Skip to Content

AZ-303 Microsoft Azure Architect Technologies Exam Questions and Answers – Page 1

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

The latest Microsoft AZ-303 Microsoft Azure Architect Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-303 Microsoft Azure Architect Technologies exam and earn Microsoft AZ-303 Microsoft Azure Architect Technologies certification.

AZ-303 Microsoft Azure Architect Technologies Exam Questions and Answers

AZ-303 Microsoft Azure Architect Technologies Exam Questions and Answers

Exam Question 91

You are creating a new alert to monitor the CPU percentage of an Azure App Service Plan.
You configure the frequency of evaluation for this alert to every minute. You also configure the action group shown in the exhibit.

You need to determine the maximum number of alerts the action group will receive if this alert condition is enabled for one hour.
How many emails and SMS messages will this group receive? To answer, select the appropriate options from the drop-down menus.

Email:

  • 6
  • 12
  • 60
  • 120

SMS:

  • 6
  • 12
  • 60
  • 120

Correct Answer:
Email: 60
SMS: 12
Answer Description:
The group should receive a maximum of 60 emails an hour. They should receive an email every minute when this alert condition is enabled for one hour. To ensure that alerts are manageable, email notifications have a rate limit of 100 messages per email per hour.
The group should receive a maximum of 12 SMS messages an hour. This type of notification has a rate limit of one message every 5 minutes, and so they should receive an SMS every five minutes. In one hour, they can receive no more than 12 SMS messages.
The group should not receive a maximum of 6 emails or SMS messages an hour. This alert condition is enabled for an hour, and the frequency of evaluation for this alert happens every minute. Since the rate limit of this action group is not reached, the group should receive 60 alerts.
The group should not receive a maximum of 120 emails or SMS messages an hour. They should receive 60 alerts for an hour in this action group using only this alert. It is also greater than the email notifications rate limit of 100 messages per email per hour.
References:
Microsoft Docs > Rate limiting for Voice, SMS, emails, Azure App push notifications and webhook posts
Microsoft Docs > Create, view, and manage metric alerts using Azure Monitor

Exam Question 92

You implement monitoring for Linux Virtual Machines (VMs) in your company’s Azure subscription.
Your company needs to monitor performance counters on these VMs in Azure Monitor Metrics.
You need to implement an agent to meet the requirements.
Which agent should you implement?

A. Telegraf agent
B. Diagnostics extension
C. Log Analytics agent
D. Dependency agent
Correct Answer:
A. Telegraf agent
Answer Description:
You should implement the Telegraf agent. You can use this agent to collect performance counter data from Linux VMs and send it to Azure Monitor Metrics.
You should not implement the Diagnostics extension. You can use this agent to collect performance counter data from Linux VMs. However, you can only send the data to Azure Storage for archiving or to Azure Event Hub. For Windows VMs, you can use this agent to collect performance counters and send them to Azure Monitor Metrics.
You should not implement the Log Analytics agent. You can use this agent to collect performance counter data from Linux VMs. However, you can only send the data to a Log Analytics workspace.
You should not implement the Dependency agent. You can use this agent to discover network dependencies between running processes and external process dependencies. This agent also requires the Log Analytics agent.
References:
Microsoft Docs > Overview of Azure Monitor agents

Exam Question 93

You manage an Azure subscription with resources that are provisioned across multiple Azure regions.
An incident caused by an outage in one Azure region impacts multiple resources in your subscription.
You need to recommend a solution to alert you proactively when an outage affects your resources.
What should you recommend?

