About AZ-303
One of the essential Microsoft Azure certifications is AZ-303: Microsoft Azure Architect Technologies. This certification is part of the "Microsoft Certified: Azure Solutions Architect Expert" certification requirements. The Microsoft certified Azure architect is a three-star certification with an expert-level test.
You should be knowledgeable about implementing solutions that run on Microsoft Azure and include components such as computation, network, data, and security. You work with performance monitoring, cloud DBAs, and clients to implement solutions as an Azure Solution Architect. This position should also have expert-level Azure administrative skills, as well as familiarity with Azure development and DevOps procedures.
The Azure Solutions architect Expert certification is one of Microsoft's most sought-after credentials, and it is still in high demand today.
How difficult is AZ 303 exam?
Since it requires substantial research and prior IT expertise, the Microsoft Azure Architect Technologies (AZ-303) exam is a challenging certificate to obtain. This certification is for IT professionals with experience in cloud services and infrastructures, such as communication, storage, computing, administration, identity, security, information management, and DevOps. On Microsoft's official page, you may learn more about this exam.
To pass the Microsoft Azure AZ-303 exam, you can use one of three preparation techniques listed below:
Study guide recommended on Microsoft's official website: You can acquire the study guide as well as many other study resources from Microsoft's official website. In this study guide, you'll find answers to all of the most commonly asked questions about AZ-303. This will help you create a successful examination approach.
Expert discussion: Instructor-led courses are intended to teach the skills necessary for employment success, with a subset of these skills being examined on the exam. The Azure Cloud Solutions Architect certification training course prepares you for a career as a qualified Azure Cloud Solutions Architect.
Exam practice questions: Practicing the competencies that will be examined is the most excellent method to prepare for an exam. Get hands-on experience with the significant Azure Architect technology required to pass the Microsoft AZ-303 Certification exams.
This article is aimed to give you an idea about the type and level of the questions that will be asked during the AZ-303 exam.
QUESTION 1.
You have two Hyper-V hosts named Host1 and Host2. Host1 has an Azure virtual machine named VM1 that was deployed by using a custom Azure Resource Manager template.
You need to move VM1 to Host2.
What should you do?
A. From the Update management blade, click Enable. B. From the Overview blade, move VM1 to a different subscription. C. From the Redeploy blade, click Redeploy. D. From the Profile blade, modify the usage location.
Answer: C
QUESTION 2
You are creating an Azure key vault using PowerShell. Objects deleted from the key vault must be kept for a set period of 90 days.
Which two of the following parameters must be used in conjunction to meet the requirement? (Choose two.)
A. EnabledForDeployment B. EnablePurgeProtection C. EnabledForTemplateDeployment D. EnableSoftDelete
Answer: BD
QUESTION 3
You are developing an application to transfer data between on-premises file servers and Azure Blob storage. The application stores keys, secrets, and certificates in Azure Key Vault and makes use of the Azure Key Vault APIs. You want to configure the application to allow recovery of an accidental deletion of the key vault or key vault objects for 90 days after deletion. What should you do?
A. Run the Add-AzKeyVaultKey cmdlet. B. Run the az keyvault update –enable-soft-delete true –enable-purge-protection true CLI. C. Implement virtual network service endpoints for Azure Key Vault. D. Run the az keyvault update –enable-soft-delete false CLI.
Answer: B
QUESTION 4
Your network consists of physical and virtual servers located in a datacenter and a public cloud hosted on Microsoft Azure.
The Development department develops a custom application named CorpApp1. The application is hosted in Azure Cloud Services.
The developers release an updated version of CorpApp1.
You need to deploy the updated version of CorpApp1 to Azure cloud services to allow for testing.
You need to meet the following requirements:
– During testing, the current version of CorpApp1 must remain online. – After testing, the new version must replace the current version as the live version with the minimum amount of downtime. – When the new version is live, the old version must remain available for a period of time to be redeployed in the event of problems with the new version. – The solution must minimize costs, administrative effort and application downtime.
Which of the following actions should you perform? (Choose all that apply.)
A. Deploy the new application to a new cloud service. B. Deploy the new application to the production area. C. Deploy the new application to the staging area. D. Move the old version of the application to a new cloud service. E. Move the new version of the application to the production area. F. Move the old version of the application to the staging area. G. Perform a Virtual IP swap.
Answer: CG
QUESTION 5
Your company has a web app named WebApp1.
You are making use of the WebJobs SDK to design a triggered App Service background task that automatically invokes a function in the code every time new data is received in a queue.
You are preparing to configure the service processes a queue data item. Which of the following is the service you should use?
A. Logic Apps B. WebJobs C. Flow D. Functions
Answer: B
QUESTION 6
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
You are in the process of designing an Azure WebJob that supports remote debugging.
You want to make use of a suitable WebJob type.
Solution: You configure the use of the Continuous WebJob type.
Does the solution meet the goal?
