA).
The Network Contributor built-in RBAC role must be used to grant permission to all the virtual networks in all the Azure subscriptions.
To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app.
Role1 must be used to assign permissions to the storage accounts of all the Azure subscriptions.
RBAC roles must be applied at the highest level possible.
Planned Changes and Requirements. Resiliency Requirements
Litware identifies the following resiliency requirements:
Once migrated to Azure, DB1 and DB2 must meet the following requirements:
- Maintain availability if two availability zones in the local Azure region fail.
- Fail over automatically.
- Minimize I/O latency.
App1 must meet the following requirements:
- Be hosted in an Azure region that supports availability zones.
- Be hosted on Azure virtual machines that support automatic scaling.
- Maintain availability if two availability zones in the local Azure region fail.
Planned Changes and Requirements. Security and Compliance Requirements
Litware identifies the following security and compliance requirements:
Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years.
On-premises users and services must be able to access the Azure Storage account that will host the data in App1.
Access to the public endpoint of the Azure Storage account that will host the App1 data must be prevented.
All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE) enabled.
App1 must not share physical hardware with other workloads.
Planned Changes and Requirements. Business Requirements
Litware identifies the following business requirements:
Minimize administrative effort.
Minimize costs.

 

NEW QUESTION 48
You have an Azure subscription.
You need to recommend an Azure Kubernetes service (AKS) solution that will use Linux nodes. The solution must meet the following requirements:
* Minimize the time it takes to provision compute resources during scale-out operations.
* Support autoscaling of Linux containers.
* Minimize administrative effort.
Which scaling option should you recommend?

  • A. horizontal pod autoscaler
  • B. cluster autoscaler
  • C. virtual nodes
  • D. Virtual Kubetet

Answer: C

Explanation:
https://docs.microsoft.com/en-us/azure/aks/virtual-nodes

 

NEW QUESTION 49
Your on-premises network contains a file server named Server1 that stores 500 GB of data.
You need to use Azure Data Factory to copy the data from Server1 to Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/machine-learning/team-data-science-process/move-sql-azure-adf

 

NEW QUESTION 50
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource deployment in your subscription. What should you include in the recommendation?

  • A. Azure Monitor metrics
  • B. Azure Activity Log
  • C. Azure Advisor
  • D. Azure Monitor action groups

Answer: B

Explanation:
Activity logs are kept for 90 days. You can query for any range of dates, as long as the starting date isn't more than 90 days in the past.
Through activity logs, you can determine:
what operations were taken on the resources in your subscription
who started the operation
when the operation occurred
the status of the operation
the values of other properties that might help you research the operation Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/view-activity-logs
https://docs.microsoft.com/en-us/azure/automation/change-tracking

 

NEW QUESTION 51
You need to design a highly available Azure SQL database that meets the following requirements:
* Failover between replicas of the database must occur without any data loss.
* The database must remain available in the event of a zone outage.
* Costs must be minimized.
Which deployment option should you use?

  • A. Azure SQL Database Premium
  • B. Azure SQL Database Basic
  • C. Azure SQL Database Hyperscale
  • D. Azure SQL Managed Instance Business Critical

Answer: D

 

NEW QUESTION 52
You are designing an Azure web app.
You plan to deploy the web app to the North Europe Azure region and the West Europe Azure region.
You need to recommend a solution for the web app. The solution must meet the following requirements:
Users must always access the web app from the North Europe region, unless the region fails.
The web app must be available to users if an Azure region is unavailable.
Deployment costs must be minimized.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 53
You manage a database environment for a Microsoft Volume Licensing customer named Contoso, Ltd. Contoso uses License Mobility through Software Assurance.
You need to deploy 50 databases. The solution must meet the following requirements:
Support automatic scaling.
Minimize Microsoft SQL Server licensing costs.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/purchasing-models

 

NEW QUESTION 54
Your company develops a web service that is deployed to an Azure virtual machine named VM1. The web service allows an API to access real-time data from VM1.
The current virtual machine deployment is shown in the Deployment exhibit. (Click the Deployment tab).

