Prepare For Realistic AZ-305 Dumps PDF - 100% Passing Guarantee [Q179-Q196]

Prepare For Realistic AZ-305 Dumps PDF - 100% Passing Guarantee

Check the Available AZ-305 Exam Dumps with 430 Q's

NEW QUESTION # 179
You have the Azure resources shown in the following table.

You need to design a solution that provides on-premises network connectivity to SQLDB1 through PE1. How should you configure name resolution? To answer, select the appropriate options in the answer area.

Answer:

Explanation:

NEW QUESTION # 180
Hotspot Question
Your on-premises network contains an Active Directory Domain Services (AD DS) forest. The forest contains servers that run Windows Server. The servers contain file shares that replicate by using Distributed File System (DFS) Replication.
You have multiple remote Windows 11 devices that connect to the on-premises network by using Point-to-Site (P2S) VPN and access the file shares by using drive mappings.
You have an Azure subscription. The subscription contains virtual machines that run Windows Server and are configured as domain controllers. The virtual machines replicate to the on- premises forest. The forest syncs with a Microsoft Entra tenant that is linked to the Azure subscription.
You plan to migrate the on-premises file shares to the Azure virtual machines.
You need to recommend a solution for replicating the file shares to Azure and providing the Windows 11 devices with access to the shares. The solution must ensure that the devices can access the shares by using mapped drive letters via TCP port 445.
What should you use to replicate the shares, and what should the devices use to the access the shares? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: Azure File Sync
Azure File Sync is fully supported on DFS Namespace servers, you can install the Azure File Sync agent on one or more DFS Namespace member servers to sync data between the server endpoints and the cloud endpoint.
Box 2: SMB over QUIC
SMB over QUIC offers an "SMB VPN" for telecommuters, mobile device users, and high security organizations. The server certificate creates a TLS 1.3-encrypted tunnel over the internet-friendly UDP port 443 instead of the legacy TCP port 445. All SMB traffic, including authentication and authorization within the tunnel is never exposed to the underlying network. SMB behaves normally within the QUIC tunnel, meaning the user experience doesn't change. SMB features like multichannel, signing, compression, continuous availability, directory leasing, and so on, work normally.
Reference:
https://learn.microsoft.com/en-us/windows-server/storage/file-server/smb-over-quic
https://learn.microsoft.com/en-us/azure/storage/file-sync/file-sync-planning#distributed-file- system-dfs

NEW QUESTION # 181
You need to recommend a strategy for migrating the database content of WebApp1 to Azure. What should you include in the recommendation?

A. Use SQL Server transactional replication.
B. Copy the BACPAC file that contains the Azure SQL database file to Azure Blob storage.
C. Copy the VHD that contains the Azure SQL database files to Azure Blob storage
D. Use Azure Site Recovery to replicate the SQL servers to Azure.

Answer: C

Explanation:
Explanation
Before you upload a Windows virtual machine (VM) from on-premises to Azure, you must prepare the virtual hard disk (VHD or VHDX).
Scenario: WebApp1 has a web tier that uses Microsoft Internet Information Services (IIS) and a database tier that runs Microsoft SQL Server 2016. The web tier and the database tier are deployed to virtual machines that run on Hyper-V.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepare-for-upload-vhd-image

NEW QUESTION # 182
You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server
2016 and Linux.
You need to use Azure Log Analytics design an alerting strategy for security-related events.
Which Log Analytics tables should you query? To answer, drag the appropriate tables to the correct log types.
Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, table Description automatically generated with medium confidence

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent Windows Event logs --> Information sent to the Windows event logging system. Syslog --> Information sent to the Linux event logging system.

NEW QUESTION # 183
You plan to automate the deployment of resources to Azure subscriptions.
What is a difference between using Azure Blueprints and Azure Resource Manager (ARM) templates?

A. Only Blueprints can contain policy definitions.
B. Blueprints remain connected to the deployed resources.
C. Only ARM templates can contain policy definitions.
D. ARM templates remain connected to the deployed resources.

Answer: B

Explanation:
Explanation
With Azure Blueprints, the relationship between the blueprint definition (what should be deployed) and the blueprint assignment (what was deployed) is preserved. This connection supports improved tracking and auditing of deployments. Azure Blueprints can also upgrade several subscriptions at once that are governed by the same blueprint.
Reference:
https://docs.microsoft.com/en-us/answers/questions/26851/how-is-azure-blue-prints-different-from-resource-m.h

