AZ-303 Microsoft Azure Architect Technologies Exam Questions and Answers

The latest Microsoft AZ-303 Microsoft Azure Architect Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-303 Microsoft Azure Architect Technologies exam and earn Microsoft AZ-303 Microsoft Azure Architect Technologies certification.

AZ-303 Microsoft Azure Architect Technologies Exam Questions and Answers
AZ-303 Microsoft Azure Architect Technologies Exam Questions and Answers

Question 41: You have SQL Server on an Azure virtual machine named SQL1.
You need to automate the backup of the databases on SQL1 by using Automated Backup v2 for the virtual machines. The backups must meet the following requirements:

  • Meet a recovery point objective (RPO) of 15 minutes.
  • Retain the backups for 30 days.
  • Encrypt the backups at rest.

What should you provision as part of the backup solution?
A. Elastic Database jobs
B. Azure Key Vault
C. an Azure Storage account
D. a Recovery Services vault

Question 42: You have an Azure subscription that contains an Azure key vault named KeyVault1 and the virtual machines shown in the following table.

You have an Azure subscription that contains an Azure key vault named KeyVault1 and the virtual machines shown in the following table.
You have an Azure subscription that contains an Azure key vault named KeyVault1 and the virtual machines shown in the following table.

KeyVault1 has an access policy that provides several users with Create Key permissions.
You need to ensure that the users can only register secrets in KeyVault1 from VM1.
What should you do?
A. Create a network security group (NSG) that is linked to Subnet1.
B. Configure the Firewall and virtual networks settings for KeyVault1.
C. Modify the access policy for KeyVault1.
D. Configure KeyVault1 to use a hardware security module (HSM).

Question 43: You have resources in three Azure regions. Each region contains two virtual machines. Each virtual machine has a public IP address assigned to its network interface and a locally installed application named App1.
You plan to implement Azure Front Door-based load balancing across all the virtual machines.
You need to ensure that App1 on the virtual machines will only accept traffic routed from Azure Front Door.
What should you implement?
A. Azure Private Link
B. service endpoints
C. network security groups (NSGs) with service tags
D. network security groups (NSGs) with application security groups

Question 44: You have an Azure key vault named KV1.
You need to ensure that applications can use KV1 to provision certificates automatically from an external certification authority (CA).
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. From KV1, create a certificate issuer resource.
B. Obtain the CA account credentials.
C. Obtain the root CA certificate.
D. From KV1, create a certificate signing request (CSR).
E. From KV1, create a private key.

Question 45: You create the following Azure role definition.

You create the following Azure role definition.
You create the following Azure role definition.

You need to create Role1 by using the role definition.
Which two values should you modify before you create Role1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. AssignableScopes
B. Description
C. DataActions
D. IsCustom
E. Id

Question 46: You are implementing authentication for applications in your company. You plan to implement self-service password reset (SSPR) and multifactor authentication (MFA) in Azure Active Directory (Azure AD).
You need to select authentication mechanisms that can be used for both MFA and SSPR.
Which two authentication methods should you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Authenticator app
B. Email addresses
C. App passwords
D. Short Message Service (SMS) messages
E. Security questions

Question 47: Your company has the groups shown in the following table.

Your company has the groups shown in the following table.
Your company has the groups shown in the following table.

The company has an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.
An administrator named Admin1 attempts to enable Enterprise State Roaming for all the users in the Managers groups.
Admin1 reports that the options for Enterprise State Roaming are unavailable from Azure AD.
You verify that Admin1 is assigned the Global administrator role.
You need to ensure that Admin1 can enable Enterprise State Roaming.
What should you do?
A. Assign an Azure AD Privileged Identity Management (PIM) role to Admin1.
B. Purchase an Azure Rights Management (Azure RMS) license for each user in the Managers group.
C. Enforce Azure Multi-Factor Authentication (MFA) for Admin1.
D. Purchase an Azure AD Premium P1 license for each user in the Managers group.

Question 48: You create the Azure resources shown in the following table.

You create the Azure resources shown in the following table.
You create the Azure resources shown in the following table.

You attempt to add a role assignment to a resource group as shown in the following exhibit.

You attempt to add a role assignment to a resource group as shown in the following exhibit.
You attempt to add a role assignment to a resource group as shown in the following exhibit.

What should you do to ensure that you can assign VM2 the Reader role for the resource group?
A. Configure just in time (JIT) VM access on VM2.
B. Configure Access control (IAM) on VM2.
C. Assign a managed identity to VM2.
D. Modify the Reader role at the subscription level.

Question 49: You have Azure virtual machines deployed to three Azure regions. Each region contains a single virtual network that has four virtual machines on the same subnet. Each virtual machine runs an application named App1. App1 is accessible by using HTTPS. Currently, the virtual machines are inaccessible from the internet.
You need to use Azure Front Door to load balance requests for App1 across all the virtual machines.
Which additional Azure service should you provision?
A. Azure Traffic Manager
B. an internal Azure Load Balancer
C. a public Azure Load Balancer
D. Azure Private Link

Question 50: You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table.

The virtual machines are configured as shown in the following table.
The virtual machines are configured as shown in the following table.

You need to ensure that all critical and security updates are applied to each virtual machine every month.
What is the minimum number of update deployments you should create?
A. 4
B. 6
C. 2
D. 1

Keyword: AZ-303 Free Exam Dumps, AZ-303 Exam Questions, AZ-303 Exam Dumps, AZ-303 Braindumps, AZ-303 Real Questions, AZ-303 Practice Test, AZ-303 Practice Exam, AZ-303 Free Test, AZ-303 Free Questions, AZ-303 Real Exam Questions and Answers, AZ-303 VCE Dumps, AZ-303 ETE Dumps, AZ-303 PDF Dumps, and AZ-303 Study Guide.

Published by Julie Robert

, passionate about technology, Windows, and everything that has a power button, I spent most of the time to develop new skills and learning more about the tech world because I derive great satisfaction from helping readers eliminate technological headaches that plague their day-to-day lives.