We’re introducing the latest updated Microsoft Azure AZ-305 dumps to help you quickly pass the Designing Microsoft Azure Infrastructure Solutions exam, great learning material!
The AZ-305 exam tests extensive experience and knowledge of IT operations (networking, virtualization, identity, security, business continuity, disaster recovery, data platforms, and governance).
These, the Pass4itSure AZ-305 dumps includes, provide real and valid 194+ AZ-305 exam questions and answers based on the above: https://www.pass4itsure.com/az-305.html Presented in PDF and VCE formats, both of which will help you pass the exam first.
Pass4itSure highly recommends you to try Microsoft Azure AZ-305 dumps free to check its reliability:
Microsoft AZ-305 free dumps [2022] practice test
Question 1
HOTSPOT
You have an Azure subscription named Subscription1 that is linked to a hybrid Azure Active Directory (Azure AD)
tenant. You have an on-premises datacenter that does NOT have a VPN connection to Subscription1. The datacenter contains a computer named Server1 that has Microsoft SQL Server 2016 installed. Server is prevented from accessing the internet.
An Azure logic app resource named LogicApp1 requires write access to a database on Server1.
You need to recommend a solution to provide LogicApp1 with the ability to access Server1.
What should you recommend deploying on-premises and in Azure? To answer, select the appropriate options in the
answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: An on-premises data gateway
For logic apps in global, multi-tenant Azure that connect to on-premises SQL Server, you need to have the on-premises
data gateway installed on a local computer and a data gateway resource that\\’s already created in Azure.
Box 2: A connection gateway resource
Reference:
https://docs.microsoft.com/en-us/azure/connectors/connectors-create-api-sqlazure
Question 2
HOTSPOT
You plan to migrate App1 to Azure.
You need to recommend a high-availability solution for App1. The solution must meet the resiliency requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: 3
Scenario: App1 must meet the following requirements:
1. Be hosted in an Azure region that supports availability zones.
2. Maintain availability if two availability zones in the local Azure region fail.
A host group is a resource that represents a collection of dedicated hosts. You create a host group in a region and an
availability zone, and add hosts to it. Use Availability Zones for fault isolation Availability zones are unique physical locations within an Azure region. Each zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
A host group is created in a single availability zone. Once created, all hosts will be placed within that zone. To achieve
high availability across zones, you need to create multiple host groups (one per zone) and spread your hosts
accordingly.
Box 2: 1
Scenario: App1 must meet the following requirements:
Be hosted on Azure virtual machines that support automatic scaling.
An Azure virtual machine scale set can automatically increase or decrease the number of VM instances that run your
application. This automated and elastic behavior reduces the management overhead to monitor and optimize the
performance of your application.
Question 3
HOTSPOT
Your company has the divisions shown in the following table.
You plan to deploy a custom application to each subscription. The application will contain the following:
1. A resource group
2. An Azure web app
3. Custom role assignments
4. An Azure Cosmos DB account
You need to use Azure Blueprints to deploy the application to each subscription.
What is the minimum number of objects required to deploy the application? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: 2
One management group for East, and one for West.
When creating a blueprint definition, you\\’ll define where the blueprint is saved. Blueprints can be saved to a
management group or subscription that you have Contributor access to. If the location is a management group, the
blueprint is available to assign to any child subscription of that management group.
Box 2: 2
Box 3: 4
One assignment for each subscription. “Assigning a blueprint definition to a management group means the assignment object exists at the management group.
The deployment of artifacts still targets a subscription. To perform a management group assignment, the Create Or
Update REST API must be used and the request body must include a value for properties.scope to define the target
subscription.” https://docs.microsoft.com/en-us/azure/governance/blueprints/overview#blueprint-assignment
Question 4
A company plans to implement an HTTP-based API to support a web app. The web app allows customers to check the
status of their orders.
The API must meet the following requirements:
1. Implement Azure Functions
2. Provide public read-only operations
3. Do not allow write operations
4. You need to recommend configuration options.
What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Allowed authentication methods: GET only Authorization level: Anonymous The option is Allow Anonymous requests. This option turns on authentication and authorization in App Service, but defers authorization decisions to your application code. For authenticated requests, App Service also passes along authentication information in the HTTP headers.
This option provides more flexibility in handling anonymous requests.
References: https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization
Question 5
HOTSPOT
You need to recommend an Azure Storage Account configuration for two applications named Application1 and
Applications. The configuration must meet the following requirements:
1. Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.
2. Storage for Application2 must provide the lowest possible storage costs per GB.
3. Storage for both applications must be optimized for uploads and downloads.
4. Storage for both applications must be available in an event of datacenter failure.
What should you recommend ? To answer, select the appropriate options in the answer area NOTE: Each correct
selection is worth one point
Correct Answer:
Box 1: BloblBlobStorage with Premium performance and Zone-redundant storage (ZRS) replication.
BlockBlobStorage accounts: Storage accounts with premium performance characteristics for block blobs and append
blobs.
Recommended for scenarios with high transactions rates, or scenarios that use smaller objects or require
consistently low storage latency. Premium: optimized for high transaction rates and single-digit consistent storage
latency.
Box 2: General purpose v2 with Standard performance.. General-purpose v2 accounts: Basic storage account type for
blobs, files, queues, and tables. Recommended for most scenarios using Azure Storage.
