Verified AZ-303 Exam Dumps Q&As - Provide AZ-303 with Correct Answers
Pass Your AZ-303 Dumps Free Latest Microsoft Practice Tests
Microsoft AZ-303 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
| Topic 11 |
|
| Topic 12 |
|
| Topic 13 |
|
| Topic 14 |
|
| Topic 15 |
|
| Topic 16 |
|
| Topic 17 |
|
| Topic 18 |
|
NEW QUESTION 95
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Cosmos DB database that contains a container named Container1. The partition key for Container1 is set to /day. Container1 contains the items shown in the following table.
You need to programmatically query Azure Cosmos DB and retrieve Item1 and Item2 only.
Solution: You run the following query.
You set the EnableCrossPartitionQuery property to True.
Does this meet the goal?
- A. Yes
- B. No
Answer: A
Explanation:
Section: [none]
Explanation:
Returns Item1 and Item2 only.
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/sql-query-where
https://docs.microsoft.com/en-us/dotnet/api/
microsoft.azure.documents.client.feedoptions.enablecrosspartitionquery?view=azure-dotnet
NEW QUESTION 96
You need to prepare the environment to meet the authentication requirements.
Which two actions should you perform? Each correct answer presents part of the solution NOTE: Each correct selection is worth one point.
- A. Join the client computers in the Miami office to Azure AD
- B. Allow inbound TCP port 8080 to the domain controllers in the Miami office
- C. Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication
- D. Add http://autologon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miami office.
- E. Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miami office
Answer: C,D
Explanation:
Section: [none]
Explanation:
B: Seamless SSO works with any method of cloud authentication - Password Hash Synchronization or Pass- through Authentication, and can be enabled via Azure AD Connect.
E: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure AD URL to all or selected users' Intranet zone settings by using Group Policy in Active Directory: https:// autologon.microsoftazuread-sso.com Incorrect Answers:
A: Azure AD connect does not port 8080. It uses port 443.
C: Seamless SSO is not applicable to Active Directory Federation Services (ADFS).
D: Seamless SSO needs the user's device to be domain-joined, but doesn't need for the device to be Azure AD Joined.
Scenario: Users in the Miami office must use Azure Active Directory Seamless Single Sign-on (Azure AD Seamless SSO) when accessing resources in Azure.
Planned Azure AD Infrastructure include: The on-premises Active Directory domain will be synchronized to Azure AD.
References:
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-sso-quick-start
NEW QUESTION 97
HOTSPOT
You have an Azure subscription named Subscription1.
You have a virtualization environment that contains the virtualization servers in the following table.
The virtual machines are configured as shown in the following table.
All the virtual machines use basic disks. VM1 is protected by using BitLocker Drive Encryption (BitLocker).
You plan to use Azure Site Recovery to migrate the virtual machines to Azure.
Which virtual machines can you migrate? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Section: [none]
Explanation:
Incorrect Answers:
VM1 cannot be migrates as it has BitLocker enabled.
VM2 cannot be migrates as the OS disk on VM2 is larger than 2TB.
VMC cannot be migrates as the Data disk on VMC is larger than 4TB.
References:
https://docs.microsoft.com/en-us/azure/site-recovery/hyper-v-azure-support-matrix#azure-vm-requirements
NEW QUESTION 98
You create a virtual machine scale set named Scale1. Scale1 is configured as shown in the following exhibit.
The subscription contains the Azure SQL databases shown in the following table.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Box 1:
The Autoscale scale out rule increases the number of VMs by 2 if the CPU threshold is 80% or higher. The initial instance count is 4 and rises to 6 when the 2 extra instances of VMs are added.
Box 2:
The Autoscale scale in rule decreases the number of VMs by 4 if the CPU threshold is 30% or lower. The initial instance count is 4 and thus cannot be reduced to 0 as the minimum instances is set to 2. Instances are only added when the CPU threshold reaches 80%.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-overview
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-best-practices
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-common-scale-patterns
NEW QUESTION 99
You are developing a speech-enabled home automation control bot.
The bot interprets some spoken words incorrectly.
You need to improve the spoken word recognition for the bot.
What should you implement?
- A. The Web Chat Channel and Speech priming using a Bing Speech Service and LUIS app.
- B. The Skype for Business Channel and use scorable dialogs for improving conversation flow.
- C. The Skype Channel and use scorable dialogs for improving conversation flow.
