Valentine Day Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

Ace Your AZ-305 Microsoft Certified: Azure Solutions Architect Expert Exam

Page: 8 / 8
Question 32

You plan to use Azure SQL as a database platform.

You need to recommend an Azure SQL product and service tier that meets the following requirements:

• Automatically scales compute resources based on the workload demand

• Provides per second billing

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 33

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity.

Several VMs are exhibiting network connectivity issues.

You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs.

Solution: Use the Azure Traffic Analytics solution in Azure Log Analytics to analyze the network traffic.

Does the solution meet the goal?






Question 34

You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1.

You need to recommend a solution to meet the following requirements for the virtual machines that will run App1:

  • Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to
  • an Azure key vault, Azure Logic Apps instances, and an Azure SQL database.
  • Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines.
  • Avoid storing secrets and certificates on the virtual machines.

Which type of identity should you include in the recommendation?



a service principal that is configured to use a certificate


a system-assigned managed identity


a service principal that is configured to use a client secret


a user-assigned managed identity

Question 35

You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.

You have an internal web app named WebApp1 that is hosted on-premises. WebApp1 uses Integrated Windows authentication.

Some users work remotely and do NOT have VPN access to the on-premises network.

You need to provide the remote users with single sign-on (SSO) access to WebApp1.

Which two features should you include in the solution? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.



Azure AD Application Proxy


Azure AD Privileged Identity Management (PIM)


Conditional Access policies


Azure Arc


Azure AD enterprise applications


Azure Application Gateway

Page: 8 / 8
Exam Code: AZ-305
Exam Name: Designing Microsoft Azure Infrastructure Solutions
Last Update: Feb 25, 2024
Questions: 297
AZ-305 pdf

AZ-305 PDF

$31.5  $90
AZ-305 Engine

AZ-305 Testing Engine

$36.75  $105
AZ-305 PDF + Engine

AZ-305 PDF + Testing Engine

$49  $140