最新のAZ-305試験のリアル試験問題本日無料更新されました [Q78-Q102]

最新のAZ-305試験のリアル試験問題本日無料更新されました

AZ-305リアル試験問題解答は更新された[2023年03月18日]

Microsoft AZ-305 認定試験の出題範囲：

トピック	出題範囲
トピック 1	移行のためのオンプレミスサーバー、データ、およびアプリケーションの評価と解釈アプリケーションのネットワークパフォーマンスの最適化
トピック 2	AzureリソースデザインID、ガバナンス、および監視ソリューションの可用性要件を特定する
トピック 3	コンテナのリカバリソリューションを理解する非リレーショナルデータストレージの高可用性ソリューションを推奨する
トピック 4	Cloud Adoption Framework for Azureを活用する移行ソリューションを評価するアプリケーションがAzureリソースにアクセスできるようにするソリューションを推奨する
トピック 5	アプリケーションをAzureActive Directory（Azure AD）に統合するためのソリューションを推奨するビジネス継続性ソリューションを設計する
トピック 6	ワークロード要件に基づいてネットワークアーキテクチャソリューションを推奨するアプリケーションと仮想マシンを移行するためのソリューションを推奨する
トピック 7	Azureリソースをオンプレミスネットワークに接続する接続ソリューションを推奨します IDとアプリケーションへのアクセスを設計します
トピック 8	保存データ、送信中のデータ、使用中のデータを暗号化するためのソリューションを推奨します Azureリソースの組織的および階層構造を推奨します
トピック 9	ロールベースのアクセス制御でリソースを保護するためのソリューションを推奨する機能、パフォーマンス、およびコストのバランスをとるためのデータストレージソリューションを推奨する
トピック 10	ワークロード要件に基づいて適切なサイズのコンピューティングソリューションを推奨します認証および承認ソリューションを設計します

質問 78
A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with Microsoft Office 365 and an Azure subscription.
Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active Directory Domain Services (AD DS), and Azure AD Connect Contoso has a partnership with a company named Fabrikam, Inc. Fabrikam has an Active Directory forest and an Office 365 tenant. Fabrikam has the same on-premises identity infrastructure as Contoso.
A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure subscription of Contoso. The developers must be added to the Contributor role for a resource in the Contoso subscription.
You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam developers. The solution must ensure that the Fabrikam developers use their existing credentials to access resources.
What should you recommend?

A. Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.
B. In the Azure AD tenant of Contoso, use MIM to create guest accounts for the Fabrikam developers.
C. Configure an organization relationship between the Office 365 tenants of Fabrikam and Contoso.
D. Configure an AD FS relying party trust between the fabrikam and Contoso AD FS infrastructures.

正解: A

解説:
Trust configurations - Configure trust from managed forests(s) or domain(s) to the administrative forest A one-way trust is required from production environment to the admin forest.
Selective authentication should be used to restrict accounts in the admin forest to only logging on to the appropriate production hosts.
Reference:
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material

質問 79
You have an on-premises network and an Azure subscription. The on-premises network has several branch offices.
A branch office in Toronto contains a virtual machine named VM1 that is configured as a file server. Users access the shared files on VM1 from all the offices.
You need to recommend a solution to ensure that the users can access the shares files as quickly as possible if the Toronto branch office is inaccessible.
What should you include in the recommendation?

A. Azure blob containers and Azure File Sync
B. a Recovery Services vault and Azure Backup
C. an Azure file share and Azure File Sync
D. a Recovery Services vault and Windows Server Backup

正解: C

解説:
Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share.
You need an Azure file share in the same region that you want to deploy Azure File Sync.
Incorrect Answers:
A: Backups would be a slower solution.
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide

質問 80
Your company deploys an Azure App Service Web App.
During testing the application fails under load. The application cannot handle more than 100 concurrent user sessions. You enable the Always On feature. You also configure auto-scaling to increase counts from two to 10 based on HTTP queue length.
You need to improve the performance of the application.
Which solution should you use for each application scenario? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Reference:
https://docs.microsoft.com/en-us/azure/azure-cache-for-redis/cache-overview

質問 81
You are developing a sales application that will contain several Azure cloud services and will handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping.
You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using REST messages.
What should you include in the recommendation?

