New 2021 Azure az-304 exam questions from Lead4Pass az-304 dumps!
Welcome to download the newest Lead4Pass az-304 dumps VCE and PDF: https://www.leads4pass.com/az-304.html (423 Q&As)
New Microsoft exam tips: THIS EXAM WILL RETIRE ON MARCH 31, 2022 – Exam AZ-305 (2022 New)
P.S. Free 2021 Azure az-304 DumpP.S. Free 2021 Azure az-304 Dumps are available on Google Drive shared by Lead4Pass: https://drive.google.com/file/d/1VIepF9XRsG6rmULQzACiNPnlyMWDh_yv/
Free Azure az-304 exam questions and answers
QUESTION 1
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Azure Username: [email protected]
Azure Password: KJn29!aBBB
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 10989444
You need to recommend a solution to ensure that connections to NWVM1 and NWVM3 are load balanced.
What should you recommend?
NOTE: To answer this question, sign in to the Azure portal and explore an Azure resource group named
ResourceGroup1lod10989444.
A. one Recovery Services vault
B. one Azure Traffic Manager
C. one Azure Load Balancer
D. two Azure Load Balancers
Correct Answer: C
The job of Azure Load Balancer is to direct traffic inside a region.
Incorrect Answers:
B: The job of Azure Traffic Manager is to route traffic globally based on flexible policies, enabling an excellent user
experience that aligns with how you\\’ve structured your application across the world.
Reference: https://www.concurrency.com/blog/w/azure-traffic-manager-vs-azure-load-balancer
QUESTION 2
You are designing an Azure web app.
You need to ensure that users who have impaired vision can use the app.
Which reference material should you use when designing the app?
A. Accessibility in Windows Dev Center
B. Azure Application Architecture Guide
C. Web Content Accessibility Guidelines
D. Cloud Application Architecture Guide
Correct Answer: C
How Microsoft integrates accessibility
Microsoft\\’s obligation to accessibility is guided by three main principles: transparency, inclusivity and accountability. In developing our products and services, we take into account leading global accessibility standards, including:
EN 301 549
U.S. Section 508 Web Content Accessibility Guidelines (WCAG)
References: https://www.microsoft.com/en-us/trust-center/compliance/accessibility
QUESTION 3
DRAG DROP
You need to design an architecture to capture the creation of users and the assignment of roles. The captured data
must be stored in Azure Cosmos DB.
Which Azure services should you include in the design? To answer, drag the appropriate services to the correct targets.
Each service may be used once. more than once, or not at all. You need to drag the split bar between panes or scroll to
view content.
NOTE .Each correct selection worth one point.
Select and Place:
Correct Answer:
QUESTION 4
You use a virtual network to extend an on-premises IT environment into the cloud. The virtual network has two virtual
machines (VMs) that store sensitive data.
The data must only be available using internal communication channels. Internet access to those VMs is not permitted.
You need to ensure that the VMs cannot access the Internet.
Which two options should you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. network interface (NIC)
B. Source Network Address Translation (SNAT)
C. Azure ExpressRoute
D. Network Security Groups (NSG)
Correct Answer: CD
QUESTION 5
Note: This question is a part of series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen. A company has custom ASP.NET and Java applications that run old versions of Windows
and Linux. The company plans to place applications in containers.
You need to design a solution that includes networking, service discovery, and load balancing for the applications. The
solution must support storage orchestration.
Solution: Deploy a Kubernetes cluster that has the desired number of instances of the applications.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: B
Instead you should deploy each application to an Azure Container instance.
Note: Docker Containers are the global standard and are natively supported in Azure, offering enterprises an interesting
and flexible way to migrate legacy apps for both future proofing and cost benefits.
Reference:
https://docs.microsoft.com/en-us/dotnet/standard/modernize-with-azure-and-containers/modernize-existing-apps-tocloud-optimized/deploy-existing-net-apps-as-windows-containers
QUESTION 6
DRAG DROP
You are designing a virtual machine that will run Microsoft SQL Server and will contain two data disks. The first data
disk will store log files, and the second data disk will store data. Both disks are P40 managed disks.
You need to recommend a caching policy for each disk. The policy must provide the best overall performance for the
virtual machine while preserving integrity of the SQL data and logs.
Which caching policy should you recommend for each disk? To answer, drag the appropriate policies to the correct
disks. Each policy may be used once, more than once, or not at all. You may need to drag the split bar between panes
or scroll to view content.
Select and Place:
References: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windows-sqlperformance
QUESTION 7
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains two administrative user
accounts named Admin1 and Admin2.
