AZ-305試験無料問題集「Microsoft Designing Microsoft Azure Infrastructure Solutions 認定」
Your organization has developed and deployed several Azure App Service Web and API applications. The applications use Azure Key Vault to store several authentication, storage account, and data encryption keys.
Several departments have the following requests to support the applications:
You need to recommend the appropriate Azure service for each department request.
What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area.
NOTE: Each correct selection is worth one point.
Several departments have the following requests to support the applications:
You need to recommend the appropriate Azure service for each department request.
What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
You have an on-premises app named App1 that supports REST calls and webhooks.
You have an Azure subscription.
You plan to develop a new app named App2 that will send a Microsoft Teams message when a new record is added to App1.
You need to recommend a service to host App2 and the type of trigger to use to call App2. The solution must minimize development effort.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription.
You plan to develop a new app named App2 that will send a Microsoft Teams message when a new record is added to App1.
You need to recommend a service to host App2 and the type of trigger to use to call App2. The solution must minimize development effort.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You manage a database environment for a Microsoft Volume Licensing customer named Contoso, Ltd.
Contoso uses License Mobility through Software Assurance.
You need to deploy 50 databases. The solution must meet the following requirements:
* Support automatic scaling.
* Minimize Microsoft SQL Server licensing costs.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Contoso uses License Mobility through Software Assurance.
You need to deploy 50 databases. The solution must meet the following requirements:
* Support automatic scaling.
* Minimize Microsoft SQL Server licensing costs.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: vCore
Virtual core (vCore)-based purchasing model (recommended). This purchasing model provides a choice between a provisioned compute tier and a serverless compute tier. With the provisioned compute tier, you choose the exact amount of compute resources that are always provisioned for your workload. With the serverless compute tier, you specify the autoscaling of the compute resources over a configurable compute range Box 2: An Azure SQL Database Elastic pool Azure SQL Database provides the following deployment options for a database:
* Single database represents a fully managed, isolated database.
* Elastic pool is a collection of single databases with a shared set of resources, such as CPU or memory.
Single databases can be moved into and out of an elastic pool.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/purchasing-models
You have a Microsoft Entra tenant named contoso.com that contains multiple enterprise apps.
Your company has a business partner that has a Microsoft Entra tenant named fabrikam.com.
You need to recommend an identity governance solution that will provide users in fabrikam.com with access to the enterprise apps in contoso.com. The solution must meet the following requirements:
* Ensure that administrators in fabrikam.com can provide the fabrikam.com users with access to the contoso.
com enterprise apps.
* Automatically provision identities for the fabrikam.com users to enable access to the contoso.com enterprise apps.
* Provide policy-based management of access assignments, approvals, and expirations.
* Minimize administrative effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct collection is worth one point.
Your company has a business partner that has a Microsoft Entra tenant named fabrikam.com.
You need to recommend an identity governance solution that will provide users in fabrikam.com with access to the enterprise apps in contoso.com. The solution must meet the following requirements:
* Ensure that administrators in fabrikam.com can provide the fabrikam.com users with access to the contoso.
com enterprise apps.
* Automatically provision identities for the fabrikam.com users to enable access to the contoso.com enterprise apps.
* Provide policy-based management of access assignments, approvals, and expirations.
* Minimize administrative effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct collection is worth one point.
正解:
Explanation:
You have an Azure subscription named Sub1 that is linked to an Azure AD tenant named contoso.com.
You plan to implement two ASP.NET Core apps named App1 and App2 that will be deployed to 100 virtual machines in Sub1. Users will sign in to App1 and App2 by using their contoso.com credentials.
App1 requires read permissions to access the calendar of the signed-m user. App2 requires write permissions to access the calendar of the signed-in user.
You need to recommend an authentication and authorization solution for the apps. The solution must meet the following requirements:
* Use the principle of least privilege.
* Minimize administrative effort
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one pent.
You plan to implement two ASP.NET Core apps named App1 and App2 that will be deployed to 100 virtual machines in Sub1. Users will sign in to App1 and App2 by using their contoso.com credentials.
App1 requires read permissions to access the calendar of the signed-m user. App2 requires write permissions to access the calendar of the signed-in user.
You need to recommend an authentication and authorization solution for the apps. The solution must meet the following requirements:
* Use the principle of least privilege.
* Minimize administrative effort
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one pent.
正解:
Explanation:
You have an Azure subscription that is linked to an Azure Active Directory Premium Plan 2 tenant The tenant has multi-factor authentication (MFA) enabled for all users.
You have the named locations shown in the following table.
You have the users shown in the following table.
You plan to deploy the Conditional Access policies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have the named locations shown in the following table.
You have the users shown in the following table.
You plan to deploy the Conditional Access policies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You are designing an application that will aggregate content for users.
You need to recommend a database solution for the application. The solution must meet the following requirements:
* Support SQL commands.
* Support multi-master writes.
* Guarantee low latency read operations.
What should you include in the recommendation?
You need to recommend a database solution for the application. The solution must meet the following requirements:
* Support SQL commands.
* Support multi-master writes.
* Guarantee low latency read operations.
What should you include in the recommendation?
正解:A
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
Your on-premises datacenter contains a server that runs Linux and hosts a Java app named Appl. App1 has the following characteristics:
* App1 is an interactive app that users access by using HTTPS connections.
* The number of connections to App1 changes significantly throughout the day.
* App1 runs multiple concurrent instances.
* App1 requires major changes to run in a container.
You plan to migrate App1 to Azure.
You need to recommend a compute solution for Appl. The solution must meet the following requirements:
* The solution must run multiple instances of Appl.
* The number of instances must be managed automatically depending on the load.
* Administrative effort must be minimized.
What should you include in the recommendation?
* App1 is an interactive app that users access by using HTTPS connections.
* The number of connections to App1 changes significantly throughout the day.
* App1 runs multiple concurrent instances.
* App1 requires major changes to run in a container.
You plan to migrate App1 to Azure.
You need to recommend a compute solution for Appl. The solution must meet the following requirements:
* The solution must run multiple instances of Appl.
* The number of instances must be managed automatically depending on the load.
* Administrative effort must be minimized.
What should you include in the recommendation?
正解:D
解答を投票する
You have an Azure subscription that contains a storage account.
An application sometimes writes duplicate files to the storage account.
You have a PowerShell script that identifies and deletes duplicate files in the storage account. Currently, the script is run manually after approval from the operations manager.
You need to recommend a serverless solution that performs the following actions:
* Runs the script once an hour to identify whether duplicate files exist
* Sends an email notification to the operations manager requesting approval to delete the duplicate files
* Processes an email response from the operations manager specifying whether the deletion was approved
* Runs the script if the deletion was approved
What should you include in the recommendation?
An application sometimes writes duplicate files to the storage account.
You have a PowerShell script that identifies and deletes duplicate files in the storage account. Currently, the script is run manually after approval from the operations manager.
You need to recommend a serverless solution that performs the following actions:
* Runs the script once an hour to identify whether duplicate files exist
* Sends an email notification to the operations manager requesting approval to delete the duplicate files
* Processes an email response from the operations manager specifying whether the deletion was approved
* Runs the script if the deletion was approved
What should you include in the recommendation?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have multiple on-premises locations. The locations host loT endpoints that generate real-time telemetry data.
You have an Azure subscription.
You need to process the telemetry data and provide real-time insights. The solution must minimize development effort.
What should you use?
You have an Azure subscription.
You need to process the telemetry data and provide real-time insights. The solution must minimize development effort.
What should you use?
正解:C
解答を投票する
You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages.
What should you include in the recommendation?
正解:B
解答を投票する
You have an on-premises web server farm that contains 10 servers. The servers run Windows Server 2016 and host a .NET Framework application named Appl. The state data for App1 is maintained by using a database named DB1. The usage patterns of App1 vary significantly.
You plan to perform the following actions:
* Migrate App1 to Azure.
* Migrate DB1 to an Azure SQL database.
You need to recommend a virtual machine-based solution to host App1. The solution must meet the following requirements;
* Minimize how long it takes to scale out resources during surges in demand for App1.
* Ensure minimum capacity availability of the virtual machines at all times.
