aiotestking uk

AZ-304 Exam Questions - Online Test


AZ-304 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Act now and download your Microsoft AZ-304 test today! Do not waste time for the worthless Microsoft AZ-304 tutorials. Download Most recent Microsoft Microsoft Azure Architect Design (beta) exam with real questions and answers and begin to learn Microsoft AZ-304 with a classic professional.

Online Microsoft AZ-304 free dumps demo Below:

NEW QUESTION 1

You need to recommend a solution for configuring the Azure Multi-Factor Authentication (MFA) settings. What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
AZ-304 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-mfa-policy

NEW QUESTION 2

Your company has the divisions shown in the following table.
AZ-304 dumps exhibit
You plan to deploy a custom application to each subscription. The application will contain the following:
AZ-304 dumps exhibit A resource group
AZ-304 dumps exhibit An Azure web app
AZ-304 dumps exhibit Custom role assignments
AZ-304 dumps exhibit An Azure Cosmos DB account
You need to use Azure Blueprints to deploy the application to each subscription.
What is the minimum number of objects required to deploy the application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-304 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: 2
One management group for East, and one for West.
When creating a blueprint definition, you'll define where the blueprint is saved. Blueprints can be saved to a management group or subscription that you have Contributor access to. If the location is a management group, the blueprint is available to assign to any child subscription of that management group.
Box 2: 1
One definition as the you plan to deploy a custom application to each subscription.
With Azure Blueprints, the relationship between the blueprint definition (what should be deployed) and the blueprint assignment (what was deployed) is preserved.
Box 3: 4
One assignment for each subscription. Reference:
https://docs.microsoft.com/en-us/azure/governance/blueprints/overview

NEW QUESTION 3

A company has a hybrid ASP.NET Web API application that is based on a software as a service (SaaS) offering.
Users report general issues with the data. You advise the company to implement live monitoring and use ad hoc queries on stored JSON data. You also advise the company to set up smart alerting to detect anomalies in the data.
You need to recommend a solution to set up smart alerting. What should you recommend?

  • A. Azure Application Insights and Azure Monitor Logs
  • B. Azure Site Recovery and Azure Monitor Logs
  • C. Azure Data Lake Analytics and Azure Monitor Logs
  • D. Azure Security Center and Azure Data Lake Store

Answer: C

Explanation:
Application Insights, a feature of Azure Monitor, is an extensible Application Performance Management (APM) service for developers and DevOps professionals. Use it to monitor your live applications. It will automatically detect performance anomalies, and includes powerful analytics tools to help you diagnose issues and to understand what users actually do with your app.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview

NEW QUESTION 4

You need to design a resource governance solution for an Azure subscription. The solution must meet the following requirements:
AZ-304 dumps exhibit Ensure that all ExpressRoute resources are created in a resource group named RG1.
AZ-304 dumps exhibit Delegate the creation of the ExpressRoute resources to an Azure Active Directory (Azure AD) group named Networking.
AZ-304 dumps exhibit Use the principle of least privilege.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-304 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: An Azure policy assignment at the subscription level that has an exclusion Box 2: A custom RBAC role assignment at the level of RG1
Azure role-based access control (Azure RBAC) is the authorization system you use to manage access to Azure resources. To grant access, you assign roles to users, groups, service principals, or managed identities at a particular scope.
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manage

NEW QUESTION 5

You are building an application that will run in a virtual machine (VM). The application will use Azure Managed Identity.
The application uses Azure Key Vault, Azure SQL Database, and Azure Cosmos DB. You need to ensure the application can use secure credentials to access these services.
Which authentication method should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-304 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Note: Managed identities for Azure resources is the new name for the service formerly known as Managed
Service Identity (MSI). Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

NEW QUESTION 6

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution. while others might not have a correct solution.
After you answer a question In this section, you will NOT be able to return to it As a result these questions will not appear In the review screen.
You have an on-premises Hyper-V cluster that hosts 20 virtual machines Some virtual machines run Windows Server 2016 and some run Linux
You plan to morale the virtual machine? to an Azure subscription
You need to recommend 9 solution 10 replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks.
Solution: You recommend implementing a Recovery Services vault and then using Azure Site Recovery. Dees this meet the goal?