The chief technology officer (CTO) sends you the following email message: "Our developers have deployed the web service to a virtual machine named VM1. Testing has shown that the API is accessible from VM1 and VM2. Our partners must be able to connect to the API over the Internet. Partners will use this data in applications that they develop." You deploy an Azure API Management (APIM) service. The relevant API Management configuration is shown in the API exhibit. (Click the API tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet

 

NEW QUESTION 55
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
* Provide access to the full .NET framework.
* Provide redundancy if an Azure region fails.
* Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy a web app in an Isolated App Service plan.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

 

NEW QUESTION 56
You need to recommend a solution that meets the data requirements for App1.
What should you recommend deploying to each availability zone that contains an instance of App1?

Answer:

Explanation:
Scenario: App1 has the following data requirements:
Each instance will write data to a data store in the same availability zone as the instance.
Data written by any App1 instance must be visible to all App1 instances.
Azure Cosmos DB: Each partition across all the regions is replicated. Each region contains all the data partitions of an Azure Cosmos container and can serve reads as well as serve writes when multi-region writes is enabled.
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/high-availability

 

NEW QUESTION 57
You have an on-premises network that uses an IP address space of 172.16.0.0/16. You plan to deploy 25 virtual machines to a new Azure subscription. You identify the following technical requirements:
* All Azure virtual machines must be placed on the same subnet named Subnet1.
* All the Azure virtual machines must be able to communicate with all on-premises servers.
* The servers must be able to communicate between the on-premises network and Azure by using a site-to-site VPN.
You need to recommend a subnet design that meets the technical requirements.
What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnets. Each network address may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 58
You are designing a solution that will include containerized applications running in an Azure Kubernetes Service (AKS) cluster.
You need to recommend a load balancing solution for HTTPS traffic. The solution must meet the following requirements:
* Automatically configure load balancing rules as the applications are deployed to the cluster.
* Support Azure Web Application Firewall (WAF).
* Support cookie-based affinity.
* Support URL routing.
What should you include the recommendation?

  • A. an NGINX ingress controller
  • B. an HTTP application routing ingress controller
  • C. the Kubernetes load balancer service
  • D. Application Gateway Ingress Controller (AGIC)

Answer: D

Explanation:
Explanation
Much like the most popular Kubernetes Ingress Controllers, the Application Gateway Ingress Controller provides several features, leveraging Azure's native Application Gateway L7 load balancer. To name a few:
* URL routing
* Cookie-based affinity
* Secure Sockets Layer (SSL) termination
* End-to-end SSL
* Support for public, private, and hybrid web sites
* Integrated support of Azure web application firewall
Application Gateway redirection support isn't limited to HTTP to HTTPS redirection alone. This is a generic redirection mechanism, so you can redirect from and to any port you define using rules. It also supports redirection to an external site as well.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/features

 

NEW QUESTION 59
You have the resources shown in the following table.

You create a new resource group in Azure named RG2.
You need to move the virtual machines to RG2.
What should you use to move each virtual machine? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 60
You are developing a sates application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?

  • A. Azure Data Lake
  • B. Azure Service Fabric
  • C. Azure Queue Storage
  • D. Azure Notification Hubs

Answer: B

 

NEW QUESTION 61
Your organization has developed and deployed several Azure App Service Web and API applications. The applications use Azure Key Vault to store several authentication, storage account, and data encryption keys. Several departments have the following requests to support the applications:

You need to recommend the appropriate Azure service for each department request.
What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

 

NEW QUESTION 62
You plan to migrate App1 to Azure.
You need to recommend a network connectivity solution for the Azure Storage account that will host the App1 dat a. The solution must meet the security and compliance requirements.
What should you include in the recommendation?

