We provide AZ-301 Exam Dumps which are the best for clearing AZ-301 test, and to get certified by Microsoft Microsoft Azure Architect Design. The AZ-301 Dumps Questions covers all the knowledge points of the real AZ-301 exam. Crack your Microsoft AZ-301 Exam with latest dumps, guaranteed!
Online Microsoft AZ-301 free dumps demo Below:
NEW QUESTION 1
You need to recommend a solution for the collection of security logs the middle tier of the payment processing system.
What should you include in the recommendation?
- A. Azure Notification Hubs
- B. the Azure Diagnostics agent
- C. Azure Event Hubs
- D. the Azure Log Analytics agent
NEW QUESTION 2
You plan to deploy 200 Microsoft SQL Server databases to Azure by using SQL Database and Azure SQL Database Managed Instance.
You need to recommend a monitoring solution that provides a consistent monitoring approach for all deployments The solution must meet the following requirements: Support current-state analysis on metrics collected near -real-time multiple times per minutes and maintained for up to one hour.
Support longer term analysis based on metrics collected multiple timer per hour and maintained for up two weeks.
Support monitoring of the number of concurrent logins and concurrent sessions. What should you include in the recommendation?
- A. Azure Monitor
- B. dynamic management views
- C. SQL Server-Profiler
- D. trace flags
NEW QUESTION 3
You are designing an Azure we app. You plan to deploy the web app to the Europe Azure region and the West Europe region.
You need to recommend a solution for the web app. The solution must the following requirements: Users must always access the web app form the North region, unless the region fails.
The web app must be available to users if an Azure region is unavailable. Deployment costs must be minimized.
What should you include in the recommendation? To answer, select the appropriate options in the area. NOTE: Each correct selection is worth one point.
NEW QUESTION 4
You need to recommend a solution for data of the historical transaction query system.
What should you include in the recommendation? To answer, Select the appropriate or options in the answer area.
NOTE: Each correct selection is worth one point
NEW QUESTION 5
Your company has 20 web APIs that were developed in-house.
The company is developing 10 web apps that will use the web APIs. The web apps and the APIs are registered in the company’s Azure Active Directory (Azure AD) tenant. The web APIs are published by using Azure API Management.
You need to recommend a solution to block unauthorized requests originating from the web apps from reaching the web APIs. The solution must meet the following requirements:
Use Azure AD-generated claims.
Minimize configuration and management effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
NEW QUESTION 6
You need to recommend a data storage solution that meets the following requirements:
Ensures that application can access the data by using a REST connection
Hosts 20 independent tables of varying sizes and usage patterns
Automatically replicates the data to a second Azure region
What should you recommend?
- A. an Azure SQL Database elastic database pool that uses active geo-replication
- B. tables in an Azure Storage account that uses geo-redundant storage (GRS)
- C. tables in an Azure Storage account that use read-access geo-redundant storage (RA-GR)
- D. an Azure SQL database that uses active geo-replication
NEW QUESTION 7
You plan to deploy a payroll system to Azure. The payroll system will use Azure virtual machines that run SUSE Linux Enterprise Server and Windows.
You need to recommend a business continuity solution for the payroll system. The solution must meet the following requirements:
Provide business continuity if an Azure region fails.
Provide a recovery time objective (RTO) of 30 minutes.
Provide a recovery point objective (RPO) of five minutes.
What should you include in the recommendation?
- A. Microsoft System Center Data Protection Manage (DPM)
- B. unmanaged disks that use geo-redundant storage (GRS)
- C. Azure Site Recovery
- D. Azure Backup
NEW QUESTION 8
You need to recommend a solution for the network configuration of the front-end tier of the payment processing.
What should you include in the recommendation?
- A. Azure Application Gateway
- B. Traffic Manager
- C. a Standard Load Balancer
- D. a Basic load Balancer
NEW QUESTION 9
You have an Azure environment that contains the Azure subscription and the virtual networks shown in the following table.
You need to recommend a virtual network peering solution to ensure that the resources connected to any other virtual network. The solution must minimize administrative effort.
