Monday, September 19, 2022

AZ-305 Exam question and answer

 Azure Monitor includes several different tools. Three of the options below are tools that are included in Azure Monitor. Which ones are they?

Ans:- VM Insights

Smart Alerts

Resource Mapper

Container Insights

Log Analytics

 

___________ is a part of Azure Monitor that monitors the availability, performance, and usage of web applications in the cloud and on-prem.

Ans :- Application Insights

Container Insights

VM Insights

Log Analytics

In Azure Monitor, ____________ allow you to perform data analysis and to create visual reports right in the Azure portal.

Dashboards

Power BI

Ans:- Workbooks

Playbooks

_________________ is a set of tools that provides support when issues with Azure services crop up and affect your environment. It consists of three different services, including Azure Status, Service Health, and Resource Health.

Azure Monitor

Azure Service Monitor

Ans:- Azure Service Health

Application Insights

 

____________________ is used to collect and view security analytics data and threat intelligence data in your environment. It uses Microsoft’s analytics and threat intelligence to detect previously undetected threats, and can be used to investigate incidents, using artificial intelligence.

Azure Security Center

Ans:- Azure Sentinel

Azure Monitor

Azure Attack Simulator

 

Which tool would you use to allow Steve to manage only the resources in the Finance resource group, while allowing Jen to manage only the resources in the Marketing resource group?

Resource Locks

Resource Tags

Ans:- Azure RBAC

Azure AD RBAC

 

RBAC roles can be assigned to ______________, __________________, _________________, and _______________.

Users, Resources, Groups, Managed Identities

Users, Resource Groups, Management Groups, Service Principals

Users, Groups, Distribution Lists, Managed Accounts

Ans:- Users, Groups, Service Principals, Managed Identities

 

A _____________ is a collection of permissions that defines the actions that can be performed by the entity to which it is assigned.

Ans:-Role Definition

Security Principal

Role Group

Managed Identity

 

Steve is a member of the Marketing group. The Marketing group is a member of the Sales group, which has been granted the Contributor role at the subscription scope. Steve will inherit the permissions defined in the Contributor role that is assigned to the Sales group.

Ans:- True

False

 

The Blue Widget Corp is deploying Azure AD. They will require dynamic groups, self-service group management, and self-service password reset for on-prem users. Which edition of Azure AD should they deploy in order to get these features, while minimizing costs?

Azure AD Free

Azure AD Basic

Ans:-Azure AD Premium P1

Azure AD Premium P2

 

You've been asked to check on how many users have administrative access in your Azure AD environment. Which identity governance tool should you use to accomplish this?

Entitlement Management

Ans :- Azure AD Access Reviews

Privileged Identity Management

Activity and Auditing

 

The Blue Widget Corp is a brand-new startup in the planning stages. They want to deploy a cloud-based version of Active Directory that supports group policy, Kerberos, and NTLM. Which Active Directory solution should you recommend?

Azure Active Directory Free

Azure Active Directory Premium P1

Azure Active Directory Premium P2

Ans:- Azure Active Directory Domain Services

 

Azure AD Identity Protection default policies that administrators can choose to enable. Select the default policies below.

There are multiple correct answers.

Ans:- MFA Registration Policy

User Lockout Policy

Ans:- User Risk Remediation Policy

User Expiry Remediation Policy

Ans:- Sign-In Risk Remediation Policy

 

___________________ is an Azure AD service that allows you to manage, control, and monitor access to resources in Azure AD, Azure, and other Microsoft Online Services such as Microsoft 365 or Microsoft Intune.

Azure AD Access Reviews

Ans :- Privileged Identity Management

Azure Identity Protection

Azure Security Center

 

You've been asked to enable just-in-time privileged access to Azure AD and Azure resources within the Blue Widget Corp subscription. Which tool or service would you use to accomplish this?

Azure Security Center

Resource Locks

Ans:- Privileged Identity Management

Identity and Access Management

 

To use Privileged Identity Management, you must first have an ________________ license.

Azure AD Free

Azure AD Premium P1

Ans:- Azure AD Premium P2

All Answers Are Correct

 

The four levels of management, in order of precedence, that are available in Azure include _____________, ______________, __________________, and _________________.

Ans:- management groups, subscriptions, resource groups, resources

subscriptions, tenants, resource groups, resources

management groups, tenants, subscriptions, resource groups

tenants, management groups, subscriptions, resource groups

 

______________ can be used to manage access, policy, and compliance for multiple subscriptions.

Tenants

Subscription Groups

Ans:- Management Groups

None of the Above

 

The organization that you work for is an MSP that supports several dozen customers. You've been asked to streamline the management of your customers' resources via Azure delegated resource management. Which solution should you recommend to make this happen?

