• Home
  • Articles
  • [Q60-Q81] Certification Training for AZ-304 Exam Dumps Test Engine [2024]

[Q60-Q81] Certification Training for AZ-304 Exam Dumps Test Engine [2024]

Share

Certification Training for AZ-304 Exam Dumps Test Engine [2024]

Oct 25, 2024 Step by Step Guide to Prepare for AZ-304 Exam

NEW QUESTION # 60
Your on-premises network contains a file server named Server1 that stores 500 GB of data.
You need to use Azure Data Factory to copy the data from Server1 to Azure Storage.
You add a new data factory.
What should you do next? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Install a self-hosted integration runtime
The Integration Runtime is a customer-managed data integration infrastructure used by Azure Data Factory to provide data integration capabilities across different network environments.
Box 2: Create a pipeline
With ADF, existing data processing services can be composed into data pipelines that are highly available and managed in the cloud. These data pipelines can be scheduled to ingest, prepare, transform, analyze, and publish data, and ADF manages and orchestrates the complex data and processing dependencies References:
https://docs.microsoft.com/en-us/azure/machine-learning/team-data-science-process/move-sql-azure-adf


NEW QUESTION # 61
A company deploys Azure Active Directory (Azure AD) Connect to synchronize identity information from their on-premises Active Directory Domain Services (AD DS) directory to their Azure AD tenant The identity information that is synchronized includes user accounts, credential hashes for authentication (password sync), and group memberships. The company plans to deploy several Windows and Linux virtual machines (VMs) to support their applications.
The VMs have the following requirements:
* Support domain join. LDAP read. LDAP rand. NTLM and Kerberos authentication and Group Policy.
* Allow users to sign in to the domain using their corporate credential and connect remotely to the VM by using Remote Desktop.
You need to support the VM deployment
Which service should you use?

  • A. Azure AD Domain Services
  • B. Active Directory Federation Services (AD FS)
  • C. Azure AD privileged identify Management
  • D. Azure Managed identity

Answer: A

Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/compare-identity-solutions Azure AD Domain Services provides managed domain services such as domain join, group policy, LDAP, Kerberos/NTLM authentication that are fully compatible with Windows Server Active Directory.


NEW QUESTION # 62
You are designing an order processing system in Azure that will contain the Azure resources shown in the following table.

The order processing system will have the following transaction flow:
* A customer will place an order by using App1.
* When the order is received, App1 will generate a message to check for product availability at vendor 1 and vendor 2.
* An integration component will process the message, and then trigger either Function1 or Function2 depending on the type of order.
* Once a vendor confirms the product availability, a status message for App1 will be generated by Function1 or Function2.
* All the steps of the transaction will be logged to storage1.
Which type of resource should you recommend for the integration component?
D18912E1457D5D1DDCBD40AB3BF70D5D
Which type of resource should you recommend for the integration component?

  • A. an Azure Event Grid domain
  • B. an Azure Data Factory pipeline
  • C. an Azure Service Bus queue
  • D. an Azure Event Hubs capture

Answer: B

Explanation:
Explanation
A data factory can have one or more pipelines. A pipeline is a logical grouping of activities that together perform a task.
The activities in a pipeline define actions to perform on your data.
Data Factory has three groupings of activities: data movement activities, data transformation activities, and control activities.
Azure Functions is now integrated with Azure Data Factory, allowing you to run an Azure function as a step in your data factory pipelines.
Reference:
https://docs.microsoft.com/en-us/azure/data-factory/concepts-pipelines-activities


NEW QUESTION # 63
Your on-premises network contains a server named Server1 that runs an ASP.NET application named App1.
You have a hybrid deployment of Azure Active Directory (Azure AD).
You need to recommend a solution to ensure that users sign in by using their Azure AD account and Azure Multi-Factor Authentication (MFA) when they connect to App1 from the internet.
Which three Azure services should you recommend be deployed and configured in sequence? To answer, move the appropriate services from the list of services to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation


NEW QUESTION # 64
Your company provides customer support for multiple Azure subscriptions and third-party hosting providers.
You are designing a centralized monitoring solution. The solution must provide the following services:
* Collect log and diagnostic data from all the third-party hosting providers into a centralized repository.
* Collect log and diagnostic data from all the subscriptions into a centralized repository.
* Automatically analyze log data and detect threats.
* Provide automatic responses to known events.
Which Azure service should you include in the solution?

