Microsoft Designing Microsoft Azure Infrastructure Solutions (AZ-305) Free Practice Test
Question 1
Hotspot Question
You have the Azure resources shown in the following table.
You need to recommend a virtual network management solution that uses Azure Virtual Network Manager. The solution must meet the following requirements:
- Minimize the number of network managers.
- Minimize administrative effort when assigning the network group
membership.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have the Azure resources shown in the following table.
You need to recommend a virtual network management solution that uses Azure Virtual Network Manager. The solution must meet the following requirements:
- Minimize the number of network managers.
- Minimize administrative effort when assigning the network group
membership.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: 1
Cross-tenant support in Azure Virtual Network Manager
Cross-tenant supports allow organizations to use a central Network Manager instance for managing virtual networks across different tenants and subscriptions.
Box 2: Azure Policy
Minimize administrative effort when assigning the network group membership.
After you deploy the Virtual Network Manager instance, you create a network group, which serves as a logical container of networking resources to apply configurations at scale. You can manually select individual virtual networks to be added to your network group, known as static membership. Or you can use *Azure Policy* to define conditions that govern your group membership dynamically, or dynamic membership.
Reference:
https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-cross-tenant
https://learn.microsoft.com/en-us/azure/virtual-network-manager/overview
Question 2
You need to recommend a solution that meets the following requirements:
- Minimizes the use of the virtual machine processors to transfer data
- Minimizes network latency
Which virtual machine size and feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
- Minimizes the use of the virtual machine processors to transfer data
- Minimizes network latency
Which virtual machine size and feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-hpc#h-series
Question 3
You have five datacenters across North America and Europe.
You have an Azure subscription.
You need to recommend a solution to provide connectivity between the datacenters and Azure.
The solution must meet the following requirements:
- Ensure that apps hosted in a datacenter can access the resources
hosted in Azure and the other datacenters.
- Ensure that apps hosted in Azure can access the resources hosted in
the datacenters.
- Support the central management of network routes.
- Support the central management of firewall rules.
- Minimize administrative effort.
What should you include in the recommendation?
You have an Azure subscription.
You need to recommend a solution to provide connectivity between the datacenters and Azure.
The solution must meet the following requirements:
- Ensure that apps hosted in a datacenter can access the resources
hosted in Azure and the other datacenters.
- Ensure that apps hosted in Azure can access the resources hosted in
the datacenters.
- Support the central management of network routes.
- Support the central management of firewall rules.
- Minimize administrative effort.
What should you include in the recommendation?
Correct Answer: D
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 4
You plan provision a High Performance Computing (HPC) cluster in Azure that will use a third- party scheduler.
You need to recommend a solution to provision and manage the HPC cluster node.
What should you include in the recommendation?
You need to recommend a solution to provision and manage the HPC cluster node.
What should you include in the recommendation?
Correct Answer: C
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 5
Case Study 3 - Contoso
Existing Environment: Technical Environment
The on-premises network contains a single Active Directory domain named contoso.com.
Contoso has a single Azure subscription.
Existing Environment: Business Partnerships
Contoso has a business partnership with Fabrikam, Inc. Fabrikam users access some Contoso applications over the internet by using Azure Active Directory (Azure AD) guest accounts.
Requirements: Planned Changes
Contoso plans to deploy two applications named App1 and App2 to Azure.
Requirements: App1
App1 will be a Python web app hosted in Azure App Service that requires a Linux runtime. Users from Contoso and Fabrikam will access App1.
App1 will access several services that require third-party credentials and access strings. The credentials and access strings are stored in Azure Key Vault.
App1 will have six instances: three in the East US Azure region and three in the West Europe Azure region.
App1 has the following data requirements:
* Each instance will write data to a data store in the same availability zone as the instance.
* Data written by any App1 instance must be visible to all App1 instances.
App1 will only be accessible from the internet. App1 has the following connection requirements:
* Connections to App1 must pass through a web application firewall (WAF).
* Connections to App1 must be active-active load balanced between instances.
* All connections to App1 from North America must be directed to the East US region. All other connections must be directed to the West Europe region.
Every hour, you will run a maintenance task by invoking a PowerShell script that copies files from all the App1 instances. The PowerShell script will run from a central location.
Requirements: App2
App2 will be a NET app hosted in App Service that requires a Windows runtime. App2 has the following file storage requirements:
* Save files to an Azure Storage account.
* Replicate files to an on-premises location.
* Ensure that on-premises clients can read the files over the LAN by using the SMB protocol.
You need to monitor App2 to analyze how long it takes to perform different transactions within the application. The solution must not require changes to the application code.
