The latest Microsoft AZ-303 Microsoft Azure Architect Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-303 Microsoft Azure Architect Technologies exam and earn Microsoft AZ-303 Microsoft Azure Architect Technologies certification.
Exam Question 21
You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image.
You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Upload a configuration script.
B. Create an Azure policy.
C. Modify the extensionProfile section of the Azure Resource Manager template.
D. Create a new virtual machine scale set in the Azure portal.
E. Create an automation account.
Correct Answer:
C. Modify the extensionProfile section of the Azure Resource Manager template.
D. Create a new virtual machine scale set in the Azure portal.
Answer Description:
Virtual Machine Scale Sets can be used with the Azure Desired State Configuration (DSC) extension handler. Virtual machine scale sets provide a way to deploy and manage large numbers of virtual machines, and can elastically scale in and out in response to load. DSC is used to configure the VMs as they come online so they are running the production software.
Exam Question 22
You have an Azure subscription.
You have an on-premises virtual machine named VM1. The settings for VM1 are shown in the exhibit. (Click the Exhibit tab.)
You have an on-premises virtual machine named VM1. The settings for VM1 are shown in the exhibit.
You need to ensure that you can use the disks attached to VM1 as a template for Azure virtual machines.
What should you modify on VM1?
A. the memory
B. Integration Services
C. the hard drive
D. the network adapters
Correct Answer:
C. the hard drive
Answer Description:
From the exhibit we see that the disk is in the VHDX format.
Before you upload a Windows virtual machines (VM) from on-premises to Microsoft Azure, you must prepare the virtual hard disk (VHD or VHDX). Azure supports only generation 1 VMs that are in the VHD file format and have a fixed sized disk. The maximum size allowed for the VHD is 1,023 GB. You can convert a generation 1 VM from the VHDX file system to VHD and from a dynamically expanding disk to fixed-sized.
Exam Question 23
Your company has an office in Seattle.
You have an Azure subscription that contains a virtual network named VNET1.
You create a site-to-site VPN between the Seattle office and VNET1.
VNET1 contains the subnets shown in the following table.
VNET1 contains the subnets shown in the following table.
You need to route all Internet-bound traffic from Subnet1 to the Seattle office.
What should you create?
A. a route for GatewaySubnet that uses the virtual network gateway as the next hop
B. a route for Subnet1 that uses the local network gateway as the next hop
C. a route for Subnet1 that uses the virtual network gateway as the next hop
D. a route for GatewaySubnet that uses the local network gateway as the next hop
Correct Answer:
C. a route for Subnet1 that uses the virtual network gateway as the next hop
Answer Description:
A route with the 0.0.0.0/0 address prefix instructs Azure how to route traffic destined for an IP address that is not within the address prefix of any other route in a subnet’s route table. When a subnet is created, Azure creates a default route to the 0.0.0.0/0 address prefix, with the Internet next hop type. We need to create a custom route in Azure to use a virtual network gateway in the Seattle office as the next hop.
Exam Question 24
You create an Azure virtual machine named VM1 in a resource group named RG1.
You discover that VM1 performs slower than expected.
You need to capture a network trace on VM1.
What should you do?
A. From the VM1 blade, configure Connection troubleshoot.
B. From Diagnostic settings for VM1, configure the performance counters to include network counters.
C. From the VM1 blade, install performance diagnostics and run advanced performance analysis.
D. From Diagnostic settings for VM1, configure the log level of the diagnostic agent.
Correct Answer:
C. From the VM1 blade, install performance diagnostics and run advanced performance analysis.
Answer Description:
The performance diagnostics tool helps you troubleshoot performance issues that can affect a Windows or Linux virtual machine (VM). Supported troubleshooting scenarios include quick checks on known issues and best practices, and complex problems that involve slow VM performance or high usage of CPU, disk space, or memory.
Advanced performance analysis, included in the performance diagnostics tool, includes all checks in the performance analysis, and collects one or more of the traces, as listed in the following sections. Use this scenario to troubleshoot complex issues that require additional traces. Running this scenario for longer periods will increase the overall size of diagnostics output, depending on the size of the VM and the trace options that are selected.
Exam Question 25
You have an Azure subscription named Subscription1 that contains an Azure virtual network named VNet1. VNet1 connects to your on-premises network by using Azure ExpressRoute.
You need to connect VNet1 to the on-premises network by using a site-to-site VPN. The solution must minimize cost.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Create a gateway subnet.
B. Create a VPN gateway that uses the VpnGw1 SKU.
C. Create a connection.
D. Create a local site VPN gateway.
E. Create a VPN gateway that uses the Basic SKU.
Correct Answer:
C. Create a connection.
D. Create a local site VPN gateway.
E. Create a VPN gateway that uses the Basic SKU.
Exam Question 26
A company plans to use third-party application software to perform complex data analysis processes. The software will use up to 500 identical virtual machines (VMs) based on an Azure Marketplace VM image.
