New Updated AZ-301 Exam Questions from PassLeader AZ-301 PDF dumps! Welcome to download the newest PassLeader AZ-301 VCE dumps: https://www.passleader.com/az-301.html (140 Q&As)
Keywords: AZ-301 exam dumps, AZ-301 exam questions, AZ-301 VCE dumps, AZ-301 PDF dumps, AZ-301 practice tests, AZ-301 study guide, AZ-301 braindumps, Microsoft Azure Architect Design Exam
P.S. New AZ-301 dumps PDF: https://drive.google.com/open?id=1ah1U5ZfTQkd7hMRDhnN0gFL7q8qMqtUl
P.S. New AZ-300 dumps PDF: https://drive.google.com/open?id=1f0aRTfxMz2rxKc4dy3CZjxKse4HWA3rQ
P.S. New AZ-302 dumps PDF: https://drive.google.com/open?id=11UyQ8nIk7dNcGLzvzsxJpAqqMkTkctZw
NEW QUESTION 121
Your company uses Microsoft System Center ?Service Manager on its on-premises network. You plan to deploy several services to Azure. You need to recommend a solution to push Azure service health to Service Manager. What should you include in the recommendation?
A. Azure Notification Hubs
B. Azure Event Hubs
C. IT Service Management Connector (ITSM)
D. Application Insights Connector
Answer: C
Explanation:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/itsmc-overview
NEW QUESTION 122
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains several administrative user accounts. You need to recommend a solution to identify which administrative user accounts have NOT signed in during the previous 30 days. Which service should you include in the recommendation?
A. Azure AD Identity Protection
B. Azure Activity Log
C. Azure Advisor
D. Azure AD Privileged Identity Management (PIM)
Answer: D
NEW QUESTION 123
Your company plans to publish APIs for its services by using Azure API Management. You discover that service responses include the AspNet-Version header. You need to recommend a solution to remove AspNet-Version from the response of the published APIs. What should you include in the recommendation?
A. a new product
B. a modification to the URL scheme
C. a new policy
D. a new revision
Answer: C
Explanation:
https://docs.microsoft.com/en-us/azure/api-management/transform-api
NEW QUESTION 124
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing. The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources. You need to ensure that the image processing application runs correctly every hour.
Solution: Create an Azure WebJob that runs the image processing application every hour.
Does the solution meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 125
You are migrating an on-premises application to Azure. One component of the application is a legacy Windows native executable that performs image processing. The image processing application must run every hour. During times that the image processing application is not running, it should not be consuming any Azure compute resources. You need to ensure that the image processing application runs correctly every hour.
Solution: Create a Logic App to run the image processing application every hour.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
NEW QUESTION 126
You manage on-premises networks and Azure virtual networks. You need a secure private connection between the on-premises networks and the Azure virtual networks. The connection must offer a redundant pair of cross connections to provide high availability. What should you recommend?
A. ExpressRoute
B. Azure Load Balancer
C. virtual network peering
D. VPN Gateway
Answer: A
NEW QUESTION 127
You use a virtual network to extend an on-premises IT environment into the cloud. The virtual network has two virtual machines (VMs) that store sensitive data. The data must only be available using internal communication channels. Internet access to those VMs is not permitted. You need to ensure that the VMs cannot access the Internet. Which two options should you recommend? (Each correct answer presents a complete solution. Choose two.)
A. Network Interface (NIC)
B. Source Network Address Translation (SNAT)
C. Azure ExpressRoute
D. Network Security Groups (NSG)
Answer: CD
NEW QUESTION 128
Your company plans to migrate its on-premises data to Azure. You need to recommend which Azure services can be used to store the data. The solution must meet the following requirements:
– Encrypt all data while at rest.
– Encrypt data only by using a key generated by the company.
Which two possible services can you recommend? (Each correct answer presents a complete solution. Choose two.)
A. Azure Table storage
B. Azure Backup
C. Azure Blob storage
D. Azure Queue storage
E. Azure Files
Answer: CE
Explanation:
https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption-customer-managed-keys
NEW QUESTION 129
You architect a solution that calculates 3D geometry from height-map data. You have the following requirements:
– Perform calculations in Azure.
