CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-305

Free AZ-305 Exam Braindumps (page: 7)

Page 7 of 67
PDF with 267 Questions

HOTSPOT (Drag and Drop is not supported)
You have an Azure subscription that contains 300 virtual machines that run Windows Server 2019.

You need to centrally monitor all warning events in the System logs of the virtual machines.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:





Box 1: A Log Analytics workspace
Send resource logs to a Log Analytics workspace to enable the features of Azure Monitor Logs.
You must create a diagnostic setting for each Azure resource to send its resource logs to a Log Analytics workspace to use with Azure Monitor Logs.

Box 2: Install the Azure Monitor agent
Use the Azure Monitor agent if you need to:
Collect guest logs and metrics from any machine in Azure, in other clouds, or on-premises.
Manage data collection configuration centrally


Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs
https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview#azure-monitor-agent



HOTSPOT (Drag and Drop is not supported)
You have several Azure App Service web apps that use Azure Key Vault to store data encryption keys.

Several departments have the following requests to support the web app:



Which service should you recommend for each department’s request? To answer, configure the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Azure AD Privileged Identity Management
Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management:

Provide just-in-time privileged access to Azure AD and Azure resources
Assign time-bound access to resources using start and end dates
Require approval to activate privileged roles
Enforce multi-factor authentication to activate any role
Use justification to understand why users activate
Get notifications when privileged roles are activated
Conduct access reviews to ensure users still need roles
Download audit history for internal or external audit
Prevents removal of the last active Global Administrator role assignment

Box 2: Azure Managed Identity
Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication. Applications may use the managed identity to obtain Azure AD tokens. With Azure Key Vault, developers can use managed identities to access resources. Key Vault stores credentials in a secure manner and gives access to storage accounts.

Box 3: Azure AD Privileged Identity Management
Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management:

Provide just-in-time privileged access to Azure AD and Azure resources
Assign time-bound access to resources using start and end dates


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview



HOTSPOT (Drag and Drop is not supported)
Your company has the divisions shown in the following table.



You plan to deploy a custom application to each subscription. The application will contain the following:

-A resource group
-An Azure web app
-Custom role assignments
-An Azure Cosmos DB account

You need to use Azure Blueprints to deploy the application to each subscription.

What is the minimum number of objects required to deploy the application? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:





Box 1: 2
One management group for each Azure AD tenant

Azure management groups provide a level of scope above subscriptions.
All subscriptions within a management group automatically inherit the conditions applied to the management group.
All subscriptions within a single management group must trust the same Azure Active Directory tenant.

Box 2: 1
One single blueprint definition can be assigned to different existing management groups or subscriptions.

When creating a blueprint definition, you'll define where the blueprint is saved. Blueprints can be saved to a management group or subscription that you have Contributor access to. If the location is a management group, the blueprint is available to assign to any child subscription of that management group.

Box 3: 2
Blueprint assignment
Each Published Version of a blueprint can be assigned (with a max name length of 90 characters) to an existing management group or subscription.
Assigning a blueprint definition to a management group means the assignment object exists at the management group. The deployment of artifacts still targets a subscription.


Reference:

https://docs.microsoft.com/en-us/azure/governance/management-groups/overview
https://docs.microsoft.com/en-us/azure/governance/blueprints/overview



HOTSPOT (Drag and Drop is not supported)
You need to design an Azure policy that will implement the following functionality:

-For new resources, assign tags and values that match the tags and values of the resource group to which the resources are deployed.
-For existing resources, identify whether the tags and values match the tags and values of the resource group that contains the resources.
-For any non-compliant resources, trigger auto-generated remediation tasks to create missing tags and values.

The solution must use the principle of least privilege.

What should you include in the design? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Modify
Modify is used to add, update, or remove properties or tags on a subscription or resource during creation or update. A common example is updating tags on resources such as costCenter. Existing non-compliant resources can be remediated with a remediation task. A single Modify rule can have any number of operations. Policy assignments with effect set as Modify require a managed identity to do remediation.

Incorrect:
* The following effects are deprecated: EnforceOPAConstraint EnforceRegoPolicy
* Append is used to add additional fields to the requested resource during creation or update. A common example is specifying allowed IPs for a storage resource.
Append is intended for use with non-tag properties. While Append can add tags to a resource during a create or update request, it's recommended to use the Modify effect for tags instead.

Box 2: A managed identity with the Contributor role
The managed identity needs to be granted the appropriate roles required for remediating resources to grant the managed identity.

Contributor - Can create and manage all types of Azure resources but can't grant access to others.

Incorrect:
User Access Administrator: lets you manage user access to Azure resources.