NEW QUESTION # 184
Case Study 2 - Fabrikam, Inc
Overview
Fabrikam, Inc. is an engineering company that has offices throughout Europe. The company has a main office in London and three branch offices in Amsterdam, Berlin, and Rome.
Existing Environment: Active Directory Environment
The network contains two Active Directory forests named corp.fabrikam.com and rd.fabrikam.com. There are no trust relationships between the forests.
Corp.fabrikam.com is a production forest that contains identities used for internal user and computer authentication.
Rd.fabrikam.com is used by the research and development (R&D) department only. The R&D department is restricted to using on-premises resources only.
Existing Environment: Network Infrastructure
Each office contains at least one domain controller from the corp.fabrikam.com domain. The main office contains all the domain controllers for the rd.fabrikam.com forest.
All the offices have a high-speed connection to the internet.
An existing application named WebApp1 is hosted in the data center of the London office.
WebApp1 is used by customers to place and track orders. WebApp1 has a web tier that uses Microsoft Internet information Services (IIS) and a database tier that runs Microsoft SQL Server
2016. The web tier and the database tier are deployed to virtual machines that run on Hyper-V.
The IT department currently uses a separate Hyper-V environment to test updates to WebApp1.
Fabrikam purchases all Microsoft licenses through a Microsoft Enterprise Agreement that includes Software Assurance.
Existing Environment: Problem Statements
The use of WebApp1 is unpredictable. At peak times, users often report delays. At other times, many resources for WebApp1 are underutilized.
Requirements: Planned Changes
Fabrikam plans to move most of its production workloads to Azure during the next few years, including virtual machines that rely on Active Directory for authentication.
As one of its first projects, the company plans to establish a hybrid identity model, facilitating an upcoming Microsoft 365 deployment.
All R&D operations will remain on-premises.
Fabrikam plans to migrate the production and test instances of WebApp1 to Azure.
Requirements: Technical Requirements
Fabrikam identifies the following technical requirements:
* Website content must be easily updated from a single point.
* User input must be minimized when provisioning new web app instances.
* Whenever possible, existing on-premises licenses must be used to reduce cost.
* Users must always authenticate by using their corp.fabrikam.com UPN identity.
* Any new deployments to Azure must be redundant in case an Azure region fails.
* Whenever possible, solutions must be deployed to Azure by using the Standard pricing tier of Azure App Service.
* An email distribution group named IT Support must be notified of any issues relating to the directory synchronization services.
* In the event that a link fails between Azure and the on-premises network, ensure that the virtual machines hosted in Azure can authenticate to Active Directory.
* Directory synchronization between Azure Active Directory (Azure AD) and corp.fabrikam.com must not be affected by a link failure between Azure and the on-premises network.
Requirements: Database Requirements
Fabrikam identifies the following database requirements:
* Database metrics for the production instance of WebApp1 must be available for analysis so that database administrators can optimize the performance settings.
* To avoid disrupting customer access, database downtime must be minimized when databases are migrated.
* Database backups must be retained for a minimum of seven years to meet compliance requirements.
Requirements: Security Requirements
Fabrikam identifies the following security requirements:
* Company information including policies, templates, and data must be inaccessible to anyone outside the company.
* Users on the on-premises network must be able to authenticate to corp.fabrikam.com if an internet link fails.
* Administrators must be able authenticate to the Azure portal by using their corp.fabrikam.com credentials.
* All administrative access to the Azure portal must be secured by using multi-factor authentication (MFA).
* The testing of WebApp1 updates must not be visible to anyone outside the company.
You need to recommend a strategy for migrating the database content of WebApp1 to Azure.
What should you include in the recommendation?

A. Use SQL Server transactional replication.
B. Copy the BACPAC file that contains the Azure SQL database file to Azure Blob storage.
C. Copy the VHD that contains the Azure SQL database files to Azure Blob storage
D. Use Azure Site Recovery to replicate the SQL servers to Azure.

Answer: C

Explanation:
Before you upload a Windows virtual machine (VM) from on-premises to Azure, you must prepare the virtual hard disk (VHD or VHDX).
Scenario: WebApp1 has a web tier that uses Microsoft Internet Information Services (IIS) and a database tier that runs Microsoft SQL Server 2016. The web tier and the database tier are deployed to virtual machines that run on Hyper-V.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepare-for-upload-vhd-image

NEW QUESTION # 185
Your on-premises network contains a server named Server1 that runs an ASP.NET application named App1.
You have a hybrid deployment of Azure Active Directory (Azure AD).
You need to recommend a solution to ensure that users sign in by using their Azure AD account and Azure Multi-Factor Authentication (MFA) when they connect to App1 from the internet.
Which three Azure services should you recommend be deployed and configured in sequence? To answer, move the appropriate services from the list of services to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation:
AD Application Proxy
AD Enterprise Application
AD Conditional access policy
https://thesleepyadmins.com/2019/02/

NEW QUESTION # 186
You deploy several Azure SQL Database instances.
You plan to configure the Diagnostics settings on the databases as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION # 187
You have an Azure subscription that contains the resources shown in the following table.

You need to recommend a load balancing solution that will distribute incoming traffic for VMSS1 across NVA1 and NVA2. The solution must minimize administrative effort.
What should you include in the recommendation?