Which virtual network peering topology should you recommend? To answer, select the appropriate topology in the answer area.
NOTE: Each correct selection is worth one point,
NEW QUESTION 10
A company named Contoso, Ltd. has an Azure Active Directory (Azure AD) tenant that is integrated with Microsoft Office 365 and an Azure subscription.
Contoso has an on-premises identity infrastructure. The infrastructure includes servers that run Active Directory Domain Services (AD DS), Active Directory Federation Services (AD FS), Azure AD Connect, and Microsoft Identity Manager (MIM).
Contoso has a partnership with a company named Fabrikam, Inc. Fabrikam has an Active Directory forest and an Office 365 tenant. Fabrikam has the same on-premises identity infrastructure as Contoso.
A team of 10 developers from Fabrikam will work on an Azure solution that will be hosted in the Azure subscription of Contoso. The developers must be added to the Contributor role for a resource in the Contoso subscription.
You need to recommend a solution to ensure that Contoso can assign the role to the 10 Fabrikam developers.
The solution must ensure that the Fabrikam developers use their existing credentials to access resources. What should you recommend?
- A. Configure a forest trust between the on-premises Active Directory forests of Contoso and Fabrikam.
- B. Configure an organization relationship between the Office 365 tenants of Fabrikam and Contoso.
- C. In the Azure AD tenant of Contoso, enable Azure Active Directory Domain Services (Azure AD DS).Createa one-way forest trust that uses selective authentication between the Active Directory forests of Contoso and Fabrikam.
- D. In the Azure AD tenant of Contoso, create guest accounts for the Fabrikam developers.
NEW QUESTION 11
You are designing a data protection strategy for Azure virtual machines. All the virtual machines are in the Standard tier and use managed disks.
You need to recommend a solution that meets the following requirements:
The use of encryption keys is audited.
All the data is encrypted at rest always.
You manage the encryption keys, not Microsoft.
What should you include in the recommendation?
- A. BitLocker Drive Encryption (BitLocker)
- B. Azure Storage Service Encryption
- C. client-side encryption
- D. Azure Disk Encryption
NEW QUESTION 12
You need to deploy resources to host a stateless web app in an Azure subscription. The solution must meet the following requirements:
• Provide access to the full .NET framework.
• Provide redundancy if an Azure region fails.
• Grant administrators access to the operating system to install custom application dependencies. Solution: You deploy a web app in an Isolated App Service plan.
Does this meet the goal?
- A. Yes
- B. No
NEW QUESTION 13
You need to design an architecture to capture the creation of users and the assignment of roles. The captured data must be stored in Azure Cosmos DB.
Which Azure services should you include in the design? To answer, drag the appropriate services to the correct targets. Each service may be used once. more than once, or not at all. You need to drag the split bar between panes or scroll to view content.
NOTE .Each correct selection worth one point.
NEW QUESTION 14
You need to recommend a strategy for migrating the database content of WebApp1 to Azure. What should you include in the recommendation?
- A. Use Azure Site Recovery to replicate the SQL servers to Azure.
- B. Use SQLServer transactional replication.
- C. Copy the BACPAC file that contains the Azure SQL database file to Azure Blob storage.
- D. Copy the VHD that contains the Azure SQL database files to Azure Blob storage
NEW QUESTION 15
You plan to deploy logical Azure SQL Database servers to The East US Azure region and the Wen US Azure region. Each server will contain 20 database accessed by a different user who reads in a different on premises location. The databases will be configured to use active geo-replication.
You need to recommend a solution that meets the following requirement!;
• Restricts user access to each database
• Restricts network access to each database based on each user's respective location
• Ensures that the databases remain accessible from down applications if the local Azure region fails
What should you include in the recommendation? To answer, select the appropriate options m the answer area NOTE: Each correct selection is worth one point.
Topic 3, Case Study B
Contoso,Ltd is a US-base finance service company that has a main office New York and an office in San Francisco.
Payment Processing Query System
Contoso hosts a business critical payment processing system in its New York data center. The system has three tiers a front-end web app a middle -tier API and a back end data store implemented as a Microsoft SQL Server 2014 database All servers run Windows Server 2012 R2.
