Skip Navigation Links
 

Microsoft - AZ-304: Microsoft Azure Architect Design

Sample Questions

Question: 166
Measured Skill: Design identity and security (25-30%)
Note: This questions is based on a case study. The case study is not shown in this demo.

To meet the authentication requirements of Fabrikam, what should you include in the solution?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AMinimum number of Azure AD tenants: 2
Minimum number of custom domains to add: 2
Minimum number of conditional access policies to create: 1
B Minimum number of Azure AD tenants: 3
Minimum number of custom domains to add: 3
Minimum number of conditional access policies to create: 2
C Minimum number of Azure AD tenants: 1
Minimum number of custom domains to add: 2
Minimum number of conditional access policies to create: 0
D Minimum number of Azure AD tenants: 1
Minimum number of custom domains to add: 1
Minimum number of conditional access policies to create: 1
E Minimum number of Azure AD tenants: 2
Minimum number of custom domains to add: 4
Minimum number of conditional access policies to create: 2
F Minimum number of Azure AD tenants: 3
Minimum number of custom domains to add: 3
Minimum number of conditional access policies to create: 3

Correct answer: D

Explanation:

The case study contains the following relevant information:

Corp.fabrikam.com is a production forest that contains identities used for internal user and computer authentication.

Users must always authenticate by using their corp.fabrikam.com UPN identity.

All administrative access to the Azure portal must be secured by using multi-factor authentication.


We need a single Azure AD tenant and have to register corp.fabrikam.com as a user-defined domain in Microsoft 365.

We need one conditional access policy to require MFA for administrator sign-ins to the Azure portal.

Question: 167
Measured Skill: Design identity and security (25-30%)
Note: This questions is based on a case study. The case study is not shown in this demo.

What should you include in the identity management strategy to support the planned changes?

AMove all the domain controllers from corp.fabrikam.com to virtual networks in Azure.
B Deploy domain controllers for corp.fabrikam.com to a virtual network in Azure.
C Deploy a new Azure AD tenant for the authentication of new R&D projects.
D Deploy domain controllers for the rd.fabrikam.com forest to virtual networks in Azure.

Correct answer: B

Explanation:

The case study section contains the following requirement:

Directory synchronization between Azure Active Directory (Azure AD) and corp.fabrikam.com must not be affected by a link failure between Azure and the on-premises network.

In order to separate dependency of the directory synchronization from Internet connectivity, we have to install Azure AD connect on a domain controller hosted in Azure.

Question: 168
Measured Skill: Design data storage (15-20%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You need to recommend a data storage strategy for WebApp1.

What should you include in in the recommendation?

AAn Azure SQL Database elastic pool
B A vCore-based Azure SQL database
C An Azure virtual machine that runs SQL Server
D A fixed-size DTU Azure SQL database

Correct answer: B

Explanation:

The case study section contains the following requirement:

Whenever possible, existing on premises licenses must be used to reduce cost.

Whenever possible, solutions must be deployed to Azure by using platform as a service (PaaS).


In the provisioned compute tier of the vCore-based purchasing model, you can exchange your existing licenses for discounted rates on Azure SQL Database and Azure SQL Managed Instance by using Azure Hybrid Benefit.

Reference: Azure Hybrid Benefit - Azure SQL Database & SQL Managed Instance

Question: 169
Measured Skill: Design infrastructure (25-30%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You design a solution for the web tier of WebApp1 as shown in the following exhibit.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(To answer, select the appropriate objects in the answer area. Each correct selection is worth one point.)

www.cert2brain.com

AThe design supports the technical requirements for redundancy: Yes
The design supports auto scaling: Yes
The design requires a manual configuration if an Azure region fails: Yes
B The design supports the technical requirements for redundancy: Yes
The design supports auto scaling: Yes
The design requires a manual configuration if an Azure region fails: No
C The design supports the technical requirements for redundancy: Yes
The design supports auto scaling: No
The design requires a manual configuration if an Azure region fails: Yes
D The design supports the technical requirements for redundancy: No
The design supports auto scaling: Yes
The design requires a manual configuration if an Azure region fails: No
E The design supports the technical requirements for redundancy: No
The design supports auto scaling: No
The design requires a manual configuration if an Azure region fails: Yes
F The design supports the technical requirements for redundancy: No
The design supports auto scaling: No
The design requires a manual configuration if an Azure region fails: No

Correct answer: B

Explanation:

Azure Traffic Manager is a DNS-based traffic load balancer. This service allows you to distribute traffic to your public facing applications across the global Azure regions. Traffic Manager also provides your public endpoints with high availability and quick responsiveness.

Traffic Manager uses DNS to direct the client requests to the appropriate service endpoint based on a traffic-routing method. Traffic manager also provides health monitoring for every endpoint. The endpoint can be any Internet-facing service hosted inside or outside of Azure (including Azure Virtual Machine Scale Sets). Traffic Manager provides a range of traffic-routing methods and endpoint monitoring options to suit different application needs and automatic failover models. Traffic Manager is resilient to failure, including the failure of an entire Azure region.

Reference: What is Traffic Manager?

Question: 170
Measured Skill: Design monitoring (10-15%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You need to recommend a notification solution for the IT Support distribution group.

What should you include in the recommendation?

AAzure Network Watcher
B An action group
C A SendGrid account with advanced reporting
D Azure AD Connect Health

Correct answer: D

Explanation:

The case study contains the following relevant information:

An email distribution group named IT support must be notified of any issues relating to the directory synchronization services.

You can configure the Azure AD Connect Health service to send email notifications when alerts indicate that your identity infrastructure is not healthy. This occurs when an alert is generated, and when it is resolved.

Reference: Azure Active Directory Connect Health operations



 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2021 by cert2brain.com