AZ-301 無料問題集「Microsoft Azure Architect Design」
You have an Azure subscription. The subscription has a blob container that contains multiple blobs. Ten users in the finance department of your company plan to access the blobs during the month of April. You need to recommend a solution to enable access to the blobs during the month of April only. Which security solution should you include in the recommendation?
正解:D
解答を投票する
Your company has users who work remotely from laptops.
You plan to move some of the applications accessed by the remote users to Azure virtual machines. The users will access the applications in Azure by using a point-to-site VPN connection. You will use certificates generated from an on-premises-based certification authority (CA).
You need to recommend which certificates are required for the deployment.
What should you include in the recommendation? To answer, drag the appropriate certificates to the correct targets. Each certificate may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You plan to move some of the applications accessed by the remote users to Azure virtual machines. The users will access the applications in Azure by using a point-to-site VPN connection. You will use certificates generated from an on-premises-based certification authority (CA).
You need to recommend which certificates are required for the deployment.
What should you include in the recommendation? To answer, drag the appropriate certificates to the correct targets. Each certificate may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
You are developing a web application that provides streaming video to users. You configure the application to use continuous integration and deployment.
The app must be highly available and provide a continuous streaming experience for users.
You need to recommend a solution that allows the application to store data in a geographical location that is closest to the user.
What should you recommend?
The app must be highly available and provide a continuous streaming experience for users.
You need to recommend a solution that allows the application to store data in a geographical location that is closest to the user.
What should you recommend?
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing an Azure solution for a company that has four departments. Each department will deploy several Azure app services and Azure SQL databases.
You need to recommend a solution to report the costs for each department to deploy the app services and the databases. The solution must provide a consolidated view for cost reporting.
Solution: Create a separate resource group for each department. Place the resources for each department in its respective resource group.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing an Azure solution for a company that has four departments. Each department will deploy several Azure app services and Azure SQL databases.
You need to recommend a solution to report the costs for each department to deploy the app services and the databases. The solution must provide a consolidated view for cost reporting.
Solution: Create a separate resource group for each department. Place the resources for each department in its respective resource group.
Does this meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure WebJob that runs the image processing application every hour.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure WebJob that runs the image processing application every hour.
Does the solution meet the goal?
正解:B
解答を投票する
You plan to deploy 200 Microsoft SQL Server databases to Azure by using Azure SQL Database and Azure SQL Database Managed Instance.
You need to recommend a monitoring solution that provides a consistent monitoring approach for all deployments. The solution must meet the following requirements:
* Support current-state analysis based on metrics collected near real-time, multiple times per minute, and
* maintained for up to one hour
* Support longer term analysis based on metrics collected multiple times per hour and maintained for up to
* two weeks.
* Support monitoring of the number of concurrent logins and concurrent sessions.
What should you include in the recommendation?
You need to recommend a monitoring solution that provides a consistent monitoring approach for all deployments. The solution must meet the following requirements:
* Support current-state analysis based on metrics collected near real-time, multiple times per minute, and
* maintained for up to one hour
* Support longer term analysis based on metrics collected multiple times per hour and maintained for up to
* two weeks.
* Support monitoring of the number of concurrent logins and concurrent sessions.
What should you include in the recommendation?
正解:C
解答を投票する
You plan to move several apps that handle critical line-of-business (LOB) services to Azure.
Appropriate personnel must be notified if any critical resources become degraded or unavailable.
You need to design a monitoring and notification strategy that can handle up to 100 notifications per hour.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
Appropriate personnel must be notified if any critical resources become degraded or unavailable.
You need to design a monitoring and notification strategy that can handle up to 100 notifications per hour.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
正解:
Explanation:
Step 1: Create a resource group containing the critical resources.
In step 2 the action group should be created within this Resource Group.
Step 2: Create an action group for alerts to email addresses.
You configure an action to notify a person by email or SMS, they receive a confirmation indicating they have been added to the action group.
The rate limit thresholds are:
SMS: No more than 1 SMS every 5 minutes.
Voice: No more than 1 Voice call every 5 minutes.
Email: No more than 100 emails in an hour.
Step 3: Monitor service health for incidents and action required notifications An action group is a collection of notification preferences defined by the owner of an Azure subscription. Azure Monitor and Service Health alerts use action groups to notify users that an alert has been triggered.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-rate-limiting
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an on-premises Active Directory Domain Services (AD DS) domain and an established Azure Active Directory (Azure AD) environment.
Your company would like users to be automatically signed in to cloud apps when they are on their corporate desktops that are connected to the corporate network.
You need to enable single sign-on (SSO) for company users.
Solution: Install and configure an Azure AD Connect server to use password hash synchronization and select the Enable single sign-on option.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an on-premises Active Directory Domain Services (AD DS) domain and an established Azure Active Directory (Azure AD) environment.
Your company would like users to be automatically signed in to cloud apps when they are on their corporate desktops that are connected to the corporate network.
You need to enable single sign-on (SSO) for company users.
Solution: Install and configure an Azure AD Connect server to use password hash synchronization and select the Enable single sign-on option.
Does the solution meet the goal?
正解:A
解答を投票する
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an on-premises data center and an Azure subscription. The on-premises data center contains a Hardware Security Module (HSM).
Your network contains an Active Directory domain that is synchronized to an Azure Active Directory (Azure AD) tenant.
The company is developing an application named Application1. Application1 will be hosted in Azure by using 10 virtual machines that run Windows Server 2016. Five virtual machines will be in the West Europe Azure region and five virtual machines will be in the East US Azure region. The virtual machines will store sensitive company information. All the virtual machines will use managed disks.