* Ensure that the solution can be recovered if an Azure region fails.
* Minimize compute costs.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to perform the following actions:
* Migrate App1 to Azure.
* Migrate DB1 to an Azure SQL database.
You need to recommend a virtual machine-based solution to host App1. The solution must meet the following requirements;
* Minimize how long it takes to scale out resources during surges in demand for App1.
* Ensure minimum capacity availability of the virtual machines at all times.
* Ensure that the solution can be recovered if an Azure region fails.
* Minimize compute costs.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have an Azure subscription. The subscription contains an Azure SQL managed instance that stores employee details, including social security numbers and phone numbers.
You need to configure the managed instance to meet the following requirements:
* The helpdesk team must see only the last four digits of an employee's phone number.
* Cloud administrators must be prevented from seeing the employee's social security numbers.
What should you enable tor each column in the managed instance? To answer select the appropriate options in the answer area.
NOTE; Each correct selection is worth one point
You need to configure the managed instance to meet the following requirements:
* The helpdesk team must see only the last four digits of an employee's phone number.
* Cloud administrators must be prevented from seeing the employee's social security numbers.
What should you enable tor each column in the managed instance? To answer select the appropriate options in the answer area.
NOTE; Each correct selection is worth one point
正解:
Explanation:
You are evaluating whether to use Azure Traffic Manager and Azure Application Gateway to meet the connection requirements for App1.
What is the minimum numbers of instances required for each service? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What is the minimum numbers of instances required for each service? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is deployed and configured for on-premises to Azure connectivity.
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied from the Azure virtual machines to the on-premises virtual machines.
Solution: Use Azure Advisor.
Does this meet the goal?
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied from the Azure virtual machines to the on-premises virtual machines.
Solution: Use Azure Advisor.
Does this meet the goal?
正解:A
解答を投票する
You plan to migrate on-premises Microsoft SQL Server databases to Azure.
You need to recommend a deployment and resiliency solution that meets the following requirements:
* Supports user-initiated backups
* Supports multiple automatically replicated instances across Azure regions
* Minimizes administrative effort to implement and maintain business continuity What should you recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a deployment and resiliency solution that meets the following requirements:
* Supports user-initiated backups
* Supports multiple automatically replicated instances across Azure regions
* Minimizes administrative effort to implement and maintain business continuity What should you recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Explanation:
Box 1: An Azure SQL Database single database.
SQL Server Managed instance versus SQL Server Virtual Machines
Active geo-replication is not supported by Azure SQL Managed Instance.
Box 2: Active geo-replication
Active geo-replication is a feature that lets you to create a continuously synchronized readable secondary database for a primary database. The readable secondary database may be in the same Azure region as the primary, or, more commonly, in a different region. This kind of readable secondary databases are also known as geo-secondaries, or geo-replicas.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/active-geo-replication-overview
You deploy several Azure SQL Database instances.
You plan to configure the Diagnostics settings on the databases as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You plan to configure the Diagnostics settings on the databases as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
In the exhibit, the SQLInsights data is configured to be stored in Azure Log Analytics for 90 days. However, the question is asking for the "maximum" amount of time that the data can be stored which is 730 days.
You need to recommend a solution to ensure that App1 can access the third-party credentials and access strings. The solution must meet the security requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Scenario: Security Requirement
All secrets used by Azure services must be stored in Azure Key Vault.
Services that require credentials must have the credentials tied to the service instance. The credentials must NOT be shared between services.
Box 1: A service principal
A service principal is a type of security principal that identifies an application or service, which is to say, a piece of code rather than a user or group. A service principal's object ID is known as its client ID and acts like its username. The service principal's client secret acts like its password.
Note: Authentication with Key Vault works in conjunction with Azure Active Directory (Azure AD), which is responsible for authenticating the identity of any given security principal.
A security principal is an object that represents a user, group, service, or application that's requesting access to Azure resources. Azure assigns a unique object ID to every security principal.
Box 2: A role assignment
You can provide access to Key Vault keys, certificates, and secrets with an Azure role-based access control.
Reference:
https://docs.microsoft.com/en-us/azure/key-vault/general/authentication