Application Development Requirements
Application developers will constantly develop new versions of App1 and App2. The development process must meet the following requirements:
* A staging instance of a new application version must be deployed to the application host before the new version is used in production.
* After testing the new version, the staging version of the application will replace the production version.
* The switch to the new application version from staging to production must occur without any downtime of the application.
Identity Requirements
Contoso identifies the following requirements for managing Fabrikam access to resources:
* Every month, an account manager at Fabrikam must review which Fabrikam users have access permissions to App1. Accounts that no longer need permissions must be removed as guests.
* The solution must minimize development effort.
Security Requirement
All secrets used by Azure services must be stored in Azure Key Vault.
Services that require credentials must have the credentials tied to the service instance. The credentials must NOT be shared between services.
Drag and Drop Question
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Existing Environment: Technical Environment
The on-premises network contains a single Active Directory domain named contoso.com.
Contoso has a single Azure subscription.
Existing Environment: Business Partnerships
Contoso has a business partnership with Fabrikam, Inc. Fabrikam users access some Contoso applications over the internet by using Azure Active Directory (Azure AD) guest accounts.
Requirements: Planned Changes
Contoso plans to deploy two applications named App1 and App2 to Azure.
Requirements: App1
App1 will be a Python web app hosted in Azure App Service that requires a Linux runtime. Users from Contoso and Fabrikam will access App1.
App1 will access several services that require third-party credentials and access strings. The credentials and access strings are stored in Azure Key Vault.
App1 will have six instances: three in the East US Azure region and three in the West Europe Azure region.
App1 has the following data requirements:
* Each instance will write data to a data store in the same availability zone as the instance.
* Data written by any App1 instance must be visible to all App1 instances.
App1 will only be accessible from the internet. App1 has the following connection requirements:
* Connections to App1 must pass through a web application firewall (WAF).
* Connections to App1 must be active-active load balanced between instances.
* All connections to App1 from North America must be directed to the East US region. All other connections must be directed to the West Europe region.
Every hour, you will run a maintenance task by invoking a PowerShell script that copies files from all the App1 instances. The PowerShell script will run from a central location.
Requirements: App2
App2 will be a NET app hosted in App Service that requires a Windows runtime. App2 has the following file storage requirements:
* Save files to an Azure Storage account.
* Replicate files to an on-premises location.
* Ensure that on-premises clients can read the files over the LAN by using the SMB protocol.
You need to monitor App2 to analyze how long it takes to perform different transactions within the application. The solution must not require changes to the application code.
Application Development Requirements
Application developers will constantly develop new versions of App1 and App2. The development process must meet the following requirements:
* A staging instance of a new application version must be deployed to the application host before the new version is used in production.
* After testing the new version, the staging version of the application will replace the production version.
* The switch to the new application version from staging to production must occur without any downtime of the application.
Identity Requirements
Contoso identifies the following requirements for managing Fabrikam access to resources:
* Every month, an account manager at Fabrikam must review which Fabrikam users have access permissions to App1. Accounts that no longer need permissions must be removed as guests.
* The solution must minimize development effort.
Security Requirement
All secrets used by Azure services must be stored in Azure Key Vault.
Services that require credentials must have the credentials tied to the service instance. The credentials must NOT be shared between services.
Drag and Drop Question
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: Azure Files
Scenario: App2 has the following file storage requirements:
* Save files to an Azure Storage account.
* Replicate files to an on-premises location.
* Ensure that on-premises clients can read the files over the LAN by using the SMB protocol.
Box 2: Azure File Sync
Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share. You can use any protocol that's available on Windows Server to access your data locally, including SMB, NFS, and FTPS.
You can have as many caches as you need across the world.
Reference:
https://docs.microsoft.com/en-us/azure/storage/file-sync/file-sync-deployment-guide
Question 6
You plan to develop, deploy, and maintain 100 React-based web apps that will NOT require server-side rendering.
You need to recommend a hosting solution for the apps. The solution must meet the following requirements:
- Automatically deploy new versions of the apps when changes to the
apps' source code are committed in Azure Repos.
- Automatically stage a preview version of an app when a pull request
is processed.
- Support Azure API Management by using the /api
- Minimize costs.
What should you include in the recommendation?
You need to recommend a hosting solution for the apps. The solution must meet the following requirements:
- Automatically deploy new versions of the apps when changes to the
apps' source code are committed in Azure Repos.
- Automatically stage a preview version of an app when a pull request
is processed.
- Support Azure API Management by using the /api
- Minimize costs.
What should you include in the recommendation?
Correct Answer: C
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 7
You have an Azure Data Lake Storage account that contains 1,000 10-MB CSV files and an Azure Synapse Analytics dedicated SQL pool named sql1. You need to load the files to sql1. The solution must meet the following requirements:
- Maximize data load performance.
