Microsoft AZ-303 exam “Microsoft Azure Architect Technologies”, get the latest updated AZ-303 exam questions and answers online, we share the AZ-303 exam questions in a variety of ways, you can practice the test online, download the free AZ-303 PDF. Complete Microsoft AZ-303 exam dumps https://www.leads4pass.com/az-303.html (PDF +VCE). 480 exam questions and answers. 99.5% exam pass rate.
All issues are updated and corrected to ensure that they are true and effective.
Free Microsoft AZ-303 dumps PDF
The free AZ-303 dumps PDF comes from a part of the Lead4Pass AZ-303 exam dumps. Lead4Pass AZ-303 includes two modes of VCE and PDF, you can choose any.
Microsoft AZ-303 free online practice test
Annotation: 1. The question-answer is displayed at the end 2. The picture answer is displayed in the current
QUESTION 1
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure subscription named Subscription1.
Adam contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the DevTest Labs User role to the Developers group.
Does this meet the goal?
A. Yes
B. No
QUESTION 2
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen. You have an Azure subscription.
You have an on-premises file server named Server1 that runs Windows Server 2019.
You manage Server1 by using Windows Admin Center.
You need to ensure that if Server1 fails, you can recover the data from Azure.
Solution: You create an Azure Storage account and an Azure Storage Sync service. You configure Azure File Sync for
Server1. Does this meet the goal?
A. Yes
B. No
QUESTION 3
You have an app named App1 that uses data from two on-premises Microsoft SQL Server databases named DB1 and
DB2. You plan to move DB1 and DB2 to Azure.
You need to implement Azure services to host DB1 and DB2. The solution must support server-side transactions across
DB1 and DB2. Solution: You deploy DBI and DB2 to SQL Server on an Azure virtual machine.
Does this meet the goal?
A. Yes
B. NO
QUESTION 4
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen. You have an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers
that the Access reviews settings are unavailable. Admin1 discovers that all the other Identity Governance settings are
available. Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles.
You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You purchase an Azure Directory Premium P2 license for contoso.com.
Does this meet the goal?
A. Yes
B. No
QUESTION 5
You need to meet the security requirements. What should you use?
A. HTTP Strict Transport Security (HSTS)
B. Direct Line API
C. Multi-Factor Authentication (MFA)
D. Bot Framework Portal
E. Bot Framework authentication
QUESTION 6
HOTSPOT
You have an Azure subscription that contains multiple resource groups. You create an availability set as shown in the
the following exhibit.
You deploy 10 virtual machines to AS1.
Use the drop-down menus to select the answer choice that completes each statement based on the information
presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: 6
Two out of three update domains would be available, each with at least 3 VMs.
An update domain is a group of VMs and underlying physical hardware that can be rebooted at the same time.
As you create VMs within an availability set, the Azure platform automatically distributes your VMs across these update
domains. This approach ensures that at least one instance of your application always remains running as the Azure
platform undergoes periodic maintenance.
Box 2: the West Europe region and the RG1 resource group
References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/regions-and-availability
QUESTION 7
You have an Azure subscription named Subscription1. You deploy a Linux virtual machine named VM1 to
Subscription1. You need to monitor the metrics and the logs of VM1.
What should you use?
A. the AzurePerformanceDiagnostics extension
B. Linux Diagnostic Extension (LAD) 3.0
C. Azure Analysis Services
D. Azure HDInsight
QUESTION 8
SIMULATION
Another administrator attempts to establish connectivity between two virtual networks named VNET1 and VNET2. The
administrator reports that connections across the virtual networks fail.
You need to ensure that network connections can be established successfully between VNET1 and VNET2 as quickly
as possible.
What should you do from the Azure portal?
Correct Answer: See solution below.
You can connect one VNet to another VNet using either a Virtual network peering or an Azure VPN Gateway.
To create a virtual network gateway Step 1: In the portal, on the left side, click +Create a resource and type \’ virtual network gateway\’ in search. Locate Virtual network gateway in the search return and click the entry. On the Virtual network gateway page, click Create at the bottom of the page to open the Create virtual network gateway page.
Step 2: On the Create virtual network gateway page, fill in the values for your virtual network gateway.
Name: Name your gateway. This is not the same as naming a gateway subnet. It\’s the name of the gateway object you
are creating. Gateway type: Select VPN. VPN gateways use the virtual network gateway type VPN.
