Microsoft Azure Architect Design AZ-304 Practice Exam Part 7
Notes: Hi all, Microsoft Azure Architect Design AZ-304 Practice Exam will familiarize you with types of questions you may encounter on the certification exam and help you determine your readiness or if you need more preparation and/or experience. Successful completion of the practice exam does not guarantee you will pass the certification exam as the actual exam is longer and covers a wider range of topics. We highly recommend you should take Microsoft Azure Architect Design AZ-304 Actual Exam Version because it include actual exam questions and highlighted answers are collected in our exam. It will help you pass exam in easier way.
156. You need to recommend a data storage solution that meets the following requirements:
– Ensures that application can access the data by using a REST connection
– Hosts 20 independent tables of varying sizes and usage patterns
– Automatically replicates the data to a second Azure region
– Minimizes costs
What should you recommend?
A. an Azure SQL Database elastic database pool that uses active geo-replication
B. tables in an Azure Storage account that uses geo-redundant storage (GRS)
C. tables in an Azure Storage account that use read-access geo-redundant storage (RA-GR)
D. an Azure SQL database that uses active geo-replication
Answer: B
157. You plan to deploy 200 Microsoft SQL Server databases to Azure by using Azure SQL Database and Azure SQL Database Managed Instance. You need to recommend a monitoring solution that provides a consistent monitoring approach for all deployments. The solution must meet the following requirements:
– Support current-state analysis based on metrics collected near real-time, multiple times per minute, and maintained for up to one hour
– Support longer term analysis based on metrics collected multiple times per hour and maintained for up to two weeks.
– Support monitoring of the number of concurrent logins and concurrent sessions.
What should you include in the recommendation?
A. dynamic management views
B. trace flags
C. Azure Monitor
D. SQL Server Profiler
Answer: C
158. You have an Azure subscription that contains several resource groups. Including a resource group named RG1. RG1 contains several business-critical resources. A user named admin1 is assigned the Owner role to the subscription. You need to prevent admin1 from modifying the resources in RG1. The solution must ensure that admin1 can manage the resources in the other resource groups. What should you use?
A. a management group
B. an Azure policy
C. a custom role
D. an Azure blueprint
Answer: D
159. You have an Azure subscription that contains 100 virtual machines. You plan to design a data protection strategy to encrypt the virtual disks. You need to recommend a solution to encrypt the disks by using Azure Disk Encryption. The solution must provide the ability to encrypt operating system disks and data disks. What should you include in the recommendation?
A. a passphrase
B. a certificate
C. a key
D. a secret
Answer: C
160. You have an on-premises network and an Azure subscription. The on-premises network has several branch offices. A branch office in Toronto contains a virtual machine named VM1 that is configured as a file server. Users access the shared files on VM1 from all the offices. You need to recommend a solution to ensure that the users can access the shares files as quickly as possible if the Toronto branch office is inaccessible. What should you include in the recommendation?
A. a Recovery Services vault and Azure Backup
B. an Azure file share and Azure File Sync
C. Azure blob containers and Azure File Sync
D. a Recovery Services vault and Windows Server Backup
Answer: B
161. HOTSPOT –
You deploy several Azure SQL Database instances.
You plan to configure the Diagnostics settings on the databases as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer: 90 730
162. HOTSPOT –
Your company has an API that returns XML data to internal applications.
You plan to migrate the applications to Azure. You also plan to allow the company’s partners to access the API.
You need to recommend an API management solution that meets the following requirements:
– Internal applications must receive data in the JSON format once the applications migrate to Azure.
– Partner applications must have their header information stripped before the applications receive the data.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer: 1 2 2
163. You are designing a solution that will host 20 different web applications. You need to recommend a solution to secure the web applications with a firewall that protects against common web-based attacks including SQL injection, cross- site scripting attacks, and session hijacks. The solution must minimize costs. Which three Azure features should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. VPN Gateway
B. URL-based content routing
C. Multi-site routing
D. Web Application Firewall (WAF)
E. Azure ExpressRoute
F. Azure Application Gateway
Answer: C D F
164. A company has deployed several applications across Windows and Linux Virtual machines in Azure. Log Analytics are being used to send the required data for alerting purposes for the Virtual Machines. You need to recommend which tables need to be queried for security related queries. Which of the following would you query for events from Linux system logging?
A. Azure Activity
B. Azure Diagnostics
C. Event
D. Syslog
Answer: D
165. You are designing an Azure Web App that includes many static content files. The application is accessed from locations all over the world by using a custom domain name. You need to recommend an approach for providing access to the static content with the least amount of latency. Which two actions should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Configure a custom domain name that is an alias for the Azure Storage domain.