A. Azure Notification Hubs
B. Azure Application Gateway
C. Azure Service Bus
D. Azure Blob storage

正解: C

解説:
Service Bus is a transactional message broker and ensures transactional integrity for all internal operations against its message stores. All transfers of messages inside of Service Bus, such as moving messages to a dead-letter queue or automatic forwarding of messages between entities, are transactional.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-transactions
" Service Bus offers a reliable and secure platform for asynchronous transfer of data and state." ... "Service Bus supports standard AMQP 1.0 and HTTP/REST protocols." https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-messaging-overview

質問 82
A company plans to implement an HTTP-based API to support a web app. The web app allows customers to check the status of their orders.
The API must meet the following requirements:
* Implement Azure Functions
* Provide public read-only operations
* Do not allow write operations
You need to recommend configuration options.
What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation
Graphical user interface, table Description automatically generated

Allowed authentication methods: GET only
Authorization level: Anonymous
The option is Allow Anonymous requests. This option turns on authentication and authorization in App Service, but defers authorization decisions to your application code. For authenticated requests, App Service also passes along authentication information in the HTTP headers.
This option provides more flexibility in handling anonymous requests.
References:
https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization

質問 83
You are designing an Azure Cosmos DB solution that will host multiple writable replicas in multiple Azure regions.
You need to recommend the strongest database consistency level for the design. The solution must meet the following requirements:
Provide a latency-based Service Level Agreement (SLA) for writes.
Support multiple regions.
Which consistency level should you recommend?

A. session
B. bounded staleness
C. strong
D. consistent prefix

正解: B

解説:
Each level provides availability and performance tradeoffs. The following image shows the different consistency levels as a spectrum.

Note: The service offers comprehensive 99.99% SLAs which covers the guarantees for throughput, consistency, availability and latency for the Azure Cosmos DB Database Accounts scoped to a single Azure region configured with any of the five Consistency Levels or Database Accounts spanning multiple Azure regions, configured with any of the four relaxed Consistency Levels.
Reference:
https://azure.microsoft.com/en-us/support/legal/sla/cosmos-db/v1_3/
https://docs.microsoft.com/en-us/azure/cosmos-db/consistency-levels#consistency-levels-and-latency

質問 84
You need to recommend a solution that meets the file storage requirements for App2.
What should you deploy to the Azure subscription and the on-premises network? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

正解:

解説:

Reference:
https://docs.microsoft.com/en-us/azure/storage/file-sync/file-sync-deployment-guide

質問 85
You plan to deploy an Azure App Service web app that will have multiple instances across multiple Azure regions.
You need to recommend a load balancing service for the planned deployment. The solution must meet the following requirements:
Maintain access to the app in the event of a regional outage.
Support Azure Web Application Firewall (WAF).
Support cookie-based affinity.
Support URL routing.
What should you include in the recommendation?

A. Azure Application Gateway
B. Azure Front Door
C. Azure Traffic Manager
D. Azure Load Balancer

正解: D

解説:
Azure Traffic Manager performs the global load balancing of web traffic across Azure regions, which have a regional load balancer based on Azure Application Gateway. This combination gets you the benefits of Traffic Manager many routing rules and Application Gateway's capabilities such as WAF, TLS termination, path-based routing, cookie-based session affinity among others.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/features

質問 86
You have an Azure subscription. The subscription has a blob container that contains multiple blobs. Ten users in the finance department of your company plan to access the blobs during the month of April. You need to recommend a solution to enable access to the blobs during the month of April only. Which security solution should you include in the recommendation?