  • A. Azure Sentinel
  • B. Azure Application Insights
  • C. Azure Monitor
  • D. Azure Log Analytics

Answer: C

Explanation:
The following diagram gives a high-level view of Azure Monitor. At the center of the diagram are the data stores for metrics and logs, which are the two fundamental types of data used by Azure Monitor. On the left are the sources of monitoring data that populate these data stores. On the right are the different functions that Azure Monitor performs with this collected data. This includes such actions as analysis, alerting, and streaming to external systems.

Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/overview


NEW QUESTION # 65
You have an Azure subscription that contains the resources shown in the following table.

You create an Azure SQL database named DB1 that is hosted in the East US region.
To DB1, you add a diagnostic setting named Settings1. Settings1 archives SQLInsights to storage1 and sends SQLInsights to Workspace1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selections is worth one point.

Answer:

Explanation:

Explanation
Box 1: Yes
Box 2: Yes
Box 3: Yes
For more information on Azure SQL diagnostics , you can visit the below link
https://docs.microsoft.com/en-us/azure/azure-sql/database/metrics-diagnostic-telemetry-logging-streaming-expo


NEW QUESTION # 66
You need to recommend a solution to deploy containers that run an application. The application has two tiers.
Each tier is implemented as a separate Docker Linux-based image. The solution must meet the following requirements:
The front-end tier must be accessible by using a public IP address on port 80.
The backend tier must be accessible by using port 8080 from the front-end tier only.
Both containers must be able to access the same Azure file share.
If a container fails, the application must restart automatically.
Costs must be minimized.
What should you recommend using to host the application?

  • A. Azure Container registries
  • B. Azure Kubernetes Service (AKS)
  • C. Azure Container instances
  • D. Azure Service Fabric

Answer: C

Explanation:
Azure Container Instances enables a layered approach to orchestration, providing all of the scheduling and management capabilities required to run a single container, while allowing orchestrator platforms to manage multi-container tasks on top of it.
Because the underlying infrastructure for container instances is managed by Azure, an orchestrator platform does not need to concern itself with finding an appropriate host machine on which to run a single container.
Azure Container Instances can schedule both Windows and Linux containers with the same API.
Orchestration of container instances exclusively
Because they start quickly and bill by the second, an environment based exclusively on Azure Container Instances offers the fastest way to get started and to deal with highly variable workloads.
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-overview
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-orchestrator-relationship


NEW QUESTION # 67
You plan to create a storage account and to save the files as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers#archive-access-tier-preview


NEW QUESTION # 68
You have an Azure Active Directory (Azure AD) tenant.
You plan to use Azure Monitor to monitor user sign-ins and generate alerts based on specific user sign-in events.
You need to recommend a solution to trigger the alerts based on the events.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://4sysops.com/archives/how-to-create-an-azure-ad-admin-login-alert/
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-log


NEW QUESTION # 69
A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with Microsoft Office 365 and an Azure subscription.
Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active Directory Domain Services (AD DS), Active Directory Federation Services (AD FS), Azure AD Connect, and Microsoft Identity Manager (MIM).
Contoso has a partnership with a company named Fabrikam, Inc. Fabrikam has an Active Directory forest and an Office 365 tenant. Fabrikam has the same on-premises identity infrastructure as Contoso.
A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure subscription of Contoso. The developers must be added to the Contributor role for a resource in the Contoso subscription.
You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam developers. The solution must ensure that the Fabrikam developers use their existing credentials to access resources.
What should you recommend?

  • A. Configure an AD FS relying party trust between the fabrikam and Contoso AD FS infrastructures.
  • B. In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers.
  • C. Configure an organization relationship between the Office 365 tenants of Fabrikam and Contoso.
  • D. Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.

Answer: D

Explanation:
Trust configurations - Configure trust from managed forests(s) or domain(s) to the administrative forest A one-way trust is required from production environment to the admin forest.
Selective authentication should be used to restrict accounts in the admin forest to only logging on to the appropriate production hosts.
References:
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material


NEW QUESTION # 70
You have an Azure virtual machine named VM1 that runs Windows Server 2019 and contains 500 GB of data files.
You are designing a solution that will use Azure Data Factory to transform the data files, and then load the files to Azure Data Lake Storage.
What should you deploy on VM1 to support the design?

