Certification Practice Test | PDF Questions | Actual Questions | Test Engine | Pass4Sure
AZ-304 : Microsoft Azure Architect Design Exam
Microsoft AZ-304 Questions & Answers
Full Version: 350 Q&A
AZ-304 Dumps
AZ-304 Braindumps
AZ-304 Real Questions
AZ-304 Practice Test
AZ-304 Actual Questions
Microsoft
AZ-304
Microsoft Azure Architect Design
https://killexams.com/pass4sure/exam-detail/AZ-304
Question: 331
You need to recommend a disaster recovery solution for the back-end tier of the payment processing system. What
should you include in the recommendation?
A . Always On Failover Cluster Instances
B . active geo-replication
C . Azure Site Recovery
D . an auto-failover group
Answer: D
Explanation:
References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-auto-failover-group
Question: 332
You need to recommend a strategy for migrating the database content of WebApp1 to Azure. What should you include
in the recommendation?
A . Use Azure Site Recovery to replicate the SQL servers to Azure.
B . Use SQL Server transactional replication.
C . Copy the BACPAC file that contains the Azure SQL database file to Azure Blob storage.
D . Copy the VHD that contains the Azure SQL database files to Azure Blob storage
Answer: D
Explanation:
Before you upload a Windows virtual machine (VM) from on-premises to Azure, you must prepare the virtual hard
disk (VHD or VHDX).
Scenario: WebApp1 has a web tier that uses Microsoft Internet Information Services (IIS) and a database tier that runs
Microsoft SQL Server 2016. The web tier and the database tier are deployed to virtual machines that run on Hyper-V.
Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepare-for-upload-vhd-image
Question: 333
You are evaluating the components of the migration to Azure that require you to provision an Azure Storage account.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct
selection is worth one point.
Answer:
Question: 334
You design a solution for the web tier of WebApp1 as shown in the exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation::
Box 1: Yes
Any new deployments to Azure must be redundant in case an Azure region fails.
Traffic Manager uses DNS to direct client requests to the most appropriate service endpoint based on a traffic-routing
method and the health of the endpoints. An endpoint is any Internet-facing service hosted inside or outside of Azure.
Traffic Manager provides a range of traffic-routing methods and endpoint monitoring options to suit different
application needs and automatic failover models. Traffic Manager is resilient to failure, including the failure of an
entire Azure region.
Box 2: Yes
Recent changes in Azure brought some significant changes in autoscaling options for Azure Web Apps (i.e. Azure App
Service to be precise as scaling happens on App Service plan level and has effect on all Web Apps running in that App
Service plan).
Box 3: No
Traffic Manager provides a range of traffic-routing methods and endpoint monitoring options to suit different
application needs and automatic failover models. Traffic Manager is resilient to failure, including the failure of an
entire Azure region.
Reference: https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
https://blogs.msdn.microsoft.com/hsirtl/2017/07/03/autoscaling-azure-web-apps/
Question: 335
You need to recommend a strategy for the web tier of WebApp1. The solution must minimize What should you
recommend?
A . Create a runbook that resizes virtual machines automatically to a smaller size outside of business hours.
B . Configure the Scale Up settings for a web app.
C . Deploy a virtual machine scale set that scales out on a 75 percent CPU threshold.
D . Configure the Scale Out settings for a web app.
Answer: D
Question: 336
You need to recommend a solution for the collection of security logs the middle tier of the payment processing
system.
What should you include in the recommendation?
A . Azure Notification Hubs
B . the Azure Diagnostics agent
C . Azure Event Hubs
D . the Azure Log Analytics agent
Answer: D
Explanation:
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/diagnostics-extension-overview
Question: 337
You need to recommend a solution for the user at Contoso to authenticate to the cloud-based sconces and the Azure
AD-integrated application.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE:
Each correct selection is worth one point.
Answer:
Question: 338
You need to recommend a solution for configuring the Azure Multi-Factor Authentication (MFA) settings.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE:
Each correct selection is worth one point.
Answer:
Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-mfa-policy
Question: 339
You need to recommend a compute solution for the middle tier of the payment processing system. What should you
include in the recommendation?
A . Azure Kubernetes Service (AKS)
B . virtual machine scale sets
C . availability sets
D . App Service Environments (ASEs)
Answer: B
Question: 340
What should you include in the identity management strategy to support the planned changes?
A . Move all the domain controllers from corp.fabrikam.com to virtual networks in Azure.
B . Deploy domain controllers for corp.fabrikam.com to virtual networks in Azure.
C . Deploy a new Azure AD tenant for the authentication of new R&D projects.
D . Deploy domain controllers for the rd.fabrikam.com forest to virtual networks in Azure.
Answer: B
Explanation:
Directory synchronization between Azure Active Directory (Azure AD) and corp.fabrikam.com must not be affected
by a link failure between Azure and the on-premises network. (This requires domain controllers in Azure)
Users on the on-premises network must be able to authenticate to corp.fabrikam.com if an Internet link fails. (This
requires domain controllers on-premises)
Question: 341
Topic 2, Contoso, Ltd Case Study B
Overview
Contoso,Ltd is a US-base finance service company that has a main office New York and an office in San Francisco.
Payment Processing Query System
Contoso hosts a business critical payment processing system in its New York data center. The system has three tiers a
front-end web app a middle -tier API and a back end data store implemented as a Microsoft SQL Server 2014
database All servers run Windows Server 2012 R2.
The front -end and middle net components are hosted by using Microsoft Internet Inform-non Services (IK) The
application rode is written in C# and middle- tier API uses the Entity framework to communicate the SQL Server
database. Maintenance of the database e performed by using SQL Server Ago-
The database is currently J IB and is not expected to grow beyond 3 TB.
The payment processing system has the following compliance related requirement
Encrypt data in transit and at test. Only the front-end and middle-tier components must be able to access the
encryption keys that protect the date store.
Keep backups of the two separate physical locations that are at last 200 miles apart and can be restored for op to
seven years.
Support blocking inbound and outbound traffic based on the source IP address, the description IP address, and the
port number
Collect Windows security logs from all the middle-tier servers and retain the log for a period of seven years,
Inspect inbound and outbound traffic from the from-end tier by using highly available network appliances.
Only allow all access to all the tiers from the internal network of Contoso.
Tape backups ate configured by using an on-premises deployment or Microsoft System Center Data protection
Manager (DPMX and then shaped ofsite for long term storage
Historical Transaction Query System
Contoso recently migrate a business-Critical workload to Azure. The workload contains a NET web server for
querying the historical transaction data residing in azure Table Storage. The NET service is accessible from a client
app that was developed in-house and on the client computer in the New Your office. The data in the storage is 50 GB
and is not except to increase.
Information Security Requirement
The IT security team wants to ensure that identity management n performed by using Active Directory.
Password hashes must be stored on premises only.
Access to all business-critical systems must rely on Active Directory credentials. Any suspicious authentication
attempts must trigger multi-factor authentication prompt automatically Legitimate users must be able to authenticate
successfully by using multi-factor authentication.
Planned Changes
Contoso plans to implement the following changes:
* Migrate the payment processing system to Azure.
* Migrate the historical transaction data to Azure Cosmos DB to address the performance issues.
Migration Requirements
Contoso identifies the following general migration requirements:
Infrastructure services must remain available if a region or a data center fails. Failover must occur without any
administrative intervention
Whenever possible. Azure managed serves must be used to management overhead
Whenever possible, costs must be minimized.
Contoso identifies the following requirements for the payment processing system:
If a data center fails, ensure that the payment processing system remains available without any administrative
intervention. The middle-tier and the web front end must continue to operate without any additional configurations-
If that the number of compute nodes of the from -end and the middle tiers of the payment processing system can
increase or decrease automatically based on CPU utilization.
Ensure that each tier of the payment processing system is subject to a Service level Agreement (SLA) of 9959
percent availability
Minimize the effort required to modify the middle tier API and the back-end tier of the payment processing system.
Generate alerts when unauthorized login attempts occur on the middle-tier virtual machines.
Insure that the payment processing system preserves its current compliance status.
Host the middle tier of the payment processing system on a virtual machine.
Contoso identifies the following requirements for the historical transaction query system:
Minimize the use of on-premises infrastructure service.
Minimize the effort required to modify the .NET web service querying Azure Cosmos DB.
If a region fails, ensure that the historical transaction query system remains available without any administrative
intervention.
Current Issue
The Contoso IT team discovers poor performance of the historical transaction query as the queries frequently cause
table scans.
Information Security Requirements
The IT security team wants to ensure that identity management is performed by using Active Directory.
Password hashes must be stored on-premises only.
Access to all business-critical systems must rely on Active Directory credentials. Any suspicious authentication
attempts must trigger a multi-factor authentication prompt automatically. legitimate users must be able to authenticate
successfully by using multi-factor authentication.
You need to recommend a solution for protecting the content of the back-end tier of the payment processing system.
What should you include in the recommendations?