- D. The Cortana Channel and use scorable dialogs for improving conversation flow.
Answer: A
Explanation:
Section: [none]
NEW QUESTION 100
DRAG DROP
You are developing Azure WebJobs.
You need to recommend a WebJob type for each scenario.
Which WebJob type should you recommend? To answer, drag the appropriate WebJob types to the correct scenarios. Each WebJob type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Answer:
Explanation:
Section: [none]
Explanation/Reference:
References:
https://docs.microsoft.com/en-us/azure/app-service/webjobs-create#webjob-types
NEW QUESTION 101
You are creating an app that will transcribe speech-to-text in Chinese. The app will use the Speech service in Azure and will authenticate by using a service principal. You configure the app to use the Application ID of the service principal and the client secret Which other value should you add to the app to authenticate to the Speech service?
- A. Subscription ID
- B. Application Name
- C. Resource Group ID
- D. Tenant ID
Answer: C
NEW QUESTION 102
SIMULATION
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
When you are finished performing all the tasks, click the 'Next' button.
Note that you cannot return to the lab once you click the 'Next' button. Scoring occur in the background while you complete the rest of the exam.
Overview
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment.
While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start the lab by clicking the Next button.
You plan to configure VM1 to be accessible from the internet.
You need to add a public IP address to the network interface used by VM1.
What should you do from the Azure portal?
Answer:
Explanation:
See solution below.
Section: [none]
Explanation:
You can add private and public IP addresses to an Azure network interface by completing the steps that follow.
Step 1: In Azure portal, click More services > type virtual machines in the filter box, and then click Virtual machines.
Step 2: In the Virtual machines pane, click the VM you want to add IP addresses to. Click Network interfaces in the virtual machine pane that appears, and then select the network interface you want to add the IP addresses to. In the example shown in the following picture, the NIC named myNIC from the VM named myVM is selected:
Step 3: In the pane that appears for the NIC you selected, click IP configurations.
Step 4: Click Create public IP address.
Step 5: In the Create public IP address pane that appears, enter a Name, select an IP address assignment type, a Subscription, a Resource group, and a Location, then click Create, as shown in the following picture:
References:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-multiple-ip-addresses-portal
NEW QUESTION 103
HOTSPOT
You have an Azure subscription that contains a resource group named RG1.
You have a group named Group1 that is assigned the Contributor role for RG1.
You need to enhance security for the virtual machines in RG1 to meet the following requirements:
* Prevent Group1 from assigning external IP addresses to the virtual machines.
* Ensure that Group1 can establish a Remote Desktop connection to the virtual machines through a shared external IP address.
What should you use to meet each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Section: [none]
Explanation:
Box 1: Azure Policy
There is a built-in policy in the Azure Policy service that allows you to block public IPs on all NICs of a VM.
Note: Azure Policy is a powerful tool in your Azure toolbox. It allows you to enforce specific governance principals you want to see implemented in your environment. Some key examples of what Azure Policy allows you to do is:
* Automatically tag resources
* Block VMs from having a public IP
* Enforce specific regions
* Enforce VM size
Box 2: Azure Bastion
Azure Bastion is a fully managed PaaS service that provides secure and seamless RDP and SSH access to your virtual machines directly through the Azure Portal.
Azure Bastion is provisioned directly in your Virtual Network (VNet) and supports all VMs in your Virtual Network (VNet) using SSL without any exposure through public IP addresses.
Incorrect Answers:
Virtual Network (VNet) service endpoint provides secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Service Endpoints enables private IP addresses in the VNet to reach the endpoint of an Azure service without needing a public IP address on the VNet.
Reference:
https://blog.nillsf.com/index.php/2019/11/02/using-azure-policy-to-deny-public-ips-on-specific-vnets/
https://azure.microsoft.com/en-us/services/azure-bastion/
NEW QUESTION 104
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other Identity Governance settings are available.
Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles.
You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You create an access package.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Section: [none]
Explanation:
You do not use access packages for Identity Governance. Instead use Azure AD Privileged Identity Management.
Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about. Key features of PIM include:
Conduct access reviews to ensure users still need roles
References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview
NEW QUESTION 105
HOTSPOT
You need to provision the resources in Azure to support the virtual machine that will be migrated from the New York office.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Section: [none]
NEW QUESTION 106
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other Identity Governance settings are available.
Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles.
You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You create an access package.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Section: [none]
Explanation:
You do not use access packages for Identity Governance. Instead use Azure AD Privileged Identity Management.
Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about. Key features of PIM include:
Conduct access reviews to ensure users still need roles
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview
NEW QUESTION 107
You have virtual machines (VMs) that run a mission-critical application.
You need to ensure that the VMs never experience down time.
What should you recommend? To answer, drag the appropriate solutions to the correct scenarios. Each solution may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Box 1: Scale set
A virtual machine scale set allows you to deploy and manage a set of identical, autoscaling virtual machines.
Box 2: Availability Set
An Availability Set is a logical grouping capability for isolating VM resources from each other when they're deployed. Azure makes sure that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches. If a hardware or software failure happens, only a subset of your VMs are impacted and your overall solution stays operational. Availability Sets are essential for building reliable cloud solutions.
Box 3: Fault domain
A fault domain is a logical group of underlying hardware that share a common power source and network switch, similar to a rack within an on-premises datacenter. As you create VMs within an availability set, the Azure platform automatically distributes your VMs across these fault domains. This approach limits the impact of potential physical hardware failures, network outages, or power interruptions.
References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-create-vmss
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets
NEW QUESTION 108
You are designing a solution to secure a company's Azure resources. The environment hosts 10 teams. Each team manages a project and has a project manager, a virtual machine (VM) operator, developers, and contractors.
Project managers must be able to manage everything except access and authentication for users. VM operators must be able to manage VMs, but not the virtual network or storage account to which they are connected. Developers and contractors must be able to manage storage accounts.
You need to recommend roles for each member.
What should you recommend? To answer, drag the appropriate roles to the correct employee types. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 109
You have an Azure subscription named Subscription1.
In Subscription1, you create an alert rule named Alert1. The Alert1 action group is configured as shown in the following exhibit.
Alert1 alert criteria is triggered every minute.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
References:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/monitoring-and-diagnostics/monitoring-overview-alerts.md
NEW QUESTION 110
DRAG DROP
You have an on-premises network that includes a Microsoft SQL Server instance named SQL1.
You create an Azure Logic App named App1.
You need to ensure that App1 can query a database on SQL1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
Answer:
Explanation:
Section: [none]
Explanation/Reference:
References:
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-gateway-connection
NEW QUESTION 111
HOTSPOT
You plan to deploy an Azure virtual machine named VM1 by using an Azure Resource Manager template.
You need to complete the template.
What should you include in the template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Section: [none]
Explanation:
Within your template, the dependsOn element enables you to define one resource as a dependent on one or more resources. Its value can be a comma-separated list of resource names.
Box 1: 'Microsoft.Network/networkInterfaces'
This resource is a virtual machine. It depends on two other resources:
Microsoft.Storage/storageAccounts
Microsoft.Network/networkInterfaces
Box 2: 'Microsoft.Network/virtualNetworks/'
The dependsOn element enables you to define one resource as a dependent on one or more resources. The resource depends on two other resources:
Microsoft.Network/publicIPAddresses
Microsoft.Network/virtualNetworks
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-create-templates- with-dependent-resources
NEW QUESTION 112
......