  • A. a service endpoint that has a service endpoint policy
  • B. Azure public peering for an ExpressRoute circuit
  • C. Microsoft peering for an ExpressRoute circuit
  • D. a private endpoint

Answer: D

Explanation:
Private Endpoint securely connect to storage accounts from on-premises networks that connect to the VNet using VPN or ExpressRoutes with private-peering.
Private Endpoint also secure your storage account by configuring the storage firewall to block all connections on the public endpoint for the storage service.
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-faqs#microsoft-peering

 

NEW QUESTION 63
You have an Azure subscription.
Your on-premises network contains a file server named Server1. Server 1 stores 5 TB of company files that are accessed rarely.
You plan to copy the files to Azure Storage.
You need to implement a storage solution for the files that meets the following requirements:
* The files must be available within 24 hours of being requested.
* Storage costs must be minimized.
Which two possible storage solutions achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Create a general-purpose v2 storage account that is configured for the Hot default access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
  • B. Create a general-purpose v1 storage account. Create a file share in the storage account and copy the files to the file share.
  • C. Create a general-purpose v2 storage account that is configured for the Cool default access tier. Create a file share in the storage account and copy the files to the file share.
  • D. Create a general-purpose v1 storage account. Create a blob container and copy the files to the blob container.
  • E. Create an Azure Blob storage account that is configured for the Cool default access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.

Answer: A,E

Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/storage/blobs/manage-access-tier?tabs=portal

 

NEW QUESTION 64
You are designing an Azure web app.
You plan to deploy the web app to the North Europe Azure region and the West Europe Azure region.
You need to recommend a solution for the web app. The solution must meet the following requirements:
* Users must always access the web app from the North Europe region, unless the region fails.
* The web app must be available to users if an Azure region is unavailable.
* Deployment costs must be minimized.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application, chat or text message Description automatically generated

https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods#priority-traffic-routing-

 

NEW QUESTION 65
You configure OAuth2 authorization in API Management as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type
https://connect2id.com/products/server/docs/guides/client-registration

 

NEW QUESTION 66
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions.
The resources for the App Service instances must reside in the same region.
You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend using an Azure policy initiative to enforce the location.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: A

Explanation:
Explanation
Azure Resource Policy Definitions can be used which can be applied to a specific Resource Group with the App Service instances.
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/overview

 

NEW QUESTION 67
You have an Azure Active Directory (Azure AD) tenant.
You plan to use Azure Monitor to monitor user sign-ins and generate alerts based on specific user sign-in events.
You need to recommend a solution to trigger the alerts based on the events.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://4sysops.com/archives/how-to-create-an-azure-ad-admin-login-alert/
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-log

 

NEW QUESTION 68
You plan to create an Azure environment that will contain a root management group and 10 child management groups. Each child management group will contain five Azure subscriptions. You plan to have between 10 and 30 resource groups in each subscription.
You need to design an Azure governance solution. The solution must meet the following requirements:
* Use Azure Blueprints to control governance across all the subscriptions and resource groups.
* Ensure that Blueprints-based configurations are consistent across all the subscriptions and resource groups.
* Minimize the number of blueprint definitions and assignments.
What should you include in the solution? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 69
You configure OAuth2 authorization in API Management as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type
https://connect2id.com/products/server/docs/guides/client-registration

 

NEW QUESTION 70
......


How long does it take to pass the Microsoft AZ-305 exam?

According to the AZ-305 exam dumps the passing Score, duration & question for the Microsoft AZ-305 Certification is given below

  • Passing scores: 70%
  • Duration: 60 Minutes
  • Languages: English
  • No. of questions: 40-60

 

Free Exam Files Downloaded Instantly: https://prep4sure.examtorrent.com/AZ-305-exam-papers.html

Related Articles

more
Microsoft AZ-305 Certification Practice Exam

Best latest exam preparation and exam torrent guarantee candidates pass for sure. All in all we promise all our on-sale materials are the latest & valid test prep & exam preparation and exam torrent. We promise "money back guarantee".

Latest Dump pass for sure

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy