CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-305

Free AZ-305 Exam Braindumps (page: 11)

Page 11 of 67
PDF with 267 Questions

HOTSPOT (Drag and Drop is not supported)
Your company has 20 web APIs that were developed in-house.

The company is developing 10 web apps that will use the web APIs. The web apps and the APIs are registered in the company s Azure Active Directory (Azure AD) tenant. The web APIs are published by using Azure API Management.

You need to recommend a solution to block unauthorized requests originating from the web apps from reaching the web APIs. The solution must meet the following requirements:

-Use Azure AD-generated claims.
-Minimize configuration and management effort.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Azure AD
Grant permissions in Azure AD.

Box 2: Azure API Management
Configure a JWT validation policy to pre-authorize requests.
Pre-authorize requests in API Management with the Validate JWT policy, by validating the access tokens of each incoming request. If a request does not have a valid token, API Management blocks it.


Reference:

https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad



You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription.

What should you include in the recommendation?

  1. Azure Log Analytics
  2. Azure Arc
  3. Azure Analysis Services
  4. Application Insights

Answer(s): A

Explanation:

The Activity log is a platform log in Azure that provides insight into subscription-level events. Activity log includes such information as when a resource is modified or when a virtual machine is started.
Activity log events are retained in Azure for 90 days and then deleted.

For more functionality, you should create a diagnostic setting to send the Activity log to one or more of these locations for the following reasons:

to Azure Monitor Logs for more complex querying and alerting, and longer retention (up to two years)
to Azure Event Hubs to forward outside of Azure
to Azure Storage for cheaper, long-term archiving

Note: Azure Monitor builds on top of Log Analytics, the platform service that gathers log and metrics data from all your resources. The easiest way to think about it is that Azure Monitor is the marketing name, whereas Log Analytics is the technology that powers it.


Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log



Your company has the divisions shown in the following table.



Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1.

You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.

What should you recommend?

  1. Configure the Azure AD provisioning service.
  2. Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management (PIM).
  3. Use Azure AD entitlement management to govern external users.
  4. Configure Azure AD Identity Protection.

Answer(s): C

Explanation:

Entitlement management is an identity governance capability that enables organizations to manage identity and access lifecycle at scale by automating access request workflows, access assignments, reviews, and expiration. Entitlement management allows delegated non-admins to create access packages that external users from other organizations can request access to. One and multi-stage approval workflows can be configured to evaluate requests, and provision users for time-limited access with recurring reviews. Entitlement management enables policy-based provisioning and deprovisioning of external accounts.

Note: Access Packages
An access package is the foundation of entitlement management. Access packages are groupings of policy-governed resources a user needs to collaborate on a project or do other tasks. For example, an access package might include:
access to specific SharePoint sites.
enterprise applications including your custom in-house and SaaS apps like Salesforce.
Microsoft Teams.
Microsoft 365 Groups.

Incorrect:
Not A: Automatic provisioning refers to creating user identities and roles in the cloud applications that users need access to. In addition to creating user identities, automatic provisioning includes the maintenance and removal of user identities as status or roles change.

Not B: Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management:

Provide just-in-time privileged access to Azure AD and Azure resources
Assign time-bound access to resources using start and end dates
Etc.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/6-secure-access-entitlement-managment
https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/how-provisioning-works
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure



You are developing an app that will read activity logs for an Azure subscription by using Azure Functions.

You need to recommend an authentication solution for Azure Functions. The solution must minimize administrative effort.

What should you include in the recommendation?

  1. an enterprise application in Azure AD
  2. system-assigned managed identities
  3. shared access signatures (SAS)
  4. application registration in Azure AD

Answer(s): B

Explanation:

Azure App Service provides built-in authentication and authorization capabilities (sometimes referred to as "Easy Auth"), so you can sign in users and access data by writing minimal or no code in your web app, RESTful API, and mobile back end, and also Azure Functions.

Azure App Service provides built-in authentication and authorization capabilities (sometimes referred to as "Easy Auth"), so you can sign in users and access data by writing minimal or no code in your web app, RESTful API, and mobile back end, and also Azure Functions.
* Microsoft Identity Platform
* Facebook
* Google
* Twitter
* Any OpenID Connect provider

Note:
A managed identity from Azure Active Directory (Azure AD) allows your app to easily access other Azure AD-protected resources such as Azure Key Vault. The identity is managed by the Azure platform and does not require you to provision or rotate any secrets. For more about managed identities in Azure AD, see Managed identities for Azure resources.

Your application can be granted two types of identities:

A system-assigned identity is tied to your application and is deleted if your app is deleted. An app can only have one system-assigned identity.
A user-assigned identity is a standalone Azure resource that can be assigned to your app. An app can have multiple user-assigned identities.


