The purpose of this Sample Question Set is to provide you with information about the Microsoft Azure Architect Design exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the AZ-304 certification test. To get familiar with real exam environment, we suggest you try our Sample Microsoft Azure Architect Design Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual Microsoft Certified - Azure Solutions Architect Expert certification exam.
These sample questions are simple and basic questions that represent likeness to the real Microsoft AZ-304 exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium Microsoft Azure Architect Design Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
Microsoft AZ-304 Sample Questions:
01. You are designing a container solution in azure that will include two containers. One container will host a web API that will be available to the public. The other container will perform health monitoring of the web API and will remain private.
The two containers will be deployed together as a group. You need to recommend a compute service for the containers. The solution must minimize costs and maintenance over head.
What should you include in the recommendation?
a) Azure container instances
b) Azure container Service
c) Azure kubernetes service (aks)
d) Azure service fabric
02. A company deploys Azure Active Directory (Azure AD) Connect to synchronize identity information from their on-premises Active Directory Domain Services (AD DS) directory to their Azure AD tenant.
The identity information that is synchronized includes user accounts, credential hashes for authentication (password sync), and group membership. The company plans to deploy several Windows and Linux virtual machines (VMs) to support their applications.
The VMs have the following requirements:
- Support domain join, LDAP read, LDAP bind, NTLM and Kerberos authentication, and Group Policy.
- Allow users to sign in to the domain using their corporate credentials and connect remotely to the VM by using Remote Desktop.
You need to support the VM deployment. Which service should you use?
a) Azure AD Domain Services
b) Azure AD Privileged Identity Management
c) Azure AD Managed Service Identity
d) Active Directory Federation Services (AD FS)
03. You manage a global e-commerce application named App1. App1 is hosted on multiple virtual machines in the United States. The website has grown in size and popularity. Now European customers are reporting slow page-load times.
You need to design a strategy that ensures that user requests always connect to the closet datacenter in their region. The solution must maximize service uptime in the event of a catastrophic natural disaster.
The solution must also minimize administrative effort. What should you do?
Choose the correct answer
a) Create additional load-balanced VMs in the European regions.
b) Use Azure Traffic Manager (ATM) to create load-balanced connections.
c) Use Azure Application Gateway (AAG) to configure multiple-site hosting
d) Use PowerShell to create a public load balancer.
04. The accounting department at your company migrates to a new financial accounting software.
The accounting department must keep file-based database backups for seven years for compliance purposes. It is unlikely that the backups will be used to recover data.
You need to move the backups to Azure. The solution must minimize costs. Where should you store the backups?
a) Azure SQL Database
b) a Recovery Services vault
c) Azure storage that uses the Cool tier
d) Azure Blob storage that uses the archive tier
05. You are planning to deploy an application by using the Azure Kubermets Services (AKS)> the application will reedy on having access to an encryption key that will be used to ... transmit files.
What should you use to provides the encryption key AKS security?
a) secrets
b) Azure Storage Service Encryption
c) a Kubernetes deployment YAML file
d) ConfigureMap
06. A company named Contoso Ltd., has a single-domain Active Directory forest named contoso.com. Contoso is preparing to migrate all workloads to Azure. Contoso wants users to use single sign-on (SSO) when they access cloud-based services that integrate with Azure Active Directory (Azure AD).
You need to identify any objects in Active Directory that will fail to synchronize to Azure AD due to formatting issues. The solution must minimize costs. What should you include in the solution?
a) Azure Advisor
b) Microsoft Office 365 IdFix
c) Azure AD Connect Health
d) Password Export Server version 3.1 (PES v3.1) in Active Directory Migration Tool (ADMT)
07. Your network contains an on-premises Active Directory forest. You discover that when users change jobs within your company, the membership of the user group are not updated. As a result the users can resources that are no longer relevant to their job.
You plan to integrate Active Directory and Azure Active Directory (Azure AD) by using Azure AD Connect You need to recommend a solution to ensure that group owners are emailed monthly about the group membership they manage.
What should you include in the recommendation?
a) Azure AD Identify Protection
b) Tenant Restrictions
c) Azure AD access reviews
d) conditional access policies
08. You architect a solution that calculates 3D geometry from height-map data. You have the following requirements:
- Perform calculations in Azure.
- Each node must communicate data to every other node.
- Maximize the number of nodes to calculate multiple scenes as fast as possible.
- Require the least amount of effort to implement.
You need to recommend a solution. Which two actions should you recommend?
Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
a) Create a render farm that uses Azure Batch.
b) Enable parallel file systems on Azure.
c) Enable parallel task execution on compute nodes.
d) Create a render farm that uses virtual machine (VM) scale sets.
e) Create a render farm that uses virtual machines (VMs).
09. Your company plans to migrate its on-premises data to Azure. You need to recommend which Azure services can be used to store the data. The solution must meet the following requirements:
- Encrypt all data while at rest.
- Encrypt data only by using a key generatedby the company.
Which two possible services can you recommend?
Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
a) Azure Table storage
b) Azure Backup
c) Azure Blob storage
d) Azure Queue storage
e) Azure Files
10. You are designing a hybrid identity solution for your organization. It consists of an on-premises Active Directory (AD) domain and an Azure AD tenant. Your solution must meet the following requirements:
- Allow a user who logs in to his or her on-premises account to automatically authenticate in Azure AD to access Azure services.
- Minimize administrative effort to deploy and maintain.
You need to set up authentication. Which mechanism should you choose?
a) Federation without password hash sync
b) Single sign-on (SSO) with pass-through authentication
c) Single sign-on (SSO) with password hash sync
d) Federation with password hash sync
Answers:
|
Question: 01 Answer: a |
Question: 02 Answer: a |
Question: 03 Answer: b |
Question: 04 Answer: d |
Question: 05 Answer: c |
|
Question: 06 Answer: b |
Question: 07 Answer: c |
Question: 08 Answer: a, c |
Question: 09 Answer: c, e |
Question: 10 Answer: a |
Note: For any error in Microsoft Certified - Azure Solutions Architect Expert (AZ-304) certification exam sample questions, please update us by writing an email on feedback@edusum.com.