The front -end and middle net components are hosted by using Microsoft Internet Inform-non Services (IK) The application rode is written in C# and middle- tier API uses the Entity framework to communicate the SQL Server database. Maintenance of the database e performed by using SQL Server Ago-
The database is currently J IB and is not expected to grow beyond 3 TB.
The payment processing system has the following compliance related requirement
• Encrypt data in transit and at test. Only the front-end and middle-tier components must be able to access the encryption keys that protect the date store.
• Keep backups of the two separate physical locations that are at last 200 miles apart and can be restored for op to seven years.
• Support blocking inbound and outbound traffic based on the source IP address, the description IP address, and the port number
• Collect Windows security logs from all the middle-tier servers and retain the log for a period of seven years,
• Inspect inbound and outbound traffic from the from-end tier by using highly available network appliances.
• Only allow all access to all the tiers from the internal network of Contoso.
Tape backups ate configured by using an on-premises deployment or Microsoft System Center Data protection Manager (DPMX and then shaped ofsite for long term storage
Historical Transaction Query System
Contoso recently migrate a business-Critical workload to Azure. The workload contains a NET web server for querying the historical transaction data residing in azure Table Storage. The NET service is accessible from a client app that was developed in-house and on the client computer in the New Your office. The data in the storage is 50 GB and is not except to increase.
Information Security Requirement
The IT security team wants to ensure that identity management n performed by using Active Directory. Password hashes must be stored on premises only.
Access to all business-critical systems must rely on Active Directory credentials. Any suspicious authentication attempts must trigger multi-factor authentication prompt automatically Legitimate users must be able to authenticate successfully by using multi-factor authentication.
Contoso plans to implement the following changes:
* Migrate the payment processing system to Azure.
* Migrate the historical transaction data to Azure Cosmos DB to address the performance issues.
Contoso identifies the following general migration requirements:
Infrastructure services must remain available if a region or a data center fails. Failover must occur without any administrative intervention
• Whenever possible. Azure managed serves must be used to management overhead
• Whenever possible, costs must be minimized.
Contoso identifies the following requirements for the payment processing system:
• If a data center fails, ensure that the payment processing system remains available without any administrative intervention. The middle-tier and the web front end must continue to operate without any additional configurations-
• If that the number of compute nodes of the from -end and the middle tiers of the payment processing system can increase or decrease automatically based on CPU utilization.
• Ensure that each tier of the payment processing system is subject to a Service level Agreement (SLA) of 9959 percent availability
• Minimize the effort required to modify the middle tier API and the back-end tier of the payment processing system.
• Generate alerts when unauthorized login attempts occur on the middle-tier virtual machines.
• Insure that the payment processing system preserves its current compliance status.
• Host the middle tier of the payment processing system on a virtual machine.
Contoso identifies the following requirements for the historical transaction query system:
• Minimize the use of on-premises infrastructure service.
• Minimize the effort required to modify the .NET web service querying Azure Cosmos DB.
• If a region fails, ensure that the historical transaction query system remains available without any administrative intervention.
The Contoso IT team discovers poor performance of the historical transaction query as the queries frequently cause table scans.
Information Security Requirements
The IT security team wants to ensure that identity management is performed by using Active Directory. Password hashes must be stored on-premises only.
Access to all business-critical systems must rely on Active Directory credentials. Any suspicious authentication attempts must trigger a multi-factor authentication prompt automatically. legitimate users must be able to authenticate successfully by using multi-factor authentication.
NEW QUESTION 16
You need to recommend a solution for protecting the content of the back-end tier of the payment processing system.
What should you include in the recommendations?
- A. Always Encrypted with deterministic encryption
- B. Transparent Date Encryption (TDE)
- C. Azure Storage Service Encryption
- D. Always Encrypted with randomized encryption
Recommend!! Get the Full AZ-301 dumps in VCE and PDF From Certleader, Welcome to Download: https://www.certleader.com/AZ-301-dumps.html (New 108 Q&As Version)