The latest Microsoft AZ-301 dumps by Lead4Pass helps you pass the AZ-301 exam for the first time! Lead4Pass Latest Update Microsoft AZ-301 VCE Dump and AZ-301 PDF Dumps, Lead4Pass AZ-301 Exam Questions Updated, Answers corrected! Get the latest LeadPass AZ-301 dumps with Vce and PDF: https://www.leads4pass.com/az-301.html (Q&As: 283 dumps)
[Free AZ-301 PDF] Microsoft AZ-301 Dumps PDF can be collected on Google Drive shared by Lead4Pass: https://drive.google.com/file/d/13gJibNKVvpFeeetpwWu1L2_4oCiGZz16/
[Lead4pass AZ-301 Youtube] Microsoft AZ-301 Dumps can be viewed on Youtube shared by Lead4Pass
Microsoft AZ-301 Online Exam Practice Questions
QUESTION 1
Your network contains an Active Directory domain named contoso.com that is federated to an Azure Active Directory
(Azure AD) tenant. The on-premises domain contains a VPN server named Server1 that runs Windows Server 2016.
You have a single on-premises location that uses an address space of 172.16.0.0/16.
You need to implement two-factor authentication for users who establish VPN connections to Server1.
What should you include in the implementation?
A. In Azure AD, create a conditional access policy and a trusted named location
B. Install and configure Azure MFA Server on-premises
C. Configure an Active Directory Federation Services (AD FS) server on-premises
D. In Azure AD, configure the authentication methods. From the multi-factor authentication (MFA) service settings,
create a trusted IP range
Correct Answer: B
You need to download, install, and configure the MFA Server.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfaserver-deploy
QUESTION 2
HOTSPOT
You deploy Azure service by using Azure Resources Manager templates. The template reference secrets are stored in
Azure Key Vault.
You need to recommend a solution for accessing the secrets during deployments.
The solution must prevent the users who are performing the deployments from accessing the secrets in the key vault
directly.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: An advanced access policy for the key vaults
Enable template deployment
In the portal, select your Key Vault.
Select Access policies.
Select access policies
Select Click to show advanced access policies.
Show advanced access policies
Select Enable access to Azure Resource Manager for template deployment. Then, select Save.
Box 2: Role-based access control (RBAC)
In large teams, you may have multiple people deploying resources but don\\’t want to give them access to the actual
secrets inside the vault. You can achieve this by creating a custom role that only gives access to the KeyVault for
deployment
purposes. The deployment user cannot read the secrets within.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/managed-applications/key-vault-access
https://azurecto.com/azure-key-vault-custom-role-for-deployment/
QUESTION 3
You are designing a virtual machine that will run Microsoft SQL Server and will contain two data disks. The first data
the disk will store log files, and the second data disk will store data.
Both disks are P40 managed disks.
You need to recommend a caching policy for each disk. The policy must provide the best overall performance for the
virtual machine.
Which caching policy should you recommend for each disk? To answer, drag the appropriate policies to the correct
disks. Each policy may be used once, more than once, or not at all. You may need to drag the split bar between panes
or
scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
QUESTION 4
You have a .NET web service named Service1 that has the following requirements:
1.
Must read and write temporary files to the local file system.
2.
Must write to the Windows Application event log.
You need to recommend a solution to host Service1 in Azure. The solution must meet the following requirements:
1.
Minimize maintenance overhead.
2.
Minimize costs.
What should you include in the recommendation?
A. an Azure virtual machine scale set
B. an Azure function
C. an App Service Environment
D. an Azure web app
Correct Answer: A
QUESTION 5
HOTSPOT
Your company deploys an Azure App Service Web App.
During testing the application fails under load. The application cannot handle more than 100 concurrent user sessions.
You enable the Always-On feature. You also configure auto-scaling to increase counts from two to 10 based on HTTP
queue length.
You need to improve the performance of the application.
Which solution should you use for each application scenario? To answer, select the appropriate options in the answer
area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: Content Delivery Network A content delivery network (CDN) is a distributed network of servers that can efficiently
deliver web content to users. CDNs store cached content on edge servers in point-of-presence (POP) locations that are
close to end-users, to minimize latency.
Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content
to users by caching their content at strategically placed physical nodes across the world. Azure CDN can also
accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs.
For example, route optimization to bypass Border Gateway Protocol (BGP).
Box 2: Azure Redis Cache Azure Cache for Redis is based on the popular software Redis. It is typically used as a cache
to improve the performance and scalability of systems that rely heavily on backend data-stores. Performance is
improved by temporarily copying frequently accessed data to fast storage located close to the application. With Azure
Cache for Redis, this fast storage is located in-memory with Azure Cache for Redis instead of being loaded from disk by
a database.
Reference: https://docs.microsoft.com/en-us/azure/azure-cache-for-redis/cache-overview
QUESTION 6
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign inbox and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Azure Username: [email protected]
Azure Password: KJn29!a!dB
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 10989425
You need to recommend a networking solution to ensure that NWVM1 and NWVM3 can successfully establish network connections to one another. The solution must be implemented as quickly as possible.