A. certificates
B. conditional access policies
C. access keys
D. shared access signatures (SAS)

正解: D

解説:
This allows for limited-time fine grained access control to resources. So you can generate URL, specify duration (for month of April) and disseminate URL to 10 team members. On May 1, the SAS token is automatically invalidated, denying team members continued access.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview

質問 87
You need to design a solution that will execute custom C# code in response to an event routed to Azure Event Grid. The solution must meet the following requirements:
The executed code must be able to access the private IP address of a Microsoft SQL Server instance that runs on an Azure virtual machine.
Costs must be minimized.
What should you include in the solution?

A. Azure Logic Apps in the integrated service environment
B. Azure Functions in the Dedicated plan and the Basic Azure App Service plan
C. Azure Functions in the Consumption plan
D. Azure Logic Apps in the Consumption plan

正解: C

解説:
When you create a function app in Azure, you must choose a hosting plan for your app. There are three basic hosting plans available for Azure Functions: Consumption plan, Premium plan, and Dedicated (App Service) plan.
For the Consumption plan, you don't have to pay for idle VMs or reserve capacity in advance.
Connect to private endpoints with Azure Functions
As enterprises continue to adopt serverless (and Platform-as-a-Service, or PaaS) solutions, they often need a way to integrate with existing resources on a virtual network. These existing resources could be databases, file storage, message queues or event streams, or REST APIs.
Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale
https://techcommunity.microsoft.com/t5/azure-functions/connect-to-private-endpoints-with-azure-functions/ba-p/1426615
https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale#hosting-plans-comparison

質問 88
You have an Azure web app named App1 and an Azure key vault named KV1.
App1 stores database connection strings in KV1.
App1 performs the following types of requests to KV1:
Get
List
Wrap
Delete
Unwrap
Backup
Decrypt
Encrypt
You are evaluating the continuity of service for App1.
You need to identify the following if the Azure region that hosts KV1 becomes unavailable:
To where will KV1 fail over?
During the failover, which request type will be unavailable?
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Reference:
https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidance

質問 89
You need to design a highly available Azure SQL database that meets the following requirements:
* Failover between replicas of the database must occur without any data loss.
* The database must remain available in the event of a zone outage.
* Costs must be minimized.
Which deployment option should you use?

A. Azure SQL Database Hyperscale
B. Azure SQL Database Basic
C. Azure SQL Database Premium
D. Azure SQL Managed Instance Business Critical

正解: D

質問 90
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
* Provide access to the full .NET framework.
* Provide redundancy if an Azure region fails.
* Grant administrators access to the operating system to install custom application dependencies.
Solution: You deploy a Azure virtual machine scale set that uses autoscaling.
Does this meet the goal?

A. Yes
B. No

正解: B

解説:
Instead, you should deploy two Azure virtual machines to two Azure regions, and you create a Traffic Manager profile.

質問 91
You are designing an application that will use Azure Linux virtual machines to analyze video files. The files will be uploaded from corporate offices that connect to Azure by using ExpressRoute.
You plan to provision an Azure Storage account to host the files.
You need to ensure that the storage account meets the following requirements:
* Supports video files of up to 7 TB
* Provides the highest availability possible
* Ensures that storage is optimized for the large video files
* Ensures that files from the on-premises network are uploaded by using ExpressRoute How should you configure the storage account? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

質問 92
Your company has an on-premises Hyper-V cluster that contains 20 virtual machines. Some of the virtual machines are based on Windows and some in Linux. You have to migrate the virtual machines onto Azure.
You have to recommend a solution that would be used to replicate the disks of the virtual machines to Azure.
The solution needs to ensure that the virtual machines remain available when the migration of the disks is in progress.
You decide to create an Azure storage account and then run AzCopy
Would this fulfill the requirement?

A. Yes
B. No

正解: B

質問 93
You plan to deploy 10 applications to Azure. The applications will be deployed to two Azure Kubernetes Service (AKS) clusters. Each cluster will be deployed to a separate Azure region.
The application deployment must meet the following requirements:
* Ensure that the applications remain available if a single AKS cluster fails.
* Ensure that the connection traffic over the internet is encrypted by using SSL without having to configure SSL on each container.
Which service should you include in the recommendation?

