Microsoft AZ-305 Online Practice Questions and Exam Preparation

Microsoft AZ-305 Online Questions & Answers

• Question 151:

  You have an on-premises line-of-business (LOB) application that uses a Microsoft SQL Server instance as the backend.

  You plan to migrate the on-premises SQL Server instance to Azure virtual machines.

  You need to recommend a highly available SQL Server deployment that meets the following requirements:

  1. Minimizes costs

  2. Minimizes failover time if a single server fails

  What should you include in the recommendation?

  A. an Always On availability group that has premium storage disks and a virtual network name (VNN)
  B. an Always On Failover Cluster Instance that has a virtual network name (VNN) and a standard file share
  C. an Always On availability group that has premium storage disks and a distributed network name (DNN)
  D. an Always On Failover Cluster Instance that has a virtual network name (VNN) and a premium file share
  C. an Always On availability group that has premium storage disks and a distributed network name (DNN)

  ---

  Explanation

  Always On availability groups on Azure Virtual Machines are similar to Always On availability groups on-premises, and rely on the underlying Windows Server Failover Cluster.

  If you deploy your SQL Server VMs to a single subnet, you can configure a virtual network name (VNN) and an Azure Load Balancer, or a distributed network name (DNN) to route traffic to your availability group listener. There are some behavior differences between the functionality of the VNN listener and DNN listener that are important to note: Failover time: Failover time is faster when using a DNN listener since there is no need to wait for the network load balancer to detect the failure event and change its routing.

  Etc.

  Incorrect:

  Not B, not D: Migrate to an Always On availability group, not an Always on Failover cluster Instance.

  References:

  https://docs.microsoft.com/en-us/azure/azure-sql/virtual-machines/windows/availability-group-overview

• Question 152:

  HOTSPOT

  You are planning an Azure Storage solution for sensitive data. The data will be accessed daily. The data set is less than 10 GB.

  You need to recommend a storage solution that meets the following requirements:

  1. All the data written to storage must be retained for five years.

  2. Once the data is written, the data can only be read. Modifications and deletion must be prevented.

  3. After five years, the data can be deleted, but never modified.

  4. Data access charges must be minimized.

  What should you recommend? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

  ---

  Box 1: General purpose v2 with Archive acce3ss tier for blobs Archive - Optimized for storing data that is rarely accessed and stored for at least 180 days with flexible latency requirements, on the order of hours.

  Cool - Optimized for storing data that is infrequently accessed and stored for at least 30 days.

  Hot - Optimized for storing data that is accessed frequently.

  Box 2: Storage account resource lock

  As an administrator, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. The lock overrides any permissions the user might have.

  Note: You can set the lock level to CanNotDelete or ReadOnly. In the portal, the locks are called Delete and Read-only respectively.

  1. CanNotDelete means authorized users can still read and modify a resource, but they can't delete the resource.

  2. ReadOnly means authorized users can read a resource, but they can't delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.

  References:

  https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

• Question 153:

  You have multiple on-premises locations. The locations host loT endpoints that generate real-time telemetry data.

  You have an Azure subscription.

  You need to process the telemetry data and provide real-time insights. The solution must minimize development effort.

  What should you use?

  A. Azure Data Factory
  B. Azure Data Lake Analytics
  C. Log Analytics
  D. Azure Stream Analytics
  D. Azure Stream Analytics

• Question 154:

  HOTSPOT

  You are designing an access policy for your company.

  Occasionally, the developers at the company must stop, start, and restart Azure virtual machines. The development team changes often.

  You need to recommend a solution to provide the developers with the required access to the virtual machines. The solution must meet the following requirements:

  1. Provide permissions only when needed.

  2. Use the principle of least privilege.

  3. Minimize costs.

  What should you include in the recommendation? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

• Question 155:

  Your company has an app named App1 that uses data from the on-premises Microsoft SQL Server databases shown in the following table.

  

  App1 and the data are used on the first day of the month only. The data is not expected to grow more than 3% each year.

  The company is rewriting App1 as an Azure web app and plans to migrate all the data to Azure.

  You need to migrate the data to Azure SQL Database. The solution must minimize costs.

  Which service tier should you use?

  A. vCore-based Business Critical
  B. vCore-based General Purpose
  C. DTU-based Standard
  D. DTU-based Basic
  B. vCore-based General Purpose

  ---

  Explanation

  vCore tiers allow serverless and auto-pause, which matches perfect to "only used first day of month". Rest of the month, the service is paused and does not generate compute costs.

  In DTU service tier, you need to add min. 100 DTUs to get possibility for 400GB DB size. Below you only have 250GB.

  Based on this, vCore General Purpose, Serverless is cheapest solution.

  References:

  https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tiers-dtu

• Question 156:

  You have an Azure subscription that contains the resources shown in the following table.