Virtual network: Choose the virtual network to which you want to add this gateway. Click Virtual network to open the
\’Choose a virtual network\’ page. Select the VNet. If you don\’t see your VNet, make sure the Location field is pointing
to the region in which your virtual network is located.
Gateway subnet address range: You will only see this setting if you did not previously create a gateway subnet for your
virtual network. If you previously created a valid gateway subnet, this setting will not appear.
Step 4: Select Create New to create a Gateway subnet.
Step 5: Click Create to begin creating the VPN gateway. The settings are validated and you\’ll see the “Deploying
Virtual network gateway” tile on the dashboard. Creating a gateway can take up to 45 minutes. You may need to refresh your portal page to see the completed status.
References: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-managerportal?
QUESTION 9
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Your network contains an Active Directory forest named fabrikam.com. The forest contains two child domains named
corp.fabrikam.com and research.fabrikam.com.
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.
You install Azure AD Connect and sync all the on-premises user accounts to the Azure AD tenant. You implement
seamless single sign-on (SSO).
You plan to change the source of authority for all the user accounts in research.fabrikam.com to Azure AD.
You need to prevent research.fabrikam.com from resyncing to Azure AD.
Solution: You use Active Directory Domains and Trusts from a computer joined to fabrikam.com.
Does this meet the goal?
A. Yes
B. No
QUESTION 10
HOT SPOT
You have an Azure subscription that contains the Azure SQL servers shown in the following table.
The subscription contains the elastic pool shown in the following table.
The subscription contains the Azure SQL databases shown in the following table
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct
selection is worth one point.
Hot Area:
Correct Answer:
Note: You cannot add databases from different servers into the same pool
Box 1: Yes
Pool2 contains DB2 but DB1 and DB2 are on Sql1. DB1 can thus be added to Pool2.
Box 2: Yes
Pool3 is empty.
Box 3: Yes
Pool1 contains DB1 but DB3 and DB1 are on Sql1. DB3 can thus be added to Pool1.
References:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-elastic-pool
QUESTION 11
You have an Azure SQL database named Db1 that runs on an Azure SQL server named SQLserver1.
You need to ensure that you can use the query editor on the Azure portal to query Db1.
What should you do?
A. Modify the Advanced Data Security settings of Db1
B. Configure the Firewalls and virtual networks settings for SQLserver1
C. Copy the ADO.NET connection string of Db1 and paste the string to the query editor
D. Approve private endpoint connections for SQLserver1
QUESTION 12
HOTSPOT
You have an Azure subscription that contains the resource groups shown in the following table.
You create an Azure Resource Manager template named Template1 as shown in the following exhibit.
From the Azure portal, you deploy Template1 four times by using the settings shown in the following table.
What is the result of the deployment? To answer, select the appropriate options in the answer area. NOTE: Each correct
selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 13
You configure Azure AD Connect for Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) for an
on-premises network.
Users report that when they attempt to access myapps.microsoft.com, they are prompted multiple times to sign in and
are forced to use an account name that ends with onmicrosoft.com.
You discover that there is a UPN mismatch between Azure AD and the on-premises Active Directory.
You need to ensure that the users can use single-sign-on (SSO) to access Azure resources.
What should you do first?
A. From an on-premises network, deploy Active Directory Federation Services (AD FS).
B. From Azure AD, add and verify a custom domain name.
C. From the on-premises network, request a new certificate that contains the Active Directory domain name.
D. From the server that runs Azure AD Connect, modify the filtering options.
QUESTION 14
HOTSPOT
You have a web server app named App1 that is hosted in three Azure regions.
You plan to use Azure Traffic Manager to distribute traffic optimally for App1.
You need to enable Real User Measurements to monitor the network latency data for App1.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: Select Generate key
You can configure your web pages to send Real User Measurements to Traffic Manager by obtaining a Real User
Measurements (RUM) key and embedding the generated code to the web page.
Obtain a Real User Measurements key The measurements you take and send to Traffic Manager from your client
application are identified by the service using a unique string, called the Real User Measurements (RUM) Key. You can
get a RUM key using the Azure portal, a REST API, or by using the PowerShell or Azure CLI.
To obtain the RUM Key using the Azure portal:
1. From a browser, sign in to the Azure portal. If you don\’t already have an account, you can sign up for a free one-month trial.