Reference:

https://learn.microsoft.com/en-us/azure/app-service/overview-authentication-authorization
https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity



Page 11 of 67



Post your Comments and Discuss Microsoft AZ-305 exam with other Community members:

Criss commented on December 29, 2024
Very nice and very good questions
Anonymous
upvote

Jay Gomes commented on November 07, 2024
Very nice and very good questions
Anonymous
upvote

Jay Gomes commented on November 07, 2024
Nice v nice questions
Anonymous
upvote

Farid commented on November 05, 2024
This exam is hard but not as bad as others have stated here. With these question you can pass on first try.
Canada
upvote

Bobby commented on September 12, 2024
nice collection
Anonymous
upvote

Ram commented on September 06, 2024
Its a nice collection of questions with examplanation
Anonymous
upvote

Doran commented on June 10, 2024
Used these exam dumps and passed my exam. Of course I went for the full PDF version. Felt like I had the answers in my back pocket. If only they could help me find my car keys too!
United Kingdom
upvote

Emma Martin commented on May 04, 2024
I highly recommend Xcerts.com's Microsoft AZ-305 Dumps PDF for anyone preparing for the AZ-305 certification exam. The content is well-organized, comprehensive, and up-to-date, covering all key topics effectively. The inclusion of real-world scenarios and practice questions makes it a valuable resource for honing Azure solutions skills. Passexam4sure's AZ-305 Dumps PDF is a must-have for achieving success in Azure solutions architecture!
UNITED STATES
upvote

Komar commented on April 14, 2024
Practice Questions seem very relevant and the price is quite affordable compare to other sites where they charge for study guides and the software separately.
UNITED STATES
upvote

Ken commented on March 27, 2024
I wanted to say thank you for the set of study guides and practice questions. They turned out to be very helpful. I pass the exam.
ITALY
upvote

Sushant commented on February 02, 2024
The question are very relevant to real exam. Some are word by word. However some answers are not 100% correct. So if you have some knowledge of the topics like me then it is an easy pass with these questions.
Anonymous
upvote

Žarko commented on September 05, 2023
@t it seems like azure service bus message quesues could be the best solution
UNITED KINGDOM
upvote

Santhi commented on January 01, 2024
passed today.40% questions were new.litwere case study,lots of new questions on afd,ratelimit,tm,lb,app gatway.got 2 set series of questions which are not present here.questions on azure cyclecloud, no.of vnet/vms required for implimentation,blueprints assignment/management group etc
INDIA
upvote

T commented on July 28, 2023
this question is keep repeat : you are developing a sales application that will contain several azure cloud services and handle different components of a transaction. different cloud services will process customer orders, billing, payment, inventory, and shipping. you need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using xml messages. what should you include in the recommendation?
NEW ZEALAND
upvote

alaska commented on October 24, 2023
i scored 87% on the az-204 exam. thanks! i always trust
GERMANY
upvote

Chere commented on September 15, 2023
found it good
Anonymous
upvote

Santhi commented on January 01, 2024
Passed Today.40% questions were new.Litwere case study,Lots of new Questions on AFD,Ratelimit,TM,LB,App gatway.Got 2 set series of questions which are not present here.Questions on Azure CycleCloud, No.of vnet/vm's required for implimentation,Blueprints assignment/management group etc
INDIA
upvote

alaska commented on October 24, 2023
I scored 87% on the AZ-204 exam. Thanks! I always trust
GERMANY
upvote

luvinit commented on September 27, 2023
purfect happy to be here
UNITED STATES
upvote

Chere commented on September 15, 2023
Found it good
Anonymous
upvote

Chere commented on September 15, 2023
I am.just visiting the website, it looks good and valid.
Anonymous
upvote

Žarko commented on September 05, 2023
Q42: Shouldn't Answer be Access Review?!!
UNITED KINGDOM
upvote

Žarko commented on September 05, 2023
@T It seems like Azure Service Bus message quesues could be the best solution
UNITED KINGDOM
upvote

Computers Student commented on August 18, 2023
I am planning to take this exam soon. I will share the results.
SOUTH AFRICA
upvote

T commented on July 28, 2023
This question is keep repeat : You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping. You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages. What should you include in the recommendation?
NEW ZEALAND
upvote

avread09 commented on June 10, 2023
good set of questions
Anonymous
upvote

chopra commented on April 27, 2023
These questions cover a wide range of topics and are very helpful.
INDIA
upvote

Isaac commented on April 24, 2023
The dumps covered all the important topics. Very helpful for passing the exam.
UNITED KINGDOM
upvote

Rez commented on April 23, 2023
This is a good shortcut to passing. Questions are very similar to what I saw in my exam. That is what helped me pass.
GERMANY
upvote

George commented on March 27, 2023
This exam question and answer guide was an absolute lifesaver - I felt prepared and confident going into my exam and passed it.
CANADA
upvote

Pradhan commented on March 14, 2023
Real questions and answers in this exam dumps... helped me maximize my study time and pass my exam.
UNITED STATES
upvote

marcee commented on January 25, 2023
some new question came up in the exam and some answer are wrong, how ever the dump was useful
EUROPEAN UNION
upvote

Amit commented on September 05, 2022
The good thing about this site is that they provide free updates. The latest upddate has the new exam questions.
INDIA
upvote

Ranjeet commented on June 29, 2022
Second attemp and managed to pass with the help of this exam dumps questions. What relief.
INDIA
upvote