• For a full set of 900+ questions. Go to
https://skillcertpro.com/product/microsoft-azure-architect-design-az-304-exam-questions/
• SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
• It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
• SkillCertPro updates exam questions every 2 weeks.
• You will get life time access and life time free updates
• SkillCertPro assures 100% pass guarantee in first attempt.
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
Microsoft azure architect design (az 304) practice tests 2022
1. Microsoft Azure Architect Design (AZ-304) Exam Dumps 2022
Microsoft Azure Architect Design (AZ-304) Practice Tests 2022. Contains 900+ exam
questions to pass the exam in first attempt.
SkillCertPro offers real exam questions for practice for all major IT certifications.
For a full set of 900+ questions. Go to
https://skillcertpro.com/product/microsoft-azure-architect-design-az-304-
exam-questions/
SkillCertPro offers detailed explanations to each question which helps to
understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting
a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.
Below are the free 10 sample questions.
Question 1
A company has the requirement to have an automated process in place which would upload logs to an
Azure SQL database every week. Reports would then be generated from the SQL database. Which of the
following would you use for this requirement?
A. The AzCopy tool
B. Azure Data Factory
C. Azure HDInsight
D. Data Migration Assistant
Answer: B
Explanation:
You can use the Azure Data Factory to create a pipeline that can be used to copy data. Below is an
excerpt from the Microsoft documentation on the connector for SQL server.
2. Option A is incorrect since this is used for copying data from Azure storage accounts to on-premise and
vice versa
Option C is incorrect since this is used to run Big data open source frameworks
Option D is incorrect since this is used to migrate data between SQL servers.
For more information on Azure Data Factory connector for SQL, please visit the below URL
https://docs.microsoft.com/en-us/azure/data-factory/connector-sql-server
Question 2
A company is planning on deploying an application onto Azure. The application will be based on the .Net
core programming language. The application would be hosted using Azure Web apps. Below is part of
the various requirements for the application
Gives the ability for the testing team to view the different components of an application and see
the calls being made between the different application components
Helps business analyse how many users actually return to the application
Ensuring IT administrators get alerts based on critical conditions being met in the application
Which of the following service would be best suited for fulfilling the requirement of
“Helps business analyse how many users actually return to the application”
A. Application Insights
B. Azure Service Health
3. C. Azure Advisor
D. Azure Policies
Answer: A
Explanation:
This feature is part of the Application Insights tool. An example of this is given in the Microsoft
documentation
Since this is clearly mentioned in the documentation, all other options are incorrect
For more information on the retention feature of Application Insights, please visit the below URL
https://docs.microsoft.com/en-us/azure/azure-monitor/app/usage-retention
Question 3
View Case Study
Overview:
skillcertlabs is an online training provider. They have several main offices and a couple of branch offices.
Existing Environment:
The company currently has the following Active Directory Environment in place:
Two Active Directory forests - One is quiz.skillcertlabs.com and the other is
research.skillcertlabs.com
Currently there is no trust relationship between the forests
The quiz.skillcertlabs.com is the production forest that hosts all the identities required for
internal user and computer authentication.
The research.skillcertlabs.com forest is only used by the research department
The company currently has the following Networking Environment in place:
The offices currently contain at least one domain controller from the quiz.skillcertlabs.com
forest.
4. The main head office contains the domain controller of the research.skillcertlabs.com forest
All of the offices have high speed internet connections
Applications:
The company has a web application running on-premise named skillcertlab-app
The application is running on Microsoft Internet Information Services
The application stores its data on Microsoft SQL Server 2016
The servers are all running on Hyper-V
The same Hyper-V environment also hosts a staging environment to test all updates to the web
application
All Microsoft based licences have been purchased via a Microsoft Enterprise Agreement that
includes Software Assurance
Planned Changes:
The company wants to migrate its workloads to Azure.
They also want to create a hybrid identity model along with a Microsoft Office 365 deployment
The research department will continue to use the infrastructure in the on-premise environment.
Following are the key requirements for the migration to Azure:
The Web application "skillcertlab-app" needs to be migrated to Azure
Existing licences should be used wherever possible to minimize on costs
Users need to always authenticate using their quiz.skillcertlabs.com UPN identity
All new deployments to Azure must be redundant in the case of an Azure region failure
PaaS deployments are preferred wherever possible
Directory Synchronization must be established between Azure AD and the quiz.skillcertlabs.com
forest. This synchronization must not be affected by a link failure between Azure and the on-
premise network.
The following requirements need to be met in terms of the database:
When the database is migrated to Azure, it needs to be ensured that metrics are recorded for
the database. The database administrators should be able to analyse the metrics for suggesting
any further improvements to the database environment
Database downtime must be minimized when the database is being migrated onto Azure
Database backup's must be maintained for a period of 5 years
The following requirements need to be met in terms of Security:
Administrators should be able to authenticate to Azure by using the quiz.skillcertlabs.com
credentials
Any administrative access to Azure must be complemented by multi-factor authentication
Question: The following architecture is being recommended for the Web application
5. Would this architecture require a manual configuration if an Azure region fails?
A. Yes
B. No
Answer: B
Explanation:
Here you can use the priority traffic routing method which would automatically failover the Web
application if it detects a failure in the primary region. The Microsoft documentation mentions the
following
6. For more information on the priority routing method, please visit the below URL
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods#priority
Question 4
A company has setup an Azure subscription and an Azure tenant. They have purchased Premium P2
licences. There are different departments that have different requirements for managing identities.
Which of the following would you suggest for the Logistics department?
7. A. Managed Service Identity
B. Identity Protection
C. Privileged Identity Management
D. Azure AD Connect
Answer: A
Explanation:
This is clearly given in the Microsoft documentation.
Since this is clearly mentioned, all other options are incorrect
For more information on Managed Service Identity, please visit the below URL
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Question 5
A company has developed a web service that is made available on a virtual machine deployed to a
subnet in the Virtual network skillcertlab-network.
An API Management service has been deployed, which will provide access to the API service hosted on
the Virtual Machine.
Consultant companies must be able to connect to the API over the Internet.
Below is the configuration of the API management gateway instance
8. Based on the configuration, would the API be available to the consultants over the Internet?
A. Yes
B. No
Answer: A
Explanation:
An example of this configuration is given in the Microsoft documentation. By choosing the External
option, the API management gateway instance would also be available over the Internet
9. For more information on using the API Management instance along with Virtual Networks, please visit
the below URL
https://docs.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet
For a full set of 900+ questions. Go to
https://skillcertpro.com/product/microsoft-azure-architect-design-az-304-
exam-questions/
SkillCertPro offers detailed explanations to each question which helps to
understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting
a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.
Question 6
A company wants to deploy an application to Azure. The application has the below requirements
Give the ability to install and provide access to the full .Net framework
Allow administrative access to the operating system
Provide a level of redundancy if an Azure region fails
You decide to deploy 2 Azure Virtual Machines in 2 separate regions. And then you create a Traffic
Manager Profile
Does this solution meet the requirement?
A. Yes
B. No
Answer: A
Explanation:
Yes, this will meet all the requirements. Since you are using Azure Virtual Machines, IT administrators
can get the required access. You can also then get the required access to the underlying software
including the .Net framework.
Using a Traffic Manager profile along with the failover routing policy can ensure the requirement for
redundancy is fulfilled.
For more information on Azure Traffic Manager, please visit the below URL
10. https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Question 7
A team has an Azure CosmosDB account. A solution needs to be in place to generate an alert from Azure
Log Analytics when a query request charge exceeds 40 units more than 10 times during a 10-minute
window. Which of the following would you recommend? Choose 2 answers from the options given
below
A. Create a search query to identify when the requestCharge_s exceeds 40.
B. Create a search query to identify when the requestCharge_s exceeds 10.
C. Create a search query to identify when the duration_s exceeds 10.
D. Configure a period of 10 and a frequency of 10.
Answer: A, D
Explanation:
If you look at the table for the log entries in Azure Log Analytics, you can see that in order to monitor the
request unit rate, we have to check for the requestCharge_s log entry.
11. You can then generate alerts in Azure Monitor based on the period and frequency
Option B is incorrect since the question states to check if the request charge exceeds 40 units
Option C is incorrect since this is the wrong metric to monitor
For more information on CosmoDB logging, please go ahead and visit the below URL
https://docs.microsoft.com/en-us/azure/cosmos-db/logging
Question 8
Your team needs to deploy a Virtual machine that will host a SQL Server. The Virtual machine will have 2
data disks, one for the log file and the other for the data files. You need to recommend a caching policy
for each disk
Which of the following would you recommend for the data disk containing the logs?
A. None
B. ReadOnly
C. WriteOnly
D. ReadWrite
Answer: A
Explanation:
This is clearly mentioned in the Microsoft documentation
Since this is clearly mentioned, all other options are incorrect
For more information on the performance guidelines for SQL Server on Virtual Machines, please go
ahead and visit the below URL
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windows-sql-
performance
12. Question 9
A company has setup an Azure subscription and an Azure tenant. You need to provide the development
team to be able to start and stop Virtual Machines. The access needs to be granted on specific occasions
only.
You need to ensure the permission gets assigned and use the principle of least privilege. You also need
to minimize costs.
Which of the following security feature would you use for the requirement?
A. Conditional Access policy
B. Azure Policies
C. Just in time VM access
D. Privileged Identity Management
Answer: D
Explanation:
With Privileged Identity Management, you can implement just in time privileges for Azure resources.
Since this is clearly given in the Microsoft documentation, all other options are incorrect
For more information on Privileged Identity Management, please go ahead and visit the below URL
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-
configure
Question 10
View Case Study:
13. Overview:
skillcertlabs is an online training provider.
Current System - Financial Processing:
skillcertlabs currently has a system that consists of 3 tiers:
Front end Web App
Middle tier API
Back end data store
Below is the current set of the system:
The backend is running on Microsoft SQL server 2016
All servers are running on Windows
The Front and Middle tiers are written in C# and hosted on Internet Information Services
The database is currently 1 TB in size. The growth of the database is not expected to grow
beyond 3 TB.
The system currently has the following requirements:
All data must be encrypted in rest and in transit
The front and middle tier components currently make use of encryption keys to protect the data
store. Only these tiers should have the capability to access the encryption keys.
Database backups need to be maintained in 2 separate locations that are at least 100 miles
apart
Database backups need to be stored for up to 7 years
Traffic to the servers needs to be controlled via source IP address and port no
Access to the system should only be via the internal network of skillcertlabs
The Security team needs to be able to inspect all inbound and outbound traffic
Current System - Transactional Query System:
skillcertlabs also has a Transaction Query system built on .Net. The data is stored in Azure Table storage.
This .Net service currently runs on a client computer
Planned Changes:
skillcertlabs wants to migrate the Financial Processing system to Azure
Key requirements:
Infrastructure services must remain available if a region or a data center fails.
Failover must occur without any administrative intervention
Wherever possible, Azure managed services must be used to management overhead
Whenever possible, costs must be minimized.
Collect windows security logs from the Middle tier and retain the logs for several year
Generate alerts if any unauthorized access to the backend Virtua machines are detected.
The number of instances assigned to the front and middle tiers should be adjusted automatically
based on the CPU utilization
14. An SLA of 99.95% must be guaranteed on the Infrastructure for the front and middle tier
systems
Identity management must be performed via Active directory and all password hashes must be
stored on the on-premise environment.
If there are any suspicious attempts for authentication, then that should trigger multi-factor
authentication. Access should be allowed if the authentication attempt is successful.
The data store for the transactional query system will be move from Azure Table storage to a
CosmosDB account
You have to recommend a strategy for the compute solution for the Financial Processing system. Which
of the following would you recommend?
A. Azure Kubernetes Service
B. Virtual machine scale sets
C. Availability sets
D. App Service Environments
Answer: B
Explanation:
Since we need to cater to the below requirement of the case study
The number of instances assigned to the front and middle tiers should be adjusted automatically based
on the CPU utilization
We have to use Virtual Machine scale sets for our compute solution. The Microsoft documentation
mentions the following
Option A is incorrect since there is no mention of orchestrating docker containers for the application
Option C is incorrect since this is used for achieving high availability of the solution
Option D is incorrect since this is used for the Azure Web App service
For more information on virtual machine scale sets, please visit the below URL
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview
15. For a full set of 900+ questions. Go to
https://skillcertpro.com/product/microsoft-azure-architect-design-az-304-
exam-questions/
SkillCertPro offers detailed explanations to each question which helps to
understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting
a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.