A. Yes B. No
Answer: A
QUESTION 7
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
You are making use of Azure technologies to design a workflow solution. You need to make sure that Visual Studio can be used to debug the solution.
Solution: You should make use of Logic Apps.
Does the solution meet the goal?
A. Yes B. No
Answer: B
QUESTION 8
You have an Azure subscription that contains a general purpose v2 storage account named storage1.
In storage1, you create a file share named share1.
You need to control access to share1 by using Azure role-based access control (Azure RBAC).
What should you do first?
A. Configure data protection for storage1 B. Generate a shared access signature (SAS) for storage1 C. Domain join storage1
QUESTION 9
You manage an Active Directory domain named contoso.local.
You install Azure AD Connect and connect to an Azure Active Directory (Azure AD) tenant named contoso.com without syncing any accounts.
You need to ensure that only users who have a UPN suffix of contoso.com in the contoso.local domain sync to Azure AD.
What should you do?
A. Use the Synchronization Service Manager to modify the Metaverse Designer tab. B. Use Azure AD Connect to customize the synchronization options. C. Use the Synchronization Rules Editor to create a synchronization rule. D. Use Synchronization Service Manager to modify the Active Directory Domain Services (AD DS) Connector.
Answer: C
QUESTION 10
You have an Azure Cosmos DB account named Account1. Account1 includes a database named DB1 that contains a container named Container1. The partition key for Container1 is set to /city.
You plan to change the partition key for Container1.
What should you do first?
A. Delete Container1. B. Create a new Azure Cosmos DB account. C. Implement the Azure Cosmos DB .NET SDK. D. Regenerate the keys for Account1.
Answer: B
QUESTION 11
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an app named App1 that uses data from two on-premises Microsoft SQL Server databases named DB1 and DB2.
You plan to move DB1 and DB2 to Azure.
You need to implement Azure services to host DB1 and DB2. The solution must support server-side transactions across DB1 and DB2.
Solution: You deploy DB1 and DB2 as Azure SQL databases each on a different Azure SQL Database server.
Does this meet the goal?
A. Yes B. No
Answer: B
QUESTION 12
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an app named App1 that uses data from two on-premises Microsoft SQL Server databases named DB1 and DB2.
You plan to move DB1 and DB2 to Azure.
You need to implement Azure services to host DB1 and DB2. The solution must support server-side transactions across DB1 and DB2.
Solution: You deploy DB1 and DB2 as Azure SQL databases on the same Azure SQL Database server.
Does this meet the goal?
A. Yes B. No
Answer: B
QUESTION 13
You have an Azure subscription that contains an Azure Sentinel workspace. Sentinel is configured to monitor several Azure resources.
You need to send notification emails to resource owners when alerts or recommendations are generated for a resource.
What should you use?
A. Logic Apps Designer B. Azure Security Center C. Azure Pipelines D. Azure Machine Learning Studio
Answer : A
QUESTION 14
You have an Azure virtual network that contains a subnet named Subnet1. Subnet1 contains 50 virtual machines. Twenty-five of the virtual machines are web servers and the other 25 are application servers.
You need to filter traffic between the web servers and the application servers by using application security groups.
Which additional resource should you provision?
A. Azure Firewall B. a user-defined route C. Azure Private Link D. a network security group (NSG)
Answer : D
QUESTION 15
Your on-premises network contains several Hyper-V hosts. You have a hybrid deployment of Azure Active Directory (Azure AD). You create an Azure Migrate project. You need to ensure that you can evaluate virtual machines by using Azure Migrate. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. A. Deploy the Azure Migrate appliance to an on-premises Hyper-V host. B. Assign the migration account to the Administrators group on each Hyper-V virtual machine. C. Deploy the Microsoft Monitoring Agent to each Hyper-V host. D. Assign the migration account to the Administrators group on each Hyper-V host. E. Deploy the Microsoft Monitoring Agent to each Hyper-V virtual machine. F. Deploy the Azure Migrate appliance as an Azure virtual machine.
Answer : AE
QUESTION 16
You have an Azure subscription that contains 100 virtual machines.
You have a set of Pester tests in PowerShell that validate the virtual machine environment.
You need to run the tests whenever there is an operating system update on the virtual machines. The solution must minimize implementation time and recurring costs.
Which three resources should you use to implement the tests? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Azure Automation runbook B. an alert rule C. an Azure Monitor query D. a virtual machine that has network access to the 100 virtual machines E. an alert action group
Answer. ABE
QUESTION 17
You have an Azure subscription that contains an Azure Log Analytics workspace. You have a resource group that contains 100 virtual machines. The virtual machines run Linux.
You need to collect events from the virtual machines to the Log Analytics workspace.
Which type of data source should you configure in the workspace?
A. Syslog B. Linux performance counters C. custom fields
Answer. A
QUESTION 18
A company plans to use third-party application software to perform complex data analysis processes. The software will use up to 500 identical virtual machines (VMs) based on an Azure Marketplace VM image. You need to design the infrastructure for the third-party application server.
