AZ-305 Exam Question 101
Your company has the infrastructure shown in the following table.
The on-premises Active Directory domain syncs to Azure Active Directory (Azure AD).
Server1 runs an application named Appl that uses LDAP queries to verify user identities in the on-premises Active Directory domain.
You plan to migrate Server1 to a virtual machine in Subscription1.
A company security policy states that the virtual machines and services deployed to Subscription1 must be prevented from accessing the on-premises network.
You need to recommend a solution to ensure that Appl continues to function after the migration. The solution must meet the security policy.
What should you include in the recommendation?
The on-premises Active Directory domain syncs to Azure Active Directory (Azure AD).
Server1 runs an application named Appl that uses LDAP queries to verify user identities in the on-premises Active Directory domain.
You plan to migrate Server1 to a virtual machine in Subscription1.
A company security policy states that the virtual machines and services deployed to Subscription1 must be prevented from accessing the on-premises network.
You need to recommend a solution to ensure that Appl continues to function after the migration. The solution must meet the security policy.
What should you include in the recommendation?
AZ-305 Exam Question 102
You have two app registrations named App1 and App2 in Azure AD. App1 supports role-based access control (RBAC) and includes a role named Writer.
You need to ensure that when App2 authenticates to access App1, the tokens issued by Azure AD include the Writer role claim.
Which blade should you use to modify each app registration? To answer, drag the appropriate blades to the correct app registrations. Each blade may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You need to ensure that when App2 authenticates to access App1, the tokens issued by Azure AD include the Writer role claim.
Which blade should you use to modify each app registration? To answer, drag the appropriate blades to the correct app registrations. Each blade may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
AZ-305 Exam Question 103
Hotspot Question
Your on-premises network contains an Active Directory Domain Services (AD DS) domain. The domain contains a server named Server1. Server1 contains an app named App1 that uses AD DS authentication. Remote users access App1 by using a VPN connection to the on-premises network.
You have a Microsoft Entra tenant that syncs with the AD DS domain by using Microsoft Entra Connect.
You need to ensure that the remote users can access App1 without using a VPN. The solution must meet the following requirements:
- Ensure that the users authenticate by using Azure Multi-Factor
Authentication (MFA).
- Minimize administrative effort.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your on-premises network contains an Active Directory Domain Services (AD DS) domain. The domain contains a server named Server1. Server1 contains an app named App1 that uses AD DS authentication. Remote users access App1 by using a VPN connection to the on-premises network.
You have a Microsoft Entra tenant that syncs with the AD DS domain by using Microsoft Entra Connect.
You need to ensure that the remote users can access App1 without using a VPN. The solution must meet the following requirements:
- Ensure that the users authenticate by using Azure Multi-Factor
Authentication (MFA).
- Minimize administrative effort.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-305 Exam Question 104
You need to ensure that users managing the production environment are registered for Azure MFA and must authenticate by using Azure MFA when they sign in to the Azure portal. The solution must meet the authentication and authorization requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-305 Exam Question 105
You are designing a storage solution that will ingest, store, and analyze petabytes (PBs) of structured, semi- structured and unstructured text data. The analyzed data will be offloaded to Azure Data Lake Storage Gen2 for long-term retention.
You need to recommend a storage and analytics solution that meets the following requirements:
* Stores the processed data
* Provides interactive analytics
* Supports manual scaling, built-in autoscaling. and custom autoscaling What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE Each correct selection is worth one point.
You need to recommend a storage and analytics solution that meets the following requirements:
* Stores the processed data
* Provides interactive analytics
* Supports manual scaling, built-in autoscaling. and custom autoscaling What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE Each correct selection is worth one point.
