Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Microsoft AZ-304

Microsoft AZ-304 Exam Practice Questions (P. 3)

  • Full Access (237 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
HOTSPOT -
You have an Azure subscription that contains 300 Azure virtual machines that run Windows Server 2019.
You need to centrally monitor all warning events in the System logs of the virtual machines.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:

 Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-windows-events https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agent-windows

Question #12
You have an Azure SQL database named DB1 that contains multiple tables.
You need to improve the performance of DB1. The solution must minimize administrative effort.
What should you use?
  1. A
    automatic tuning
  2. B
    Azure Advisor
  3. C
    Azure Monitor
  4. D
    Query Performance Insight

Correct Answer:
A
Azure SQL Database and Azure SQL Managed Instance automatic tuning provides peak performance and stable workloads through continuous performance tuning based on AI and machine learning.
Automatic tuning is a fully managed intelligent performance service that uses built-in intelligence to continuously monitor queries executed on a database, and it automatically improves their performance.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/automatic-tuning-overview

Question #13
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager resource deployments in your subscription.
What should you include in the recommendation?
  1. A
    Azure Advisor
  2. B
    Azure Analysis Services
  3. C
    Azure Monitor action groups
  4. D
    Azure Log Analytics

Correct Answer:
D
Log Analytics is a tool in the Azure portal used to edit and run log queries with data in Azure Monitor Logs. You may write a simple query that returns a set of records and then use features of Log Analytics to sort, filter, and analyze them. Or you may write a more advanced query to perform statistical analysis and visualize the results in a chart to identify a particular trend.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-overview

Question #14
Your company provides customer support for multiple Azure subscriptions and third-party hosting providers.
You are designing a centralized monitoring solution. The solution must provide the following services:
✑ Collect log and diagnostic data from all the third-party hosting providers into a centralized repository.
✑ Collect log and diagnostic data from all the subscriptions into a centralized repository.
✑ Automatically analyze log data and detect threats.
✑ Provide automatic responses to known events.
Which Azure service should you include in the solution?
  1. A
    Azure Sentinel
  2. B
    Azure Log Analytics
  3. C
    Azure Monitor
  4. D
    Azure Application Insights

Correct Answer:
C
The following diagram gives a high-level view of Azure Monitor. At the center of the diagram are the data stores for metrics and logs, which are the two fundamental types of data used by Azure Monitor. On the left are the sources of monitoring data that populate these data stores. On the right are the different functions that Azure Monitor performs with this collected data. This includes such actions as analysis, alerting, and streaming to external systems.

Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/overview

Question #15
You are designing an Azure resource deployment that will use Azure Resource Manager templates. The deployment will use Azure Key Vault to store secrets.
You need to recommend a solution to meet the following requirements:
✑ Prevent the IT staff that will perform the deployment from retrieving the secrets directly from Key Vault.
✑ Use the principle of least privilege.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
  1. A
    Create a Key Vault access policy that allows all get key permissions, get secret permissions, and get certificate permissions.
  2. B
    From Access policies in Key Vault, enable access to the Azure Resource Manager for template deployment.
  3. C
    Create a Key Vault access policy that allows all list key permissions, list secret permissions, and list certificate permissions.
  4. D
    Assign the IT staff a custom role that includes the Microsoft.KeyVault/Vaults/Deploy/Action permission.
  5. E
    Assign the Key Vault Contributor role to the IT staff.

Correct Answer:
BD
B: To access a key vault during template deployment, set enabledForTemplateDeployment on the key vault to true.
D: The user who deploys the template must have the Microsoft.KeyVault/vaults/deploy/action permission for the scope of the resource group and key vault.
Incorrect Answers:
E: To grant access to a user to manage key vaults, you assign a predefined key vault Contributor role to the user at a specific scope.
If a user has Contributor permissions to a key vault management plane, the user can grant themselves access to the data plane by setting a Key Vault access policy. You should tightly control who has Contributor role access to your key vaults. Ensure that only authorized persons can access and manage your key vaults, keys, secrets, and certificates.
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/key-vault-parameter https://docs.microsoft.com/en-us/azure/key-vault/general/overview-security

Previous Questions Next Questions

All Pages