AZ-301 Microsoft Azure Architect Design Practice Tests Set 6

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear on the review screen.

You have an Azure subscription that contains a resource group named RG1.

You create an Azure Active Directory (Azure AD) group named ResearchUsers that contains the user accounts of all researchers.

You need to recommend a solution that meets the following requirements:

     - The researchers must be allowed to create Azure virtual machines.

     - The researchers must only be able to create Azure virtual machines by using specific Azure Resource Manager templates.


Solution: On RG1, assign the Contributor role to the ResearchUsers group. Create a custom Azure Policy definition and assign the policy to RG1.


Does this meet the goal?


Options are :

  • Yes (Correct)
  • No

Answer :Yes

A company named Contoso Ltd. has a single-domain Active Directory forest named contoso.com. Contoso is preparing to migrate all workloads to Azure. Contoso wants users to use single sign-on (SSO) when they access cloud-based services that integrate with Azure Active Directory (Azure AD).


You need to identify any objects in Active Directory that will fail to synchronize to Azure AD due to formatting issues. The solution must minimize costs.


What should you include in the solution?


Options are :

  • Azure Advisor
  • Microsoft Office 365 IdFix (Correct)
  • Azure AD Connect Health
  • Password Export Server version 3.1 (PES v3.1) in Active Directory Migration Tool (ADMT)

Answer :Microsoft Office 365 IdFix

You have an Azure subscription. You need to recommend a solution to provide developers with the ability to provision Azure virtual machines. The solution must meet the following requirements:

     - Only allow the creation of virtual machines in specific regions.

     - Only allow the creation of specific sizes of virtual machines.


What should you include in the recommendation?


Options are :

  • conditional access policies
  • Azure Policy (Correct)
  • Azure Resource Manager templates
  • role-based access control (RBAC)

Answer :Azure Policy

A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with Microsoft Office 365 and an Azure subscription.

Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active Directory Domain Services (AD DS), Active Directory

Federation Services (AD FS), Azure AD Connect, and Microsoft Identity Manager (MIM).


Contoso has a partnership with a company named Fabrikam, Inc. Fabrikam has an Active Directory forest and an Office 365 tenant. Fabrikam has the same on-premises identity infrastructure as Contoso.

A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure subscription of Contoso. The developers must be added to the Contributor role for a resource in the Contoso subscription.


You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam developers. The solution must ensure that the Fabrikam developers use their existing credentials to access resources.


What should you recommend?


Options are :

  • Configure an AD FS relying party trust between the Fabrikam and Contoso AD FS Infrastructures.
  • In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers. (Correct)
  • In the Azure AD tenant of Contoso, enable Azure Active Directory Domain Services (Azure AD DS. Create a one-way forest trust that uses selective authentication between the Active Directory forests of Contoso and Farbrikam.
  • Configure an organisation relationship between the Office 365 tenants of Fabrikam and Contoso.

Answer :In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers.

You have a hybrid deployment of Azure Active Directory (Azure AD).

You need to recommend a solution to ensure that the Azure AD tenant can be managed only from the computers on your on-premises network.

What should you include in the recommendation?


Options are :

  • Azure AD roles and administrators
  • a conditional access policy (Correct)
  • Azure AD Application Proxy
  • Azure AD Privileged Identity Management

Answer :a conditional access policy

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains two administrative user accounts named Admin1 and Admin2.

You create two Azure virtual machines named VM1 and VM2.

You need to ensure that Admin1 and Admin2 are notified when more than five events are added to the security log of VM1 or VM2 during a period of 120 seconds.


The solution must minimize administrative tasks.


What should you create?


Options are :

  • two action groups and one alert rule
  • one action group and one alert rule (Correct)
  • five action groups and one alert rule
  • two action groups and two alert rules

Answer :one action group and one alert rule

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains several administrative user accounts.

You need to recommend a solution to identify which administrative user accounts have NOT signed in during the previous 30 days.

Which service should you include in the recommendation?


Options are :

  • Azure AD Identity Protection
  • Azure Activity Log
  • Azure Advisor
  • Azure AD Privileged Identity Management (PIM) (Correct)

Answer :Azure AD Privileged Identity Management (PIM)

You have an on-premises deployment of MongoDB.

You plan to migrate MongoDB to an Azure Cosmos DB account that uses the MongoDB API. You need to recommend a solution for migrating MongoDB to Azure Cosmos DB.

What should you include in the recommendation?


Options are :

  • Mongorestore (Correct)
  • Data Migration Assistant
  • Azure Storage Explorer
  • Azure Cosmos DB Data Migration Tool

Answer :Mongorestore

Your company plans to publish APIs for its services by using Azure API Management.

You discover that service responses include the AspNet-Version header.

You need to recommend a solution to remove AspNet-Version from the response of the published APIs.

What should you include in the recommendation?


Options are :

  • a new product
  • a modification to the URL scheme
  • a new policy (Correct)
  • a new revision

Answer :a new policy

Your company has 300 virtual machines hosted in a Vmware environment. The virtual machines vary in size and have various utilization levels.

You plan to move all the virtual machines to Azure.

You need to recommend how many and what size Azure virtual machines will be required to move the current workloads to Azure. The solution must minimize administrative effort.

What should you use to make the recommendation?


Options are :

  • Azure Advisor
  • Azure Migrate (Correct)
  • Azure Pricing calculator
  • Azure Cost Management

Answer :Azure Migrate

You are designing an Azure solution for a company that wants to move a .NET Core web application from an on-premises data center to Azure. The web application relies on a Microsoft SQL Server 2016 database on Windows Server 2016. The database server will not move to Azure.

A separate networking team is responsible for configuring network permissions.

The company uses Azure ExpressRoute and has an ExpressRoute gateway connected to an Azure virtual network named VNET1.

You need to recommend a solution for deploying the web application.


Solution:

Deploy the web application to a web app hosted in a Standard App Service plan. Create and configure an Azure App Service Hybrid Connections endpoint.

On the on-premises network, deploy the Hybrid Connection Manager. Configure the Hybrid Connection Manager to access both the Hybrid Connection endpoint and the SQL Server instance.


Does this meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

A company has custom ASP.NET and Java applications that run old versions of Windows and Linux. The company plans to place applications in containers.

You need to design a solution that includes networking, service discovery, and load balancing for the applications. The solution must support storage orchestration.


Solution: You create an Azure virtual network, public IP address, and load balancer. Then add virtual machines (VMs) to the solution and deploy individual containers on them.


Does the solution meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

A company has custom ASP.NET and Java applications that run old versions of Windows and Linux. The company plans to place applications in containers.

You need to design a solution that includes networking, service discovery, and load balancing for the applications. The solution must support storage orchestration.


Solution: Deploy a Kubernetes cluster that has the desired number of instances of the applications.


Does the solution meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

You have an Azure Storage v2 account named Storage1.

You plan to archive data to Storage1.

You need to ensure that the archived data cannot be deleted for 5 years. The solution must prevent administrators from deleting the data.


Solution: You create a file share, and you configure an access policy.


Does the solution meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

You are designing an Azure solution for a company that wants to move a .NET Core web application from an on-premises data center to Azure. The web application relies on a Microsoft SQL Server 2016 database on Windows Server 2016. The database server will not move to Azure.

A separate networking team is responsible for configuring network permissions.

The company uses Azure ExpressRoute and has an ExpressRoute gateway connected to an Azure virtual network named VNET1.

You need to recommend a solution for deploying the web application.


Solution
: Deploy the web application by using an Azure Kubernetes Service (AKS) container on VNET1.


Does this meet the goal?


Options are :

  • Yes
  • No (Correct)

Answer :No

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions