AZ-305 Free Practice Test

- (Exam Topic 5)
You need to recommend a solution to deploy containers that run an application. The application has two tiers. Each tier is implemented as a separate Docker Linux-based image. The solution must meet the following requirements:
The front-end tier must be accessible by using a public IP address on port 80.
The backend tier must be accessible by using port 8080 from the front-end tier only.
Both containers must be able to access the same Azure file share.
If a container fails, the application must restart automatically.
Costs must be minimized.
What should you recommend using to host the application?

1. A. Azure Kubernetes Service (AKS)
2. B. Azure Service Fabric
3. C. Azure Container instances
4. D. Azure Container registries

Correct Answer: C
Azure Container Instances enables a layered approach to orchestration, providing all of the scheduling and management capabilities required to run a single container, while allowing orchestrator platforms to manage multi-container tasks on top of it.
Because the underlying infrastructure for container instances is managed by Azure, an orchestrator platform does not need to concern itself with finding an appropriate host machine on which to run a single container.
Azure Container Instances can schedule both Windows and Linux containers with the same API. Orchestration of container instances exclusively
Because they start quickly and bill by the second, an environment based exclusively on Azure Container Instances offers the fastest way to get started and to deal with highly variable workloads.
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-overview https://docs.microsoft.com/en-us/azure/container-instances/container-instances-orchestrator-relationship

- (Exam Topic 5)
You need to design a highly available Azure SQL database that meets the following requirements:
* Failover between replicas of the database must occur without any data loss.
* The database must remain available in the event of a zone outage.
* Costs must be minimized.
Which deployment option should you use?

1. A. Azure SQL Database Business Critical
2. B. Azure SQL Database Managed Instance Business Critical
3. C. Azure SQL Database Serverless
4. D. Azure SQL Database Premium

Correct Answer: D
General Purpose / Standard prevents data loss through high available storage
https://docs.microsoft.com/en-us/azure/azure-sql/database/service-tier-general-purpose?view=azuresql. This architectural model relies on high availability and reliability of Azure Blob storage that transparently replicates database files and guarantees no data loss if underlying infrastructure failure happens. General Purpose / Standard support Zone Redundancy For General Purpose tier the zone-redundant configuration is Generally Available in the following regions:
https://docs.microsoft.com/en-us/azure/azure-sql/database/high-availability-sla?view=azuresql&tabs=azure-pow Without any information regarding the usage pattern, serverless is possible. Other option is D https://docs.microsoft.com/en-us/azure/azure-sql/database/serverless-tier-overview?view=azuresql

- (Exam Topic 5)
You have an app named App1 that uses an on-premises Microsoft SQL Server database named DB1. You plan to migrate DB1 to an Azure SQL managed instance.
You need to enable customer-managed Transparent Data Encryption (TDE) for the instance. The solution must maximize encryption strength.
Which type of encryption algorithm and key length should you use for the TDE protector?

1. A. AES256
2. B. RSA4096
3. C. RSA2048
4. D. RSA3072

Correct Answer: D

- (Exam Topic 1)
You migrate App1 to Azure. You need to ensure that the data storage for App1 meets the security and compliance requirement
What should you do?

1. A. Create an access policy for the blob
2. B. Modify the access level of the blob service.
3. C. Implement Azure resource locks.
4. D. Create Azure RBAC assignments.

Correct Answer: A
Scenario: Once App1 is migrated to Azure, you must ensure that new data can be written to the app, and the modification of new and existing data is prevented for a period of three years.
As an administrator, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. The lock overrides any permissions the user might have.
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources

- (Exam Topic 5)
You have an Azure subscription that contains an Azure Blob storage account named store1.
You have an on-premises file server named Setver1 that runs Windows Sewer 2016. Server1 stores 500 GB of company files.
You need to store a copy of the company files from Server 1 in store1.
Which two possible Azure services achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point

1. A. an Azure Batch account
2. B. an integration account
3. C. an On-premises data gateway
4. D. an Azure Import/Export job
5. E. Azure Data factory

Correct Answer: DE
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-data-from-blobs https://docs.microsoft.com/en-us/answers/questions/31113/fastest-method-to-copy-500gb-table-from-on-premise