The latest Microsoft AZ-303 Microsoft Azure Architect Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-303 Microsoft Azure Architect Technologies exam and earn Microsoft AZ-303 Microsoft Azure Architect Technologies certification.
Exam Question 61
You need to recommend an identity solution that meets the technical requirements.
What should you recommend?
A. password hash synchronization and single sign-on (SSO)
B. federated single sign-on (SSO) and Active Directory Federation Services (AD FS)
C. Pass-thorough Authentication and single sign-on (SSO)
D. cloud-only user accounts
Correct Answer:
C. Pass-thorough Authentication and single sign-on (SSO)
Answer Description:
With Pass-through Authentication the on-premises passwords are never stored in the cloud in any form.
Scenario:
– Prevent user passwords or hashes of passwords from being stored in Azure.
– Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity.
– Minimize administrative effort whenever possible.
Question Set 1: Implement Solutions for Apps
Exam Question 62
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other identity Governance settings are available.
Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles.
You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You create an access package.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
You do not use access packages for Identity Governance. Instead use Azure AD Privileged Identity Management.
Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about. Key features of PIM include:
Conduct access reviews to ensure users still need roles
Exam Question 63
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other identity Governance settings are available.
Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles.
You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You purchase an Azure Directory Premium P2 license for contoso.com.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
Instead use Azure AD Privileged Identity Management.
Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about. Key features of PIM include: Conduct access reviews to ensure users still need roles
Exam Question 64
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other identity Governance settings are available.
Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles.
You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You assign the Global administrator role to Admin1.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
Instead use Azure AD Privileged Identity Management.
Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about. Key features of PIM include: Conduct access reviews to ensure users still need roles
Exam Question 65
Your network contains an on-premises Active Directory domain named contoso.com that contains a member server named Server1.
You have the accounts shown in the following table.
Your network contains an on-premises Active Directory domain named contoso.com that contains a member server named Server1.
You are installing Azure AD Connect on Server1.
You need to specify the account for Azure AD Connect synchronization. The solution must use the principle of least privilege.
Which account should you specify?
A. CONTOSO\User2
B. SERVER1\User4
C. CONTOSO\User1
D. CONTOSO\User3
Correct Answer:
A. CONTOSO\User2
Answer Description:
The default Domain User permissions are sufficient
Exam Question 66
You have a server named Server1 that runs Windows Server 2019. Server1 is a container host.
You are creating a Dockerfile to build a container image.
You need to add a file named File1.txt from Server1 to a folder named C:\Folder1 in the container image.
Solution: You add the following line to the Dockerfile.
COPY File1.txt /Folder1/
You then build the container image.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
A. Yes
Answer Description:
Copy is the correct command to copy a file to the container image.
Exam Question 67
You have a server named Server1 that runs Windows Server 2019. Server1 is a container host.
You are creating a Dockerfile to build a container image.
You need to add a file named File1.txt from Server1 to a folder named C:\Folder1 in the container image.
Solution: You add the following line to the Dockerfile.
XCOPY File1.txt C:\Folder1\
You then build the container image.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
Copy is the correct command to copy a file to the container image. Furthermore, the root directory is specified as ‘/’ and not as ‘C:/’.
Exam Question 68
You have a server named Server1 that runs Windows Server 2019. Server1 is a container host.
You are creating a Dockerfile to build a container image.
You need to add a file named File1.txt from Server1 to a folder named C:\Folder1 in the container image.
Solution: You add the following line to the Dockerfile.
ADD File1.txt C:/Folder1/
You then build the container image.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
Copy is the correct command to copy a file to the container image. The ADD command can also be used. However, the root directory is specified as ‘/’ and not as ‘C:/’.
Exam Question 69
You have a server named Server1 that runs Windows Server 2019. Server1 is a container host.
You are creating a Dockerfile to build a container image.
You need to add a file named File1.txt from Server1 to a folder named C:\Folder1 in the container image.
Solution: You add the following line to the Dockerfile.
Copy-Item File1.txt C:\Folder1\File1.txt
You then build the container image.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
Copy is the correct command to copy a file to the container image.
Exam Question 70
You have the Azure virtual networks shown in the following table.
You have the Azure virtual networks shown in the following table.
All the virtual networks are peered.
You have the virtual machines shown in the following table.
You have the virtual machines shown in the following table.
You deploy an Azure bastion named Bastion1 to VNET1.
To which virtual machines can you connect by using Bastion1?
A. VM1 only
B. VM1 and VM2 only
C. VM2 and VM3 only
D. VM1, VM2, and VM3
Correct Answer:
A. VM1 only
Answer Description:
Connect to a VM through Azure Bastion.
When you click on Connect in an Azure VM, you have an additional option called Bastion. In order to get this option, the Azure VM must belong to the same virtual network as the Azure Bastion.