Microsoft AZ-305 Online Practice
Questions and Exam Preparation
AZ-305 Exam Details
Exam Code
:AZ-305
Exam Name
:Designing Microsoft Azure Infrastructure Solutions
Certification
:Microsoft Certifications
Vendor
:Microsoft
Total Questions
:395 Q&As
Last Updated
:Jul 13, 2026
Microsoft AZ-305 Online Questions &
Answers
Question 1:
HOTSPOT
You plan to migrate App1 to Azure.
You need to estimate the compute costs for App1 in Azure. The solution must meet the security and compliance requirements.
What should you use to estimate the costs, and what should you implement to minimize the costs? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Box 1: The Azure Total Cost of Ownership (TCO) Calculator
The Total Cost of Ownership (TCO) Calculator estimates the cost savings you can realize by migrating your workloads to Azure.
Note: The TCO Calculator recommends a set of equivalent services in Azure that will support your applications. Our analysis will show each cost area with an estimate of your on-premises spend versus your spend in Azure. There are several cost categories that either decrease or go away completely when you move workloads to the cloud.
Box 2: Azure Hybrid Benefit
Azure Hybrid Benefit is a licensing benefit that helps you to significantly reduce the costs of running your workloads in the cloud. It works by letting you use your on-premises Software Assurance-enabled Windows Server and SQL Server licenses on Azure. And now, this benefit applies to RedHat and SUSE Linux subscriptions, too.
Scenario:
Litware identifies the following security and compliance requirements:
1. Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years.
2. On-premises users and services must be able to access the Azure Storage account that will host the data in App1.
3. Access to the public endpoint of the Azure Storage account that will host the App1 data must be prevented.
4. All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE) enabled.
5. App1 must not share physical hardware with other workloads.
Question 2:
You are designing an Azure web app that will use Azure Active Directory (Azure AD) for authentication.
You need to recommend a solution to provide users from multiple Azure AD tenants with access to App1.
The solution must ensure that the users use Azure Multi-Factor Authentication (MFA) when they connect to App1.
Which two types of objects should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is world one point
A. Azure AD conditional access policies B. Azure AD managed identities C. an Identity Experience Framework policy D. an Azure application security group E. a Microsoft Intune app protection policy F. Azure AD guest accounts
A. Azure AD conditional access policies C. an Identity Experience Framework policy
Explanation
Option A: The Conditional Access feature in Azure Active Directory (Azure AD) offers one of several ways that you can use to secure your app and protect a service. Conditional Access enables developers and enterprise customers to protect services in a multitude of ways including:
1. Multi-factor authentication 2. Allowing only Intune enrolled devices to access specific services
3. Restricting user locations and IP ranges
Option B: Conditional Access policies are powerful tools, we recommend excluding the following accounts from your policy: Service accounts and service principals.If your organization has these accounts in use in scripts or code, consider replacing them with managed identities.
Incorrect Answers:
Option E: Application security groups enable you to configure network security as a natural extension of an application's structure, allowing you to group virtual machines and define network security policies based on those groups
Your company deploys an Azure App Service Web App.
During testing the application fails under load. The application cannot handle more than 100 concurrent user sessions. You enable the Always On feature. You also configure auto-scaling to increase counts from two to 10 based on HTTP queue length.
You need to improve the performance of the application.
Which solution should you use for each application scenario? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Box 1: Content Delivery Network
A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in point-of-presence (POP) locations that are close to end users, to minimize latency.
Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes across the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs. For example, route optimization to bypass Border Gateway Protocol (BGP).
Box 2: Azure Redis Cache
Azure Cache for Redis is based on the popular software Redis. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores. Performance is improved by temporarily copying frequently accessed data to fast storage located close to the application. With Azure Cache for Redis, this fast storage is located in-memory with Azure Cache for Redis instead of being loaded from disk by a database.
You need to recommend a strategy for the web tier of WebApp1.
The solution must minimize What should you recommend?