You need to recommend a solution to encrypt the virtual machine disks by using BitLocker Drive Encryption (BitLocker).
Solution: Deploy one Azure Key Vault to each region. Create two Azure AD service principals. Configure the virtual machines to use Azure Disk Encryption and specify a different service principal for the virtual machines in each region.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an on-premises data center and an Azure subscription. The on-premises data center contains a Hardware Security Module (HSM).
Your network contains an Active Directory domain that is synchronized to an Azure Active Directory (Azure AD) tenant.
The company is developing an application named Application1. Application1 will be hosted in Azure by using 10 virtual machines that run Windows Server 2016. Five virtual machines will be in the West Europe Azure region and five virtual machines will be in the East US Azure region. The virtual machines will store sensitive company information. All the virtual machines will use managed disks.
You need to recommend a solution to encrypt the virtual machine disks by using BitLocker Drive Encryption (BitLocker).
Solution: Deploy one Azure Key Vault to each region. Create two Azure AD service principals. Configure the virtual machines to use Azure Disk Encryption and specify a different service principal for the virtual machines in each region.
Does this meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have an Azure subscription that contains 300 Azure virtual machines that run Windows Server 2016.
You need to centrally monitor all warning events in the System logs of the virtual machines.
What should you include in the solutions? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to centrally monitor all warning events in the System logs of the virtual machines.
What should you include in the solutions? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-windows-events
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agent-windows
A company has an existing web application that runs on virtual machines (VMs) in Azure.
You need to ensure that the application is protected from SQL injection attempts and uses a layer-7 load balancer. The solution must minimize disruption to the code for the existing web application.
What should you recommend? To answer, drag the appropriate values to the correct items. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You need to ensure that the application is protected from SQL injection attempts and uses a layer-7 load balancer. The solution must minimize disruption to the code for the existing web application.
What should you recommend? To answer, drag the appropriate values to the correct items. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: Azure Application Gateway
Azure Application Gateway provides an application delivery controller (ADC) as a service. It offers various layer 7 load-balancing capabilities for your applications.
Box 2: Web Application Firwewall (WAF)
Application Gateway web application firewall (WAF) protects web applications from common vulnerabilities and exploits.
This is done through rules that are defined based on the OWASP core rule sets 3.0 or 2.2.9.
There are rules that detects SQL injection attacks.
References:
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq
https://docs.microsoft.com/en-us/azure/application-gateway/waf-overview
Your company has several Azure subscriptions that are part of a Microsoft Enterprise Agreement?
The company's compliance team creates automatic alerts by using Ware Monitor.
You need to recommend a solution to apply the alerts automatically when new subscriptions are added to the Enterprise agreement.
What should you include in the recommendation?
The company's compliance team creates automatic alerts by using Ware Monitor.
You need to recommend a solution to apply the alerts automatically when new subscriptions are added to the Enterprise agreement.
What should you include in the recommendation?
正解:B
解答を投票する
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure Function to run the image processing application every hour.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure Function to run the image processing application every hour.
Does the solution meet the goal?
正解:B
解答を投票する
You have databases in Azure as shown in the following table.
You are designing a data retention policy.
You need to identify which databases can retain a daily backup for up to 35 days and which databases can retain monthly backups for up to 120 months.
Which databases should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are designing a data retention policy.
You need to identify which databases can retain a daily backup for up to 35 days and which databases can retain monthly backups for up to 120 months.
Which databases should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
You plan to move a web application named App1 from an on-premises data center to Azure.
App1 depends on a custom framework that is installed on the host server.
You need to recommend a solution to host App1 in Azure. The solution must meet the following requirements:
* App1 must be available to users if an Azure data center becomes unavailable.
* Costs must be minimized.
What should you include in the recommendation?
App1 depends on a custom framework that is installed on the host server.
You need to recommend a solution to host App1 in Azure. The solution must meet the following requirements:
* App1 must be available to users if an Azure data center becomes unavailable.
* Costs must be minimized.
What should you include in the recommendation?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing a storage solution to support on-premises resources and Azure-hosted resources.
You need to provide on-premises storage that has built-in replication to Azure.
Solution: You include Azure StorSimple in the design.
Does the solution meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing a storage solution to support on-premises resources and Azure-hosted resources.
You need to provide on-premises storage that has built-in replication to Azure.
Solution: You include Azure StorSimple in the design.
Does the solution meet the goal?
正解:A
解答を投票する
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Azure Username: [email protected]
Azure Password: KJn29!aBBB
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 10989444
You need to recommend a solution to ensure that connections to NWVM1 and NWVM3 are load balanced.
What should you recommend?
NOTE: To answer this question, sign in to the Azure portal and explore an Azure resource group named ResourceGroup1lod10989444.
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Azure Username: [email protected]
Azure Password: KJn29!aBBB
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 10989444
You need to recommend a solution to ensure that connections to NWVM1 and NWVM3 are load balanced.
What should you recommend?
NOTE: To answer this question, sign in to the Azure portal and explore an Azure resource group named ResourceGroup1lod10989444.
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You are designing a microservices architecture that will support a web application.
The solution must meet the following requirements:
* Allow independent upgrades to each microservice
* Deploy the solution on-premises and to Azure
* Set policies for performing automatic repairs to the microservices
* Support low-latency and hyper-scale operations
You need to recommend a technology.
What should you recommend?
The solution must meet the following requirements:
* Allow independent upgrades to each microservice
* Deploy the solution on-premises and to Azure
* Set policies for performing automatic repairs to the microservices
* Support low-latency and hyper-scale operations
You need to recommend a technology.
What should you recommend?
正解:A
解答を投票する