Microsoft AZ-305 Designing Microsoft Azure Infrastructure Solutions Exam Practice Test

You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1.

You need to recommend a solution to meet the following requirements for the virtual machines that will run App1:

Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to

an Azure key vault, Azure Logic Apps instances, and an Azure SQL database.

Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines.

Avoid storing secrets and certificates on the virtual machines.

Which type of identity should you include in the recommendation?

You are designing an Azure solution.

The network traffic for the solution must be securely distributed by providing the following features:

HTTPS protocol

Round robin routing

SSL offloading

You need to recommend a load balancing option.

What should you recommend?

You need to design a highly available Azure SQL database that meets the following requirements:

* Failover between replicas of the database must occur without any data loss.

* The database must remain available in the event of a zone outage.

* Costs must be minimized.

Which deployment option should you use?

Your company, named Contoso, Ltd, implements several Azure logic apps that have HTTP triggers: The logic apps provide access to an on-premises web service.

Contoso establishes a partnership with another company named Fabrikam, Inc.

Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.

Developers at Fabrikam plan to use a subset of the logics apps to build applications that will integrate with the on-premises web service of Contoso.

You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:

Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.

The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.

The solution must NOT require changes to the logic apps.

The solution must NOT use Azure AD guest accounts.

What should you include in the solution?

The developers at your company are building a containerized Python Django app.

You need to recommend platform to host the app. The solution must meet the following requirements:

Support autoscaling.

Support continuous deployment from an Azure Container Registry.

Provide built-in functionality to authenticate app users by using Azure Active Directory (Azure AD).

Which platform should you include in the recommendation?

You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network.

You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:

* Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.

* The number of incoming microservice calls must be rate-limited.

* Costs must be minimized.

What should you include in the solution?

You migrate App1 to Azure. You need to ensure that the data storage for App1 meets the security and compliance requirement

What should you do?