– Each node must communicate data to every other node.
– Maximize the number of nodes to calculate multiple scenes as fast as possible.
– Require the least amount of effort to implement.
You need to recommend a solution. Which two actions should you recommend? (Each correct answer presents part of the solution. Choose two.)
A. Create a render farm that uses Azure Batch.
B. Enable parallel file systems on Azure.
C. Enable parallel task execution on compute nodes.
D. Create a render farm that uses virtual machine (VM) scale sets.
E. Create a render farm that uses virtual machines (VMs).
Answer: AC
NEW QUESTION 130
Hotspot
You have an Azure App Service Web App that includes Azure Blob storage and an Azure SQL Database instance. The application is instrumented by using the Application Insights SDK. You need to design a monitoring solution for the web app. Which Azure monitoring services should you use? (To answer, select the appropriate Azure monitoring services in the answer area.)
Answer:
NEW QUESTION 131
Drag and Drop
An organization has an on-premises server that runs Windows Server 2003. The server hosts an IIS- based stateless web application that uses forms authentication. The application consists of classic Active Server Pages (ASP) pages and third-party components (DLLs) that are registered in the Windows registry. The deployment process for the web application is manual and is prone to errors. The deployment process makes it difficult to roll out updates, scale out, and recover after failures. You need to design a modernization approach for the web application that meets the following requirements:
– Improve the deployment process.
– Ensure that the application can run in the cloud.
– Minimize changes to application code.
– Minimize administrative effort required to implement the modernization solution.
What should you recommend? (To answer, drag the appropriate actions to the correct approaches. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
NEW QUESTION 132
A company deploys Azure Active Directory (Azure AD) Connect to synchronize identity information from their on-premises Active Directory Domain Services (AD DS) directory to their Azure AD tenant. The identity information that is synchronized includes user accounts , credential hashes for authentication (password sync), and group membership. The company plans to deploy several Windows and Linux virtual machines (VMs) to support their applications. The VMs have the following requirements:
– Support domain join, LDAP read, LDAP bind, NTLM and Kerberos authentication, and Group Policy.
– Allow users to sign in to the domain using their corporate credentials and connect remotely to the VM by using Remote Desktop.
You need to support the VM deployment. Which service should you use?
A. Azure AD Domain Services
B. Azure AD Privileged Identity Management
C. Azure AD Managed Service Identity
D. Active Directory Federation Services (AD FS)
Answer: A
Explanation:
Azure AD Domain Services provides managed domain services such as domain join, group policy, LDAP, Kerberos/NTLM authentication that are fully compatible with Windows Server Active Directory.
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-overview
NEW QUESTION 133
A company has custom ASP.NET and Java applications that run old versions of Windows and Linux. The company plans to place applications in containers. You need to design a solution that includes networking, service discovery, and load balancing for the applications. The solution must support storage orchestration.
Solution: You create an Azure virtual network, public IP address, and load balancer. Then add virtual machines (VMs) to the solution and deploy individual containers on them.
Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Instead you should deploy each application to an Azure Container instance.
https://docs.microsoft.com/en-us/dotnet/standard/modernize-with-azure-and-containers/modernize-existing-apps-to-cloud-optimized/deploy-existing-net-apps-as-windows-containers
NEW QUESTION 134
A company has custom ASP.NET and Java applications that run old versions of Windows and Linux. The company plans to place applications in containers. You need to design a solution that includes networking, service discovery, and load balancing for the applications. The solution must support storage orchestration.
Solution: You deploy each application to an Azure Container instance.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
Explanation:
Docker Containers are the global standard and are natively supported in Azure, offering enterprises an interesting and flexible way to migrate legacy apps for both future proofing and cost benefits. Containers are modular and portable. Docker containers are supported on any server operating system (Linux and Windows), in any major public cloud (Microsoft Azure, Amazon AWS, Google, IBM), and in on-premises and private or hybrid cloud environments.
https://docs.microsoft.com/en-us/dotnet/standard/modernize-with-azure-and-containers/modernize-existing-apps-to-cloud-optimized/deploy-existing-net-apps-as-windows-containers
NEW QUESTION 135
Drag and Drop
You manage a solution in Azure. The solution is performing poorly. You need to recommend tools to determine causes for the performance issues. What should you recommend? (To answer, drag the appropriate monitoring solutions to the correct scenarios. Each monitoring solution may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Explanation:
Box 1: Metrics in Azure Monitor are stored in a time-series database which is optimized for analyzing time-stamped data. This makes metrics particularly suited for alerting and fast detection of issues.
