Microsoft AZ-303 Exam Practice Test Instant Access

Question 1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription.

You have an on-premises file server named Server1 that runs Windows Server 2019.

You manage Server1 by using Windows Admin Center.

You need to ensure that if Server1 fails, you can recover Server1 files from Azure.

Solution: You register Windows Admin Center in Azure and configure Azure Backup.

Does this meet the goal?

AYes

BNo

Answer : B

Instead use Azure Storage Sync service and configure Azure File.

Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share.

https://docs.microsoft.com/en-us/azure/storage/files/storage-files-introduction

Question 2

You have an Azure subscription that contains the storage accounts shown in the following table.

You enable Azure Advanced Threat Protection (ATP) for all the storage accounts.

You need to identify which storage accounts will generate Azure ATP alerts.

Which two storage accounts should you identify? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Astoragecontoso1

Bstoragecontoso2

Cstoragecontoso3

Dstoragecontoso4

Estoraaecontoso5

Answer : A, B

Advanced threat protection for Azure Storage is currently available only for Blob Storage. https://docs.microsoft.com/en-us/azure/storage/common/storage-advanced-threat-protection?tabs=azure-portal

Question 3

You have an Azure subscription that contains a virtual machine named VM1 and a Recovery Services vault named Vault 1. VM1 runs Linux.

VM1 is backed up to Vault1 daily.

You need to ensure that you can perform application-consistent backups of VM1.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

AModify the backup policy of VM1.

BCreate the prescript and post-script files and copy the files to VM1.

CModify the VMSnapshotScriptPluginConfig.json configuration file and copy the file to VM1.

DOn VM1. install the VM Snapshot Linux extension for Azure Backup.

EFrom Vault1, create a new automation task.

Answer : D, E

Question 4

Your company plans to develop an application that will use a NoSQL database. The database will be used to store transactions and customer information by using JSON documents. Which two Azure Cosmos DB APIs can developers use for the application? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

ACassandra

BGremlin (graph)

CMongoDB

DAzure Table

ECore (SQL)

Answer : B, E

https://docs.microsoft.com/en-us/azure/cosmos-db/faq

Question 5

No. Access control via ACLs is enabled for a storage account as long as the Hierarchical Namespace (HNS) feature is turned ON.

Note 1: We [Microsoft] are pleased to share the general availability of Azure Active Directory (AD) based access control for Azure Storage Blobs and Queues. Enterprises can now grant specific data access permissions to users and service identities from their Azure AD tenant using Azure's Role-based access control (RBAC).

ANote 2: Azure Data Lake Storage Gen2 implements an access control model that supports both Azure role-based access control (Azure RBAC) and POSIX-like access control lists (ACLs).
You can associate a security principal with an access level for files and directories. These associations are captured in an access control list (ACL). Each file and directory in your storage account has an access control list. When a security principal attempts an operation on a file or directory, An ACL check determines whether that security principal (user, group, service principal, or managed identity) has the correct permission level to perform the operation.

Answer : A

https://docs.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-access-control#access-control-lists-on-files-and-directories

https://azure.microsoft.com/en-us/blog/azure-storage-support-for-azure-ad-based-access-control-now-generally-available/

Question 6

You need to configure Azure AD Seamless SSO for Fabrikam. The solution must meet the authentication and authorization requirements.

What should you install first?

Athe Azure AD Connect provisioning agent on SERVER1

Bthe Azure AD Connect provisioning agent on DC1

CAzure AD Connect in staging mode on SERVER1

Dan Azure AD Connect primary server on SERVER1

Answer : A

The Litware and Fabrikam datacenters are not connected.

Azure AD Connect Cloud Sync provides support for synchronizing to an Azure AD tenant from a multi-forest disconnected Active Directory forest environment.

https://docs.microsoft.com/en-us/azure/active-directory/cloud-sync/what-is-cloud-sync

Question 7

You have an Azure subscription.

You create a custom role in Azure by using the following Azure Resource Manager template.

You assign the role to a user named User1.

Which action can User1 perform?

ADelete virtual machines.

BCreate resource groups.

CCreate virtual machines.

DCreate support requests

Answer : D

The 'Microsoft.Support/*' operation will allow the user to create support tickets.

https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell

Microsoft Azure Architect Technologies AZ-303 Exam Practice Test