  • A. Yes
  • B. No

Answer: A

Explanation:
Site Recovery can replicate on-premises VMware VMs, Hyper-V VMs, physical servers (Windows and Linux), Azure Stack VMs to Azure.
Note: Site Recovery helps ensure business continuity by keeping business apps and workloads running during outages. Site Recovery replicates workloads running on physical and virtual machines (VMs) from a primary site to a secondary location. When an outage occurs at your primary site, you fail over to secondary location, and access apps from there. After the primary location is running again, you can fail back to it.
References:
https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview

NEW QUESTION 7

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Storage v2 account named Storage1. You plan to archive data to Storage1.
You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data.
Solution: You create a file share, and you configure an access policy. Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
Instead of a file share, an immutable Blob storage is required.
Time-based retention policy support: Users can set policies to store data for a specified interval. When a time-based retention policy is set, blobs can be created and read, but not modified or deleted. After the retention period has expired, blobs can be deleted but not overwritten.
Note: Set retention policies and legal holds
* 1. Create a new container or select an existing container to store the blobs that need to be kept in the immutable state. The container must be in a general-purpose v2 or Blob storage account.
* 2. Select Access policy in the container settings. Then select Add policy under Immutable blob storage.
* 3. To enable time-based retention, select Time-based retention from the drop-down menu.
* 4. Enter the retention interval in days (acceptable values are 1 to 146000 days). References:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutability-policies-manage

NEW QUESTION 8

You need to recommend a solution to deploy containers that run an application. The application has two tiers.
Each tier is implemented as a separate Docker Linux-based image. The solution must meet the following requirements:
AZ-304 dumps exhibit The front-end tier must be accessible by using a public IP address on port 80.
AZ-304 dumps exhibit The backend tier must be accessible by using port 8080 from the front-end tier only.
AZ-304 dumps exhibit Both containers must be able to access the same Azure file share.
AZ-304 dumps exhibit If a container fails, the application must restart automatically.
AZ-304 dumps exhibit Costs must be minimized.
What should you recommend using to host the application?

  • A. Azure Kubernetes Service (AKS)
  • B. Azure Service Fabric
  • C. Azure Container instances

Answer: C

Explanation:
Azure Container Instances enables a layered approach to orchestration, providing all of the scheduling and management capabilities required to run a single container, while allowing orchestrator platforms to manage multi-container tasks on top of it.
Because the underlying infrastructure for container instances is managed by Azure, an orchestrator platform does not need to concern itself with finding an appropriate host machine on which to run a single container.
Azure Container Instances can schedule both Windows and Linux containers with the same API. Orchestration of container instances exclusively
Because they start quickly and bill by the second, an environment based exclusively on Azure Container Instances offers the fastest way to get started and to deal with highly variable workloads.
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-overview https://docs.microsoft.com/en-us/azure/container-instances/container-instances-orchestrator-relationship

NEW QUESTION 9

Note: This question Is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question In this section, you will NOT be able to return to It As a result, these questions will not appear In the review screen.
You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux.
You plan to migrate the virtual machines to an Azure subscription.
You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks.
Solution: You recommend implementing an Azure Storage account that has a file service and a blob service, and then using the Data Migration Assistant
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
Data Migration Assistant is used to migrate SQL databases. Instead use Azure Site Recovery.
References:
https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview

NEW QUESTION 10

You need to recommend a data storage strategy for WebApp1. What should you include in in the recommendation?

  • A. an Azure SQL Database elastic pool
  • B. a vCore-baswl Azure SQL database
  • C. an Azure virtual machine that runs SQL Server
  • D. a fixed-size DTU AzureSQL database.