Box 2: Log data collected by Azure Monitor is stored in a Log Analytics workspace, which is based on Azure Data Explorer. Logs in Azure Monitor are especially useful for performing complex analysis across data from a variety of sources.
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-platform
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-platform-logs
NEW QUESTION 136
Hotspot
You manage a network that includes an on-premises Active Directory Domain Services domain and an Azure Active Directory (Azure AD). Employees are requires to use different accounts when using on-premises or cloud resources. You must recommend a solution that lets employees sign in to all company resources by using a single account. The solution must implement an identity provider. You need provide guidance on the different identity providers. How should you describe each identity provider? (To answer, select the appropriate description from each list in the answer area.)
Answer:
Explanation:
Box1: User management occurs on-premises. Azure AD authenticates employees by using on-premises passwords.
Box 2: User management occurs on-premises. The on-promises domain controller authenticates employee credentials. You can federate your on-premises environment with Azure AD and use this federation for authentication and authorization. This sign-in method ensures that all user authentication occurs on-premises.
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-overview
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-fed
NEW QUESTION 137
You manage a solution in Azure. You must collect usage data including MAC addresses from all devices on the network. You need to recommend a monitoring solution. What should you recommend?
A. Activity Log Analytics
B. Azure Network Security Group Analytics
C. Network Performance Monitor
D. Azure Application Gateway Analytics
E. Azure Wire Data
Answer: B
Explanation:
A network security group (NSG) includes rules that allow or deny traffic to a virtual network subnet, network interface, or both. When you enable diagnostic logging for an NSG, you can log the following categories of information:
– Event: Entries are logged for which NSG rules are applied to VMs, based on MAC address. The status for these rules is collected every 60 seconds.
– Rule counter: Contains entries for how many times each NSG rule is applied to deny or allow traffic.
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-nsg-manage-log
NEW QUESTION 138
A partner manages on-premises and Azure environments. The partner deploys an on-premises solution that needs to use Azure services. The partner deploys a virtual appliance. All network traffic that is directed to a specific subnet must flow through the virtual appliance. You need to recommend solutions to manage network traffic. Which two options should you recommend? (Each correct answer presents a complete solution. Choose two.)
A. Configure Azure Traffic Manager
B. Implement an Azure virtual network
C. Configure a routing table with forced tunneling
D. Implement Azure ExpressRoute
Answer: CD
Explanation:
C: Forced tunneling lets you redirect or “force” all Internet-bound traffic back to your on-premises location via a Site-to-Site VPN tunnel for inspection and auditing. This is a critical security requirement for most enterprise IT policies. Without forced tunneling, Internet-bound traffic from your VMs in Azure always traverses from Azure network infrastructure directly out to the Internet, without the option to allow you to inspect or audit the traffic. Forced tunneling in Azure is configured via virtual network user-defined routes.
D: ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure, Office 365, and Dynamics 365. Connectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual cross-connection through a connectivity provider at a co- location facility. ExpressRoute connections do not go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, lower latencies, and higher security than typical connections over the Internet.
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction
NEW QUESTION 139
……
Download the newest PassLeader AZ-301 dumps from passleader.com now! 100% Pass Guarantee!
AZ-301 PDF dumps & AZ-301 VCE dumps: https://www.passleader.com/az-301.html (140 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!)
P.S. New AZ-301 dumps PDF: https://drive.google.com/open?id=1ah1U5ZfTQkd7hMRDhnN0gFL7q8qMqtUl
P.S. New AZ-300 dumps PDF: https://drive.google.com/open?id=1f0aRTfxMz2rxKc4dy3CZjxKse4HWA3rQ
P.S. New AZ-302 dumps PDF: https://drive.google.com/open?id=11UyQ8nIk7dNcGLzvzsxJpAqqMkTkctZw