B. Configure a CNAME DNS record for the Azure Content Delivery Network (CDN) domain.
C. Place the static content in Azure Table storage.
D. Place the static content in Azure Blob storage and enable Content Delivery Network (CDN) on the account.
Answer: B D
166. You have an Azure subscription for use for testing and development purposes only. The subscription contains Azure virtual machines that unmanaged, standard hard disk drives (HDD). You need to recommend a recovery strategy for the virtual machines if an Azure region fails for a sustained period. The recovery time objective (RTO) can be up to seven days. The solution must minimize costs. What should you include in the recommendation?
A. Store the disks in a Standard_LRS storage account. Configure Azure site Recovery. If a failure occurs, initiate a manual failover.
B. Store the disks in a Standard_GRS storage account. Configure Azure Recovery. If a failure occurs, initiate a manual failover.
C. Store the disks in a Standard_LRS storage account. If a disaster occurs, manually create the virtual machines by using Azure Resources Manager templates.
D. Store the disks in a Standard_GRS storage account. If a disaster occurs, manually create the virtual machines by using Azure Resources Manager templates.
Answer: C
167. You are designing a solution for a company to deploy software for testing and production. The solution must meet the following requirements:
– Applications must be deployed to several different environments and must run without installation of dependencies.
– Existing published application must be ported to the new solution.
– Application developers must be given flexibility when architecting their code.
You need to recommend a solution for hosting applications. What should you select?
A. Azure worker role
B. Azure Kubernetes Service
C. Azure Functions
D. Azure Batch
Answer: C
168. You are designing an Azure web app. You need to ensure that users who have impaired vision can use the app. Which reference material should you use when designing the app?
A. Accessibility in Windows Dev Center
B. Azure Application Architecture Guide
C. Web Content Accessibility Guidelines
D. Cloud Application Architecture Guide
Answer: C
169. You manage an Azure environment for a company. The environment has over 25,000 licensed users and 100 mission-critical applications. You need to recommend a solution that provides advanced endpoint threat detection and remediation strategies. What should you recommend?
A. Azure Active Directory (Azure AD) authentication
B. Microsoft Identity Manager
C. Azure Active Directory Federation Services (AD FS)
D. Azure Active Directory (AZ AD) Connect
E. Azure Active Directory (Azure AD) Identity Protection
Answer: E
170. You have 70 TB of files on your on-premises file server. You need to recommend a solution for importing data to Azure. The solution must minimize cost. What Azure service should you recommend?
A. Azure StorSimple
B. Azure Stack
C. Azure Data Box
D. Azure Batch
Answer: C
171. You have an Azure subscription. Your on-premises network contains a file server named Server1. Server1 stores 5 TB of company files that are accessed rarely. You plan to copy the files to Azure Storage. You need to implement a storage solution for the files that meets the following requirements:
– The files must be available within 24 hours of being requested.
– Storage costs must be minimized.
Which two possible storage solutions achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. Create a general-purpose v2 storage account that is set to the Cool access tier. Create a file share in the storage account and copy the files to the file share.
B. Create a general-purpose v2 storage account that is set to the Hot access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
C. Create a general-purpose v1 storage account. Create a file share in the storage account and copy the files to the file share.
D. Create an Azure Blob storage account that is set to the Cool access tier. Create a blob container, copy the files to the blob container, and set each file to the Archive access tier.
E. Create a general-purpose v1 storage account. Create a blob container and copy the files to the blob container.
Answer: B D
172. You have an Azure Storage account that contains two 1-GB data files named File1 and File2. The data files are set to use the archive access tier. You need to ensure that File1 is accessible immediately when a retrieval request is initiated. Solution: For File1, you set Access tier to Cool. Does this meet the goal?
A. Yes
B. No
Answer: A
173. You have an Azure Storage account that contains two 1-GB data files named File1 and File2. The data files are set to use the archive access tier. You need to ensure that File1 is accessible immediately when a retrieval request is initiated. Solution: You move File1 to a new storage account. For File1, you set Access tier to Archive. Does this meet the goal?
A. Yes
B. No
Answer: B
174. You have an Azure Storage account that contains two 1-GB data files named File1 and File2. The data files are set to use the archive access tier. You need to ensure that File1 is accessible immediately when a retrieval request is initiated. Solution: For File1, you set Access tier to Hot. Does this meet the goal?
A. Yes
B. No
Answer: A
175. You have an application named App1. App1 generates log files that must be archived for five years. The log files must be readable by App1 but must not be modified. Which storage solution should you recommend for archiving?
A. Use an Azure Blob storage account and a time-based retention policy
B. Ingest the log files into an Azure Log Analytics workspace
C. Use an Azure Blob Storage account configured to use the Archive access tier
D. Use an Azure file share that has access control enabled
Answer: A
176. You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux. You plan to migrate the virtual machines to an Azure subscription. You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks. Solution: You recommend implementing an Azure Storage account that has a file service and a blob service, and then using the Data Migration Assistant. Does this meet the goal?
