Microsoft Azure

Designing Microsoft Azure Infrastructure Solutions

AZ-305

Popular

Prepare for the AZ-305 exam to validate your skills in designing Azure infrastructure solutions.

144 questions 0 views Free

Start Mock Test Timed · Full-length · Scored

A company needs to store sensitive customer data securely. Which Azure service should they select for encryption at rest?

A Azure Blob Storage
B Azure SQL Database
C Azure Key Vault
D Azure Storage Account

Explanation Azure Key Vault is designed to manage sensitive keys and secrets, including encryption keys. Blob Storage and SQL Database can encrypt data but rely on Key Vault for key management, while Storage Account is too broad and non-specific.

Q92

You are configuring Azure Virtual Network peering between two regions. What is a limitation of this configuration?

A Traffic is not encrypted
B No access to private IPs
C Transitive routing not supported
D Differences in availability zones

Explanation Azure Virtual Network peering does not support transitive routing, meaning traffic must be routed explicitly. The other options describe aspects that do not apply to VNet peering.

Q93

What happens when you assign a role to a user but do not grant any permissions for that role in Azure?

A User retains existing permissions
B User gets denied access
C User can perform at will
D User's permissions are overridden

Explanation If a role has no permissions assigned, the user retains their existing permissions potentially from other roles or access. Denying access would require explicit configuration, while others are incorrect because assignments with no permissions don’t grant or override current access.

Q94

Which service is primarily used for deploying containerized applications in Azure?

A Azure Kubernetes Service (AKS)
B Azure Functions
C Azure App Service
D Azure Logic Apps

Explanation AKS is specifically designed for container orchestration, while the others are not.

Q95

A company needs to securely connect on-premises networks to Azure. Which service should they use?

A Azure Site Recovery
B Azure Virtual Network Gateway
C Azure Front Door
D Azure Application Gateway

Explanation Azure Virtual Network Gateway provides the VPN capabilities needed for secure connections.

Q96

What happens when an Azure Blob storage container is set to public access?

A Files are auto-deleted after 30 days
B Anyone can view and download files
C Access is granted to Azure AD users only
D Storage costs decrease significantly

Explanation Public access means files can be accessed by anyone with the link, while the other options are incorrect or misleading.

Q97

Which service is used for managing Azure infrastructure as code?

A Azure DevOps
B Azure Resource Manager
C Azure Logic Apps
D Azure Functions

Explanation Azure Resource Manager allows for infrastructure deployment through templates; the others focus on different aspects of Azure services.

Q98

A company needs to deploy a web application with autoscaling and high availability. Which Azure service should they use?

A Azure App Service
B Azure Virtual Machines
C Azure Blob Storage
D Azure Functions

Explanation Azure App Service provides managed autoscaling and high availability; VMs need more manual setup and Blob Storage is for data storage, not hosting applications.

Q99

You are configuring Network Security Groups (NSGs). What happens when you apply multiple NSGs to a VM's subnet?

A Only the first NSG is applied
B All NSGs are merged
C NSGs are prioritized by creation timestamp
D The most restrictive rule is applied

Explanation When multiple NSGs are applied, Azure enforces the most restrictive rule; others inaccurately reflect how NSG processing works in Azure.

Q100

Which service provides serverless compute resources in Azure?

A Azure Functions
B Azure Virtual Machines
C Azure App Services
D Azure Kubernetes Service

Explanation Azure Functions offers event-driven, serverless compute capabilities, while the others are not serverless solutions.