A. Create a runbook that resizes virtual machines automatically to a smaller size outside of business hours. B. Configure the Scale Up settings for a web app. C. Deploy a virtual machine scale set that scales out on a 75 percent CPU threshold. D. Configure the Scale Out settings for a web app.
A. Create a runbook that resizes virtual machines automatically to a smaller size outside of business hours.
Question 5:
HOTSPOT
You have an Azure subscription.
You need to deploy a solution that will provide point-in-time restore for blobs in storage accounts that have blob versioning and blob soft delete enabled.
Which type of blob should you create, and what should you enable for the accounts? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Box 1: Block
Point-in-time restore for block blobs Point-in-time restore provides protection against accidental deletion or corruption by enabling you to restore block blob data to an earlier state. Point-in-time restore is useful in scenarios where a user or application accidentally deletes data or where an application error corrupts data. Point-in-time restore also enables testing scenarios that require reverting a data set to a known state before running further tests.
Point-in-time restore is supported for general-purpose v2 storage accounts in the standard performance tier only. Only data in the hot and cool access tiers can be restored with point-in-time restore.
Box 2: The change feed Enable and configure point-in-time restore Before you enable and configure point-in-time restore, enable its prerequisites for the storage account: soft delete, change feed, and blob versioning.
You have an Azure subscription. The subscription contains a tiered app named App1 that is distributed across multiple containers hosted in Azure Container Instances.
You need to deploy an Azure Monitor monitoring solution for App. The solution must meet the following requirements:
Support using synthetic transaction monitoring to monitor traffic between the App1 components.
Minimize development effort.
What should you include in the solution?
A. Network insights B. Application Insights C. Container insights D. Log Analytics Workspace insights
B. Application Insights
Explanation
Application Insights provides other features including, but not limited to:
Availability: Also known as synthetic transaction monitoring. Probe the external endpoints of your applications to test the overall availability and responsiveness over time.
Etc.
Note: Synthetic monitoring is the use of software to simulate user interactions with a system. The data generated from the simulated transactions is then analyzed to evaluate how the system behaves.
You have an on-premises network that uses an IP address space of 172.16.0.0/16. You plan to deploy 25 virtual machines to a new Azure subscription. You identify the following technical requirements:
1. All Azure virtual machines must be placed on the same subnet named Subnet1.
2. All the Azure virtual machines must be able to communicate with all on-premises servers.
3. The servers must be able to communicate between the on-premises network and Azure by using a site-to-site VPN.
You need to recommend a subnet design that meets the technical requirements.
What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnets. Each network address may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
NOTE: Each correct selection is worth one point.
Select and Place:
Question 8:
You have an Azure subscription that contains an Azure SQL database.
You plan to use Azure reservations on the Azure SQL database.
To which resource type will the reservation discount be applied?
A. vCore compute B. DTU compute C. Storage D. License
A. vCore compute
Explanation
Quantity: The amount of compute resources being purchased within the capacity reservation. The quantity is a number of vCores in the selected Azure region and Performance tier that are being reserved and will get the billing discount. For example, if you run or plan to run multiple databases with the total compute capacity of Gen5 16 vCores in the East US region, then you would specify the quantity as 16 to maximize the benefit for all the databases.
Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service.
Contoso establishes a partnership with another company named Fabrikam. Inc.
Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.
Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso.
You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:
1. Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.
2. The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.
3. The solution must NOT require changes to the logic apps.
4. The solution must NOT use Azure AD guest accounts.
What should you include in the solution?
A. Azure AD business-to-business (B2B) B. Azure AD Application Proxy C. Azure Front Door D. Azure API Management
D. Azure API Management
Explanation
API Management helps organizations publish APIs to external, partner, and internal developers to unlock the potential of their data and services. You can secure API Management using the OAuth 2.0 client credentials flow.
You have the Azure resources shown in the following table.
You need to recommend a virtual network management solution that uses Azure Virtual Network Manager. The solution must meet the following requirements:
1. Minimize the number of network managers.
2. Minimize administrative effort when assigning the network group membership.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Microsoft exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your AZ-305 exam preparations
and Microsoft certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.