A. Azure Resource Health
B. Azure status page
C. Azure Service Health alert
D. Azure Advisor
Correct Answer:
C. Azure Service Health alert
Answer Description:
You should recommend an Azure Service Health alert. This allows you to be notified about service issues in an Azure region that may affect you. You can also create alerts for Azure planned maintenance.
You should not recommend the Azure status page. This page gives a global overview of Azure Service Health and current events, but it does not proactively notify you of a regional outage.
You should not recommend Azure Advisor. Azure Advisor gives you personalized recommendations about high availability, security, performance, and cost in your Azure subscription. Azure Advisor does not notify about service outages, but it can advise you to create a Service Health alert.
You should not recommend Azure Resource Health. You can use Azure Resource Health to diagnose the health of a given resource and to identify which resources are affected by a service outage. It is not a good solution to monitor Azure region outages because you need to check each resource individually.
References:
Microsoft Docs > What is Azure Service Health?
Microsoft Docs > Create activity log alerts on service notifications using the Azure portal
Microsoft Docs > Azure status overview
Microsoft Docs > Introduction to Azure Advisor
Microsoft Docs > Resource Health overview

Exam Question 94

You are planning to implement Azure Monitor for VMs in your Azure subscription.
Your subscription has the Azure Virtual Machines (VMs) shown in the exhibit.

Virtual Machine Name Operating system Region
vm1 Windows Server 2016 East US
vm2 Ubuntu 18.04 West US
vm3 Windows Server 2019 Central US
vm4 Windows Server 2008 R2 Central US

You also provision a Log Analytics workspace named vmMonitorWorkspace in the Central US region.
You need to evaluate which Azure VMs meet the prerequisites to implement Azure Monitor for VMs with vmMonitorWorkspace and decide which agents you should install on these Azure VMs.
How should you evaluate the requirements? To answer, select the appropriate options from the drop-down menus.

Azure VMs that meet the prerequisites:

  • vm1, and vm3 only
  • vm1, vm2, vm3, and vm4
  • vm1, vm3, and vm4 only
  • vm3 and vm4 only

Required agents:

  • Diagnostics extension and Dependency agent
  • Diagnostics extension and Log Analytics agent
  • Log Analytics and Dependency agent

Correct Answer:
Azure VMs that meet the prerequisites: vm1, vm2, vm3, and vm4
Required agents: Log Analytics and Dependency agent
Answer Description:
The Azure VMs that meet the prerequisites are vm1, vm2, vm3, and vm4. The Azure VMs meet the operating system requirements to use Azure Monitor for VMs. You can also use Azure Monitor for VMs with VMs provisioned in any region, even with on-premises VMs, as long the Log Analytics workspace is provisioned in a supported region.
The required agents installed on the Azure VMs are the Log Analytics and the Dependency agents. You need to deploy both agents on the Azure VMs to use Azure Monitor for VMs. The Log Analytics agent collects performance data and other metrics from Linux and Windows VMs and sends the data to a Log Analytics workspace. The Dependency agent discovers network dependencies between running processes and external process dependencies.
You should not deploy the Diagnostics extension. You can use this extension to collect performance counters data and other metrics from Linux and Windows VMs and send the data to Azure Storage for archiving or to Azure Event Hub. For Windows VMs, you can use this extension to send data to Azure Monitor Metrics. Azure Monitor for VMs requires you to send data to a Log Analytics workspace, which can be done by using the Log Analytics agent.
References:
Microsoft Docs > What is Azure Monitor for VMs?
Microsoft Docs > Enable Azure Monitor for VMs overview
Microsoft Docs > Overview of Azure Monitor agents

Exam Question 95

You manage an Azure subscription that contains multiple Azure Virtual Machines (VMs). You enable diagnostics settings on all Azure VMs and configure a Log Analytics workspace as the diagnostics destination.
Your company asks you to generate a security report to:
1. Identify which users deleted Azure VMs up to four weeks ago.
2. List security events on Azure VMs that run Windows Server 2016.
You need to implement the security report.
What should you use?