Topics of AZ-303: Microsoft Azure Architect Technologies Exam
Candidates should apprehend the examination topics before they begin of preparation. because it’ll extremely facilitate them in touch the core. Our AZ-303 dumps will include the following topics:
1. Deploy and configure infrastructure (40-45%)
Analyze resource utilization and consumption
- analyze metrics across subscription
- monitor for unused resources
- view Alerts in Azure Monitor logs
- configure diagnostic settings on resources
- create action groups
- analyze alerts across subscription
- monitor spend
- visualize diagnostics data using Azure Monitor Workbooks
- create and test alerts
- report on spend
- create baseline for resources
- utilize Log Search query functions
Create and configure storage accounts
- manage access keys
- configure network access to the storage account
- implement Azure AD authentication for storage
- monitor Activity log by using Azure Monitor logs
- implement Azure storage replication
- generate Shared access signature
- install and use Azure Storage Explorer
- create and configure storage account
- implement Azure storage account failover
Create and configure a VM for Windows and Linux
- implement dedicated hosts
- deploy and configure scale sets
- configure Networking
- configure Monitoring
- configure Storage
- configure High Availability
- configure Virtual Machine Size
Automate deployment of VMs
- deploy Windows and Linux VMs
- modify Azure Resource Manager template
- configure Location of new VMs
- deploy from template
- configure VHD template
- save a deployment as an Azure Resource Manager template
Create connectivity between virtual networks
- verify virtual network connectivity
- create and configure Vnet peering
- create virtual network gateway
- create and configure Vnet to Vnet connections
Implement and manage virtual networking
- configure private IP addressing
- create and configure network interface
- create and configure Network Security Groups and Application Security Groups
- create and configure virtual network
- create and configure network routes
- configure public IP addresses
- create and configure subnets
Manage Azure Active Directory
- manage multiple directories
- configure Azure AD Join
- implement conditional access policies
- add custom domains
- perform an access review
- configure self-service password reset
- configure Azure AD Identity Protection
Implement and manage hybrid identities
- troubleshoot password sync and writeback
- configure single sign-on
- configure federation
- install and configure Azure AD Connect
- manage and troubleshoot Azure AD Connect
Implement solutions that use virtual machines (VM)
- configure Azure Disk Encryption for VMs
- create Azure Resource Manager templates
- implement Azure Backup for VMs
- provision VMs
2. Implement workloads and security (25-30%)
Migrate servers to Azure
- migrate servers using Azure Migrate
Configure serverless computing
- manage a Logic App Resource
- manage Azure Function app settings
- create and manage objects
- manage Event Grid
- manage Service Bus
Implement application load balancing
- configure Azure Front Door service
- configure Azure Traffic Manager
- configure application gateway
Integrate on premises network with Azure virtual network
- create and configure site to site VPN
- troubleshoot on premises connectivity with Azure
- configure ExpressRoute
- verify on premises connectivity
- configure Virtual WAN
- create and configure Azure VPN Gateway
Implement multi factor authentication
- configure Trusted IPs
- configure user accounts for MFA
- configure fraud alerts
- configure verification methods
- configure bypass options
Manage role-based access control
- implement Azure Policies
- troubleshoot RBAC
- configure access to Azure resources by assigning roles
- assign RBAC Roles
- create a custom role
- configure management access to Azure
3. Create and deploy apps (5-10%)
Create web apps by using PaaS
- create an Azure app service Web App
- create an App Service background task by using WebJobs
- enable diagnostics logging
- create an App Service Web App for Containers
- create documentation for the API
Design and develop apps that run in containers
- implement an application that runs on an Azure Container Instance
- manage container settings by using code
- create an Azure Kubernetes Service
- create a container image by using a Dockerfile
- configure diagnostic settings on resources
- publish an image to the Azure Container Registry
4. Implement authentication and secure data (5-10%)
Implement authentication
- implement Managed Identities for Azure resources Service Principal authentication Implement secure data solutions
- encrypt data with Always Encrypted
- implement OAuth2 authentication
- encrypt and decrypt data at rest and in transit
- implement multi-factor authentication by using Azure AD
- implement SSL/TLS communications
- implement authentication by using certificates, forms-based authentication, tokens, or Windows-integrated authentication
- implement Azure Confidential Compute
- create, read, update, and delete keys, secrets, and certificates by using the KeyVault API
5. Develop for the cloud and for Azure storage (15-20%)
Configure a message-based integration architecture
- create and configure an Event Hub
- configure Event Grid
- configure the Azure Relay service
- create and configure a Notification Hub
- configure an app or service to send emails
- create and configure a Service Bus
Develop for autoscaling
- implement code that addresses singleton application instances
- implement autoscaling rules and patterns (schedule, operational/system metrics)
- implement code that addresses transient state
Develop solutions that use Cosmos DB storage
- set the appropriate consistency level for operations
- implement partitioning schemes
- create, read, update, and delete data by using appropriate APIs
Develop solutions that use a relational database
- implement Azure SQL Database managed instances
- create, read, update, and delete data tables by using code
- configure elastic pools for Azure SQL Database
- provision and configure relational databases
For more info read reference:
microsoft learning site AZ-303 Skills measured
Get Top-Rated Microsoft AZ-303 Exam Dumps Now: https://www.actualtestsquiz.com/AZ-303-test-torrent.html
AZ-303 Exam Dumps Pass with Updated Tests Dumps: https://drive.google.com/open?id=1tR8apyrDNam5dv02FDpeOMLMzQQsAN-u