Answer: B

NEW QUESTION 11

Your company is designing a multi-tenant application that will use elastic pools and Azure SQL databases. The application will be used by 30 customers.
You need to design a storage solution for the application. The solution must meet the following requirements:
AZ-304 dumps exhibit Operational costs must be minimized.
AZ-304 dumps exhibit All customers must have their own database.
AZ-304 dumps exhibit The customer databases will be in one of the following three Azure regions: East US, North Europe, or South Africa North.
What is the minimum number of elastic pools and Azure SQL Database servers required? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-304 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: 3
The server, its pools & databases must be in the same Azure region under the same subscription. Box 2: 3
A server can have up to 5000 databases associated to it.
Reference:
https://vincentlauzon.com/2016/12/18/azure-sql-elastic-pool-overview/

NEW QUESTION 12

You plan to deploy a network-intensive application to several Azure virtual machines. You need to recommend a solution that meets the following requirements:
AZ-304 dumps exhibit Minimizes the use of the virtual machine processors to transfer data
AZ-304 dumps exhibit Minimizes network latency
Which virtual machine size and feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-304 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-hpc#h-series

NEW QUESTION 13

You have an Azure Active Directory (Azure AD) tenant.
You plan to provide users with access to shared files by using Azure Storage. The users will be provided with different levels of access to various Azure file shares based on their user account or their group membership.
You need to recommend which additional Azure services must be used to support the planned deployment. What should you include in the recommendation?

  • A. an Azure AD enterprise application
  • B. Azure Information Protection
  • C. an Azure AD Domain Services (Azure AD DS) instance
  • D. an Azure Front Door instance

Answer: C

Explanation:
Azure Filessupports identity-based authentication over Server Message Block (SMB) throughtwo types of Domain Services: on-premises Active Directory Domain Services (AD DS) and Azure Active Directory Domain Services (Azure AD DS).
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-domain-service

NEW QUESTION 14

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Storage v2 account named storage1. You plan to archive data to storage1.
You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data.
Solution: You create an Azure Blob storage container, and you configure a legal hold access policy. Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
Use an Azure Blob storage container, but use a time-based retention policy instead of a legal hold. Note:
Immutable storage for Azure Blob storage enables users to store business-critical data objects in a WORM (Write Once, Read Many) state. This state makes the data non-erasable and non-modifiable for a
user-specified interval. For the duration of the retention interval, blobs can be created and read, but cannot be modified or deleted. Immutable storage is available for general-purpose v2 and Blob storage accounts in all Azure regions.
Note: Set retention policies and legal holds
* 1. Create a new container or select an existing container to store the blobs that need to be kept in the immutable state. The container must be in a general-purpose v2 or Blob storage account.
* 2. Select Access policy in the container settings. Then select Add policy under Immutable blob storage. Either
* 3a. To enable legal holds, select Add Policy. Select Legal hold from the drop-down menu. Or
* 3b. To enable time-based retention, select Time-based retention from the drop-down menu.
* 4. Enter the retention interval in days (acceptable values are 1 to 146000 days). Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutability-policies-manage

NEW QUESTION 15

You are developing a sales application that will contain several Azure cloud services and will handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using REST messages.
What should you include in the recommendation?

  • A. Azure Service Bus
  • B. Azure Blob storage
  • C. Azure Notification Hubs
  • D. Azure Application Gateway

Answer: A

Explanation:
Service Bus is a transactional message broker and ensures transactional integrity for all internal operations against its message stores. All transfers of messages inside of Service Bus, such as moving messages to a dead-letter queue or automatic forwarding of messages between entities, are transactional.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-transactions

NEW QUESTION 16

You have an on-premises network to which you deploy a virtual appliance.
You plan to deploy several Azure virtual machines and connect the on-premises network to Azure by using a Site-to-Site connection.
All network traffic that will be directed from the Azure virtual machines to a specific subnet must flow through the virtual appliance.
You need to recommend solutions to manage network traffic.
Which two options should you recommend? Each correct answer presents a complete solution.

  • A. Configure Azure Traffic Manager.
  • B. Implement an Azure virtual network.
  • C. Implement Azure ExpressRoute.
  • D. Configure a routing table.

