Microsoft AZ-303 ExamMicrosoft Azure Architect Technologies (beta)

Total Question: 0 Last Updated: Oct 18,2020
  • Updated AZ-303 Dumps
  • Based on Real AZ-303 Exams Scenarios
  • Free AZ-303 pdf Demo Available
  • Check out our AZ-303 Dumps in a new PDF format
  • Instant AZ-303 download
  • Guarantee AZ-303 success in first attempt

AZ-303 exam is not available now.

Certshared is working on getting AZ-303 exam available ASAP.

Request AZ-303 exam here, you will get notified when it gets released.

Please provide your email address so we can inform you when requested AZ-303 exam will become available. Thanks!

Enter Your Email Address:

Renewal AZ-303 Preparation Exams For Microsoft Azure Architect Technologies (beta) Certification

High quality of AZ-303 test materials and dumps for Microsoft certification for examinee, Real Success Guaranteed with Updated AZ-303 pdf dumps vce Materials. 100% PASS Microsoft Azure Architect Technologies (beta) exam Today!

Free AZ-303 Demo Online For Microsoft Certifitcation:

NEW QUESTION 1

You plan to create an Azure Storage account in the Azure region of East US 2. You need to create a storage account that meets the following requirements:
AZ-303 dumps exhibit Replicates synchronously
AZ-303 dumps exhibit Remains available if a single data center in the region fails
How should you configure the storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
AZ-303 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: Zone-redundant storage (ZRS)
Zone-redundant storage (ZRS) replicates your data synchronously across three storage clusters in a single region.
LRS would not remain available if a data center in the region fails GRS and RA GRS use asynchronous replication.
Box 2: StorageV2 (general purpose V2) ZRS only support GPv2.
References:
https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy-zrs

NEW QUESTION 2

You have an Azure subscription.
You create a custom role in Azure by using the following Azure Resource Manager template.
AZ-303 dumps exhibit
You assign the role to a user named User1. Which action can User1 perform?

  • A. Delete virtual machines.
  • B. Create resource groups.
  • C. Create virtual machines.
  • D. Create support requests

Answer: D

Explanation:
The "Microsoft.Support/*" operation will allow the user to create support tickets. References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell

NEW QUESTION 3

You have an Azure Cosmos DB account named Account1. Account1 includes a database named DB1 that contains a container named Container 1. The partition key tor Container1 is set to /city.
You plan to change the partition key for Container1 What should you do first?

  • A. Delete Container1
  • B. Create a new container in DB1
  • C. Regenerate the keys for Account1.
  • D. Implement the Azure CosmosDB.NET SDK

Answer: B

Explanation:
The good news is that there are two features, the Change Feed Processor and Bulk Executor Library, in Azure Cosmos DB that can be leveraged to achieve a live migration of your data from one container to another. This allows you to re-distribute your data to match the desired new partition key scheme, and make the relevant application changes afterwards, thus achieving the effect of “updating your partition key”.
Reference:
https://devblogs.microsoft.com/cosmosdb/how-to-change-your-partition-key/

NEW QUESTION 4

You have an Azure subscription named Subscription1 that contains a virtual network named VNet1. You add the users in the following table.
AZ-303 dumps exhibit
Which user can perform each configuration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-303 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: User1 and User3 only.
The Owner Role lets you manage everything, including access to resources.
The Network Contributor role lets you manage networks, but not access to them. Box 2: User1
The Security Admin role: In Security Center only: Can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations.
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

NEW QUESTION 5

You have an Azure subscription that contains the storage accounts shown in the following table.
AZ-303 dumps exhibit
You enable Azure Advanced Threat Protection (ATP) for all the storage accounts. You need to identify which storage accounts will generate Azure ATP alerts.
Which two storage accounts should you identify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

  • A. storagecontoso1
  • B. storagecontoso2
  • C. storagecontoso3
  • D. storagecontoso4
  • E. storaaecontoso5

Answer: AB

Explanation:
Advanced threat protection for Azure Storage is currently available only for Blob Storage.
AZ-303 dumps exhibit
https://docs.microsoft.com/en-us/azure/storage/common/storage-advanced-threat-protection?tabs=azure-portal

NEW QUESTION 6

Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other Identity Governance settings are available.
Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles. You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You assign the Service administrator role to Admin1. Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
Instead use Azure AD Privileged Identity Management.
Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about. Key features of PIM include:
AZ-303 dumps exhibit Conduct access reviews to ensure users still need roles References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

NEW QUESTION 7

Your company has a virtualization environment that contains the virtualization hosts shown in the following table.
AZ-303 dumps exhibit
The virtual machines are configured as shown in the following table.
AZ-303 dumps exhibit
All the virtual machines use basic disks. VM1 is protected by using BitLocker Drive Encryption (BitLocker). You plan to migrate the virtual machines to Azure by using Azure Site Recovery.
You need to identify which virtual machines can be migrated.
Which virtual machines should you identify for each server? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-303 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
AZ-303 dumps exhibit

NEW QUESTION 8

You have the virtual machines shown in the following table.
AZ-303 dumps exhibit
You deploy an Azure bastion named Bastion1 to VNET1.
To which virtual machines can you connect by using Bastion1?