You create two Azure virtual machines named VM1 and VM2.
You need to ensure that Admin1 and Admin2 are notified when more than five events are added to the security log of
VM1 or VM2 during a period of 120 seconds. The solution must minimize administrative tasks.
What should you create?
A. two action groups and one alert rule
B. one action group and one alert rule
C. five action groups and one alert rule
D. two action groups and two alert rules
Correct Answer: B
QUESTION 8
HOTSPOT
You are evaluating the components of the migration to Azure that require you to provision an Azure Storage account.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.e following statements, select Yes if the statement is true. Otherwise,
select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 9
You have Azure virtual machines that run a custom line-of-business web application.
You plan to use a third-party solution to parse event logs from the virtual machines stored in an Azure storage account.
You need to recommend a solution to save the event logs from the virtual machines to the Azure Storage account. The
solution must minimize costs and complexity.
What should you include in the recommendation?
A. Azure VM Diagnostics Extension
B. Azure Monitor Metrics
C. event log subscriptions
D. Azure Monitor Logs
Correct Answer: A
The Azure Diagnostics VM extension enables you to collect monitoring data, such as performance counters and event
logs, from your Windows VM. You can granularly specify what data you want to collect and where you want the data to
go, such as an Azure Storage account or an Azure Event Hub.
Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/extensions-diagnostics
QUESTION 10
Note: This question is a part of series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been
deployed and configured for on-premises to Azure connectivity.
Several VMs are exhibiting network connectivity issues.
You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs.
Solution: Install and configure the Log Analytics and Dependency Agents on all VMs. Use the Wire Data solution in
Azure Log Analytics to analyze the network traffic.
Does the solution meet the goal?
A. Yes
B. No
Correct Answer: B
Instead use Azure Network Watcher to run IP flow verify to analyze the network traffic.
Reference: https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview
QUESTION 11
You have an Azure subscription that contains a custom application named Application was developed by an external
company named fabric, Ltd. Developers at Fabrikam were assigned role-based access control (RBAV) permissions to
the Application components. All users are licensed for the Microsoft 365 E5 plan. You need to recommends a solution to verify whether the Faricak developers still require permissions to Application1. The solution must the following
requirements.
*
To the manager of the developers, send a monthly email message that lists the access permissions to Application1.
*
If the manager does not verify access permission, automatically revoke that permission.
*
Minimize development effort. What should you recommend?
A.
Create an Azure Automation runbook that the Get-AureADUSAppRoleAssigmety cmdlet.
B.
In azure Active directory (Azure AD) create an access review of application1.
C.
In Azure Active Directory (AD) privileged identity Managed, create a custom roles assignment for the Application 1
resources.
D.
Create an Azure Automation runbook that runs the get-AzureRaRolesAssigned cmdlet.
Correct Answer: A
QUESTION 12
You nave 200 resource groups across 20 Azure subscriptions.
Your company\\’s security policy states that the security administrator most verify all assignments of the Owner role for
the subscriptions and resource groups once a month.
All assignments that are not approved try the security administrator must be removed automatically.
The security administrator must be prompted every month to perform the verification.
What should you use to implement the security policy?
A. Access reviews in identity Governance
B. role assignments in Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
C. Identity Secure Score in Azure Security Center
D. the user risk policy Azure Active Directory (Azure AD) Identity Protection
Correct Answer: B
QUESTION 13
A company has deployed several applications across Windows and Linux Virtual machines in Azure. Log Analytics are
being used to send the required data for alerting purposes for the Virtual Machines.
You need to recommend which tables need to be queried for security related queries.
Which of the following would you query for events from Windows Event Logs?
A. Azure Activity
B. Azure Diagnostics
C. Event
D. Syslog
Correct Answer: C
This is also given in the Microsoft documentation, wherein you would use the Event Table for the queries on events from Windows Virtual machines
Since this is clearly mentioned, all other options are incorrect For more information on collecting event data from
windows virtual machines, please go ahead and visit the below URL.
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-windows-events
Continue to follow to get more free updates…
New 2021 Azure az-304 exam questions from Lead4Pass az-304 Dumps! Welcome to download the newest Lead4Pass az-304 VCE and PDF dumps: https://www.leads4pass.com/az-304.html (423 Q&As)
P.S. Free 2021 Azure az-304 Dumps are available on Google Drive shared by Lead4Pass: https://drive.google.com/file/d/1VIepF9XRsG6rmULQzACiNPnlyMWDh_yv/