You need to design the infrastructure for the third-party application server. The solution must meet the following requirements:
- The number of VMs that are running at any given point in time must change when the user workload changes.
- When a new version of the application is available in Azure Marketplace it must be deployed without causing application downtime.
- Use VM scale sets.
- Minimize the need for ongoing maintenance.
Which two technologies should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. single placement group
B. single storage account
C. managed disks
D. autoscale
Correct Answer:
C. managed disks
D. autoscale
Exam Question 27
You have a resource group named RG1 that contains the following:
- A virtual network that contains two subnets named Subnet1 and AzureFirewallSubnet
- An Azure Storage account named contososa1
- An Azure firewall deployed to AzureFirewallSubnet
You need to ensure that contososa1 is accessible from Subnet1 over the Azure backbone network.
What should you do?
A. Modify the Firewalls and virtual networks settings for contososa1.
B. Create a stored access policy for contososa1.
C. Implement a virtual network service endpoint.
D. Remove the Azure firewall.
Correct Answer:
C. Implement a virtual network service endpoint.
Answer Description:
Storage firewall rules apply to the public endpoint of a storage account. You don’t need any firewall access rules to allow traffic for private endpoints of a storage account. The process of approving the creation of a private endpoint grants implicit access to traffic from the subnet that hosts the private endpoint.
Note: Storage accounts have a public endpoint that is accessible through the internet. ou can also create Private Endpoints for your storage account, which assigns a private IP address from your VNet to the storage account, and secures all traffic between your VNet and the storage account over a private link. The Azure storage firewall provides access control access for the public endpoint of your storage account. You can also use the firewall to block all access through the public endpoint when using private endpoints. Your storage firewall configuration also enables select trusted Azure platform services to access the storage account securely.
Exam Question 28
You have an Active Directory forest named contoso.com.
You install and configure Azure AD Connect to use password hash synchronization as the single sign-on (SSO) method. Staging mode is enabled.
You review the synchronization results and discover that the Synchronization Service Manager does not display any sync jobs.
You need to ensure that the synchronization completes successfully.
What should you do?
A. Run Azure AD Connect and disable staging mode.
B. From Synchronization Service Manager, run a full import.
C. Run Azure AD Connect and set the SSO method to Pass-through Authentication.
D. From Azure PowerShell, run Start-AdSyncSyncCycle –PolicyType Initial.
Correct Answer:
A. Run Azure AD Connect and disable staging mode.
Answer Description:
In staging mode, the server is active for import and synchronization, but it does not run any exports. A server in staging mode is not running password sync or password writeback, even if you selected these features during installation. When you disable staging mode, the server starts exporting, enables password sync, and enables password writeback.
Exam Question 29
Your on-premises network contains 100 virtual machines that run Windows Server 2019.
You have an Azure subscription that contains an Azure Log Analytics workspace named Workspace1.
You need to collect errors from the Windows event logs on the virtual machines.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Create an Azure Event Grid domain.
B. Deploy the Microsoft Monitoring Agent.
C. Configure Windows Event Forwarding on the virtual machines.
D. Create an Azure Sentinel workspace.
E. Configure the Data Collection settings for Workspace1.
Correct Answer:
B. Deploy the Microsoft Monitoring Agent.
E. Configure the Data Collection settings for Workspace1.
Answer Description:
The Azure Log Analytics agent collects telemetry from Windows and Linux virtual machines in any cloud, on-premises machines, and those monitored by System Center Operations Manager and sends it collected data to your Log Analytics workspace in Azure Monitor.
Note: You may also see the Log Analytics agent referred to as the Microsoft Monitoring Agent (MMA) or OMS Linux agent.
Data is collected using the Log Analytics agent, which reads various security-related configurations and event logs from the machine and copies the data to your workspace for analysis.
Exam Question 30
You have an Azure subscription named Subscription1.
You deploy a Linux virtual machine named VM1 to Subscription1.
You need to monitor the metrics and the logs of VM1.
What should you use?
A. Azure HDInsight
B. Azure Analysis Services
C. Linux Diagnostic Extension (LAD) 3.0
D. the AzurePerformanceDiagnostics extension
Correct Answer:
D. the AzurePerformanceDiagnostics extension
Answer Description:
You can use extensions to configure diagnostics on your VMs to collect additional metric data. The basic host metrics are available, but to see more granular and VM-specific metrics, you need to install the Azure diagnostics extension on the VM. The Azure diagnostics extension allows additional monitoring and diagnostics data to be retrieved from the VM.