Free Access to Microsoft.AZ-304.v2022-10-14.q303 with Valid Practice Test (Page 42)

Question 201

Your company develops a web service that is deployed to at, Azure virtual machine named VM1 the web service allows an API to access real- time data from VM1. The current virtual machine deployment is shown in the Deployment exhibit. (Click the Deployment tab).

The chief technology officer (CTO) sends you the following email message: "Our developers have deployed the web service to a virtual machine named WL Testing has shown that the API is accessible from VM1 and VM? Our partners must be able to connect to the API over the Internet Partners will me this data in applications that they develop:
You deploy an Azure API Management service. The relevant API Management configuration is shown in the API ambit. (Click the API tab).

For each of the following statements, select. Yes, if the statement is true. Otherwise. select No.
NOTE: Each correct selection is worth one point.

Question 202

You have an Azure Active Directory (Azure AD) tenant.
You plan to deploy Azure Cosmos DB databases that will use the SQL API.
You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.
What should you include in the recommendation?

A.a resource token and an Access control (IAM) role assignment
B.shared access signatures (SAS) and conditional access policies
C.master keys and Azure Information Protection policies
D.certificates and Azure Key Vault

Question 203

You have an Azure subscription that contains the SQL servers shown in the following table.

The subscription contains the storage accounts shown in the following table.

You create the Azure SQL databases shown in the following table.

Question 204

You have an Azure subscription named Subscription1 that is linked to a hybrid Azure Active Directory (Azure AD) tenant.
You have an on-premises datacenter that does NOT have a VPN connection to Subscription1. The datacenter contains a computer named Server1 that has Microsoft SQL Server 2016 installed. Server1 is prevented from accessing the internet An Azure logic app named LogicApp1 requires write access to a database on Server1.
You need to recommend a solution to provide LogicApp1 with the ability to access Server1.
What should you recommend deploying on-premises and in Azure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Question 205

You need to recommend a notification solution for the IT Support distribution group.
What should you include in the recommendation?

A.Azure Network Watcher
B.an action group
C.a SendGrid account with advanced reporting
D.Azure AD Connect Health

Correct Answer: D

References:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-operations Overview Contoso,Ltd is a US-base finance service company that has a main office New York and an office in San Francisco.
Payment Processing Query System
Contoso hosts a business critical payment processing system in its New York data center. The system has three tiers a front-end web app a middle -tier API and a back end data store implemented as a Microsoft SQL Server 2014 database All servers run Windows Server 2012 R2.
The front -end and middle net components are hosted by using Microsoft Internet Inform-non Services (IK) The application rode is written in C# and middle- tier API uses the Entity framework to communicate the SQL Server database. Maintenance of the database e performed by using SQL Server Ago- The database is currently J IB and is not expected to grow beyond 3 TB.
The payment processing system has the following compliance related requirement
* Encrypt data in transit and at test. Only the front-end and middle-tier components must be able to access the encryption keys that protect the date store.
* Keep backups of the two separate physical locations that are at last 200 miles apart and can be restored for op to seven years.
* Support blocking inbound and outbound traffic based on the source IP address, the description IP address, and the port number
* Collect Windows security logs from all the middle-tier servers and retain the log for a period of seven years,
* Inspect inbound and outbound traffic from the from-end tier by using highly available network appliances.
* Only allow all access to all the tiers from the internal network of Contoso.
Tape backups ate configured by using an on-premises deployment or Microsoft System Center Data protection Manager (DPMX and then shaped ofsite for long term storage Historical Transaction Query System Contoso recently migrate a business-Critical workload to Azure. The workload contains a NET web server for querying the historical transaction data residing in azure Table Storage. The NET service is accessible from a client app that was developed in-house and on the client computer in the New Your office. The data in the storage is 50 GB and is not except to increase.
Information Security Requirement
The IT security team wants to ensure that identity management n performed by using Active Directory. Password hashes must be stored on premises only.
Access to all business-critical systems must rely on Active Directory credentials. Any suspicious authentication attempts must trigger multi-factor authentication prompt automatically Legitimate users must be able to authenticate successfully by using multi-factor authentication.

Question 201

Question 202

Question 203

Question 204

Question 205

Download PDF File