A . Always Encrypted with deterministic encryption
B . Transparent Date Encryption (TDE)
C . Azure Storage Service Encryption
D . Always Encrypted with randomized encryption
Answer: A
Question: 342
You need to recommend a solution for the network configuration of the front-end tier of the payment processing.
What should you include in the recommendation?
A . Azure Application Gateway
B . Traffic Manager
C . a Standard Load Balancer
D . a Basic load Balancer
Answer: C
Explanation:
Scenario:
Ensure that the number of compute nodes of the front-end and the middle tiers of the payment processing system
can increase or decrease automatically based on CPU utilization.
Ensure that each tier of the payment processing system is subject to a Service Level Agreement (SLA) of 99.99
percent availability.
With Azure Load Balancer, you can scale your applications and create high availability for your services. Load
Balancer supports inbound and outbound scenarios, provides low latency and high throughput, and scales up to
millions of flows for all TCP and UDP applications.
Azure Load Balancer is available in two SKUs: Basic and Standard. There are differences in scale, features, and
pricing. Standard SLA guarantees a 99.99% for data path with two healthy virtual machines. Basic SLA does not exist.
Reference: https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Question: 343
You need to recommend a solution for the data store of the historical transaction query system.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE:
Each correct selection is worth one point.
Answer:
Question: 344
To meet the authentication requirements of Fabrikam, what should you include in the solution? To answer, select the
appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Question: 345
Topic 1, Fabrikam, inc Case Study A
Overview:
Existing Environment
Fabrikam, Inc. is an engineering company that has offices throughout Europe. The company has a main office in
London and three branch offices in Amsterdam Berlin, and Rome.
Active Directory Environment:
The network contains two Active Directory forests named corp.fabnkam.com and rd.fabrikam.com. There are no trust
relationships between the forests. Corp.fabrikam.com is a production forest that contains identities used for internal
user and computer authentication. Rd.fabrikam.com is used by the research and development (R&D) department only.
Network Infrastructure:
Each office contains at least one domain controller from the corp.fabrikam.com domain. The main office contains all
the domain controllers for the rd.fabrikam.com forest.
All the offices have a high-speed connection to the Internet.
An existing application named WebApp1 is hosted in the data center of the London office. WebApp1 is used by
customers to place and track orders. WebApp1 has a web tier that uses Microsoft Internet Information Services (IIS)
and a database tier that runs Microsoft SQL Server 2016. The web tier and the database tier are deployed to virtual
machines that run on Hyper-V.
The IT department currently uses a separate Hyper-V environment to test updates to WebApp1.
Fabrikam purchases all Microsoft licenses through a Microsoft Enterprise Agreement that includes Software
Assurance.
Problem Statement:
The use of Web App1 is unpredictable. At peak times, users often report delays. Al other times, many resources for
WebApp1 are underutilized.
Requirements:
Planned Changes:
Fabrikam plans to move most of its production workloads to Azure during the next few years.
As one of its first projects, the company plans to establish a hybrid identity model, facilitating an upcoming Microsoft
Office 365 deployment
All R&D operations will remain on-premises.
Fabrikam plans to migrate the production and test instances of WebApp1 to Azure.
Technical Requirements:
Fabrikam identifies the following technical requirements:
Web site content must be easily updated from a single point.
User input must be minimized when provisioning new app instances.
Whenever possible, existing on premises licenses must be used to reduce cost.
Users must always authenticate by using their corp.fabrikam.com UPN identity.
Any new deployments to Azure must be redundant in case an Azure region fails.
Whenever possible, solutions must be deployed to Azure by using platform as a service (PaaS).
An email distribution group named IT Support must be notified of any issues relating to the directory
synchronization services.
Directory synchronization between Azure Active Directory (Azure AD) and corp.fabhkam.com must not be affected
by a link failure between Azure and the on premises network.
Database Requirements:
Fabrikam identifies the following database requirements:
Database metrics for the production instance of WebApp1 must be available for analysis so that database
administrators can optimize the performance settings.
To avoid disrupting customer access, database downtime must be minimized when databases are migrated.
Database backups must be retained for a minimum of seven years to meet compliance requirement
Security Requirements:
Fabrikam identifies the following security requirements:
* Company information including policies, templates, and data must be inaccessible to anyone outside the company
* Users on the on-premises network must be able to authenticate to corp.fabrikam.com if an Internet link fails.
* Administrators must be able authenticate to the Azure portal by using their corp.fabrikam.com credentials.
* All administrative access to the Azure portal must be secured by using multi-factor authentication.
* The testing of WebApp1 updates must not be visible to anyone outside the company.
You need to recommend a solution to meet the database retention requirement. What should you recommend?
A . Configure a long-term retention policy for the database.