A. AKS ingress controller
B. Azure Front Door
C. Azure Traffic Manager
D. Azure Load Balancer

正解: B

解説:
"Azure Front Door, which focuses on global load-balancing and site acceleration, and Azure CDN Standard, which offers static content caching and acceleration. The new Azure Front Door brings together security with CDN technology for a cloud-based CDN with threat protection and additional capabilities. "

質問 94
You design a solution for the web tier of WebApp1 as shown in the exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

正解:

解説:

Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
https://blogs.msdn.microsoft.com/hsirtl/2017/07/03/autoscaling-azure-web-apps/

質問 95
You have the resources shown in the following table.

You create a new resource group in Azure named RG2.
You need to move the virtual machines to RG2.
What should you use to move each virtual machine? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

質問 96
You architect a solution that calculates 3D geometry from height-map data.
You have the following requirements:
Perform calculations in Azure.
Each node must communicate data to every other node.
Maximize the number of nodes to calculate multiple scenes as fast as possible.
Require the least amount of effort to implement.
You need to recommend a solution.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Enable parallel file systems on Azure.
B. Create a render farm that uses virtual machines (VMs).
C. Create a render farm that uses virtual machine (VM) scale sets.
D. Create a render farm that uses Azure Batch.
E. Enable parallel task execution on compute nodes.

正解: D,E

質問 97
You have an Azure App Service web app that uses a system-assigned managed identity.
You need to recommend a solution to store their settings of the web app as secrets in an Azure key vault The solution must meet the following requirements:
* Minimize changes to the app code,
* Use the principle of least privilege.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.

正解:

解説:

質問 98
You deploy several Azure SQL Database instances.
You plan to configure the Diagnostics settings on the databases as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

正解:

解説:

質問 99
You have an Azure subscription.
You need to recommend a solution to provide developers with the ability to provision Azure virtual machines. The solution must meet the following requirements:
* Only allow the creation of the virtual machines in specific regions.
* Only allow the creation of specific sizes of virtual machines.
What should you include in the recommendation?

A. Azure Resource Manager (ARM) templates
B. Conditional Access policies
C. role-based access control (RBAC)
D. Azure Policy

正解: D

解説:
https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manage
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/manage/azure-server-management/common-policies#restrict-vm-size

質問 100
You have an Azure subscription that contains two applications named App1 and App2. App1 is a sales processing application. When a transaction in App1 requires shipping, a message is added to an Azure Storage account queue, and then App2 listens to the queue for relevant transactions.
In the future, additional applications will be added that will process some of the shipping requests based on the specific details of the transactions.
You need to recommend a replacement for the storage account queue to ensure that each additional application will be able to read the relevant transactions.
What should you recommend?

A. one Azure Data Factory pipeline
B. multiple storage account queues
C. one Azure Service Bus topic
D. one Azure Service Bus queue

正解: C

解説:
A queue allows processing of a message by a single consumer. In contrast to queues, topics and subscriptions provide a one-to-many form of communication in a publish and subscribe pattern. It's useful for scaling to large numbers of recipients. Each published message is made available to each subscription registered with the topic. Publisher sends a message to a topic and one or more subscribers receive a copy of the message, depending on filter rules set on these subscriptions.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-queues-topics-subscriptions

質問 101
You plan to create an Azure environment that will contain a root management group and 10 child management groups. Each child management group will contain five Azure subscriptions. You plan to have between 10 and 30 resource groups in each subscription.
You need to design an Azure governance solution. The solution must meet the following requirements:
* Use Azure Blueprints to control governance across all the subscriptions and resource groups.
* Ensure that Blueprints-based configurations are consistent across all the subscriptions and resource groups.
* Minimize the number of blueprint definitions and assignments.
What should you include in the solution? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.