Question 6
You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps
that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster
will reside on the same virtual network.
You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following
requirements:
1. Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual
TLS authentication.
2. The number of incoming microservice calls must be rate-limited.
3. Costs must be minimized. What should you include in the solution?
A. Azure API Management Premium tier with virtual network connection
B. Azure Front Door with Azure Web Application Firewall (WAF)
C. Azure API Management Standard tier with a service endpoint
D. Azure App Gateway with Azure Web Application Firewall (WAF)
Correct Answer: A
One option is to deploy APIM (API Management) inside the cluster VNet. The AKS cluster and the applications that
consume the microservices might reside within the same VNet, hence there is no reason to expose the cluster publicly
as all API traffic will remain within the VNet. For these scenarios, you can deploy API Management into the cluster VNet.
API Management Premium tier supports VNet deployment.
Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-kubernetes
Question 7
HOTSPOT
To meet the authentication requirements of Fabrikam, what should you include in the solution? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Question 8
HOTSPOT
You have an Azure subscription that contains the SQL servers on Azure shown in the following table.
The subscription contains the storage accounts shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct
selection is worth one point.
Box 1: Yes Be sure that the destination is in the same region as your database and server. Box 2: No Box 3: Yes
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-auditing
Question 9
HOTSPOT
You have an Azure subscription named Subscription1 that is linked to a hybrid Azure Active Directory (Azure AD)
tenant.
You have an on-premises datacenter that does NOT have a VPN connection to Subscription1. The datacenter contains
a computer named Server1 that has Microsoft SQL Server 2016 installed. Server1 is prevented from accessing the
internet.
An Azure logic app named LogicApp1 requires write access to a database on Server1.
You need to recommend a solution to provide LogicApp1 with the ability to access Server1.
What should you recommend deploying on-premises and in Azure? To answer, select the appropriate options in the
answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: An on-premises data gateway
For logic apps in global, multi-tenant Azure that connect to on-premises SQL Server, you need to have the on-premises
data gateway installed on a local computer and a data gateway resource that\\’s already created in Azure.
Box 2: A connection gateway resource
Question 10
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Your company plans to deploy various Azure App Service instances that will use Azure SQL databases. The App
Service instances will be deployed at the same time as the Azure SQL databases.
The company has a regulatory requirement to deploy the App Service instances only to specific Azure regions. The
resources for the App Service instances must reside in the same region. You need to recommend a solution to meet the regulatory requirement.
Solution: You recommend creating resource groups based on locations and implementing resource locks on the
resource groups.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Resource locks are not used for compliance purposes. Resource locks prevent changes from being made to resources.
Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources
Question 11
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the
following requirements:
1. Provide access to the full .NET framework.
2. Provide redundancy if an Azure region fails.
3. Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy an Azure virtual machine to two Azure regions, and you deploy an Azure Application Gateway.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
You need to deploy two Azure virtual machines to two Azure regions, but also create a Traffic Manager profile.
Question 12
You are designing a large Azure environment that will contain many subscriptions.
You plan to use Azure Policy as part of a governance solution.
To which three scopes can you assign Azure Policy definitions? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. management groups
B. subscriptions
C. Azure Active Directory (Azure AD) tenants
D. resource groups
E. Azure Active Directory (Azure AD) administrative units
F. compute resources
Correct Answer: ABD
Azure Policy evaluates resources in Azure by comparing the properties of those resources to business rules.
Once your business rules have been formed, the policy definition or initiative is assigned to any scope of resources that
Azure supports, such as management groups, subscriptions, resource groups, or individual resources.
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/overview
Question 13
HOTSPOT
You plan to migrate App1 to Azure.
You need to estimate the compute costs for App1 in Azure. The solution must meet the security and compliance
requirements.
What should you use to estimate the costs, and what should you implement to minimize the costs? To answer, select
the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: The Azure Total Cost of Ownership (TCO) Calculator
The Total Cost of Ownership (TCO) Calculator estimates the cost savings you can realize by migrating your workloads
to Azure.
Note: The TCO Calculator recommends a set of equivalent services in Azure that will support your applications. Our
analysis will show each cost area with an estimate of your on-premises spend versus your spend in Azure. There are
several cost categories that either decrease or go away completely when you move workloads to the cloud.
Box 2: Azure Hybrid Benefit
Azure Hybrid Benefit is a licensing benefit that helps you to significantly reduce the costs of running your workloads in
the cloud. It works by letting you use your on-premises Software Assurance-enabled Windows Server and SQL Server
licenses on Azure. And now, this benefit applies to RedHat and SUSE Linux subscriptions, too.
Scenario:
Litware identifies the following security and compliance requirements:
1. Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years.
2. On-premises users and services must be able to access the Azure Storage account that will host the data in App1.
3. Access to the public endpoint of the Azure Storage account that will host the App1 data must be prevented.
4. All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE) enabled.
5. App1 must not share physical hardware with other workloads.
New AZ-305 PDF download
[google drive] Update: https://drive.google.com/file/d/1sVOgOaTlm9RJQkUoCx5EPkaupScpc2b4/view?usp=sharing
Prepare for the Microsoft AZ-305 exam dumps. Our updated AZ-305 dumps: https://www.pass4itsure.com/az-305.html AZ-305 PDF+VCE exam preparation materials help you pass the exam in one go.