B . Configure Azure Site Recovery.
C . Configure geo replication of the database.
D . Use automatic Azure SQL Database backups.
Answer: A
Question: 346
You need to recommend a notification solution for the IT Support distribution group.
What should you include in the recommendation?
A . Azure Network Watcher
B . an action group
C . a SendGrid account with advanced reporting
D . Azure AD Connect Health
Answer: D
Explanation:
References: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-operations
Question: 347
You need to recommend a data storage strategy for WebApp1.
What should you include in in the recommendation?
A . an Azure SQL Database elastic pool
B . a vCore-baswl Azure SQL database
C . an Azure virtual machine that runs SQL Server
D . a fixed-size DTU AzureSQL database.
Answer: B
Question: 348
You need to design a solution for securing access to the historical transaction data.
What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each
correct selection is worth one point.
Answer:
Question: 349
Question Set 1
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource
deployments in your subscription.
What should you include in the recommendation?
A . the Change Tracking management solution
B . Application Insights
C . Azure Monitor action groups
D . Azure Activity Log
Answer: D
Explanation:
Activity logs are kept for 90 days. You can query for any range of dates, as long as the starting date isnt more than 90
days in the past.
Through activity logs, you can determine:
what operations were taken on the resources in your subscription
who started the operation
when the operation occurred
the status of the operation
the values of other properties that might help you research the operation
Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/view-activity-logs
Question: 350
You have an Azure subscription that contains an Azure SQL database named DB1.
Several queries that query the data in DB1 take a long time to execute.
You need to recommend a solution to identify the queries that take the longest to execute.
What should you include in the recommendation?
A . SQL Database Advisor
B . Azure Monitor
C . Performance Recommendations
D . Query Performance Insight
Answer: D
Explanation:
Query Performance Insight provides intelligent query analysis for single and pooled databases. It helps identify the top
resource consuming and long-running queries in your workload. This helps you find the queries to optimize to
improve overall workload performance and efficiently use the resource that you are paying for.
Reference: https://docs.microsoft.com/en-us/azure/azure-sql/database/query-performance-insight-use
User: Sarah***** Before joining killexams.com, I attempted the az-304 practice questions more than once but was unsuccessful in my studies. I did not realize where I lacked in getting fulfillment until I became a member of killexams.com, which provided the missing piece of az-304 practice material. Preparing for az-304 with az-304 sample questions is highly convincing, and the az-304 practice books designed by killexams.com are excellent. |
User: Laura***** Thanks to Killexams.com, I was able to answer all the questions on the az-304 exam correctly. This is a fantastic resource for anyone looking to pass the test. I encourage everyone to use Killexams.com practice materials. Despite reading several books and failing to understand the concepts, I found their practice questions and answers straightforward and was able to grasp all the issues. |
User: Tahnee***** I am delighted to announce that I passed the Microsoft az-304 exam, and I owe thanks to the support team at Killexams.com for their assistance. Although the questions in the exam were not entirely covered by the questions and answers provided, I appreciate the effort made by Killexams.com to make us technically sound. It was a great program that helped me secure my position in the Microsoft az-304 exam. |
User: Nickolai***** I am happy to report that I passed the MICROSOFT AZURE ARCHITECT DESIGN exam with an incredible score of 99%, and all credit goes to Killexams.com question and answer guide. Even with only 15 days of preparation time, I was able to master the difficult subjects with ease. Thank you, Killexams.com, for providing such an effective and clear study guide. I hope your team continues to develop more courses for different IT certification tests. |
User: Benjamin***** You can always count on Killexams.com to help you succeed, as their products are designed to assist all students. I purchased the az-304 exam guide, and it was the right choice for me, helping me understand all the essential concepts. With the help of the az-304 exam engine, I scored 92%, and I am grateful to the fantastic crew at Killexams.com for their assistance. |
Features of iPass4sure AZ-304 Exam
- Files: PDF / Test Engine
- Premium Access
- Online Test Engine
- Instant download Access
- Comprehensive Q&A
- Success Rate
- Real Questions
- Updated Regularly
- Portable Files
- Unlimited Download
- 100% Secured
- Confidentiality: 100%
- Success Guarantee: 100%
- Any Hidden Cost: $0.00
- Auto Recharge: No
- Updates Intimation: by Email
- Technical Support: Free
- PDF Compatibility: Windows, Android, iOS, Linux
- Test Engine Compatibility: Mac / Windows / Android / iOS / Linux
Premium PDF with 350 Q&A
Get Full VersionAll Microsoft Exams
Microsoft ExamsCertification and Entry Test Exams
Complete exam list