A. Yes
B. No
Answer: B
177. You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux. You plan to migrate the virtual machines to an Azure subscription. You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks. Solution: You recommend implementing an Azure Storage account, and then running AzCopy. Does this meet the goal?
A. Yes
B. No
Answer: B
178. You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server 2016 and some run Linux. You plan to migrate the virtual machines to an Azure subscription. You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that the virtual machines remain available during the migration of the disks. Solution: You recommend implementing a Recovery Services vault, and then using Azure Site Recovery. Does this meet the goal?
A. Yes
B. No
Answer: A
179. You have an Azure Storage v2 account named storage1. You plan to archive data to storage1. You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data. Solution: You create a file share, and you configure an access policy. Does this meet the goal?
A. Yes
B. No
Answer: B
180. You have an Azure Storage v2 account named storage1. You plan to archive data to storage1. You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data. Solution: You create an Azure Blob storage container, and you configure a legal hold access policy. Does this meet the goal?
A. Yes
B. No
Answer: B
181. You have an Azure Storage v2 account named storage1. You plan to archive data to storage1. You need to ensure that the archived data cannot be deleted for five years. The solution must prevent administrators from deleting the data. Solution: You create a file share and snapshots. Does this meet the goal?
A. Yes
B. No
Answer: B
182. You plan to archive 10 TB of on-premises data files to Azure. You need to recommend a data archival solution. The solution must minimize the cost of storing the data files. Which Azure Storage account type should you include in the recommendation?
A. Premium Storage (general purpose v1)
B. Standard StorageV2 (general purpose v2)
C. Standard Storage (general purpose v1)
D. Premium StorageV2 (general purpose v2)
Answer: B
183. You have an Azure SQL database named DB1 that contains multiple tables. You need to improve the performance of DB1. The solution must minimize administrative effort. What should you use?
A. Azure Monitor
B. Azure Advisor
C. Query Performance Insight
D. automatic tuning
Answer: D
184. A company has a hybrid ASP.NET Web API application that is based on a software as a service (SaaS) offering. Users report general issues with the data. You advise the company to implement live monitoring and use ad hoc queries on stored JSON data. You also advise the company to set up smart alerting to detect anomalies in the data. You need to recommend a solution to set up smart alerting. What should you recommend?
A. Azure Security Center and Azure Data Lake Store
B. Azure Data Lake Analytics and Azure Monitor Logs
C. Azure Application Insights and Azure Monitor Logs
D. Azure Site Recovery and Azure Monitor Logs
Answer: C
185. Your company purchases an app named App1. You need to recommend a solution to ensure that App1 can read and modify access reviews. What should you recommend?
A. From API Management services, publish the API of App1, and then delegate permissions to the Microsoft Graph API.
B. From API Management services, publish the API of App1. From the Access control (IAM) blade, delegate permissions.
C. From the Azure Active Directory admin center, register App1, and then delegate permissions to the Microsoft Graph API.
D. From the Azure Active Directory admin center, register App1. From the Access control (IAM) blade, delegate permissions.
Answer: C
186. You use Azure Application Insights. You plan to use continuous export. You need to store Application Insights data for five years. Which Azure service should you use?
A. Azure SQL Database
B. Azure Storage
C. Azure Monitor Logs
D. Azure Backup
Answer: B
187. You have data files in Azure Blob storage. You plan to transform the files and move them to Azure Data Lake Storage. You need to transform the data by using mapping data flow. Which Azure service should you use?
A. Azure Storage Sync
B. Azure Databricks
C. Azure Data Box Gateway
D. Azure Data Factory
Answer: D
188. You have an on-premises application named App1 that uses an Oracle database. You plan to use Azure Databricks to load data from App1 to an Azure SQL Data Warehouse instance. You need to ensure that the App1 data is available to Databricks. Which two Azure services should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Azure Import/Export service
B. Azure Data Box Gateway
C. Azure Data Box Edge
D. Azure Data Lake Storage
E. Azure Data Factory
Answer: D E
189. You have an Azure subscription. The subscription contains an app that is hosted in the East US, Central Europe, and East Asia regions. You need to recommend a data-tier solution for the app. The solution must meet the following requirements:
– Support multiple consistency levels.
– Be able to store at least 1 TB of data.
– Be able to perform read and write operations in the Azure region that is local to the app instance.
What should you include in the recommendation?
A. an Azure SQL database in an elastic pool
B. a Microsoft SQL Server Always On availability group on Azure virtual machines
C. an Azure Cosmos DB database
D. Azure Table storage that uses geo-redundant storage (GRS) replication
Answer: C
190. You are planning to deploy an application named App1 that will run in containers on Azure Kubernetes Service (AKS) clusters. The AKS clusters will be distributed across four Azure regions. You need to recommend a storage solution for App1. Updated container images must be replicated automatically to all the AKS clusters. Which storage solution should you recommend?