A. Azure Front Door
B. Azure Application Gateway
C. Gateway Load Balancer
D. Azure Traffic Manager

Answer: A

NEW QUESTION # 188
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, application Description automatically generated

Box 1: Azure Files
Scenario: App2 has the following file storage requirements:
Save files to an Azure Storage account.
Replicate files to an on-premises location.
Ensure that on-premises clients can read the files over the LAN by using the SMB protocol.
Box 2: Azure File Sync
Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share. You can use any protocol that's available on Windows Server to access your data locally, including SMB, NFS, and FTPS. You can have as many caches as you need across the world.
Reference:
https://docs.microsoft.com/en-us/azure/storage/file-sync/file-sync-deployment-guide

NEW QUESTION # 189
Your company has offices in New York City, Sydney, Paris, and Johannesburg.
The company has an Azure subscription.
You plan to deploy a new Azure networking solution that meets the following requirements:
* Connects to ExpressRoute circuits in the Azure regions of East US, Southeast Asia, North Europe, and South Africa
* Minimizes latency by supporting connections in three regions
* Supports Site-to-Site VPN connections
* Minimizes costs
You need to identify the minimum number of Azure Virtual WAN hubs that you must deploy, and which virtual WAN SKU to use. What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION # 190
Your company has the divisions shown in the following table.

Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single- tenant user authentication. Users from contoso.com can authenticate to App1.
You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1.
What should you recommend?

A. Configure the Azure AD provisioning service.
B. Configure Azure AD Identity Protection.
C. Configure a Conditional Access policy.
D. Use Azure AD entitlement management to govern external users.

Answer: D

Explanation:
https://learn.microsoft.com/en-us/azure/active-directory/governance/entitlement-management- overview#what-can-i-do-with-entitlement-management Here are some of capabilities of entitlement management:
- Select connected organizations whose users can request access. When a user who isn't yet in your directory requests access, and is approved, they're automatically invited into your directory and assigned access. When their access expires, if they have no other access package assignments, their B2B account in your directory can be automatically removed.

NEW QUESTION # 191
Your on-premises network contains a file server named Server1 that stores 500 GB of data.
You need to use Azure Data Factory to copy the data from Server1 to Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/machine-learning/team-data-science-process/move-sql-azure-adf
https://docs.microsoft.com/pl-pl/azure/data-factory/tutorial-hybrid-copy-data-tool syu31svc 3 months, 4 weeks ago
https://docs.microsoft.com/en-us/azure/data-factory/create-self-hosted-integration-runtime?tabs=data-factory
"A self-hosted integration runtime can run copy activities between a cloud data store and a data store in a private network"
https://docs.microsoft.com/en-us/azure/data-factory/introduction
"With Data Factory, you can use the Copy Activity in a data pipeline to move data from both on-premises and cloud source data stores to a centralization data store in the cloud for further analysis"

NEW QUESTION # 192
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/storage/file-sync/file-sync-deployment-guide

NEW QUESTION # 193
You have the resources shown in the following table.

CDB1 hosts a container that stores continuously updated operational data You are designing a solution that will use AS1 to analyze the operational data dairy.
You need to recommend a solution to analyze the data without affecting the performance of the operational data store.
What should you include in the recommendation?

A. Azure Cosmos DB change feed
B. Azure Synapse Analytics with PolyBase data loading
C. Azure Data Factory with Azure Cosmos DB and Azure Synapse Analytics connectors

Answer: B

NEW QUESTION # 194
You plan to create an Azure environment that will contain a root management group and 10 child management groups. Each child management group will contain five Azure subscriptions. You plan to have between 10 and
30 resource groups in each subscription.
You need to design an Azure governance solution. The solution must meet the following requirements:
* Use Azure Blueprints to control governance across all the subscriptions and resource groups.
* Ensure that Blueprints-based configurations are consistent across all the subscriptions and resource groups.
* Minimize the number of blueprint definitions and assignments.
What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE:
Each correct selection is worth one point.

Answer:

Explanation:

Explanation
1. Root management group
2. The subscriptions
Reference: https://docs.microsoft.com/en-us/azure/governance/blueprints/create-blueprint-portal Assign a blueprint After a blueprint has been published, it can be assigned to a subscription. Assign the blueprint that you created to one of the subscriptions under your management group hierarchy. If the blueprint is saved to a subscription, it can only be assigned to that subscription.

NEW QUESTION # 195
Hotspot Question
You have several Azure App Service web apps that use Azure Key Vault to store data encryption keys.
Several departments have the following requests to support the web app:

Which service should you recommend for each department's request? To answer, configure the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: Azure AD Privileged Identity Management
Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management:
- Provide just-in-time privileged access to Azure AD and Azure resources
- Assign time-bound access to resources using start and end dates
- Require approval to activate privileged roles
- Enforce multi-factor authentication to activate any role
- Use justification to understand why users activate
- Get notifications when privileged roles are activated
- Conduct access reviews to ensure users still need roles
- Download audit history for internal or external audit
- Prevents removal of the last active Global Administrator role assignment Box 2: Azure Managed Identity Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication. Applications may use the managed identity to obtain Azure AD tokens. With Azure Key Vault, developers can use managed identities to access resources. Key Vault stores credentials in a secure manner and gives access to storage accounts.
Box 3: Azure AD Privileged Identity Management
Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management:
- Provide just-in-time privileged access to Azure AD and Azure resources
- Assign time-bound access to resources using start and end dates
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim- configure
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure- resources/overview