100% Free Microsoft AZ-301 Exam Study Guide And Materials – Perfect
You will be able to take the exam until you retire around September 30, 2020. This is why I want to share with you my latest AZ-301 study guide: Microsoft Azure Solutions Architect Expert exam study guide 2020. In order to study and prepare for the exam, I usually use some online resources (Recommend https://www.pass4itsure.com/az-301.html Q&As: 283) , mainly Microsoft AZ-301 dumps and Microsoft AZ-301 practice questions. I will share these resources with you.
Check out Microsoft AZ-301 Exam Study Guides:
- Exam AZ-301: Microsoft Azure Architect Design
- Free Download Microsoft AZ-301 Dumps
- Microsoft AZ-301 Exam Video
- Microsoft Azure AZ-301 Exam Questions Answers, Practice! Practice!
- Why Choose Pass4itsure
- Latest Discount Code “2020PASS” – Pass4itsure
Exam AZ-301: Microsoft Azure Architect Design
You can find more information on the exam website.
Must be familiar with the test objectives and skills that were first tested. This is why I recommend that you read the exam description and the skills tested.
Free Download Microsoft AZ-301 Dumps
One thing I often use to prepare for the Microsoft AZ-301 exam is Microsoft AZ-301 dumps. This is the relevant Microsoft AZ-301 dumps I used to prepare and study for the AZ-301 exam – https://drive.google.com/file/d/1tNJ2-60Ssb0JcR3wq5S83I_BcnUeVHAQ/view?usp=sharing AZ-301 PDF Dumps Free.
Microsoft Azure AZ-301 Exam Questions Answers, Practice! Practice!
QUESTION 1
DRAG DROP
You have an Azure Active Directory (Azure AD) tenant. All user accounts are synchronized from an on-premises Active
Directory domain and are configured for federated authentication. Active Directory Federation Services (AD FS) servers
are published for external connections by using a farm of Web Application Proxy servers.
You need to recommend a solution to monitor the servers that integrate with Azure AD. The solution must meet the
following requirements:
1.
Identify any AD FS issues and their potential resolutions.
2.
Identify any directory synchronization configuration issues and their potential resolutions
3.
Notify administrators when there are any issues affecting directory synchronization or AD FS operations.
Which monitoring solution should you recommend for each server type? To answer, drag the appropriate monitoring
solutions to the correct server types. Each monitoring solution may be used once, more than once, or not at all. You
may
need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
QUESTION 2
Note: This question is a part of series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Your company has an on-premises Active Directory Domain Services (AD DS) domain and an established Azure Active
Directory (Azure AD) environment. Your company would like users to be automatically signed in to cloud apps when
they
are on their corporate desktops that are connected to the corporate network.
You need to enable single sign-on (SSO) for company users.
Solution: Configure an AD DS server in an Azure virtual machine (VM). Configure bidirectional replication.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: B
QUESTION 3
You have a web app named App1 that is hosted on-premises and on four Azure virtual machines. Each virtual machine
is in a different region.
You need to recommend a solution to ensure that users will always connect to the closest instance of App1. The
solution must prevent the users from attempting to connect to a failed instance of App1.
Which two possible recommendations achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Azure Front Door Service
B. Azure Load Balancer
C. round-robin DNS
D. Azure Traffic Manager
E. Azure Application Gateway
Correct Answer: AD
QUESTION 4
A company has deployed several applications across Windows and Linux Virtual machines in Azure. Log Analytics are
being used to send the required data for alerting purposes for the Virtual Machines.
You need to recommend which tables need to be queried for security related queries.
Which of the following would you query for events from Windows Event Logs?
A. Azure Activity
B. Azure Diagnostics
C. Event
D. Syslog
Correct Answer: C
This is also given in the Microsoft documentation, wherein you would use the Event Table for the queries on events from
Windows Virtual machines
Since this is clearly mentioned, all other options are incorrect
For more information on collecting event data from windows virtual machines, please go ahead and visit the below
URL.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-windows-events
QUESTION 5
You manage a solution in Azure.
You must collect usage data including MAC addresses from all devices on the network.
You need to recommend a monitoring solution.
What should you recommend?
A. Activity Log Analytics
B. Azure Network Security Group Analytics
C. Network Performance Monitor
D. Azure Application Gateway Analytics
E. Azure Wire Data
Correct Answer: B
A network security group (NSG) includes rules that allow or deny traffic to a virtual network subnet, network interface, or
both. When you enable diagnostic logging for an NSG, you can log the following categories of information:
Event: Entries are logged for which NSG rules are applied to VMs, based on MAC address. The status for these rules is
collected every 60 seconds. Rule counter: Contains entries for how many times each NSG rule is applied to deny or
allow traffic.
Reference: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-nsg-manage-log
QUESTION 6
You need to recommend a data storage solution that meets the following requirements:
1.
Ensures that application can access the data by using a REST connection
2.
Hosts 20 independent tables of varying sizes and usage patterns
3.
Automatically replicates the data to a second Azure region
4.
Minimizes costs What should you recommend?
A. an Azure SQL Database elastic database pool that uses active geo-replication
B. tables in an Azure Storage account that uses geo-redundant storage (GRS)
C. tables in an Azure Storage account that use read-access geo-redundant storage (RA-GR)
D. an Azure SQL database that uses active geo-replication
Correct Answer: C
QUESTION 7
Note: This question is a part of series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You have an Azure subscription that contains a resource group named RG1.