- Eliminate the need to define external tables before the data loads.
What should you use?
- Maximize data load performance.
- Eliminate the need to define external tables before the data loads.
What should you use?
Correct Answer: A
Question 8
Hotspot Question
You have an Azure Load Balancer named LB1 that balances requests to five Azure virtual machines.
You need to develop a monitoring solution for LB1. The solution must generate an alert when any of the following conditions are met:
- A virtual machine is unavailable.
- Connection attempts exceed 50,000 per minute.
Which signal should you include in the solution for each condition? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure Load Balancer named LB1 that balances requests to five Azure virtual machines.
You need to develop a monitoring solution for LB1. The solution must generate an alert when any of the following conditions are met:
- A virtual machine is unavailable.
- Connection attempts exceed 50,000 per minute.
Which signal should you include in the solution for each condition? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: Data path availability
Standard Load Balancer continuously exercises the data path from within a region to the load balancer front end, all the way to the SDN stack that supports your VM. As long as healthy instances remain, the measurement follows the same path as your application's load-balanced traffic. The data path that your customers use is also validated. The measurement is invisible to your application and does not interfere with other operations.
Note: Load balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances. These flows are according to configured load-balancing rules and health probes. The backend pool instances can be Azure Virtual Machines or instances in a virtual machine scale set.
Box 2: SYN count
SYN (synchronize) count: Standard Load Balancer does not terminate Transmission Control Protocol (TCP) connections or interact with TCP or UDP packet flows. Flows and their handshakes are always between the source and the VM instance. To better troubleshoot your TCP protocol scenarios, you can make use of SYN packets counters to understand how many TCP connection attempts are made. The metric reports the number of TCP SYN packets that were received.
Reference:
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics
Question 9
Hotspot Question
Your on-premises network contains a file server named Server1 that stores 500 GB of data.
You need to use Azure Data Factory to copy the data from Server1 to Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your on-premises network contains a file server named Server1 that stores 500 GB of data.
You need to use Azure Data Factory to copy the data from Server1 to Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: Install a self-hosted integration runtime
The Integration Runtime is a customer-managed data integration infrastructure used by Azure Data Factory to provide data integration capabilities across different network environments.
Box 2: Create a pipeline
With ADF, existing data processing services can be composed into data pipelines that are highly available and managed in the cloud. These data pipelines can be scheduled to ingest, prepare, transform, analyze, and publish data, and ADF manages and orchestrates the complex data and processing dependencies References:
https://docs.microsoft.com/en-us/azure/machine-learning/team-data-science-process/move-sql-azure-adf
Question 10
Case Study 1 - Litware
Existing Environment
Azure Environment
Litware has 10 Azure subscriptions that are linked to the Litware.com tenant and five Azure subscriptions that are linked to the dev.litware.com tenant. All the subscriptions are in an Enterprise Agreement (EA).
The litware.com tenant contains a custom Azure role-based access control (Azure RBAC) role named Role1 that grants the DataActions read permission to the blobs and files in Azure Storage.
On-Premises Environment
The on-premises network of Litware contains the resources shown in the following table.
Network Environment
Litware has ExpressRoute connectivity to Azure.
Planned Changes and Requirements
Litware plans to implement the following changes:
* Migrate DB1 and DB2 to Azure.
* Migrate App1 to Azure virtual machines.
* Migrate the external storage used by App1 to Azure Storage.
* Deploy the Azure virtual machines that will host App1 to Azure dedicated hosts.
Authentication and Authorization Requirements
Litware identifies the following authentication and authorization requirements:
* Only users that manage the production environment by using the Azure portal must connect from a hybrid Azure AD-joined device and authenticate by using Azure Multi-Factor Authentication (MFA).
* The Network Contributor built-in RBAC role must be used to grant permissions to the network administrators for all the virtual networks in all the Azure subscriptions.
* To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app.
* RBAC roles must be applied at the highest level possible.
Resiliency Requirements
Litware identifies the following resiliency requirements:
* Once migrated to Azure, DB1 and DB2 must meet the following requirements:
- Maintain availability if two availability zones in the local Azure region fail.
- Fail over automatically.
- Minimize I/O latency.
* App1 must meet the following requirements:
- Be hosted in an Azure region that supports availability zones.
- Be hosted on Azure virtual machines that support automatic scaling.
- Maintain availability if two availability zones in the local Azure region fail.
Security and Compliance Requirements
Litware identifies the following security and compliance requirements:
* Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years.
* On-premises users and services must be able to access the Azure Storage account that will host the data in App1.
* Access to the public endpoint of the Azure Storage account that will host the App1 data must be prevented.
* All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE) enabled.