Answer: CD

Explanation:
Connectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual cross-connection through a connectivity provider at a co-location facility. ExpressRoute connections do not go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, lower latencies, and higher security than typical connections over the Internet.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction

NEW QUESTION 17

You are planning to deploy an application named App1 that will run in containers on Azure Kubernetes Service (AKS) clusters. The AKS clusters will be distributed across four Azure regions.
You need to recommend a storage solution for App1. Updated container images must be replicated automatically to all the AKS clusters.
Which storage solution should you recommend?

  • A. Premium SKU Azure Container Registry
  • B. Azure Content Delivery Network (CDN)
  • C. geo redundant storage (GRS) accounts
  • D. Azure Cache for Redis

Answer: A

Explanation:
Enable geo-replication for container images.
Best practice: Store your container images in Azure Container Registry and geo-replicate the registry to each AKS region.
To deploy and run your applications in AKS, you need a way to store and pull the container images. Container Registry integrates with AKS, so it can securely store your container images or Helm charts. Container Registry supports multimaster geo-replication to automatically replicate your images to Azure regions around the world.
Geo-replication is a feature of Premium SKU container registries. Note:
When you use Container Registry geo-replication to pull images from the same region, the results are: Faster: You pull images from high-speed, low-latency network connections within the same Azure region.
More reliable: If a region is unavailable, your AKS cluster pulls the images from an available container registry.
Cheaper: There's no network egress charge between datacenters. Reference:
https://docs.microsoft.com/en-us/azure/aks/operator-best-practices-multi-region

NEW QUESTION 18

You have an Azure Active Directory (Azure AD) tenant.
You plan to deploy Azure Cosmos DB databases that will use the SQL API.
You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.
What should you include in the recommendation?

  • A. a resource token and an Access control (IAM) role assignment
  • B. shared access signatures (SAS) and conditional access policies
  • C. master keys and Azure Information Protection policies
  • D. certificates and Azure Key Vault

Answer: A

Explanation:
The Access control (IAM) pane in the Azure portal is used to configure role-based access control on Azure Cosmos resources. The roles are applied to users, groups, service principals, and managed identities in Active Directory. You can use built-in roles or custom roles for individuals and groups. The following screenshot shows Active Directory integration (RBAC) using access control (IAM) in the Azure portal:
AZ-304 dumps exhibit
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/role-based-access-control

NEW QUESTION 19

You are designing a storage solution that will use Azure Blob storage. The data will be stored in a cool access tier or an archive access tier based on the access patterns of the data.
You identify the following types of infrequently accessed data: Telemetry data: Deleted after two years D18912E1457D5D1DDCBD40AB3BF70D5D
AZ-304 dumps exhibit Promotional material: Deleted after 14 days
AZ-304 dumps exhibit Virtual machine audit data: Deleted after 200 days
AZ-304 dumps exhibit A colleague recommends using the archive access tier to store the data. Which statement accurately describes the recommendation?

  • A. Storage costs will be based on a minimum of 30 days.
  • B. Access to the data is guaranteed within five minutes.
  • C. Access to the data is guaranteed within 30 minutes.
  • D. Storage costs will be based on a minimum of 180 days.

Answer: D

Explanation:
The following table shows a comparison of premium performance block blob storage, and the hot, cool, and archive access tiers.
AZ-304 dumps exhibit
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

NEW QUESTION 20

Your company plans to publish APIs for its services by using Azure API Management. You discover that service responses include the AspNet-Version header.
You need to recommend a solution to remove AspNet-Version from the response of the published APIs. What should you include in the recommendation?

  • A. a new product
  • B. a modification to the URL scheme
  • C. a new policy
  • D. a new revision

Answer: C

Explanation:
References:
https://docs.microsoft.com/en-us/azure/api-management/transform-api

NEW QUESTION 21
......

100% Valid and Newest Version AZ-304 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/AZ-304/ (New 0 Q&As)