Azure Sentinel

Ans:- Azure Lighthouse

Azure Monitor

Azure Management Group

 

When you create an Azure policy, you start with the _________________, which defines the conditions under which the policy will be enforced. Several policy definitions can be grouped together to form ______________. Once a policy definition or initiative has been created, __________________ is used to assign the policy definition or initiative to a scope of resources that Azure supports.

policy initiative, a policy definition, an assignment

policy definition, a policy initiative, a scope policy

Ans:- policy definition, a policy initiative, an assignment

policy, a policy assignment, a scope

_______________ focus on resource properties during deployment and for already existing resources to ensure those resources adhere to requirements and standards that you define; whereas _________________ are used to build entire environments that adhere to requirements and standards.

ARM Templates, Azure Policies

Ans:-Azure Policies, Azure Blueprints

Azure Blueprints, ARM Templates

Azure Blueprints. Azure Policies

 

There are two service tiers available in Azure Key Vault. The ____________ tier encrypts with a software key, while the _____________ tier includes HSM-protected keys.

Ans:- Standard, Premium

Basic, Premium

Free, Standard

Free, Premium

 

When using key vault to store keys and secrets, you can monitor their access and use by enabling logging for the vault. When doing so, you can configure Azure Key Vault to archive to a storage account, or to stream to an event hub. You cannot send the logs to Azure Monitor logs.

True

Ans:-False

 

The vCore-based purchasing model is available for both the Azure SQL Database offering and the Azure SQL Managed Instance offering.

Ans:- True

False

 

The Database transaction unit (DTU)-based purchasing model is available for both the Azure SQL Database offering and the Azure SQL Managed Instance offering.

True

Ans:- False

 

The Database transaction unit (DTU)-based purchasing model is available for both the Azure SQL Database offering and the Azure SQL Managed Instance offering.

True

Ans:- False

 

You've been asked by the Blue Widget Corp to deploy an Azure SQL Managed Instance. This instance will support a customer-facing app that can get quite busy. Availability is of utmost importance. Which purchasing model and service tier should you deploy?

DTU-Based Purchasing Model and Business Critical Tier

DTU-Based Purchasing Model and Hyperscale

Ans:- vCore Purchasing Model and Business Critical Tier

vCore Purchasing Model and Hyperscale

 

Azure disk encryption is used to protect both Windows and Linux virtual machines. It uses _______________ technology on Windows VMs, and _____________ on Linux VMs to protect ________________ with full volume encryption.

Microsoft InTune, Let's Encrypt, the OS disk only

Ans:- Windows BitLocker, Linux DM-Crypt, both the OS disk and data disks

Windows BitLocker, Linux DM-Crypt, the OS disk only

Windows BitLocker, Linux DM-Crypt, data disks only

 

Transparent Data Encryption, or TDE, can be used to encrypt __________________ data files in real time.

SQL Server

Azure SQL Database

Azure Synapse Analytics

Ans:- All

None

The Blue Widget Corp employs 50 people who are geographically dispersed. These users all work from home. You've been asked to deploy a solution that allows them to connect to the corporate network in New York. Which solution should you deploy to ensure these users can connect, and that their connections are encrypted?

Ans:- Point-to-Site VPNs

Site-to-Site VPNs

ExpressRoute Connections

Local Network Gateways

 

The Single Server deployment option of Azure Database for MySQL comes in three pricing tiers: _________________, ___________________, and _________________.

Ans:- Basic, General Purpose, and Memory Optimized

Free, Basic, General Purpose

General Purpose, Advanced, Memory Optimized

Free, Basic, Standard

 

Azure Database for PostgreSQL is a _______________ database service available in the Microsoft cloud. It’s available in three deployment modes, including ___________________, ______________, and ___________________.

relational, single server, flexible server, multi-server

non-relational, free, basic, premium

non-relational, single server, flexible server, hyperscale

Ans:- relational, single server, flexible server, hyperscale

 

Inventory management systems, order management systems, reporting databases, and accounting packages are common examples of solutions that leverage relational databases.

Ans:- True

False

The Blue Widget Corp has asked you to deploy a storage solution that will serve as the backend for an IoT system that's being deployed. This IoT system will consist of environmental sensors that collect data. Your storage solution will need to hold this sensor data. There needs to be a separate partition for each device, and the data that is collected and stored needs to be ordered by the date and time that each measurement was captured. Which storage solution would be a viable solution?

Azure File Storage

Ans:- Azure Table Storage

Azure Queue Storage

Azure Blob Storage

 

The Blue Widget Corp is deploying a new, static website to host assembly diagrams of its products. These diagrams are in image format (JPG, PNG, etc). Users will access these diagrams via their web browsers. Which storage solution should you deploy to allow the organization to serve up these images?

Azure File Storage

Azure Table Storage

Azure Queue Storage

Ans:- Azure Blob Storage




Thank you! All the best 

 

No comments:

Post a Comment