* App1 must NOT share physical hardware with other workloads.
Business Requirements
Litware identifies the following business requirements:
* Minimize administrative effort.
* Minimize costs.
Hotspot Question
How should the migrated databases DB1 and DB2 be implemented in Azure?
Existing Environment
Azure Environment
Litware has 10 Azure subscriptions that are linked to the Litware.com tenant and five Azure subscriptions that are linked to the dev.litware.com tenant. All the subscriptions are in an Enterprise Agreement (EA).
The litware.com tenant contains a custom Azure role-based access control (Azure RBAC) role named Role1 that grants the DataActions read permission to the blobs and files in Azure Storage.
On-Premises Environment
The on-premises network of Litware contains the resources shown in the following table.
Network Environment
Litware has ExpressRoute connectivity to Azure.
Planned Changes and Requirements
Litware plans to implement the following changes:
* Migrate DB1 and DB2 to Azure.
* Migrate App1 to Azure virtual machines.
* Migrate the external storage used by App1 to Azure Storage.
* Deploy the Azure virtual machines that will host App1 to Azure dedicated hosts.
Authentication and Authorization Requirements
Litware identifies the following authentication and authorization requirements:
* Only users that manage the production environment by using the Azure portal must connect from a hybrid Azure AD-joined device and authenticate by using Azure Multi-Factor Authentication (MFA).
* The Network Contributor built-in RBAC role must be used to grant permissions to the network administrators for all the virtual networks in all the Azure subscriptions.
* To access the resources in Azure, App1 must use the managed identity of the virtual machines that will host the app.
* RBAC roles must be applied at the highest level possible.
Resiliency Requirements
Litware identifies the following resiliency requirements:
* Once migrated to Azure, DB1 and DB2 must meet the following requirements:
- Maintain availability if two availability zones in the local Azure region fail.
- Fail over automatically.
- Minimize I/O latency.
* App1 must meet the following requirements:
- Be hosted in an Azure region that supports availability zones.
- Be hosted on Azure virtual machines that support automatic scaling.
- Maintain availability if two availability zones in the local Azure region fail.
Security and Compliance Requirements
Litware identifies the following security and compliance requirements:
* Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years.
* On-premises users and services must be able to access the Azure Storage account that will host the data in App1.
* Access to the public endpoint of the Azure Storage account that will host the App1 data must be prevented.
* All Azure SQL databases in the production environment must have Transparent Data Encryption (TDE) enabled.
* App1 must NOT share physical hardware with other workloads.
Business Requirements
Litware identifies the following business requirements:
* Minimize administrative effort.
* Minimize costs.
Hotspot Question
How should the migrated databases DB1 and DB2 be implemented in Azure?
Correct Answer:
Explanation:
Box 1: An Azure SQL Database elastic pool
To minimize I/O, what is needed is a SQL AO availability group that spans availability zones. This is covered by Premium and Business Critical SQL Database, and SQL Database Elastic Pools.
Since there are 2 databases, it has to be Elastic Pool.
Box 2: Business Critical
SQL Managed Instance is available in two service tiers:
General purpose: Designed for applications with typical performance and I/O latency requirements.
Business critical: Designed for applications with low I/O latency requirements and minimal impact of underlying maintenance operations on the workload.
References:
https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/auto-failover-group-sql-mi
https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/sql-managed-instance-paas-overview
Question 11
Hotspot Question
You have an Azure subscription.
You plan to deploy a high-throughput transactional workload that will use PostgreSQL.
You need to recommend a managed solution for storing relational data. The solution must meet the following requirements:
- Support the horizontal scaling of transactional writes by using row-
based sharding.
- Minimize administrative effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription.
You plan to deploy a high-throughput transactional workload that will use PostgreSQL.
You need to recommend a managed solution for storing relational data. The solution must meet the following requirements:
- Support the horizontal scaling of transactional writes by using row-
based sharding.
- Minimize administrative effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: Azure Database for PostgreSQL Flexible Server
For horizontal scaling of transactional writes in Azure PostgreSQL using row-based sharding, you should utilize Azure Database for PostgreSQL Flexible Server with Elastic Clusters. This feature leverages the Citus extension for PostgreSQL, enabling you to shard your data across multiple nodes and manage them as a single, distributed database.
Box 2: Distributed tables
Azure Database for PostgreSQL Flexible Server uses distributed tables for scaling through the use of an Elastic cluster, powered by the Citus extension. This allows for scaling out by adding more nodes to the cluster and distributing data across them, rather than just increasing the compute power of a single node.
Reference:
https://techcommunity.microsoft.com/blog/adforpostgresql/postgres-horizontal-scaling-with-elastic-clusters-on-azure-database-for-postgres/4303508