  

  You need to recommend a load balancing solution that will distribute incoming traffic for VMSS1 across NVA1 and NVA2. The solution must minimize administrative effort.

  What should you include in the recommendation?

  A. Gateway Load Balancer
  B. Azure Front Door
  C. Azure Application Gateway
  D. Azure Traffic Manager
  A. Gateway Load Balancer

  ---

  Explanation

  Gateway Load Balancer is a fully managed service enabling you to deploy, scale, and enhance the availability of third party network virtual appliances (NVAs) in Azure. You can add your favorite third party appliance whether it's a firewall, inline DDoS appliance, deep packet inspection system, or even your own custom appliance into the network path transparently ?all with a single action.

  References:

  https://learn.microsoft.com/en-us/azure/load-balancer/whats-new

• Question 157:

  DRAG DROP

  You have standard Load balancer configured to support three virtual machines on the same subnet.

  You need to recommend a solution to notify administrators when the load balancer fails.

  Which metrics should you recommend using to test the load balancer? To answer, drag the appropriate metrics to the correct conditions. Each metric may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

  NOTE: Each correct selection is worth one point.

  Select and Place:

  

  

  ---

  Backend instance health: Health Probe Status

  Health Probe Status (DIP Availability): Standard Load Balancer uses a distributed health-probing service that monitors your application endpoint's health according to your configuration settings. This metric provides an aggregate or per-endpoint filtered view of each instance endpoint in the load balancer pool. You can see how Load Balancer views the health of your application, as indicated by your health probe configuration.

  Outbound port exhaustion: SNAT connection Count SNAT connections: Standard Load Balancer reports the number of outbound flows that are masqueraded to the Public IP address front end. Source network address translation (SNAT) ports are an exhaustible resource. This metric can give an indication of how heavily your application is relying on SNAT for outbound originated flows. Counters for successful and failed outbound SNAT flows are reported and can be used to troubleshoot and understand the health of your outbound flows.

  References:

  https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics

• Question 158:

  You plan to deploy an Azure SQL database that will store Personally Identifiable Information (Pll). You need to ensure that only privileged users can view the Pll.

  What should you include in the solution?

  A. Transparent Data Encryption (TDE)
  B. Data Discovery & Classification
  C. dynamic data masking
  D. role-based access control (RBAC)
  C. dynamic data masking

  ---

  Explanation

  Dynamic data masking limits sensitive data exposure by masking it to non-privileged users.

  Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with minimal impact on the application layer. It's a policy-based security feature that hides the sensitive data in the result set of a query over designated database fields, while the data in the database is not changed.

  References:

  https://docs.microsoft.com/en-us/azure/azure-sql/database/dynamic-data-masking-overview

• Question 159:

  HOTSPOT

  Your company has the divisions shown in the following table.

  

  You plan to deploy a custom application to each subscription. The application will contain the following:

  1. A resource group

  2. An Azure web app

  3. Custom role assignments

  4. An Azure Cosmos DB account

  You need to use Azure Blueprints to deploy the application to each subscription.

  What is the minimum number of objects required to deploy the application? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

  ---

  Box 1: 2

  One management group for East, and one for West.

  When creating a blueprint definition, you'll define where the blueprint is saved. Blueprints can be saved to a management group or subscription that you have Contributor access to. If the location is a management group, the blueprint is available to assign to any child subscription of that management group.

  Box 2: 2

  Box 3: 4

  One assignment for each subscription.

  "Assigning a blueprint definition to a management group means the assignment object exists at the management group. The deployment of artifacts still targets a subscription. To perform a management group assignment, the Create Or Update REST API must be used and the request body must include a value for properties.scope to define the target subscription."

  https://docs.microsoft.com/en-us/azure/governance/blueprints/overview#blueprint-assignment

• Question 160:

  You are planning an Azure IoT Hub solution that will include 50,000 IoT devices.

  Each device will stream data, including temperature, device ID, and time data. Approximately 50,000 records will be written every second. The data will be visualized in near real time.

  You need to recommend a service to store and query the data.

  Which two services can you recommend? Each correct answer presents a complete solution.

  NOTE: Each correct selection is worth one point.

  A. Azure Table Storage
  B. Azure Event Grid
  C. Azure Cosmos DB SQL API
  D. Azure Time Series Insights
  C. Azure Cosmos DB SQL API
  D. Azure Time Series Insights

  ---

  Explanation

  Option D: Time Series Insights is a fully managed service for time series data. In this architecture, Time Series Insights performs the roles of stream processing, data store, and analytics and reporting. It accepts streaming data from either IoT Hub or Event Hubs and stores, processes, analyzes, and displays the data in near real time.

  Option C: The processed data is stored in an analytical data store, such as Azure Data Explorer, HBase, Azure Cosmos DB, Azure Data Lake, or Blob Storage.

  References:

  https://docs.microsoft.com/en-us/azure/architecture/data-guide/scenarios/time-series