  • A. VM1 only
  • B. VM1 and VM2 only
  • C. VM2 and VM3 only
  • D. VM1, VM2, and VM3

Answer: C

NEW QUESTION 9

You have an Azure subscription that contains an Azure key vault named KeyVault1 and the virtual machines shown in the following table.
AZ-303 dumps exhibit
KeyVault1 has an access policy that provides several users with Create Key permissions. You need to ensure that the users can only register secrets in KeyVault1 from VM1. What should you do?

  • A. Create a network security group (NSG) that is linked to Subnet1.
  • B. Configure the Firewall and virtual networks settings for KeyVault1.
  • C. Modify the access policy for KeyVault1.
  • D. Configure KeyVault1 to use a hardware security module (HSM).

Answer: C

Explanation:
You grant data plane access by setting Key Vault access policies for a key vault. Note 1: Grant our VM’s system-assigned managed identity access to the Key Vault.
AZ-303 dumps exhibit Select Access policies and click Add new.
AZ-303 dumps exhibit In Configure from template, select Secret Management.
AZ-303 dumps exhibit Choose Select Principal, and in the search field enter the name of the VM you created earlier. Select the VM in the result list and click Select.
AZ-303 dumps exhibit Click OK to finishing adding the new access policy, and OK to finish access policy selection.
Note 2: Access to a key vault is controlled through two interfaces: the management plane and the data plane. The management plane is where you manage Key Vault itself. Operations in this plane include creating and deleting key vaults, retrieving Key Vault properties, and updating access policies. The data plane is where you work with the data stored in a key vault. You can add, delete, and modify keys, secrets, and certificates.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm https://docs.microsoft.com/en-us/azure/key-vault/general/secure-your-key-vault2

NEW QUESTION 10

You create the following Azure role definition.
AZ-303 dumps exhibit
You need to create Role1 by using the role definition.
Which two values should you modify before you create Role1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. AssignableScopes
  • B. Description
  • C. DataActions
  • D. IsCustom
  • E. Id

Answer: AD

Explanation:
Part of example: "IsCustom": true,
"AssignableScopes": [ "/subscriptions/{subscriptionId1}", "/subscriptions/{subscriptionId2}",
"/subscriptions/{subscriptionId3}"
The following shows what a custom role looks like as displayed in JSON format. This custom role can be used for monitoring and restarting virtual machines.
{
"Name": "Virtual Machine Operator",
"Id": "88888888-8888-8888-8888-888888888888",
"IsCustom": true,
"Description": "Can monitor and restart virtual machines.", "Actions": [
"Microsoft.Storage/*/read", "Microsoft.Network/*/read", "Microsoft.Compute/*/read", "Microsoft.Compute/virtualMachines/start/action", "Microsoft.Compute/virtualMachines/restart/action", "Microsoft.Authorization/*/read", "Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Insights/alertRules/*", "Microsoft.Insights/diagnosticSettings/*", "Microsoft.Support/*"
],
"NotActions": [],
"DataActions": [], "NotDataActions": [], "AssignableScopes": [ "/subscriptions/{subscriptionId1}",
"/subscriptions/{subscriptionId2}", "/subscriptions/{subscriptionId3}"
]
}
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles

NEW QUESTION 11

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company is deploying an on-premises application named Appl. Users will access App1 by using a URL of https://app1.contoso.com. You register App1 in Azure Active Directory (Azure AD) and publish Appl by using the Azure AD Application Proxy. You need to ensure that Appl appears in the My Apps portal for all the users.
Solution: You create a conditional access policy for App1.

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 12

You have an Azure subscription that contains multiple resource groups. You create an availability set as shown in the following exhibit.
AZ-303 dumps exhibit
You deploy 10 virtual machines to AS1.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
AZ-303 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: 6
Two out of three update domains would be available, each with at least 3 VMs.
An update domain is a group of VMs and underlying physical hardware that can be rebooted at the same time. As you create VMs within an availability set, the Azure platform automatically distributes your VMs across these update domains. This approach ensures that at least one instance of your application always remains running as the Azure platform undergoes periodic maintenance.
Box 2: the West Europe region and the RG1 resource group References:
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/regions-and-availability

NEW QUESTION 13

You have an application named App1 that does not support Azure Active Directory (Azure AD) authentication.
You need to ensure that App1 can send messages to an Azure Service Bus queue. The solution must prevent Appl from listening to the queue.
What should you do?