What should you include in the recommendation?
NOTE: To answer this question, sign in to the Azure portal and explore an Azure resource group named
ResourceGroup1lod10989425.
A. two Azure firewalls
B. two network security groups (NSGs)
C. two virtual network peerings
D. two local network gateways and one site-to-site VPN
Correct Answer: D
References: https://azure.microsoft.com/es-es/blog/vnet-to-vnet-connecting-virtual-networks-in-azure-across-differentregions/
QUESTION 7
DRAG DROP
A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that uses the Basic license.
You plan to deploy two applications to Azure. The application has the requirements shown in the following table.
Which authentication Strategy should you recommend for each application? To answer, drag the appropriate
authentication strategies to the correct applications. Each authentication strategy may be used once, more than once, or
not at all.
You need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Box 1: Azure AD V2.0 endpoint
Microsoft identity platform is an evolution of the Azure Active Directory (Azure AD) developer platform. It allows
developers to build applications that sign in all Microsoft identities and get tokens to call Microsoft APIs, such as
Microsoft Graph,
or APIs that developers have built. The Microsoft identity platform consists of:
OAuth 2.0 and OpenID Connect standard-compliant authentication service that enables developers to authenticate any
Microsoft identity, including:
Work or school accounts (provisioned through Azure AD)
Personal Microsoft accounts (such as Skype, Xbox, and Outlook.com)
Social or local accounts (via Azure AD B2C)
Box 2: Azure AD B2C tenant
Azure Active Directory B2C provides a business-to-customer identity as a service. Your customers use their preferred
social, enterprise, or local account identities to get single sign-on access to your applications and APIs.
Azure Active Directory B2C (Azure AD B2C) integrates directly with Azure Multi-Factor Authentication so that you can
add a second layer of security to sign-up and sign-in experiences in your applications.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-mfa
https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-overview
QUESTION 8
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
You have an on-premises Hyper-V cluster that hosts 20 virtual machines. Some virtual machines run Windows Server
2016 and some run Linux.
You plan to migrate the virtual machines to an Azure subscription.
You need to recommend a solution to replicate the disks of the virtual machines to Azure. The solution must ensure that
the virtual machines remain available during the migration of the disks.
Solution: You recommend implementing an Azure Storage account that has a file service and a blob service, and then
using the Data Migration Assistant.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Data Migration Assistant is used to migrate SQL databases. Instead, use Azure Site Recovery.
References: https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview
QUESTION 9
Note: This question is a part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
You have an Azure Active Directory (Azure AZD) tenant named contoso.com. The tenant contains a group named
Group1. Group1 contains all the administrative user accounts.
You discover several login attempts to the Azure portal from countries where administrative users do NOT work.
You need to ensure that all login attempts to the Azure portal from those countries require Azure Multi-Factor
Authentication (MFA).
Solution: Implement Azure AD Privileged Identity Management.
Does this solution meet the goal?
A. Yes
B. No
Correct Answer: A
QUESTION 10
You are planning the implementation of an order processing web service that will contain microservices hosted in an
Azure Service Fabric cluster.
You need to recommend a solution to provide developers with the ability to proactively identify and fix performance
issues. The developers must be able to simulate user connections to the order processing web service from the
Internet, as
well as simulate user transactions. The developers must be notified if the goals for the transaction response times are
not met.
What should you include in the recommendation?
A. container health
B. Azure Network Watcher
C. Application Insights
D. Service Fabric Analytics
Correct Answer: C
QUESTION 11
HOTSPOT
You plan to deploy a network-intensive application to several Azure virtual machines.
You need to recommend a solution that meets the following requirements:
1.
Minimizes the use of the virtual machine processors to transfer data
2.
Minimizes network latency
Which virtual machine size and the feature should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
References: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-hpc#h-series
QUESTION 12
Note: This question is a part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing.
The image processing application must run every hour. During times that the image processing application is not
running, it should not be consuming any Azure compute resources.
You need to ensure that the image processing application runs correctly every hour.
Solution: Create a Logic App to run the image processing application every hour.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: A
Azure Logic Apps helps you automate workflows that run on a schedule.
Reference: https://docs.microsoft.com/en-us/azure/logic-apps/tutorial-build-schedule-recurring-logic-app-workflow
QUESTION 13
You need to recommend a notification solution for the IT Support distribution group. What should you include in the
recommendation?
A. Azure Network Watcher
B. an action group
C. a SendGrid account with advanced reporting
D. Azure AD Connect Health
Correct Answer: D
References: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-healthoperations
latest updated Microsoft AZ-301 exam questions from the Lead4Pass AZ-301 dumps! 100% pass the AZ-301 exam! Download Lead4Pass AZ-301 VCE and PDF dumps: https://www.leads4pass.com/az-301.html (Q&As: 283 dumps)
Get free Microsoft AZ-301 dumps PDF online: https://drive.google.com/file/d/13gJibNKVvpFeeetpwWu1L2_4oCiGZz16/