2. In the portal\’s search bar, search for the Traffic Manager profile name that you want to modify, and then click the
Traffic Manager profile in the results that the displayed.
3. In the Traffic Manager profile blade, click Real User Measurements under Settings.
4. Click Generate Key to create a new RUM Key.
Box 2: Embed the Traffic Manager JavaScript code snippet.
Embed the code to an HTML web page
After you have obtained the RUM key, the next step is to embed this copied JavaScript into an HTML page that your
end-users visit. This example shows how to update an HTML page to add this script. You can use this guide to adapt it to your HTML source management workflow.
1. Open the HTML page in a text editor
2. Paste the JavaScript code you had copied in the earlier step to the BODY section of the HTML (the copied code is on
lines 8 and 9, see figure 3).
Reference: https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-create-rum-web-pages
QUESTION 15
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen. Your network contains an Active Directory forest named fabrikam.com. The forest contains two child domains named corp.fabrikam.com and research.fabrikam.com.
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.
You install Azure AD Connect and sync all the on-premises user accounts to the Azure AD tenant. You implement
seamless single sign-on (SSO).
You plan to change the source of authority for all the user accounts in research.fabrikam.com to Azure AD.
You need to prevent research.fabrikam.com from resyncing to Azure AD.
Solution: You use the Synchronization Service Manager.
Does this meet the goal?
A. Yes
B. No
Solutions:
| Number | Answer | Why |
| QUESTION 1 | B | The DevTest Labs User role lets you connect, start, restart, and shut down your virtual machines in your Azure DevTest Labs. References: https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#devtest-labs-user |
| QUESTION 2 | A | Use Azure File Sync to centralize your organization\’s file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share. Azure Files offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) protocol. Azure file shares can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and macOS. Additionally, Azure file shares can be cached on Windows Servers with Azure File Sync for fast access near where the data is being used. Azure file shares can be used to: Replace or supplement on-premises file servers: Azure Files can be used to completely replace or supplement traditional on-premises file servers or NAS devices. Popular operating systems such as Windows, macOS, and Linux can directly mount Azure file shares wherever they are in the world. Azure file shares can also be replicated with Azure File Sync to Windows Servers, either on-premises or in the cloud, for performance and distributed caching of the data where it\’s being used. References: https://docs.microsoft.com/en-us/azure/storage/files/storage-files-introduction https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide?tabs=azure-portal |
| QUESTION 3 | B | |
| QUESTION 4 | B | Instead, use Azure AD Privileged Identity Management. Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about. Key features of PIM include: Conduct access reviews to ensure users still need roles References: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure |
| QUESTION 5 | E | |
| QUESTION 7 | A | You can use extensions to configure diagnostics on your VMs to collect additional metric data. The basic host metrics are available, but to see more granular and VM-specific metrics, you need to install the Azure diagnostics extension on the VM. The Azure diagnostics extension allows additional monitoring and diagnostics data to be retrieved from the VM. References: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-monitoring |
| QUESTION 9 | B | Instead, you should customize the default synchronization rule. Note: To delete a custom domain name, you must first ensure that no resources in your directory rely on the domain name. You can\’t delete a domain name from your directory if: 1. Any user has a user name, email address, or proxy address that includes the domain name. 2. Any group has an email address or proxy address that includes the domain name. 3. Any application in your Azure AD has an App ID URI that includes the domain name. References: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-create-custom-sync-rule |
| QUESTION 11 | B | Reference: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-connect-query-portal |
| QUESTION 13 | B | |
| QUESTION 15 | B | Instead, you should customize the default synchronization rule. Note: The Synchronization Service Manager UI is used to configure more advanced aspects of the sync engine and to see the operational aspects of the service. References: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-create-custom-sync-rule |
| Get more | AZ-303 Dumps | https://www.leads4pass.com/az-303.html (Total Questions: 480 Q&A) |
Summary:
We share the latest updated Microsoft Azure 303 exam practice questions for free to help you understand the current exam situation and improve your exam experience.
The free AZ-303 exam practice questions cannot help you pass the exam 100% successfully. If you want to pass the exam successfully for the first time, please choose Lead4Pass Azure 303 exam dumps
ps.
The free AZ-303 dumps PDF comes from a part of the Lead4Pass AZ-303 exam dumps. Lead4Pass AZ-303 includes two modes of VCE and PDF, you can choose any