This page was exported from Valid Premium Exam [ http://premium.validexam.com ] Export date:Thu Nov 14 16:31:39 2024 / +0000 GMT ___________________________________________________ Title: Ultimate Guide to Prepare AZ-304 Certification Exam for Azure Solutions Architect Expert in 2024 [Q128-Q142] --------------------------------------------------- Ultimate Guide to Prepare AZ-304 Certification Exam for Azure Solutions Architect Expert in 2024 Use Real AZ-304 Dumps - Microsoft Correct Answers updated on 2024 NO.128 You need to design an architecture to capture the creation of users and the assignment of roles. The captured data must be stored in Azure Cosmos DB.Which Azure services should you include in the design? To answer, drag the appropriate services to the correct targets. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.NOTE: Each correct selection is worth one point. NO.129 You have an Azure subscription that contains the SQL servers shown in the following table.The subscription contains the storage accounts shown in the following table.You create the Azure SQL databases shown in the following table. ExplanationBox 1: YesBe sure that the destination is in the same region as your database and server.Box 2: NoBox 3: NoReference:https://docs.microsoft.com/en-us/azure/sql-database/sql-database-auditingNO.130 You have an Azure App Service Web App that includes Azure Blob storage and an Azure SQL Database instance. The application is instrumented by using the Application Insights SDK.You need to design a monitoring solution for the web app.Which Azure monitoring services should you use? To answer, select the appropriate Azure monitoring services in the answer area.NOTE: Each correct selection is worth one point. Explanation1. Azure Monitor Log2. Azure Application Insights (application map in App insights)3. Azure Application Insights4. Azure Application insightshttps://docs.microsoft.com/en-us/azure/azure-monitor/app/app-map?tabs=nethttps://docs.microsoft.com/en-us/azure/azure-monitor/insights/service-mapNO.131 You have 100 Standard_F2s_v2 Azure virtual machines. Each virtual machine has two network adapters.You need to increase the network performance of the workloads running on the virtual machines. The solution must meet the following requirements:* The CPU-to-memory ratio must remain the same.* The solution must minimize costs.What should you do?  Enable Accelerated Networking.  Enable RDMA over InfiniBand.  Configure NIC teaming.  Install an additional network adapter. NO.132 Your on-premises network contains a server named Server1 that runs an ASP.NET application named App1.You have a hybrid deployment of Azure Active Directory (Azure AD).You need to recommend a solution to ensure that users sign in by using their Azure AD account and Azure Multi-Factor Authentication (MFA) when they connect to App1 from the internet.Which three Azure services should you recommend be deployed and configured in sequence? To answer, move the appropriate services from the list of services to the answer area and arrange them in the correct order. ExplanationText Description automatically generated with medium confidenceNO.133 You have an Azure SQL database named DB1.You need to recommend a data security solution for DB1. the solution must meet the following requirements:* When helpdesk supervisors query DS1. they must see the full number of each credit card.* When helpdesk operators Query DB1. they must see only the last four digits of each credit card number* A column named Credit Rating must never appear in plain text within the database system, and only client applications must be able to decrypt the Credit Rating column.What should you include in the recommendation To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:Box 1: Dynamic data maskingDynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with minimal impact on the application layer. It’s a policy-based security feature that hides the sensitive data in the result set of a query over designated database fields, while the data in the database is not changed.Box 2: Always encryptedData stored in the database is protected even if the entire machine is compromised, for example by malware. Always Encrypted leverages client-side encryption: a database driver inside an application transparently encrypts data, before sending the data to the database. Similarly, the driver decrypts encrypted data retrieved in query results.Reference:https://azure.microsoft.com/en-us/blog/transparent-data-encryption-or-always-encrypted/NO.134 You need to recommend a solution for the users at Contoso to authenticate to the cloud-based services and the Azure AD-integrated applications.What should you include in the recommendation? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationNO.135 You have an existing implementation of Microsoft SQL Server Integration Services (SSIS) packages stored in an SSISDB catalog on your on-premises network. The on-premises network does not have hybrid connectivity to Azure by using Site-to-Site VPN or ExpressRoute.You want to migrate the packages to Azure Data Factory.You need to recommend a solution that facilitates the migration while minimizing changes to the existing packages. The solution must minimize costs.What should you recommend? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationBox 1: Azure SQL databaseYou can’t create the SSISDB Catalog database on Azure SQL Database at this time independently of creating the Azure-SSIS Integration Runtime in Azure Data Factory. The Azure-SSIS IR is the runtime environment that runs SSIS packages on Azure.Box 2: Azure-SQL Server Integration Service Integration Runtime and self-hosted integration runtime The Integration Runtime (IR) is the compute infrastructure used by Azure Data Factory to provide data integration capabilities across different network environments. Azure-SSIS Integration Runtime (IR) in Azure Data Factory (ADF) supports running SSIS packages.Self-hosted integration runtime can be used for data movement in this scenario.Reference:https://docs.microsoft.com/en-us/azure/data-factory/create-azure-integration-runtimehttps://docs.microsoft.com/en-us/sql/integration-services/lift-shift/ssis-azure-connect-to-catalog-databaseNO.136 You need to design a resource governance solution for an Azure subscription. The solution must meet the following requirements:Ensure that all ExpressRoute resources are created in a resource group named RG1.Delegate the creation of the ExpressRoute resources to an Azure Active Directory (Azure AD) group named Networking.Use the principle of least privilege.What should you include in the solution? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:Box 1: An Azure policy assignment at the subscription level that has an exclusion Box 2: A custom RBAC role assignment at the level of RG1 Azure role-based access control (Azure RBAC) is the authorization system you use to manage access to Azure resources. To grant access, you assign roles to users, groups, service principals, or managed identities at a particular scope.Reference:https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manageNO.137 The developers at your company are building a static web app to support users sending text messages. The app must meet the following requirements:* Website latency must be consistent for users in different geographical regions.* Users must be able to authenticate by using Twitter and Facebook.* Code must include only HTML, native JavaScript and jQuery.* Costs must be minimized.Which Azure service should you use to complete the architecture? To answer, drag the appropriate services to the correct locations. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/javascript/api/overview/azure/cdn?view=azure-node-latest#overviewhttps://www.codeproject.com/Articles/1368337/Implementing-SMS-API-using-Azure-Serverless-FunctiNO.138 You have an Azure web app named App1 and an Azure key vault named KV1.App1 stores database connection strings in KV1.App1 performs the following types of requests to KV1:GetListWrapDeleteUnwrapBackupDecryptEncryptYou are evaluating the continuity of service for App1.You need to identify the following if the Azure region that hosts KV1 becomes unavailable:To where will KV1 fail over?During the failover, which request type will be unavailable?What should you identify? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationBox 1: A server in the same paired regionThe contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets.Box 2: DeleteDuring failover, your key vault is in read-only mode. Requests that are supported in this mode are:List certificatesGet certificatesList secretsGet secretsList keysGet (properties of) keysEncryptDecryptWrapUnwrapVerifySignBackupReference:https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidanceNO.139 You are designing a virtual machine that will run Microsoft SQL Server and will contain two data disks. The first data disk will store log files, and the second data disk will store dat a. Both disks are P40 managed disks.You need to recommend a caching policy for each disk. The policy must provide the best overall performance for the virtual machine.Which caching policy should you recommend for each disk? To answer, drag the appropriate policies to the correct disks. Each policy may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.NOTE: Each correct selection is worth one point. 1 – None2 – ReadOnlyReferences:https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windows-sql-performanceNO.140 You have an Azure web app named App1 and an Azure key vault named KV1.App1 stores database connection strings in KV1.App1 performs the following types of requests to KV1:GetListWrapDeleteUnwrapBackupDecryptEncryptYou are evaluating the continuity of service for App1.You need to identify the following if the Azure region that hosts KV1 becomes unavailable:To where will KV1 fail over?During the failover, which request type will be unavailable?What should you identify? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/key-vault/general/disaster-recovery-guidanceNO.141 You have an existing implementation of Microsoft SQL Server Integration Services (SSIS) packages stored in an SSISDB catalog on your on-premises network. The on-premises network does not have hybrid connectivity to Azure by using Site-to-Site VPN or ExpressRoute.You want to migrate the packages to Azure Data Factory.You need to recommend a solution that facilitates the migration while minimizing changes to the existing packages. The solution must minimize costs.What should you recommend? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:Box 1: Azure SQL databaseYou can’t create the SSISDB Catalog database on Azure SQL Database at this time independently of creating the Azure-SSIS Integration Runtime in Azure Data Factory. The Azure-SSIS IR is the runtime environment that runs SSIS packages on Azure.Box 2: Azure-SQL Server Integration Service Integration Runtime and self-hosted integration runtime The Integration Runtime (IR) is the compute infrastructure used by Azure Data Factory to provide data integration capabilities across different network environments. Azure-SSIS Integration Runtime (IR) in Azure Data Factory (ADF) supports running SSIS packages.Self-hosted integration runtime can be used for data movement in this scenario.Reference:https://docs.microsoft.com/en-us/azure/data-factory/create-azure-integration-runtimehttps://docs.microsoft.com/en-us/sql/integration-services/lift-shift/ssis-azure-connect-to-catalog-databaseNO.142 You need to recommend an Azure Storage Account configuration for two applications named Application1 and Applications. The configuration must meet the following requirements:* Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.* Storage for Application2 must provide the lowest possible storage costs per GB.* Storage for both applications must be optimized for uploads and downloads.* Storage for both applications must be available in an event of datacenter failure.What should you recommend ? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point ExplanationBox 1: BloblBlobStorage with Premium performance and Zone-redundant storage (ZRS) replication.BlockBlobStorage accounts: Storage accounts with premium performance characteristics for block blobs and append blobs. Recommended for scenarios with high transactions rates, or scenarios that use smaller objects or require consistently low storage latency.Premium: optimized for high transaction rates and single-digit consistent storage latency.Box 2: General purpose v2 with Standard performance..General-purpose v2 accounts: Basic storage account type for blobs, files, queues, and tables. Recommended for most scenarios using Azure Storage.Reference:https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overviewhttps://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy Loading … To become a certified Azure Solutions Architect Expert, candidates must pass both the AZ-303 (Microsoft Azure Architect Technologies) and AZ-304 exams. The AZ-304 exam is intended for candidates who have already passed the AZ-303 exam or have equivalent knowledge and experience in Azure technologies. AZ-304 exam consists of multiple-choice questions and is delivered in a proctored environment.   Azure Solutions Architect Expert -AZ-304 Exam-Practice-Dumps: https://www.validexam.com/AZ-304-latest-dumps.html --------------------------------------------------- Images: https://premium.validexam.com/wp-content/plugins/watu/loading.gif https://premium.validexam.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2024-10-29 12:36:27 Post date GMT: 2024-10-29 12:36:27 Post modified date: 2024-10-29 12:36:27 Post modified date GMT: 2024-10-29 12:36:27