  • A. the Azure File Sync agent
  • B. the On-premises data gateway
  • C. the Azure Pipelines agent
  • D. the self-hosted integration runtime in Azure

Answer: D

Explanation:
The integration runtime (IR) is the compute infrastructure that Azure Data Factory uses to provide data-integration capabilities across different network environments. For details about IR, see Integration runtime overview.
A self-hosted integration runtime can run copy activities between a cloud data store and a data store in a private network. It also can dispatch transform activities against compute resources in an on-premises network or an Azure virtual network. The installation of a self-hosted integration runtime needs an on-premises machine or a virtual machine inside a private network.
Reference:
https://docs.microsoft.com/en-us/azure/data-factory/create-self-hosted-integration-runtime


NEW QUESTION # 71
You need to design an Azure policy that will implement the following functionality:
* For new resources, assign tags and values that match the tags and values of the resource group to which the resources are deployed.
* For existing resources, identify whether the tags and values match the tags and values of the resource group that contains the resources.
* For any non-compliant resources, trigger auto-generated remediation tasks to create missing tags and values.
The solution must use the principle of least privilege.
What should you include in the design? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Modify
Modify is used to add, update, or remove properties or tags on a resource during creation or update. A common example is updating tags on resources such as costCenter. Existing non-compliant resources can be remediated with a remediation task. A single Modify rule can have any number of operations.
Box 2: A managed identity with the Contributor role
Managed identity
How remediation security works: When Azure Policy runs the template in the deployIfNotExists policy definition, it does so using a managed identity. Azure Policy creates a managed identity for each assignment, but must have details about what roles to grant the managed identity.
Contributor role
The Contributor role grants the required access to apply tags to any entity.
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects
https://docs.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources


NEW QUESTION # 72
You have an Azure Storage account that contains the data shown in the following exhibit.

You need to identify which files can be accessed immediately from the storage account.
Which files should you identify?

  • A. File1.bin File2.bin File3.bin
  • B. File1.bin and File2.bin only
  • C. File2.bin only
  • D. File3.bin only
  • E. File1. bin only

Answer: B

Explanation:
Explanation
Hot - Optimized for storing data that is accessed frequently.
Cool - Optimized for storing data that is infrequently accessed and stored for at least 30 days.
Archive - Optimized for storing data that is rarely accessed and stored for at least 180 days with flexible latency requirements (on the order of hours).
Note: Lease state of the blob. Possible values: available|leased|expired|breaking|broken Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers


NEW QUESTION # 73
You plan to deploy a network-intensive application to several Azure virtual machines.
You need to recommend a solution that meets the following requirements:
* Minimizes the use of the virtual machine processors to transfer data
* Minimizes network latency
Which virtual machine size and feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-hpc#h-series


NEW QUESTION # 74
You design a solution for the web tier of WebApp1 as shown in the exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Answer:

Explanation:

Explanation:
Box 1: Yes
Any new deployments to Azure must be redundant in case an Azure region fails.
Traffic Manager uses DNS to direct client requests to the most appropriate service endpoint based on a traffic-routing method and the health of the endpoints. An endpoint is any Internet-facing service hosted inside or outside of Azure. Traffic Manager provides a range of traffic-routing methods and endpoint monitoring options to suit different application needs and automatic failover models. Traffic Manager is resilient to failure, including the failure of an entire Azure region.
Box 2: Yes
Recent changes in Azure brought some significant changes in autoscaling options for Azure Web Apps (i.e. Azure App Service to be precise as scaling happens on App Service plan level and has effect on all Web Apps running in that App Service plan).
Box 3: No
Traffic Manager provides a range of traffic-routing methods and endpoint monitoring options to suit different application needs and automatic failover models. Traffic Manager is resilient to failure, including the failure of an entire Azure region.
Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
https://blogs.msdn.microsoft.com/hsirtl/2017/07/03/autoscaling-azure-web-apps/


NEW QUESTION # 75
You are designing a virtual machine that will run Microsoft SQL Server and will contain two data disks. The first data disk will store log files, and the second data disk will store data. Both disks are P40 managed disks.
You need to recommend a caching policy for each disk. The policy must provide the best overall performance for the virtual machine.
Which caching policy should you recommend for each disk? To answer, drag the appropriate policies to the correct disks. Each policy may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windows-sql-performanc


NEW QUESTION # 76
You have an Azure subscription. The subscription contains Azure virtual machines that run Windows Server 2016 and Linux.
You need to use Azure Log Analytics design an alerting strategy for security-related events.
Which Log Analytics tables should you query? To answer, drag the appropriate tables to the correct log types. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent Windows Event logs --> Information sent to the Windows event logging system. Syslog --> Information sent to the Linux event logging system.