Reference:

https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects
https://docs.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles



Page 7 of 67



Post your Comments and Discuss Microsoft AZ-305 exam with other Community members:

Criss commented on December 29, 2024
Very nice and very good questions
Anonymous
upvote

Jay Gomes commented on November 07, 2024
Very nice and very good questions
Anonymous
upvote

Jay Gomes commented on November 07, 2024
Nice v nice questions
Anonymous
upvote

Farid commented on November 05, 2024
This exam is hard but not as bad as others have stated here. With these question you can pass on first try.
Canada
upvote

Bobby commented on September 12, 2024
nice collection
Anonymous
upvote

Ram commented on September 06, 2024
Its a nice collection of questions with examplanation
Anonymous
upvote

Doran commented on June 10, 2024
Used these exam dumps and passed my exam. Of course I went for the full PDF version. Felt like I had the answers in my back pocket. If only they could help me find my car keys too!
United Kingdom
upvote

Emma Martin commented on May 04, 2024
I highly recommend Xcerts.com's Microsoft AZ-305 Dumps PDF for anyone preparing for the AZ-305 certification exam. The content is well-organized, comprehensive, and up-to-date, covering all key topics effectively. The inclusion of real-world scenarios and practice questions makes it a valuable resource for honing Azure solutions skills. Passexam4sure's AZ-305 Dumps PDF is a must-have for achieving success in Azure solutions architecture!
UNITED STATES
upvote

Komar commented on April 14, 2024
Practice Questions seem very relevant and the price is quite affordable compare to other sites where they charge for study guides and the software separately.
UNITED STATES
upvote

Ken commented on March 27, 2024
I wanted to say thank you for the set of study guides and practice questions. They turned out to be very helpful. I pass the exam.
ITALY
upvote

Sushant commented on February 02, 2024
The question are very relevant to real exam. Some are word by word. However some answers are not 100% correct. So if you have some knowledge of the topics like me then it is an easy pass with these questions.
Anonymous
upvote

Žarko commented on September 05, 2023
@t it seems like azure service bus message quesues could be the best solution
UNITED KINGDOM
upvote

Santhi commented on January 01, 2024
passed today.40% questions were new.litwere case study,lots of new questions on afd,ratelimit,tm,lb,app gatway.got 2 set series of questions which are not present here.questions on azure cyclecloud, no.of vnet/vms required for implimentation,blueprints assignment/management group etc
INDIA
upvote

T commented on July 28, 2023
this question is keep repeat : you are developing a sales application that will contain several azure cloud services and handle different components of a transaction. different cloud services will process customer orders, billing, payment, inventory, and shipping. you need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using xml messages. what should you include in the recommendation?
NEW ZEALAND
upvote

alaska commented on October 24, 2023
i scored 87% on the az-204 exam. thanks! i always trust
GERMANY
upvote

Chere commented on September 15, 2023
found it good
Anonymous
upvote

Santhi commented on January 01, 2024
Passed Today.40% questions were new.Litwere case study,Lots of new Questions on AFD,Ratelimit,TM,LB,App gatway.Got 2 set series of questions which are not present here.Questions on Azure CycleCloud, No.of vnet/vm's required for implimentation,Blueprints assignment/management group etc
INDIA
upvote

alaska commented on October 24, 2023
I scored 87% on the AZ-204 exam. Thanks! I always trust
GERMANY
upvote

luvinit commented on September 27, 2023
purfect happy to be here
UNITED STATES
upvote

Chere commented on September 15, 2023
Found it good
Anonymous
upvote

Chere commented on September 15, 2023
I am.just visiting the website, it looks good and valid.
Anonymous
upvote

Žarko commented on September 05, 2023
Q42: Shouldn't Answer be Access Review?!!
UNITED KINGDOM
upvote

Žarko commented on September 05, 2023
@T It seems like Azure Service Bus message quesues could be the best solution
UNITED KINGDOM
upvote

Computers Student commented on August 18, 2023
I am planning to take this exam soon. I will share the results.
SOUTH AFRICA
upvote

T commented on July 28, 2023
This question is keep repeat : You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping. You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages. What should you include in the recommendation?
NEW ZEALAND
upvote

avread09 commented on June 10, 2023
good set of questions
Anonymous
upvote

chopra commented on April 27, 2023
These questions cover a wide range of topics and are very helpful.
INDIA
upvote

Isaac commented on April 24, 2023
The dumps covered all the important topics. Very helpful for passing the exam.
UNITED KINGDOM
upvote

Rez commented on April 23, 2023
This is a good shortcut to passing. Questions are very similar to what I saw in my exam. That is what helped me pass.
GERMANY
upvote

George commented on March 27, 2023
This exam question and answer guide was an absolute lifesaver - I felt prepared and confident going into my exam and passed it.
CANADA
upvote

Pradhan commented on March 14, 2023
Real questions and answers in this exam dumps... helped me maximize my study time and pass my exam.
UNITED STATES
upvote

marcee commented on January 25, 2023
some new question came up in the exam and some answer are wrong, how ever the dump was useful
EUROPEAN UNION
upvote

Amit commented on September 05, 2022
The good thing about this site is that they provide free updates. The latest upddate has the new exam questions.
INDIA
upvote

Ranjeet commented on June 29, 2022
Second attemp and managed to pass with the help of this exam dumps questions. What relief.
INDIA
upvote