A. Azure Content Delivery Network (CDN)
B. Premium SKU Azure Container Registry
C. Azure Cache for Redis
D. geo-redundant storage (GRS) accounts
Answer: B
191. Your company purchases an app named App1. You plan to run App1 on seven Azure virtual machines in an Availability Set. The number of fault domains is set to 3. The number of update domains is set to 20. You need to identify how many App1 instances will remain available during a period of planned maintenance. How many App1 instances should you identify?
A. 1
B. 2
C. 6
D. 7
Answer: C
192. You plan to deploy 10 applications to Azure. The applications will be deployed to two Azure Kubernetes Service (AKS) clusters. Each cluster will be deployed to a separate Azure region. The application deployment must meet the following requirements:
– Ensure that the applications remain available if a single AKS cluster fails.
– Ensure that the connection traffic over the internet is encrypted by using SSL without having to configure SSL on each container instance.
Which Azure service should you include in the recommendation?
A. Azure Front Door
B. Azure Traffic Manager
C. Azure Load Balancer
D. AKS ingress controller
Answer: A
193. You have 100 devices that write performance data to Azure Blob storage. You plan to store and analyze the performance data in an Azure SQL database. You need to recommend a solution to move the performance data to the SQL database. What should you include in the recommendation?
A. Azure Data Box
B. Azure Data Factory
C. Azure Database Migration Service
D. Data Migration Assistant
Answer: B
194. You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource deployments in your subscription. What should you include in the recommendation?
A. Azure Log Analytics
B. Application Insights
C. the Change Tracking management solution
D. Azure Monitor metrics
Answer: A
195. You deploy Azure App Service Web Apps that connect to on-premises Microsoft SQL Server instances by using Azure ExpressRoute. You plan to migrate the SQL Server instances to Azure. Migration of the SQL Server instances to Azure must:
– Support automatic patching and version updates to SQL Server.
– Provide automatic backup services.
– Allow for high-availability of the instances.
– Provide a native VNET with private IP addressing.
– Encrypt all data in transit.
– Be in a single-tenant environment with dedicated underlying infrastructure (compute, storage)
You need to migrate the SQL Server instances to Azure. Which Azure service should you use?
A. Azure SQL Database with elastic pools
B. SQL Server in Docker containers running on Azure Kubernetes Service (AKS)
C. SQL Server Infrastructure-as-a-Service (IaaS) virtual machine (VM)
D. SQL Server in a Docker container running on Azure Container Instances (ACI)
E. Azure SQL Database Managed Instance
Answer: E
196. You are designing an Azure solution. The network traffic for the solution must be securely distributed by providing the following features:
– HTTPS protocol
– Round robin routing
– SSL offloading
You need to recommend a load balancing option. What should you recommend?
A. Azure Load Balancer
B. Azure Traffic Manager
C. Azure Internal Load Balancer (ILB)
D. Azure Application Gateway
Answer: D
197. You are designing an Azure solution. The network traffic for the solution must be securely distributed by providing the following features:
– HTTPS protocol
– Round robin routing
– SSL offloading
You need to recommend a load balancing option. What should you recommend?
A. Azure Load Balancer
B. Azure Traffic Manager
C. Azure Internal Load Balancer (ILB)
D. Azure Application Gateway
Answer: D
198. You deploy Azure App Service Web Apps that connect to on-premises Microsoft SQL Server instances by using Azure ExpressRoute. You plan to migrate the SQL Server instances to Azure. Migration of the SQL Server instances to Azure must:
– Support automatic patching and version updates to SQL Server.
– Provide automatic backup services.
– Allow for high-availability of the instances.
– Provide a native VNET with private IP addressing.
– Encrypt all data in transit.
– Be in a single-tenant environment with dedicated underlying infrastructure (compute, storage)
You need to migrate the SQL Server instances to Azure. Which Azure service should you use?
A. Azure SQL Database with elastic pools
B. SQL Server in Docker containers running on Azure Kubernetes Service (AKS)
C. SQL Server Infrastructure-as-a-Service (IaaS) virtual machine (VM)
D. SQL Server in a Docker container running on Azure Container Instances (ACI)
E. Azure SQL Database Managed Instance
Answer: E
199. You are designing an Azure solution. The network traffic for the solution must be securely distributed by providing the following features:
– HTTPS protocol
– Round robin routing
– SSL offloading
You need to recommend a load balancing option. What should you recommend?
A. Azure Load Balancer
B. Azure Traffic Manager
C. Azure Internal Load Balancer (ILB)
D. Azure Application Gateway
Answer: D