NEW QUESTION # 77
A company has a hybrid ASP.NET Web API application that is based on a software as a service (SaaS) offering.
Users report general issues with the data. You advise the company to implement live monitoring and use ad hoc queries on stored JSON data. You also advise the company to set up smart alerting to detect anomalies in the data.
You need to recommend a solution to set up smart alerting.
What should you recommend?

  • A. Azure Site Recovery and Azure Monitor Logs
  • B. Azure Data Lake Analytics and Azure Monitor Logs
  • C. Azure Security Center and Azure Data Lake Store
  • D. Azure Application Insights and Azure Monitor Logs

Answer: D

Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/azure-monitor/app/proactive-failure-diagnostics Application Insights can be used for smart alerting to detect anomalies, whilst Azure Monitor Logs can be used for the live monitoring and use of adhoc queries on stored JSON data
https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-json


NEW QUESTION # 78
You have a virtual machine scale set named SS1.
You configure autoscaling as shown in the following exhibit.

You configure the scale out and scale in rules to have a duration of 10 minutes and a cool down time of 10 minutes.
Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: 20 Minutes. 10 minutes cool down time after the last scale-up plus 10 minutes duration equals 20 minutes.
Box 2: 9 virtual machines. 30% does not match the scale in requirement of less than 25% so the number of virtual machines will not change.


NEW QUESTION # 79
You use Azure virtual machines to run a custom application that uses an Azure SQL database on the back end.
The IT apartment at your company recently enabled forced tunneling,
Since the configuration change, developers have noticed degraded performance when they access the database You need to recommend a solution to minimize latency when accessing the database. The solution must minimize costs What should you include in the recommendation?

  • A. Azure SQL Database Managed instance
  • B. Azure virtual machines that run Microsoft SQL Server servers
  • C. Always On availability groups
  • D. virtual network (VNET) service endpoint

Answer: D

Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview


NEW QUESTION # 80
You need to recommend a solution for protecting the content of the payment processing system.
What should you include in the recommendation?

  • A. Always Encrypted with randomized encryption
  • B. Always Encrypted with deterministic encryption
  • C. Azure Storage Service Encryption
  • D. Transparent Data Encryption (TDE)

Answer: B

Explanation:
Topic 1, Contoso, Ltd
Planned Changes
Contoso plans to implement the following changes:
* Migrate the payment processing system to Azure.
* Migrate the historical transaction data to Azure Cosmos DB to address the performance issues.
Migration Requirements
Contoso identifies the following general migration requirements:
Infrastructure services must remain available if a region or a data center fails. Failover must occur without any administrative intervention
* Whenever possible. Azure managed serves must be used to management overhead
* Whenever possible, costs must be minimized.
Contoso identifies the following requirements for the payment processing system:
* If a data center fails, ensure that the payment processing system remains available without any administrative intervention. The middle-tier and the web front end must continue to operate without any additional configurations-
* If that the number of compute nodes of the from -end and the middle tiers of the payment processing system can increase or decrease automatically based on CPU utilization.
* Ensure that each tier of the payment processing system is subject to a Service level Agreement (SLA) of 9959 percent availability
* Minimize the effort required to modify the middle tier API and the back-end tier of the payment processing system.
* Generate alerts when unauthorized login attempts occur on the middle-tier virtual machines.
* Insure that the payment processing system preserves its current compliance status.
* Host the middle tier of the payment processing system on a virtual machine.
Contoso identifies the following requirements for the historical transaction query system:
* Minimize the use of on-premises infrastructure service.
* Minimize the effort required to modify the .NET web service querying Azure Cosmos DB.
* If a region fails, ensure that the historical transaction query system remains available without any administrative intervention.
Current Issue
The Contoso IT team discovers poor performance of the historical transaction query as the queries frequently cause table scans.
Information Security Requirements
The IT security team wants to ensure that identity management is performed by using Active Directory. Password hashes must be stored on-premises only.
Access to all business-critical systems must rely on Active Directory credentials. Any suspicious authentication attempts must trigger a multi-factor authentication prompt automatically. legitimate users must be able to authenticate successfully by using multi-factor authentication.


NEW QUESTION # 81
......

Ultimate Guide to Prepare AZ-304 Certification Exam for Azure Solutions Architect Expert: https://measureup.preppdf.com/Microsoft/AZ-304-prepaway-exam-dumps.html

Related Articles

more
Microsoft AZ-304 Certification Practice Exam