You create an Azure Active Directory (Azure AD) group named ResearchUsers that contains the user accounts of all
researchers.
You need to recommend a solution that meets the following requirements:
1.
The researchers must be allowed to create Azure virtual machines.
2.
The researchers must only be able to create Azure virtual machines by using specific Azure Resource Manager
templates.
Solution: On RG1, assign the Contributor role to the ResearchUsers group. Create a custom Azure Policy definition and
assign the policy to RG1.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
QUESTION 8
Note: This question is a part of series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Your company has an on-premises Active Directory Domain Services (AD DS) domain and an established Azure Active
Directory (Azure AD) environment.
Your company would like users to be automatically signed in to cloud apps when they are on their corporate desktops
that are connected to the corporate network.
You need to enable single sign-on (SSO) for company users.
Solution: Install and configure an on-premises Active Directory Federation Services (AD FS) server with a trust
established between the AD FS server and Azure AD.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: B Seamless SSO is not applicable to Active Directory Federation Services (ADFS). Instead install and configure an Azure
AD Connect server.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso
QUESTION 9
A partner manages on-premises and Azure environments. The partner deploys an on-premises solution that needs to
use Azure services. The partner deploys a virtual appliance.
All network traffic that is directed to a specific subnet must flow through the virtual appliance.
You need to recommend solutions to manage network traffic.
Which two options should you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Configure Azure Traffic Manager
B. Implement an Azure virtual network
C. Configure a routing table with forced tunneling
D. Implement Azure ExpressRoute
Correct Answer: CD
C: Forced tunneling lets you redirect or “force” all Internet-bound traffic back to your on-premises location via a Site-toSite VPN tunnel for inspection and auditing. This is a critical security requirement for most enterprise IT policies. Without
forced tunneling, Internet-bound traffic from your VMs in Azure always traverses from Azure network infrastructure
directly out to the Internet, without the option to allow you to inspect or audit the traffic.
Forced tunneling in Azure is configured via virtual network user-defined routes.
D: ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection
facilitated by a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services,
such as Microsoft Azure, Office 365, and Dynamics 365.
Connectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual crossconnection through a connectivity provider at a co-location facility. ExpressRoute connections do not go over the public
Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, lower latencies, and higher
security than typical connections over the Internet.
Reference: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction
QUESTION 10
You are planning the implementation of an order processing web service that will contain microservices hosted in an
Azure Service Fabric cluster.
You need to recommend a solution to provide developers with the ability to proactively identify and fix performance
issues. The developers must be able to simulate user connections to the order processing web service from the
Internet, as
well as simulate user transactions. The developers must be notified if the goals for the transaction response times are
not met.
What should you include in the recommendation?
A. container health
B. Azure Network Watcher
C. Application Insights
D. Service Fabric Analytics
Correct Answer: C
QUESTION 11
Note: This question is a part of series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native
executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not
running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure Function to run the image processing application every hour.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: B
Instead use an Azure Logic Apps, which helps you automate workflows that run on a schedule.
Reference: https://docs.microsoft.com/en-us/azure/logic-apps/tutorial-build-schedule-recurring-logic-app-workflow
QUESTION 12
You are designing a solution for a company to deploy software for testing and production. The solution must meet the
following requirements:
1.
Applications must be deployed to several different environments and must run without installation of dependencies.
2.
Existing published application must be ported to the new solution.
3.
Application developers must be given flexibility when architecting their code.
You need to recommend a solution for hosting applications.
What should you select?
A. Azure worker role
B. Azure Kubernetes Service
C. Azure Functions
D. Azure Batch
Correct Answer: B
Kubernetes is open-source orchestration software for deploying, managing, and scaling containers. The fully managed
Azure Kubernetes Service (AKS) makes deploying and managing containerized applications easy. It offers serverless
Kubernetes.
Reference: https://azure.microsoft.com/en-us/services/kubernetes-service/
QUESTION 13
You are designing an Azure Web App that includes many static content files.
The application is accessed from locations all over the world by using a custom domain name.
You need to recommend an approach for providing access to the static content with the least amount of latency.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Configure a custom domain name that is an alias for the Azure Storage domain.
B. Configure a CNAME DNS record for the Azure Content Delivery Network (CDN) domain.
C. Place the static content in Azure Table storage.
D. Place the static content in Azure Blob storage and enable Content Delivery Network (CDN) on the account.
Correct Answer: BD
D: Add Azure Content Delivery Network (CDN) to a web app in Azure App Service.
B: When you use a CDN endpoint to deliver content, a custom domain is necessary if you would like your own domain
name to be visible in your CDN URL. Having a visible domain name can be convenient for your customers and useful
for
branding purposes.
Create a CNAME DNS record, and associate the custom domain with your CDN endpoint.
Reference:
https://docs.microsoft.com/en-us/azure/cdn/cdn-map-content-to-custom-domain
https://docs.microsoft.com/en-us/azure/cdn/cdn-add-to-web-app
Why Choose Pass4itsure
If you are looking for real Microsoft AZ-301 dumps, the best choice is Pass4itsure.
Latest Discount Code “2020PASS” – Pass4itsure
Please read the picture carefully to get 12% off!
P.S
I hope this Microsoft Azure AZ-301 exam study guide can help you pass the exam. I also recommend you to go https://www.pass4itsure.com/az-301.html AZ-301 dumps study guide (latest). Also, check out my blog post about other Microsoft certifications.