Identify which users deleted Azure VMs up to four weeks ago:

  • Activity log
  • Log Analytics query
  • Azure Monitor Metrics
  • Service Health

List security events in Azure VMs running Windows Server 2016:

  • Activity log
  • Log Analytics query
  • Azure Monitor Metrics
  • Service Health

Correct Answer:
Identify which users deleted Azure VMs up to four weeks ago: Activity log
List security events in Azure VMs running Windows Server 2016: Log Analytics query
Answer Description:
You should use the Activity log to identify which users deleted Azure VMs up to four weeks ago. Activity logs provide insight into operations that were performed on resources in your Azure subscription, enabling you to determine which user deleted a VM and other actions. Azure stores Activity logs by default for 90 days. For longer retention, you can archive the Activity logs in a Storage account or send them to a Log Analytics workspace.
You should use a Log Analytics query to list security events on Azure VMs that run Windows Server 2016. Azure Monitor collects logs from a variety of sources, consolidating the data in a Log Analytics workspace, including security events collected by diagnostics settings on all Azure VMs. You can use a Log Analytics query to select these security events and filter them for VMs running Windows Server 2016.
You should not use Azure Monitor Metrics. You can use metrics to monitor particular aspects of a resource, like CPU usage, disk operations per second, and network usage for an Azure VM. Metrics are represented by a numerical value over time.
You should not use Service Health. You can use Service Health to monitor the health of Azure services in a region and be notified about ongoing service issues, planned maintenance, or region outages.
References:
Microsoft Docs > Azure Activity log
Microsoft Docs > Azure security logging and auditing
Microsoft Docs > Metrics in Azure Monitor
Microsoft Docs > Get started with log queries in Azure Monitor
Microsoft Docs > Service Health overview

Exam Question 96

You are the Azure administrator for an online personal training company. You create a blob storage account to store training videos. Only you should be able to manage the storage account.
The storage account has a container that personal trainers use to upload their videos. Only personal trainers that your company approves should be able to upload video files.
Choose all that apply:

A. You should create a shared access signature.
B. You should set the access level of the blob container to Public.
C. You should share the storage account key with the personal trainers.
Correct Answer:
A. You should create a shared access signature.
Answer Description:
You should create a shared access signature. This is a URI that contains access rights to an Azure resource.
You should not set the access level of the blob container to Public. This allows anyone to access the container, including anonymous users. You should instead set the access level to Private. By doing this and giving out the shared access signature, you can control who has access to the blob container.
You should not share the storage account key with the personal trainers. This allows the personal trainers to manage the storage account, including the ability to delete other trainers’ videos.
References:
Microsoft Docs > Grant limited access to Azure Storage resources using shared access signatures (SAS)

Exam Question 97

A blob associated with an Azure Blob storage account contains data that is accessed several times per day.
You plan to add a new blob to the Blob storage account. The data in the new blob will be viewed infrequently but must be available immediately when accessed.
You must configure the storage tier for the new blob. The solution must minimize storage costs.
What should you do?

A. Set the default storage tier for the account to Cool.
B. Set the default storage tier for the account to Hot.
C. Set the storage tier for the new blob to Archive.
D. Set the storage tier for the new blob to Cool.
Correct Answer:
D. Set the storage tier for the new blob to Cool.
Answer Description:
You should set the storage tier for the new blob to Cool. Cool storage is intended for data that is accessed infrequently and stored for 30 days or more. Cool storage has a similar time-to-access as Hot data. Although it has a slightly lower availability compared to Hot data, storage costs are lower.
You should not set the storage tier for the new blob to Archive. Although Archive storage is the least expensive, it also has several hours of retrieval latency.
You should not set the default storage tier for the account to Hot. Only the original blob in the storage account is accessed frequently. If the tier for the account is set to Hot, this applies to the new blob as well.
You should not set the default storage tier for the account to Cool. This is appropriate only for the new blob. If the tier for the account is set to Cool, this applies to the original blob as well.
References:
Microsoft Docs > Azure Blob storage: hot, cool, and archive access tiers

Exam Question 98

You are a Cloud Solutions Architect for a mobile application development company. The company has worldwide users that consistently require high performance.
You now want to drop the dependency on physical datacenter storage. You plan to create a new storage solution for the company that uses Azure Storage for disaster recovery, high availability, and performance.
Choose all that apply:

A. You should use Premium Storage for global replication.
B. If your app needs a lower recovery time objective (RTO), you should use a second regional deployment.
C. You can use HTTP and HTTPS to authorize blob and queue operations with an OAuth token.
Correct Answer:
B. If your app needs a lower recovery time objective (RTO), you should use a second regional deployment.
Answer Description:
You should not use Premium Storage for global replication. Premium Storage is available only for locally redundant storage (LRS) replication. Also, Premium Storage is not available for all regions.
Recovery time objective (RTO) is the maximum acceptable time that an application can be unavailable after an incident. For example, if your RTO is 50 minutes, you can restore the application to a running state within 50 minutes after the start of an incident. However, if you have a very low RTO, you might keep a second regional deployment continually running an active/passive configuration on standby to protect against a regional outage.
You cannot authorize the Azure Storage from HTTP. To authorize blob and queue operations with an OAuth token, you must use HTTPS.
References:
Microsoft Docs > Azure Storage redundancy
Microsoft Docs > Run PowerShell commands with Azure AD credentials to access blob or queue data

Exam Question 99

You are determining which type of Azure storage replication is appropriate for your storage account.
You must consider the features of each replication option and choose the most appropriate which is the most appropriate: locally-redundant storage (LRS), zone-redundant storage (ZRS), geo-redundant storage (GRS), or read-access geo-redundant storage (RA-GRS).
Which replication options should you use to provide the features listed in the answer area?

Protects against hardware failures, but not against region-wide unavailability:

  • LRS
  • GRS
  • RA-GRS
  • ZRS

Can be used with premium performance storage accounts:

  • LRS
  • GRS
  • RA-GRS
  • ZRS

Provides default replication for Azure storage accounts:

  • LRS
  • GRS
  • RA-GRS
  • ZRS

Correct Answer:
Protects against hardware failures, but not against region-wide unavailability: LRS
Can be used with premium performance storage accounts: LRS
Provides default replication for Azure storage accounts: RA-GRS
Answer Description:
LRS maintains three copies of your data within a single datacenter in a single region. This type of replication does not protect your data from the failure of a single data center or region, but it protects you from hardware failures.
Premium storage supports only LRS as storage redundancy.
RA-GRS replicates your data to another datacenter in a secondary region and provides read-only access to the data in the secondary location. This replication option is the default option for new storage accounts.
References:
Microsoft Docs > Azure Storage redundancy
Microsoft Docs > Storage account overview

Exam Question 100

You create an Azure storage account that is used to store financial records. These records are accessed frequently. In the event of a datacenter outage, you want to ensure that the records are easily accessible, even if they cannot be modified. All applications use REST APIs to access the financial records.
You need to choose the most appropriate, least expensive configuration.
How should you configure the storage account? To answer, select the appropriate configurations from the drop-down menus.

Which access tier should you use:

  • Hot
  • Cool

Which replication strategy should you use?

  • LRS
  • GRS
  • RA-GRS

Which performance tier should you use?

  • Standard
  • Premium

Correct Answer:
Which access tier should you use: Hot
Which replication strategy should you use? RA-GRS
Which performance tier should you use? Standard
Answer Description:
You should use the Hot access tier. This tier is feasible for storage accounts that are accessed frequently.
You should use the RA-GRS replication strategy. With this strategy, if a failure occurs at a datacenter, data is replicated to another datacenter in another region, and it is available for read-only access.
You should use the Standard performance tier. This tier uses magnetic drives to store data at low cost.
You should not use the Cool access tier. This tier is feasible for storage accounts that are not accessed frequently.
You should not use LRS. This replication strategy only copies data within a datacenter. It is feasible for scenarios such as power supply failure or disk failure.
You should not use GRS. This replication strategy copies data to other regions. However, the data is not available to be read unless Microsoft initiates a failover to that region.
You should not use the Premium performance tier. This tier uses solid state drives at a higher cost. These storage accounts can only be used with virtual machine (VM) disks.
References:
Microsoft Docs > Azure Storage redundancy
Microsoft Docs > Azure Blob storage: hot, cool, and archive access tiers