  • A. Modify the locks of the Queue
  • B. Configure Access control (IAM) for the Service Bus
  • C. Configure Access control (IAM) for the queue.
  • D. Add a shared access policy to the queue

Answer: D

Explanation:
There are two ways to authenticate and authorize access to Azure Service Bus resources: Azure Activity Directory (Azure AD) and Shared Access Signatures (SAS).
Each Service Bus namespace and each Service Bus entity has a Shared Access Authorization policy made up of rules.
Reference:
https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-authentication-and-authorization https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas

NEW QUESTION 14

A company plans to use third-party application software to perform complex data analysis processes. The software will use up to 500 identical virtual machines (VMs) based on an Azure Marketplace VM image.
You need to design the infrastructure for the third-party application server. The solution must meet the following requirements:
AZ-303 dumps exhibit The number of VMs that are running at any given point in time must change when the user workload changes.
AZ-303 dumps exhibit When a new version of the application is available in Azure Marketplace it must be deployed without causing application downtime.
AZ-303 dumps exhibit Use VM scale sets.
AZ-303 dumps exhibit Minimize the need for ongoing maintenance.
Which two technologies should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. single storage account
  • B. autoscale
  • C. single placement group
  • D. managed disks

Answer: BD

Explanation:
Introduction to Azure managed disks
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/managed-disks-overview "Using managed disks, you can create up to 50,000 VM disks of a type in a subscription per region, allowing you to create thousands of VMs in a single subscription. This feature also further increases the scalability of virtual machine scale sets by allowing you to create up to 1,000 VMs in a virtual machine scale set using a Marketplace image."

NEW QUESTION 15

You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table.
AZ-303 dumps exhibit
You need to ensure that all critical and security updates are applied to each virtual machine every month. What is the minimum number of update deployments you should create?

  • A. 4
  • B. 6
  • C. 1
  • D. 2

Answer: A

NEW QUESTION 16

You need to configure the Device settings to meet the technical requirements and the user requirements. Which two settings should you modify? To answer, select the appropriate settings in the answer area.
AZ-303 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: Selected

NEW QUESTION 17

You create the Azure resources shown in the following table.
AZ-303 dumps exhibit
You attempt to add a role assignment to a resource group as shown in the following exhibit.
AZ-303 dumps exhibit
AZ-303 dumps exhibit
What should you do to ensure that you can assign VM2 the Reader role for the resource group?

  • A. Modify the Reader role at the subscription level.
  • B. Configure just in time (JIT) VM access on VM2.
  • C. Configure Access control (IAM) on VM2.
  • D. Assign a managed identity to VM2.

Answer: D

NEW QUESTION 18

You have 10 Azure virtual machines on a subnet named Subnet1. Subnet1 is on a virtual network named VNet1.
You plan to deploy a public Azure Standard Load Balancer named LB1 to the same Azure region as the 10 virtual machines.
You need to ensure that traffic from all the virtual machines to the internet flows through LB1. The solution must prevent the virtual machines from being accessible on the internet.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Add health probes to LB1.
  • B. Add the network interfaces of the virtual machines to the backend pool of LB1.
  • C. Add an inbound rule to LB1.
  • D. Add an outbound rule to LB1.
  • E. Associate a network security group (NSG) to Subnet1.
  • F. Associate a user-defined route to Subnet1.

Answer: ABD

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/load-balancer/tutorial-load-balancer-standard-manage-portal2

NEW QUESTION 19

: 292 HOTSPOT
From Azure Cosmos DB, you create the containers shown in the following table.
AZ-303 dumps exhibit
You add the following item to Container1.
AZ-303 dumps exhibit
You plan to add items to Azure Cosmos DB as shown in the following table.
AZ-303 dumps exhibit
You need to identify which items can be added successfully to Container1 and Container2.
What should you identify for each container? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-303 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
AZ-303 dumps exhibit

NEW QUESTION 20

You have several Azure virtual machines on a virtual network named VNet1. You configure an Azure Storage account as shown in the following exhibit.
AZ-303 dumps exhibit
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
AZ-303 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: Never
Box 2: Never
After you configure firewall and virtual network settings for your storage account, select Allow trusted Microsoft services to access this storage account as an exception to enable Azure Backup service to access the network restricted storage account.
AZ-303 dumps exhibit
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows https://azure.microsoft.com/en-us/blog/azure-backup-now-supports-storage-accounts-secured-with-azure-storage

NEW QUESTION 21
......

Thanks for reading the newest AZ-303 exam dumps! We recommend you to try the PREMIUM Dumpscollection.com AZ-303 dumps in VCE and PDF here: https://www.dumpscollection.net/dumps/AZ-303/ (0 Q&As Dumps)