The solution must meet the following requirements:
- The number of VMs that are running at any given point in time must change when the user workload changes.
- When a new version of the application is available in Azure Marketplace it must be deployed without causing application downtime.
- Use VM scale sets.
- Minimize the need for ongoing maintenance.
Which two technologies should you recommend?
Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- single storage account
- autoscale
- single placement group
- managed disks
Answer- BD QUESTION 19
You are building a custom Azure function app to connect to Azure Event Grid. You need to ensure that resources are allocated dynamically to the function app. Billing must be based on the executions of the app.
What should you configure when you create the function app?
the Windows operating system and the App Service plan hosting plan the Docker container and an App Service plan that uses the B1 pricing tier the Windows operating system and the Consumption plan hosting plan the Docker container and an App Service plan that uses the S1 pricing tier
Answer- C
QUESTION 20
You are designing an Azure solution. The solution must meet the following requirements:
- Distribute traffic to different pools of dedicated virtual machines (VMs) based on rules
- Provide SSL offloading capabilities
You need to recommend a solution to distribute network traffic. Which technology should you recommend?
- Server-level Firewall Rules
- Azure Application Gateway
- Azure Traffic Manager
- Azure Load Balancer
Answer- B
QUESTION 21
You pull a Dockerfile from an online repository. You build a container image from this file, and you want to add it to an Azure Container Registry named mytestreg. The name of image is my-test-app. You need to deploy the image to the registry.
Which command should you run from your developer computer?
- az container create --name mytestreg --image my-test-app
- docker push mytestreg.azurecr.io/my-test-app
- codocker run -p mytestreg my-test-app
- az acr create --name mytestreglmy-test-app
Answer- B
QUESTION 22
Your network contains an on-premises Active Directory and an Azure Active Directory (Azure AD) tenant. You deploy Azure AD Connect and configure pass-through authentication?
Your Azure subscription contains several web apps that are accessed from the Internet. You plan to enable Azure Multi-Factor Authentication (MFA) for the Azure tenant. You need to recommend a solution to prevent users from being prompted for Azure MFA when they access the web apps from the on-premises network.
What should you include in the recommendation?
- a site-to-site VPN between the on-premises network and Azure
- an Azure policy
- an Azure ExpressRoute circuit
- trusted Ips
Answer- D QUESTION 23
A company hosts virtual machines (VMs) in an on-premises datacenter and in Azure. The on-premises and Azure-based VMs communicate using ExpressRoute.
The company wants to be able to continue regular operations if the ExpressRoute connection fails. Failover connections must use the Internet and must not require Multiprotocol Label Switching (MPLS) support.
You need to recommend a solution that provides continued operations. What should you recommend?
- Set up a second ExpressRoute connection.
- Increase the bandwidth of the existing ExpressRoute connection.
- Increase the bandwidth for the on-premises internet connection.
- Set up a VPN connection.
Answer- D
QUESTION 24
An app uses a virtual network with two subnets. One subnet is used for the application server. The other subnet is used for a database server. A network virtual appliance (NVA) is used as a firewall.
Traffic destined for one specific address prefix is routed to the NVA and then to an on-premises database server that stores sensitive data. A Border Gateway Protocol (BGP) route is used for the traffic to the on-premises database server.
You need to recommend a method for creating the user-defined route. Which two options should you recommend?
- Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
- For the virtual network configuration, use a VPN.
- For the next hop type, use a virtual network peering.
- For the virtual network configuration, use Azure ExpressRoute.
- For the next hop type, use a virtual network gateway.
Answer- AC
QUESTION 25
You are creating an IoT solution using Azure Time Series Insights. You configure the environment to ensure that all data for the current year is available. What should you do?
- Add a disaster recovery (DR) strategy.
- Set a value for the Data retention time setting.
- Change the pricing tier.
- Create a reference data set.
Answer- D QUESTION 26
You are developing a speech-enabled home automation control bot. The bot interprets some spoken words incorrectly. You need to improve the spoken word recognition for the bot. What should you implement?
The Skype for Business Channel and use scorable dialogs for improving conversation flow.
- The Web Chat Channel and Speech priming using a Bing Speech Service and LUIS app.
- The Skype Channel and use scorable dialogs for improving conversation flow.
- The Cortana Channel and use scorable dialogs for improving conversation flow.
Answer- B QUESTION 27
Your company has an Azure subscription. You enable multi-factor authentication (MFA) for all users. The company’s help desk reports an increase in calls from users who receive MFA requests while they work from the company’s main office.
- You need to prevent the users from receiving MFA requests when they sign in from the main office. What should you do?
- From Azure Active Directory (Azure AD), configure organizational relationships.
- From the MFA service settings, create a trusted IP range.
- From Conditional access in Azure Active Directory (Azure AD), create a custom control.
- From Conditional access in Azure Active Directory (Azure AD), create a named location.
Answer- B
These are practice questions, read the questions carefully and try to understand the concept.